http://netvouz.com/falko?feed=rss&pg=22 falko's bookmarks on Netvouz http://www.howtoforge.com/how-to-password-protect-directories-with-mod_auth_mysql-on-apache2-debian-squeeze This guide explains how to password-protect web directories (with users from a MySQL database) with mod_auth_mysql on Apache2 on a Debian Squeeze server. It is an alternative to the plain-text password files provided by mod_auth and allows you to use normal SQL syntax to create/modify delete users. You can also configure mod_auth_mysql to authenticate against an existing MySQL user table. falko Tue, 15 Nov 2011 10:31:33 GMT http://www.howtoforge.com/how-to-patch-bind-to-avoid-cache-poisoning-debian-etch Dan Kaminsky earlier this month announced a massive, multi-vendor issue with DNS that could allow attackers to compromise any name server - clients, too. These two articles explain how you can fix a BIND9 nameserver on Debian Etch and Fedora/CentOS so that it is not vulnerable anymore to DNS cache poisoning. falko Tue, 29 Jul 2008 09:55:44 GMT http://www.howtoforge.com/how-to-run-fully-virtualized-guests-hvm-with-xen-3.2-on-debian-lenny-x86_64 This guide explains how you can set up fully-virtualized guests (HVM) with Xen 3.2 on a Debian Lenny x86_64 host system. HVM stands for HardwareVirtualMachine; to set up such guests, you need a CPU that supports hardware virtualization (Intel VT or AMD-V). Hardware virtualization allows you to install unmodified guest systems (in contrast to paravirtualization where the guest kernel needs to be modified); that way you cannot only virtualize OpenSource operating systems like Linux and BSD, but also closed-source operating systems like Windows where you cannot modify the kernel. falko Sun, 08 Mar 2009 13:39:04 GMT http://www.howtoforge.com/how-to-run-linotp-on-opensuse-12.3-with-postgresql This tutorial describes the installation of LinOTP on OpenSUSE 12.3 using PostgreSQL as a token database. LinOTP is a two factor authentication solution with One Time Passwords. In the following Howto we are showing how to enable SSH authentication with LinOTP. falko Thu, 11 Apr 2013 10:37:07 GMT http://www.howtoforge.com/how-to-run-your-own-dns-servers-primary-and-secondary-with-ispconfig-3-debian-squeeze This tutorial shows how you can run your own DNS servers (primary and secondary) with ISPConfig 3. To do this, you need two servers with two different public IP addresses and with ISPConfig 3 installed. I will use Debian Squeeze for both DNS servers here to demonstrate the base system setup process and ISPConfig 3 installation, but once you have ISPConfig 3 installed on your servers, the configuration inside ISPConfig 3 is identical, no matter what distribution you use. falko Thu, 21 Jul 2011 10:21:10 GMT http://www.howtoforge.com/how-to-save-traffic-with-lighttpds-mod_compress-debian-squeeze In this tutorial I will describe how to configure mod_compress on a Lighttpd web server (on Debian Squeeze). mod_compress allows Lighttpd to compress files and deliver them to clients (e.g. browsers) that can handle compressed content which most modern browsers do. With mod_compress, you can compress HTML, CSS, Javascript, text or XML files to approx. 20 - 30% of their original sizes, thus saving you server traffic and making your modem users happier. falko Thu, 07 Apr 2011 10:54:44 GMT http://www.howtoforge.com/lighttpd_1.4_mod_deflate_debian_etch In this tutorial I will describe how to install and configure mod_deflate on a lighttpd 1.4 web server on Debian Etch. mod_deflate is included by default in lighttpd 1.5, but not in 1.4 where mod_compress is used instead. The advantage of mod_deflate over mod_compress is that it can compress static and dynamic files (such as PHP files), whereas mod_compress can compress static files only. The lighttpd version coming with Debian Etch is 1.4.13, so we have to patch it to support mod_deflate. mod_deflate allows lighttpd to compress files and deliver them to clients (e.g. browsers) that can handle compressed content which most modern browsers do. With mod_deflate, you can compress HTML, text or XML files to approx. 20 - 30% of their original sizes, thus saving falko Fri, 17 Aug 2007 09:04:21 GMT http://www.howtoforge.com/ssl_vpn_one_time_passcodes_mutual_authentication SSL-based VPNs were designed to eliminate the need for complex configurations on the user's PC. Unfortunately, that was before the dangers of public WiFi networks and tougher regulatory requirements came into being. Thanks to WiFi, many attacks that were difficult are now quite simple. In particular, a man-in-the-middle attack can intercept SSL-encrypted traffic, rendering SSL-based VPNs useless - even if it is protected by a typical one-time password system. The man-in-the-middle can easily feed the one-time password into the SSL-based VPN within the alloted time. falko Mon, 02 Jul 2007 10:04:06 GMT http://www.howtoforge.com/secure_vnc_remote_access_with_two_factor_authentication VNC is the most popular remote access solution today. However, it was developed to provide remote access, not to provide secure remote access. Administrators have to add security to VNC by tunneling it through an encrpyted channel such as SSH and adding a layer of authentication. In this article, we will show you how to combine the NoMachine NX server to encrpyt VNC and remote X session combined with two-factor authentication from WiKID Systems to create a secure, fast remote access solution. falko Wed, 23 May 2007 09:04:47 GMT http://www.howtoforge.com/webdav_with_ssl_and_two_factor_authentication This guide documents how to configure a WebDAV resource using SSL and two-factor authentication and how to access that resource from Windows, Linux and Mac. falko Wed, 18 Apr 2007 11:30:38 GMT