Forcing Password Complexity in Red Hat Linux

My requirement was to enforce the password complexity for all the users of my RHEL 5 server (This will works for RHEL 4/5 also). This would be helpful to you also.Password complexity is a set of rules which define what set of characters and how many of each characters must be in a password. My policy...

Read More

Blocking intrusion attempts using authentication module pam_tally2

It is possible to block these intrusions using the authentication module called "pam_tally2". This module maintains a count of attempted accesses, can reset count on success, can deny access if too many attempts fail. By default, pam_tally2 module is already installed on the most of the Linux distributions...

Read More

How to Disable Directory Listings in IIS/Apache

The easiest way to disable directory listing is to create an index file. The name of the index file depends on the web server configuration. On Apache is called index.htm, index.html. On IIS is named default.asp, default.aspx, default.htm. On IIS directory listings are disabled by default. For Apache...

Read More

DoS-ing & Countering Apache Web Link Saturation

Testing your webserver - DoS-ing DoS, or Denial of Service attacks, are nothing new.  The main idea behind a DoS attack is to exhaust a devices resources (be it HTTP, some database backend, or any other form of  ‘service’) until it can’t respond to legitimate requests anymore. The most popular...

Read More