security

A rootkit is a program designed to take fundamental control of a computer system, without authorization by the system’s owners and legitimate managers.

Most rootkits use the power of the kernel to hide themselves, they are only visible from within the kernel. How do I detect rootkits under CentOS or Debian Linux server?

Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how to verify that they are in place. All of the examples below assume that you are using EnGarde Secure Linux but any modern Linux distribution will do just fine since, as far as I know, everybody ships OpenSSH.

FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure. This article explains how to set up ProFTPd with TLS on a Debian Etch server.

Tutorial on how to set up dual layer authentication with OpenVPN. Dual layer meaning standard TLS key based authentication couple with user/pass authentication using pam plugin

This document describes how to set up a chrooted SSH/SFTP environment on Fedora 7. The chrooted users will be jailed in a specific directory where they cannot break out. They will be able to access their jail via SSH and SFTP.

In this article I will show how to install and configure fail2ban on an OpenSUSE 10.3 system. Fail2ban is a tool that observes login attempts to various services, e.g. SSH, FTP, SMTP, Apache, etc., and if it finds failed login attempts again and again from the same IP address or host, fail2ban stops further login attempts from that IP address/host by blocking it with an iptables firewall rule.

This tutorial shows how you can install and use F-PROT Antivirus on an Ubuntu Feisty Fawn desktop. Although there are not many Linux viruses out there, this can be useful if you often exchange files with Windows users - it can help you to not pass on any Windows viruses (that do not do any harm to Linux systems) to Windows users. F-PROT Antivirus for Linux is free for home use.

This tutorial shows how to install MySecureShell on a Debian Etch system. MySecureShell is an SFTP server that is based on OpenSSH and can be configured in many ways, e.g. it has support for chrooting users into their homedirs or for limiting upload-/download bandwidths. MySecureShell makes SFTP available for users that do not have shell access so that these users do not have to use the insecure FTP protocol anymore.

This tutorial describes two ways how to give users chrooted SSH access. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. The users will also be able to use SFTP in their chroot jails.

Fail2ban has been successfully used to protect SSH daemons, but this article talks about how you can use fail2ban to lessen the load of mailservers by blocking previously identified blacklisted IPs or relay access abuse. Howto is was written for Gentoo, but should easily be applied to any Linux distro.