I would like to use my Ubuntu server machine as a proxy so I can browse a little more securely/privately while I am traveling. I connect to a lot of open Wi-FI networks.I have Squid setup on an old laptop running Ubuntu Server 10.10 at home, and the main machine I will be using to connect to the proxy is a computer running Windows Vista.I am able to connect and use the Ubuntu Server machine as a proxy while traveling with the squid config file modified with http access set to 'allow all'.
Obviously this isn't the ideal setting.After lots of reading and Googling I can't figure out how to allow only my Vista laptop to use the proxy.I'm a little lost with the ACL settings required.
I'm trying to setup OpenVPN in order to connect back to my home network while traveling for secure browsing and such. However, before I can even start trying to set that up I tried to see if I could open port check my computer through the net. And I'm having a hard time doing that.
As far as I can tell, here are my roadblocks: 1. Is ISP (Qwest) blocking my ports? 2. Is my modem doing the proper port forwarding and firewall? 3. Is my router doing the same? 4. Is my firewall on the computer allowing the request?
To minimize sources of error, I've turned off my local and router firewall and setup my router to forward ports. I'm not to familiar with my modem, but I'm pretty sure that the firewall is turned off by default and I think I've done port-forwarding correctly. But still no success when doing an open port check. At this point I don't know how to diagnose the problem.
I need to setup a squid 3 proxy with https bumping. Unfortunately I'm not very familiar with squid and https in general.
I already perfomed the following steps:
1.) compile from source
Code: Select all./configure --with-openssl --enable-ssl-crtd make make install
2.) configuration (http) I used this guide: [URL]
3.) configuration (https) [URL]
The server is now working for http and https, but is the server secure, too? Is the default config already secure or do I need to configure additional security features? (e.g. things like cert validation, cert pinning, [dont know what's importend], ...)
how to setup a secure and reliable server, i have three ubuntu 10.10 servers a Dell PowerEdge 850,1850 and 2850 which has a Dell PowerVault 220s attached to it.The Dell PE850 Server Consists of:
Intel Pentium D 3.0GHz 4 GB RAM Eventually 2x250GB Sata Hard Drives
I would like to setup a reliable webserver, mail server, DNS and Dynamic DNS, DHCP, SQL, FTP, Samba (with Roaming Profiles), PXE Boot Server.I know how to setup most of the server modules, i would just like to know the best way to do it tho. I also want to no how to setup the secuity of the system correctly, and setup and partition up my hard disks to allow for the best reliabilty, even when a server crashes.I would like to now how to set these servers up from start to finish in a sence.
I am going to set up a file server on Ubuntu. I have searched a while, but can't seem to find a guide to what I want. The requirements specifications are the following:File server: possible to upload, change and download files.Linux (Ubuntu) clients, Windows clients if possible.Access restriction to deny access to other than registered users.Only the user should be able to read the content of the files.Ideally root should not be able to see the individual files, but in worst case it is ok for root to see the files.Root should not be able to open the files.Point 1-3 is easy to find out how to set up. But I can't seem to find a way to deny root to view the files. The only solution I can think of is to encrypt files or a whole folder, but I don't know how to set it up.
The setup is for a home network, but the server used as a file server will have a web server as well. If someone manages to get access to the server I don't want them to be able to read the files.
I'm a newbie on Ubuntu, I have a problem with squid proxy. I'd like to configure a system, include:
- a server is named ProxyServer that is installed Squid proxy. - three servers, are named FTPServer01, FTPServer02, FTPServer03. each server is installed vsftpd. - Clients are installed Filezilla to up/download resource.
All servers are managed by IP address. When a client request a resource, client connect to ProxyServer, this ProxyServer will switch to one of Ftp servers. I do not know how to configure the squid's config file to setup them.
I need the complete reference guide to set up my own SQUID transparent proxy Server with Gateway support. I am using Fedora 14. Please help me with LINKS/REFERENCE. I am a learner in Squid.
I've recently installed openSUSE 11.4 (64 bit) on my system and am experiencing severe performance issues with websites using https (any site using https). Page loads over https take anywhere between 30 seconds to 2 minutes. It's the same issue posted here Secure sites load slow or not at all -- there was no confirmed solution.
- My router/hardware configuration has not changed in a long time and I've run Ubuntu, Arch Linux, and Windows XP on the same machine within the last year and have not had any issues. - I also have a laptop running Arch Linux (kernel 2.6.38) and this problem does not occur using Firefox 4 or Chrome. To add to the madness this problem occurs while running Firefox 4 inside a Windows 7 guest via virtual box, but NOT while running IE 8 inside the same guest. - This issue occurs using Firefox 4, Chromium, Opera, Konqueror, and Arora. - I've disabled ipv6 in Firefox via about:config. - I've disabled ipv6 in yast and have attempted to use both the "ifup" and "networkmanager" options. - I am not using a proxy server. - I've attempted the fix posted in the Ubuntu forums for a similar problem [ubuntu] [SOLVED] Banking Site is very slow.
I am running an Ubuntu Server on a VirtualBox VM running on my windows machine. So I've created a self-signed certificate using the following tutorial: [URL]
From this tutorial I'm left with 3 files: server.key server.csr server.crt
Then I found this very similar tutorial that has an extra bit on installing the certificates in apache: [URL] So I followed it's instructions which boil down to this:
[Code]...
So I'm thinking this should work now. However in Chrome I get: SSL connection error Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have. Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. IE8 gives me a typical "Internet Explorer cannot display the webpage" Note that [URL] fails while [URL] works fine, so it's definitely something in my ssl setup I'm thinking.
Please review my webmin Linux firewall. This is a squid proxy / Firewall / Router. Everything works fine until I change that last line to reject or drop all. Then the traffic behind the firewall that is trying to reach the internet gets borked. I can only assume that something is killing the connections to squid. But everything looks right to me. Here is my prerouting. (please ignore the green box) The red box is the action to be taken following the given rule. But I don't think the problem is in prerouting.
I followed the tutorial found here [URL] but when I try to access [URL] I get the following: Code: Secure Connection Failed An error occurred during a connection to www.mydomain.com. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) Not sure what I might have done wrong... I have retraced all of my steps and I don't believe I missed anything.
I'm learning to secure my server in the best way I can think of: By learning to attack it. Here's what would like to accomplish. I have SSH set up on a linux box in a offline lab environment. Username: root Password: ajack2343d Now, I know I can simply brute force this as I know the password, but there has to be other ways, and I wish to learn them.
I've set up a server for the first time today and I'm reading up on how to secure it. But I was wondering if anyone here would give me some tips from personal experience on what to do before going online with my website for the whole world to see. I'm running Ubuntu Server edition and Apache. Am I good to go with default settings or is there anything recommended that I should first do?
I am trying to setup a web-based secure ftp client that can handle not only file transfers to and from one of my company's servers, but also allow new clients of ours to visit our site, create an account of their own and use it to log in and begin transferring files. This way, the users can manage their own accounts.
I don't know a lot about exactly what is running on our server, though I am almost positive it is debian based. I really only have access via ssh and ftp. I may be able to do more in the server room, but haven't tried. I thought about using net2ftp, but that doesn't seem to work with sftp, and also doesn't allow the creation of new users on the server.
Is there anything out there for me??You will undoubtedly require more information from me, so please let me know what it is and where I can find it and I'll get back to you as quickly as I can.
I'm trying to setup an Apache server on my computer which will allow browsing of files in a specific directory and subdirectories, without needing any sort of authentication.
I've got the Apache2 server up and running through yast, and everything works fine as long as I try to point it to the /www/htdocs folder. However, I want to point it at another folder, which is on another partition. This partition is formatted as NTFS, if that matters at all (here's some background on some permissions issues I had with the NTFS partitions recently).
When I change the "Directory" setting in the Yast http server configuration utility to the directory on the NTFS partition I wish to use, attempting to access the server results in the following error:
Code: Access Forbidden: You don't have permission to access the requested directory. There is either no index document or the directory is read-protected. If you think this is a server error, please contact the webmaster.
Error 403 192.168.1.100 Mon Jun 13 23:43:29 2011 Apache/2.2.17 (Linux/SUSE)
Been messing around with Ubuntu 9.1 for the last few weeks and am loving it so far. Been trying to get in the terminal and learn a little something, to no avail. LOL I have been googling and searching the site today for info on networking. My Linux box is a desktop, with my main HDD mounted with music, and movies and some other stuff. My intent is to network the two laptops in the house (Windows XP and Windows 7) to the Linux box so I can listen to my music and watch movies when not in the office. I have found some info, mostly involving Samba, and plan to install Samba tonight and fiddle with it. My issue was with security. I have read a few posts and they talk about the fact that if you share files in this manner, the set up is not secure at all. Is this something i should really be concerned about? If the folders I share only have my music and videos in them,
I had a Samba server that worked as expected, but after four years of operation, I had to upgraded for a different reason. After much pain and agony, Samba *almost* works.The Big Problem: On XP, the Samba server "Scully" appears in "My Network Places". On the Vista and Win7, the server is not seen in "Network". The shares can be accessed and mapped if the name \Scully or IP address is provided \192.168.X.Y, but it can not be browsed.
to configure squid as a non-transparent proxy? I understand https cannot be filtered using squid as a transparent proxy. So i need to find out how to configure squid for https filtering.
I'm trying to setup an open-source project, I have a couple of developers on the team but nobody has experience with Apache. I would like to setup a simple home server for Bugzilla on Ubuntu 10.04, so my question is, is there a server that comes secure out-of-the-box so that simply adding files to /htdocs would suffice?
I have set up squid3 and dhcp server on my Ubuntu 10.04 box with IP address of 192.168.0.160. Single network card.Squid runs on port 3148. Everything works fine for the users provided that I set up the proxy details manually on each client pc.I want to set up the Squid to run as a transparent proxy and after reading around I have done the following.In the Squid3 conf file I have entered http_port 3148 transparent.Dropping to Root ( sudo -i )However the transparent proxy does not work and if I enter iptables -L I can see that the rule above has not been retained. The default rules in iptables only show up.
My current setup is a slack based distro with Squid 3.0 running in transparent mode with WCCP. Web filtering and AV scanning works great but we need to go a step further and introduce port filtering into the setup. I can easily accomplish this with iptable entries but only if I point to the proxy directly; the goal is to do this completely by interception. So far I've had no luck doing this with iptable entries or with squid ACL's and I am wondering if there's something that I am missing or just not doing correctly. So far during testing I've just been testing with common IM chat ports such as MSN and Yahoo. I am currently trying to setup a test lab with squid and 2 NICs with one NIC connected directly to the internet but this is not a route I would like to go.
I would like to set up a proxy server at home which i can use to access sites from work. I was thinking a web-page i log into and then a sort of use like a browser? like this for example, but where i can have a secure login
I am going to be away semi permanently and want to create a VPN that will allow me to act as if my laptop was connected to my home network.
All I want is for the drives to be accessible so I can use them for primary access as if they are in the laptop.
Questions:
1. Can I set up a Linux VPN that is secure using public WiFi (or however I connect to the net) when I am on the road?
2. I will be using a desktop (32 bit) as the server, what version of Linux would be best for this?
3. If my server is linux and the server drives are NTFS will they be accessible using a windows machine? (I will be double booting the laptop)
4. I would like to set up a pass-code that is stored on the laptop so that only that machine can get access.
This can be up to 255 characters and encrypted so it would be very hard to break. Even I would not know what it is. (I would store it on a pen drive and be able to recover it from there.)
One more. I might want to add separate users that only have access to their one drive, not the server drive. Is that OK?
I installed AWSTATS on my LAMP 10.04 LTS and followed several tutorials URL...) but I can't secure the folder, either by an alias or by .htaccess. I tried both methods manually and by using Webmin.If you go to the URL www.mywebsite/awstats/awstats.pl it shows up, which is good, but this is the default installation site and anyone who knows awstats could possibly see my stats. The conf folder is /etc/awstats/, and I did an alias for that, then .htacess, but neither worked. With the .htaccess, I would get a password promt but the full stats page was visible behind the password promt, and if you clicked "Cancel" about 20 times or so the promt would go away and the full stats page would be visible.
The actual file that powers awstats is in /usr/share/lib/cgi-bin/awstats.pl, and I also tried an Alias and .htaccess seperately and neither worked.I restarted apache2 after each change and I've searched several forums, but I still can't figure this out.
I ended up setting up a basic linux file server as a pdc for that office. Our main office is a windows 2000 ads domain. The two offices are connected with a vpn. I only have two users at the new location so I simply have the linux and samba usernames/passwords setup manually. I would like to know if it is possible to setup a domain trust between the two sites so I don't have to create a username/password in the remote site for every user at the main office to access. I did some searching but came up empty.
I'm running Ubuntu Server 9.10 and I'm looking to setup an FTP server. I have SSH running beautifully and it's accessible from any computer whether it be inside the network or coming in from the internet (provided you have the administrator username and password ). I've tried Proftpd and vsftpd and have failed miserably so far. Which FTP server application do you think I should go with and how could I go about setting it up through my SSH connection?
My current setup is this: - Ubuntu Server 9.10 with Fixed IP of 192.168.1.100 - 500GB Hard Drive - SDA1 = 512MB ext2 /boot - SDA2 = 2GB swap - SDA3 = 20GB ext4 / - SDA5 = 438GB ext4 /home - One User (Username = administrator) - Full SSH Capabilities - IP Address to DNS provided by www.dyndns.org - WRT120N Router with Remote Access and Port 22 Open
I basically want to set up a secure FTP server that anyone on the internal network can access as well as anyone from the internet (as long as they have a username and password). I want to setup a username and password for each user so that they all have read/write access to the same folder in my /home partition (I'll call it FTPSHARE).
