This page contains guides and documentations for users and system administrators looking for security information.
For System Administrators
- Configuring PAM with libcrack is the best way to avoid having user accounts compromised by ssh scanners. Implementing this will enable your system to prevent users from entering passwords that are easily guessable, by matching the user's new password against anything that could be discovered by Crack. (An additional benefit is that your shadow file is also protected from attackers using Crack, although if they already have your password file, your system has probably been completely compromised already).
- Disable remote root ssh. Direct remote root logins used to be disallowed by default. Now openssh allows them by default. This document shows how to turn the capability off, and explains why.
For Web Site Administrators and Programmers
- Guidelines for web site file and directory permissions. Guidelines for setting directory and file permissions within a web site's document root.
- Guidelines for web application programmers. Guidelines, tips, and caveats every web app programmer should know about.
- Phishing notice. Our advice on avoiding being phished.