Posted by chantra on 11th January 2007
2. Adding the public key to the authorized key
In the first place, we need to upload the key to the remote machine:
user@host:~$ scp ~/.ssh/id_rsa.pub remoteuser@remotehost:~/
Now, the public key is uploaded, let’s add it to the authorized keys. To do so, we are going to connect to remotehost as remoteuser and add the key at the end of file ~/.ssh/authorized_keys and delete it once added:
Read the rest of this entry »
Tags: network, security, ssh
Posted in Administration, HowTo, Networking | No Comments »
Posted by chantra on 11th January 2007
Open SSH is the most widely used SSH server on Linux. Using SSH, one can connect to a remote host and gain a shell access on it in a secure manner as all traffic is encrypted.
A neat feature of open SSH is to authenticate a user using a public/private key pair to log into the remote host. By doing so, you won’t be prompted for the remote user’s password.
This tutorial will describe how to create a SSH public/private key pair, how to enable key based authentication and finally how to disable password authentication.
Read the rest of this entry »
Tags: network, security, ssh
Posted in Administration, HowTo, Networking | No Comments »
Posted by chantra on 18th December 2006
AIDE is an Intrusion Detection System (IDS). Which means that AIDE is not a tool to prevent an intrusion but is actually here to report that an intrusion might have happened.
This tutorial will show how-to install and configure AIDE so you get daily reports emailed directly to you in which you will be informed of which files might have been modified.
Read the rest of this entry »
Tags: security
Posted in Administration, HowTo, System | No Comments »
Posted by chantra on 15th December 2006
4. Using iptables’script
4.1. From the command line
One way to apply the rules we define, is simply to run the script from the command line like:
sudo sh /path/to/firewall-script.sh
but this has the bad effect of not being restore on reboot :s, but still, this will be of great help while tweaking up your firewall.
Read the rest of this entry »
Tags: iptables, network, security
Posted in Administration, HowTo, Networking | No Comments »
Posted by chantra on 14th December 2006
3.3. Defining custom chains
In order to get a easier to maintain iptables script, it is handy to define some custom chains, also called user-defined chains. This way, you can gather common actions into 1 chain, then, using our target switch (-j) we will be able to send packets that match specific rules to that target.
In order to create a user-defined chain, we need to use:
Read the rest of this entry »
Tags: iptables, network, security
Posted in Administration, HowTo, Networking | No Comments »
Posted by chantra on 12th December 2006
3. Iptables Script
OK, now that we know the really basis, let see what the script is going to look like.
In this example, I assume that eth0 is the interface connected to the Internet, eth1 is the one connected to our local network.
Read the rest of this entry »
Tags: iptables, network, security
Posted in Administration, HowTo, Networking | No Comments »
Posted by chantra on 10th December 2006
iptables is a command line tool which allow system administrators to configure Linux packet filtering ruleset.
Using iptables, you are able to tweak packet filtering, Network Address Translation (NAT) and packet mangling which in the end are going to allow you to secure your server, share your Internet connection and log unwanted traffic.
iptables is not really what we could call an easy to get with tool, but once you know the basis, it won’t be that scary 
.
This tutorial will provide a sample script you can use to share your Internet access and will give an overview on how to use iptables
Read the rest of this entry »
Tags: iptables, network, security
Posted in Administration, HowTo, Networking | 21 Comments »
Posted by chantra on 13th August 2006
4. mod-security filter examples:
Suppose for instance you want to prevent attackers injecting shell command execution through your scripts. You could use this query in order to block anything containing /bin/:
Read the rest of this entry »
Tags: apache, security
Posted in Administration, HowTo, HTTP | No Comments »
Posted by chantra on 13th August 2006
3. Adding Filtering Rules:
mod-security can take two kinds of filters:
- Simple Filters: SecFilter directive
- Advance Filters: SecFilterSelective directive
Read the rest of this entry »
Tags: apache, security
Posted in Administration, HowTo, HTTP | No Comments »
Posted by chantra on 13th August 2006
This article will show how-to install, configure and set up apache's mod-security module on a debian based system. This was done on Ubuntu Dapper and should fit any Debian based system.
Mod_security is an Apache 1.x/2.x module whose purpose is to tighten the Web application security by shielding the applications from attack. The idea is to filter request and web content before passing it to apache core.
Once installed, mod-security needs to be defined some rules matching patterns, filter request and HTTP stream and in the end do different actions like allowing, denying, log…
Effectively, it is an intrusion detection and/or prevention system for apache web server.
Read the rest of this entry »
Tags: apache, security
Posted in Administration, HowTo, HTTP | No Comments »
