Archive for the ‘Security’ Category

  • OpenEmm — Mass Mailing ,Compain server

    Thursday, June 17th, 2010

    yum install mysql-server sendmail-cf MySQL-python libxml2 Download Jdk latest version from: wget http://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_Developer-Site/en_US/-/USD/VerifyItem-Start/jdk-6u20-linux- i586.bin?BundledLineItemUUID=Er9IBe.oOf0AAAEoay9bNk7a&OrderID=gddIBe.oe.0AAAEoXi9bNk7a&ProductID=guBIBe.oc_wAAAEnaDJHqPYe&FileName=/jdk-6u20-linux-i586.bin mv jdk-6u20-linux-i586.bin?AuthParam=1272633583_0b435f520fad540d314411f50a185d7a&TicketId=B%2Fw4khmGSVNITB1FPFVTkwPl&GroupName=CDS&FilePath=%2FESD6%2FJSCDL%2Fjdk%2F6u20-b02%2Fjdk-6u20-linux-i586.bin&File=jdk-6u20-linux-i586.bin jdk-6u18-linux-i586.bin Download openemm source file from : http://sourceforge.net/projects/openemm/files/OpenEMM%20software/OpenEMM%206.0.1/OpenEMM-6.0.1-bin.tar.gz/download Create the ‘openemm’ User Create a special group and user for OpenEMM: groupadd openemm useradd -m -g openemm -d /home/openemm -c “OpenEMM 6.x.y” openemm Installation: Sun Java JDK Copy the file [...]

  • Password less ssh login

    Friday, June 11th, 2010

    SSH Login Without Password Using ssh-keygen & ssh-copy-id You can login to a remote Linux server without entering password in 3 simple steps using ssky-keygen and ssh-copy-id ssh-keygen creates the public and private keys. ssh-copy-id copies the local-host’s public key to the remote-host’s authorized_keys file. ssh-copy-id also assigns proper permission to the remote-host’s home, ~/.ssh, [...]

  • Backtracking EMAIL Messages

    Monday, May 10th, 2010

    Introduction:- Tracking email back to its source: Twisted Evil cause i hate spammers… Evil or Very Mad Ask most people how they determine who sent them an email message and the response is almost universally, “By the From line.” Unfortunately this symptomatic of the current confusion among internet users as to where particular messages come [...]

  • Enabling SNMP Traps and Informs

    Sunday, April 11th, 2010

    Problem You want the router to generate SNMP traps or informs in response to various network events. Solution The following configuration commands will enable your router to send unsolicited SNMP traps to a network management server: Router#configure terminal Enter configuration commands, one per line.  End with CNTL/Z. Router(config)#snmp-server enable traps Router(config)#snmp-server host 172.25.1.1 ORATRAP config [...]

  • SSL Configuration in Apache

    Sunday, January 24th, 2010

    Secure Sockets Layer (SSL) enables the HTTP protocol to be secured. This page will show you how to configure SSL in Apache and SquirrelMail. Generate a Private Key Make sure you are logged in as the root user when doing steps below. 1. Generate a pass phrase protected private key using the command below. Provide [...]

  • SQL Injection Attacks

    Sunday, January 24th, 2010

    In this article I’ll attempt to shed some light on this under-documented attack, explaining what an SQL injection attack is and how you can prevent one from occurring within your company. By the end of this article you’ll be able to identify situations where an SQL injection attack may allow unauthorized persons to penetrate your [...]

  • Installing SSL Certificate – Apache 2.x

    Sunday, January 24th, 2010

    Once your SSL certificate has been signed and issued,Go Daddy® will send you an e-mail message that allows you to download the signed certificate and our intermediate certificate bundle, both of which must be installed on your Web site. Note: You must use the provided certificate-download link within three days of receiving the certificate-issuance e-mail [...]

  • IIS Security Checklist

    Sunday, January 24th, 2010

    IIS Security Checklist  There are several ways to enhance the security of computer publishing information on an intranet or the Internet. If you have concerns about the security of your system, review this checklist to determine if aspects of your security could be improved. Windows Security  The security features in IIS are built upon those [...]

  • Checklist Websecurity

    Sunday, January 24th, 2010

    1. Disable TRACE and TRACK in the main scope of httpd.conf 2. Disable directory listing or Path Traversal on Apache 3. Disable following options in the httpd.conf file UseCanonicalName Off ServerSignature Off HostnameLookups Off ServerTokens Prod 4. Disable the weaker SSLv2 protocol and to enable the stronger TLSv1 protocol 5. Disabling Undesirable Options in php.ini [...]

  • Apache Web Security

    Sunday, January 24th, 2010

    Robots and Spiders Some hits to your web site will come from programs called robots. Some of these gather data for search engines and are also called spiders. A well-behaved robot is supposed to read and obey the robots.txt file in your site’s home directory. This file tells it which files and directories may be [...]