System Administration
|
|
- Lynn Clarke
- 6 years ago
- Views:
Transcription
1 System Administration CSE598K/CSE545 - Advanced Network Security Luke St.Clair - Spring
2 Why do we care? This is probably the most important thing you can learn to secure systems? The idea to learn a couple practical things learn some tools to learn more 2
3 How to get in... ssh - secure shell rhosts - it s great! I want that..rhosts - list of users that can log in ssh remotehost command - simply run a command on a remote host (useful for scripts) server not installed on Ubuntu by default (no open ports!) 3
4 Garage door opener Open the door easier let s just say who can access we ll do it by what people have.ssh/authorized_keys ssh-keygen -t dsa - we ll make some keys 4
5 Giving out keys We made keys, now each host just has to make a list of what keys are okay Who needs to know this? scp your.ssh/id_dsa.pub (or similar) to your VM scp.ssh/id_dsa.pub :~/coriakin-key.pub ssh cat ~/coriakin-key.pub >> ~/.ssh/ authorized_keys 5
6 Shortcomings of SSH pairwise keys - gets annoying it s really too many for me to use everywhere You have to trust where your host key is You just forget things MitM how do you check host key? ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub 6
7 It can be a little easier 7
8 Being privileged sudo - superuser do there s no root user! sudo visudo - you can see what the policy is your policy says anyone in the group admin can do anything, if they put their password in note that you had to sudo to change sudoers, the file that controls sudo policy 8
9 Let s get some $\/\/33t w@r3z What if there was a way to install things as long as you know what sort of thing you want? What if you could update everything with a command? 9
10 WINDOWS UPDATE!!?!?!? WINDOWS UPDATE!!!!!! Rulz! roflcopter. 10
11 Aptitude Basic Principles aptitude update - refreshes the list of what exists - practically, do this before you do things aptitude search - look in the whole repository for matches to your search terms (even descriptions!) aptitude install <package name> - installs a package. You have to type the name right aptitude (safe full)-upgrade - upgrade all your packages, safely, or fully 11
12 Let s get a Desktop Some packages are meta packages, which are just shorthand for listing tons of packages let s aptitude install apache2 installs, basically configures, and starts apache2 then aptitude install xubuntu-desktop, which will install a full desktop system, and tightvncserver 12
13 Visit your website Point your browserz at your ip address You ve been hax0r3d! Apache HTTP Server Test powered by CentOS Apache 2 Test powered by CentOS This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read this page it means that the Apache HTTP server installed at this site is working properly. If you are a member of the general public: The fact that you are seeing this page indicates that the website you just visited is either experiencing problems or is undergoing routine maintenance. If you would like to let the administrators of this website know that you've seen this page instead of the page you expected, you should send them . In general, mail sent to the name "webmaster" and directed to the website's domain should reach the appropriate person. If you are the website administrator: You may now add content to the directory /var/www/html/. Note that until you do so, people visiting your website will see this page and not your content. To prevent this page from ever being used, follow the instructions in the file /etc/httpd/conf.d/welcome.conf. You are free to use the images below on Apache and CentOS Linux powered HTTP servers. Thanks for using Apache and CentOS! For example, if you experienced problems while visiting you should send to "webmaster@example.com". About CentOS: The Community ENTerprise Operating System (CentOS) is an Enterprise-class Linux Distribution derived from sources freely provided to the public by a prominent North American Enterprise Linux vendor. CentOS conforms fully with the upstream vendors redistribution policy and aims to be 100% binary compatible. (CentOS mainly changes packages to remove upstream vendor branding and artwork.) The CentOS Project is the organization that builds CentOS. For information on CentOS please visit the CentOS website. Note: CentOS is an Operating System and it is used to power this website; however, the webserver is owned by the domain owner and not the CentOS Project. If you have issues with the content of this site, contact the owner of the domain, not the CentOS project. 1 of 2 1/30/08 3:54 PM 13
14 Alternately... 14
15 init.d Nearly every service that would run in the background (apache, ssh, etc) has a script that controls it instead of trying to figure out which process (ps aux) does what, and how to start/stop the process correctly (not kill!), just ask they all start/stop/restart - restart is always a safe bet you d do this if you change the config of a running program let s restart apache sudo /etc/init.d/apache restart (remember to tab complete!) 15
16 VNC this is all easier on the command line... but some stuff isn t (adding users w/ adduser, adding users to groups with usermod -G group user) so we want a desktop, which runs on a remote system, but that we see on our local system 16
17 Tunneling To get this, we have to tunnel our data Clever firewall admins don t let VNC through ssh -L 5900:firsthost:5901 -TN secondhost forwards local port 5900 to port 5901 on firsthost via secondhost - remember this description set up a tunnel from port 5900 on your machine, to 5901 on your VM, via your VM 17
18 All that s left is to connect... Have to start a server on the remote host this is per-user: vncserver :1 set a password On your local host, point your VNC viewer at yourself (remember, 5900, the VNC port gets tunneled to a remote party via someone s ssh service), password is your VNC password, NOT ssh password You ll be prompted for your VNC password if you didn t put it in already 18
19 Ugly Desktop See help.ubuntu.com/community/vncoverssh basically, just put something in your.vnc/xstartup wget put it in your.vnc file in your home directory 19
20 Where to get more help Ubuntuforums.org - by far the best source IRC - lots of noise to signal ratio - irc.freenode.org, #ubuntu wiki.ubuntu.org 20
21 Certificate creation Let s make a certificate Don t try to remember this, just look it up Make a CA: openssl genrsa -des3 -out cakey.key 4096 openssl req -new -x509 -days 365 -key cakey.key -out cacert.crt Create server key, request, sign openssl rsa -des3 -out server.key 4096 openssl req -new -key server.key -out server.csr openssl x509 -req -days 365 -in server.csr -CA cacert.crt -CAkey cakey.key -set_serial 01 server.crt this avoids reissuing the same certificate 21
22 Setting up Apache sudo a2enmod ssl (enables the SSL module) add to /etc/apache2/sites-available/default, right under virtualhost: SSLEngine on SSLProtocol all SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key In /usr/share/doc/ directory, allow all Order allow, deny Allow all 22
23 Firewalls There are so many ways to do this 23
24 GUIs, or G-U-I s Let s make a firewall, simple-style You can do all of these things with iptables, and there are many good tutorials 24
25 Basic settings Setup pokes some holes in the firewall your ethernet device may be different - there should only be one to choose from anyway 25
26 Policy Play around with this. Firewall your website s port 80, to stop normal http connections (this is not really the best way to do this, but whatever) Don t forget to Apply policy once you create it Browse port 80 and check logs 26
27 IPsec set up rules for when we want ipsec first, add #!/usr/sbin/setkey -f flush; spdflush; to the top of the file - this gets rid of stuff before spdadd any -P in ipsec esp/transport// require; packets from.21 to.20 incoming match this rule - require ipsec spdadd any -P out ipsec esp/ transport//require packets from.20 to.21 outgoing match this rule what does spdadd any -P in... do? 27
28 Racoon This is the program that listens for connections get racoon.conf from tools/config/racoon put it in /etc/racoon.conf Let s look through it... 28
29 Racoon.conf remote anonymous applies this to everything alternative is to configure by ip addr, as in comments proposal is what you propose - other side picks here we only propose one hash, one encryption, and we only auth by pre-shared key, not certs dh_group defines diffie-hellman group - don t worry about this 29
30 SA in racoon.conf Defines how long your connection is good for Defines what encryption you support That s it! 30
31 What did we miss? 31
32 psk Fill in /etc/racoon/psk.txt mine is Try to ping my machine ( ) note the delay or failure sudo setkey -F, sudo setkey -FP should show you something, if you want to check errors or just see what s happening if this doesn t work /etc/init.d/racoon stop, sudo racoon -f /etc/racoon/racoon.conf, and we can see what happens 32
LAB :: Secure HTTP traffic using Secure Sockets Layer (SSL) Certificate
LAB :: Secure HTTP traffic using Secure Sockets Layer (SSL) Certificate In this example we are using apnictraining.net as domain name. # super user command. $ normal user command. N replace with your group
More informationExpedition. Hardening Guide Version Palo Alto Networks, Inc.
Expedition Hardening Guide Version 1.0 1 Palo Alto Networks, Inc. www.paloaltonetworks.com 2018 Palo Alto Networks, Inc. Palo Alto Networks is a registered trademark of Palo Alto Networks. You can find
More information2. Installing OpenBiblio 1.0 on a Windows computer
Table of Contents Installing OpenBiblio 1. System requirements... 1 2. Installing OpenBiblio 1.0 on a Windows computer... 1 2.1. Install prerequisite software... 1 2.2. Install OpenBiblio... 2 2.3. Using
More informationPublic-Key Infrastructure (PKI) Lab
SEED Labs PKI Lab 1 Public-Key Infrastructure (PKI) Lab Copyright 2018 Wenliang Du, Syracuse University. The development of this document was partially funded by the National Science Foundation under Award
More informationBitnami Pimcore for Huawei Enterprise Cloud
Bitnami Pimcore for Huawei Enterprise Cloud Description Pimcore is the open source platform for managing digital experiences. It is the consolidated platform for web content management, product information
More informationBitnami Coppermine for Huawei Enterprise Cloud
Bitnami Coppermine for Huawei Enterprise Cloud Description Coppermine is a multi-purpose, full-featured web picture gallery. It includes user management, private galleries, automatic thumbnail creation,
More informationBitnami Dolibarr for Huawei Enterprise Cloud
Bitnami Dolibarr for Huawei Enterprise Cloud Description Dolibarr is an open source, free software package for small and medium companies, foundations or freelancers. It includes different features for
More informationBitnami ProcessMaker Community Edition for Huawei Enterprise Cloud
Bitnami ProcessMaker Community Edition for Huawei Enterprise Cloud Description ProcessMaker is an easy-to-use, open source workflow automation and Business Process Management platform, designed so Business
More informationBitnami Tiny Tiny RSS for Huawei Enterprise Cloud
Bitnami Tiny Tiny RSS for Huawei Enterprise Cloud Description Tiny Tiny RSS is an open source web-based news feed (RSS/Atom) reader and aggregator, designed to allow you to read news from any location,
More informationClient Authenticated SSL Server Setup Guide for Apache Webservers
1 of 18 PROTECTID Client Authenticated SSL Server Setup Guide for Apache Webservers Document: MK UM 02180405 01 ProtectIDclientAuthSSLsetupApache.doc 2 of 18 Copyright 2005 Sentry Project Management All
More informationBitnami ez Publish for Huawei Enterprise Cloud
Bitnami ez Publish for Huawei Enterprise Cloud Description ez Publish is an Enterprise Content Management platform with an easy to use Web Content Management System. It includes role-based multi-user access,
More informationWe want to install putty, an ssh client on the laptops. In the web browser goto:
We want to install putty, an ssh client on the laptops. In the web browser goto: www.chiark.greenend.org.uk/~sgtatham/putty/download.html Under Alternative binary files grab 32 bit putty.exe and put it
More informationBitnami TestLink for Huawei Enterprise Cloud
Bitnami TestLink for Huawei Enterprise Cloud Description TestLink is test management software that facilitates software quality assurance. It offers support for test cases, test suites, test plans, test
More informationSSL, Credit Card Transactions. CS174 Chris Pollett Nov. 5, 2007.
SSL, Credit Card Transactions CS174 Chris Pollett Nov. 5, 2007. Outline HTTPS and the Secure Socket Layer Credit Card Transactions HTTPS and the Secure Socket Layer When we use HTTP to browse the web,
More informationBitnami Piwik for Huawei Enterprise Cloud
Bitnami Piwik for Huawei Enterprise Cloud Description Piwik is a real time web analytics software program. It provides detailed reports on website visitors: the search engines and keywords they used, the
More informationشرکت توسعه ارتباطات پردیس پارس. owncloud. The last file sharing platform you'll ever need
شرکت توسعه ارتباطات پردیس پارس owncloud The last file sharing platform you'll ever need. Explore the Features: Click Sync and Share Your Data, with Ease A Safe Home for All Your Data Your Data is Where
More informationSterling Secure Proxy Version 3 FTP Adapter Configuration with SSL. ProFTP SSL Certificate creation with openssl
Sterling Secure Proxy Version 3 FTP Adapter Configuration with SSL The SSP configuration has been tested with the following components. SSP 3 on Windows 2003 ProFTP Version 1.2.10 on Red Hat ES 4 Lftp
More informationThe Internet Security Protocol, IPsec, incorporates security for network transmission
17 Internet Protocol Security: IPsec The Internet Security Protocol, IPsec, incorporates security for network transmission into the Internet Protocol (IP) directly. IPsec is integrated into the new IPv6
More informationL.A.M.P. Stack Part I
L.A.M.P. Stack Part I By George Beatty and Matt Frantz This lab will cover the basic installation and some configuration of a LAMP stack on a Ubuntu virtual box. Students will download and install the
More informationUbuntu Practice and Configuration Post Installation Exercises interlab at AIT Bangkok, Thailand
Ubuntu Practice and Configuration Post Installation Exercises interlab at AIT Bangkok, Thailand 1. Get used to using sudo 2. Create an inst account 3. Learn how to install software 4. Update /etc/apt/sources.list
More informationRemote GUI access to a Linux computer using Tightvnc
Remote GUI access to a Linux computer using Tightvnc The command line is a great way to manage a remote Linux computer if you don't mind typing in commands, but sometimes you need to be able to view a
More informationBitnami ERPNext for Huawei Enterprise Cloud
Bitnami ERPNext for Huawei Enterprise Cloud Description ERPNext is an open source, web based application that helps small and medium sized business manage their accounting, inventory, sales, purchase,
More informationTo remotely use the tools in the CADE lab, do the following:
To remotely use the tools in the CADE lab, do the following: Windows: PUTTY: Putty happens to be the easiest ssh client to use since it requires no installation. You can download it at: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
More informationSecure Communications Over a Network
Secure Communications Over a Network Course: MITS:5400G Proffessor: Dr. Xiaodong Lin By: Geoff Vaughan 100309160 March 20th 2012 Abstract The purpose of this experiment is to transmit an encrypted message
More informationTwiki Installation Notes. Ned Brush 4/13/06. Everything is left as is (default settings) unless specified below. Distribution: RHEL 4
Twiki Installation Notes Ned Brush 4/13/06 Everything is left as is (default settings) unless specified below. Distribution: RHEL 4 1) Here are some good references to follow during the installation: a.
More informationBitnami Mantis for Huawei Enterprise Cloud
Bitnami Mantis for Huawei Enterprise Cloud Description Mantis is a complete bug-tracking system that includes role-based access controls, changelog support, built-in reporting and more. A mobile client
More informationBitnami Open Atrium for Huawei Enterprise Cloud
Bitnami Open Atrium for Huawei Enterprise Cloud Description Open Atrium is designed to help teams collaborate by providing an intranet platform that includes a blog, a wiki, a calendar, a to do list, a
More informationBitnami Phabricator for Huawei Enterprise Cloud
Bitnami Phabricator for Huawei Enterprise Cloud IMPORTANT: Phabricator requires you to access the application using a specific domain. This domain is the public IP address for the cloud server. Description
More informationBitnami OSQA for Huawei Enterprise Cloud
Bitnami OSQA for Huawei Enterprise Cloud Description OSQA is a question and answer system that helps manage and grow online communities similar to Stack Overflow. First steps with the Bitnami OSQA Stack
More informationBitnami JFrog Artifactory for Huawei Enterprise Cloud
Bitnami JFrog Artifactory for Huawei Enterprise Cloud Description JFrog Artifactory is a Binary Repository Manager for Maven, Ivy, Gradle modules, etc. Integrates with CI servers for fully traceable builds.
More informationExercises Basics of Web Security Experiential Learning Workshop
Exercises Basics of Web Security Experiential Learning Workshop 1 General Guidelines 1. Make a team of two unless stated otherwise. 2. For each exercise, use wireshark capture to verify contents 3. Ensure
More informationSome Ubuntu Practice...
Some Ubuntu Practice... SANOG 10 August 29 New Delhi, India 1. Get used to using sudo 2. Create an inst account 3. Learn how to install software 4. Install gcc and make 5. Learn how to control services
More information1 Installation (briefly)
Jumpstart Linux Bo Waggoner Updated: 2014-09-15 Abstract A basic, rapid tutorial on Linux and its command line for the absolute beginner. Prerequisites: a computer on which to install, a DVD and/or USB
More informationSetting up a Chaincoin Masternode
Setting up a Chaincoin Masternode Introduction So you want to set up your own Chaincoin Masternode? You ve come to the right place! These instructions are correct as of April, 2017, and relate to version
More informationGetting Started with the VQE Startup Configuration Utility
CHAPTER 2 Getting Started with the VQE Startup Configuration Utility This chapter explains how to use the Cisco VQE Startup Configuration Utility to perform the initial configuration tasks needed to get
More informationSetting up the Apache Web Server
1 Setting up the Apache Web Server The Apache Web Server (Hyper Text Transfer Protocol) is the most popular web server available. The project gained popularity with Linux in the 1990 s as they teamed up
More informationGetting Started with the VQE Startup Configuration Utility
CHAPTER 2 Getting Started with the VQE Startup Configuration Utility This chapter explains how to use the Cisco VQE Startup Configuration Utility to perform the initial configuration tasks needed to get
More informationBitnami OroCRM for Huawei Enterprise Cloud
Bitnami OroCRM for Huawei Enterprise Cloud Description OroCRM is a flexible open-source CRM application. OroCRM supports your business no matter the vertical. If you are a traditional B2B company, franchise,
More informationBitnami Trac for Huawei Enterprise Cloud
Bitnami Trac for Huawei Enterprise Cloud Description Trac is an enhanced wiki and issue tracking system for software development projects. It provides interfaces to Subversion and Git, an integrated Wiki
More informationAn internal CA that is part of your IT infrastructure, like a Microsoft Windows CA
Purpose This document will describe how to setup to use SSL/TLS to provide encrypted connections to the. This document can also be used as an initial point for troubleshooting SSL/TLS connections. Target
More informationThe Wonderful World of Services VINCE
The Wonderful World of Services VINCE Agenda definitions services for Windows and Linux breaks? auditing Linux logs for Linux useful tools Goals develop a better understanding of Linux and Windows services
More informationLinux Home Lab Environment
Environment Introduction Welcome! The best way to learn for most IT people is to actually do it, so that s the goal of this selfpaced lab workbook. The skills outlined here will begin to prepare you for
More informationSetting up VPS on Ovh public cloud and installing lamp server on Ubuntu instance
Setting up VPS on Ovh public cloud and installing lamp server on Ubuntu instance What is OVH Public Cloud Public Cloud Instances provides a choice of two types of virtual machines: the RAM instances are
More informationBitnami Spree for Huawei Enterprise Cloud
Bitnami Spree for Huawei Enterprise Cloud Description Spree is an e-commerce platform that was designed to make customization and upgrades as simple as possible. It includes support for product variants,
More informationGateDefender Performa updates from a local Web server
GateDefender Performa updates from a local Web server Copyright notice Panda Security 2008. All rights reserved. Neither the documents nor the programs that you may access may be copied, reproduced, translated
More informationHANDS UP IF YOU DON T HAVE A VM OR IF YOU DON T REMEMBER YOUR PASSWORDS. Or something broke
HANDS UP IF YOU DON T HAVE A VM OR IF YOU DON T REMEMBER YOUR PASSWORDS Or something broke Securing your VM 101 Getting Comfy in Linux -> Comfort ++ You After This Talk Quick recap from last week. Setup
More informationInstalling idenprotect server on RHEL 6 or CentOS 6. idenprotect Ltd.
Installing idenprotect server 1.2.0 on RHEL 6 or CentOS 6 idenprotect Ltd. Version 1.2.0, August 10th, 2017 Table of Contents Before Starting............................................................................
More informationBitnami Re:dash for Huawei Enterprise Cloud
Bitnami Re:dash for Huawei Enterprise Cloud Description Re:dash is an open source data visualization and collaboration tool. It was designed to allow fast and easy access to billions of records in all
More informationPost Ubuntu Install Exercises
Post Ubuntu Install Exercises PacNOG 3 June 18 Rarotonga, Cook Islands 1. Get used to using sudo 2. Create an ainst account 3. Learn how to install software 4. Install gcc and make 5. Learn how to control
More informationHow to Stay Safe on Public Wi-Fi Networks
How to Stay Safe on Public Wi-Fi Networks Starbucks is now offering free Wi-Fi to all customers at every location. Whether you re clicking connect on Starbucks Wi-Fi or some other unsecured, public Wi-Fi
More informationSEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security
SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security Consider 2. Based on DNS, identified the IP address of www.cuhk.edu.hk is 137.189.11.73. 1. Go to http://www.cuhk.edu.hk 3. Forward the
More informationYour Apache ssl.conf in /etc/httpd.conf.d directory has the following SSLCertificate related directives.
If you ever need to use HTTPS or SSL with your website, you will need to have an SSL certificate created, which your Apache web server would use to hand out to the web browsers of the site visitors. The
More informationmobilefish.com Create self signed certificates with Subject Alternative Names
Create self signed certificates with Subject Alternative Names INTRO In this video I will explain how to create a self signed certificate with Subject Alternative Names (SAN). CERTIFICATE WITH SUBJECT
More informationBitnami DokuWiki for Huawei Enterprise Cloud
Bitnami DokuWiki for Huawei Enterprise Cloud Description DokuWiki is a standards-compliant, simple to use wiki optimized for creating documentation. It is targeted at developer teams, workgroups, and small
More informationBitnami Moodle for Huawei Enterprise Cloud
Bitnami Moodle for Huawei Enterprise Cloud Description Moodle is a Course Management System that is designed using sound pedagogical principles to help educators create effective online learning communities.
More informationPractical Magic with SSH. By David F. Skoll Roaring Penguin Software Inc. 1 February
Practical Magic with SSH By David F. Skoll Roaring Penguin Software Inc. 1 February 2001 http://www.roaringpenguin.com dfs@roaringpenguin.com Overview of Presentation Why SSH? Problems with Telnet & Friends
More informationCloud Simulation. Connectivity Guide
Cloud Simulation Connectivity Guide Table of contents 1. Introduction 3 2. OpenVPN 4 Possible Endpoints... 4 2.1.1 Windows... 4 2.1.1.1 Installation 4 2.1.1.2 Connection initiation 4 2.1.2 Linux... 5 2.1.3
More informationMore Security, SSL, Credit Card Transactions. CS174 Chris Pollett Nov. 10, 2008.
More Security, SSL, Credit Card Transactions CS174 Chris Pollett Nov. 10, 2008. Outline Inclusion Attacks SQL Injection Attacks HTTPs Credit Card Transactions Inclusion Attacks One lazy way to control
More informationHow to Secure SSH with Google Two-Factor Authentication
How to Secure SSH with Google Two-Factor Authentication WELL, SINCE IT IS QUITE COMPLEX TO SET UP, WE VE DECIDED TO DEDICATE A WHOLE BLOG TO THAT PARTICULAR STEP! A few weeks ago we took a look at how
More informationInstall some base packages. I recommend following this guide as root on a new VPS or using sudo su, it will make running setup just a touch easier.
Nagios 4 on Ubuntu 16 Install some base packages. I recommend following this guide as root on a new VPS or using sudo su, it will make running setup just a touch easier. apt-get install php-gd build-essential
More informationInstalling an SSL certificate on your server
Installing an SSL certificate on your server Contents Introduction... 2 Preparing your certificate... 2 Installing your Certificate... 3 IIS 8... 3 IIS 7... 7 Apache... 10 Plesk 12... 11 Plesk Onyx...
More informationConfiguring GNS3 for CCNA Security Exam (for Windows) Software Requirements to Run GNS3
Configuring GNS3 for CCNA Security Exam (for Windows) Software Requirements to Run GNS3 From Cisco s website, here are the minimum requirements for CCP 2.7 and CCP 2.8: The following info comes from many
More informationPractical Exercise: Smartcard-based authentication in HTTP
MIECT: Security 2015-16 Practical Exercise: Smartcard-based authentication in HTTP November 24, 2015 Due date: no date Changelog v1.0 - Initial Version. 1 Introduction Smartcards can be used to authenticate
More informationRemote Connection to the Zoo
YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 427: Object-Oriented Programming Handout #3 Professor M. J. Fischer February 2, 2016 1 Introduction Remote Connection to the Zoo The Zoo computers can
More informationSmartCash SmartNode Setup Guide V1.2 Windows 10 13/01/2018 By (Jazz) yoyomonkey Page 1
SmartCash SmartNode Setup Guide v1.2 Date: Introduction Welcome to this step by step guide that will take you through the process of creating your own SmartCash SmartNode. This guide is aimed at the casual
More informationEndian Proxy / Firewall
Endian Proxy / Firewall Created October 27, 2006 by Bruce A. Westbrook Revisions: Introduction This document describes the step by step process of installing and configuring the Endian Firewall, Community
More informationUsing GitHub to Share with SparkFun a
Using GitHub to Share with SparkFun a learn.sparkfun.com tutorial Available online at: http://sfe.io/t52 Contents Introduction Gitting Started Forking a Repository Committing, Pushing and Pulling Syncing
More informationLinux Kung Fu. Ross Ventresca UBNetDef, Fall 2017
Linux Kung Fu Ross Ventresca UBNetDef, Fall 2017 GOTO: https://apps.ubnetdef.org/ What is Linux? Linux generally refers to a group of Unix-like free and open source operating system distributions built
More informationVNS3 Plugins. VSN3:turret WAF Container Guide
VNS3 Plugins VSN3:turret WAF Container Guide Table of Contents Introduction 3 Configurable Default WAF Plugin 7 Customizing Default WAF Plugin 14 Putting it All Together 22 For Developers/ DevOps Approach
More informationVNS3:turret WAF Guide Sept 2015
VNS3:turret WAF Guide Sept 2015 Table of Contents Introduction 3 Configurable Default WAF Plugin 7 Customizing Default WAF Plugin 14 Putting it All Together 22 For Developers / DevOps approach 25 Resources
More informationCryptography. Basic Concept and Applications. Chung-Yi Chi Jun. 26, 2010
Cryptography Basic Concept and Applications Chung-Yi Chi Jun. 26, 2010 Agenda Cryptography Basic Concept Secure Service using OpenSSL PGP and GPG Agenda Cryptography Basic Concept Symmetric-Key Cryptography
More informationCreating a Yubikey MFA Service in AWS
Amazon AWS is a cloud based development environment with a goal to provide many options to companies wishing to leverage the power and convenience of cloud computing within their organisation. In 2013
More informationOrchid Fusion VMS Installation Guide
Orchid Fusion VMS Installation Guide Version 2.4.0 Orchid Fusion VMS Installation Guide v2.4.0 1 C O N T E N T S About the Orchid Fusion VMS Installation Guide 2 Installation 3 Working in Windows 3 Working
More informationLinux Network Administration
Secure Remote Connections with OpenSSH Objective At the conclusion of this module, the student will be able to: Configure the ssh daemon start, stop, and restart sshd 17 January 2005 NETW 111 - SSH 2 SSH
More informationWorking with Ubuntu Linux. Track 2 Workshop June 2010 Pago Pago, American Samoa
Working with Ubuntu Linux Track 2 Workshop June 2010 Pago Pago, American Samoa Assumptions You are comfortable with the following: Core Linux concepts - Shells - Permissions - Graphical user interface
More informationSmartCash SmartNode Setup Guide v1.2. Windows 10. Date: 13/01/2018. By (Jazz) yoyomonkey
SmartCash SmartNode Setup Guide v1.2 Date: Introduction Welcome to this step by step guide that will take you through the process of creating your own SmartCash SmartNode. This guide is aimed at the casual
More informationCS197U: A Hands on Introduction to Unix
CS197U: A Hands on Introduction to Unix Lecture 4: My First Linux System Tian Guo University of Massachusetts Amherst CICS 1 Reminders Assignment 2 was due before class Assignment 3 will be posted soon
More informationFundamentals of Linux Platform Security
Fundamentals of Linux Platform Security Security Training Course Dr. Charles J. Antonelli The University of Michigan 2012 Linux Platform Security Module 9 Application Security Roadmap ssh SSL IPsec & VPNs
More informationApache MySQL PHP PHPAdmin Install
Apache MySQL PHP PHPAdmin Install Installing Apache 2 To only install the apache2 webserver, use any method to install apache2 It requires a restart for it to work sudo /etc/init.d/apache2 restart Checking
More informationDPI-SSL. DPI-SSL Overview
DPI-SSL Document Scope This document describes the DPI-SSL feature available in SonicOS 5.6. This document contains the following sections: DPI-SSL Overview section on page 1 Using DPI-SSL section on page
More informationLinux Introduction to Linux
Linux Introduction to Linux Most computational biologists use either Apple Macs or Linux machines. There are a couple of reasons for this: * Much of the software is free * Many of the tools require a command
More informationHow to integrate CMS Appliance & Wallix AdminBastion
How to integrate CMS Appliance & Wallix AdminBastion Version 1.0 Date 24/04/2012 P 2 Table of Contents 1.0 Introduction... 3 1.1 Context and objective... 3 3.0 CMS Appliance prerequisites... 4 4.0 Certificate
More informationThis documentation can used to generate a request that can be submitted to any of these CA types.
Nagios Core - Configuring SSL/TLS Article Number: 595 Rating: 5/5 from 1 votes Last Updated: Thu, Jul 20, 2017 at 8:09 PM C o nf igur ing S S L/TLS Fo r Na gio s C o r e This KB article describes how to
More informationJackson State University Department of Computer Science CSC / Computer Security Fall 2013 Instructor: Dr. Natarajan Meghanathan
Jackson State University Department of Computer Science CSC 437-01/539-01 Computer Security Fall 2013 Instructor: Dr. Natarajan Meghanathan Lab Project # 2: Running Secure Shell (SSH) Server in a Virtual
More informationMIS Week 7. Operating System Security. Windows Firewalls
MIS 5170 Operating System Security Week 7 Windows Firewalls Tonight s Plan 2 Questions from Last Week Firewalls Review Quiz Questions Review for 1 st test Assignment 3 Overview Spring Break Test 1 Questions
More informationSecure PostgreSQL Deployment
Secure PostgreSQL Deployment PGDay'14 Russia St Petersburg, Russia Magnus Hagander magnus@hagander.net PRODUCTS CONSULTING APPLICATION MANAGEMENT IT OPERATIONS SUPPORT TRAINING Magnus Hagander PostgreSQL
More informationEntrust Connector (econnector) Venafi Trust Protection Platform
Entrust Connector (econnector) For Venafi Trust Protection Platform Installation and Configuration Guide Version 1.0.5 DATE: 17 November 2017 VERSION: 1.0.5 Copyright 2017. All rights reserved Table of
More informationFirewall. Laboratory for the class Computer system security (02KRQ) Politecnico di Torino AA 2018/19 Prof. Antonio Lioy
Firewall Laboratory for the class Computer system security (02KRQ) Politecnico di Torino AA 2018/19 Prof. Antonio Lioy prepared by: Cataldo Basile (cataldo.basile@polito.it) v. 3.1 (06/12/2018) Purpose
More informationTELE301 Lab16 - The Secure Shell
TELE301 Lab16 - The Secure Shell Department of Telecommunications May 7, 2002 Contents 1 Introduction 2 2 OpenSSH 2 3 Replacing Telnet 2 4 Logging in without a password 2 5 SSH Agent 3 5.1 SSH Add..............................
More informationCA Nimsoft Unified Management Portal
CA Nimsoft Unified Management Portal DMZ Guide 7.5 Document Revision History Document Version Date Changes 1.0 March 2014 Initial version for UMP 7.5. Legal Notices This online help system (the "System")
More informationSecuring ArcGIS Services
Federal GIS Conference 2014 February 10 11, 2014 Washington DC Securing ArcGIS Services James Cardona Agenda Security in the context of ArcGIS for Server Background concepts Access Securing web services
More informationFull-mesh IPsec network. 10 Dos and 500 Don ts
Full-mesh IPsec network 10 Dos and 500 Don ts $ whoami Fran Garcia SRE @hostedgraphite Break fast and move things Absolutely no networking/cryptography background No, seriously, totally unqualified to
More informationInformation for Domain Admin & Web Admin. Version v 2.0
Information for Domain Admin & Web Admin Version v 2.0 Copyright 2008 Precise-ITC, Inc. All rights reserved. Information for Domain Admin and Web Admin.doc v2.0 2008 Precise-ITC, Inc. All rights reserved
More informationUsing RDP with Azure Linux Virtual Machines
Using RDP with Azure Linux Virtual Machines 1. Create a Linux Virtual Machine with Azure portal Create SSH key pair 1. Install Ubuntu Bash shell by downloading and running bash.exe file as administrator.
More informationStats of Web Server types
APACHE HTTP SERVER About Apache Apache http server project http://httpd.apache.org Apache foundation started to support the web server project, but now extends to a multitude of other projects. Stats of
More informationLinux crash lecture by Andrey Lukyanenko
Linux crash lecture by Andrey Lukyanenko T-110.5102 Laboratory Works in Networking and Security 20.1.2015 Otaniemi based on material of Miika Komu, 2013 Traversing Directories cd Change Directory Change
More informationAT&T Cloud Web Security Service
AT&T Cloud Web Security Service Troubleshooting Guide Table of Contents 1 Summary... 3 2 Explicit Proxy Access Method... 4 2.1 Explicit Proxy Flow Diagram... 4 3 Proxy Forwarding Access Method... 6 3.1
More informationMISP2 installation and configuration guide. Version 2.12
MISP2 installation and configuration guide Version 2.12 Contents Contents... 2 1. Introduction... 3 2. Environment requirements... 3 3. MISP2 Installation... 3 3.1. Updating the MISP2 package list... 3
More informationCustomizing DAZ Studio
Customizing DAZ Studio This tutorial covers from the beginning customization options such as setting tabs to the more advanced options such as setting hot keys and altering the menu layout. Introduction:
More informationLaunch Store. University
Launch Store University Store Settings In this lesson, you will learn about: Completing your Store Profile Down for maintenance, physical dimensions and SEO settings Display and image settings Time zone,
More information