How to Install and Configure Vsftpd Ftp Server on RHEL 6/ CentOS 6.2/ Ubuntu 11.10/ Fedora /Debian. VSftpd (Very Secure FTP Daemon) is an FTP server for Linux distributions. Vsftpd is the default FTP server is the Fedora, RHEL, CentOS, Ubuntu, NimbleX Linux distributions. It is not just secure as the name suggests but also delivers excellent performance by consuming less memory.
In this tutorial, i will show how to install and configure Vsftpd service by adding ftp users and locking the directory to individual users on Red Hat Enterprise Linux 6 (RHEL 6), Ubuntu, CentOS and Fedora.
Default ftp port : 21
Default configuration file : /etc/vsftpd.conf
Basic Vsftpd commands on RHEL/CentOS/Fedora
1. Install the Vsftpd service.
[root@rhel6 ~]# yum install vsftpd
2. Start Vsftpd Service :
[root@rhel6 ~]# service vsftpd start Read the rest of this entry »
how to Setup of VSFTPD with virtual users October 17th, 2011
If you are hosting several web sites, for security reason, you may want the webmasters to access their own files only. One of the good way is to give them FTP access by setup of VSFTPD virtual users and directories. This article describes how you can do that easily.
(See also: Setup of VSFTPD virtual users – another approach)
1. Installation of VSFTPD
For Red Hat, CentOS and Fedora, you may install VSFTPD by the command
# yum install vsftpd
For Debian and Ubuntu,
# apt-get install vsftpd
2. Virtual users and authentication
We are going to use pam_userdb to authenticate the virtual users. This needs a username / password file in `db’ format – a common database format. We need `db_load’ program. For CentOS, Fedora, you may install the package `db4-utils’:
# yum install db4-utils
For Ubuntu,
# apt-get install db4.2-util
To create a `db’ format file, first create a plain text file `virtual-users.txt’ with the usernames and passwords on alternating lines:
mary
123456
jack
654321
Then execute the following command to create the actual database:
# db_load -T -t hash -f virtual-users.txt /etc/vsftpd/virtual-users.db
Now, create a PAM file /etc/pam.d/vsftpd-virtual which uses your database:
auth required pam_userdb.so db=/etc/vsftpd/virtual-users
account required pam_userdb.so db=/etc/vsftpd/virtual-users Read the rest of this entry »
How to install MRTG under Linux September 10th, 2011
1. Introduction
MRTG (Multi Router Traffic Grapher) is an application that allows us to observe the traffic of a network. It generates html pages with graphs which are refreshed according to our network’s current state. Its source is written in Perl and C which means that it can be installed in every Operating System we like. We will also need SNMP daemon (Simple Network Management Protocol) which gives us information for a network. The following installation was accomplished under Linux and specifically Fedora Core 6. With some little changes it can be used and under other distros.
2. SNMP server
2.1 Installation
Initially we install the packets needed for SNMP. Yum makes this job a lot easier.
Next we make snmpd service to start automatically for the runlevels we want.
# yum install net-snmp-utils net-snmp
And we start the server.
# chkconfig --level 345 snmpd
We can see that it is running in port 199.
# service snmpd start
# netstat -natv | grep ':199'
tcp 0 0 127.0.0.1:199 0.0.0.0:* LISTEN Read the rest of this entry »
Posted in CentOS, debian, fedora, feebsd, linux, Networking, ubuntu | No Comments »
Trying to drop a DDoS attack using TTL and Length in iptables July 18th, 2011
Considering that there is a fairly big amount of DDoS attacks going around and not so many free tools available to work against this on a server level everyone will try to get the best of what he has available and why not use IPtables if you are on a Unix server.
Trying to check for an easy way to stop a DDoS attack and do not involve php or such scripts i ended up learning something about IPtables and that is that it is fairly simple to use TTL and Length of packets to stop or at least bring down to a reasonable amount an attack. This does not work all the time but for the last two times worked pretty well and this because of the bots that are being used to tun the attack.
As a first thing we should try and find out a few IPs that are being used to attack the server and this can easy be done using netstat like:
netstat -tn --inet 2>/dev/null | grep ":80" | \ awk '/tcp[\ ]*[0-9]+[\ ]*[0-9]+[\ ]+[^\ ]+[\ ]*[^\ ]*/ {print $5}' | \ cut -d":" -f1 | sort | uniq -c | sort -n
or more simple:
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
The IPs with a high connections number(eg. over 150) can be considered as being part of the attack even if a big intensity attack will make you see IPs with over 600-700 connections. Read the rest of this entry »
How To Install and Configure Squid as Transparent Proxy Server under Linux and FreeBSD March 29th, 2011
Squid is a proxy server and web cache daemon. It has a wide variety of uses: caching web, filtering traffic, caching DNS and other computer network lookups for a group of people sharing network resources.
Squid is primarily designed to run on Unix-like systems but it also runs on Windows-based systems. In this tutorial I’ll show you how to install and configure squid proxy server to run under Linux and FreeBSD.
A proxy server software is based on the TCP/IP protocol. It monitors a special port such as 3128 or 8080. A computer who runs a proxy server software is called a proxy server. If other computer want to connect to Internet through the proxy server, it should know the proxy server’s IP address and proxy port.
1. Squid Installation
Squid source code is available from squid-cache.org.Installation instructions are available in the ReadMe file in the source tar file. There is also binary packages for CentOS, Fedora, Red Hat Enterprise Linux, Ubuntu, Debian, FreeBSD and NetBSD.
To install Squid under CentOS/Fedora/RHEL, enter:
yum install squid
To install Squid under Debian/Ubuntu, enter: Read the rest of this entry »
Posted in CentOS, debian, fedora, feebsd, linux, Networking, ubuntu | 2 Comments »
