Tag Archives: Security
Protection from unwanted threats and attacks to hosts in your company network is very important part of your business activity. Today there are many threats which can be dangerous for your IT infrastructure. Because of that there are many hardware and software tolls and devices for your network protection. Antivirus software and hardware firewalls are used in most situations. On the market also exist many software firewalls which are used to protect computers from attacks from internal or external network. Software firewalls can also protect network from attacks sourced from computer on which software firewall is installed. One of the most used software firewalls is Windows Firewall which comes along with Windows OS installed. In this article we will describe Windows Firewall and explain how you can use it to protect your network hosts.
Antivirus for Linux? Are you kidding with me? Isn’t Linux secure from viruses? many new users of Linux are thinking those questions right..! I am telling you don’t be hesitate to see this title. Keep eye on this whole article and you can get all your answers.
First of all, Linux is the most stable and secure operating system than all other operating systems. Theoretically its possible to create viruses for Linux OS, but in practically its almost impossible to attack Linux machine through a virus. So here questions is why I use antivirus for Linux machine? For your better understanding, I am giving you some reasons:
Very often System Admins need to restrict users’ access to the system and they try to deploy various mechanism. Chroot jailed environment is the most popular method to restrict and control the access to the system. But manually setting up a chroot environemt is not easy. Jailkit is a set of utilities to limit user accounts to specific files using chroot.
As claimed by the developer, jailkit is known to be used in network security appliances from several leading IT security firms, internet servers from several large enterprise organizations, internet servers from internet service providers, as well as many smaller companies and private users that need to secure cvs, sftp, shell or daemon processes. In this article we will show you how you can setup your Linux system with jailkit and control your users’ access to the system.
SSH is being used for secured remote connectivity in Linux and UNIX for a very long time. It gives strong encrypted tunnel between SSH server and client. On the other hand RADIUS is generally being used for dial-up authentication and act as a central server for multiple NAS (Network Access Server). There are few cases where you may want to use RADIUS for your SSH authentication instead of using your local /etc/shadow file. For example, if you have multiple Linux servers but you want to manage the authentication from central database. Though there are some other mechanism like NIS or LDAP, still RADIUS is a choice for it’s ease of use and some unique features.
HTTP Server is a web server developed and maintained by The Apache Software Foundation. The stated objective of Apache is to create an open source HTTP server that will run on any modern operating system and hardware. In addition to it’s wide platform support, Apache is also infinitely configurable. LDAP, Lightweight Directory Access Protocol, is an Internet protocol that email and other programs use to look up information from a server. With Apache+LDAP authentication Apache users are stored in LDAP directory is very useful in single sign-on (SSO) authentication on various Apache servers and LDAP directory. In this article we will show how you can configure Apache to authentication users from LDAP directory.
- Working Apache 2.1 or later
- OpenLDAP server, client and other libraries and utilities.
Below yum commands may help you to install them if you don’t have them ready. If you don’t have yum you can use similar commands (e.g. apt-get) to install them.
One of the most important things in every organization that should be properly implemented is security policy. Today, there is many threats can be used to violate business and gain information for abusing activities. There are many ways for attacking your internal corporate network. One of most often used is using your internal mail organization to compromise your network. Unsecured corporate mail infrastructure offers possibility for unattended attacks and inserting malware software as viruses, trojans, backdoors and other in your organization.
Secure Exchange infrastructure
Securing mail infrastructure is one of the most important tasks should be done by administrators. This article describes best security practices for2007 organization. More practices are applied, less potential security threats for your organization exist.
Companies and organizations often have many applications for internal use. For almost all of that there is need for user authentication during login process. In most cases user and password combination is unique application in which users are logging. Users have to remember or keep all this password and usernames which can be difficult for handling. In that case mechanism known as Single Sign On (SSO) enables easier management with users credentials.
SSO is a software mechanism that enables using one username/password combination for set of applications in which SSO is applied. Example for SSO can be using windows domain credentials for logging in applications used in company. For that authentication mechanism windows Domain Controller (DC) is needed. When logs in application, user credentials are passed to domain controller, authentication is performed and user is allowed access to application. This authentication is applied when user logs to Windows after system boot.
Certificate authentication is one the most secure authentication methods today used. Use of private/public key pair along with associated certificate enables establishing authenticated and encrypted communication channels between communication peers. There are many situations in which communication should be strongly secured such as VPN access, access to web sites for payment, online banking and many others.
In windows, for storing certificates needed for authentication there is certificate store in which all certificates are placed. To open this store click Start, type mmc in the Search Programs and Files box and press ENTER. Then go to file menu and click Add/Remove snap-in. When Add/Remove snap-in window opens choose certificates, click Add and choose account for which you want to manage certificates.
Web administrators may require to protect certain pages from unwanted visitors. Web developer uses some hard-coded authentication (not a good one, though) or SQL-based authentication mechanism to identify the visitor of the pages. Most of the modern application believes on it’s own strength to authenticate the users than allowingor Web Server do the job. But still Web Server’s mechanism to authenticate users are still widely used and can consider as a quick interim solution when situation demands. So, here we will describe to new System Administrators how they can easily configure Apache to protect certain folders from unwanted visitors. Just follow below steps and you are done with the process. For more information please see the bottom of this article.
If you want simple, free and easy to use software for protecting your PC from security threats, Microsoft Security Essentials and Windows defender is right solution. There was a huge demand from Microsoft Windows users to have a complete security solution in-built with Windows Operation System. Finally Microsoft came up with a very robust solution for its customers. May be from now Virus Makers and Antivirus Makers will think differently.
Windows defender is actually windows component used to protect your system from unwanted and spy sofware. It is easy to use, has simple notifications and has no significant impact on computer performances. It offers two methods for protection: real time scanning and sheduled scanning which user can initiate in any moment. Real time scanning enables notifications in case of unwanted software installation in any time. Sheduled scanning enables threating of unwanted spy software existing on computer.