Encrypting home folder on Ubuntu or Linux mint

In this example we will encrypt home directory for user user1. This procedure should work on any Ubuntu system or similar platform like Linux mint. We will need to have administrator user besides user1 to complete the encryption. 1. Create admin user user2 2. Install necessary software if its not yes installed sudo apt-get install…

Using TLS Encription with Postfix CentOS 6

This tutorial based on CentOS 6.4 Linux Asymmetric encryption uses key pair public and private. With asymmetric encryption we use digital certificates to discover other people public keys. Certificate stores information like Organization name , users email address , department and so on. Before encrypted communication starts one of the party’s sends public certificate to…

Protect CentOS Linux system with SELinux

In many cases users simply turn off SELinux due to lack of understanding of this great security feature provided with every RedHat , CentOS , Fedora and some other Linux distributions. Another popular alternative, available on Novell’s SuSE Linux and Canonical’s Ubuntu platform, is called AppArmor. In this article we will take closer look at…

RPM Repository security for RedHat and CentOS

RPM packages are frequently organized into repositories. Generally, such repositories include groups of packages with different functions. Security is always a concern when downloading packages over the internet. If hacker penetrate the repository, you have no way of knowing which packages are genuine.

How to setup ssh Keys for authentication without password

In this article we will take a look at how to setup authentication with ssh keys. In our example we have Server names s1 and workstation named w1. Our goal is to setup secure ssh authentication without password. This considered to be a more secure way plus it comes really handy when you need to…

Basic ClamAV installation on CentOS 7 and CentOS 6

ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. ClamAV includes a multi-threaded scanner daemon, command line utilities for on demand file scanning and automatic signature updates. It is one of the most popular virus scanner that run on CentOS and RedHat and here is very simple quick…

Deploy IPTABLES with NAT and SURICATA IDS on CentOS 7

IPTABLES with NAT and SURICATA IDS on CentOS 7 In this how to we will look into setting up perimeter firewall on the budget. We will make sure IPTABLES forwards all packets to NFQUEUE for scanning. Nat rules will also be setup to forward packets to internal network from outside. 1. Enable routing vi /etc/sysctl.conf…

How to find php script that sends mail from your linux system

We run into a problem where customers Linux vm was sending a lot of unwanted messages. In order to troubleshoot this problem we did 2 things. Instructions below are for CentOS 6 and 7 but will also work on other distributions with minor configuration changes. Option 1

Running OSSEC client on web server

OSSEC is amazing tool and helps you be more secure by notifying you of any potential problems. However when it comes to monitoring web servers some additional configuration is necessary to get it working properly. In this quick write up we will look into making changes to default configuration when OSSEC running on web server.