Security Information and Review

Collection of security information and review

Archive for the 'Linux Security' Category

Hacking Technique and defenses Strategy part 1

Author : Admin


Footprinting is the process of accumulating preliminary data about a target using publicly available methodes. This information can be used to gain a better understanding of the target’s network architecture. There are many ways and techniques to get information about a target such the use of search engines, domain and network block registrars.

Enforcement of the following defensive tactics are strongly recommended in order to minimize the risks associated with exposure of sensitive information by search engines and web server misconfigurations. Administrators perform routine audits web server configuration and the data it is allowed to server. Administrators also must be instructed not to post job vacancies on technical news groups, message boards and mailing list using their real names and e-mail address.

… continue reading : Hacking Technique and defenses Strategy part 1.

4 June 2009 at 08:48 - Comments

Base Linux Security with IPTables

Author : Admin

Most people think that to protect computer networks from outside attacks by using firewall but they don’t understand what a firewall is and how it really work. A firewall inspects packets as they arrive on an interface, searching a table until it finds a matching rule to determine what is should do with each packet and the follow the action the rule specifies.

If the packet does not match a specific rule, a default action decides the packet’s fate, generally known as falling through the bottom of the rules. For firewalls, the generally accepted good default action is Deny. That is, unless we explicitly permit a particular access, the packet is dropped. This allows us to permit what we know and block what we do not. … continue reading : Base Linux Security with IPTables.

1 June 2009 at 19:41 - Comments

Basic User Linux Security

Author : Admin

All Administrator for Linux security reasons, Linux / Ubuntu server disabling the root user, it doesn’t even have a password , so we can not login as root so we do finish the installation system, because the root has rights to the infinite and to reduce the risk of error due to the usage rights as root.
How about a task which can only be run using the root user? On Linux in general, especialy of the Ubuntu Server, introduced with the use of sudo mechanism. The idea of sudo can be described that task - a task which can only be run by root can be defined specifically for a previous user of a given authority. Because sudo is the basic mechanism on Ubuntu to perform tasks that normally are reserved for root only, after a normal installation every administration tasks is performed that way.For example to run the shutdown command, is generally the root user has authority to run it but we can define on a particular user to run. The user is authorized to run commands with sudo. Define the commands and the user is authorized to run sudo then we need to do edit the file / etc / sudoers. We can use our favorite editor to do it, vi, or nano visudo.
… continue reading : Basic User Linux Security.

23 May 2009 at 08:24 - Comments