Apache is one of the most common Webservers being used today and Apache 2 is the latest release of this great product. Although Apache2 is fairly secure in its default installation it needs to be tweaked a little to make it more secured. The following article is a step by step guide on how to do this. Check it out. Its worth the time…
Article Link: Securing Apache 2
– Suramya
Links with papers on information security:
Has a great selection of articles with detailed instructions on how to secure various components of a OS.
Has a great selection of articles with detailed instructions on how to secure various components of a OS.
While Mandatory Access Controls (MAC) are appropriate for multilevel secure military applications, Discretionary Access Controls (DAC) are often perceived as meeting the security processing needs of industry and civilian government. This paper argues that reliance on DAC as the principal method of access control is unfounded and inappropriate for many commercial and civilian government organizations. The paper describes a type of non-discretionary access control – role-based access control (RBAC) – that is more central to the secure processing needs of non-military systems then DAC.
(Abstract Copied verbatin from site)
A NSA based project that attempts to create a more secure version on Linux.
The Information Security Writers group (Infosec Writers) is designed to serve as a primary Internet-based source of information, relating to various Information Security issues and topics.
(Abstract Copied verbatin from site)
Information Systems Security Mechanisms:
A collection of resources on computer security.
As always if you know of a resource not listed here, let me know and I will add it.
– Suramya
These are links to various sites that have information on Wireless LAN security. If you know of any other sites let me know and I will add them here.
Wireless security papers:
Lists a lot of papers on wireless security
Wardriving.com:
Has a lot of resources on Wardriving and how to protect against it
Wi-Fi Networking News:
Wi-Fi Networking News covers high-speed wireless networking and communications, focusing on Wi-Fi and related specifications.
Wi-Fi Planet:
A good source for Wi-Fi news
Securing Wireless Networks:
A good article on how to secure wireless networks
Wireless Intrusion Detection Systems:
Information on how to setup a Wireless Intrusion Detection system.
Wireless LAN Policies for Security &Management:
An interesting paper on setting up Wireless LAN security policies.
Airsnarf:
Airsnarf is a simple rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots
WPA2 (Wi-Fi Protected Access 2):
WPA2 is the second generation of WPA security; providing enterprise and consumer Wi-Fi® users with a high level of assurance that only authorized users can access their wireless networks
– Suramya
This very interesting article has a lot of details about tricks which are known to the spammers and scammers to obscure URL’s to make it easier to run scams and phishing attacks.
Check it out.
– Suramya
Have a look at these sites especially the guides and tutorials. You can use their links to find other sites and so on.
More to be added soon (As and when I go through my bookmark collection to find them)
– Suramya
A loopback device is a very special device that allows you to mount a normal file as it was a physical device. Loopback devices can be encrypted and these are called Crypto-Loops.
A good tutorial on Crypto-Loop is available here.
– Suramya
Idle users are a big problem if the system doesn’t either log them out or lock the session. This is so because if a session is idle that means it might be unattended and could be used by an unauthorized person to gain access to restricted resources.
In windows idle the OS can be instructed to lock accounts after a specific idle time and in KDE/Gnome the screensaver’s allow us to the same thing. But this doesn’t cover the shell access. Users can remain logged in indefinetly unless they logout. Below are some programs that will log a user out if they exceed the specified idle time:
If you know of any other ways please let me know.
– Suramya
These program(s) help you audit user logon activity to locate unusual activity:
Available as part of the Security Guide Scripts Download, this is a multi-threaded tool that will parse event logs from many servers at the same time.
Instructions on how to use EventCombMT are available over here.
Update (08th Aug 2007): Fixed the link to download the software and added the link to the instructions page
Here are some links to software/articles that will help you Audit your windows server(s):
Software:
Articles:
– Suramya
Below are some software that allows you to delete data from disks securely. All of them are pretty efficent and make it difficult for someone to recover the data. However keep in mind that no data is 100% unrecoverable to those who have sufficient time and money.
So it you have some really sensitive data that you have to destroy look into purchasing a furnace and melt the disks down and then destroy the remains.
Software for Data Wiping:
DBAN:
Darik’s Boot and Nuke (’DBAN’) is a self-contained boot floppy that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction.
It’s a bootable floppy image that sterilizes IDE hard disks on x86 machines.
BCWipe software is designed to securely delete files from disks and other media
The utilities on this page allow you to destructively wipe/delete/erase a file, a disk (floppy disks, hard disks, etc), or a partition.
Active@ KillDisk is a powerful and compact DOS software that allows you to destroy all data on hard and floppy drives completely, excluding any possibility of future recovery of deleted files and folders.
Eraser is a powerful system security utility developed on the basis of advanced studies and research.
Powered by WordPress