setting up a iptables firewall with logwatch on gmail account September 22nd, 2010
Overview
Any basic home router is a combination firewall/switch/wifi device. If you don’t need wifi, you can get much finer-grained control of your home network by buying a low-power computer with 2 ethernet ports to use as your firewall, and then a cheap 4 or 8 port switch to do your switching. This gives you far better control and flexibility.
Here’s how you configure Fedora 10 on a low-power firewall machine.
Install a minimum F10 install on your firewall computer.
Not covered here. As a general rule, use the DVD, use the i386 version (on the assumption that you are using smaller; low-power hardware).
Kernel Settings
Do NOT skip this step or your internal computers will not be able to reach the internet.
Fedora 10 by default does not allow packet forwarding, which is a fantastically sane default setting. However, this needs to be changed for your 2-ethernet-port computer to act as a firewall. Therefore, ensure /etc/sysctl.conf looks like this:
# Kernel sysctl configuration file for Red Hat Linux # # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and # sysctl.conf(5) for more details. # Controls IP packet forwarding net.ipv4.ip_forward = 1 net.ipv4.icmp_echo_ignore_broadcasts = 1 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 # Do not accept source routing net.ipv4.conf.default.accept_source_route = 0 # Controls the System Request debugging functionality of the kernel kernel.sysrq = 0 # Controls whether core dumps will append the PID to the core filename. # Useful for debugging multi-threaded applications. kernel.core_uses_pid = 1 Read the rest of this entry »
Posted in CentOS, debian, fedora, feebsd, linux, Networking, ubuntu | No Comments »
7 Easy Steps Installation DNS server in Ubuntu Jaunty September 22nd, 2010
DNS (Domain Name Service) server is a server that translate an IP address into a name that will be easy to remember or do the opposite way.
The administrative job is done in Server side. For client side just set the machine to connect the DNS server.
Before we start, I assume that you are connected to Internet already. For, text editor, you can use any program that you are familiar with. In this sample, I use vim.
The installation is as easy as below:
Step 1. Install the bind9
Open Linux Terminal (Applications>Accessories>Terminal), type: sudo apt-get install bind9
Installation finished.
Read the rest of this entry »
Posted in debian, linux, Networking, ubuntu | No Comments »
Firewall – How Do I Block an IP Address on My Linux server? September 12th, 2010
What is iptable? Iptables is a generic table structure that defines rules and commands as part of the netfilter framework that facilitates Network Address Translation (NAT), packet filtering, and packet mangling in the Linux 2.4 and later operating systems. NAT is the process of converting an Internet Protocol address (IP address) into another IP address. Packet filtering is the process of passing or blocking packets at a network interface based on source and destination addresses, ports, or protocols. Packet mangling is the ability to alter or modify packets before and/or after routing.
Iptables and netfilter are the successor to ipchains and ipfwadm in earlier versions of Linux. Netfilter and iptables are often combined into the single expression netfilter /iptables, which refers to the Linux 2.4 and later subsystems for NAT, firewall, and advanced packet processing.
How do I block an IP address or subnet under Linux operating system?
In order to block an IP on your Linux server you need to use iptables tools (administration tool for IPv4 packet filtering and NAT) and netfilter firewall. First you need to log into shell as root user. To block IP address you need to type iptables command as follows:
Syntax to block an IP address under Linux
Replace IP-ADDRESS with actual IP address. For example if you wish to block ip address 65.55.44.100 for whatever reason then type command as follows:
If you have IP tables firewall script, add above rule to your script.
If you just want to block access to one port from an ip 65.55.44.100 to port 25 then type command:
# iptables -A INPUT -s 65.55.44.100 -p tcp –destination-port 25 -j DROP
The above rule will drop all packets coming from IP 65.55.44.100 to port mail server port 25.
You can also create Security Shell Script to block the ips: Create /root/iptables/blocked.ips file as follows with list of ips and subnets to block entering your dedicated server.
Posted in CentOS, debian, fedora, feebsd, linux, Networking, ubuntu | No Comments »
Unix / Linux Security: Secure your box using (autoban) Denyhosts September 12th, 2010
I wrote a denyhack shell scripts to restrict the hacking users from the server. It was my development with bash script. I am using it for the past three years. Recently, While doing google search, I find an open source (source-forge) software denyhosts,written in python, which does the same function.
Here are some tips to make your Linux server safer from intruders.
I have recently viewed by log files in linux and noticed a few hundreds failed logins from different hosts on my sshd service.
I wanted to secure it using iptables, but this reduced my mobility quite a lot. By denying packets from all hosts and accepting just from a few trusted ones, I ended up not being able to access my server from everywhere i want.
So I started searching on the Internet for an alternative; and I found something called Deny Hosts, an open source project from Sourceforge. This python script is very useful, bringing many options that are an advantage in the fight against hackers.
It’s features include allowed and denied host list files that dynamically update by analyzing the attempts in service’s log files, e-mailing functions to notify you if something happens and a synchronization tool that gets all the hosts that were banned several times around the world and denies them on your server too.
Downloading the script
To download the script, go to http://denyhosts.sourceforge.net/ or if you are using Fedore Core, try “yum install denyhosts”. Read the rest of this entry »
How to write a simple crontab? September 12th, 2010
Crontab (normally they call cron job) are scheduler for an user.
Using this, you can schedule jobs for specified interval, like minutes, hours, days, weeks, and month.
I do not want to provide details description.
Login to linux, say “crontab -e” (without quotes)
Just cut and paste code here.
You are done. As you guess, one job runs every 15 mins, another 20 mins….
####################################################################
#
#min hour day_of_month month day_of_week user command
*/15 * * * * /root/crons/denyhack > /dev/null 2>&1
*/20 * * * * /root/crons/denyhack2 > /dev/null 2>&1
*/25 * * * * /root/crons/denyhack3 > /dev/null 2>&1
*/35 * * * * /root/crons/denyhack4 > /dev/null 2>&1
####################################################################
So they way cron works is it looks at its config file, the ‘crontab’ and when the conditions are met for an entry, it will run that entry. What this means is that you will have to write a script for cron to call that does everything you want it to do. If you have any experience with perl, it would probably be a good choice here. Otherwise any other programming language will do.
As far as the actual cron job goes:
* * * * * command to be executed
- – – – -
‘ ‘ ‘ ‘ ‘
‘ ‘ ‘ ‘ +—– day of week (0 – 6) (Sunday=0)
‘ ‘ ‘ +——- month (1 – 12)
‘ ‘ +——— day of month (1 – 31)
‘ +———– hour (0 – 23)
+————- min (0 – 59)
source here
Posted in CentOS, debian, fedora, feebsd, linux, ubuntu | No Comments »
