Sécurité

FacebookTwitter
http://kevin.deldycke.com/2011/06/configuring-fail2ban-debian-squeeze/ This always start with a package installation: $ aptitude install fail2ban Then I simply create a local configuration file where I’ll put all my custom config:

Configuring Fail2Ban on Debian Squeeze | Kevin Deldycke

Installer et configurer Apache 2 sur Debian — Biapy Help Desk

Apache est un serveur HTTP très répandu. Il est reconnu pour sa modularité et le grand nombre de ses configurations possibles. http://howto.biapy.com/fr/debian-gnu-linux/serveurs/apache-2/installer-et-configurer-apache-2-sur-debian
If you want to forward e-mail from root to another user, you can usually place a .forward file in root’s home directory and your mail server will take care of the rest: http://rackerhacker.com/2012/01/02/selinux-and-forward-files/

SELinux and .forward files

Règles de base pour sécuriser : mise en place d'un firewall avec IPtables et de règles de filtrage. Ajout de fail2ban et rkhunter. Ces étapes sont à étudier avec soin.

Sécurisation du serveur (SSH, firewall iptables, fail2ban...)

http://www.alsacreations.com/tuto/lire/622-Securite-firewall-iptables.html
Blacklists

Par Korben Cette semaine, j'ai sauvé mon frangin d'un backup et d'une resintall de son Windows... Celui-ci avait simplement oublié son mot de passe.

Cracker le mot de passe de Windows 7 (et XP et Vista)

http://korben.info/trouver-mot-de-passe.html

Using Facebook as a proxy : IHTeam Security Blog

- View HTML page of any website (not internal facebook pages); - GET requests; - Manage cookies; - POST requests; - You must be logged in; http://www.ihteam.net/hacking-news/using-facebook-as-a-proxy/
http://9to5mac.com/2011/11/10/gamers-beware-steams-database-hacked-including-encrypted-credit-card-information-and-passwords/

Gamers beware: Steam’s database hacked, including encrypted credit card information and passwords

<img class="size-full wp-image-108038 aligncenter" style="text-align:0;" title="3b1c3ad627d34a7387f704ee6cffb349" src="http://9to5mac.files.wordpress.com/2011/11/3b1c3ad627d34a7387f704ee6cffb349.jpeg?w=704" alt="" /> Popular game platform Steam , owned by Valve, has been hacked (via PC Gamer) .
De Memodev. La sécurité est primordiale sur un site internet. Il est impératif de comprendre que la sécurité est une mesure, pas une caractéristique. http://www.memodev.com/wiki/S%C3%A9curiser_un_site_Web

Comment bien sécuriser un site Web

http://vincent.bernat.im/fr/blog/2011-dos-ssl-solutions.html

Déni de service SSL : quelles solutions ?

Il y a quelques jours, un groupe de hackers, THC , a mis à disposition un outil permettant de lancer un déni de service contre des serveurs web SSL .

More locks for your SSH door

http://www.ibm.com/developerworks/aix/library/au-moresshlocks/index.html?cmp=dw&cpb=dwaix&ct=dwgra&cr=twitter&ccy=zz&crs=morsshdor My first article about hardening SSH access (see Resources ) considered three methods that are suitable for small operations, such as a home server or a small business with few people requiring remote SSH access: Changing SSH's standard port to an unusual value and reinforcing SSH configuration so that simple-minded attacks just bounce back. Defining a restricted list of users who are allowed to log in using Pluggable Authentication Modules (PAM).

Hardening the Linux server

Before you start In this tutorial, you learn the basics of securing a GNU/Linux server and gain a solid foundation on which to build. About this tutorial
Si les solutions de sécurité se développent, les armes des cybercriminels aussi.

96% des attaques informatiques peuvent être évitées

Netasq

SSH restriction

Introduction SSH ( OpenSSH ) provides a secure encrypted connection to remote hosts. If a user has a valid AIX® account, they then can connect via SSH.
My neighbours are stealing my wireless internet access.

Upside-Down-Ternet

How to secure your wireless network

Wireless networks are a wonderful invention. They give us the ability to easily deploy a complex network of computers without the need to physically wire them up.
IDS

Secure-Webapps

Firewall