Some tricks for apache security

Passwords
I presume you know that having a password like 'Mom' or 'girlfriend' is not a good start for securing your system. I usually prefer passwords with both numerican and alphatbetical characters, plus some extra symbols. This is a good password: ILik3-PeN_gu1nS. Passwords should be complicated as there are a lot of ways someone can get your encrypted password. When we are talking about Linux systems with a webserver, the first thing that comes to my mind are all those numerous buggy CGI scripts that make you get /etc/passwd file from the attacked system. When that is done, a copy of Crack or John The Ripper can be used for cracking the password. Always remember: a good password is harder to crack. If you use some basic word for a password, a good wordlist will make the cracker software spit your en-encrypted password on the screen in no-time.

File transfer and remote logins

Think what software packages should run on your system, and remove the ones that you don't need. If you are thinking about transfering files from and to your system shut the FTPd down. There is far more secure way that does the same - SCP. By quickly checking the man pages for SCP, we get: "scp copies files between hosts on a network. It uses ssh for data transfer, and uses the same authentication and provides the same security as ssh. Unlike rcp, scp will ask for passwords or passphrases if they are needed for authentication."
SCP clients don't have that much good looking GUI frontends, but you can do it all from the shell by using the syntax:
scp Localfile Username@RemoteServer:RemoteFolder
I hope you don't use the Telnet Deamon which usually sits on the port 23. If you do, remove it as SSH is a far better way of remotely doing a login into your system. The big difference between telnet and SSH, is that SSH provides significantly enhanced security for your login situations.It provides an encrypted communications path between two untrusted hosts over a potentially insecure network and thus prevents user's passwords and other sensitive data from being transmitted across the network in clear-text form.

Checking the integrity
While you can use Tripwire or any other similiar solution for checking the integrity of files that reside on your system, there is another way of doing this. To tell you the truth, it is not as powerful, but it is usable. Let's consider this seven liner:
----------------cut-here-------------------
#!/bin/bash
for rpmlist in `rpm -qa | sort`
do
echo " __ $rpmlist __"
rpm -V $rpmlist
done > /tmp/123.out
cat /tmp/123.out | mail -s "RPM Check `date +%T %A %d.%m.%Y`" admin@yoursystem.net
----------------cut-here-------------------
This shell script basically makes a list of RPM files on your system, sorts them in an easily viewable format and verifies them to see what has changed. After that it mails the whole list to the administrative mailbox. Everything can of course be re-configured to suite your needs the best.

Also it would be suitable to add this script in CRON, so you can receive a daily snapshot of the RPM's on your system. In this exaple is starts every day at 10 am.

[admin@pilatus]# crontab -l
# DO NOT EDIT THIS FILE - edit the master and reinstall.
# (/tmp/crontab.1759 installed on Tue Apr 16 16:06:48 2002)
00 10 * * * /usr/local/etc/rpmcheck.sh

Checking the logs
Usually you should periodically check the logs on your system. All the vital things about the current status of your system can be seen from the logs. While manually checking all the files takes some time, and time is precious, there are a few tools that help you automate the process of checking your system logs.
I like to use LogSentry, a freeware product by Psionic Technologies.
As can be seen from the product description: "LogSentry automatically monitors your system logs and mails security violations to you on a periodic basis. It is based on a program that ships with the TIS Gauntlet firewall but has been improved upon in many ways to make it work nicely for normal system auditing."

Read more: http://www.articlesbase.com/security-articles/some-tricks-for-apache-security-2330631.html#ixzz1ALL2BW96
Under Creative Commons License: Attribution

Continue Reading »

Red Hat Certified Security Specialist (RHCSS) in jaipur

GRRAS are leaders in IT training,Linux Certifications,RHCSS RHCA, RHCE,Cisco Certifications-CCNA,CCNP,CCIE with 100% Results.GRRAS is Authorised Training Partner of Redhat Centre, RHCE in jaipur,Linux certifications in jaipur

Red Hat Certified Security Specialist (RHCSS) is a security certification that proves advanced skills in using Red Hat Enterprise Linux, SELinux, and Red Hat Directory Server to meet the security requirements of today’s enterprise environment.

join GRRAS institute for Red Hat Certified Security Specialist (RHCSS) and Red Hat Certified Engineer (RHCE).

* GRRAS is the only institute in jaipur(India) which has first network and security specialists.
* It’s an admiration to be a part of an institute which has best Linux professionals.
* All the GRRAS faculties are technocrats and have much experience of Linux teaching.
* GRRAS provides doubt solving sessions which tend to effective training.
* We became the renowned leader and did set the benchmark for the IT market in training of Linux since the very beginning of our foundation.
* We empower our Linux trainees with unique core competencies for exploiting the untouched jobs in Linux field.

Administering Linux 2.6.x (particularly Red Hat). Installation, initial configuration, using the bash command shell, managing files, managing software, and granting rights to users. DNS, FTP, Apache, send mail, Samba, and other services are covered with live training and full dedication.

Advantage of the COURSE

The Linux Networking & System Administration course provides knowledge and skills for Linux- and/or UNIX- systems administrators who want to build proficiency at configuring common network services and security administration using Linux. This course is updated for building skills on Linux Administration.

you can contact for Red Hat Certified Security Specialist (RHCSS) and Red Hat Certified Engineer (RHCE) batches.

contact detail–
219, Himmat Nagar,Behind Kiran Sweets,
Gopalpura Turn, Tonk Road, Jaipur(Raj.)
Tel: +91-141-3136868, +91- 9887789124, +91-9352767438
Email: info@grras.com

Read more: http://www.articlesbase.com/education-articles/red-hat-certified-security-specialist-rhcss-in-jaipur-1160419.html#ixzz1ALKOxmFu
Under Creative Commons License: Attribution

Continue Reading »

Gnu Operating System

GNU , or in some countries is a computer operating system composed entirely of free software. Its name is a recursive acronym for "GNU's Not Unix!" This name was chosen because GNU's design is Unix-like, but differs from Unix by being free software and containing no Unix code.[3] Development of GNU was initiated by Richard Stallman and was the original focus of the Free Software Foundation (FSF).GNU is developed by the GNU Project, and programs released under the auspices of the project are called GNU packages or GNU programs. Gazeta Shqiptare The system's basic components include the GNU Compiler Collection (GCC), the GNU Binary Utilities (binutils), the bash shell, the GNU C library (glibc), and GNU Core Utilities (coreutils).GNU is in active development. Although nearly all components were completed long ago and have been in production use for a decade or more, its official kernel, GNU Hurd, is incomplete. Thus, the third-party Linux kernel is most commonly used instead. While the Linux kernel was not originally developed for the sake of the GNU project, GNU developers have contributed Linux ports of GNU applications and utilities, which are now also widely used on other operating systems such as BSD variants, Solaris and Mac OS X.The GNU General Public License (GPL), the GNU Lesser General Public License (LGPL), and the GNU Free Documentation License (GFDL) were written for GNU, but are also used by many unrelated projects.

The goal was to bring a wholly free software operating system into existence. Stallman wanted computer users to be "free", as most were in the 1960s and 1970s — free to study the source code of the software they use, free to share the software with other people, free to modify the behaviour of the software, and free to publish their modified versions of the software.

Read more: http://www.articlesbase.com/computers-articles/gnu-operating-system-2046530.html#ixzz1ALK1sqlc
Under Creative Commons License: Attribution

Continue Reading »

The Top Ten Concepts for Linux Beginners - Number 8, Programming Language Support

Damn Small Linux can be an ideal platform for supporting a wide range of programming languages. You can even program directly from the command line via a programming shell such as Bash. Major programming languages used in this environment include C, C++, and Java. If you are developing for the Internet you may want to use PHP, a web programming language and MySQL, a language for database system development. All these programming languages are also available in the Windows environment. So the question arises, why would you want to program under Linux rather than under Windows?
Many web developers and Internet service providers feel that Linux provides a more stable web site environment than does Windows. The most widely used web server, Apache, is available under both these operating systems but its new features, security enhancements, and bug fixes always are made available first on the Open Source (LAMP) version. And then they filter down to the Windows version. At the time of this writing the Windows version of Apache has problems with its cryptographic functions.
While programming languages are essentially the same across these two operating systems, their libraries are quite different. Basically, when you write complicated programs you want to make use of as much prewritten software as possible to reduce your programming and debugging effort. One example is handling the graphical user interface. As programmers often say, why reinvent the wheel? Linux provides a wider choice of libraries and graphical user interface toolkits.
When you program in Linux it is often fairly easy to port your programs to the Windows environment. Unfortunately, the inverse is rarely true. Of course as Linux systems become more popular, you will find more and more Windows-based programming systems that enable you to convert your programs to run under Linux. To do so makes clear economic sense.
Program conversion tools may be fairly difficult to develop. For example, executing programs must access the actual computer hardware. As you may imagine Linux and Windows programs access hardware quite differently. The modules that manage hardware access are called drivers. Linux drivers tend to be of higher quality than Windows drivers.
These two operating systems differ substantially in the way they manage programs during their execution. In other articles we discussed Linux's increased security compared to Windows. We conclude this article by repeating a point that we have often made; you can run Damn Small Linux and its associated applications on very reduced hardware. You can do Linux, PHP, and MySQL development on old computers, ones that may have seemed ready for the garbage heap. In contrast many Windows competitors such as SQL Server Developer Edition require substantially more powerful computers, the kind of computers that people purchase for one or a few thousand dollars. When your programs will be used by dozens of people simultaneously, you will need powerful hardware. Don't forget the operating system; can you guess which one we recommend? Our next subject is the graphical user interface.
Read more: http://www.articlesbase.com/computers-articles/the-top-ten-concepts-for-linux-beginners-number-8-programming-language-support-652795.html#ixzz1ALJfTugE
Under Creative Commons License: Attribution

Continue Reading »

Is Linux really easier than Windows or Mac?

I am a UNIX system administrator and I've written tons of articles related to administration and networking on a UNIX/Linux platform. However, I must admit that if I were not as knowledgeable on the platform, many basic doings on Linux compared to old fashioned Windows would have been tougher to deal with.

To name a few, managing user/groups, networking and in particular wireless setup, dealing with driver issues and of course being in the wild seeking answers from the Linux communities.

It seems the average people are constantly being brainwashed by the Linux community about Linux being the perfect replacement to Windows. Many Linux fanatics go on about how great Linux is and how much it has been improved over the years to be the perfect OS desktop alternative to Windows.

I don't necessarily disagree with them on this but I do think that Linux or Ubuntu in general is still not yet ready for your average grandma or grandpa.

If I were to go ahead and install Ubuntu as their desktop, naturally they'll have a tough time moving around the system because it's design is more complex than Windows. It's less user friendly in many ways and a perfect example for this is if an issue arises such as networking.

On windows, wireless networking is very straightforward and I personally have not had any issue with it and if there are any issues with it, it guides and points the user through a series of steps to check/confirm whether their settings are correct.

On Ubuntu however, if the wireless does not work out of the box, you're in for a big surprise. I've had this issue not once but every time I've installed Ubuntu, it does not detect my wireless network by default.

I was not guided through any helpers or any step by step check/confirm screens to figure out what went wrong. Because I am not an average user, I understand enough about the OS to dive into shell and go through the messages and other related logs on the system. But what would an average user do here? A poor little grandma or grandpa who only knows how to click on a browser!

Do you expect the less tech savvy to pick up Linux OS and start scrolling through messages file to figure out why their wireless interface didn't bother coming up? The point of this article is not to bash Linux/Ubuntu community but instead is to let you know that making Linux sound so simple isn't fair to the rest of world who aren't familiar with it.

They would ask themselves – "If Linux is as simple as they say, why am I having such a hard time getting it to work?!". For this reason, the people who don't get it working feel stupid, it kills their confidence, lowers their self-esteem, they under perform at their jobs and schools and some may even decide to kill themselves.

I know that Linux is a great OS and it's an excellent replacement for many. But when it comes to marketing it and spreading the word, let's just be a little more honest and humble about it. We don't have to say it's easier than Windows or Mac. It's easy but not to everyone in the world.

Read more: http://www.articlesbase.com/operating-systems-articles/is-linux-really-easier-than-windows-or-mac-3537081.html#ixzz1ALJHrSzl
Under Creative Commons License: Attribution

Continue Reading »

Windows Vs LINUX -- Rumble in the Computer

Anyone who is uses computers today will be familiar with Windows and Linux as operating systems. Some prefer Windows because it is extremely easy to use - both hardware and software - and some prefer Linux because it is much more flexible is use; above all it is open source ware and hence it is free. Those who enjoy Linux are totally baffled as to why people would want to pay for something that you can get absolutely free.

Actually there is a simple and logical answer to this question. When the Windows was launched some 20 plus years ago, it caught like wild fire because it was all of a sudden so easy to use and so convenient to install. The best things that it maintained a constant identity - as the product of Windows, while on the other hand Linux went along under many names, such as Knoppix, Mandrake, SuSe, Windows, and so on. With each name (different companies) Linux as an operating system had slight variations. Hence, it was bothersome for people to keep track, and sometime use Linux due to this aspect.

Then comes the inherent difference between these operation systems. Technically speaking, you will find the GUI is optional in the Linux operations system while it is part and parcel of the Windows. The separation of the GUI directly affects the reliability and speed - not to mention efficiency - of a server and hence here Linux scores over the Windows.

Another major difference is in the way these operating systems handle their command prompts. While Windows uses similar command interpreters for its Windows 9x versions, the NT series have a different style but common to each other. Linux on the other hand, being a UNIX version has the capability of handling multiple command interpreters, which can be a boon, though it mostly favors Bourne Again Shell (BASH). The other interpreters that you will find in Linux are C Shell, ash, Korn shell and so on.

The best and most highlighted difference is the price tag attached to the operating systems. Windows is an expensive to say the least, operating system which comes with a copyrighted license, while Linux is free for all, easily downloadable anytime you want it. The downside here is that Linux has instruction which will tell you what to do - which may be why people are indeed reluctant to move away from Windows; though there are a few low cost Linux versions which come with automation and manuals.

Another plus in favor of Linux is the lack of any security requirement. The viruses, spy wares, malawares and what not you have it are all a product of Microsoft, for Windows. Hence, while you have to use high security firewalls with Windows, you are free from any such headaches with Linux.

Lastly, you have the difference of availability of software. The majority of the software that you find on the market are for Windows and they will not run on Linux unless Windows is somewhere configured as a subsystem which actually goes against the reason of using Linux in the first place.

Hence, till a suitable interface is found where Linux can be compatible with Windows without using Windows itself, have a few clear-cut instructions for first time users and sufficient information on its technicalities, people will prefer Windows to Linux, even if they have to pay to use i

Read more: http://www.articlesbase.com/affiliate-programs-articles/windows-vs-linux-rumble-in-the-computer-2675347.html#ixzz1ALIc2z3b
Under Creative Commons License: Attribution

Continue Reading »

Know the System Call : system call in linux

In theory System calls provide the interface between the program (user program current) and the Operating System. System call is to be a bridge between the processes and systems operation. The system call is written in assembly language or high-level language engine control (C).

Example: UNIX provides system calls: read, write is input and output operations to the file.
Know the System Call
Now we will discuss about the system call in linux. As mentioned above that the system call is actually a bridge between the process and the operating system, for example, when if we make a program that can give voice may often known as winamp, then the program should be able to access hardware that acts to produce a sound that is soundcard. How to access the program can not directly communicate with the hardware is concerned, therefore we need a system call. Simply by calling the system call associated with accessing soundcard way, then we create a program that can run. system call itself is a function that is made with C language on the Linux operating system, there are hundreds of system calls with different functions.
To access the system call, there are two ways, first by using a command interpreter or shell which is often known, both through a program created by the language C. Accessing the System Call Through the Linux Shell has some kind of shell, like Cshell, kornshell, BASH, etc.. Here are some shell commands, namely:

• cp: Copy files .
• rm: Delete files .
• mkdir: Make directories .
• ls: Displays information file .
• more: Displays the contents of the file in screen.
• cat: Displays the contents of the file .
• man: Displays documentation .
• mv: Moving files to another directory or rename files .
• cd: Change working directory .
• rmdir: Remove directory .
• touch: Create an empty file.

Read more: http://www.articlesbase.com/operating-systems-articles/know-the-system-call-system-call-in-linux-2911455.html#ixzz1ALI4y2uE
Under Creative Commons License: Attribution

Continue Reading »