Using TLS Encription with Postfix CentOS 6

This tutorial based on CentOS 6.4 Linux Asymmetric encryption uses key pair public and private. With asymmetric encryption we use digital certificates to discover other people public keys. Certificate stores information like Organization name , users email address , department and so on. Before encrypted communication starts one of the party’s sends public certificate to…

Protect CentOS Linux system with SELinux

In many cases users simply turn off SELinux due to lack of understanding of this great security feature provided with every RedHat , CentOS , Fedora and some other Linux distributions. Another popular alternative, available on Novell’s SuSE Linux and Canonical’s Ubuntu platform, is called AppArmor. In this article we will take closer look at…

RPM Repository security for RedHat and CentOS

RPM packages are frequently organized into repositories. Generally, such repositories include groups of packages with different functions. Security is always a concern when downloading packages over the internet. If hacker penetrate the repository, you have no way of knowing which packages are genuine.

How to setup ssh Keys for authentication without password

In this article we will take a look at how to setup authentication with ssh keys. In our example we have Server names s1 and workstation named w1. Our goal is to setup secure ssh authentication without password. This considered to be a more secure way plus it comes really handy when you need to…

Basic ClamAV installation on CentOS 7 and CentOS 6

ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. ClamAV includes a multi-threaded scanner daemon, command line utilities for on demand file scanning and automatic signature updates. It is one of the most popular virus scanner that run on CentOS and RedHat and here is very simple quick…

Deploy IPTABLES with NAT and SURICATA IDS on CentOS 7

IPTABLES with NAT and SURICATA IDS on CentOS 7 In this how to we will look into setting up perimeter firewall on the budget. We will make sure IPTABLES forwards all packets to NFQUEUE for scanning. Nat rules will also be setup to forward packets to internal network from outside. 1. Enable routing vi /etc/sysctl.conf…

How to find php script that sends mail from your linux system

We run into a problem where customers Linux vm was sending a lot of unwanted messages. In order to troubleshoot this problem we did 2 things. Instructions below are for CentOS 6 and 7 but will also work on other distributions with minor configuration changes. Option 1

Running OSSEC client on web server

OSSEC is amazing tool and helps you be more secure by notifying you of any potential problems. However when it comes to monitoring web servers some additional configuration is necessary to get it working properly. In this quick write up we will look into making changes to default configuration when OSSEC running on web server.

Installing OSSEC 2.8.3 on CentOS 7 Client Server mode

In this how to we will be installing OSSEC Host based intrusion detection system on CentOS 7. We will be using clinet/server deployment which is recomended way to deploy OSSEC on the network where more then one system will be monitored.