http://howtoforge.com/taxonomy/term/9/all en http://www.howtoforge.com/themes/htf_glass/images/howtoforge_logo_glass_blue.gif http://howtoforge.com/taxonomy/term/9/all http://howtoforge.com/block-spammers-hackers-with-mod_defensible-on-apache2-debian-etch <p><b>How To Block Spammers/Hackers With mod_defensible On Apache2 (Debian Etch)</b></p> <p>mod_defensible is an Apache 2.x module intended to block spammers/hackers/script kiddies using DNSBL servers. It will look at the client IP and check it in one or several DNSBL servers and return a 403 Forbidden page to the client. This guide shows how to install and use it with Apache 2 on a Debian Etch server.</p> <a href="http://howtoforge.com/block-spammers-hackers-with-mod_defensible-on-apache2-debian-etch" title="Read the rest of this posting." class="read-more">Read more...</a> Debian Apache Security Sun, 06 Jul 2008 17:19:10 +0200 http://howtoforge.com/block-spammers-hackers-with-mod_defensible-on-apache2-debian-etch http://howtoforge.com/block-spammers-hackers-with-mod_defensible-on-apache2-debian-etch#comment http://howtoforge.com/how-to-set-up-shorewall-firewall-on-centos-5.1 <p><b>How To Set Up Shorewall (Shoreline) 4.0 Firewall On CentOS 5.1</b></p> <p>This tutorial will walk you through setting up Shorewall (Shoreline) 4.0 firewall on CentOS 5.1 , this can easily be adapted to any other Linux distribution out there.</p> <a href="http://howtoforge.com/how-to-set-up-shorewall-firewall-on-centos-5.1" title="Read the rest of this posting." class="read-more">Read more...</a> CentOS Security Wed, 02 Jul 2008 20:32:59 +0200 http://howtoforge.com/how-to-set-up-shorewall-firewall-on-centos-5.1 http://howtoforge.com/how-to-set-up-shorewall-firewall-on-centos-5.1#comment http://howtoforge.com/blocking-cookies-from-unwanted-websites-with-safesquid-proxy-server <p><b>How To Block Cookies From Unwanted Websites With SafeSquid Proxy Server</b></p> <p>Basically, cookies are pieces of information, usually personal preferences, that are stored into a visitors system, when they visit a website. The next time the visitor accesses the same website, the cookie is transferred from the visitors system to the website, and his preferred content is displayed to him. Cookies are also used to allow a visitor to log into his personal account on a website. Although, not always dangerous, many advertising and marketing websites gather personal information, without the users knowledge, and use this information to display especially targeted marketing ads and banners.</p> <a href="http://howtoforge.com/blocking-cookies-from-unwanted-websites-with-safesquid-proxy-server" title="Read the rest of this posting." class="read-more">Read more...</a> Security Tue, 01 Jul 2008 13:40:02 +0200 http://howtoforge.com/blocking-cookies-from-unwanted-websites-with-safesquid-proxy-server http://howtoforge.com/blocking-cookies-from-unwanted-websites-with-safesquid-proxy-server#comment http://howtoforge.com/bash-script-for-configuring-iptables-firewall <B> <H3 editor_id="mce_editor_0">About the Script:</h3></b> <P>This script is about to build a firewall in Linux OS by using <B>iptables</b>, the user only needs to follow and answer the simple and easy steps and the script will generate the user specified iptables rule in its original form.</p> <P editor_id="mce_editor_0">I HAVE TESTED THE SCRIPT ON PCLINUXOS, FEDORA-9, DREAM_LINUX, UBUNTU-8.</p> <P editor_id="mce_editor_0">This is my iptables Version 1.0 (USMAN AKRAM - Lucky)</p><a href="http://howtoforge.com/bash-script-for-configuring-iptables-firewall" title="Read the rest of this posting." class="read-more">Read more...</a> PCLinuxOS Security Shell Thu, 26 Jun 2008 13:58:49 +0200 http://howtoforge.com/bash-script-for-configuring-iptables-firewall http://howtoforge.com/bash-script-for-configuring-iptables-firewall#comment http://howtoforge.com/secure-postgresql-using-two-factor-authentication-from-wikid <p><b>How To Secure Postgresql Using Two-Factor Authentication From WiKID</b></p> <p>Databases are the key repository for critical data.&nbsp; If you are storing information that needs to be kept secure from prying eyes, especially credit card or personally identifiable information (PII) you might be required to control access using two-factor authentication.&nbsp; This tutorial demonstrates how to secure Postgresql with two-factor authentication from WiKID.</p> <a href="http://howtoforge.com/secure-postgresql-using-two-factor-authentication-from-wikid" title="Read the rest of this posting." class="read-more">Read more...</a> Linux Security Tue, 24 Jun 2008 17:00:54 +0200 http://howtoforge.com/secure-postgresql-using-two-factor-authentication-from-wikid http://howtoforge.com/secure-postgresql-using-two-factor-authentication-from-wikid#comment http://howtoforge.com/intrusion-detection-for-php-applications-with-phpids <p><b>Intrusion Detection For PHP Applications With PHPIDS</b></p> <p>This tutorial explains how to set up PHPIDS on a web server with Apache2 and PHP5. PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session.</p> <a href="http://howtoforge.com/intrusion-detection-for-php-applications-with-phpids" title="Read the rest of this posting." class="read-more">Read more...</a> PHP Security Sun, 22 Jun 2008 18:17:22 +0200 http://howtoforge.com/intrusion-detection-for-php-applications-with-phpids http://howtoforge.com/intrusion-detection-for-php-applications-with-phpids#comment http://howtoforge.com/block-ads-and-banners-in-safesquid-proxy-server <p><b>How To Block Ads And Banners In SafeSquid Proxy Server</b></p> <p>Ads and banners not only unnecessarily consume bandwidth, but also distract users, and can be exceedingly irritating at times. Few ads and banners keep rotating and fetching new contents, and keep consuming bandwidth in the background.</p> <a href="http://howtoforge.com/block-ads-and-banners-in-safesquid-proxy-server" title="Read the rest of this posting." class="read-more">Read more...</a> Security Security Fri, 06 Jun 2008 12:01:26 +0200 http://howtoforge.com/block-ads-and-banners-in-safesquid-proxy-server http://howtoforge.com/block-ads-and-banners-in-safesquid-proxy-server#comment http://howtoforge.com/control-download-of-files-and-mime-types-in-safesquid-proxy-server <p><b>How To Control Download Of Files And Mime Types In SafeSquid Proxy Server</b></p> <p>Administrators regularly find themselves in troubled situations, when irresponsible users waste their productive time and Internet bandwidth, on online music, radio, video or downloading large, non-productive contents. They also, knowingly or unknowingly, put other serious users to inconvenience and put the network at risk.&nbsp; Administrators can avoid such situations by controlling what content is allowed or denied, and when.</p><a href="http://howtoforge.com/control-download-of-files-and-mime-types-in-safesquid-proxy-server" title="Read the rest of this posting." class="read-more">Read more...</a> Security Mon, 02 Jun 2008 10:57:18 +0200 http://howtoforge.com/control-download-of-files-and-mime-types-in-safesquid-proxy-server http://howtoforge.com/control-download-of-files-and-mime-types-in-safesquid-proxy-server#comment http://howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu8.04 <p><b>Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 8.04 LTS)</b></p> <p>This document describes how to install a mail server based on Postfix that is based on virtual users and domains, i.e. users and domains that are in a MySQL database. I'll also demonstrate the installation and configuration of Courier (Courier-POP3, Courier-IMAP), so that Courier can authenticate against the same MySQL database Postfix uses. The resulting Postfix server is capable of <b>SMTP-AUTH</b> and <b>TLS</b> and <b>quota</b> (quota is not built into Postfix by default, I'll show how to patch your Postfix appropriately). Passwords are stored in <b>encrypted</b> form in the database (most documents I found were dealing with plain text passwords which is a security risk). In addition to that, this tutorial covers the installation of <b>Amavisd</b>, <b>SpamAssassin</b> and <b>ClamAV</b> so that emails will be scanned for spam and viruses. I will also show how to install <b>SquirrelMail</b> as a webmail interface so that users can read and send emails and change their passwords.</p> <a href="http://howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu8.04" title="Read the rest of this posting." class="read-more">Read more...</a> Anti-Spam/Virus Ubuntu Postfix Tue, 20 May 2008 18:13:58 +0200 http://howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu8.04 http://howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu8.04#comment http://howtoforge.com/add-wikid-two-factor-authentication-to-astaro-security-gateway <p><b>How To Add WiKID Two-Factor Authentication To The Astaro Security Gateway</b></p> <p>Astaro is a very popular Linux-based "all-in-one" security appliance offering spam filtering, malware protection, firewall, VPN, etc. The WiKID Strong Authentication Server is a dual-source two-factor authentication system. PINs are encrypted on a software token and sent to the WiKID server. If the PIN is correct, the encryption valid and the account active, a one-time password is generated, encrypted and returned to the user's token where it is decrypted and presented for use with a network-based services. This document will show how to add WiKID two-factor authentication to the Astaro Security Gateway version 7 using Radius.</p> <a href="http://howtoforge.com/add-wikid-two-factor-authentication-to-astaro-security-gateway" title="Read the rest of this posting." class="read-more">Read more...</a> Security Fri, 16 May 2008 14:20:39 +0200 http://howtoforge.com/add-wikid-two-factor-authentication-to-astaro-security-gateway http://howtoforge.com/add-wikid-two-factor-authentication-to-astaro-security-gateway#comment http://howtoforge.com/setting-up-truecrypt-5.1a-on-debian-etch-gnome <p><b>Protect Your Files With TrueCrypt 5.1a On Debian Etch (GNOME)</b></p> <p>This document describes how to set up TrueCrypt 5.1a on Debian Etch (GNOME). Taken from the TrueCrypt page: "TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc)."</p> <a href="http://howtoforge.com/setting-up-truecrypt-5.1a-on-debian-etch-gnome" title="Read the rest of this posting." class="read-more">Read more...</a> Debian Desktop Security Sun, 11 May 2008 19:12:19 +0200 http://howtoforge.com/setting-up-truecrypt-5.1a-on-debian-etch-gnome http://howtoforge.com/setting-up-truecrypt-5.1a-on-debian-etch-gnome#comment http://howtoforge.com/granular-bandwidth-management-rules-in-safesquid-proxy-server <p><b>How To Configure Granular Bandwidth Management Rules In SafeSquid Proxy Server</b></p> <p>Administrators can use SafeSquid to granularly distribute bandwidth across the network, depending on user, group, website being visited, mime or file type being accessed, and time / date range. This is achieved by defining the desired situation, by creating a profile under the Profiles section, and then allocating a specific bandwidth (QoS) to that profile.</p> <a href="http://howtoforge.com/granular-bandwidth-management-rules-in-safesquid-proxy-server" title="Read the rest of this posting." class="read-more">Read more...</a> Security Thu, 08 May 2008 14:11:47 +0200 http://howtoforge.com/granular-bandwidth-management-rules-in-safesquid-proxy-server http://howtoforge.com/granular-bandwidth-management-rules-in-safesquid-proxy-server#comment http://howtoforge.com/the-perfect-spamsnake-ubuntu-8.04 <P><B>The Perfect SpamSnake - Ubuntu 8.04 LTS</b></p> <P>This tutorial shows how to set up an Ubuntu Hardy Heron (8.04 LTS) based server as a spamfilter in Gateway mode.&nbsp;In the end, you will have a SpamSnake Gateway which will relay clean emails to your MTA.&nbsp;You will also be able to view your incoming queue, train your SpamSnake and carry out a few more advanced operations via MailWatch.</p><a href="http://howtoforge.com/the-perfect-spamsnake-ubuntu-8.04" title="Read the rest of this posting." class="read-more">Read more...</a> Anti-Spam/Virus Ubuntu Postfix Thu, 01 May 2008 18:45:36 +0200 http://howtoforge.com/the-perfect-spamsnake-ubuntu-8.04 http://howtoforge.com/the-perfect-spamsnake-ubuntu-8.04#comment http://howtoforge.com/installing-mod-security-on-sles10 <p><b> How To Install mod_security/mod_security2 On SuSE Linux Enterprise Server 10 (SLES10)</b></p> <p>The Apache module mod_security is a very powerful security module. Combined with predefined rules, you can close many security wholes on your server, opened by bad written php or perl apps. Unfortunately mod_security is not part of the SLES10 distribution. To install mod_security to have to install some 3rd party modules. This guide helps you to install mod_security on SLES10 in a reproducable way (RPM). It also helps you to remove the module, by building RPM packages you can easily uninstall.</p> <a href="http://howtoforge.com/installing-mod-security-on-sles10" title="Read the rest of this posting." class="read-more">Read more...</a> SuSE Apache Security Fri, 18 Apr 2008 09:38:03 +0200 http://howtoforge.com/installing-mod-security-on-sles10 http://howtoforge.com/installing-mod-security-on-sles10#comment http://howtoforge.com/setting-up-an-iptables-firewall-with-firehol-on-ubuntu <p><b>Setting Up An Iptables Firewall On Ubuntu With Firehol</b></p> <p> Everybody, who tried to configure an iptables firewall knows, that it can be quite a PITA. <i>firehol</i> is a tool that helps us to configure iptables according to our needs. In this How-To, I will discribe how to set up an iptables firewal using firehol that only allows SSH and ICMP (the protocol responsible for ping and traceroute). Also, only incoming connections are filtered, and outgoing connections are allowed.</p> <a href="http://howtoforge.com/setting-up-an-iptables-firewall-with-firehol-on-ubuntu" title="Read the rest of this posting." class="read-more">Read more...</a> Ubuntu Security Wed, 16 Apr 2008 13:31:20 +0200 http://howtoforge.com/setting-up-an-iptables-firewall-with-firehol-on-ubuntu http://howtoforge.com/setting-up-an-iptables-firewall-with-firehol-on-ubuntu#comment