I came across this while browsing, has some pretty solid stuff, goes deeper than most basic Linux security guides. It has some good sections like this on protection against fork bombs: Fork bombs are programs that keep creating child processes until system resources are all used, they actually aren’t remote exploits because they require a […]
Linux Hacking
kArp – Linux Kernel Level ARP Hijacking/Spoofing Utility
[ad] Introduction kArp is a linux patch that allows one to implement ARP hijacking in the kernel, but control it easily via userland. You may configure, enable and disable kArp via ProcFS or the sysctl mechanism. kArp is implemented almost on the device driver level. Any ethernet driver (including 802.11 drivers) is supported. The kArp […]
Measuring up the Security Risks for Mac – Are Apple Prepared?
The fact is Windows is getting ripped apart with viruses, spamware, spyware, zombie clients, trojans worms and whatever else you can think of. Mac and Linux aren’t (at the moment), there are already Bluetooth viruses, so why not Linux and Mac.. Some may say it’s because they are inherently more secure, the architecture and user […]
SSL VPNs and OpenVPN – Part IV
4. Brief How-to …. Creating Multiple clients to Single site tunnels. Example of using PKI to create a client-to-site VPN: For a road warrior or roaming/multiple user scenario, static keys based VPNs don’t scale well. You will need to implement a PKI if you have Hub and Spoke architecture of VPN. From the OpenVPN.net website: […]
SSL VPNs and OpenVPN – Part III
3. Brief How-to ….. OpenVPN and Site-to-Site Tunnels. OpenVPN can be implemented either Site-to-site or client-server model. I will take example configurations of both models. If you want to implement site-to-site configuration, the best way is to use static-keys instead of PKI. Using static keys, you can have your VPN tunnel up and running in […]