Security

Crashplan, the Only Reason I Install Java

I'm the sort of person who doesn't like to install Java. I actually don't like to install Flash either, but it's still tough to survive browsing the Internet without Flash installed. There is one program that makes me break my own rules, however, and that's Crashplan. more>>

January 2013 Issue of Linux Journal: Security

Sticky Note of Doom

Years ago, I had the brilliant idea that all my users in the finance department should have complex passwords. This made perfect sense to everyone, since dealing with millions of dollars of revenue is something that should be secured. So, the passwords were changed with complexity requirements enforced. I slept better that night knowing our paychecks were no longer secured by passwords like "mustang" or "mrwhiskers".

more>>

Tarsnap: On-line Backups for the Truly Paranoid

Storing backups in the cloud requires a level of trust that not everyone is willing to give. While the convenience and low cost of automated, off-site backups is very compelling, the reality of putting personal data in the hands of complete strangers will never sit quite right with some people. more>>

KeePassX Logo

KeePassX: Keeping Your Passwords Safe

For a long time, my password tracking system was quite simplistic: hope I remembered the right passwords for each site or record them in an ordinary word-processor document. Such methods obviously have great flaws. I might have a hard time remembering a password for an infrequently used site, and a word-processor document isn't the most secure place to store passwords. more>>

Hack and / - Password Cracking with GPUs, Part III: Tune Your Attack

You've built the hardware, installed the software and cracked some passwords. Now find out how to fine-tune your attacks. more>>

A Penetration Tester's Toolkit

Ever wonder exactly how vulnerable your network is? Using these tools can give you an idea and provide the means to protect yourself. more>>

Hack and / - Password Cracking with GPUs, Part II: Get Cracking

Your hardware is ready. Now, let's load up some software and get cracking. more>>

Hack and / - Password Cracking with GPUs, Part I: the Setup

Bitcoin mining is so last year. Put your expensive GPU to use cracking passwords.

When the Bitcoin mining craze hit its peak, I felt the tug to join this new community and make some easy money. I wasn't drawn only by the money; the concepts behind Bitcoin mining intrigued me, in particular the new use of graphics processors (GPUs). With a moderately expensive video card, you could bring in enough money to pay off your initial investment and your electricity bill in a relatively short time. more>>

Advanced Firewall Configurations with ipset

iptables is the user-space tool for configuring firewall rules in the Linux kernel. It is actually a part of the larger netfilter framework. Perhaps because iptables is the most visible part of the netfilter framework, the framework is commonly referred to collectively as iptables. iptables has been the Linux firewall solution since the 2.4 kernel. more>>

Hack and / - Forensics with Ext4

Learn from my mistakes as I figure out how to gather forensics data on an ext4 filesystem. more>>

Packet Sniffing Basics

Imagine this: you're sitting in your local coffee shop sucking down your morning caffeine fix before heading into the office. You catch up on your work e-mail, you check Facebook and you upload that financial report to your company's FTP server. Overall, it's been a constructive morning. By the time you get to work, there's a whirlwind of chaos throughout the office. more>>

Paranoid Penguin - DNS Cache Poisoning, Part II: DNSSEC Validation

Configure your DNS server to check zone signatures using DNSSEC. more>>
oauth logo

A Primer to the OAuth Protocol

OAuth uses digital signatures rather than the “Basic” authentication method used by the HTTP protocol. more>>

Linux Distro: Tails - You Can Never Be Too Paranoid

Tails is a live media Linux distro designed boot into a highly secure desktop environment. You may remember that we looked at a US government distro with similar aims a few months ago, but Tails is different because it is aimed at the privacy conscious “normal user” rather than government workers. more>>

Security Monitoring and Enforcement with Cfengine 3

Cfengine is well known as a powerful system configuration management tool, but did you know you also can use it to secure your systems? more>>
Syndicate content