How to secure your Linux environment with Nitrokey USB smart card

With the mounting online security risks, simple one-step security no longer suffices, and people resort to multiple layers of security to thwart increasingly sophisticated attacks on their digital assets and online privacy. An advanced form of security defense often employed in financial sectors and other corporate environments is hardware-based protection, where a tamper-proof physical security […]
Continue reading…

 

How to secure BGP sessions using authentication on Quagga

The BGP protocol runs over TCP, and as such, it inherits all the vulnerabilities of a TCP connection. For example, within a BGP session, an attacker may impersonate a legitimate BGP neighbor, and convince the BGP routers on the other end to share their routing information with the attacker. The problem occurs when the attacker […]
Continue reading…

 

How to set up two-factor authentication for SSH login on Linux

With many high-profile password leaks nowadays, there is a lot of buzz in the industry on “multi-factor” authentication. In a multi-factor authentication system, users are required to go through two distinct authentication procedures: providing something they know (e.g., username/password), and leveraging something they have “physical” access to (e.g., one-time passcode generated by their mobile phone). […]
Continue reading…

 

How to set up Samba as a Primary Domain Controller

A domain controller is a server which groups multiple computers to centralize their authentication system. When you are using a domain controller, you don’t login to your computer, but instead login to the domain controller. Every authentication request is handled by the Primary Domain Controller (PDC). Usually you hear about PDC using a Windows based […]
Continue reading…

 

How to enable user authentication for a Postfix SMTP server with SASL

Every mail server administrator dreads his or her server becoming compromised by spammers. A lot of effort, time and even money is spent on securing mail servers and making sure that the servers do not become open relay. To combat against spambots in an SMTP server, Postfix in general uses the mynetworks parameter to specify […]
Continue reading…