linux poison RSS
linux poison Email
0

Security Guide for Linux by NSA

Posted by Unknown
Guide for Linux is presented as Hardening Tips for the Red Hat Enterprise Linux 5 and Guide to the Secure Configuration of Red Hat Enterprise Linux 5. Of course most of recommendation suit other distributions. Here is the introduction quote from latter guide:
"The purpose of this guide is to provide security configuration recommendations for the Red Hat Enterprise Linux (RHEL) 5 operating system. The guidance provided here should be applicable to all variants (Desktop, Server, Advanced Platform) of the product. Recommended settings for the basic operating system are provided, as well as for many commonly-used services that the system can host in a network environment.
The guide is intended for system administrators. Readers are assumed to possess basic system administration skills for Unix-like systems, as well as some familiarity with Red Hat’s documentation and administration conventions. Some instructions within this guide are complex. All directions should be followed completely and with understanding of their effects in order to avoid serious adverse effects on the system and its security."
Above mentioned guide covers the following directions: system-wide configuration (for example, iptables and ip6tables setup, logging, selinux and etc.) and services configuring (SSH, Avahi server, MTA, LDAP and many others).


Read more
1

How to enable IP Forwarding

Posted by Unknown
By default any modern Linux distributions will have IP Forwarding disabled. This is normally a good idea, as most peoples will not need IP Forwarding, but if we are setting up a Linux router/gateway or maybe a VPN server (pptp or ipsec) or just a plain dial-in server then we will need to enable forwarding. This can be done in several ways that I will present bellow.

Check if IP Forwarding is enabled
We have to query the sysctl kernel value net.ipv4.ip_forward to see if forwarding is enabled or not:

Using sysctl:
sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
or just checking out the value in the /proc system:
cat /proc/sys/net/ipv4/ip_forward
0
As we can see in both the above examples this was disabled (as show by the value 0).

Enable IP Forwarding on the fly
As with any sysctl kernel parameters we can change the value of net.ipv4.ip_forward on the fly (without rebooting the system):
sysctl -w net.ipv4.ip_forward=1
or
echo 1 > /proc/sys/net/ipv4/ip_forward
the setting is changed instantly; the result will not be preserved after rebooting the system.

Permanent setting using /etc/sysctl.conf
If we want to make this configuration permanent the best way to do it is using the file /etc/sysctl.conf where we can add a line containing net.ipv4.ip_forward = 1
/etc/sysctl.conf:
net.ipv4.ip_forward = 1
if you already have an entry net.ipv4.ip_forward with the value 0 you can change that 1.

To enable the changes made in sysctl.conf you will need to run the command:
sysctl -p /etc/sysctl.conf
On RedHat based systems this is also enabled when restarting the network service:
service network restart
Read more
0

How to use hosts.allow and hosts.deny (tcpwrappers)

Posted by Unknown
1. Open terminal
2. su - if you not a root user
3. Use your favorite editor like vi.
4. Type vi /etc/hosts.deny
5. At the bottom line just type “ALL:ALL:deny” to restricted all of deamon process
6. Save it.
7. Open “/etc/hosts.allow” with vi editor
8. At the buttom line “ALL:(some ip that you allow):allow” to allow anything from my IP address
9. Save it.
Read more
0

Safer, Faster, and Smarter internet access

Posted by Unknown
Safer, Faster, and Smarter internet access by using OpenDNS

If you are not aware of OpenDNS, please do look here first.

OpenDNS protects you from phishing — bad websites trying to steal your personal information. When you try to go to a phishing site, Opendns let you know.
Let's try to configure and use this on Linux.

1) Make sure named is installed on your system.

2) Edit your /etc/resolv.conf file and add following entry
nameserver 127.0.0.1

3) Now edit your /etc/named.conf file, you should have similar to this... in your "options" section of named.conf file

options {
directory "/var/lib/named";
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
forwarders { 208.67.222.222; 208.67.220.220; };
forward first;
listen-on port 53 { 127.0.0.1; };
allow-query { 127.0.0.1; };
notify no;
};

Here most important part is entry of opendns servers in forwarders section.

4) Now restart your named server.

5) open your browser and type : http://www.opendns.com/welcome/ --> You should see something similar to this ...

Read more
3

Do not worry about spyware in Linux

Posted by Unknown
Q I’m thinking of trying out Linux, but I can’t seem to find any information on anti-spyware programs for that operating system. Do you know where I can find such software?
I am prepared to pay for them as it’s not worth the risk otherwise, based on my experience with Windows.

A You’ll be pleased to hear that there’s a good reason why it’s so hard to find an anti-spyware program for Linux: the threat from spyware is far smaller when using Linux than when using Windows.
Because of the way Linux works, it’s far harder to create spyware that can get at your personal information. Also, because the number of Linux users is still relatively small, it makes more sense for spyware creators to concentrate on spyware for Windows, where they are likely to get a bigger response. The same goes for viruses on Linux – no-one has yet seen a true virus for it.

That’s not to say it can’t happen, and in the future it’s perfectly possible that both viruses and spyware will start to appear. For now, however, it’s safe to go without anti-spyware protection when using Linux. Anti-virus software is available for Linux such as the free version of AVG.
There are two good reasons for installing this. The first is that you will be prepared in case someone does release a virus for Linux, and the second is that it will prevent you from inadvertently sending a virus to a friend using Windows.

One thing you shouldn’t go without is a firewall, however. Most Linux distributions will include one as standard, but make sure it is switched on and active before using the internet. This will provide an excellent line of defense against all kinds of online threats.
It is also very important to update Linux just as you would run Windows Update. Most distributions come with a way of doing this automatically.


Read more
Subscribe to: Posts (Atom)
Related Posts with Thumbnails