SSH Security: How To Block SSH Brute Force Attacks with SSHGuard
SSHGuard monitors logging activity and reacts to attacks by blocking their source IP addresses. sshguard has born for protecting SSH servers from the today's widespread brute force attacks, and evolved to an extensible log supervisor for blocking attacks to applications in real-time.
SSHGuard is given log messages in its standard input. By means of a parser, it decides whether an entry is normal activity or attack. After a number of attacks, the IP address is blocked with the firewall.
These are the available blocking backends:
- SSHGuard with PF (OpenBSD, FreeBSD, NetBSD, DragonFly BSD)
- SSHGuard with IP FILTER (FreeBSD, NetBSD, Solaris)
- SSHGuard with IPFW (FreeBSD, Mac OS X)
- SSHGuard with netfilter/iptables (Linux)
- SSHGuard with TCP wrappers / hosts.allow (almost any UNIX system)
Print This Post
FreeBSD: How To fetch the ports from fast servers
Ports randomly gets it's source server list from bsd.sites.mk file located in /usr/ports/Mk/, as defined by the port maintainer. Most of the time downloading the source takes a long time if the remote server is not physically near to us.
In this case, we can tune the ports so that it fetches the sources from the nearest server. A nearer server normally means less latency and a faster connection.
The port fastest_sites will test the latency of the servers listed in /usr/ports/Mk/bsd.sites.mk. The file is suitable to be included in /etc/make.conf which tell ports where to fetch the sources from.
Print This Post
FreeBSD Tools: thefish – /etc/rc.conf GUI/TUI editor
The Fish provides a graphical tool (GTK+, QT, ncurses frontends) used to manage system variables stored in /etc/defaults/rc.conf and /etc/rc.conf.
In this example we'll use the ncurses version of The Fish.
To configure thefish, enter the following command:
make config -C /usr/ports/sysutils/thefish
Print This Post
FreeBSD Tools: portaudit – FreeBSD’s Third Party Security Audit
Portaudit is a software vulnerability auditing tool for FreeBSD systems. FreeBSD's Portaudit provides a system to check if installed ports are listed in a database of published security vulnerabilities.
The ports-mgmt/portaudit port polls a database for known security issues. This database is updated and maintained by the FreeBSD Security Team and ports developers.
To begin using Portaudit, install it from the Ports Collection:
cd /usr/ports/ports-mgmt/portaudit make install clean
Print This Post
FreeBSD Optimizations: /etc/make.conf
The file make.conf contains system-wide settings that will apply to every build using make and the standard sys.mk file. The purpose of make.conf is to control the compilation of the FreeBSD sources, documentation, and ports.
The system build procedures occur in the following areas: the world, the kernel, documentation and ports. Variables set in make.conf may be applicable in one, two, or all four of these areas. In addition, control variables can be specified for a particular build via the -D option of make or in environment.
Print This Post
How To Install and Configure Squid as Transparent Proxy Server under Linux and FreeBSD
Squid is a proxy server and web cache daemon. It has a wide variety of uses: caching web, filtering traffic, caching DNS and other computer network lookups for a group of people sharing network resources.
Squid is primarily designed to run on Unix-like systems but it also runs on Windows-based systems. In this tutorial I'll show you how to install and configure squid proxy server to run under Linux and FreeBSD.
A proxy server software is based on the TCP/IP protocol. It monitors a special port such as 3128 or 8080. A computer who runs a proxy server software is called a proxy server. If other computer want to connect to Internet through the proxy server, it should know the proxy server's IP address and proxy port.
Print This Post
FreeBSD: How To Install Lighttpd with PHP5-FastCGI and MySQL Support in FreeBSD 8
In this article I'll show you how to install and configure Lighttpd web server on FreeBSD 8.1 with PHP5 support (through FastCGI) and MySQL support.
1. FreeBSD port tree update
Update FreeBSD ports using the following command:
portsnap fetch update
Once is done, we can proceed with the next step.
Print This Post
How To Set Up an OpenBSD Router – Step-by-Step Tutorial
This article is a step-by-step guide about how to set up OpenBSD system that will act as a network router that takes advantage of the OpenBSD's PF packet filter.
1. OpenBSD Installation
Install OpenBSD by using this tutorial.
Now that you have OpenBSD installed, lets proceed with the next step.
2. OpenBSD Network Configuration
The network interface is configured at boot time using the /etc/hostname.if files, where if will be replaced by the full name of your interface, for the example above, /etc/hostname.xl0.
The layout of this file is simple:
address_family address netmask broadcast [other options]
Print This Post
How To Install and Integrate eAccelerator into PHP5
eAccelerator is an open source PHP accelerator, optimizer, and dynamic content cache which provides a bytecode cache. eAccelerator increases the performance of PHP scripts by caching them in their compiled state, so that the overhead of compiling is almost completely eliminated. It also optimizes scripts to speed up their execution. eAccelerator typically reduces server load and increases the speed of your PHP code by 1-10 times.
1. Install prerequisites
There is no eAccelerator package in the official repositories, therefore we must compile and install it from the sources. Before we can do this, we need to install some prerequisites.
Print This Post
Tip of the day: How to remove duplicate entries in a file without sorting
GNU awk is a programming language that is designed for processing text-based data, either in files or data streams, and was created in the 1970s at Bell Labs.
To remove duplicate entries without sorting them, enter:
gawk '!x[$0]++' filename
Print This Post
Subscribe
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | |||||
Polls
Loading ...Quote of the day
- Mark Twain -
Recent Posts
- Ubuntu: How to install the Classic Desktop in Ubuntu 11.10 (Oneiric Ocelot)
- FreeBSD: How to set up an UPnP Internet Gateway Device (IGD) with MiniUPnP and FreeBSD 9.0
- Ubuntu: How to build and install Linksys AE1000 Wireless-N linux driver on Ubuntu 11.10
- FreeBSD: How to Install and Configure a PPTP VPN server with mpd5 on FreeBSD 8.2
- UNIX Tips: How to find broken symbolic links
Recent Comments
- on FreeBSD: How To Upgrade FreeBSD 7 to 8 Stable Release
- on FreeBSD: How to Install Adobe Flash in FreeBSD 8
- on How To Reset Keyring Password in Ubuntu
- on Ubuntu: How to build and install Linksys AE1000 Wireless-N linux driver on Ubuntu 11.10
- on FreeBSD: How to set up an UPnP Internet Gateway Device (IGD) with MiniUPnP and FreeBSD 9.0
Blogs
Links
Archives
- March 2012 (1)
- February 2012 (1)
- January 2012 (1)
- December 2011 (1)
- November 2011 (4)
- October 2011 (1)
- September 2011 (1)
- August 2011 (1)
- July 2011 (3)
- June 2011 (1)
- May 2011 (1)
- December 2010 (1)
- November 2010 (1)
- October 2010 (4)
- September 2010 (4)
- August 2010 (5)
- July 2010 (3)
- June 2010 (9)
- May 2010 (13)
- April 2010 (23)
- March 2010 (18)
- February 2010 (6)