XStore

Linux Solutions
v1.4

Robby Pedrica
Consultant

Linux
Data Storage
Network Security
Email

Postfix basics
Highly secure SMTP mail solution with good performance and scaling with database backends
Anti-spam controls
Junk Mail Controls
Access and relay controls
Content filter
Greylisting and SPF
Maps for headers, body and addressing
Various transports and filters
Sender, recipient address and domain verification
Helo restrictions and RBL maps
Postfix advanced
Performance enhancements, traffic control, connection cache
Virtual hosting with MySQL, maildir delivery using CourierIMAP
Sasl and TLS integration using cyrus-sasl & dovecot
TLS Encryption and authentication
Integration with policy servers eg. Spf, Policyd
Connection cache, LMTP client
Selective address rewriting

2
Email 2

Courier IMAP/POP
Fast, scalable enterprise IMAP server using maildir format
IMAP and POP3 aggregation proxy, public folders and soft quotas
Integrates tightly with Postfix for virtual domain hosting
SpamAssassin
Wide Spectrum anti-spam solution, easy to extend / open source
Per user or global configurations
Large number of tests performed against emails to validate them
Learning capability from good and bad emails
Black and white lists
Auto update of rule sets
Anomy
Email sanitizer, disable potentially dangerous HTML code, such as javascript, within incoming
email
Protects you from email-based break-in attempts which exploit bugs in common email programs
Block or "mangle" attachments based on their file names
Checks headers for invalid and bad content
Including viruses and self executing code
MailScanner/MailWatch
Integrate Anti Spam and Anti Virus under one tool
Use Postfix hold mechanism
Batch- or queue-based
Quarantine spam, web-based access to quarantine control and message release
Email statistics, including Geographical information
Black- and white-list email
Control and filter attachments

3
Email 3

ClamSMTP
SMTP filter that allows you to check for viruses using the ClamAV anti-virus software
Lightweight, reliable, and simple, can be used as a transparent proxy
High-performance mail attachment scanning integrated with Postfix
Policyd
Policyd is an anti-spam plugin for Postfix (written in C) that does
Greylisting
Sender-(envelope, SASL or host / ip)-based throttling (on messages and/or volume per
defined time unit)
Recipient rate limiting
Spamtrap monitoring / blacklisting
HELO auto blacklisting and HELO randomization prevention

4
Web Serving

Apache 1.3/2.0/2.2
Commercial grade web serving
Multi-platform support
http/https/ftp support
CGI and FastCGI ( 2.0 )
Reverse proxy, name space mapping
Rewrite logic
DSO, Modular design, use modules instead of recompiling entire application
Multi-processing modules – use the best processing mechanism for your platform
SSI Server Side Includes
Virtual Web Hosting
AAA Authentication, Authorisation, Access Control
SSL/TLS encryption through OpenSSL
2.0 doesn't require mod_ssl any more
WebDAV, Perl and Python interfaces
Content negotiation
Large File Support ( 2.2 )
mod_deflate to save bandwidth on replies

5
Web Applications

Network management, Content Management and Portals

Plone
a web application designed to make it easy for non-technical users to add, edit and, well, manage
a website
Content Management System built on top of the open source application server Zope and the
accompanying Content Management Framework.
Mambo
Mambo is a full-featured content management system that can be used for everything from
simple websites to complex corporate applications
Joomla
Joomla! is one of the most powerful Open Source Content Management Systems on the planet. It
is used all over the world for everything from simple websites to complex corporate applications.
Joomla! is easy to install, simple to manage, and reliable
PhpNuke
Content management and portal solution featuring web-based administration, surveys,
customizable blocks, modules and themes with multi language support
Zope
Open source application server for building content management systems
Nagios
An enterprise-class monitoring solutions for hosts, services, and networks released under an
Open Source license
Snort & BASE
Intrusion Detection System and web-based monitoring

6
Web Applications 2

Bug/Fault Tracking
Mantis
A web-based bug tracking system
Bugzilla
server software designed to help you manage software development.
Medical
OpenEMR
OpenEMR is the complete, user-friendly and affordable electronic medical record system. It is
fully compliant with HIPAA and industry standards. Its time saving and efficiency enhancing
features will revolutionize your practice
ClearHealth

FreeMed
stable, efficient, and easy to use electronic medical record and practice management system

7
Web Applications 3

Project, Instant Messaging, Image management

DotProject
Project management and trouble ticketing
Granular permissions structure
Php121
Very simple web-based instant messaging system
Private and secure over SSL
Gallery2
Open source web-based album organiser
Comprehensive permissions system
Fully themeable
Drag and drop upload mechanism

8
GroupWare

OpenGroupware
Contact Management, Group Calendar, Resource Planner, Task Management, Email Client,
Projects and Documents, News. Palm Sync
Kolab
Groupware Solution for Emails, Appointments, Contacts and more. It supports mixed clients
environments (Outlook/KDE) because of an open storage format called Kolab-XML.
PhpGroupWare
phpGroupWare is a fully featured, web based messaging, collaboration and enterprise
management platform
xchange4linux / Bill's Workgroup Server
MAPI Service Provider for integration into Outlook, WorkGroup Data and MS Exchange
Replacement
eGroupWare
manage contacts, appointments, todos and many more for your whole business

9
File and print serving, Proxy, Content Filtering

Samba – the high performance file serving alternative

Compatible file serving solution for Windows and Unix networks
Make use of high performance and reliable Linux filesystems
Grow and manage file systems with LVM
Use RAID back ends to provide redundancy
Workgroup, Domain and Active Directory modes/integration
Granular permissions through AD/Domain integration and file system permissions
Fine-grained control over shares, printing and configuration options
Built-in WINS server, WINS and DNS proxy
Support for HOME directories and NETLOGON
Print support through CUPS, LPRNG and other Unix print subsystems
Squid
proxying and caching of HTTP, FTP, and other URLs
proxying for SSL, cache hierarchies, ICP, HTCP, CARP, Cache Digests
transparent caching, WCCP (Squid v2.3 and above)
extensive access controls, HTTP server acceleration, caching of DNS lookups
Dans Guardian
filters the actual content of pages based on many methods including phrase matching, PICS
filtering and URL filtering

10
Security

Firewalling
FortiGate
Stateful inspection engine, address grouping, PAT, SNAT, AT load balancing, bandwidth
management, authentication with Local, LDAP, MS AD, Radius
Ipsec VPN, PPTP, L2TP, overlapping VPN source networks, SSL VPN
Inline AV for http, ftp, smtp, pop, imap
Malware, Grayware, Spyware
pfSense
open source firewall derived from the m0n0wall operating system platform with radically different
goals such as using OpenBSD's ported Packet Filter, FreeBSD 6.1 ALTQ (HFSC) for excellent
packet queueing and finally an integrated package management system for extending the
environment with new features
Firewall, proxy, smtp relay, openvpn + ipsec vpn, upnp support
Linux NetFilter, fwbuilder, Guarddog, kfirewall
IPCop, Astaro, Smoothwall, SonicWall, Watchguard, Netscreen, Trustix, Netblue Box
ModSecurity
Web application firewall for apache and others
features include XML support, event correlation, transaction scoring, anomaly detection, data
persistence, a wealth of anti-evasion functions, regex back-references, support for sessions

11
Security 2

Port Knocking
BlockHosts
Script to record how many times system services are being probed, using configurable pattern
matching to recognize failed accesses (such as for "sshd" or "proftpd" or any service)
When a particular IP address exceeds a certain number of failed attempts, that IP address is
blocked by using multiple techniques
Web-based Reporting Tool
P0f
p0f is a versatile passive OS fingerprinting and masquerade detection utility, to be used for
evidence or information gathering on servers, firewalls, IDSes, and honeypots, for pen-testing
FwKnock
Intrusion Detection
Snort/ACID/Base
open source network intrusion prevention and detection system utilizing a rule-driven language,
which combines the benefits of signature, protocol and anomaly based inspection methods
FortiGate
Signature and anomaly type detection
Support for p2p and voip protocols, rate control and AV for Instant Messaging

12
Security 3

Miscellaneous / Penetration & Vulnerability testing

John the Ripper – password auditing
Nessus vulnerability scanning
Nmap network mapping
Phlak - modular live security
Backtrack – security tools and forensics
Operator – network testing, exploits
Rootkit checks – ChkRootKit, RootkitRevealer [ win ],
NST - network traffic analysis, intrusion detection, network packet generation, wireless network
monitoring, a virtual system service server, or a sophisticated network/host scanner

13