Passwords
Choosing the correct password, as well as informing and enforcing password security for users is an important task for the administrator. Security is built upon passwords, so close attention should be paid to making passwords an effective tool in security.
Aspects of a Good Password
1. 8 characters or more
2. use numbers in the password
3. use letters [...]
There’s no doubt that Linux is a secure operating system. However, nothing is perfect. Millions of lines of code are churned through the kernel every second and it only takes a single programming mistake to open a door into the operating system. If that line of code happens to face the Internet, that’s a backdoor [...]
This tutorial shows how you can use GnuPG to secure and verify data on your Linux box but the first part is relevant for Windows users too.
Look the video at Privacylover
Google offers users with an option to filter out results that contain
explicit sexual content, called SafeSearch. It also displays a warning message with search results identified as sites
that may install malicious software on your computer. You can enforce Google SafeSearch with SafeSquid Proxy,
so that it overrides the user preferences, and displays only SafeSearch
results.
Read more at [...]
Last week I talked about testing the strength of users’ passwords. Another way to ensure security is to set a good password policy.
The PAM module pam_cracklib can enforce both length and complexity. For length, it uses the minlen option. For complexity, it has options dcredit, ucredit, lcredit, and ocredit, which refer to digit, upper-case character, [...]
We have already discussed how to use UFW from command line.Gufw is an easy to use Ubuntu / Linux firewall, powered by ufw.Gufw is an easy, intuitive, way to manage your Linux firewall. It supports common tasks such as allowing or blocking pre-configured, common p2p, or individual ports port(s), and many others! Gufw is powered [...]
Being connected to the Internet means exposure to what the outside world has to offer — including the undesirable elements. Every time you connect to the Internet, you’re exposed to threats that can compromise your network’s security. Although network security solutions have evolved in recent years, so have network attack techniques. To prevent ever-evolving attacks [...]
Unified Threat Management (UTM) devices unify all network security elements into a single device. They often include a combination of routing, firewall, intrusion detection, content filtering, URL filtering, spam filtering, VPN, and antivirus functionalities. These devices usually cost thousands of dollars and require subscriptions. However, you can secure your network and save money at the [...]
Being connected to the Internet means exposure to what the outside world has to offer — including the undesirable elements. Every time you connect to the Internet, you’re exposed to threats that can compromise your network’s security. Although network security solutions have evolved in recent years, so have network attack techniques. To prevent ever-evolving attacks [...]
Most distributions use Bash as its default shell. One of the features of Bash is its ability to keep a running history of commands the user has typed. This could, however, end up being a security problem. If a bad guy were able to compromise a user’s home directory, they could view commands [...]
Sudo which is su “do” allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments.sudo allows a permitted user to execute a command as the superuser [...]
Content-filtering proxies restrict Internet access privileges for users or groups across an entire network. They must be able to block unwanted content through keyword, URL, DNS, MIME, and image filtering. They need to authenticate and log a user’s Internet activity by monitoring and generating detailed reports of URLs accessed, and they must integrate antivirus or [...]
Here is a quick one line command to generate a random password from the Linux command line.
# < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c8
Read more at Tux Training
Untangle
bundles common open-source applications for blocking spam, spyware,
viruses, adware and unwanted content on the network in one single Linux
distribution. It can be integrated into existing networks either as a
router or as a transparent bridge (directly behind the router, but
before the switch that connects the client PCs with the router). The
best thing about Untangle is that [...]
In this article I will show how to install and configure fail2ban
on a Mandriva 2008.1 system. Fail2ban is a tool that observes login
attempts to various services, e.g. SSH, FTP, SMTP, Apache, etc., and if
it finds failed login attempts again and again from the same IP address
or host, fail2ban stops further login attempts from that IP
address/host [...]