I am having trouble trying to setup an FTP server, so i made a video lesson to show how it is done PROPERLY. I actually had this before, but it was poor quality, and i went through it a little fast; so this time it is better quality and i explain more details. You can find it here:
[Code]...
I am creating an FTP server using VSFTP. It will be in the wild, initially at least only functioning as an FTP server. I have the iptables config from the previous box I set up 3-4 years ago. I have also got private/public key authentication running with SSH to eliminate brute force attacks.
Here is where is my specific question. On the old server I set up something that allowed my clients to log in using accounts that were not system accounts but would translate to a single system account that was limited to FTP. I remember setting up a passwd account that had username / password pairs that FTP used for authentication.
What app is this? Is it just part of VSFTP or maybe SELInux? I really want to utilize this.
I have to deploy a server to some customers that should not be given access to the server itself. I know that nothing is 100% secure but I've searched without finding a decent answer (maybe I googled for the wrong terms ?)I need some advice about encrypted filesystem. * The server must boot without asking for a passphrase (the server will be in a restricted access area so typing a password could take a while). I can't store the password for luks in an unencrypted file so it seems a loop to me. The only way out I can see is to store the passphrase in the boot binaries (better than nothing...) but this results in more work for me.* possibly the customer should not be able to move the hard disks to another pc, i.e. reading the passphrase from some unique hardware ID. This is risky but I could add a master passphrase to be used in case of hardware replacement
View 3 Replies View RelatedI am pretty new to the Fedora 11 world. I have maradns installed on it and I'm using it as my server. What is the best way to make my machine secure. This is just a project of mine so I can become familiar with sys admin on Fedora. It doesn't have to be ultra secure, just a decent level of security would be nice. Any links or information would be greatly appreciated. Btw, I currently have selinux disabled. I'm not familiar with it and it was giving me problems so I had to disable it.
View 4 Replies View RelatedWe have a public server and it can be accessed from any where through ssh.
My question is my server should not allow anyone directly to login as root user. First he should login as normal user then he should switch to root user.
I also have another questions is there any specific linux command is there to end other users ssh session without rebooting the server.
I installed OpenSSH via tasksel and am using Webmin for administration. I'd like to be able to SSH externally and want to setup the necessary public/private keys to use in FileZilla.
In Webmin, under Servers > SSH Server I can click 'Host Keys' and see an RSA key. Is this the public or private key for my server? Do I need to copy this into a text file to import it into FileZilla on my remote PC (that I want to connect from)? Is that all that needs to be done (aside from opening the port on my router/firewall)?
Is there an automated way to set this up via Webmin?
I have a blog on my site and am using htaccess rewrite rules to block all those nasty scripts from trying to execute various things mostly relating to phpmyadmin and wordpress. This has reduced my httpd error logs to less than half from before.
Am trying to come up with a rule to rewrite all calls to certain files if they are not originating from my domain, here is how it looks right now but it's not working as I can see scripts trying to hit "wp-comments-post.php" getting a 500 Internal Server Error.
I have an Ubuntu Lucid server that is public facing. I haven't really configured much on it except installing SSH (sshd) and Apache (httpd); I don't have a firewall or anything. Are there some common rules that I should follow to secure my system? I've been following this article on securing my Apache.
View 1 Replies View Relatediam working on mail server in redhat centos. i want to know how to secure my mail server for heavy loading , any monitoring tools in GUI or console , is any essential tool which is used in Like MNC for mail server..
i know few command in like top,netstat,etc through google but i willing to know some more
I'm running an SFPT server which my clients logon to using an FTP client. at the moment each client has a user name and password.
Thus far to improve security I've disabled root login but an looking for futrhrt ways to protect it from attack, having researched using google some of the security features suggested prevent the FPT clients from connecting.
Questions:
1- what further things can i do to secure my server that still allows it to be usable for FTP clients?
2- specifically is it possible to use non login pre-share key authentication?
How i set up the server is shown here: [url]
What are the steps to and Procedure to follow for securing Linux Server???
View 3 Replies View RelatedWe want to set up a Linux server (hosting Git or later SVN repositories) which should have all stored data strongly encrypted, so that if one steals the server the data cannot be read. For example, our notebooks have all important data stored on a "true-crypted" partition.
We plan to access it with SSH private keys and only after successful login should the data be readable. The server would be located in our office, shut down at night and not be connected to the Internet directly, but only accessible in our intranet.
I'm still new to PHP and SQL, but all the tutorials I've found connect to the database like this:
PHP Code:
Right now I'm just doing local network tests before exposing everything to the Internet.
Wouldn't leaving the password in there as plain text be a huge security issue? I tried downloading the php file off the server, and it just comes down blank. So does PHP already have a security feature that doesn't allow anyone to just nab PHP files off the server?
And for Postgre, I have pg_hba.conf set up to "trust" it's own IP address:
Code:
Would I need to use something like Kerberos, PAM, or ident authentication? Right now the only plan is to use it as login system for a website. The clients themselves won't be accessing the DB itself, because all the DB access will be through PHP.
About apache security. How to protect web-server from programms like phpshell [url]?
View 8 Replies View RelatedRecently I've been going over a few resources (like Guide to the Secure Configuration of Red Hat Enterprise Linux 5) some forum members have provided and I've been using other resources I use for work (like the UNIX STIG requirements). I would like to improve my skill-set on hardening a linux server (for work and personal interest). Is there a specific linux distro I can install that is purposely corrupted/vulnerable where the sole goal is to secure it, and then have the means to scan it to make sure all vulnerabilities are patched and secured?
View 6 Replies View RelatedI am relatively new to linux having only used ubuntu 9.10. Trouble is for all the talk of how secure ubuntu is, truth is it kept getting remote hacked (I have a stalker who is messing with me) over and over so now I am going to try fedora in hopes of finally having a secure system. My question is, what steps do I need to take to try to secure Fedora 12?
View 9 Replies View RelatedI am stuck with an issue related to domain hosting. Currently i have an application hosted in my own server using a static ip from a service provider. I got a domain name from another domain provider. Everything went in right way till when i click my url in browser using internet through another system. I am able to see my application when i use my ip address, where as when i use my domain name its not working.
[Code]....
I am trying to set up a ssh server on my mom's box that is running Fedora 14. I have set the server up and when I am logged onto the box locally, it lets me log in. But when I try to shell in from my apartment some miles away, I get the following error:ssh: connect to host 71.176.165.28 port 22: No route to host.However, when I try to ping it, the machine is reachable, and traceroute likewise gives me a clear route to the remote machine.
View 7 Replies View RelatedWhat would i need to do to set up a mail server on Fedora 12? I already have a secure file server running on it, and im curious what it would take to also use it as a mail server.
View 5 Replies View RelatedHow to setting web server in linux fedora 11?
View 4 Replies View RelatedI will be getting an old and decrepit laptop (the PS2 channel went out). I have decided that I would like to set it up to be an email and minor data server. The only problem exists that I have never setup a server, yet alone a linux server before.
I want the server to allow user authenticated access to a certain folder on the machine where other clients can go and copy and paste files for the data server portions and I want it to download emails from multiple domains (Gmail, a Microsoft Exchange Server, and from a private domain) and then allow other clients to log in and download those messages (I would like to keep each domain's emails separate so the client has to specify which domain's emails to download).
I am trying to set up a nfs server on my Fedora 11 host machine so that my virtual machines on the same host can access files on the host.The ip address of my host machine is 192.168.1.132The ip address of my virtual machine is 192.168.122.180I can ping successfully from host to virtual machine and vice versa.On the host machine, I have the following :1) Edited /etc/exports to add this one line./home/stardust496/files 192.168.122.180(rw,nohide)2) service rpcbind restart3) service nfs startOn the irtual machine, I do the following:1) mkdir /mnt/files2) mount 192.168.1.132:/home/startdust496/files /mnt/filesBut the mount call does not succeed. (It hangs for a while and then returns saying that it did not succeed)
View 3 Replies View RelatedI have been confused with the overall new 389 DS Server Setup.All I did upto now is:yum install 389-ds
and it did all the installation correctly.
All I need is Setup 389 Server with SSL.I did went through http://directory.fedoraproject.org/wiki/Howto:SSL but no Idea how to proceed.I am confused with the following points:
1. Do I also need to run setup-ds-admin.pl and setup-ds-dsgw too?
I tried running setup-ds-admin.pl and it stucked at :
The server 'ldap://389-ds.sap.com:45474/o=NetscapeRoot' is not reachable. Error: unknown error.
2. When Should I run the setupssl2.sh script? After running the above setup-* scripts?What changes I need to make on the script?
While building my new server I grinded ta hold shortly after inserting the FDR10 DVD.
Hardware:
Chenbro es34069
Albatron KI690-AM2
AMD Athlon X2 64 4850E
IDE 2.5" HD (master)
IDE Slimline DVD (slave)
4x SATA II swap (still empty)
It stops at the message "net: Registered protocol family 2" but in one of my desperate attempts I changed almost every setting in my BIOS (updated to 1.07) and all of a sudden it passed on. Stupid enough I figured it would be a small effort to find the setting and figure out the problem, so I changed them one at a time after loading the defaults....
i have fedora5 installed on my machine MACH1, which acts as a linux server for few machines. Its over network and we have a dedicated mail server too which is globally accessible. I wanted to set up a local mail server on MACH1, so that i shall be able to send/receive mails from all the users as well as to our other global mail server(on internet).
View 3 Replies View RelatedI have recently developed the need for having a file server and am interested in setting up my desktop as a Samba File Server. The problem is that I need to be able to access it from outside networks (physically I'm about 10 miles away from my home network),o I need to also set up some sort of DynDNS service so that I can access the server from anywhere.With this, with setting up a DynDNS, setting up Samba, and setting up my machine to be secure enough for these types of actions. (I just want to make sure it is secure enough since it will need to be detectable from the internet.)
View 8 Replies View RelatedI wanted to set up Computer Lab. loading Fedora 11 OS and one system acting as a Server to store Users(Student) Login Informations. When students do a programs, all programs (eg, C++ programs) files should be saved in the local fedora system but when login to the system, the login should be validate by a Server System.
View 5 Replies View RelatedI'm trying to load a HP Proliant w/ Fedora 11 and setting up as a WFS using Samba. However, I'm a bit confused on how to do it. Right now I have 2 36.4GB drives in RAID 1+0 and 4 146.8GB drives in a RAID 5 config. I wanna use the smaller drive for the OS and the bigger drive for the storage. I've managed to load the OS fine, the problem is I can't figure out how to mount the 4 146.8GB drives as a single logical volume and set Samba to use it. Right now all the RAIDs are setup using the built-in Compaq Smart Array utility (or whatever it's called) that's built into the SCSI hardware or BIOS.
View 1 Replies View RelatedI ran the LiveCD of Fedora SecurityLab and noticed these ports open, 111,631, 34526.How can I close them and what runs behind them. I know 111 is rpcbind, 631 ipp and 34526 is unknown.
View 4 Replies View RelatedRecently I have installed Debian Squeeze amd64 on my home desktop. I have used the standard installation method using DVD. I use my desktop primarily for web surfing, playing games and web application development. I do run apache2 and mysql servers on my system as need arise. I have been told that apache2 server execution without mandatory access controls such as apparmor or selinux makes the system vulnerable.
I could not find apparmor in synaptics, so I choose selinux for this task. To start with I installed identical environment in virtual box and tried installing selinux as given in url [url]. After the last step i.e. after running command selinux-config-enforcing and reboot I get login screen, I choose username and enter password. Thats it. The screen becomes blank and no further progress. I am not sure where did I went wrong. I am also curious whether selinux is really required in such cases or there is any better way to handle such situations. I also thought of running apache2 service from virtualbox. But I did not find it suitable for my requirement though.