Suramya's Blog : Welcome to my crazy life…

November 2, 2005

Windows XP services that can be disabled

Filed under: Computer Security,Security Tutorials — Suramya @ 9:53 PM

One of the most effective ways to secure a Windows workstation is to turn off unnecessary services. This reference sheet lists the Windows XP SP 2 services, describes each service’s function, specifies whether you can safely disable the service, and outlines the ramifications of disabling the service.

Good Information. Check it out.

Downloading Windows XP services that can be disabled – TechRepublic

Windows XP services that can be disabled

Filed under: Computer Security,Security Tutorials — Suramya @ 9:51 PM

One of the most effective ways to secure a Windows workstation is to turn off unnecessary services. This reference sheet lists the Windows XP SP 2 services, describes each service’s function, specifies whether you can safely disable the service, and outlines the ramifications of disabling the service.

Good Information. Check it out.

Downloading Windows XP services that can be disabled – TechRepublic

October 11, 2005

Protecting Files at Home Using Encrypted Containers

Filed under: Security Tools,Security Tutorials — Suramya @ 9:05 PM

This is an awesome article on how to create Encrypted Containers that makes it easy to create encrypted backup locations that can copied to other systems without hassle and are simple to use.

Protecting Files at Home Using Encrypted Containers

September 27, 2005

A Lesson in Encryption

Filed under: Computer Security,Security Tutorials — Suramya @ 2:15 PM

A good trilogy of articles by Peter van der Linden on encryption.

Part 1, describes how public key encryption works and where to get the GnuPG encryption software. Part 2 walks through some examples of file encryption/decryption, and Part 3 explains how to send and read encrypted e-mail

Lesson in Encryption, Part 1
Lesson in Encryption, Part 2
Lesson in Encryption, Part 3

– Suramya

September 22, 2005

Linux LDAP authentication tutorial

Filed under: Security Tutorials,Tutorials — Suramya @ 2:46 PM

Tutorial on how to setup LDAP on Linux. Looks interesting, might try it out on my spare machine when I go home next week.

Article Link: Linux LDAP authentication

– Suramya

September 12, 2005

Setting up a SOCKS Proxy using SSH

Filed under: Computer Security,Security Tutorials — Suramya @ 8:13 PM

This article explains how we can setup a SOCKs proxy via SSH which lets you surf the internet securely from unsecure locations.

Excerpt:

Open PuTTY (see the list of requirements above for a URL). You should be greeted with a configuration screen. First, you will enter the hostname or IP address of the SSH server. Type in a name for your connection settings in the box below “Saved Sessions”, and click the Save button.

Now you need to look at the tree of options to the left; expand the SSH tree, and select “Tunnels”. Enter 4567 (or any port number above 1024) in the Source Port area, and click the Dynamic radio button to select it. Leave the Destination field blank, and click “Add”.

Now go back to the Session tree (very top of the left section), and save again.

You will be prompted to enter a username, which is the username of your shell account. Type that in, hit enter, and then type in your password when it prompts you.

Original Article:
Security Engine: Secure surfing SSH

September 5, 2005

Restricting SSH to allow users to only run allowed commands

Filed under: Computer Security,Security Tutorials — Suramya @ 7:54 AM

To restrict access to a server by allowing an authorized user to only run a specific command add an authorized_keys file entry that looks like (this is all in one line one line)

from=”202.41.95.13″,command=”rsync -aCz –server –sender $SRCDIR .”,
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty
ssh-dss
AAAAB3NzaC1kc3M

Here you must put the appropriate source directory in $SRCDIR.

The authorized key file can be put in a dummy users directory. This dummy user should have appropriate read/write permissions for the directory in question.

As an alternative you can use a configuration file “–config=$FILE” in place of $SRCDIR.

Once this is done, the owner of the SSH private key associated with the public-key (which is the bit that starts ssh-dss AAA….) can connect to the ssh server and start the above command and *only* the above command.

– Suramya

PS: Thanks to Kapil from the Linux Gazette Answer Gang for the above tip.

September 1, 2005

Learn two ways to disable Internet Explorer

Filed under: Computer Security,Security Tutorials — Suramya @ 11:04 PM

Techrepublic has a really nice article that tells you how to disable IE. Keep in mind that this just disables IE not remove it.

Article Extract:

The easiest way to remove users’ ability to browse with IE is to add a bogus proxy server to IE’s Internet Settings.

Follow these steps:

1. In IE, go to Tools | Internet Options.
2. On the Connections tab, click the LAN Settings button.
3. In the resulting dialog box, select the following check box in the Proxy Server section: Use a Proxy Server For Your LAN (These Settings Will Not Apply To Dial-up Or VPN Connections).
4. Enter 0.0.0.0 in the Address text box.
5. Enter 80 in the Port text box, and click OK.

Please note that adding a bogus proxy server to your Internet settings won’t affect Automatic Windows Update from connecting and updating your operating system.

You can also restrict Internet settings via Group Policy. Follow these steps:

1. On your domain controller, right-click the organizational unit that contains your domain users, and select Properties.
2. On the Group Policy tab, click Edit.
3. Expand User Configuration to set restrictions on a per-user basis.
4. Expand Windows Settings, and expand Internet Explorer Maintenance.
5. Select Connection, and double-click Proxy Settings.
6. Select the Enable Proxy Settings check box, add 0.0.0.0 to the HTTP entry, and click OK.
7. Expand Administrative Templates, and expand Windows Components.
8. Select Internet Explorer, and double-click Disable Changing Proxy Settings.
9. Select Enabled, and click OK.

Article Source :
Learn two ways to disable Internet Explorer

– Suramya

May 25, 2005

Tools for configuring iptables

Filed under: Computer Security,Security Tools,Security Tutorials — Suramya @ 8:20 PM

Configuring firewalls is not easy if you don’t know what you are doing and most of us don’t have the time of the paitience to spend hours figuring out internet security. But having a badly configured firewall is worse than having no firewall ’cause it gives you a false sense of security.

Thankfully there are tools out there that allow you to configure a decent firewall without needing a degree in rocket science. Chris Lynch has written an article on Newsforge which looks at Three tools to help you configure iptables.

Check it out.

– Suramya

May 16, 2005

Encrypting partitions using dm-crypt and the 2.6 series kernel

Filed under: Security Tutorials — Suramya @ 4:22 PM

Good article on how to Encrypt partitions using dm-crypt.

– Suramya

« Newer PostsOlder Posts »

Powered by WordPress