Source: Linux Security.com - Posted by Eckie Silapaswang
Secret knocks have been used for purposes as simple and childish as identifying friend or foe during a schoolyard fort war. Fraternities teach these knocks as a rite of passage into their society, and in our security world we can implement this layer of security to lock down an SSH server.
With this guide on FWKNOP by Eckie S. (one of our own), you are taken on an easy-to-follow process of securing your platform with your own client and server port knocking set-up.
Installation, iptable Rules setup, configuring access for the client and server, and everything in between.
We are happy to announce a new addition to the Linux Security Contributing Team: Gian G. Spicuzza. Currently a Graduate Student pursuing a Masters Degree in Computer Security (MSIA), Gian is a certified Linux/Unix administrator, the lead developer for the OSCAR-Backup System (at Sourceforge.com) and has experience in a variety of CSO, Management and consulting positions.
His first topic is a quick foray into the world and psychology of Social Engineering:
All the security in the world isn't going to stop one of your employees or coworkers from giving up information. Just how easy is it?
Craig never worked for Linda's company, nor did he call from IT. Craig was an unethical hacker who just gained unauthorized access to her account. Why? Because a phone call is simple.
Read on to see just how easy businesses can be exploited.
It is customary for communities of every sphere to stand up occasionally, and take a good, long look at what’s going on in the world around them. For us here at Linuxsecurity.com, we felt it was a great opportunity to put it all together.
Since 1996, Linuxsecurity.com has been bringing open source news, HOW-TOs, Feature stories and more to the open source community with comprehensive coverage. As one of the veterans in this area, we’d like to see you chime in. With so much going on in Linux and security, what does the community really care about?
As the variety of attacks and threats grow, you need to be prepared. In this HOWTO, get a feeling for the Fork Bombing Attack, what it is, how it works, where it comes from, how to deal with it and more.
As a bonus to this week’s review of “Ruby By Example,” I'd like to give an applied security related example of Ruby by walking you through a chunk of code in the Metasploit Open Source Exploit Framework (www.metasploit.com). Metasploit is written entirely in Ruby and
has gained critical acclaim as the standard for open source exploit frameworks and should be a vital tool in any security guru's box.
