Ubuntu and Debian Security Applications Review

HTML Ready Article. Click on the "Copy" button to copy into your clipboard.

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN' 'http://www.w3.org/TR/html4/loose.dtd'><html><head><title>Good Info - Article Directory | Ubuntu and Debian Security Applications Review</title></head><body><h3>Ubuntu and Debian Security Applications Review</h3><br /><br /> By: kikaru kung<br><br><p>When reviewing existing security policies a few factors need to be accounted for first. These being performance, stability and overall use of system resources. Use this to see the need for every of your own requirements. Instead of just pushing all of the urged on to a single server. As some applications reviewed are not perpetually entirely interchangeable with the others mentioned. <br />That being said we have a tendency to'll start with Apache the World’s most in style Web Server. <br />Mod Security <br />Without doubt one of my personal favorite Apache modules is Mod Security. Although it will require registration to download and isn't entirely free while not restriction. Mod Security is a useful Net Application firewall that deters heaps of the scum and random bots floating round the Internet today. Per the Mod Security web site over 70% of all attacks allotted on the internet nowadays are done on the net application level. Which is extremely relevant since a single compromised web site can often leak thousands if not lots of thousands of passwords and user credentials in just one compromise. <br /> <div style="text-align: center; border: 1px solid black; width: 468px; margin: 0 auto;"> <span style="font-size: 10px;">[ advertisement ]</span><br /> <script type="text/javascript"><!-- google_ad_client = "ca-pub-9761432834918818"; /* GoodInfoHome 468x60 */ google_ad_slot = "4885279074"; google_ad_width = 468; google_ad_height = 60; //--> </script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script> </div> <br />Professionals <br />Mod Security incorporates a very strict rule-set that is capable of blocking many varieties of net application attacks most of which can be found in the rules kicked off by the OWASP prime 10. <br />Cons <br />The default rules will break functionality of Net applications at first. However it will be fixed if you can notice the offending rules by viewing log files and commenting those rules out. Common things that will happen is that users are unable to login or some other functionality such as a custom search could break. <br />Snort <br />The following terribly interesting application is Snort the commonly known defector standard in intrusion detection. Snorts job is to observe networks while being as lightweight weight as humanly possible. On not consume to many system resources and bog down the users of the systems it could be running on. What very makes snort distinctive but is that it has heritage of being a terribly stable and robust IDS with each open source rule-sets and additional advanced industrial rule-sets which are available via subscription. <br />Pros <br />Light-weight and versatile, Trusted and stable. <br />Cons <br />The free rules on the market have a lot to be desired when compared to the subscription rules. <br />AIDE <br />AIDE the file integrity checker can be used to make hashes of files or directories and may be a generic replacement for the older Linux application trip wire. If an application has been changed without consent a straightforward cross reference via an image disk will reveal insights quickly as to that files might have changed within the process. By providing SHA1 hashes or different algorithms. It's so terribly helpful for analyzing the exact reason behind a vulnerability in the event of a possible intrusion and in several respects will be thought-about a root-kit detector without all the flamboyant bells and whistle like our next application. <br />Professionals <br />Supports custom algorithms and makes up for where trip wire and others once failed. <br />Cons <br />Lack of documentation to properly implement and utilize for fewer experienced users it will be a concept you'll offer up on quickly. (I do not blame you however it's value it.) <br />RKHUNTER <br />Another good Root-kit detector is RKHUNTER and works terribly abundant the same as AIDE but is a lot of specifically a root-kit detector in that it scans all the usual locations where it would make sense for root-kits to hide on a Linux system or where they need traditionally been stored. <br />Execs <br />Very comprehensive and has support for a wide selection of common root-kits. <br />Cons <br />By default on debian and ubuntu it flags a false positive for gawk, awk and a few other directories however I believe this to only be a false positive. <br />FAIL2BAN <br />Fail2Ban helps block out automated and typically brute-force queries by bots or potential attackers over SSH that make too several incorrect log-in attempts. <br />Professionals <br />By automatically banning bots not only do you defend your system from compromise however conjointly facilitate keep performance of the server at a lot of optimal levels. <br />Cons <br />I've locked myself out briefly before by not setting the threshold high enough and forgetting what password I used. So long as you do not do that you should be fine.</p> <br><br> <b>Author Resource:-></b>   <br /> <br />Link : <br /> <br />Barbara K Howard has been writing articles online for nearly 2 years now. Not only does this author specialize in Security , you can also check out his latest website about: <br /> <br /><a href="http://www.portablebabybed.org/">Portable Baby Bed </a>Which reviews and lists the best <br /><a href="http://www.portablebabybed.org/portable-crib-mattress">Portable Crib Mattress</a><br><br><b>Article From</b> <a href='http://www.goodinfohome.com/'>Good Info - Article Directory</a><br></body></html>