≡ Menu

Security

Linux: Turn On TCP SYN Cookie Protection

I am under DoS attack. My cloud based server hosting company asked me to enable TCP SYN cookie protection to save my domain from SYN Attack. How do I turn on TCP Syn cookie protection under Ubuntu or CentOS Linux based server?
[click to continue…]

Linux Iptables Setup Firewall For a Web Server

I have setup an Apache web server on CentOS Linux. How do I configure firewall to allow or block access? How do I setup firewall for a web server under RHEL or CentOS Linux v6.x?
[click to continue…]

OpenBSD: Configure Network Interface As A Bridge / Network Switch

I have Soekris single board communication embedded computers which is optimized for low power and network usage. The server has four Ethernet ports. How do I setup IPv4 software bridge using OpenBSD operating systems so that the rest of four ports act as a network switch?
[click to continue…]

Ubuntu Linux: Disable Apparmor For Specific Profile / Service Such As Mysqld Server

AppArmor ("Application Armor") is a security module for the Linux kernel and integrated into both kernel and Ubuntu Linux. How do I disable AppArmor protection for mysql profile / service under Ubuntu or Novell Suse Enterprise Linux?
[click to continue…]

tar and rsync: Archive and Preserve SELinux Contexts, Extended Attributes, And ACLs

How do I use tar and rsync command that can preserve the ACLs, extended attributes and SELinux contexts under CentOS / RHEL / Fedora Linux server while making backups?
[click to continue…]

Linux / UNIX: Encrypt Backup Tape Using Tar & OpenSSL

How do I make sure only authorized person access my backups stored on the tape drives (DAT, DLT, LTO-4 etc) under Linux or UNIX operating systems? How do I backup /array22/vol4/home/ to /dev/rmt/5mn or /dev/st0 in encrypted mode?
[click to continue…]

Nginx Block And Deny IP Address OR Network Subnets

How do I block or deny access based on the host name or IP address of the client visiting website under nginx web server?
[click to continue…]

Linux Default Services Which Are Enabled at Boot

Can you provide a guidance on default CentOS / Fedora / RHEL / Redhat enterprise Linux services which are enabled at boot time by a default? Can you provide set of recommendations for all default services and which to keep for performance and security and which to turn off?
[click to continue…]

CentOS / Redhat: Turn On SELinux Protection

SELinux enforces the idea that programs should be limited in what files they can access and what actions they can take. However, by default it is turned off under RHEL / CentOS 5.x server? How do I turn it on? How can I enable SELinux on CentOS / RHEL 6 IBM server?
[click to continue…]

Linux: Create /tmp And Mount as Partition File With the noexec, nosuid, And nodev

How do I mount /tmp as a separate filesystem (/root/images/tmpfile.bin) with the noexec,nosuid, nodev options under Linux like operating systems?
[click to continue…]