Server Security - Page 46
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
This paper examines internet security with respect to the WWW. A number of WWW security issues are presented in three areas: server, client and communication between server and client. Practical precautions and solutions are suggested regarding these issues. Guidelines for protecting host systems are discussed.. . .
What do you do when your site is attacked or your system fails? Backup, Avi Rubin argues, is the most reliable way to ensure that what you've lost can be recovered. Here he takes a look at protecting your backup and . . .
Squid is an excellent open source web caching proxy package, but it requires quite a lot of tuning to achieve the kind of performance seen in commercial proxies. This article presents several independently useful ideas for tuning a web caching system. . . .
This article is intended to bring you up to speed quickly on how to use postfix on your network as a secure means of receiving e-mail from and delivering it to Internet hosts. In particular we'll focus on deploying postfix on firewalls, in DMZs and in other settings in which it will be exposed to contact with untrusted systems.. . .
One vulnerability allows a malicious user to read passwords and discern network structure while the other allows a malicious user to create or browse file directories on a Web server. Both vulnerabilities provide a malicious user with access to sensitive data . . .
A computer-security company is warning network administrators to watch out for new rogue software capable of playing the role of foot soldier in denial-of-service attacks against Internet servers. X-Force, the research-and-development arm of Atlanta-based Internet Security Systems Inc., reported Tuesday that . . .
If it's speed and security you're looking for, Postfix is a very nominal choice for a MTA. The MTA uses multiple layers of defense to protect the local system against intruders, as well as having the ability to run in a chroot jail. . . .
What do you do when your site is attacked or your system fails? Backup, Avi Rubin argues, is the most reliable way to ensure that what you've lost can be recovered. Here he takes a look at protecting your backup and recommends some products that can help. . . .
More workers feel stressed out by computers than those driven to distraction by traffic jams, queuing, and the in-laws -- and some find them even more stress-inducing than the end of a relationship, according to a survey. . . .
As Linux Mandrake works it's way away from it's Red Hat roots, they've added a number of features "out of the box" that make it easier to use as a server. However, there are still a number of things that I . . .
The CERT/CC has begun receiving reports of an input validation vulnerability in the rpc.statd program being exploited. This program is included, and often installed by default, in several popular Linux distributions. Please see Appendix A of this document for specific information . . .
The Internet may feel like a place where you roam anonymously and privately, but with every foray onto the Internet, your PC actively exchanges information with other computers. So just how private and secure are these communications?
There are basically three reasons to use a database, rather than a text file, to store data. The first reason is speed. Accessing data stored in a database is much faster than accessing data stored in a text file. A database is designed for rapid location of information. A text file, you have to read through each record until you find what you are looking for.. . .
Well-meaning hackers are creating an army of "script kiddies" by making security holes public, says a speaker at the Black Hat Security Conference.
The first thing I did upon getting cable modem access in my apartment was to get an old Pentium 133 computer, put in two NICs, and fire up the OpenBSD 2.7 boot floppy. I did this for several reasons: first, because . . .
In this article, I'm going to cover the standard way of protecting parts of your Web site that most of you are going to use. In the next part I'll talk about using databases, rather than text files, to contain your . . .
A "buffer overflow" attack deliberately enters more data than a program was written to handle. The extra data, "overflowing" the region of memory set aside to accept it, overwrites another region of memory that was meant to hold some of the . . .
An extensive article on Apache security. ... However, does "free" come at a price when it comes to security? It doesn't have to. The diligent network manager will quickly recognize the advantages of choosing a platform that is field-tested on . . .
Pulsar Data Systems Inc. on Tuesday unveiled its secure e-commerce portal, PulsarData.com, which uses smart cards to enable agencies to purchase information technology products. Pulsar, a wholly owned subsidiary of Internet data security company Litronic Inc., announced the smart card feature, . . .
The hottest trend these days in network intrusion is to exploit buffer overruns, a technique where-by you feed a program more data than it has allocated, overwriting the memory in the hope of making the program do something it would normally . . .