This article addresses the role information security plays in an organization. Historically, organizations have deemed information security to be an information technology issue, one that the business as a whole did not need to address. Organizations have also treated information security as an add-on feature, almost an afterthought. Information security must become ingrained into the culture of the organization to ensure security compliance in all facets of the company. Organizations that are beginning to mature with information security may choose to investigate and implement established systems that support information systems.
Needs very little maintenance and is extendable beyond your wildest imagination. All depending on the hardware used, of course. This is just a COPY&PASTE howto. For more info use the net. I did... However, contributions and suggestions are allways welcome! I know this can be done better, so feel free. I should have based this tuto on 6.06 LTS right away, because of the LTS. Sorry for that. Due to some minor but important changes needed to make this work with Ubuntu 6.06 LTS, I wrote it again.
This guide describes how to generate and use a private/public key pair to log in to a remote system with SSH using PuTTY. PuTTY is an SSH client that is available for Windows and Linux (although it is more common on Windows systems). Using key-based SSH logins, you can disable the normal username/password login procedure which means that only people with a valid private/public key pair can log in. That way, there is no way for brute-force attacks to be successful, so your system is more secure.
When it comes to network security, Cisco is actively involved in coming up with some of the very best solutions to troublesome problems that unexpectedly occur. When it comes to books about security, however, Cisco Press has an uneven batting average. Some of the books are good, while others leave you wondering how they made it through the editing stage. Looking at words like “paradigm” on the back cover of this title, my spine began to get a familiar tingle, but in this case, I am happy to report, they have hit a home run.
Cisco Security MARS (Monitoring, Analysis, and Response System) is a product intended to work with your network and identify (as well as prevent) problems early on. It is also intended to boost data privacy to the point where compliance becomes a certainty. Given the customization that is possible and the importance of getting it right, a book on the topic that is detailed and easy to read is almost a necessity.
Roadwarrior is a client that uses unknown, dynamically assigned IP addresses to connect to a VPN gateway (in this case also firewall). This situation is shown on picture 1.1 and is one of the most interesting and today most needed scenarios in business environment. Here are some of the reasons why that is so: Client can be any computer (with any IP address assigned) that has Internet access and can initiate connection to VPN gateway. Wen connecting to VPN network, client is assigned an internal IP address on the network he is connecting to, which gives an impression that it is directly connected to VPN network, instead of connecting by tunneling through Internet. When internal IP address is assigned, network administration is easier. Traffic is protected on the route from the client to the VPN gateway. When connected, client doesn't have direct access to Internet because traffic is routed through VPN network and firewall (VPN gateway).
"The ASSP server project is an Open Source platform-independent transparent SMTP proxy server that leverages numerous methodologies and technologies to both rigidly and adaptively identify spam. This web site's domain name, "ASSPSMTP", is the common name used for the daemon or service running ASSP." In short ASSP is the most kickass solution that is both free and works great. It reduced spam to an absurd minimum for me. The current solutions (Spamassassin,Razor,Pyzor,Dcc) were not enough for my situation. This software works from the port 25 on a system. and stop spam where it enters your system.
More and more, developers are becoming aware of the threats posed by malicious code, and SQL injection in particular, and by leaving code vulnerable to such attacks. However, while SQL is the most popular type of code injection attack, there are several others that can be just as dangerous to your applications and your data, including LDAP injection and XPath injection. While these may not be as well-known to developers, they are already in the hands of hackers, and they should be of concern.
I’m posting the following more for my own benefit and reference than anything else…Correct syntax for SSH and SFTP on Ubuntu on irregular ports: (replace items in < > with your stuff, without the < >)
Source: Slashdot.org - Posted by Benjamin D. Thomas
Mark Osborne doesn't like auditors. In fact, after reading this book, one gets the feeling he despises them. Perhaps he should have titled this book 'How I learned to stop worrying and hate auditors'. Of course, that is not the main theme of How to Cheat at Managing Information Security, but Osborne never hides his feeling about auditors, which is not necessarily a bad thing. In fact, the auditor jokes start in the preface, and continue throughout the book.
The subtitle of the book is 'Straight talk from the loud-fat-bloke who protected Buckingham Palace and ran KPMG's security practice'. Essentially, the book is Osborne's reminiscence of his years in information security; including the good, the bad, and more often then not, the ugly.
