Here are some of the best Linux distributions (in no particular order) specially made for securing computer networks:
DenyHosts is an open source and free log-based intrusion prevention security program for SSH servers developed in Python language by Phil Schwartz. It is intended to monitor and analyzes SSH server logs for invalid login attempts, dictionary based attacks and brute force attacks by blocking the originating IP addresses by adding an entry to /etc/hosts.deny file on the server and prevents the IP address from making any further such login attempt
rsnapshot is an open source local / remote filesystem backup utility was written in Perl language that advantage the power of Rsync and SSH program to create, scheduled incremental backups of Linux/Unix filesystems, while only taking up the space of one single full backup plus differences and keep those backups on local drive to different hard drive, an external USB stick, an NFS mounted drive or simply over the network to another machine via SSH
Ubuntu Landscape; their systems and server management tool that allows patching and management of 1000’s of Ubuntu servers from a single console.
The beauty of Landscape is that if you have 1000 Ubuntu servers you can update the software and patch them on the go from a single view, you can even click on each server to get the hardware and software inventories, see the reports on what processes are using the CPU etc all from a single tool.
I have recently been writing automated scripts and came across a nice set of beginner to advanced bash youtube videos. This tutorial goes over making a universal update scripts for multiple distribution which is great for the enterprise network administrators.
Linux administrator should be familiar with CLI environment. Since GUI mode in Linux servers is not a common to be installed. SSH may the most popular protocol to enable Linux administrator to manage the servers via remote in secure way. Built-in with SSH command there is SCP command. SCP is used to copy file(s) between servers in secure way.
The below command will read as “copy source_file_name” into “destination_folder” at “destination_host” using “username account”.
scp source_file_name username@destination_host:destination_folder
There are much parameters in SCP command that you can use. Here are the parameters that may useful on daily basis usage.
Recently I’ve had a problem with one of the packages (“puppet-dashboard”) that went broken after system upgrade, so that no updates or even new software could be installed. Here’s an error message I kept getting:
dpkg: error processing puppet-deshboard (--remove):
subprocess installed pre-removal script returned error exit status 127
That’s a nasty problem cause it has to be solved per hand – no automatic fixes via update manager with apt-get -f install failing to fix anything. I also tried the force removal of the package this way:
sudo dpkg --remove --force-remove-reinstreq PACKAGE_NAME
And it didn’t work either. So the solution here is to find all the package files, move them to a temporary directory and then force-remove the package. Following code did the job (replace PACKAGE_NAME with the name of the broken package):
sudo mv /var/lib/dpkg/info/PACKAGE_NAME.* /tmp/
sudo dpkg --remove --force-remove-reinstreq PACKAGE_NAME
Computer security is once again becoming a hot topic for administrators. There are dozens of new sites springing up around the web, and each is slinging their own ‘Perfect’ setup instructions. They have the usual bell curve of good advice, okay advice, and advice that will effectively leave you with a smoldering pile of rubble where your data used to be. Here, we're going to discuss locking down a CentOS 5 system the proper way. This proper way is based on the NSA RHEL5 guide, Steve Grubb's RHEL Hardening presentation, and other reputable sources.
OK, fire up your Linux systems and follow along with me for this user and group administration tutorial. This article is your short course on user and group administration using some commands that you’ve perhaps never seen or used before. User management doesn’t have to induce hair pulling (yours or theirs) nor does it have to make you hate user’s existence. Following a single, simple rule will make your life as a system administrator easier: Give your users access to what they need, no more and no less.
Any salty system administrator (SA) will tell you that you’re supposed to manage users with group permissions, and that’s true, but you still have to create those users, place them into groups, remove users and manage user access. It is these basic user management activities that you’ll explore in this week’s post.
The find utility on linux allows you to pass in a bunch of interesting arguments, including one to execute another command on each file. We’ll use this in order to figure out what files are older than a certain number of days, and then use the rm command to delete them.
NTP is a TCP/IP protocol for synchronising time over a network. Basically a client requests the current time from a server, and uses it to set its own clock.
This can be made easy by mounting Windows shares on the server. You will be accessing Windows files as if they are local and essentially all Linux commands can be used. Mounting Windows (or other samba) shares is done through the cifs virtual file system client (cifs vfs) implemented in kernel and a mount helpermount.cifs which is part of the samba suite.
The following names are used in our examples.
I spent some time this afternoon researching what was required to have my servers authenticate to my gmail account and send me the mail that way. This setup assumes Ubuntu 8.04 (or later) and Postfix.
Install the required packages
You need to disable the following services to disable firewall under Red Hat Enterprise Linux or CentOS Linux version 4 / 5 / 6.
[a] iptables - IPv4 iptables firewall service.
[b] ip6tables - IPv6 iptables firewall service.
Type the following command as the root user to disable firewall for IPv4:
# service iptables save
# service iptables stop
# chkconfig iptables off
iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Unloading modules: [ OK ]
Sample output with verification (see below):
Darkstat is a network statistics gatherer.Effectively, it's a packet sniffer which runs as a background process on a cable/DSL router, gathers all sorts of useless but interesting statistics,and serves them over HTTP.
Install Darkstat in Ubuntu
sudo apt-get install darkstat
This will complete the installation.Once you finish the installation you need to edit the the file located at /etc/darkstat/init.cfg
sudo gedit /etc/darkstat/init.cfg
# Turn this to yes when you have configured the options below.
Now you need to start the darkstat using the following command
sudo /etc/init.d/darkstat start
This will start the darkstat process
Now if you want to see your network stats go to http://youripaddress:666
Here you can see some of the screenshots for darkstat
Once you open the http://youripaddress:666 you should see the following screen
To make an ISO from your CD/DVD, place the media in your drive but do not mount it. If it automounts, unmount it. (ubuntu automount so you need to unmount, that's quite easy, just choose the option unmount from the shell).
dd if=/dev/dvd of=dvd.iso # for dvd
dd if=/dev/cdrom of=cd.iso # for cdrom
dd if=/dev/scd0 of=cd.iso # if cdrom is scsi
To make an ISO from files on your hard drive, create a directory which holds the files you want. Then use the mkisofs command.
mkisofs -o /tmp/cd.iso /tmp/directory/
This results in a file called cd.iso in folder /tmp which contains all the files and directories in /tmp/directory/.
For more info, see the man pages for mkisofs, losetup, and dd, or see the CD-Writing-HOWTO at http://www.tldp.org.
I just need a help to show me how to setup java path on Linux. How can I set JAVA_HOME and PATH variables for every user under my Linux system?
~/.bash_profile is a startup script which generally runs once. This particular file is used for commands which run when the normal user logs in. Common uses for .bash_profile are to set environment variables such as PATH, JAVA_HOME, to create aliases for shell commands, and to set the default permissions for newly created files.