HowtoForge - Linux Howtos and Tutorials - Security

ISPConfig 2.x: How To Add A "Move to SPAM"-Option To Your ISPConfig Installation

Mon, 22 Sep 2008 19:18:23 +0200

ISPConfig 2.x: How To Add A "Move to SPAM"-Option To Your ISPConfig Installation

This document describes the steps needed to add a third spam filter strategy to your ISPConfig 2.x installation. It will allow you and your users to select, wether they want to drop spam, allow spam or move it to the corresponding IMAP junk mail folder.

How To Enforce Google SafeSearch With SafeSquid Proxy Server

Mon, 15 Sep 2008 19:56:24 +0200

How To Enforce Google SafeSearch With SafeSquid Proxy Server

Google offers users with an option to filter out results that contain explicit sexual content, called SafeSearch. It also displays a warning message with search results identified as sites that may install malicious software on your computer. You can enforce Google SafeSearch with SafeSquid Proxy, so that it overrides the user preferences, and displays only SafeSearch results.

Spam Blocking And Web Filtering With The Untangle 5.3 Network Gateway

Tue, 02 Sep 2008 17:19:07 +0200

Spam Blocking And Web Filtering With The Untangle 5.3 Network Gateway

Untangle bundles common open-source applications for blocking spam, spyware, viruses, adware and unwanted content on the network in one single Linux distribution. It can be integrated into existing networks either as a router or as a transparent bridge (directly behind the router, but before the switch that connects the client PCs with the router). The best thing about Untangle is that you don't have to reconfigure the client PCs - Untangle works out of the box.

Preventing Brute Force Attacks With Fail2ban On Mandriva 2008.1

Fri, 29 Aug 2008 15:34:25 +0200

Preventing Brute Force Attacks With Fail2ban On Mandriva 2008.1

In this article I will show how to install and configure fail2ban on a Mandriva 2008.1 system. Fail2ban is a tool that observes login attempts to various services, e.g. SSH, FTP, SMTP, Apache, etc., and if it finds failed login attempts again and again from the same IP address or host, fail2ban stops further login attempts from that IP address/host by blocking it with an iptables firewall rule.

Preventing Brute Force Attacks With Fail2ban On Fedora 9

Mon, 25 Aug 2008 17:54:51 +0200

Preventing Brute Force Attacks With Fail2ban On Fedora 9

In this article I will show how to install and configure fail2ban on a Fedora 9 system. Fail2ban is a tool that observes login attempts to various services, e.g. SSH, FTP, SMTP, Apache, etc., and if it finds failed login attempts again and again from the same IP address or host, fail2ban stops further login attempts from that IP address/host by blocking it with an iptables firewall rule.

Running Vhosts Under Separate UIDs/GIDs With Apache2 mpm-peruser On Debian Etch

Thu, 21 Aug 2008 18:38:18 +0200

Running Vhosts Under Separate UIDs/GIDs With Apache2 mpm-peruser On Debian Etch

This article explains how you can install and configure apache2-mpm-peruser on a Debian Etch server. apache2-mpm-peruser is an MPM (Multi-Processing Module) for the Apache 2 web server, very similar to apache2-mpm-itk, but faster (almost as fast as apache2-mpm-prefork). mpm-peruser allows you to run each of your vhosts under a separate UID and GID - in short, the scripts and configuration files for one vhost no longer have to be readable for all the other vhosts. It is based on metuxmpm, a working implementation of the perchild MPM. The result is a sane and secure web server environment for your users, without kludges like PHP's safe_mode.

How To Block Porn Pictures And Images With SafeSquid Proxy Server

Tue, 19 Aug 2008 14:40:33 +0200

How To Block Porn Pictures And Images With SafeSquid Proxy Server

Administrators can use various methods to block access to websites that are pornographic in nature, like URL Filter, URL Blacklist, Keyword Filter, etc. But many porn sites allow users to register their email IDs on their website and deliver the latest images and pictures to their personal emails. So if a user is allowed access to his personal mail, he can enjoy himself without having to access any porn site. Such images are also regularly displayed as ads and banners on other web pages, that might not be pornographic in nature. Pornographic Image Filter can analyze an image in real-time, and identify the ones that are pornographic in nature. It analyzes the graphical content like skin tone, contour, etc. to identify a pornographic image. It is a commercially distributed add-on plug-in and can be used with SafeSquid to block pornographic images. Although it is about 85%-90% accurate, it acts as a good deterrent.

Installing ClamAV 0.93.3 From The Sources (+ Sendmail Integration) On CentOS 5.2

Thu, 31 Jul 2008 15:04:01 +0200

Installing ClamAV 0.93.3 From The Sources (+ Sendmail Integration) On CentOS 5.2

This how-to refers to the installation and configuration of Clamav 0.93.3 (from sources) on a Linux server running CentOS 5.2 and sendmail. We assume the fact you’ve installed sendmail from the rpm packages of your distribution.

How To Control Or Block Instant Messengers With SafeSquid Proxy Server

Tue, 29 Jul 2008 15:11:53 +0200

How To Control Or Block Instant Messengers With SafeSquid Proxy Server

In this tutorial I will explain how you can control or completely block access to a few instant messengers with SafeSquid, like Google Talk, Google chat within Gmail, MSN Messenger, Yahoo Messenger and Skype. Once you are familiar with the method of blocking these messengers, you should be able to block other messengers. Please note that these methods will only be effective, if you block all direct access to the router and firewall, except required ports like 25 & 110, so that users are able to access the net only through the proxy server. When all higher ports are blocked, most messenger try to communicate on port 80 and 443, which will have to go through the proxy, and thus allow you to control them. Most messengers also allow you to define proxy settings and username / password for authenticating Proxies.

How To Patch BIND9 Against DNS Cache Poisoning On Debian Etch

Mon, 28 Jul 2008 16:17:45 +0200

How To Patch BIND9 Against DNS Cache Poisoning On Debian Etch

This article explains how you can fix a BIND9 nameserver on a Debian Etch system so that it is not vulnerable anymore to DNS cache poisoning.

BIND 9 Vulnerability And Solution - Patch BIND To Avoid Cache Poisoning (Fedora/CentOS)

Sun, 27 Jul 2008 19:56:59 +0200

BIND 9 Vulnerability And Solution - Patch BIND To Avoid Cache Poisoning (Fedora/CentOS)

I am pretty sure most of you guys have hard about the Vulnerability in BIND. Dan Kaminsky earlier this month announced a massive, multi-vendor issue with DNS that could allow attackers to compromise any name server - clients, too. I thought I would share with you all one of the quickest solutions systems administrators running BIND 9 can use to help solve this vulnerability in case their systems are vulnerable.

A Simple Mailserver On Arch Linux (Postfix + Dovecot)

Thu, 24 Jul 2008 15:10:49 +0200

A Simple Mailserver On Arch Linux (Postfix + Dovecot)

This tutorial describes how to install a complete mailserver using Postfix and Dovecot on an Arch Linux machine or VPS. This specific tutorial is based on my 256MB VPS. Basic linux knowledge is required as I'm not describing every step in detail.

How To Block WebPages Based On Keywords Or Phrases With SafeSquid Proxy Server

Tue, 22 Jul 2008 14:03:45 +0200

How To Block WebPages Based On Keywords Or Phrases With SafeSquid Proxy Server

Keyword Filtering allows you to block web pages, depending on the words and phrases found in the page's title, meta tags and body. Keyword filtering in SafeSquid uses a 'weighed keyword scoring' method. It analyzes web pages, and searches for specified, unacceptable words or phrases.

How To Install And Configure Dansguardian With Multi-Group Filtering And Squid With NTLM Auth On Debian Etch

Wed, 16 Jul 2008 19:21:47 +0200

How To Install And Configure Dansguardian With Multi-Group Filtering And Squid With NTLM Auth On Debian Etch

This how-to describes how to install and configure Dansguardian with multi-group filtering, Squid with NTLM auth, ipmasq, and dnsmasq to provide a full internet gateway solution for small to medium sized networks. This how-to requires two NICs in order to preform firewalling and transparent proxying.

HOWTO: Encrypt The System Manually Upon Installation (Ubuntu 8.04)

Tue, 15 Jul 2008 17:27:33 +0200

HOWTO: Encrypt The System Manually Upon Installation (Ubuntu 8.04)

This tutorial describes how you can encrypt an Ubuntu 8.04 (Hardy Heron) system right during the initial installation.