Archive

Articles taggués ‘proxy’

Connection par ssh derrière un proxy html

21/05/2023 Aucun commentaire

Par défaut, ssh ne sait pas se connecter à un serveur si le client est placé derrière un proxy. Pour ajouter cette fonctionnalité, il faut :

– installer le paquet connect-proxy

apt-get install connect-proxy

– ajouter un fichier  ~/.ssh/config (juste pour un compte) ou /etc/ssh/ssh_config (configuration globale) contenant les lignes suivantes :

# on n'a pas besoin de connect pour le réseau local
# il faut modifier ou ajouter des lignes Host pour décrire votre réseau local Host 192.168.0.* ProxyCommand /usr/bin/connect %h %p # toutes les autres adresses utilisent la commande connect
# il faut remplacer l'adresse IP et le port par les valeurs de votre proxy
Host *
ProxyCommand /usr/bin/connect -H 192.168.0.1:8080 %h %p

On peut alors se connecter sans problème à un hôte par la commande classique : ssh identifiant@serveur

Categories: Réseau, Système Tags: , , ,

Simple Tor Setup on Mac OS X

01/02/2023 Comments off

Source: kremalicious.com – 

There’re many reasons you might want to browse anonymously which can be accomplished by using Tor. The setup instructions on Tor’s website are quite scattered and outdated so here’re some steps to setup Tor on OS X with a simple automated script at the end.

I’m using OS X Yosemite (10.10) for the following instructions but it should work on almost any OS X version.

Tor Browser

The most simple way to surf anonymously with Tor is to just grab the Tor Browser bundle.

But it’s based on a super old version of Firefox. And there might be more you want to do anonymously on your machine than just browsing the web, like accessing resources via the Terminal or any other app. Or just use the browser you’re used to.

For this you need to have Tor installed on your system and additionally set specific Proxy values in your network preferences after you’ve started Tor.

Install Tor

Contrary to the weirdly outdated install instructions on Tor’s website (hey, remember Macports?), installing Tor on Mac OS X is super simple with Homebrew.

In your Terminal execute:

brew install tor

Then you can start it up by running:

tor

Congratulations, you now have Tor running on your system. But none of your network traffic is routed through it yet.

In order for all your system traffic being routed through Tor you need to adjust your system’s network proxy settings whih you can either do visually in the System Preferences or programmatically via OS X’s builtin networksetup.

Set network proxy settings via System Preferences

You can do this under System Preferences > Network and creating a specific Tor network location for it:

  1. From Location dropdown at the top, select Edit Locations…
  2. Create a new location by hitting the plus button and name it Tor. Hitting Done will select the new location which is now ready to be configured
  3. Go to Advanced > Proxies and activate SOCKS Proxy and add those values:
  • SOCKS proxy server: localhost
  • Port: 9050

tor-osx-proxy

After hitting OK & Apply at the initial network screen, you can easily switch to this newly created location from your menu bar under  > Location whenever you start up Tor.

Switching to the Tor location routes all network traffic on your system through Tor. Note that you have to repeat those steps for every other network interface if you use, say, Wi-Fi and Ethernet interchangeably.

Lire la suite…

Categories: Réseau, Système Tags: , , ,

How To Optimize WordPress Performance With MySQL Replication On Ubuntu 14.04

04/01/2023 Comments off

Introduction

In this tutorial, we will teach you how to scale up your WordPress MySQL database server setup using master-slave database replication and the HyperDB plugin for WordPress. Adding more database servers to your environment in this manner allows your WordPress application to read from multiple database servers, increasing read performance.

MySQL replication reaps the most performance benefits for a system that processes frequent reads and infrequent writes, like most WordPress installations. By using a single-master with multiple-slave setup, you can add more slaves to scale your system, until you run out of network bandwidth or your master cannot handle the update load. If you wish, you can add more than one slaves by repeating the “slave” portions of the replication sections of this tutorial.

We are assuming that your setup includes two load balanced WordPress application servers that connect to a separate MySQL database server (see the prerequisites for a tutorial on how to set that up). It is not strictly necessary to have load balanced application servers to follow this tutorial, but your MySQL database server should be separate from your application servers.

Prerequisites

Before continuing with this tutorial, you should have completed two tutorials or have a similar environment:

After following those tutorials, to set up WordPress with two load balanced web application servers and a separate database server, you should have four VPSs. Because we will be dealing with several VPSs, for reference purposes, we will call your four existing VPSs the following:

  • haproxy-www: Your HAProxy server for layer 4 load balancing your WordPress web application servers. This is the entry point into your website
  • wordpress-1: Your first WordPress web application server
  • wordpress-2: Your second WordPress web application server
  • mysql-1: Your MySQL server for WordPress

That is, your environment should look something like this:

WordPress and Separate MySQL Database Server

In addition to your current environment, we will require one additional VPS during this tutorial. We will call it:

  • mysql-2: Your slave MySQL database server

Lire la suite…

Categories: Bases de données, Logiciel Tags: , , , , ,

Using ssh as a SOCKS proxy on Mac OS X

25/10/2022 Comments off

Introduction

Many times it can be convenient to tunnel your web traffic through a proxy, particularly an encrypted one. This web page shows how to easily tunnel your traffic through an ssh-encrypted proxy on Mac OS X. This allows your traffic to traverse your local network without being visible to snoopers, even when visiting unencrypted sites.

It also allows you to appear to come from a different IP address, allowing you to defeat geolocation schemes. In particular, some credit card processors try to make sure that your credit card billing address is correlated with your IP address, which can be hard on us expatriates. Another example is the free credit report web site which doesn’t seem to work from outside the United States. There are undoubtedly many other practical, legitimate uses for this sort of redirection. Lire la suite…

Categories: Réseau, Système Tags: , , , , , , ,

How to Protect Successfully your network against DDoS attacks: 5 steps

15/07/2021 Comments off

Every business needs DDoS protection.

protect ddos attacksToday it’s important for the success of your business to have an online presence. You always thought that you would never be a victim of DDoS attacks. But, what would happen if your website or online application is down because of a DDoS attack?

Here are some facts taken from digitalattackmap:

  • Attacks are cheaper (150$ for a week long DDoS)
  • Their number are increasing every weeks (2000/day)
  • Increase attributed downtime (1/3 of all downtime incidents)

You can even block a 1TB DDoS attack!

With enough preparation, anybody can block a DDoS attack of any size and we will tell you how in 5 steps.

  1. Become invisible
  2. Filter aggressively
  3. Identify attack patterns
  4. Block traffic patterns
  5. Deploy counter-measures solutions

Lire la suite…

Categories: Réseau, Sécurité, Tutoriel Tags: , , , ,