We have a website that emails the contents of a contact form to our client. We would like to change this to make it a bit more secure (sensitive data can be sent over the contact form), we have encrypted the page with an SSL certificate so the only weak link we have at the moment is the email.
We already have an SSH connection setup to our client's servers and I was wondering if anyone knows if it is possible to send an email (possibly with attachments) over that connection?
Our web server is a linux machine and we are able to install applications ourselves. The client's server is a unix server, however their email system is Microsoft Exchange.
We've discussed PGP and it is not an option for our client, they will not install it on their systems.
Thanks for any help.
Peter
To make my answer clearer I see three (3) systems here.
The webserver running the PHP script; later refered as the WebServer
The Unix server running on your client site; later refered to as the UnixServer
The Exchange server running on your client site; later refered to as the ExchangeServer
What you could do is use autossh to tunnel a connection from the WebServer through the UnixServer server with an endpoint at ExchangeServer. It is no end-to-end encrypton since you would not have an encrypted link from the UnixServer to the ExchangeServer it gets you closer to your goal.
Full documentation on autossh can be found here
The basic steps for the setup would be this:
A. Setup passwordless authentication from the WebServer to the UnixServer. You'll have to be carefull to protect the RSA key generated otherwise you've just opened a gaping hole on their system. Ideally run autossh under an unprivilege user and have the account used on the UnixServer to be unprivileged as well. Make sure you test the connection before you start using autossh
B. Setup your ssh options for keepalive (autossh is a fallback option). Make sure that the ~/.ssh/config file for the user launching autossh has these option setup:
TCPKeepAlive yes
ClientAliveInterval 60
ServerAliveInterval 15
ServerAliveCountMax 3
C. Setup autossh. Linux.com as an articile about it here and debianadmin.com as one here.
If the client's server is configured so the "mail" command works you ought to be able to use that. And it is easy to test: ssh in and try it.
Otherwise, you probably want to go with smtp over SSL with encryption direct to their mail server.
I'd be inclined to store the information securely on the server, and email a notification to the user who then can login and see this request (and all other recent ones?) in the web page.
You don't have to mess around with trying to make email secure and working with systems that aren't in your domain of expertise, you can secure your PHP app properly, and take advantage of security features already easily available in browsers.
ssh -L $LOCAL_LISTEN_PORT:$EXCHANGE_SERVER_IP:25 username#sshdserver
http://www.ssh.com/support/documentation/online/ssh/adminguide/32/Port_Forwarding.html
Related
I have a PHP application running with Nginx on a Linux server and it has a successful integration with my Active Directory using LDAP.
In the current scenario, the user is able to create a new login for the app or use his Windows credentials to log into the application.
Now, I'm trying to implement a complete Single-Sign On (SSO) and the user logged with his credentials in the Windows machine in the domain will be able to open the app logged without use the credentials again.
Doing some research on it, since my Linux server are not in the same domain, the best options is use NTLM (old and insecure), Kerberos protocol or Negotiate protocol (that will choose among NTLM and Kerberos for each request), depending on Windows version and what is implemented in the Domain Controller.
There is a lot of tutorials in the internet and also some good threads on the theme here in SO. This another link shows a good overview about the options using Apache as web server (for Kerberos option, I found a Nginx port, so this is not the main problem).
Well, I created some test application using these approaches (including all changes in the browser side, limited to Firefox), but all of then are dependents of Web Server (Apache, Nginx or even IIS). Since My app already has a complete integration with AD through LDAP, I'm interested in some Web Server independent solution. Are there any way to "bypass" the authentication in Web Server and get the information about the logged user direct on my PHP code (Client (Firefox) to Server (PHP))?
My best guesses for now are some type of "pure" PHP implementation of Kerberos, that needs of a PECL module or NTLM, that is insecure and still asks for the user credentials in the first request.
I know that maybe its impossible, but I'm asking it for the case that I missed something important information in this research. Is it possible to get the windows user info direct in PHP?
If you don't insist on nginx use Apache Web Server 2.4 with mod_auth_gssapi this is great, high quality code written by people who know what they do. I have been doing this for years for my PHP stuff.
I have a MySQL server installed on an Nginx server on Debian 8.
The production page on the server, say example.com has SSL installed in it.
This MySQL server will be used along with PHP to set and retrive data.
Now I am confused whether to add SSL for the connection between client and MySQL server? What is the best practice?
If the traffic runs through app to MySQL locally, your traffic is secure (as long as your linux server is secure).
You don't need ssl for MySQL to app if the app only accesses MySQL locally.
You need ssl if anyone will be accessing MySQL remotely or if your app server is remote.
You will need to worry about those two things the most.
Transport Security. Does MySQL traffic ever leave your local network? If so, is it encrypted during transmission? If you are doing everything locally, then you have nothing to worry about. If your database connection goes across internet, make sure to use SSL.
System Security. Is your MySQL server accessible from internet? Does it need to be? If not, just add rule into iptables to block all incoming traffic to 3306 that's not from localhost. Also make sure that you are using strong SSH passwords and implement fail2ban, or allow key based authentication only.
SSL is good to help protect your clients. Sniffing packets may be thwarted by SSL. For example, if someone does a credit transaction, the credit card data would not be in plain view, as the data moved between the client to the server. However, SSL is not a way to protected your SQL resources, which is backend between the web serer and SQL database server. You need to run "mysql_secure_installation" for a mysql database, and design you PHP code to prevent SQL injection issues, for example. So, yes, SSL is very important to protect your clients, but other design factors are needed to protect your backend server assets.
We have around 10 iMac's connected to mac mini server. php and Apache enabled on server. I am developing intranet website using php. My requirement is to get the username of the client connected to the server. $_SERVER['REMOTE_USER'] is not working. I don't know why. Please help me out. Is it possible to write JS to find it? It should not ask for user login. It should directly take from client machine login.
$_SERVER['REMOTE_USER'] will contain the username used for HTTP auth. There is no reasonable way to persuade a browser to tell you what OS user the visitor is logged in as (you might have some luck with a signed Java applet, but I wouldn't bet on it).
For an intranet site/app, where you have control over the client machines, you can use some script/application running on system startup which will read the username and store it as a cookie. You can than read that cookie from you web site.
How cookies are stored differs between browser. For example, firefox 3+ uses an sqlite database with a documented format (see this post for some more info). You have to make sure, that the browser is not running when accessing the cookies.
I believe what you're looking for is Single Sign On (SSO). This is most commonly used on windows computers connected to a domain which allows users to authenticate to intranet sites without entering any credentials (eg it uses their domain credentials).
I don't know of a pure mac equivalent. The (most recent) Windows system is called Kerberos and is supported by Firefox on Mac as mentioned here: http://www.cgl.ucsf.edu/Security/CGLAUTH/CGLAUTH.html
It's worth noting that this requires the OS, Browser and Website to all work together. Some issues: firefox (even on windows) doesn't send the login details automatically, it requires a config change to include the site you want to authenticate with. The website needs to be able to verify the authenticity of the credentials passed to it which usually means it needs to be able to communicate with the credential authority (Domain controller/RADIUS/X500 server, etc.). The pesmissions mechanism needs to support (and be configured) to allow credential delegation (that is, the client PC is allowed to pass tokens on to the website to prove identity).
This question was by someone who's managed to get this working on linux so should be a good starting point
I had written a program (In Android, client side and PHP, server side) to upload a file to a server over HTTP. Due to various reasons I had to change the system to do everything in SSH (for security among other things).
I have the basics set up (using jsch on Android). But I want to implement the equivalent of the PHP mail() function. When the file is uploaded, originally my PHP file automatically sends a mail from the server to a certain address.
I'm struggling to find a way to implement this within a shell on the server. So the question is, how do I automatically send an email from server in SSH?
EDIT:
Forgot to mention server is CentOS.
SSH itself has no mail function - it only supports shell access (which might include X and SSH agent forwarding), file transfer (or other subsystems that might be integrated into the server) and port forwarding.
So, you have basically these options:
Call some server-side shell command that causes the mail to be sent, as mentioned in the comment from Marc.
This would use a shell channel.
Use port forwarding to access an SMTP server on your server host (or any host that accepts mail from there).
If you want to send from the same program which uses JSch, there is no need to actually do client-side
port forwarding, instead simply use a direct-tcpip channel, and set its host and port properties
before connecting.
Then you'll have to implement the SMTP protocol yourself, or use any other library which supports SMTP. (I suppose JavaMail can do this, but I didn't explore how you can configure it to use JSch as a tunnel.)
I have recently written a socket server in PHP that will be handling communication between an Android phone application and my PHP webserver. Due to the fact that Android doesn't natively support push style notifications we are going to be using our webserver as the middleware layer to handle our 'pushes'.
The socket server is stable, runs well, and seems to scale nicely. While I would eventually like to re-write this in C I don't have the skill necessary to do that right now so I am going to be staying in PHP for at least a short while. As of this moment our Android emulator is able to communicate through the server, get pushes, etc. so that part is all covered.
My concern is that, right now, anyone can open a socket to my server and will be given a client connection. While we won't be passing sensitive data back and forth I don't want to allow just anyone to connect over and receive broadcast information, eat up my resources, and clog my server in general.
The question is, how do I secure a server like this? Let's assume that I am running on port 25,000--can I set up some sort of SSL layer on that port and expect devices like the Android to be able to communicate over that port without any special protocols or jumping through hoops?
I have considered asking the connecting clients to authenticate their user against our user database before being given a client connection, but that would require the passing of credentials in plain text over the network which I am NOT about to do.
Any suggestions on this would be very helpful--I am rather new to straight TCP communication from PHP and feel like I might just be missing something simple that allows for authentication on this level.
Additional information: If I am able to get a valid username and password securely I would be using MySQL to validate the user and then accept/reject their connection based on the results of the query.
Thanks in advance..
First, I hope you've implemented your PHP socket server in a fashion that allows more than one client to be connected at the same time. This is not as trivial as it should be given the absence of threads in PHP, but it's certainly.
Now, if you already have a socket server implemented, adding TLS support is easy. Just run stunnel and have your PHP socket server only accept requests on the local interface.
I don't think SSL is really going to solve your problem. At best with SSL you can provide each client with a client certificate and do client certificate validation on the server. But you'll need to manage tons of certificates then. Or give everyone the same client certificate (not a good idea).
You'll have to authenticate the client using his credentials. You are right that you don't want to send the credentials in plain text over the network, but there are simple alternatives. Take a look at e.g. HTTP Digest Authentication (http://en.wikipedia.org/wiki/Digest_access_authentication) or xAuth (http://dev.twitter.com/pages/xauth). You don't have to implement these techniques over HTTP; you can just as well send a challenge (a realm) over a simple tcp socket after you have accepted the connection. The client should then send a valid response within a short timeframe or the server aborts the connection.
By the way, did you consider HTTP streaming? See http://ajaxpatterns.org/HTTP_Streaming
It would probably make your life a lot easier as you can rely upon some other service (e.g. Apache) doing the hard work for you, and you can focus on the business value of your application.
you might want to consider:
Cloud to Device Messaging : http://code.google.com/android/c2dm/index.html
The only drawback is that it is only supported by android >=2.2
Not sure why you guys didn't use some off the shelf messaging library/server for java, then create an android service that connects to the message broker and handles all initial authentication.
The service would simply sit there and wait for any incoming messages.
(I'm pretty sure that listening for network data doesn't power up the radio, only when the data is actually there that the radio powers up. I suspect this is how C2DM works.)
This is better then polling because you're only waiting for data. You're not constantly sending packets requesting data. But you knew that already.
I did this, (I used the rabbitmq-java library and the rabbitmq message queue server) and had push style notification for my app in no-time. Even with Android 1.5 devices.
About security:
You could also implement your own security but without having to send plain-text passwords. Simply encrypt the passwords using something like MD5 before passing it through the network.
Then compare the encrypted password with the encrypted password you have on file.
This way, only encrypted passwords will go through the network.