SSH Security: How To Block SSH Brute Force Attacks with SSHGuard
SSHGuard monitors logging activity and reacts to attacks by blocking their source IP addresses. sshguard has born for protecting SSH servers from the today's widespread brute force attacks, and evolved to an extensible log supervisor for blocking attacks to applications in real-time.
SSHGuard is given log messages in its standard input. By means of a parser, it decides whether an entry is normal activity or attack. After a number of attacks, the IP address is blocked with the firewall.
These are the available blocking backends:
- SSHGuard with PF (OpenBSD, FreeBSD, NetBSD, DragonFly BSD)
- SSHGuard with IP FILTER (FreeBSD, NetBSD, Solaris)
- SSHGuard with IPFW (FreeBSD, Mac OS X)
- SSHGuard with netfilter/iptables (Linux)
- SSHGuard with TCP wrappers / hosts.allow (almost any UNIX system)
Print This Post
FreeBSD Tools: portaudit – FreeBSD’s Third Party Security Audit
Portaudit is a software vulnerability auditing tool for FreeBSD systems. FreeBSD's Portaudit provides a system to check if installed ports are listed in a database of published security vulnerabilities.
The ports-mgmt/portaudit port polls a database for known security issues. This database is updated and maintained by the FreeBSD Security Team and ports developers.
To begin using Portaudit, install it from the Ports Collection:
cd /usr/ports/ports-mgmt/portaudit make install clean
Print This Post
FreeBSD Optimizations: /etc/make.conf
The file make.conf contains system-wide settings that will apply to every build using make and the standard sys.mk file. The purpose of make.conf is to control the compilation of the FreeBSD sources, documentation, and ports.
The system build procedures occur in the following areas: the world, the kernel, documentation and ports. Variables set in make.conf may be applicable in one, two, or all four of these areas. In addition, control variables can be specified for a particular build via the -D option of make or in environment.
Print This Post
How To Install and Configure Squid as Transparent Proxy Server under Linux and FreeBSD
Squid is a proxy server and web cache daemon. It has a wide variety of uses: caching web, filtering traffic, caching DNS and other computer network lookups for a group of people sharing network resources.
Squid is primarily designed to run on Unix-like systems but it also runs on Windows-based systems. In this tutorial I'll show you how to install and configure squid proxy server to run under Linux and FreeBSD.
A proxy server software is based on the TCP/IP protocol. It monitors a special port such as 3128 or 8080. A computer who runs a proxy server software is called a proxy server. If other computer want to connect to Internet through the proxy server, it should know the proxy server's IP address and proxy port.
Print This Post
FreeBSD: How To Install Lighttpd with PHP5-FastCGI and MySQL Support in FreeBSD 8
In this article I'll show you how to install and configure Lighttpd web server on FreeBSD 8.1 with PHP5 support (through FastCGI) and MySQL support.
1. FreeBSD port tree update
Update FreeBSD ports using the following command:
portsnap fetch update
Once is done, we can proceed with the next step.
Print This Post
How To Set Up an OpenBSD Router – Step-by-Step Tutorial
This article is a step-by-step guide about how to set up OpenBSD system that will act as a network router that takes advantage of the OpenBSD's PF packet filter.
1. OpenBSD Installation
Install OpenBSD by using this tutorial.
Now that you have OpenBSD installed, lets proceed with the next step.
2. OpenBSD Network Configuration
The network interface is configured at boot time using the /etc/hostname.if files, where if will be replaced by the full name of your interface, for the example above, /etc/hostname.xl0.
The layout of this file is simple:
address_family address netmask broadcast [other options]
Print This Post
How To Install and Integrate eAccelerator into PHP5
eAccelerator is an open source PHP accelerator, optimizer, and dynamic content cache which provides a bytecode cache. eAccelerator increases the performance of PHP scripts by caching them in their compiled state, so that the overhead of compiling is almost completely eliminated. It also optimizes scripts to speed up their execution. eAccelerator typically reduces server load and increases the speed of your PHP code by 1-10 times.
1. Install prerequisites
There is no eAccelerator package in the official repositories, therefore we must compile and install it from the sources. Before we can do this, we need to install some prerequisites.
Print This Post
UNIX Tools: tcpdump – packet analysis tool
tcpdump is a common network packet analyzer that runs under the command line. It allows the user to intercept and display packets being transmitted or received over a network to which the computer is attached. tcpdump is mandatory for anyone desiring a thorough understanding of TCP/IP.
tcpdump works on most Unix-like operating systems: BSD, Linux, Mac OS X, Solaris, HP-UX and AIX among others. In those systems, tcpdump uses the libpcap library to capture packets. There is also a port of tcpdump for Windows called WinDump and it uses WinPcap, which is a port of libpcap to Windows.
Print This Post
FreeBSD: Complete Virtualization using VirtualBox
VirtualBox is a virtualization software,originally created by German software company innotek GmbH, purchased by Sun Microsystems, and now developed by Oracle Corporation as part of its family of virtualization products. It is installed on an existing host operating system; within this application, additional guest operating systems, each known as a Guest OS, can be loaded and run, each with its own virtual environment.
In this article I'll show you how to install VirtualBox under FreeBSD.
VirtualBox is available as a FreeBSD port and may be installed using the following commands:
Print This Post
FreeBSD: How To Create a Network Bridge
A device that connects two networks together into two separate network segments without having to create IP subnets and use a router to connect the segments together is called a "bridge".
To create a bridge use ifconfig command:
ifconfig bridge create
A bridge interface is created and is automatically assigned a randomly generated Ethernet address.
Print This Post
Subscribe
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | |||||
Polls
Loading ...Quote of the day
- Thomas Jefferson -
Recent Posts
- Ubuntu: How to install the Classic Desktop in Ubuntu 11.10 (Oneiric Ocelot)
- FreeBSD: How to set up an UPnP Internet Gateway Device (IGD) with MiniUPnP and FreeBSD 9.0
- Ubuntu: How to build and install Linksys AE1000 Wireless-N linux driver on Ubuntu 11.10
- FreeBSD: How to Install and Configure a PPTP VPN server with mpd5 on FreeBSD 8.2
- UNIX Tips: How to find broken symbolic links
Recent Comments
- on FreeBSD: How To Upgrade FreeBSD 7 to 8 Stable Release
- on FreeBSD: How to Install Adobe Flash in FreeBSD 8
- on How To Reset Keyring Password in Ubuntu
- on Ubuntu: How to build and install Linksys AE1000 Wireless-N linux driver on Ubuntu 11.10
- on FreeBSD: How to set up an UPnP Internet Gateway Device (IGD) with MiniUPnP and FreeBSD 9.0
Blogs
Links
Archives
- March 2012 (1)
- February 2012 (1)
- January 2012 (1)
- December 2011 (1)
- November 2011 (4)
- October 2011 (1)
- September 2011 (1)
- August 2011 (1)
- July 2011 (3)
- June 2011 (1)
- May 2011 (1)
- December 2010 (1)
- November 2010 (1)
- October 2010 (4)
- September 2010 (4)
- August 2010 (5)
- July 2010 (3)
- June 2010 (9)
- May 2010 (13)
- April 2010 (23)
- March 2010 (18)
- February 2010 (6)