Today I feel like talking about limiting connections which get made to a server. There are a few ways to do it; some cooler than others. I'd like to feature some open source software while I'm at it.

Today I happened upon this thread which hilariously got closed for good reason. Once you wade through all the crap you'll see some pretty cool posts which explain how to limit incoming connections within a certain time period and other suggestions. I'll point out the most useful related...

Introduction

OpenSSH is a daemon (a "service" in Unix environments) which helps system administrators to manage server remotely.
The SSH daemon is "similar" to "telnet" in the sense that it provides a remote shell for accessing Unix or GNU/Linux systems.
The main difference is that the latter doesn't use encryptation during the session, so it's easily to intercept the content of the communication between two machines (typically a client/server...

[Note: This is a draft version of the post; it'll be revised as soon as possible]

Introduction

In my previous post, I explained you how to configure OpenSSH for improving its security. By the way, if your SSH service is available on the Internet and accessible by any IP address (e.g. You connect your client on the internet with a dynamic IP address and/or you want reach your server from anywhere...), it can be more exposed to brute force attacks! So a new "hardening...

[Note: This is a draft version of the post; it'll be revised as soon as possible]


Introduction - What is a chroot?


"A chroot on Unix operating systems is an operation that changes the apparent disk root directory
for the current running process and its children. A program that is
re-rooted to another directory cannot access or name files outside that
directory, and the directory is called a "chroot jail" or...

Introduction

Last weeks on "System administrators" group on Linkedin, the members talked about how to harden a GNU/Linux web server for an hacking contest.
Because I think it was born an intersting "to do" list about the argument during a post of mine, I have taken the decision to report in this article the ideas and my vision of the problem.

The following words are what I wrote...


Hardening Linux step-by-step
...