-
http://ubuntu-tutorials.com/2007/08/17/7-steps-to-an-encrypted-partition-local-or-removable-disk/
A tutorial on setting up encrypted partitions in Ubuntu Gutsy Gibbon (7.10). Goes into some detail as to what each command does. Useful.
-
http://blog.arnaudlacour.com/2012/11/backing-up-to-usb-drive-when-plugged-in.html
Tutorial on how to set up OSX to automatically backup when a USB drive is plugged in. Neat.
-
http://www.cs.tut.fi/%7Erammer/aide/manual.html
The beginnings of the manual for AIDE (Advanced Intrusion Detection Environment), the free replacement for Tripwire.
-
http://doc.bazaar.canonical.com/bzr.dev/en/user-reference/authentication-help.html
How to save usernames / passwords so bazaar doesn't ask for them every time. Handy.
-
http://www.telmon.org/?p=631
Interesting article including a script that figures out a mapping from unencrypted filenames into ecryptfs encrypted filenames. Potentially useful.
-
http://codesnippets.joyent.com/posts/show/1364
Code snippet to protect .svn / .bzr / CVS directories within apache via the .htaccess file for a single site.
-
http://codesnippets.joyent.com/posts/show/1365
Code snippet to protect .svn / .bzr / CVS directories within apache system wide in the httpd.conf file.
-
https://www.berrange.com/posts/2011/12/18/multi-factor-ssh-authentication-using-yubikey-and-ssh-public-keys-together/
Article on how to use a YubiKey alongside SSH RSA key based login. Bit of a hack, but it appears to work. Nice.
-
http://lastwatchdog.com/driveby-downloads-lurking-8-million-small-ecommerce/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+LastWatchdog+(The+Last+Watchdog)&utm_content=Google+Reader
Interesting article on the dangers of not keeping software patched, particularly with regards to open source content management systems.
-
https://discussions.apple.com/thread/3508926?start=0&tstart=0
Apparently one can secure a mac by issuing the command `sudo pmset -a destroyfvkeyonstandby 1` which tells it to destroy the FileVault keys on standby, whether standby to memory or disk.
-
https://github.com/firnsy/yubipam/#readme
PAM module that allows offline authentication against a yubikey. Requires a key to be retrieved from yubico by sending email plus payment info, etc. Less secure than online validation. Only supports single factor auth, username + token, no password.
-
http://blog.dustinkirkland.com/2010/06/ecryptfs-backup-strategy.html
One strategy to backup encrypted ecryptfs data as suggested by the author of ecryptfs. Useful and simple. Backup the metadata and the raw files with rsync.
-
http://blog.dustinkirkland.com/2011/04/introducing-ecryptfs-recover-private.html
A critical utility for ecryptfs called ecryptfs-recover-private which automates and simplifies the process of recovering encrypted home directory data from Ubuntu.
-
http://users.piuha.net/martti/comp/ubuntu/en/cryptolvm.html
A detailed how-to, including screenshots, on setting up an encrypted LVM in Ubuntu. This approach creates one single encrypted LVM and then multiple partitions within it (as well as an unencrypted boot partition). Easy to follow, useful reading.
-
https://www.cloudflare.com/
loudFlare is an automated CDN / content acceleration type service. It acts as a reverse proxy providing some sort of heuristic security scanning, logging of traffic, and an automatically configured CDN. $15 + $5/site/month.
-
http://tredosoft.com/truecrypt_fedora_7
-
http://raymorgan.net/web-development/how-to-obfuscate-integer-ids/
Interesting article on how to obfuscate integer IDs by creating secure hashes which can be verified. Produces long hashes, but they are tamper proof.
-
http://www.howtoforge.com/how-to-set-up-mysql-database-replication-with-ssl-encryption-on-centos-5.4
Good introduction on setting up mysql replication with SSL encryption. Some of the options have changed in mysql 5.5 (no moremaster-connect-retry) and some settings are not applicable to Ubuntu, but the gist of it is useful.
-
http://lifehacker.com/5643460/how-to-track-and-potentially-recover-your-stolen-laptop-or-android-with-prey
Install this, prey, on phone (and laptop?). It's remote wipe, track, etc software, and it's free up to 3 devices apparently.
-
https://support.mozilla.org/en-US/questions/786035#answer-142961
How to get an SSL client certificate into Firefox on Android. Copy cert9.db and key4.db from phone's SD card Androiddataorg.mozilla.firefoxfilesmozillaprofile.default to dir. Then `pk12util -i file.p12 -d sql:dir`
-
http://www.mindtwist.de/main/linux/5-linux-security/6-how-to-use-one-time-ssh-passwords-on-debianubuntu.html
Very interesting article on how to enable single use password logon for Ubuntu. Requires a thing called opie and a few config file changes. Seems very useful...
-
http://ubuntuforums.org/showthread.php?t=451510
An out of date guide on how to setup scponly and a chrooted scponly. It includes info on a bug (dev/null) which is now fixed, but otherwise it generally applies.
-
http://it.toolbox.com/blogs/securitymonkey/howto-securing-a-website-with-client-ssl-certificates-11500
A wonderful article on how to setup Client SSL authentication. Includes all the openssl commands and apache config variables.
-
http://www.fsckin.com/2008/01/15/howto-setup-and-benchmark-encrypted-partitions-in-ubuntu/
An article on how to create an encrypted volume and then four ways to benchmark encrypted disk performance. Summary, the author estimates a 10% performance cost on a 3.2GHz system, 4Gb memory, no swap.
-
http://learninginlinux.wordpress.com/2008/04/23/installing-ubuntu-804-with-full-disk-encryption/
Walkthrough on setting up Ubuntu Hardy Heron with full disk encryption. Very handy. :)
