public marks

PUBLIC MARKS from lecyborg with tag security

March 2008

Jabber Openfire Server

by 2 others
Openfire (formerly Wildfire) is a real time collaboration (RTC) server dual-licensed under the Open Source GPL and commercially. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance.

February 2008

Installer et configurer OpenVPN sur Debian 4.0 Etch

OpenVPN est un logiciel permettant de créer des réseaux privés virtuels sans utiliser des technologies telles que PPtP (Microsoft) ou IPSec. Il est de plus disponibles sur de nombreux systèmes d'exploitation (Microsoft Windows, GNU / Linux, MacOS X, ...). C'est une solution simple pour gérer un réseau privé virtuel composé de machines hétéroclites dans un environnement n'autorisant pas IPSec.

January 2008

Integrating amavisd-new Into Postfix For Spam- And Virus-Scanning

by 1 other
This article shows how to integrate amavisd-new into a Postfix mail server for spam- and virus-scanning. amavisd-new is a high-performance interface between MTAs such as Postfix and content checkers: virus scanners, and/or SpamAssassin. We will use ClamAV for virus scanning and SpamAssassin for spam scanning in this tutorial. I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!


This software helps you add a little more security to your desktop. It does so by detecting one of your bluetooth devices, most likely your mobile phone, and keeping track of its distance. If you move away from your computer and the distance is above a certain level (no measurement in meters is possible) for a given time, it automatically locks your desktop (or starts any other shell command you want).

December 2007

PHP Login script

by 2 others
If you're looking for a serious script to manage your users then you're at the right place. Built with security in mind and packed with dozens of features, our PHP login script is the right solution for every webmaster looking to take his website to the next level. Trust us, we've stayed (and we still do for early versions) open-source long enough to learn what people really need.


freeSSHd, like it's name says, is a free implementation of an SSH server. It provides strong encryption and authentication over insecure networks like Internet. Users can open remote console or even access their remote files thanks to buit-in SFTP server.

November 2007

Data Encryption

Gestion du cryptage des données avec Bacula.

SSH-Agent Tutorial

by 1 other
Security is best when it is handy. ssh-agent is pretty darn handy. Ssh-agent can authenticate you to a remote machine via keypairs, rather than the traditional hand-typed username/password combination, with no loss of security.

Certificat SSL client apache

SSL côté client Pour accéder à ce serveur, le client devra posséder un certificat authentifié par (c'est à dire signé ou crypté par la clé privée de) l'autorité de certification choisie. Pour produire un tel certificat au format PKCS#12

Howto crack (or hack) a wireless network with Wired Equivalent Privacy (WEP)

WEP was intended to provide comparable confidentiality to a traditional wired network (in particular it does not protect users of the network from each other), hence the name. Several serious weaknesses were identified by cryptanalysts — any WEP key can be cracked with readily available software in two minutes or less — and WEP was superseded by Wi-Fi Protected Access (WPA) in 2003, and then by the full IEEE 802.11i standard (also known as WPA2) in 2004. Despite the weaknesses, WEP provides a level of security that can deter casual snooping

How to Install Openvpn

The purpose of this document is to describe how to install OpenVPN server on an Ubuntu Linux system and have it utilize an Ethernet bridge to access your local network. Ethernet bridges essentially allow the operating system to treat multiple network interfaces as one combined port. When used with OpenVPN a bridge will allow you to easily connect external users to your internal network and have them receive all traffic as though they were locally connected. The alternative is to use OpenVPN with a route but that will not allow some forms of traffic through (such as multicast), multicast traffic is important to me as many games require multicast data.

IPtables log analizer

IPTables log analizer (TODO : find a nice name for it) displays Linux 2.4 iptables logs (rejected, acepted, masqueraded packets...) in a nice HTML page (it support rough netfilter logs but also Shorewall and Suse Firewall logs). This page shall be easy to read and understand to reduce the manual analysis time. This page containts statistics on packets and links to more detailled information on a given host, port, domain and so on.

firewall Eyes : iptables log analysis tool

Firewall Eyes est un outil d'analyse de logs en temps réel pour le pare-feu iptables. Grâce à une interface Web, vous visualisez et supervisez simplement et efficacement l'activité réseau traversant votre firewall. Vous détectez aisément les activités suspectes et ajustez votre politique de sécurité.

October 2007

Running eBox on debian sarge

by 2 others
This article shows how to run a file-, print-, HTTP proxy- DHCP-, and time server for small and medium enterprises (SME) on one single Debian Sarge system. It is very easy to set up, and management is done with an easy-to-use web interface called eBox so once the system is set up, you can forget about the command line. eBox was developed to administrate advanced services for corporate networks, and it was created for Debian Sarge. I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

The perfect start with Smoothwall Express 3.0

Smoothwall Express is an internet firewall, which allows you to protect your network, as well as providing NAT functionality. It is ease to use and configurable via a web-based GUI. This open source firewall distribution requires absolutely no knowledge of Linux to install or use. This workshop shows the installation and basic configuration of the current release Smoothwall Express 3.0.

Firewall et sécurisation d'un réseau personnel sous Linux

by 1 other
Ce document a pour but d'expliquer les rudiments de la sécurité d'une machine Linux placée dans un réseau local (typiquement une maison on un appartement), reliée à Internet. Il est tout particulièrement destiné aux utilisateurs néophytes, ou n'ayant pas ou peu de connaissance sur la sécurité informatique en général, et sous Linux en particulier.

June 2007

Pinholes, DMZ et ipcop

Thread de forum décrivant le fonctionnement des Pinholes sous IPcop

BufferZone - Security Through Virtualization

BufferZone's breakthrough virtualization technology is the ultimate safety net in the anti- spyware and anti-virus arena - it protects you even against new and still unknown threats, while requiring absolutely no signature updates at all. BufferZone's virtualization technology finally solves the conflict between security and usability by “automagically” isolating any program, download, or file from your operating system, thus preventing system corruption, sensitive file loss, and identity theft.


by 2 others
I’m a huge fan of IPCop. It’s a great firewall distro that makes administration a snap using a slick web interface. My goal was to use IPCop and an easy-to-use VPN client to allow access to my LAN while away from home. I ended up going with the ZERINA OpenVPN addon for IPCop and the OpenVPN GUI for Windows.

Howto Roadwarrior | ZERINA - OpenVPN for IPCops

Howto for ZERINA 0.9.0b - ZERINA 0.9.4b This howto will guide you step by step on howto configure the OpenVPN addon, so that you can run an OpenVPN server on your IPCop firewall, so that roadwarrior clients (Win32 in this howto)can reach your lan. This is what we call "hassle free roadwarrior vpn" ;-)

May 2007

Proxy List 1 - Proxy 4 Free - Protect Your Online Privacy!

by 8 others (via)
Proxy 4 Free Surf the Web Carefully - Use Proxy Server!

April 2007

SÉCURITÉ Ssh sans mot de passe

Ou comment se connecter à une machine distante sans avoir à rentrer son mot de passe. Il existe une méthode de configuration plus rapide. Vous pouvez en une seule commande ajouter votre clé dans le fichier `authorized_keys` du serveur distant grâce à `ssh-copy-id`. Pour cela procédez comme suit :

Sandcat Web Application Security

Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization's web server to isolate vulnerabilities and identify security holes. The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities.

Spammer quelqu'un

Permet d'ajouter automatiquement quelqu'un a des listes de spam. Pas très fair play...

lecyborg's TAGS related to tag security

active directory +   aircrack +   amavis +   anonymat +   apache +   backdoor +   backup +   bacula +   bluetooth +   bufferzone +   cain abel +   clamav +   comparatif +   cryptage +   damn vulnerable +   debian +   dmz +   dns +   documentation +   ebox +   firefox +   firewall +   free +   ftp +   fun +   gnome +   hack +   installation +   ipcop +   iptable +   iptables +   jabber +   kerberos +   linux +   logiciel +   mail +   monitoring +   network +   ntlm +   ofuscation +   openfire +   opensource +   openvpn +   password +   php +   phplogin +   pinholes +   proxy +   putty +   samba +   serveur +   smoothwall +   spam +   squid +   ssh +   ssh-agent +   ssl +   subversion +   test +   tor +   tutorial +   ubuntu +   usb +   utile +   virtualization +   vmware +   vnc +   vpn +   web +   whodad +   wifi +   windows +   xen +   zerina +