An excellent article is available over at Howto Forge on “A multi-stage approach to securing your email communication”
When speaking of mail server-related security, one tends to limit the issue to message applied security measures, and even more to Antivirus and Antispam protection. This is however only one stage in the more complex process of securing your server. This article aims at identifying and explaining all security layers, highly important when choosing a certain mail server and consequently when configuring and using it.
DShield.org is an attempt to collect data about cracker activity from all over the internet. This data will be cataloged and summarized. It can be used to discover trends in activity and prepare better firewall rules.
Right now, the system is tailored to simple packet filters. As firewall systems that produce easy to parse packet filter logs are now available for most operating systems, this data can be submitted and used without much effort.
More complex patterns, such as are used by application level firewalls may be handled in the future.
If you use a firewall, please submit your logs to the DShield database. You may either download one of their ready to go client programs, or use their Web Interface to manually submit your firewall logs. Registration is encouraged, but is not required.
Everybody is welcome to use the information in the DShield reports and database summaries to protect their network from intrusion attempts.
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
Author: Rainer Wichmann
Changes: Various updates.
File Size: 1525691
Last Modified: Sep 13 10:13:01 2006
MD5 Checksum: 66b81869578b1295ed8cc0d811457173