Hi Guys,
I created a new Topic called "Information Security Help!!"
Everyone is invited to post their questions related to Information / Network Security.
Maybe:
As Career
As Profession
As Challenge
As Geek
As Help!
As Learner
Etc........
Thanks
Information Security Help!!!
Information Security Help!!!
by securitykid » Thu Nov 15, 2007 10:58 am
SecurityKID-ITdotCOM
Security Every Where! BUT where?
Security Every Where! BUT where?
- securitykid
- Naik
- Posts: 70
- Joined: Sat Oct 20, 2007 5:18 am
by lambda » Thu Nov 15, 2007 1:42 pm
help! my security is insecure!
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
- lambda
- Major General
- Posts: 3451
- Joined: Tue May 27, 2003 7:04 pm
- Location: Lahore
by securitykid » Thu Nov 15, 2007 1:58 pm
Argue with idiots, and you become an idiot. , I like your signature
, I like your signatureSecurityKID-ITdotCOM
Security Every Where! BUT where?
Security Every Where! BUT where?
- securitykid
- Naik
- Posts: 70
- Joined: Sat Oct 20, 2007 5:18 am
by x2oxen » Thu Nov 15, 2007 3:41 pm
Hay bro why dont you go for a catatagory with the name of Information security help! rather than a topic with the hlep of Admin! It will be a better idea so we will be having several posts and topics there to discuss and will not mess up in a sigle post
- x2oxen
- Major General
- Posts: 1114
- Joined: Wed Aug 22, 2007 3:17 pm
- Location: Faisalabad
by securitykid » Thu Nov 15, 2007 4:20 pm
Hmm good idea,
But seems like security is not that favorite, so lets stick with one topic then we will have more
But seems like security is not that favorite
, so lets stick with one topic then we will have moreSecurityKID-ITdotCOM
Security Every Where! BUT where?
Security Every Where! BUT where?
- securitykid
- Naik
- Posts: 70
- Joined: Sat Oct 20, 2007 5:18 am
by x2oxen » Fri Nov 16, 2007 3:39 am
okzz kid! but now a days am very security consciouse due to having alot of attacks on my server! Whenever i look at my server logs i get to see so many unsuccessful ssh tries with so many different names and attacks as well.. Don't have much exposure bout security yet so hope will get alot through this thread! After your reply am gonna ask you real interesting question!
- x2oxen
- Major General
- Posts: 1114
- Joined: Wed Aug 22, 2007 3:17 pm
- Location: Faisalabad
- LinuxFreaK
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
by x2oxen » Fri Nov 16, 2007 6:04 pm
To Security kid & Freak!
What steps should be taken to secure a server(web, cache, mail, dns etc) or any linux machine newly installed with no configuration of firewall.
Suppose i have installed a apache web server on linux with no firewall enabled. So what are the major steps i should be taking to secure that server from any kind of threats atlest more than 90% or you can say 100%
What steps should be taken to secure a server(web, cache, mail, dns etc) or any linux machine newly installed with no configuration of firewall.
Suppose i have installed a apache web server on linux with no firewall enabled. So what are the major steps i should be taking to secure that server from any kind of threats atlest more than 90% or you can say 100%
- x2oxen
- Major General
- Posts: 1114
- Joined: Wed Aug 22, 2007 3:17 pm
- Location: Faisalabad
by sameer666 » Fri Nov 16, 2007 6:33 pm
you should get yourself familiar with different type of attacks, that can be lanuched. try to build up your basic security concepts first, if you already know about them then just keep reading. as a general thumb rule:
1) shutdown all the services you don't use.
2) apply all the patches.
3) google for securing apache/dns/mail, there are many docs online.
and by the way there is no such thing as 100% secure, if some one is patient enough and have the drive he/she will find a way. and if everything all the safety measures are taken, the weakest links are still humans.
http://news.bbc.co.uk/1/hi/programmes/c ... 977134.stm
p.s.
try to ask a directed question which will be more easy to answer than a broad general question
1) shutdown all the services you don't use.
2) apply all the patches.
3) google for securing apache/dns/mail, there are many docs online.
and by the way there is no such thing as 100% secure, if some one is patient enough and have the drive he/she will find a way. and if everything all the safety measures are taken, the weakest links are still humans.
http://news.bbc.co.uk/1/hi/programmes/c ... 977134.stm
p.s.
try to ask a directed question which will be more easy to answer than a broad general question
Novice at heart
- sameer666
- Naik
- Posts: 82
- Joined: Tue Nov 06, 2007 5:31 am
by securitykid » Fri Nov 16, 2007 11:20 pm
Agree with Farrukh,
Agree with Sameer,
BUT question is how many of those google's are written by Pakistanis?, despite enormous talent & knowledge. Are we afraid to share? or we just don't wanted to? BUT still there are some making Pakistan proud.
You will find one here: If you know Juniper Networks one of the leading Security Appliances Company, Please take a look on URL:
http://www.masterofit.net/index.php?filter=deck&cid=1
PS: Leave comments for him after listening to his interview
Back to the question ask by Usman for SSH:
Install a FIREWALL kidding its a pinch of a finger job to fool most of the firewalls
1) First as Sameer said keep your box update mean keep it patched I am sure you know how.
2) Keep the following in mind when you Install / Configure SSH Server:
=> Disable direct root access
Explanation: Disable root(user) access to SSH by this you will safe the server with the vulnerabilities which allows HACKERS to brute force the root password using SSH. You can login with any normal user and then switch to root.
=> Change SSH Port to higher then 7999 example 9000
Explanation: This will help against the Trojans which scans for vulnerable SSH boxes, they usually try with default ports. Also may protect against novice hackers like me
=> Limit access from only specific IPs
Explanation: This will only allow access from specific source IPs that you configured
=> Use strong Password
You may use the software which will create a safe password for you but it will be surely hard to remember, so YOUR CHOICE.
I am sure with above you can achieve maybe 90% still away from 100% (which no one can achieve I agree) but we can close the gap with followings:
Deep Inspection Firewalls
IDS / IPS
Vulnerability Scanners
All above can be achieved using great silly Linux
Thanks
Agree with Sameer,
BUT question is how many of those google's are written by Pakistanis?, despite enormous talent & knowledge. Are we afraid to share? or we just don't wanted to? BUT still there are some making Pakistan proud.
You will find one here: If you know Juniper Networks one of the leading Security Appliances Company, Please take a look on URL:
http://www.masterofit.net/index.php?filter=deck&cid=1
PS: Leave comments for him after listening to his interview
Back to the question ask by Usman for SSH:
Install a FIREWALL
kidding its a pinch of a finger job to fool most of the firewalls
1) First as Sameer said keep your box update mean keep it patched I am sure you know how.
2) Keep the following in mind when you Install / Configure SSH Server:
=> Disable direct root access
Explanation: Disable root(user) access to SSH by this you will safe the server with the vulnerabilities which allows HACKERS to brute force the root password using SSH. You can login with any normal user and then switch to root.
=> Change SSH Port to higher then 7999 example 9000
Explanation: This will help against the Trojans which scans for vulnerable SSH boxes, they usually try with default ports. Also may protect against novice hackers like me
=> Limit access from only specific IPs
Explanation: This will only allow access from specific source IPs that you configured
=> Use strong Password
You may use the software which will create a safe password for you but it will be surely hard to remember, so YOUR CHOICE.
I am sure with above you can achieve maybe 90% still away from 100% (which no one can achieve I agree) but we can close the gap with followings:
Deep Inspection Firewalls
IDS / IPS
Vulnerability Scanners
All above can be achieved using great silly Linux
Thanks
Last edited by securitykid on Fri Nov 16, 2007 11:26 pm, edited 2 times in total.
SecurityKID-ITdotCOM
Security Every Where! BUT where?
Security Every Where! BUT where?
- securitykid
- Naik
- Posts: 70
- Joined: Sat Oct 20, 2007 5:18 am
by securitykid » Fri Nov 16, 2007 11:22 pm
Back to your next question:
You should learn about attacks I agree with my friend's suggestion
Question is are you really sure that you are using all those services?
Thanks
You should learn about attacks I agree with my friend's suggestion
Question is are you really sure that you are using all those services?
Thanks
SecurityKID-ITdotCOM
Security Every Where! BUT where?
Security Every Where! BUT where?
- securitykid
- Naik
- Posts: 70
- Joined: Sat Oct 20, 2007 5:18 am
by x2oxen » Sat Nov 17, 2007 1:13 am
Thanks for your comprehensive reply guys. And one thing more i would like to add up that we should use PGP and Public-Key Cryptography rather than plain passwords for remote logins that will make our systems far away secure than using plain passwords.
Anymore suggessions on that??
Anymore suggessions on that??
Last edited by x2oxen on Sat Nov 17, 2007 6:48 pm, edited 1 time in total.
- x2oxen
- Major General
- Posts: 1114
- Joined: Wed Aug 22, 2007 3:17 pm
- Location: Faisalabad
by x2oxen » Sat Nov 17, 2007 1:15 am
Here is a HOW-TO to make a network more secure
http://www.windowsecurity.com/whitepapers/Linux_Security_HOWTO__Password_Security_and_Encryption.html
http://www.windowsecurity.com/whitepapers/Linux_Security_HOWTO__Password_Security_and_Encryption.html
- x2oxen
- Major General
- Posts: 1114
- Joined: Wed Aug 22, 2007 3:17 pm
- Location: Faisalabad
Who is online
Users browsing this forum: Majestic-12 [Bot] and 0 guests