Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: firstname.lastname@example.org
Recent Security Enhancements in NetBSD
NetBSD is renowned for its focus on portability, but great care is also given to security. This paper presents the NetBSD philosophy on security, major design decisions, and its current security features. Following the discussion, current and future research is presented to provide a good look at NetBSD's direction.
Analyzing Malicious SSH Login Attempts
Malicious SSH login attempts have been appearing in some administrators' logs for several years. This article takes a new look at the use of honeypots to analyze malicious SSH login attempts and see what can be learned about this activity. The article then offers recommendations on how to secure one's system against these attacks.
After an Exploit: mitigation and remediation
This article describes a few hardening and alerting methods for Unix servers that help block vectors for various attacks, including two web-based application attacks, DNS issues, and the brute-forcing of SSH passwords. The article then looks at steps to take and lessons learned post-compromise.
Zero to IPSec in 4 minutes
This short article looks at how to get a fully functional IPSec VPN up and running between two fresh OpenBSD installations in about four minutes flat.
Chrooted Snort on Solaris
This article discusses the installation and configuration of a chrooted Snort IDS on most versions of Solaris.
Apache 2 with SSL/TLS: Step-by-Step, Part 3
This article concludes our three part series dedicated to configuring Apache 2.0 with SSL/TLS support, for maximum security and optimal performance of SSL based e-commerce transactions.
Apache 2 with SSL/TLS: Step-by-Step, Part 2
Part two of the Apache2 with SSL/TLS series offers mod_ssl recommendations and then discusses three different ways to sign a certificate, including setting up a local Certificate Authority using OpenSSL.
Apache 2 with SSL/TLS: Step-by-Step, Part 1
This article begins a series of three articles dedicated to configuring Apache 2.0 with SSL/TLS support, in order to ensure maximum security and optimal performance of secure web communication. This part introduces key aspects of SSL/TLS and then shows how to compile and configure Apache 2.0 with support for these protocols.
SSH Port Forwarding
In this article we look at SSH Port Forwarding in detail, as it is a very useful but often misunderstood technology. SSH Port Forwarding can be used for secure communications in a myriad of different ways.
SSH and ssh-agent
This article discusses how to take SSH Identity/Pubkey trust relationships to the next level, by using ssh-agent as a keymaster to manage a user's authentication needs automatically.