Tuesday, August 21, 2007

Solaris 10 package for scponly

A common situation we come across is one of allowing people secure filecopying to a system, but without giving full shell access to the system at the same time.

We've long since recommended scponly, which is a great solution to this very problem. scponly is a shell for UNIX systems that allows just that - scp/sftp only, with no access to an actual shell.

Today we were implementing this on a Solaris 10 x86 system, but couldn't find a Sun package to do it - so we compiled it up and rolled our own package

The version we've built was compiled with Sun Studio 11, complete with optimisations for speed. It installs to /opt/tsis/bin. If you're after scponly for Solaris x86, feel free to download and use our package. If you want the package for Sparc just drop us an email, and we'll probably be able to wrap it up for you pretty quickly (for free :-))

Friday, August 17, 2007

The magnificent 7

Here at 360is we've been using some common tools for a number of years - because, despite looking elsewhere, these tools have proven again and again to be great at the jobs they set out to do.

So we've picked out our most frequently recommended pieces of software and investigated them in more detail - the people behind them, how they came about, and what makes them worth using.

The seven are: nmap, syslog-ng, tcp-wrappers, ssh, sudo, postfix and rsync.

Go read the article!

The Growing Trend of Security Whitelists

My esteemed colleague here at 360is, Nick Hutton, has written a great article about security whitelisting.

In case you're not familiar with the phrase, security whitelisting takes the opposite (and some would say far more sensible) approach to security than we do today.

Go have a read of the article to get in the know.