background preloader

Linux: 20 Iptables Examples For New SysAdmins

Linux: 20 Iptables Examples For New SysAdmins
Linux comes with a host based firewall called Netfilter. According to the official project site: netfilter is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the network stack. This Linux based firewall is controlled by the program called iptables to handles filtering for IPv4, and ip6tables handles filtering for IPv6. IPTABLES Rules Example Most of the actions listed in this post are written with the assumption that they will be executed by the root user running the bash or any other modern shell. #1: Displaying the Status of Your Firewall Type the following command as root: # iptables -L -n -v Sample outputs: Above output indicates that the firewall is not active. Where, -L : List rules. #1.1: To inspect firewall with line numbers, enter: # iptables -n -L -v --line-numbers Sample outputs: #5: Save Firewall Rules

SSL certificates for Facebook Applications - Openprovider On the 26th of January 2011, Facebook announced that it would start offering it’s users the ability to browse Facebook over HTTPS. As part of their continued effort to increase security they recently announced that from the 1st of October 2011 Facebook developers are required to obtain an SSL certificate for their Apps. In order to help developers choose the correct certificate for their applications, Openprovider provides the following advise.

Shoreline Firewall How to create an FTP server on an Ubuntu 12.04 virtual machine Lauren Malhoit walks you through the steps for setting up a Linux Ubuntu 12.04 server with a second hard drive as a VMware virtual machine. I've been playing around with different ways of implementing FTP lately--that is, whether to use Windows, Linux, or just some sort of storage device with built-in FTP capabilities. I spent a bit of time creating an Ubuntu 12.04 FTP server and thought I'd share that experience in this post. As mentioned before, I'll be going through setting up a Linux Ubuntu 12.04 server, with a second hard drive, as a VMware VM. I chose vsftpd as my FTP server. Install Ubuntu 12.04 Virtual Machine I'm assuming you're familiar with setting up VMs, so these steps are somewhat vague, noting some caveats. 1. 2. 3. 4. root:/# nano /etc/network/interfaces This takes you to the interfaces config, which you'll need to alter to reflect your IP schema. auto eth0 iface eth0 inet static address 10.0.0.3 netmask 255.255.255.0 gateway 10.0.0.1 Add a second hard drive 1. 2. root:/# fdisk -l

Making vsftpd with chrooted users work again – Ubuntu 12.04 | Transcending Frontiers At The Frontier Group, we use vsftpd with chrooted users for clients that require FTP access. It has been working well for four years, however after a recent upgrade to Ubuntu 12.04 we started receiving this error message: 500 OOPS: vsftpd: refusing to run with writable root inside chroot () Ben Scobie has a good overview of the problem. allow_writeable_chroot=YES Unfortunately vsftpd 2.3.5, which is packaged in Ubuntu 12.04, doesn’t support this feature. As an alternative solution, we have backported it from vsftpd 3 into Ubuntu’s 2.3.5 package and made it available as a vsftpd PPA on Launchpad. sudo add-apt-repository ppa:thefrontiergroup/vsftpd sudo apt-get update sudo apt-get install vsftpd

A Mailserver on Ubuntu 12.04: Postfix, Dovecot, MySQL This long post contains a recipe for building a reasonably secure Ubuntu 12.04 mailserver in Amazon Web Services, using Postfix 2.9.1, Dovecot 2.0.19, and MySQL 5.5.22, with anti-spam packages in the form of amavisd-new 2.6.5, Clam AntiVirus 0.97.3, SpamAssassin 3.3.2, and Postgrey 1.3.4. Local users are virtual rather than being system users. Administration of users and domains is achieved through the Postfix Admin 2.3.6 web interface. A number of people have assisted in correcting errors and suggesting additional sections since this recipe was first posted. 1) Introduction Building a Linux mailserver from scratch to your own liking is a painful process unless you happen to be one of the few folk who do that day in and day out - there's no way around that fact. There are also a great many partial recipes and out of date guides that are frankly more of a hindrance than a help - especially when it comes to Dovecot, which has changed greatly between its 1.* and 2.* versions.

ubuntu - Set up sftp to use password but ssh not to use password Nginx Configuration Examples » KBeezie Here are a number of Nginx configurations for common scenarios that should help make things easier to get started with. This page will grow as needed. A quick and easy starter example First one is for most of you fly-by and cut-and-paste type of people. If you’re using a typical /sites-enabled/default type of configuration, replace the content of that file with this. As for the rest of you, read on for some more goodies and other configuration examples. Making the PHP inclusion easier For the purpose of PHP I’ve created a php.conf in the same folder with nginx.conf, this file DOES NOT go into the same folder as your virtual host configuration for example if nginx.conf is in /etc/nginx/ , then php.conf goes into /etc/nginx/ not /etc/nginx/sites-enabled/. If you are not using PHP-FPM, you really should be as opposed to the old spawn-fcgi or php-cgi methods. I prefer to use a unix socket, it cuts out the TCP overhead, and increases security since file-based permissions are stronger.

php - Can I use APC AND memcached on the same server? Remove Apache2 - Install NGINX - tyler hoffman So you want to remove Apache2 in favor of NGINX? You’ve come to the right place. This is a quick and to the point guide that should get you up and running with NGINX in no time. I am using Ubuntu 11.10 on a VPS, but this should work for most installations of Ubuntu. NOTE: This guide does not include how to install PHP. Remove Apache2 This first command will delete everything apache2 on the system. Install NGINX The following commands will add NGINX’s repository so that you can install the most updated version. If you get an error on the add-apt-repository command, execute the following command Configure NGINX Last thing we will need to do is to go to the configuration file for NGINX. You will need to change lines 5 and 6. To restart NGINX and make your changes take effect, the command to restart the service is necessary. Enjoy There you have it.

Installing ASSP (Anti-Spam SMTP Proxy) On Ubuntu Server 10.04 / Debian 5.0 - Page 2 Install ASSP Go to your preferred download directory. If you don't have one, your home directory will be fine. Download the ASSP program files. Go to its SourceForge project page ( copy the download link and paste it after a wget command. It should look something like this: * You should always download the latest stable version; version numbers used here are for example purposes only. wget Unzip ASSP: unzip ASSP_1.8.1.1-Install.zip Create a directory for the ASSP program files: mkdir /usr/share/assp Copy ASSP to its new home directory: cd ASSP_1.8.1.1-Install cp -R ASSP/* /usr/share/assp Install SSLeay dependencies (these will be needed for some perl modules in the next step): apt-get install libssl-dev libdb-dev Install required perl modules by runing the mod_inst.pl script: cd /usr/share/assp perl mod_inst.pl Accept all defaults when prompted. quit

PeerGuardian | Free Communications software downloads at SourceForge.net

Related: