Author: Andrew Hay

A multi-stage approach to securing your email communication

An excellent article is available over at Howto Forge on “A multi-stage approach to securing your email communication

When speaking of mail server-related security, one tends to limit the issue to message applied security measures, and even more to Antivirus and Antispam protection. This is however only one stage in the more complex process of securing your server. This article aims at identifying and explaining all security layers, highly important when choosing a certain mail server and consequently when configuring and using it.

DShield – The Distributed Intrusion Detection System is an attempt to collect data about cracker activity from all over the internet. This data will be cataloged and summarized. It can be used to discover trends in activity and prepare better firewall rules.

Right now, the system is tailored to simple packet filters. As firewall systems that produce easy to parse packet filter logs are now available for most operating systems, this data can be submitted and used without much effort.

More complex patterns, such as are used by application level firewalls may be handled in the future.

DShield provides a platform for users of firewalls to share intrusion information. DShield is a free and open service.

If you use a firewall, please submit your logs to the DShield database. You may either download one of their ready to go client programs, or use their Web Interface to manually submit your firewall logs. Registration is encouraged, but is not required.

Everybody is welcome to use the information in the DShield reports and database summaries to protect their network from intrusion attempts.

More information about how DShield works is on their home page.

samhain-2.2.4.tar.gz released


Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Author: Rainer Wichmann
Changes: Various updates.
File Size: 1525691
Last Modified: Sep 13 10:13:01 2006
MD5 Checksum: 66b81869578b1295ed8cc0d811457173

Scroll to top