Linux

FAQs/HOW-TO's related to Linux and/or BSD server administration.

How-to: Secure tmp directories on linux

source: www.eth0.us: How-To: Secure your temp directories

Every system needs temporary folders that any user is able to read and write BUT these directories should not be able to execute programs or scripts. Though this will only protect you from somebody running the script directly it will help with a large portion of the automated rootkits and trojans that script kiddies use. They will still be able to put the files on the system but they will be unable to execute them and create the back door. One of the biggest problems is php injection via apache in which people will have apache download and then run an exploit. Securing the temp directories is probably the single biggest thing you can do towards securing your server.

Tags: Server Linux security how-to

Preventing DDoS Attacks

source: http://www.linuxsecurity.com/content/view/121960/49/

In this article I am trying to explain what DDOS is and how it can be prevented. DDOS happens due to lack of security awareness of the network/server owners. On a daily basis we hear that a particular machine is under DDOS attack or NOC has unplugged the machine due to DDOS attack . So DDOS has become one of the common issues in this electronics world. DDOS is like a disease which doesn't have an anti-viral developed. So we should be carefull while dealing with it . Never take it lightly. In this article i am trying to explain the steps/measures which will help us defend from DDOS attack ,up to a certain extend .

Tags: Linux

Preventing DoS Attacks using mod_dosevasive

source

Firewall settings are great for preventing Denial of Service (DoS) attacks, however it may not always be your only solution. The day has finally arrived when I found this excellent module called mod_dosevasive (DoS Evasive) which keeps track of how many requests each client makes to your server within intervals. If a client is being forceful with your server and making too many requests, then it is more than likely not just a web browser but some automated process unleashed on your site to try and take it down.

This handy Apache module we have found takes care of these issues. Let's get started by setting it up.

Tags: Linux

How to install BFD (Brute Force Detection)

Source

What is BFD (Brute Force Detection)?
BFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and brute force auditing programs in the linux community that work in conjunction with a firewall or real-time facility to place bans. BFD is available at: http://www.rfxnetworks.com/bfd.php

This guide will show you how to install and configure BFD to protect your system from brute force hack attempts.

Requirements:
- You MUST have APF Firewall Installed before installing BFD - it works with APF and requires some APF files to operate.
- Root SSH access to your server

Tags: Linux

Preventing Brute Force Attacks

source: http://www.webhostgear.com/240.html

Overview:
Blocking and preventing brute force attacks is one of the main things you want to do on your web server to add a layer of security. While someone might not be targeting your site or server specifically, they will have automated tools that will try to guess random usernames and passwords that are common against your system. They’re essentially forcing their way to user only authorized area’s of a system, such as FTP accounts, e-mail accounts, databases, script based administration areas and root or any shell access are most common attempts. They will try multiple login attempts, guessing usernames and passwords, trying to force their way onto your machine.

Tags: Linux

Introducing LAMP Tuning Techniques

Published on ONLamp.com (http://www.onlamp.com/)
 
http://www.onlamp.com/pub/a/onlamp/2004/02/05/lamp_tuning.html
 See this if you're having trouble printing code examples

by Adam Pedersen
02/05/2004

I'm getting to know far more about servers than I ever wanted to, after hundreds of hours of Google research trying to squeeze/beat performance out of Apache. I do have 15 years programming experience in other areas, and I've reached the conclusion that the only experts in Apache/Linux are the programmers who wrote (and poorly documented) all this stuff. So I've gathered everything I could learn after countless hours of frustration and I'm writing this up in return for the immense amount of help I've received from the documentation of others.

Tags: Linux

DNS setup (more info)

Hello,
This is a combination of posts I have used in the past and have adapted to provide an excellent DNS solutions.

The prerequisites for this are just Two Servers and in this implementation 4 IP's(2 per server) as it makes it more understandable. Also you will require a web accessible domain on each server.

Basically it will allow you to use a combination of two servers to do your DNS for you one being the primary and one the secondary. You could use this for every two sets of servers you own OR possibly adapt it so that all your servers use just the two sets.

It is my intention to eventually use this solution so that DJBDns is used instead of Bind because it is so flakey and buggy in my opinion.
DJB has a $500 reward for any exploits discovered thats how good it is!

Anyway enough chat lets get down to business....................

What we are aiming for is the following set up
NS1.JOELMOSS.COM PRIMARY NS FOR SERVER 1 ON SERVER 1
NS2.JOELMOSS.COM SECONDARY NS FOR SERVER 1 ON SERVER 2

NS3.JOELMOSS.COM PRIMARY NS FOR SERVER 2 ON SERVER 2
NS4.JOELMOSS.COM SECONDARY NS FOR SERVER 2 ON SERVER 1
 

Tags: Linux