SH’s (secure shell) most common authentication mode is called “interactive keyboard password authentication”, so called both because it is typically done via keyboard, and because openssh takes active measures to make sure that the password is, indeed, typed interactively by the keyboard. Sometimes, however, it is necessary to fool ssh into accepting an interactive password non-interactively. This is where sshpass comes in.
This article looks some of the security concerns with using sshpass. Do you use sshpass? If so do you think about the security issues with it.
In an ideal world, words like cryptography and security wouldn't even exist, but the real world is far from perfect, so software developers have to spend a good deal of time building security into applications. Cryptography is just one piece of the security puzzle, along with SSL/TLS, certificates, digital signatures, and so on. This article explains how to use PHP to implement the most common cryptographic algorithms. In addition to describing PHP's default encryption functions, you'll see how to use a wide variety of cryptographic libraries and packages.
Building security into your web applications is an important skill to have. Have you thought about adding cryptography to your php programs? If so this article looks at ways of doing so.
Source: Linux home networking - Posted by Bill Keys
Configuring Samba for your office or home can provide many advantages. By encouraging users to store files on a central file server, you can simplify data backup and in some cases, software installation and maintenance.
Unfortunately, the initial configuration of Samba can be tricky. Many simple steps need to be executed in the correct order, and one small slip up can have big repercussions. This chapter explores the ways in which you can recover from those mistakes that you couldn't avoid.
Do you thing about how can I make my share secure? When setting up Samba it alway important to make it secure. This article will show you how to setup a secure Samba share.
Source: Network World - Posted by Eckie Silapaswang
Think server sprawl is bad now? Just wait till you experience virtual server sprawl. When users can clone a virtual machine with the click of a mouse, or save versions of applications and operating systems for later use, you're asking for trouble if IT doesn't maintain tight control, virtualization management vendor Embotics warned in a session at Interop Las Vegas Tuesday. (Look through our slideshow at other products shown at Interop.)
The ease of creating and deploying virtual machines can lead to a nightmare of confusion when it comes to IT maintenance. How do you keep track of hundreds of VMs scattered about your network, all with varying operating systems and applications installed? How do you know which ones are securely patched and what other servers they can access? Read on for an overview of this growing problem and let us know what solutions you may have for virtual server sprawl.
CDPSnarf is a network sniffer exclusively written to extract information from CDP packets. It provides all the information a “show cdp neighbors detail” command would return on a Cisco router and even more.
Read on for some example output from CDPSnarf as well as links to the actual project. Let us know if this aids in your CISCO traffic debugging!
With tinc you can create a virtual private network (VPN) that lets you communicate between two machines over an insecure network such as the Internet with all of your traffic encrypted between the hosts on your virtual network.
Another interesting application for tinc is connecting your laptop to a Wi-Fi router at home. You might already be using WPA2 to ensure that only valid hosts can connect and communicate with your Wi-Fi router, but you might not be able to assign a fixed address to the laptop when it is connected over Wi-Fi. So if you want to connect to an SSH daemon on the laptop itself or access an NFS share on the laptop, you have to play guessing games as to which IP address the Wi-Fi router has given the laptop this time. Running tinc on the laptop and a server at home removes the guessing game -- just connect to the laptop's VPN IP address.
This is an interesting article for anyone who is thinking about setting up an VPN. It talks about using a tool called tinc.
Selective acknowledgment (SACK) is an optional feature of TCP that is necessary to effectively use all of the available bandwidth of some networks. While SACK is good for throughput, processing this type of acknowledgment has proven to be CPU intensive for the TCP sender. This weakness can be exploited by a malicious peer even under commodity network conditions. This article presents experimental measurements that characterize the extent of the problem within the Linux® TCP stack. SACK is enabled by default on most distributions.
This article provides a detailed analysis of the Linux TCP stack with an in-depth look at SACK. Can exploitation of SACK drive CPU intensity to the point that it can be considered a legitimate DoS attack? Read on to find out!
Source: searchenterpriselinux - Posted by Bill Keys
There's a downside to adding Linux or Unix servers to a Windows shop: These orphan machines lie outside the protective umbrella of the centralized user authentication and authorization controls of Microsoft Active Directory. The result? Multiple user identifications and logins, higher risk of errors and security loopholes, and of course, more work for system administrators.
Adding security in a Linux and Window environment is an important step in the health of a users network. This article looks some ways to increase the security of an Linux Windows shared environment.
Source: Tao Security - Posted by Eckie Silapaswang
Nearly three years after the initial post describing the idea , I am happy to report that OpenPacket.org 1.0 is ready for public use, free of charge.
The mission of OpenPacket.org is to provide quality network traffic traces to researchers, analysts, and other members of the digital security community. One of the most difficult problems facing researchers, analysts, and others is understanding traffic carried by networks. At present there is no central repository of traces from which a student of network traffic could draw samples. OpenPacket.org will provide one possible solution to this problem.
For all the Snort, Wireshark, and TcpDump enthusiasts out there, OpenPacket.org provides fresh packets for research and analyzing purposes. Looking for a particular traffic pattern? Check out OpenPacket.org!
Malicious SSH login attempts have been appearing in some administrators' logs for several years. This article revisits the use of honeypots to analyze malicious SSH login attempts and see what can be learned about this activity. The article then offers recommendations on how to secure one's system against these attacks.
We have all see in your log files attempts on trying to login in to our Linux machines through ssh. If you are interesting in learning more about what they are doing then trying to login in to your machine, setting up a honeypot is a great way to learn. This article explains everything you need to know about honeypots.
