public marks

PUBLIC MARKS from lecyborg with tags linux & security

March 2008

Jabber Openfire Server

by 2 others
Openfire (formerly Wildfire) is a real time collaboration (RTC) server dual-licensed under the Open Source GPL and commercially. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance.

January 2008

Integrating amavisd-new Into Postfix For Spam- And Virus-Scanning

by 1 other
This article shows how to integrate amavisd-new into a Postfix mail server for spam- and virus-scanning. amavisd-new is a high-performance interface between MTAs such as Postfix and content checkers: virus scanners, and/or SpamAssassin. We will use ClamAV for virus scanning and SpamAssassin for spam scanning in this tutorial. I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

December 2007

PHP Login script

by 2 others
If you're looking for a serious script to manage your users then you're at the right place. Built with security in mind and packed with dozens of features, our PHP login script is the right solution for every webmaster looking to take his website to the next level. Trust us, we've stayed (and we still do for early versions) open-source long enough to learn what people really need.

November 2007

Data Encryption

Gestion du cryptage des données avec Bacula.

SSH-Agent Tutorial

by 1 other
Security is best when it is handy. ssh-agent is pretty darn handy. Ssh-agent can authenticate you to a remote machine via keypairs, rather than the traditional hand-typed username/password combination, with no loss of security.

Certificat SSL client apache

SSL côté client Pour accéder à ce serveur, le client devra posséder un certificat authentifié par (c'est à dire signé ou crypté par la clé privée de) l'autorité de certification choisie. Pour produire un tel certificat au format PKCS#12

Howto crack (or hack) a wireless network with Wired Equivalent Privacy (WEP)

WEP was intended to provide comparable confidentiality to a traditional wired network (in particular it does not protect users of the network from each other), hence the name. Several serious weaknesses were identified by cryptanalysts — any WEP key can be cracked with readily available software in two minutes or less — and WEP was superseded by Wi-Fi Protected Access (WPA) in 2003, and then by the full IEEE 802.11i standard (also known as WPA2) in 2004. Despite the weaknesses, WEP provides a level of security that can deter casual snooping

How to Install Openvpn

The purpose of this document is to describe how to install OpenVPN server on an Ubuntu Linux system and have it utilize an Ethernet bridge to access your local network. Ethernet bridges essentially allow the operating system to treat multiple network interfaces as one combined port. When used with OpenVPN a bridge will allow you to easily connect external users to your internal network and have them receive all traffic as though they were locally connected. The alternative is to use OpenVPN with a route but that will not allow some forms of traffic through (such as multicast), multicast traffic is important to me as many games require multicast data.

IPtables log analizer

IPTables log analizer (TODO : find a nice name for it) displays Linux 2.4 iptables logs (rejected, acepted, masqueraded packets...) in a nice HTML page (it support rough netfilter logs but also Shorewall and Suse Firewall logs). This page shall be easy to read and understand to reduce the manual analysis time. This page containts statistics on packets and links to more detailled information on a given host, port, domain and so on.

firewall Eyes : iptables log analysis tool

Firewall Eyes est un outil d'analyse de logs en temps réel pour le pare-feu iptables. Grâce à une interface Web, vous visualisez et supervisez simplement et efficacement l'activité réseau traversant votre firewall. Vous détectez aisément les activités suspectes et ajustez votre politique de sécurité.

October 2007

Running eBox on debian sarge

by 2 others
This article shows how to run a file-, print-, HTTP proxy- DHCP-, and time server for small and medium enterprises (SME) on one single Debian Sarge system. It is very easy to set up, and management is done with an easy-to-use web interface called eBox so once the system is set up, you can forget about the command line. eBox was developed to administrate advanced services for corporate networks, and it was created for Debian Sarge. I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

The perfect start with Smoothwall Express 3.0

Smoothwall Express is an internet firewall, which allows you to protect your network, as well as providing NAT functionality. It is ease to use and configurable via a web-based GUI. This open source firewall distribution requires absolutely no knowledge of Linux to install or use. This workshop shows the installation and basic configuration of the current release Smoothwall Express 3.0.

Firewall et sécurisation d'un réseau personnel sous Linux

by 1 other
Ce document a pour but d'expliquer les rudiments de la sécurité d'une machine Linux placée dans un réseau local (typiquement une maison on un appartement), reliée à Internet. Il est tout particulièrement destiné aux utilisateurs néophytes, ou n'ayant pas ou peu de connaissance sur la sécurité informatique en général, et sous Linux en particulier.

June 2007

Pinholes, DMZ et ipcop

Thread de forum décrivant le fonctionnement des Pinholes sous IPcop

HOWTO: IPCop-OpenVPN

by 2 others
I’m a huge fan of IPCop. It’s a great firewall distro that makes administration a snap using a slick web interface. My goal was to use IPCop and an easy-to-use VPN client to allow access to my LAN while away from home. I ended up going with the ZERINA OpenVPN addon for IPCop and the OpenVPN GUI for Windows.

Howto Roadwarrior | ZERINA - OpenVPN for IPCops

Howto for ZERINA 0.9.0b - ZERINA 0.9.4b This howto will guide you step by step on howto configure the OpenVPN addon, so that you can run an OpenVPN server on your IPCop firewall, so that roadwarrior clients (Win32 in this howto)can reach your lan. This is what we call "hassle free roadwarrior vpn" ;-)

April 2007

SÉCURITÉ Ssh sans mot de passe

Ou comment se connecter à une machine distante sans avoir à rentrer son mot de passe. Il existe une méthode de configuration plus rapide. Vous pouvez en une seule commande ajouter votre clé dans le fichier `authorized_keys` du serveur distant grâce à `ssh-copy-id`. Pour cela procédez comme suit :

Sandcat Web Application Security

Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization's web server to isolate vulnerabilities and identify security holes. The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities.

Wireless Penetration

by 1 other
Un diagramme expliquant comment pénétrer un réseau wifi selon les différentes possibilités. Très clair.

March 2007

Providing Active Directory authentication via Kerberos protocol in Apache

Providing Active Directory authentication via Kerberos protocol in Apache

Kerberos Module for Apache

Explique comment intégrer Kerberos dans un htaccess

January 2007

Airsnarf

by 1 other
Permet de chopper les mots de passe des gens sur les hotspots publics

Damn Vulnerable Linux

Distribution dédiée à l'apprentissage de la sécurité

lecyborg's TAGS related to tag linux

active directory +   aircrack +   amarok +   apache +   apt +   backup +   citadel +   comparatif +   cron +   crontab +   cryptage +   ctail +   cups +   debian +   desktop +   DHCP +   disque +   dns +   documentation +   ebook +   ebox +   EeePC +   exaile +   ext3 +   fichiers +   firewall +   forwarding +   free +   ftp +   funambol +   gnome +   google +   gparted +   graphisme +   groupware +   icones +   ie +   installation +   ipcop +   iptables +   jabber +   java +   kerberos +   laptop +   Launchpad +   ldap +   linutop +   logiciel +   lvm +   mail +   materiel +   monitoring +   munin +   musique +   nagios +   network +   ntfs-3g +   opensource +   palm +   partition +   paste +   pdf +   perso +   php +   phplogin +   postfix +   proprio +   proxy +   radeon +   raid +   rails +   rsync +   samba +   security +   serveur +   smoothwall +   ssh +   ssh-agent +   ssl +   stockage +   subversion +   synchro +   syncml +   tango +   test +   thinkpad +   tutorial +   ubuntu +   usb +   utile +   vmware +   vpn +   wallpaper +   web +   web2.0 +   wifi +   windows +   xdmcp +   xen +   zerina +