Guides | Linuxaria

The Importance of Securing a Linux Web Server

Jan 132013

Today I present a really interesting article by Scott Miller first published on Infosecinstitute.com.

With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

Many risks are possible from a compromise including using the web server into a source of malware, creating a spam-sending relay, a web or TCP proxy, or other malicious activity. The operating system and packages can be fully patched with security updates and the server can still be compromised based purely on a poor security configuration. Security of web applications first begins with configuring the server itself with strict security in mind.

How to easily encrypt a file with GPG on Linux

Guides 8 Responses »

Jan 122013

Today i return to the topic of encryption and security and in particular I’ll show how to simply encrypt a file with GnuPG, this can be really usefull to encrypt a single file where you have your passwords or some personal information that you want to keep safer.

GNU Privacy Guard (GnuPG or GPG) is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP. Current versions of PGP (and Veridis’ Filecrypt) are interoperable with GnuPG and other OpenPGP-compliant systems.

This software is frequently integrated with mail client so it can sign, crypt or do both actions on the mail you send and receive, and now we’ll see how to use it on the command line to encrypt a file.

How to configure postfix as smtp relay for Gmail on Archlinux

Guides, Pills 8 Responses »

Jan 032013

Original article by AlexioBash, posted in Italian on the website http://alexiobash.com.

It can be very convenient, for those who use services such as zoneminder, rtorrent, etc., to have a “Gmail Relay” to send maisl from your Gmail account.
In this guide we will see how to configure postfix to send email with our account [email protected].
The guide is based on ArchLinux, but apart the installation of the packages, the configuration is the same also on other distributions such as Debian or Centos.

Configuring 2 mirrored disks on Ubuntu Linux

Articles, Guides 10 Responses »

Dec 282012

I’ve just recovered 2x 500 GB sata disks from an old installation, so I opened up my new Desktop and connected them to my main Linux machine, these 2 disks have been used for around 3 years on the the other installation, so I prefer to use them in a mirrored configuration, or RAID 1, so everything that is wrote on a disk is copyed automatically also on the the other, and there is no loss of information if 1 of 2 disks broke up.

At the moment I use a Mint 14 XFCE edition, that is totally compatible with Ubuntu 12.10, and in my point of view for some aspects much better, so in this guide I’ll use commands that are compatible for Mint , Ubuntu and Debian, for other distributions you’ll have to search for your packages, but the configurations and commands will be the same.

An introduction to security models in Linux

Articles, Guides 2 Responses »

Dec 262012

Today I’m glad to republish an interesting article of Adrian Stolarski first published on Infosec, a great source of information about security.
It’s a good summary of the different type of security models that you can have in a Linux system, focused on SELinux, and if you are interested in this topic, be sure to take a look also at my Introduction to AppArmor

A task of any operating system is to provide software that strongly increases its security. A lot of programs of this type have been created; some are better than others. What does it look like in terms of Linux? Of course, here we have many more choices when it comes to this type of software, but some software is worth recommending. Some people already know what I mean: SELinux. Why choose this solution? Why do I think it is so different from other software of this type? And the last key question: who really should use it?

This system, as the name suggests is Security Enhanced Linux! So I invite you to read this article and learn about this tool.
Continue reading »