Loading ...
A while back I wrote a piece about how to Secure the hell out of your Linux box, and I thought I’d follow up with the same but for the Windows world. Yes yes, this is a Linux blog and this kind of post won’t happen all that often, or possibly never again, but security I feel is far more important than technological allegiances.
We can have the most secure box in the world but that doesn’t mean necessarily that we’re safe. There are a lot of interested parties in the world that want your information and the list of who those interested parties are grows by the day. Looking for a job? Well, the companies you’re applying to are running Google searches on your real name, your email address, and any screenname you may have given them, looking you up at LinkedIn, Myspace, Facebook, etc. Making online purchases? Well, both the identity thief and the government would love to track those transactions. Searching for information related to an embarrassing situation in your personal life? Google saves those searches. Like to show off your musical tastes on Last.fm? Congrats, you’re probably broadcasting a good portion of the music you’ve pirated. Logging in to a site to pay a bill? There’s a cracker out there that would love for your password to be transmitted in plain text, rather than encrypted. And lets not forget the fact that AT&T spies on the American populace for the NSA, MPAA, RIAA, and probably any other organization that asked it to. Even if you truly trust a company, you never know what information of yours could be handed over in a lawsuit. Think you’re hidden behind a screen-name? Think again.
I should give a little warning, I do suggest people follow all of these tips, but they are for the paranoid and some will consider it over board.
Related Reading on TuxTraining.com
Here are some things you can do to make your apache configuration more secure.
Some of these suggestions may decrease performance, or cause problems due to your environment. It is up to you to determine if any of the changes I suggest are not compatible with your requirements. In other words proceed at your own risk.
Tripwire is a security tool that checks the integrity of normal system binaries and reports any changes to syslog or by email. Tripwire is a good tool for ensuring that your binaries have not been replaced by Trojan horse programs. Trojan horses are malicious programs inadvertently installed because of identical filenames to distributed (expected) programs, and they can wreak havoc on a breached system.
Snort is a Network Intrusion Detection System (NIDS), which can view and analyze packets on a network to determine whether or not a system is being attacked by remote. Most Linux distributions come with Snort, so it’s simply a matter of installing Snort via urpmi, apt-get, or yum. If you’re like me and run a distro where Snort is not in the repo’s you can grab the source here. Snort can write its collected information to a variety of different sources for later analysis, be it flat files or a database such as PostgreSQL or MySQL.
As well, Snort can be used as a simple packet logger, sniffer, or a full-blown NIDS.
If you want to secure your server using AppArmor, you have to create and modify the profiles for all the applications you use. This can easily be done using the YaST AppArmor modules or the command-line tools.
The YaST modules are more or less self-explaining, but more for mouse users.
Therefore I’ll explain the command-line tools a bit. I’ll also explain some AppArmor basics when needed.
Of course these instructions are also valid if you use your computer as a workstation
Alot of people are freaked out by IPTables and find it hard to understand. However, once you get the grasp of it the basics are easy. This document will serve as a basic how-to on using iptables.
