The Slack World, a Slackware related online magazine has published a very good write-up about how to create a chroot environment. Tom Newsom writes in his article: In this document I shall be showing you how you can run, for testing purposes perhaps, two versions of Slackware simultaneously. Both will be fully fledged installs and [...]

The Red Hat Magazine included an excellent tip about how to lock out a user, if it fails to supply a valid password for a pre-defined number of login attempts. This is implemented by making use of the The PAM module pam_tally. This practice serves as a barrier for those, either human or bots, who [...]

This is an excellent article that describes in detail how P2P applications can bypass the firewall and accept incoming data without opening any ports in the firewall configuration. This trick is used by the majority of VoIP software. In this article, the author not only describes how the popular internet telephony software Skype manages to [...]

This is a very interesting article that describes in detail all the required actions a sysadmin should perform in order to effectively remove a user from a Linux system. This checklist mainly focuses on security, covering all aspects of the removal procedure, from the user’s documents to mail aliases, cronjobs, user’s processes etc. Read the [...]

ModSecurity is an Apache module which adds an extra layer of security by analyzing client requests before they are processed by Apache and, furthermore, by analyzing server responses after a request has been processed. This article intends to be a ModSecurity overview and to provide the reader with the basic knowledge about the most important directives. For detailed information refer to the ModSecurity Documentation.

Secure your data in encrypted partitions and removable volumes, or even volumes within a file, using dm-crypt and the flexibility of LUKS. In this article I describe how I encrypted a ZIP diskette and a partition contained in a file.

This article describes how to become your own Certificate Authority (CA) and issue your own server certificates. Be advised that noone else, apart from you, your internal network’s people or your friends, will or should trust this kind of certificates (self-signed). These are intended only for providing secure communication with your own services or for testing purposes.

This article describes in brief how to configure VNC server instances for one or multiple users on a remote machine, how to use VNC to start graphical applications on boot and finally how to enhance security by connecting to the server through encrypted SSH tunnels.

In this article I describe how to configure the SSH server, so that users authenticate using keys, how to generate DSA keys using ssh-keygen, how to configure ssh-agent and finally how to use ssh-add to manage cached passphrases.

This Nautilus BASH script uses clamav to scan the selected files for viruses. It also uses Zenity to display a progress bar and an information dialog with the scan results. It works with multiple files and directories.