Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Security related tutorials

Debian

Using DSPAM & ClamAV With Postfix (Virtual Users) On Debian Etch

Post date: August 14, 2007, 23:08 Category: Security Views: 3292 Comments
Tutorial quote: This article describes how to integrate DSPAM with embedded ClamAV into a mail server based on Postfix featuring virtual users and domains, i.e. users and domains that are in a MySQL database. DSPAM is a scalable and open-source content-based spam filter. The setup shown here is suitable for Debian Etch servers.
CentOS

How To Harden PHP5 With Suhosin On CentOS 5.0

Post date: August 3, 2007, 22:08 Category: Security Views: 3695 Comments
Tutorial quote: This tutorial shows how to harden PHP5 with Suhosin on a CentOS 5.0 server. From the Suhosin project page: "Suhosin is an advanced protection system for PHP installations that was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections."
Fedora

How To Harden PHP5 With Suhosin On Fedora 7

Post date: July 25, 2007, 23:07 Category: Security Views: 3212 Comments
Tutorial quote: This tutorial shows how to harden PHP5 with Suhosin on a Fedora 7 server. From the Suhosin project page: "Suhosin is an advanced protection system for PHP installations that was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections."
Debian

Filtering PDF-/XLS-/Image-Spam With ClamAV (And ISPConfig) On Debian/Ubuntu

Post date: July 24, 2007, 02:07 Category: Security Views: 3226 Comments
Tutorial quote: There is currently a lot of spam where the spam information is attached as .pdf or .xls files, sometime also hidden inside a .zip file. While these spam mails are not easy to catch with e.g. SpamAssassin or a Bayes filter, the ClamAV virus scanner can catch them easily when it is fed with the correct signatures as ClamAV is built to scan mail attachments.
Linux

How to Avoid Getting Blacklisted

Post date: July 7, 2007, 23:07 Category: Security Views: 3546 Comments
Tutorial quote: A blacklist usually refers to a list of email or IP addresses known to send spam emails or some other type of unsolicited messages. Such lists are currently used by mail servers for filtering incoming emails and blocking the ones listed, in order to improve mail security and integrity. The blacklist is also the opposite of what is called a whitelist.
Linux

TrueCrypt Tutorial: Truly Portable Data Encryption

Post date: July 2, 2007, 23:07 Category: Security Views: 3449 Comments
Tutorial quote: TrueCrypt is a free software that encrypts data on-the-fly. Right now the newest version released is version 4.3. You can create an encrypted hard drive, a separate partition or a directory with TrueCrypt. It does not simply encrypt the content of files, but their names and the names of the directories they are in as well. Moreover there is no way to check the size of the encrypted directory/HDD/partition. TrueCrypt is available for Windows and Linux.
Linux

How To Secure An SSL VPN With One-Time Passcodes And Mutual Authentication

Post date: June 30, 2007, 23:06 Category: Security Views: 3349 Comments
Tutorial quote: SSL-based VPNs were designed to eliminate the need for complex configurations on the user's PC. Unfortunately, that was before the dangers of public WiFi networks and tougher regulatory requirements came into being. Thanks to WiFi, many attacks that were difficult are now quite simple. In particular, a man-in-the-middle attack can intercept SSL-encrypted traffic, rendering SSL-based VPNs useless - even if it is protected by a typical one-time password system. The man-in-the-middle can easily feed the one-time password into the SSL-based VPN within the alloted time.
Linux

Introducing Remo - An Easy Way to Secure an Insecure Online Application with ModSecurity

Post date: June 6, 2007, 23:06 Category: Security Views: 3168 Comments
Tutorial quote: Say you have a nasty application on your Apache webserver that has been installed by some people from the marketing department and you can neither remove nor patch it. Maybe it is a time problem, a lack of know-how, a lack of source-code, or possibly even political reasons. Consequently you need to protect it without touching it. There is ModSecurity, but they say this is only for experts. A straightforward alternative is Remo, a graphical rule editor for ModSecurity that comes with a whitelist approach. It has all you need to lock down the application.
Linux

How To Block Spam Before It Enters The Server (Postfix)

Post date: June 4, 2007, 23:06 Category: Security Views: 4204 Comments
Tutorial quote: The last few weeks have seen a dramatic increase in spam (once again). Estimates say that spam makes now up for 80 - 90% of all emails, and many mail servers have difficulties in managing the additional load caused by the latest spam, and spam filters such as SpamAssassin do not recognize large parts of that spam as they did before. Fortunately, we can block a big amount of that spam at the MTA level, for example by using blacklists, running tests on the sender and recipient domains, etc. An additional benefit of doing this is that it lowers the load on the mail servers because the (resource-hungry) spamfilters have to look at less emails.
Linux

How to secure VNC remote access with two-factor authentication

Post date: May 21, 2007, 22:05 Category: Security Views: 3159 Comments
Tutorial quote: VNC is the most popular remote access solution today. However, it was developed to provide remote access, not to provide secure remote access. Administrators have to add security to VNC by tunneling it through an encrpyted channel such as SSH and adding a layer of authentication. In this article, we will show you how to combine the NoMachine NX server to encrpyt VNC and remote X session combined with two-factor authentication from WiKID Systems to create a secure, fast remote access solution.
Web-based applications and online marketing solutions - LumoLink