Security

Simple Server Hardening, Part II

In my last article, I talked about the classic, complicated approach to server hardening you typically will find in many hardening documents and countered it with some specific, simple hardening steps that are much more effective and take a only few minutes.

Flat File Encryption with OpenSSL and GPG

The Pretty Good Privacy (PGP) application, which has long been known as a primary tool for file encryption, commonly focused on email. It has management tools for exchanging credentials with peers and creating secure communication channels over untrusted networks.

smbclient Security for Windows Printing and File Transfer

Microsoft Windows is usually a presence in most computing environments, and UNIX administrators likely will be forced to use resources in Windows networks from time to time. Although many are familiar with the Samba server software, the matching smbclient utility often escapes notice.

Hodge Podge

For every article, I try to write something that is interesting, entertaining, educational and fun. Sometimes I even succeed. Many other times I have some things I'd like to talk about, but there's not enough of it to fill the space. This time, I decided a disjointed hodge podge would be the theme. So let's just have a virtual nerdy talk about stuff, shall we?

Preseeding Full Disk Encryption

Usually I try to write articles that are not aimed at a particular distribution. Although I may give examples assuming a Debian-based distribution, whenever possible, I try to make my instructions applicable to everyone. This is not going to be one of those articles.

Minifree Ltd.'s GNU+Linux Computers

Minifree Ltd.—doing business as "Ministry of Freedom"—exists mainly for reasons Linuxers will like: to make it easier for people to get computers that respect their freedom and privacy, and to provide funding for a meaningful project, called Libreboot.

SSH Communications Security's Universal SSH Key Manager

Today's IAM solutions, warns enterprise cybersecurity expert SSH Communications Security, fail to address fully the requirements of trusted access. Organizations lack an efficient way to manage and govern trusted access credentials and have no visibility into the activities that occur within the secure channels that are created for trusted access operations.

Secret Agent Man

It used to be that only the paranoid among us focused on strict security practices, yet these days, it seems like people are stepping up their games with respect to encryption, password policy and how they approach their computers in general. Although I always have considered myself more inside that paranoid camp than outside of it, I even have found myself stepping up my game lately.

Smoothwall Express

The award-winning Smoothwall Express open-source firewall—designed specifically to be installed and administered by non-experts—continues its forward development march with a new 3.1 release.

Own Your DNS Data

I honestly think most people simply are unaware of how much personal data they leak on a daily basis as they use their computers. Even if they have some inkling along those lines, I still imagine many think of the data they leak only in terms of individual facts, such as their name or where they ate lunch.

Simple Server Hardening

These days, it's more important than ever to tighten up the security on your servers, yet if you were to look at several official hardening guides, they read as though they were written for Red Hat from 2005. That's because they were written for Red Hat in 2005 and updated here and there through the years.

Understanding Firewalld in Multi-Zone Configurations

Stories of compromised servers and data theft fill today's news. It isn't difficult for someone who has read an informative blog post to access a system via a misconfigured service, take advantage of a recently exposed vulnerability or gain control using a stolen password.

ADUPS Android Malware Infects Barnes & Noble

ADUPS is an Android "firmware provisioning" company based out of Shanghai, China. The software specializes both in Big Data collection of Android usage, and hostile app installation and/or firmware control. Google has blacklisted the ADUPS agent in its Android Compatibility Test Suite (CTS).

USMobile, Inc.'s Scrambl3

The special sauce in USMobile, Inc.'s Scrambl3, the mobile app that facilitates "the world's most private calls and messages", is a set of open-source components that create a top-secret-grade VPN, encryption algorithms and internet protocols.

Bruce Nikkel's Practical Forensic Imaging (No Starch Press)

Forensic image acquisition is an important part of the process of after-the-fact incident response and evidence collection. Digital forensic investigators acquire, preserve and manage digital evidence as part of criminal and civil court cases; they examine violations of organizational policy; and they analyze cyber attacks.

FutureVault Inc.'s FutureVault

Though short of Mr Torvalds' aim of world domination, FutureVault, Inc., has set the ambitious goal to "change the way business is done" with its FutureVault digital collaborative vault application.