Linuxmafia.com Knowledgebase - Security (original) (raw)

Top: Security

• 3DES Strength - Effective key strength of 3DES encryption explained
• ACLs - Support for POSIX ACLs and similar fine-grained permission systems on Linux
• Apache HTTP Methods Patch - Patch to remove insecure HTTP methods from Apache httpd 1.3.x.
• Apache Security Tips - Security tips for the Apache httpd
• Attacking Linux - How to improve your Linux security by thinking like an attacker; article by Rick Moen
• Auditor LiveCD - Auditor Security Collection is a Linux live CD with an extensive collection of tools for examining compromised systems.
• Authfail - Tool to monitor logs for repeated authentication failures and generate netfilter DROP or REJECT rules, foiling brute-force login attacks
• Break-in without Remote Exploit - Explains why it's not enough to just keep patch-levels updated and use encrypted transports.
• Buffer Overflow - Techniques to eliminate security risks from buffer overflows
• Challenge-Response - Critique of Challenge-Response software by Karsten Self
• Debian Compromise 2003 - Analysis and lessons to draw from the Nov. 2003 compromise of several Debian developer servers
• DNSSEC cheat sheet - Setting up and checking DNSSEC with BIND 9
• Extended File Attributes - chattr, lsattr, and extended file attributes.
• fail2ban - Python utility 'fail2ban' scans logfiles like /var/log/pwdfail and then bans via iptables rules IPs that generate too much password failures
• Firewalls - Complete text of Cheswick and Bellovin's classic book 'Firewalls and Internet Security: Repelling the Wily Hacker', first edition
• Firewall Builders - Tools available on Linux for easily building and managing iptables IP-filtering rulesets
• Firewall Limitations - Editorial making the point that people relying on 'firewalls' for security are deluded, and that the perimeter security model is severely broken
• Firewall Piercing - Tunneling SSH through firewalls using httptunnel, proxytunnel, or corkscrew
• FISH Protocol - The FIles over SsH protocol extension
• Forensics - Basic security detective techniques
• FTP Daemons - List of all known ftp daemons for Linux and *BSD, with recommendations for anonymous-only deployments.
• iptables logs - Guides and tools for interpreting iptables and ipchains logs, by Manfred Bartz
• GnuPG Lecture - Lecture notes from a technical overview lecture about GnuPG (gpg), by Rick Moen.
• GnuPG with Mutt - Everything You Need to Know to Start using GnuPG, but Justin R. Miller
• Halted Firewalls - Constructing a hardened firewall using a Linux host that deliberately runs in a system-shutdown state
• Identd for Firewalls - How to set up an identd for firewalls
• IDS Lecture at BayLISA, March 2002 - Notes on John S. Flowers's highly-regarded intrusion detection software lecture
• IDSes - Presentation by David B. Allen at LinuxWorld Conference and Expo 2003 on Linux Intrusion Detection Systems
• IDSes - Rick Moen and other mailing list participants' rundown on Intrusion Detection System software options
• IP Tables - IP Tables Quick Reference (unfinished)
• Linspire Root Issues - What is and is not true about LinspireOS (formerly LindowsOS) and the trait of running routinely as the root user
• mod_security - Ivan Ristic's ONLamp.com article on configuring and using Apache's mod_security module
• Network Monitoring - Rundown of tools commonly used to monitor networks
• NFS - How to Secure NFS, article about Debian 4.0 Etch, but broadly applicable
• NTLM Auth - How to do NTLM authentication on Linux, required to talk through IIS / MS Proxy Server firewalls
• Overview - Overview of Linux system and network security
• PAM - Documentation about the Programmable Authentication Modules (PAM) framework
• PAM Delay - Module for PAM that foils brute-force login attacks by introducing an enforced delay between login attempts of any given login name. (See also Authfail.)
• PAM LDAP - Configuring PAM to authenticate to an LDAP directory
• Passwords - How to deal with humans' inability to remember strong passwords reliably and in sufficient number
• Password Safes - Applications for storing passwords in encrypted form
• PHP - Information on security issues and remedies for PHP applications
• Ping of Death - How the Ping of Death worked against perennially vulnerable Microsoft OSes, circa 1997
• Port Forwarding - Various techniques for forwarding ports across networks
• Portsentry Considered Harmful - Comparison of Psionics's proprietary Portsentry dynamic scanning-detection and port-blocking utility with snort, explaining why the former category is actively bad for system security
• Resources/Deter - Matthew Deter's security resources
• Resources/Farmer - Dan Farmer's security resources
• Resources/Stokely - Resources for system administrators from Stokely Consulting
• Root Compromise - Outlines for a talk on response to Linux system root compromise
• Root Password Lost - How do I recover a lost root password?
• Root w/X11 - List of methods for running X11 applications with root-user authority (without having to run X11 generally as root)
• ROPE iptables scripting - ROPE Iptables module: scripting engine that runs inside the kernel, helps write iptables match modules for complex protocols, e.g., blocking gnutella and bittorrent.
• SATAN on Linux - Modifications to make the (now-obsolete) SATAN security-checker compile and run on Linux
• scp Shells - Shells for naive-user access to sftp/scp/sftp2
• Security Breach - What should I do if I detect that my systems have been security-compromised?
• Security HOWTO Corrections - Corrections to the Linux Security HOWTO, unfortunately ignored by its maintainers
• Security Snake Oil - Discussion of how software security experts and antivirus software companies mislead users by distracting from the key factor of execution mechanism, and instead focusing on trivia while ignoring real security concerns
• Security Tools - Fyodor's catalogue of the top 100 network security tools. Indispensible.
• Smoothwall GPL - Analysis of claims that Smoothwall's maintainers violated the GNU GPL (they didn't)
• Squid Transparent Proxy - How to set up a transparent proxy with Squid, in three easy steps
• ssh-agent Tip - Tips for integrating ssh-agent into one's desktop setup
• SSH Agent - Mark A. Hershberger's tips on use of ssh-agent
• SSH Agent - Radu Rugina's tips on use of ssh-agent
• SSH Hints - Tips for effective use of ssh
• SSH Public-key Process - Safely automating inter-host processes using ssh keypairs
• SSH Quoting Syntax - Avoiding problems with shells parsing quoted strings intended to be passed to ssh
• SSH scp-Emulation - Emulating scp using only bare ssh
• sshd Always Running - Tip to make sure sshd always respawns, using init's 'respawn' directive
• sshd Debugging - Tip for debugging sshd problems
• SSH OPIE - Configuration details for running OpenSSH with OPIE one-time password authentication
• SSH Software - SSH-Protocol Software for Sundry Platforms — most-comprehensive list known
• SSL Cert Self-signing - Creating and self-signing SSL site certificates
• Tips - General security tips
• TLS Cipher Suites - Recommended TLS cipher configuration for Web servers
• Tools/Fyodor - List of security tools maintained by Fyodor, author of nmap
• VPNs - Virtual Private Network options on Linux
• VPNs by N. Treadway - Virtual Private Network options on Linux, list maintained by Nathan Stratton Treadway
• Virus - Linux software for detecting/purging MS-Windows viruses
• VXing - Cyneox's Linux virus and security site.
• Wireless Security - How and why to use WPA2-AES-Enterprise and a RADIUS server for your wireless security if security matters
• Zimmermann-Sassaman Protocol - Details a method for conducting rapid mass GPG/PGP keysigning events

Except where otherwise noted, this knowledgebase's contents are freely redistributable under the CC BY-SA 4.0 licence, or, at your option, any later version.