Web Hosting Dedicated Server Linux Windows Security Managed Articles Tutorials - Security

Hardening a Linux server in 10 minutes

admin — Tue, 18 Jul 2006 18:19:12 -0400

Did you know that a freshly installed Linux server can be hardened in less than 10 minutes? Here’s how!

Security: General Advices

admin — Thu, 06 Jul 2006 04:33:30 -0400

Manny people think: "My machine cannot be hacked. There are so manny computers over internet, why would happen this to me? Also I've taken some security measures. It will not happend to me."

Check Your Server Security

admin — Thu, 06 Jul 2006 01:51:01 -0400

Sometimes it is possible that your server is compromised, but the actions made by attacker do not affect your server functionality, so you may never find that your machine was compromised.

Setting Up Linux Server

admin — Sat, 22 Apr 2006 20:44:00 -0400

This tutorial really should be titled "How to get your
Debian server off the ground as quickly as possible", since it's based on
minimal Debian Linux (stable) install.

Here you'll be able to get your box secured very quickly, and then get the
services running with minimum hassle and pain.

Preventing SPAM

admin — Wed, 28 Sep 2005 01:22:00 -0400

The professor was shocked. She never expected any of her students to do this. The computer monitor showed an obscene e-mail from her favorite student. It was actually a spoofed spam, not actually sent from her student, but sent by spammers.

Preventing Log Evasion in IIS

admin — Mon, 26 Sep 2005 18:26:00 -0400

One of the most important functions a Web site has is the ability to track who is visiting it, where they are coming from, and what they are doing. While logs themselves may not always be the most accurate measurement of what's going on, they do provide a high level overview useful for tracking common user functions and tasks. There are instances when certain types of data aren't logged such as referrers, cookies, user agents, and POST data. Logging can also be used to track abnormal behavior including malicious requests sent by a potential attacker trying to break into your site. These logs can be extremely valuable in identifying if an attack was successful or not, as well as some of the exact commands that an attacker may have executed.

Are your servers secure?

admin — Thu, 15 Sep 2005 22:29:00 -0400

In a word, No. No machine connected to the internet is 100% secure. This doesn't mean that you are helpless. You can take measures to avoid hacks, but you cannot avoid them completely. This is like a house - when the windows and doors are open then the probability of a thief coming in is high, but if the doors and windows are closed and locked the probability of being robbed is less, but still not nil.

Hardening Windows W2K Server

admin — Mon, 08 Aug 2005 15:28:00 -0400

This document is intended as a starting checklist to harden Windows 2000 Server and IIS for security vulnerabilities. This checklist is designed for those that are extremely familiar with Windows and IIS, as explanations for the checklist actions are not included. It is strongly recommend that you visit the Microsoft Security and Privacy page, at http://www.microsoft.com/security/default.asp, for specific information about each step and the reason behind each action.

Hardening your Kernel with OpenWall

admin — Sun, 06 Mar 2005 11:35:00 -0500

The Openwall Project provides security related kernel patches for Linux and BSD kernels. I read about this in Hardening Linux by James Turnbull. The patch that most interested me was to prevent executable code from running in the stack. That won't prevent all buffer overflow attacks, but it can stop some of them. I really don't understand why this isn't just the default nowadays - I know it can break some programs and debuggers, but it seems smart to me.

A Cure for the Common SSH Login Attack

admin — Wed, 23 Feb 2005 14:06:00 -0500

Updated: 2006-03-20

A few months ago, I began seeing our 'secure' log files fill up with entries, stating: "Failed password for illegal user [username]". Being somewhat alarmed about this I decided to search the Internet to find out if others were experiencing these or similar attacks and, hopefully, find a solution.