Security

Latest Article:

Checking a server’s SSH host fingerprint with the web console

Before you dismiss that error message about your server’s SSH host key changing, follow this simple procedure to make sure all is as it should be.

The security of your slice should be an ongoing concern, starting with its initial setup and continuing through application deployment and beyond. The Internet is a wild, unruly place, but fortunately there are tools out there to help you keep intruders in check.

The articles in this section will explain some of those tools and give you pointers on topics like hardening your slice, detecting intrusion attempts, and analyzing a compromised slice.

Best Practices

Secure FTP Transfers: Using FTP to transfer files to and from your Slice can cause issues with security - let's look at SFTP as a safe and secure method.


Checking a server’s SSH host fingerprint with the web console: Before you dismiss that error message about your server’s SSH host key changing, follow this simple procedure to make sure all is as it should be.


Prevention

Installing and configuring fail2ban: Let's look at installing and configuring fail2ban which can help in securing our Slice from multiple login attempts.


iptables

Introducing iptables part 1: This article provides an overview of how to understand the Linux kernel firewall for ipv4 using iptables and the Filter table. It is intended for beginners to intermediate linux users and provides an insight on basic configuration concepts.

Introducing iptables part 2: This article continues our introduction to iptables, focusing on syntax, adding and deleting rules.

Introducing iptables part 3: The third part of our introduction to iptables wraps things up by looking at launch at startup configurations and useful examples.


Detection

Capturing packets with tcpdump: Tcpdump is a powerful network debugging tool which can be used for intercepting and displaying packets on a network interface.


Scanning for rootkits with chkrootkit: Regular scanning of your Slice is an important part of being a sysadmin. Automated scans are even better.

Scanning for rootkits with rkhunter: Continuing the rootkit scan of our Slice, we can get even stronger results by using rkhunter as well as chkrootkit.

Scanning for rootkits with Rootcheck: Continuing the rootkit scan of our Slice, we strengthify our results even more by using Rootcheck along with other rootkit detection tools.


Recovery

Security Checks During Possible Compromise - Part 1: There are some basic tools you can use to check your slice if you suspect it's been compromised by an intruder.

Security Checks During Possible Compromise - Part 2: Continuing the examination of a potentially compromised slice, this article discusses using the Slice Manager's rescue mode to take a closer look at your system.

Please feel free to request articles or comment with any suggestions or ideas of your own.

Jered