|
add a rule to the firewall
netfilter/iptables is the mostly widely used software to create
firewalls for Linux systems. If you've got one running and you want
to add a rule 'on the fly', use a command similar to the following
/usr/sbin/iptables -I INPUT -p tcp --syn -s X.X.X.X/32 \
--destination-port 22 -j ACCEPT
This lets a particular IP login with SSH, which runs on port 22.
Change the -I to -D to delete a particular rule
To shut a particular IP out of your network, the following rule
will suffice:
/sbin/iptables -I INPUT -p tcp --syn -s X.X.X.X/32 -j DROP
md5 checksums
If you develop software, one way to insure a good measure of
security is by creating md5 checksums for your packages.
First, create the checksum file like so:
md5sum file.tar.gz > file.md5
Then, to check it, run this command:
md5sum -c file.md5
md5sum and passwords
Remembering passwords can be a problem. A password that's easy to remember may be
insecure because it's easily guessed by others. On the other hand, a password that's
virtually impossible to guess, say 'mR5YYt7Q' may also be virtually impossible to remember.
There is a way to have your cake and eat it too, as they say. You can pipe an ordinary
word to 'md5sum' and then pipe to 'cut' to get the result down to the first 8 characters (or more if you want). From now on, all you have to do is remember your special word.
echo Jennifer | md5sum | cut -b 1-8
This will make an 8 character password from the word 'Jennifer'. A couple of important
notes:
- 'Jennifer' with a lower case 'j' or with only one 'N' will give you a different result
(try it and you'll see), so your word must always be the same.
- Though not as insecure as writing your password down, this command will get into
your bash shell history every time you use it. Please take the necessary precautions
if you're sharing you computer with others.
install rkhunter
rkhunter stands for 'root kit hunter'. It's a utility written
in Perl that looks for known root kits, trojans and other malware that
may have ended up on your machine.
It can be downloaded from: http://www.rootkit.nl/. Once you've
downloaded the tarball, installation is fairly straightforward.
Just run the installer.sh script to install it.
The basic syntax is: /usr/local/bin/rkhunter -c --createlogfile
This will create a log file called rkhunter.log in /var/log/
Encryption
basic use of GnuPG
GnuPG is a Free Software version of Phil Zimmerman's famous
PGP (Pretty Good Privacy) program for personal encryption
First, you need to generate a private key
gpg --gen-key
This will ask you some questions. Once you've done this, you
can then work with it.
First you may want to create a public key that you'll give
to your contacts
gpg --export -a --output mykey.asc username
Here's how you encrypt and sign a file:
gpg -sear username file_to_encrypt
Here's how you decrypt an encrypted file:
gpg -d file_to_decrypt
[ return to main tips page ]
| 
![[ Register ]](/images/navbar/register.gif){kind=small}
![[ Applications ]](/images/navbar/applications.gif){kind=small}
![[ Documentation ]](/images/navbar/documentation.gif){kind=small}
![[ Distributions ]](/images/navbar/distributions.gif){kind=small}
![[ Download Info ]](/images/navbar/download.gif){kind=small}
![[ General Info ]](/images/navbar/geninfo.gif){kind=small}
![[ Book Store ]](/images/navbar/bookstore.gif){kind=small}
![[ Courses ]](/images/navbar/courses.gif){kind=small}
![[ News ]](/images/navbar/news.gif){kind=small}
![[ People ]](/images/navbar/people.gif){kind=small}
![[ Hardware ]](/images/navbar/hardware.gif){kind=small}
![[ Vendors ]](/images/navbar/vendors.gif){kind=small}
![[ Projects ]](/images/navbar/projects.gif){kind=small}
![[ Events ]](/images/navbar/events.gif){kind=small}
![[ User Groups ]](/images/navbar/usergroups.gif){kind=small}
![[ User Area ]](/images/navbar/user_area.gif){kind=small}
![[ About Us ]](/images/navbar/aboutus.gif){kind=small}
![[ Home Page ]](/images/navbar/homepage.gif){kind=small}
![[ Advertise ]](/images/navbar/advertise.gif){kind=small}
