Security

January 2013 Issue of Linux Journal: Security

Sticky Note of Doom Years ago, I had the brilliant idea that all my users in the finance department should have complex passwords. This made perfect sense to everyone, since dealing with millions of dollars of revenue is something that should be secured. So, the passwords were changed with complexity requirements enforced. I slept better that night knowing our paychecks were no longer secured by passwords like "mustang" or "mrwhiskers".

Tarsnap: On-line Backups for the Truly Paranoid

Storing backups in the cloud requires a level of trust that not everyone is willing to give. While the convenience and low cost of automated, off-site backups is very compelling, the reality of putting personal data in the hands of complete strangers will never sit quite right with some people.

KeePassX: Keeping Your Passwords Safe

For a long time, my password tracking system was quite simplistic: hope I remembered the right passwords for each site or record them in an ordinary word-processor document. Such methods obviously have great flaws. I might have a hard time remembering a password for an infrequently used site, and a word-processor document isn't the most secure place to store passwords.

Hack and / - Password Cracking with GPUs, Part I: the Setup

Bitcoin mining is so last year. Put your expensive GPU to use cracking passwords. When the Bitcoin mining craze hit its peak, I felt the tug to join this new community and make some easy money. I wasn't drawn only by the money; the concepts behind Bitcoin mining intrigued me, in particular the new use of graphics processors (GPUs). With a moderately expensive video card, you could bring in enough money to pay off your initial investment and your electricity bill in a relatively short time.

Advanced Firewall Configurations with ipset

iptables is the user-space tool for configuring firewall rules in the Linux kernel. It is actually a part of the larger netfilter framework. Perhaps because iptables is the most visible part of the netfilter framework, the framework is commonly referred to collectively as iptables. iptables has been the Linux firewall solution since the 2.4 kernel.

Packet Sniffing Basics

Imagine this: you're sitting in your local coffee shop sucking down your morning caffeine fix before heading into the office. You catch up on your work e-mail, you check Facebook and you upload that financial report to your company's FTP server. Overall, it's been a constructive morning. By the time you get to work, there's a whirlwind of chaos throughout the office.

Practice Hacking on Your Home Router

Although it's true that I tend to focus mostly on Linux in systems administration (after all, that is my day job), I've always had a secondary interest in security, whether it's hardening systems, performing forensics on a hacked system, getting root on a pico projector or even trying my hand at finding and exploiting vulnerabilities.

Linux Distro: Tails - You Can Never Be Too Paranoid

Tails is a live media Linux distro designed boot into a highly secure desktop environment. You may remember that we looked at a US government distro with similar aims a few months ago, but Tails is different because it is aimed at the privacy conscious “normal user” rather than government workers.

Back from the Dead: Simple Bash for complex DdoS

If you work for a company with an online presence long enough, you'll deal with it eventually. Someone, out of malice, boredom, pathology, or some combination of all three, will target your company's online presence and resources for attack.

Linux Distribution: Lightweight Portable Security

Lightweight Portable Security is a LiveCD distro designed by the US Department of Defense to function as a secure end node, in other words, a safe environment from which to access the web or a remote desktop host. The focus is on security, and for this reason, it boots from a CD and executes from RAM, providing a web browser, a file manager and a few other small tools.

Security vs. Convenience

Although my intent is not to start the next GNOME/KDE-level war, it seems there must be a happy medium between total desktop insecurity and total desktop unusability. Linux offers so many ways to secure data that it's important to realize it's okay for folks to have different needs and desires. Sure, there are some basic security measures we all should take—things like:

Security Round-up

The January 2009 issue of Linux Journal is all about security. At LinuxJournal.com, searching for the term "security" returns 435 results, which might take some time to wade through. Here are my picks from articles that recently have been popular on-line:

Introduction to Forensics

A break-in can happen to any system administrator. Find out how to use Autopsy and Sleuthkit to hit the ground running on your first forensics project.