Securing networked services

Hi, I found this reference information. Good for people who wants to get rich knowlege about sysadmin.. (Part 6)

Read:
Part1 - Basics, important sites, HOWTO's, handbooks, hardening, tips
Part2 - Netfilter, firewall, Iptables, Ipchains, DoS, DDoS
Part3 - Intrusion detection, integrity checks: IDS, NIDS, HIDS, Antivirus, software
Part4 - Chroot, chrooting, jailing, comparimization
Part5 - Forensics, recovery, undelete
Part6 - Securing networked services

(Part 6) - Securing networked services

Apache
Web Security Appliance With Apache and mod_security (SF): http://www.securityfocus.com/infocus/1739
Securing Apache Step-by-Step: http://www.securityfocus.com/infocus/1694
Securing apache2: http://www.securityfocus.com/infocus/1786

Suexec
Apache suEXEC Support: http://httpd.apache.org/docs/1.3/suexec.html
HOWTO Install PHP with SuExec: http://gentoo-wiki.com/HOWTO_Install_PHP_with_SuExec
HOWTO Install PHP as CGI with Apache's suEXEC Feature: http://archiv.debianhowto.de/en/php_cgi/c_php_cgi.html
How to set up suexec to work with virtual hosts and PHP (+PHP +public_html patch): http://alain.knaff.lu/howto/PhpSuexec/

Apache modules
Apache mod_security guide: http://www.securityfocus.com/infocus/1739
Secure Your Apache With mod_security: http://www.howtoforge.com/book/print/1375
Apache mod_ssl: http://www.securityfocus.com/infocus/1356
mod_dosevasive: http://www.nuclearelephant.com/projects/dosevasive/
mod_security: http://www.modsecurity.org
mod_security rulesets: http://www.gotroot.com/mod_security+rules
mod_security rule generator: http://leavesrustle.com/tools/modsecurity/

MySQL
Securing MySQL Step-byStep: http://www.securityfocus.com/infocus/1726
Secure MySQL Database Design: http://www.securityfocus.com/infocus/1667
Database Security Explained: http://www.linuxexposed.com/content/view/181/54/
SQL injection attack mitigation: SafeSQL: http://www.phpinsider.com/php/code/SafeSQL/, http://www.webmasterbase.com/article/794
Detect SQL injection attacks: class_sql_inject: http://www.phpclasses.org/browse/package/1341.html

PHP
PHP and the OWASP Top Ten Security Vulnerabilities: http://www.sklar.com/page/article/owasp-top-ten
Top 7 PHP Security Blunders: http://www.sitepoint.com/print/php-security-blunders
PHP Security Guide: http://phpsec.org/projects/guide/ (PHP Security Library: http://phpsec.org/library/)
PHPsec.org Security Guide considered harmful: http://www.hardened-php.net/php_secu...armful.51.html
PHP: Preventing register_global problems: http://www.modsecurity.org/documenta...r-globals.html
Securing PHP Step-by-Step: http://www.securityfocus.com/infocus/1706
PHP Security: http://www.onlamp.com/pub/a/php/2003...undations.html
Security of PHP: http://www.developer.com/lang/article.php/918141 (PHP Foundations: http://www.onlamp.com/pub/ct/29)
Auditing PHP, Part 1: Understanding register_globals: http://www-128.ibm.com/developerworks/library/os-php1/
Hardened PHP: http://www.hardened-php.net
SuPHP: http://www.suphp.org/Home.html
(http://www.phpsecure.info seems outdated)

Checking PHP
phpcksec: http://tools.desire.ch/phpcksec/
CastleCops Analyzer (Nuke only?): http://nukecops.com/

Exploiting Common Vulnerabilities in PHP Applications
http://www.securereality.com.au/studyinscarlet.txt

Security network testing
Nessus: http://www.nessus.org/
Metasploit Framework: http://metasploit.com/projects/Framework/index.html

Application security testing
Open Web Application Security Project (OWASP): http://www.owasp.org/index.php/OWASP...le_of_Contents

Oracle
OScanner: http://www.cqure.net/wp/?page_id=3
OAT (Oracle Auditing Tools): http://www.cqure.net/wp/?page_id=2

Samba
SMBAudit (auditing): http://smbdaudit.sourceforge.net/

BIND
Secure BIND Template Version 5.1 05 JAN 2006: http://www.cymru.com/Documents/secur...-template.html
Securing an Internet Name Server: http://www.securiteam.com/securitynews/5VP0N0U5FU.html
DNS Security and Vulnerabilities: http://www.l0t3k.org/security/docs/dns/

SSH
General remarks:
Do not allow root account logins with ssh
Do use public key authentication
Restrict access if possible sshd_config: AllowGroups,AllowUsers and/or TCP wrappers, firewall, Xinetd entry, PAM ACL.
Stop bruteforcing (in no particular order):
Samhain: Defending against brute force ssh attacks: http://la-samhna.de/library/brutessh.html
Sshblack: http://www.pettingers.org/code/SSHBlack.html
Ssh_access: http://www.undersea.net/seanm/softwa...-access.tar.gz
Sshd_check: http://cerberus.cc/open/scripts/sshd_check.sh
Authfail: http://www.bmk.bz/?p=33
Denyhosts: http://denyhosts.sourceforge.net/
Sshdfilter: http://www.csc.liv.ac.uk/~greg/sshdfilter/
PAM_abl: http://www.hexten.net/sw/pam_abl/index.mhtml
Fail2ban: http://fail2ban.sourceforge.net/
Blockhosts: http://www.aczoom.com/cms/blockhosts/

Original Source: Linuxquestions.org

0 Comments: