Security | Admon Home

Rails security updates for three versions 3.2.13

Posted by joseph on March 19, 2013 · 0 Comment

Rails has announced the availability of 3 news versions today, 3.2.13, 3.1.12, and 2.3.18, these releases contain important security fixes. It is recommended users upgrade as soon as possible.

Filed in: Security

IPFW firewalls setup on Mac OS X

Posted by joseph on January 13, 2013 · 0 Comment

I had occasion recently to try and figure out how to use the builtin firewall to prevent some “bot” from hitting the services running on a Macbook. Mac OS X comes with the FreeBSD firewall program that called IPFW. It’s a very powerful tool and gives you good abilities to manage your [...]

Filed in: Networking, Security

Password-Only Login for SSH and SCP

Posted by joseph on February 23, 2011 · 0 Comment

Public key authentication is very common way when we have to access remote Linux/UNIX servers. Normally, we add the public keys to the authentication agent on local side (e.g. by ssh-add), to simply the login process.

Filed in: Applications, Security

Antispam: Understanding SPF records

Posted by joseph on December 5, 2009 · 2 Comments

Email is an extremely powerful and valuable tool for netizen, but only when used in the right way. As such we fully support measures that aim to defend users from unwanted emails. One way to do this is by participating in the Sender Policy Framework (SPF), which is an open standard method of allowing [...]

Filed in: Security, System Tuning

Prepare the RPM Building Environment

Posted by joseph on November 9, 2009 · 0 Comment

Some days ago, I posted some examples on the common usage of RPM. Now, this post describes a manual preparation of a RPM building environment. With the help of this environment, you can generate upated RPM packages and patch your RPM-based system from source code.

Filed in: Applications, Security

Ubuntu 9.10 Desktop Edition Released

Posted by joseph on October 30, 2009 · 0 Comment

This new release comes with GIMP 2.6, GNOME 2.28/KDE 4.3.2, Mozilla Firefox 3.5, OpenOffice.org 3.1, Linux kernel 2.6.31, X.Org 7.5, and the Empathy Instant Messenger instead of Pidgin. The Ubuntu One client, which interfaces with Canonical’s new online storage system, is installed by default. [...]

Filed in: Reviews, Security

Life Cycle of Redhat Enterprise Linux

Posted by joseph on October 2, 2009 · 1 Comment

The Red Hat Enterprise Linux Life Cycle is designed to reduce the level of change within each major release over time increasing predictability and decreasing maintenance costs. Every major version of Red Hat Enterprise Linux is maintained and supported independently during the life cycle.

Filed in: Security, System Tuning

Clamav: Quick glance and exim integration

Posted by joseph on September 8, 2009 · 0 Comment

Clamav should be the best anti-virus software for linux, it’s widely used and frequently updated for security vulnerabilities. If your server allows some public groups to upload files or serves as mail server, it’s highly recommended to have a good antivirus installed, so that every of the [...]

Filed in: Security, System Tuning

Something about Clickjacking

Posted by joseph on September 8, 2009 · 0 Comment

Let’s watch a youtube video first: Clickjacking As we see that, After playing a simple game, the player’s webcam got clickjacked. Here is another video from Google video, New Zero-Day Browser Exploits -ClickJacking, which will show you a detailed descrtion about ClickJacking.

Filed in: Security

How to Implement P3P HTTP Headers for cross-site cookies

Posted by joseph on September 8, 2009 · 5 Comments

Why I need to make sure to implement P3P if using iframes or using cross-site cookies? The point is that if your application is inside iframe with parent belongs to another domain – cookies will not work for some very common configurations, for example IE 6/7 with privacy set to medium. If cookies [...]

Filed in: Security, System Tuning