Setting Up ProFTPd + TLS On Debian Etch
FTP is a very insecure protocol because all passwords and all data
are transferred in clear text. By using TLS, the whole communication
can be encrypted, thus making FTP much more secure. This article
explains how to set up ProFTPd with TLS on a Debian Etch server.
HowTo: Install And Configure FWKNP (Using EnGarde Linux)
Secret knocks have been used for purposes as simple and childish as
identifying friend or foe during a schoolyard fort war. Fraternities
teach these knocks as a rite of passage into their society, and in our
security world we can implement this layer of security to lock down an
SSH server. The FireWall KNock Operator (fwknop) is an excellent port knocking
implementation that combines encrypted port knocking with passive OS
finger-printing. This makes it possible to define specifically which
Linux systems are allowed access to your SSH server. fwknop combines
its functionality with
iptables rules and log messages to grant or deny access to the SSH
daemon.
Virtual Users And Domains With Postfix, Courier And MySQL (CentOS 5.1)
This document describes how to install a Postfix mail server that is
based on virtual users and domains, i.e. users and domains that are in
a MySQL database. I’ll also demonstrate the installation and
configuration of Courier (Courier-POP3, Courier-IMAP), so that Courier
can authenticate against the same MySQL database Postfix uses. The resulting Postfix server is capable of SMTP-AUTH and TLS and quota (quota is not built into Postfix by default, I’ll show how to patch your Postfix appropriately). Passwords are stored in encrypted
form in the database (most documents I found were dealing with plain
text passwords which is a security risk). In addition to that, this
tutorial covers the installation of Amavisd, SpamAssassin and ClamAV so that emails will be scanned for spam and viruses.
Creating A Google Mashup: Getting Hyperic HQ Alerts On Your Google Page
This step-by-step document will guide you in creating a Google
Mashup, so that RSS alerts from Hyperic HQ appear on your Google home
page. This document is intended for current/ prospective users of
Hyperic HQ (either Network administrators or other users who have
limited or no experience with HQ). After following the step-by-step
instructions in this HOWTO, you should be set up and get your first
Hyperic HQ RSS alerts on your Google page.
Installing MyDNS And The MyDNSConfig Control Panel On Fedora 8
In this tutorial I will describe how to install and configure MyDNS
and MyDNSConfig on Fedora 8. MyDNS is a DNS server that uses a MySQL
database as backend instead of configuration files like, for example,
Bind or djbdns. The advantage is that MyDNS simply reads the records
from the database, and it does not have to be restarted/reloaded when
DNS records change or zones are created/edited/deleted. A secondary
nameserver can be easily set up by installing a second instance of
MyDNS that accesses the same database or, to be more redundant, uses
the MySQL master / slave replication features to replicate the data to
the secondary nameserver.
CentOS 5.1 Server Setup: LAMP, Email, DNS, FTP, ISPConfig (a.k.a. The Perfect Server)
This tutorial shows how to set up a CentOS 5.1
based server that offers all services needed by ISPs and web hosters:
Apache web server (SSL-capable), Postfix mail server with SMTP-AUTH and
TLS, BIND DNS server, Proftpd FTP server, MySQL server, Dovecot
POP3/IMAP, Quota, Firewall, etc. This tutorial is written for the
32-bit version of CentOS 5.1, but should apply to the 64-bit version
with very little modifications as well.
Setting Up An NFS Server And Client On Debian Etch
This guide explains how to set up an NFS server and an NFS client on Debian Etch. NFS stands for Network File System; through NFS, a client can access (read, write) a remote share on an NFS server as if it was on the local hard disk.
VMware Server 1.04 Guest Fix
This document describes how to fix the guest support for some Linux distributions, like Fedora 8, in VMware Server 1.04.
Creating Your Own Custom Ubuntu 7.10 Or Linux Mint 4.0 Live-CD With Remastersys
This guide shows how you can create a Live-CD from your Ubuntu Gutsy
Gibbon or Linux Mint 4.0 system with a tool called remastersys.
Remastersys is available in the Linux Mint romeo
repository. You can customize your Ubuntu/Linux Mint system and then
let remastersys create an iso image of it which you can then burn onto
a CD/DVD.
Configuring SSH To Use Freeradius And WiKID For Two-Factor Authentication
Radius is a great standard. It is powerful enough to accomplish a great deal and simple enough to be easy to handle. Freeradius
is an excellent, open source radius server that ships with many Linux
variants. It is well documented and well supported. The WiKID Strong
Authentication server is a commercial/open source two-factor
authentication system that uses public key encryption to transmit PINs
and one-time passcodes securely to software tokens running on
Blackberries, cell phones, Palms, PocketPCs or, using the J2SE client,
Linux, Macs and Windows PCs. You can think of WiKID like certificates,
but without the hassles of white lists/black lists and more secure -
because the PIN is validated on the server preventing offline
brute-force attacks.