Skip to main content

category: Security

Categories
CentOSLinuxProgramsSecuritySoftwareSystem Administration

Evaluating FTP Servers: ProFTPd vs PureFTPd vs vsftpd

Usually, I will try to push clients towards using SCP (via a client such as WinSCP), however inevitably there are clients who do not understand this new method of accessing their files securely online, and who for one reason or another insist on using FTP for their online file access. As they say – the customer is always right?


Categories

The Dirty Little Secret About SSL Certificates

The dirty little secret about SSL certificates is that:

Anyone can become a certificate authority.

The tools to become a certificate authority, and therefore to publish your own SSL certificates, is included in a wide variety of systems – chances are if you have an Ubuntu or CentOS install you already have the capability of becoming an SSL certificate authority via OpenSSL.


Firesheep by Eric Butler has just been released to the world. This Firefox plugin does a few things that have already been fairly easy to do for a while, but rolled up in one easy to use package:

  1. Sniffs data on unencrypted Wireless Networks
  2. Looks for unencrypted login cookies sent to known popular insecure sites
  3. Allows you to login to that account with ‘One Click’

So what sites are impacted by default? Amazon.com, Basecamp, bit.ly, Cisco, CNET, Dropbox, Enom, Evernote, Facebook, Flickr, Github, Google, HackerNews, Harvest, Windows Live, NY Times, Pivotal Tracker, Slicehost, tumblr, Twitter, WordPress, Yahoo, and Yelp are among the few. A plugin system allows anyone to add their own sites (and cookie styles) to the plugin.

Yikes! It goes without saying that this is a major security problem for anyone who uses unencrypted wireless networks. Includes on this list are many universities and companies such as Starbucks.


I’m not trying to say I had anything to do with Google adding two-factor authentication to Google Apps. I’m really not. But on September 9th, MakeUseOf published an article named How To Secure Your Google Apps Account with Two Factor Authentication. In this article, I wrote: All of this brings up the question: why doesn’t […]


It is very easy to create a random file using the linux command line. Much like the command to fill a file with all zeros, for example a 1 Meg file: dd if=/dev/zero of=zero.filename bs=1024 count=1000 You do the same using /dev/urandom: dd if=/dev/urandom of=random.filename bs=1024 count=1000 Resulting in a 1MB file: 1000+0 records in […]


Did you ever have a situation where you needed to access a website that had an IP restriction in place? I recently had a situation where I needed to access the web via my university connection (due to IP restrictions placed on accessing databases of research papers). They do not have a VPN setup so […]


The Remote Desktop connection settings for Windows Server 2008, and I believe Windows Vista, includes 3 levels of service: Don’t allow connections to this computer Allow connections from computers running any version of Remote Desktop (less secure) Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure) At first blush, you […]


It is possible to install Active Directory authentication in Ubuntu 8.04 and later. The Likewise Open packages accomplish this task, and it is actually pretty easy. Just a note – when installing Ubuntu, do not add a user named “administrator” as I did. This makes it impossible to join the Ubuntu workstation to the domain […]


Drupal’s administration login area is not secure by default. Usually there is an option in the configuration area of content management systems to set a secure area for logins, otherwise your username and password are sent in plain text over the internet. Luckily, there is a module which enforces secure login on a Drupal install. […]


We received this Blu-ray player along with a few Blu-Ray DVDs for an anniversary present. The BDP-S301 is the same as the BDP-S300 except it is only sold at wholesale outlets like Costco and Sam’s Club. The S301 also includes an HDMI cable. The Pros: The image looks great. Hands down it is a clean, […]


  • 1
  • 2
  • 3