Pf vs Iptables- a Great comparative article

I enjoyed reading the following article, though would worth keeping a copy on my blog. Happy Reading-

Today I will be talking a lot about OpenBSD, FreeBSD and other Unix-like operating systems from the Berkeley Software Distribution. I thought that would be appropriate being my first document on Unixmen. I however will also be talking about Linux and Untangle and how they complement Unix based firewalls such as Pfsense.

I would like to explain what I think is the best way to secure a network from hackers and bots and why these techniques work as well as I say they do. I however will not be explaining how, as I will save that for another article. That being said if there is anything in error here please let me know but I am sure you will find nothing in contrast to common theory. I would also like to show you guys some things I like to do and things I think are critical to IT security. Continue reading “Pf vs Iptables- a Great comparative article” »

Share

Cacti on Debian (Updated)

Downloading Cacti

You can download the newest version of Cacti from its website.

wget http://www.cacti.net/downloads/cacti-0.8.7b.tar.gz

Installing Cacti

Install apache webserver with php support, mysql database server, snmp, some php modules and rrdtool.

apt-get install apache2 libapache2-mod-php5 php5 php5-cli php5-mysql php5-gd php5-snmp mysql-client mysql-server libmysqlclient15-dev snmp snmpd rrdtool

Add a user account for cacti. Continue reading “Cacti on Debian (Updated)” »

Share

Enable 1:1 NAT in Iptables

1:1 NAT maps a single Public IP Address to one of your computer within your local area network (LAN). Unlike port forwarding, 1:1 NAT forwards all ports from one external IP to one internal IP.

iptables -t nat -A POSTROUTING -o eth0 -s 192.168.1.2 -j SNAT --to-source 83.229.64.2 iptables -t nat -A PREROUTING -i eth0 -d 83.229.64.2 -j DNAT --to-destination 192.168.1.2 iptables -A FORWARD -s 83.229.64.2 -j ACCEPT iptables -A FORWARD -d 192.168.1.2 -j ACCEPT
Share

How to enable Port Forwarding in Iptables

Port forwarding allows remote computers, for example, computers on the Internet, to connect to a specific computer or service within a private local area network (LAN).
Typical applications include the following:

  • Running a public HTTP server within a private LAN
  • Permitting Secure Shell access to a host on the private LAN from the Internet
  • Permitting FTP access to a host on a private LAN from the Internet

In Linux, you can configure port forwarding using iptables command.
The below example is to enable the port forwarding of port 80 of the external ip address “83.229.64.2” to the port 80 of the computer inside the LAN with the ip address of “192.168.1.2”.

iptables -t nat -A PREROUTING -i eth0 -d 83.229.64.1 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.2:80 iptables -A FORWARD -p tcp --dport 80 -j ACCEPT
Share

7 Inspiring Steve Jobs Quotes That Just Might Change Your Life

He came, he saw, he conquered…and he left behind some words to live by:

“I’m convinced that about half of what separates successful entrepreneurs from the non-successful ones is pure perseverance.”

Everyone says they go the extra mile. Almost no one actually does. Most people who do go there think, “Wait…no one else is here…why am I doing this?” And they leave, never to return.

That’s why the extra mile is such a lonely place. Continue reading “7 Inspiring Steve Jobs Quotes That Just Might Change Your Life” »

Share

NFS Server and Client on Debian 6/7

Assumptions:

NFS Server IP: 172.16.5.100

NFS Client Node1: 172.16.5.101

NFS Client Node2: 172.16.5.102

NFS Client Node3: 172.16.5.103

NFS Client Node4: 172.16.5.104

On the NFS Server:

Install nfs-kernel-server Install nfs-kernel-server and nfs-common Install nfs-common on the computer that has the files to be shared.

apt-get update && sudo apt-get install nfs-kernel-server nfs-common

Edit the exports file that shows what to share and with whom. So run: Continue reading “NFS Server and Client on Debian 6/7” »

Share

Install and configure fail2ban

Servers do not exist in isolation, and those servers with only the most basic SSH configuration can be vulnerable to brute force attacks. fail2ban provides a way to automatically protect the server from malicious signs. The program works by scanning through log files and reacting to offending actions such as repeated failed login attempts.

Step One—Install Fail2Ban

Because fail2ban is not available from CentOS, we should start by downloading the EPEL repository:

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Follow up by installing fail2ban:

yum install fail2ban

Step Two—Copy the Configuration File

The default fail2ban configuration file is location at /etc/fail2ban/jail.conf. The configuration work should not be done in that file, however, and we should instead make a local copy of it.

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

After the file is copied, you can make all of your changes within the new jail.local file. Many of possible services that may need protection are in the file already. Each is located in its own section, configured and turned off. Continue reading “Install and configure fail2ban” »

Share

rkhunter perfect configuration

Introduction

Exposing any computer to the internet is in some ways risky. There are many ways that your server can be compromised or attacked by remote systems and malicious software, and it is an ongoing and proactive process to defend yourself against potential threats.

One potential concern is rootkits. Rootkits are software secretly installed by a malicious intruder to allow that user continued access to the server once security is breached. This is an extremely dangerous problem, because even after the entry vector that the user originally used to gain access is fixed, they can continue to enter the server using the rootkit they installed.

One tool that can help you protect your system from these kinds of problems is rkhunter. This software checks your system against a database of known rootkits. Additionally, it can check other system files to make sure they are in line with expected properties and values.

In this guide, we will install and configure rkhunter to protect our Ubuntu 12.04 VPS. Continue reading “rkhunter perfect configuration” »

Share

Add EPEL Repo to CentOS or SL 6

For 64 Bit

rpm –import http://fedoraproject.org/static/0608B895.txt
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm

For 32 Bit

rpm –import http://fedoraproject.org/static/0608B895.txt
wget http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm

Additional Add Remi Repo

rpm –import http://rpms.famillecollet.com/RPM-GPG-KEY-remi
rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

yum install yum-priorities

Edit /etc/yum.repos.d/epel.repo

vi /etc/yum.repos.d/epel.repo

Share