CS & IT Solutions

If you are hosting several web sites, for security reason, you may want the webmasters to access their own files only. One of the good way is to give them FTP access by setup of VSFTPD virtual users and directories. This article describes how you can do that easily.
(See also: Setup of VSFTPD virtual users – another approach)

1. Installation of VSFTPD

For Red Hat, CentOS and Fedora, you may install VSFTPD by the command

# yum install vsftpd

For Debian and Ubuntu,

# apt-get install vsftpd

2. Virtual users and authentication

We are going to use pam_userdb to authenticate the virtual users. This needs a username / password file in `db’ format – a common database format. We need `db_load’ program. For CentOS, Fedora, you may install the package `db4-utils’:

# yum install db4-utils

For Ubuntu,

# apt-get install db4.2-util

To create a `db’ format file, first create a plain text file `virtual-users.txt’ with the usernames and passwords on alternating lines:

mary
123456
jack
654321

Then execute the following command to create the actual database:

# db_load -T -t hash -f virtual-users.txt /etc/vsftpd/virtual-users.db

Now, create a PAM file /etc/pam.d/vsftpd-virtual which uses your database:

auth required pam_userdb.so db=/etc/vsftpd/virtual-users
account required pam_userdb.so db=/etc/vsftpd/virtual-users Read the rest of this entry »

1. Introduction
MRTG (Multi Router Traffic Grapher) is an application that allows us to observe the traffic of a network. It generates html pages with graphs which are refreshed according to our network’s current state. Its source is written in Perl and C which means that it can be installed in every Operating System we like. We will also need SNMP daemon (Simple Network Management Protocol) which gives us information for a network. The following installation was accomplished under Linux and specifically Fedora Core 6. With some little changes it can be used and under other distros.

2. SNMP server

2.1 Installation

Initially we install the packets needed for SNMP. Yum makes this job a lot easier.

Next we make snmpd service to start automatically for the runlevels we want.
# yum install net-snmp-utils net-snmp

And we start the server.
# chkconfig --level 345 snmpd


We can see that it is running in port 199.
# service snmpd start

# netstat -natv | grep ':199'

tcp 0 0 127.0.0.1:199 0.0.0.0:* LISTEN Read the rest of this entry »

Considering that there is a fairly big amount of DDoS attacks going around and not so many free tools available to work against this on a server level everyone will try to get the best of what he has available and why not use IPtables if you are on a Unix server.

Trying to check for an easy way to stop a DDoS attack and do not involve php or such scripts i ended up learning something about IPtables and that is that it is fairly simple to use TTL and Length of packets to stop or at least bring down to a reasonable amount an attack. This does not work all the time but for the last two times worked pretty well and this because of the bots that are being used to tun the attack.

As a first thing we should try and find out a few IPs that are being used to attack the server and this can easy be done using netstat like:

netstat -tn --inet 2>/dev/null | grep ":80" | \ awk '/tcp[\ ]*[0-9]+[\ ]*[0-9]+[\ ]+[^\ ]+[\ ]*[^\ ]*/ {print $5}' | \ cut -d":" -f1 | sort | uniq -c | sort -n

or more simple:

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

The IPs with a high connections number(eg. over 150) can be considered as being part of the attack even if a big intensity attack will make you see IPs with over 600-700 connections. Read the rest of this entry »

Squid is a proxy server and web cache daemon. It has a wide variety of uses: caching web, filtering traffic, caching DNS and other computer network lookups for a group of people sharing network resources.

Squid is primarily designed to run on Unix-like systems but it also runs on Windows-based systems. In this tutorial I’ll show you how to install and configure squid proxy server to run under Linux and FreeBSD.

A proxy server software is based on the TCP/IP protocol. It monitors a special port such as 3128 or 8080. A computer who runs a proxy server software is called a proxy server. If other computer want to connect to Internet through the proxy server, it should know the proxy server’s IP address and proxy port.

1. Squid Installation

Squid source code is available from squid-cache.org.Installation instructions are available in the ReadMe file in the source tar file. There is also binary packages for CentOS, Fedora, Red Hat Enterprise Linux, Ubuntu, Debian, FreeBSD and NetBSD.

To install Squid under CentOS/Fedora/RHEL, enter:

yum install squid

To install Squid under Debian/Ubuntu, enter: Read the rest of this entry »

Open
vi filename

Close/Quit/Quit without save
:q = close the file, if you didnt modified anything
:q! = close the file even u modified and dont want to save it
:

Save/ Save quit
:wq = save and exit
= save and stay

Add

i = from cursor before start append
I = begin of line allow appending

a = after cursor append
A =end of line append

o = new line
O =before cursor new line

Edit
r = from cursor character edit
R = replace from cursor anything on type, until esc pressed

cw = word replace

Del

dd = entire line delete

x = single character

dw = single word

D = remaining of the line starting with current cursor position

Cut/Past

yy = copy the current line into the buffer

Nyy or yNy = copy the next N lines, including the current line, into the buffer

p = paste the line in the buffer into the text after the current line

Searching

/string  = search forward for occurrence of string in text

?string = search backward for occurrence of string in text

n = move to next occurrence of search string

N = move to occurrence of search string in opposite direction

Line numbers:

: .=    returns line number of current line at bottom of screen

:= returns the total number of lines at bottom of screen

^g  provides the current line number, along with the total number of lines, in the file at the bottom of the screen