Archive

Archives de l'auteur

Fail2ban – Block unwanted attacks

28/09/2022 Aucun commentaire

source: Paul’s blog

Up until now i have been manually blocking ip’s that attack my server but by the time i see them the attacks have normally finished but after the last big attack on my email server (some 35,000 attempts) i decided to find a way to automate the blocking. After a bit of research i decided to setup Fail2ban and here’s how i did it.

As i use a 3rd party repostories – EPEL (how to add repositories) i can just use yum to install it

yum install fail2ban

once installed i just needed to change the configuration to my liking, the config files can be found at “/etc/fail2ban”

first i edit “/etc/fail2ban/fail2ban.conf” and ensure the “logtarget” is set correctly

logtarget = /var/log/fail2ban.log

The default behaviour of fail2ban is configured in the file “/etc/fail2ban/jail.conf”. There’s a [DEFAULT] section that applies to all other sections unless the default options are overridden in the other sections. Lire la suite…

Using Rsync and SSH

28/09/2022 Aucun commentaire

Source: troy.jdmz.net

Keys, Validating, and Automation

This document covers using cron, ssh, and rsync to backup files over a local network or the Internet. Part of my goal is to ensure no user intervention is required when the computer is restarted (for passwords, keys, or key managers).
I like to backup some logging, mail, and configuration information sometimes on hosts across the network and Internet, and here is a way I have found to do it. You’ll need these packages installed:
  • rsync
  • openssh
  • cron (or vixie-cron)

Please note these instructions may be specific to Red Hat Linux versions 7.3, 9, and Fedora Core 3, but I hope they won’t be too hard to adapt to almost any *NIX type OS. The man pages for ‘ssh’ and ‘rsync’ should be helpful to you if you need to change some things (use the “man ssh” and “man rsync” commands). Lire la suite…

Categories: Système Tags: , , ,

Afficher une image dans un terminal

27/09/2022 Aucun commentaire

Source: korben.info

Si vous cherchez un utilitaire et une bibliothèque pour vos projets qui permette d’afficher dans un terminal une image en utilisant du code ANSI, j’ai ce qu’il vous faut. Ça s’appelle Picture- et pour l’ c’est très simple. Il vous faudra npm, donc sous pour un petit npm, il faut taper :

sudo apt-get install npm

Ensuite pour installer la bibliothèque Picture-tube, il faut faire :

sudo npm install picture-tube

Si seul l’outil en vous intéresse, ajoutez le paramètre -g

sudo npm install -g picture-tube

Ensuite, pour convertir une image, un petit

picture-tube monimage.jpg

dans le terminal et taaadaaa

 

zelda

Après, pour utiliser la bibliothèque, voici un exemple de code :

var pictureTube = require('picture-tube')
var tube = pictureTube();
tube.pipe(process.stdout);
var fs = require('fs');
fs.createReadStream('robot.png').pipe(tube);

Pour tout le reste, c’est par ici.

Categories: Logiciel Tags: , ,

mod_geoip2 Apache module

27/09/2022 Aucun commentaire

The mod_geoip2 module embeds GeoIP database lookups into the Apache web server. It is only capable of looking up the IP of a client that connects to the web server, as opposed to looking up arbitrary addresses.

This module works with Apache 2. Please use mod_geoip with Apache 1.

Installation

You may download the latest release of mod_geoip2 or get the latest development version from GitHub. See the included INSTALL file in the tarball for installation details.

Overview

The mod_geoip2 module uses the libGeoIP library to look up geolocation information for a client as part of the http request process. This module is free software, and is licensed under the Apache license.

To compile and install this module, you must first install libGeoIP 1.4.3 or newer.

The mod_geoip2 module takes effect either during request header parsing phase or the post read request phase, depending on whether it is configured for server-wide use or for a specific location/directory.

When enabled, the module looks at the incoming IP address and sets some variables which provide geolocation information for that IP. The variables it set depend on the specific GeoIP database being used (Country, City, ISP, etc.). These variables can be set in either the request notes table, the environment or both depending on the server configuration.

Lire la suite…

ISPConfig 3 + Squeeze – SSL/TLS 465 SMTP Fail

26/09/2022 Aucun commentaire

ispconfigSource: howtoforge.com

Hi there.

New install of ISPConfig 3 on Debian Squeeze [previously on Lenny]

Created using: http://www.ispconfig.org/news/tutorial-the-perfect-server-debian-squeeze-debian-6-0-with-bind-courier-ispconfig-3/

Previous server used:

Port: 465
Connection security: SSL/TLS
Authentication method: normal password

If I try to use these setting on this fresh install [complete format with previous back up files stored on a seperate drive] I get the following error:

Sending of message failed.

The message could not be sent because connecting to SMTP server mail.myserver.com (changed from real name – error has correct name) failed. The server may be unavailable or is refusing SMTP connections. Please verify that your SMTP server settings are correct and try again, or contact the server administrator.

I can send using:

Port: 25
Connection security: STARTTLS
Authentication method: normal password

No errors appear in mail.log or mail.err

I’ve compared the master.cf pre/post [original/current]

Differing section appears to be:

Original

smtp inet n - - - - smtpd
submission inet n - - - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticate d,reject
-o milter_macro_daemon_name=ORIGINATING
smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticate d,reject
-o milter_macro_daemon_name=ORIGINATING

Current

smtp inet n - - - - smtpd
#submission inet n - - - - smtpd
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticate d,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n - - - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticate d,reject
# -o milter_macro_daemon_name=ORIGINATING

main.cf has a couple of minor differences

Original

smtpd_tls_CAfile = /etc/postfix/cert.pem

*This line is missing in the current main.cf

Current

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

*These lines do not appear in the original main.cf

No firewall rules are set to block ports.

hopefully I’ve provided enough detail.

Categories: Logiciel Tags: ,