A Unix-based tool:
Lynis is an auditing tool which tests and gathers information from Unix based systems. The audience for this tool are security and system auditors, network specialists and system maintainers.
Lynis features
- System and security audit checks
- File Integrity Assessment
- System and file forensics
- Usage of templates/baselines (reporting and monitoring)
- Extended debugging features
Write Comment |
|
From Linuxhaxor.net, the top 3 tips: Are there any other tips you think should have been included or that you found to be true?
The following is a list of rules and tips you might find useful in dealing with basic security concerns:
1. Avoid doing your regular jobs when you are logged in as root. This reduces the risk of getting a cuckoo egg or a virus and protects you from your own mistakes.
2. If possible, always try to use encrypted connections to work on a remote machine. Using SSH (secure shell) to replace telnet, ftp, rsh, and rlogin should be standard practice.
3. Avoid using authentic method based on ip address alone.
Write Comment |
|
An interesting and quick tip on how to fix a mail server error while running SELinux:
Since I upgraded my server and activated SELinux I haven't gotten any emails from Wordpress when people post comments on this blog (that's why it has taken my so long time to approve comments). Today I decided it was time to look into the problem...
Write Comment |
|
|
"Know your enemy." So the saying goes in all forms of the attacker/defender relationship. This article is an example of that. One of the most vulnerable forms of security is the password - many people have easy to duplicate passwords, companies often keep default passwords the same, and so on and so forth. Crackers can take advantage of this - especially if they have the right tools. And the better you know those tools, the better you can protect against them.
Do note there are also various tools to generate wordlists for brute forcing based on information gathered such as documents and web pages (such as Wyd - password profiling tool) These are useful resources that can add unique words that you might not have if your generic lists.
Write Comment |
|
A great find (from NixCraft) for a quick overview on the available programs to detect and check for rookits on your machine:
A rootkit is a program (or combination of several programs) designed to take fundamental control (in Unix terms "root" access, in Windows terms "Administrator" access) of a computer system, without authorization by the system’s owners and legitimate managers.
Write Comment |
|
|
|
<< Start < Prev 1 2 3 Next > End >>
|
| Results 1 - 9 of 30 |
