When it comes to system security, there's no single correct solution. But with vigilance and these techniques, you will be five steps closer.
Do you think your systems are secure? Install DenyHosts and you'll realize that you were in denial. |
Download and use Nikto before an attacker reduces your website to a burned-out cinder. |
How can users protect themselves from the loss of important data when a computer goes missing? Well, the latest release of Ubuntu makes this not only possible, but frighteningly easy! |
|
Ubuntu Server has one of the cleanest and easiest Linux distribution installers. However, in many cases, its designers choose to ignore security in favor of ease-of-use. The result? An install that is not secure by default. |
|
Got security? TrueCrypt allows you to create and use encrypted volumes and reduce the risk to your sensitive data. |
|
The author of All I Really Need to Know I Learned in Kindergarten left out (at least) one important lesson: Secret knocks are really, really useful. As kids, we'd use secret knocks to keep undesirables (the kids we didn't like) out of our clubs or rooms. As system administrators, we can use secret knocks to protect our systems from crackers. |
|
Connecting to your home computer from work, a friend's house, or while on vacation in another country is very simple — if you know how to use a small handful of tools. Ken Hess shows you how to connect securely and tunnel traffic using SSH. |
|
Network management requires attention to faults, configuration, accounting, performance, and security — the so-called FCAPS. You can spend lots of money and lots of time deploying an FCAPS package — or you can deploy the open source OpenNMS. Here's how. |
|
Learn how to tune and extend SpamAssassin to catch more spam. |
|
Intrusion detection is critical for network security. Use Bro to catch miscreants red-handed. |
|
A virtual private network (VPN) extends the resources of your local area network to telecommuter’s home, satellite offices, and far-flung sales warriors. OpenVPN is a fast, scalable, secure, and free VPN solution for Linux. And best of all, it’s easy to configure and deploy. Here’s a hands-on primer. |
|
Fight the spread of spyware and malware with CLAMAV and AVG Free, two cost-free Linux antivirus solutions. |
|
If you're running Linux, you should be aware that using telnet is a no-no. With the wide availability of network sniffers and automated password grabbing tools, telnet is simply not a secure way to work. Instead, use ssh and keep your passwords in keychain. |
|
Improve system security by expiring user passwords from time to time. The command passwd -x 30 joe forces joe to change his password after thirty days. |
|
It never hurts to use protection. Here’s a way to keep your Linux system free of viruses. |
|
Configuring PAM can be tricky. Look at some examples and learn what rationales work for customizing your own. |
|
Hide messages in images with simple steganography tools. |
|
Start using the Pluggable Authentication Modules(PAM) system to manage login authentication. (You can also read http://www.linux-mag.com/2000-06/guru_01.html.) |
|
Network tunneling can be helpful and even necessary, but it can also be used to circumvent security policies. Here’s a survey of the best tunneling tools available and a list of techniques that may help you detect active tunnels. |
A survey of 6,344 developers shows that software managers find Linux to be more secure than Windows. BZ Media conducted the study, by asking more than 6,000 software develoment managers to rate the security of server OSes.
Windows Server was rated very insecure or insecure by 58 percent of the respondents, followed by 13 percent rating Linux insecure or very insecure. Sun's Solaris received the best response, with only 6 percent of respondents rating Solaris insecure. 78 percent of those taking the survey found Linux to be "secure" or "very secure." ZDNet also has coverage of the results.
|
|
Forensic Discovery is a book that is a book every Linux admin should read. Forensic Discovery is a slim volume, it clocks in at a mere 217 pages, but it's full of useful information. As an added bonus, the book is well-written and easy to follow, and should be accessible to any reader with a passing understanding of Linux or UNIX systems. |
|
When a malcontent breaks into, or cracks, your computer, your reactions are likely to be very much the same. What was taken? What was left behind? Is the computer safe to use? How can I keep my computer safer in the future? To find answers, reach for The Coroner’s Toolkit. |
|
SNORT looks for intrusions, while ACID can help you make sense of what’s happened after an intrusion. |
Surprisingly, securing a site’s production environment is a task that many ignore until it’s too late. But the task need not be so onerous. Several LAMP tools can help shore up security. |
|
Security has long been an important computer issue, but it's become increasingly relevant as the number and severity of threats has risen. |
|
If you've administered any remote Linux machines, then you're probably already familiar with SSH. As you may know, SSH provides secure, encrypted network communication. Utilities like ssh and sftp, which are based on SSH, protect remote login sessions and file transfers, respectively, and have largely subsumed similar but insecure and unencrypted utilities such as ftp, rlogin, rsh, rcp, and telnet. (In fact, if any of your systems still use telnet, put down this magazine at once, go disable telnet, install and enable SSH, and then continue reading.) |
|
Document and image scanners have become an integral part of many offices. With a scanner, you can quickly digitize photos, diagrams, and even textual documents for electronic alteration and distribution. |
|
Last month's "Tech Support" showed you how to monitor filesystem changes with Tripwire, a handy system utility that alerts you to all filesystem changes. Like SNORT and others, Tripwire's just one of many practical security measures that minds your system 24/7. |
|
