Acerca de Linux, BSD y notas personales

Archives for Linux category

OSSEC

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.

http://www.ossec.net/

.htaccess

USING .HTACCESS & HTPASSWD TO PROTECT YOUR FILES FROM UNAUTHORIZED ACCESS


It is possible there are parts of your site which you would prefer that not just anyone have access to. APACHE and other web servers provide a system that you can use to control access to certain directories on your website. You might have a family photo album on line that you want only your family to see. No matter what your little secret is, I will show you how to help keep private things a little more private. I am sure that in your surfing around on the ‘Net you have every once in a while run into:

password request
not a real screen!
This is not JAVA or CGI-BIN, but something that is very easy to implement- even for a newer web author. The .htaccess feature of your server is activated simply by placing a small file in the directory you want to protect. Guess what the file is called? Yes, you’re correct! .htaccess

Before taking you through the steps of setting up this protection scheme, please take a moment to look at some things you should know.

  • Nothing in life is truly secure. There may be holes in this system.
  • The user name and password are transmitted as plain, readable text, they are not encrypted.
  • If you plan on giving passwords to people, keep in mind that it is an extra maintainence function for you to perform.
  • To setup .htaccess you must be able to access your server using telnet, this cannot be done using FTP. If you do not have telnet access to your site, check your provider’s FAQ or reference pages to see if they have a script you can use for setting passwords.

Setting up an .htaccess Protected Directory

Installing the .htaccess involves a few steps. The most important thing is to make sure you do not install the .htaccess file in your main web directory. If you do, everyone will be locked out of your website. Unless this is what you want to do, make sure you create the directory and are located in it before creating the file.

  • Step 1: See where you are. At your prompt enter the command pwd to see what directory you are in. If you already have made your new directory and are in it- go to Step 3.
  • Step 2: issue the command mkdir dirname where dirname is what you want to call the directory you will be protecting. Then enter the command cd dirname
  • Step 3: Using an editor such as vi or pico, create a file called .htaccess (lower case letters of course- with the leading period) that looks just like this:
AuthUserFile /usr/www/dirname/.htpasswd
AuthGroupFile /dev/null
AuthName “The Secret Page”
AuthType Basic

<Limit GET POST>
require valid-user
</Limit>

  • Step 4: Change the AuthUserFile so that the UNIX PATH matches that of your system. This is where the password file that we will create in a moment will reside.
  • Step 5: Change The Secret Page to be whatever title you want to have appear on the password box.
  • Step 6: To create the password file, issue the following command: (NOTE: you only do it this way to create a new file)

htpasswd -c .htpasswd user_name (where user_name is a name)

If you get a message like, htpasswd: not found enter the command type htpasswd. If that doesn’t do the trick, try which httpd. If htpasswd is not in your path, you will have to add that directory to your path or enter the command as /what/ever/dir/htpasswd -c user_name

  • Step 7: The system will ask you to enter the password for this user. It will then ask you a second time to confirm your typing.
  • Step 8: Continue to add new users, but with this version of the command. The -c option is only for the initial creation of the file.

htpasswd .htpasswd new_name

That is all there is to it! If you experience any unexpected problems, or you change your mind about restricting access, just issue the command:

rm .htaccess

Change Logo Untangle

We did it, I kept the Untangle logo but add our own logo next to it.

Hold down control and shift and click on the “setup info” tab under config.

This brings up the “secret” panel for rebranding - you can insert your own logo which will replace the logo on the block pages, quarantine, client, etc.
You can also supply a new name, email, etc.

vyatta transparent firewall

ethernet eth0 {
disable: false
discard: false
description: "Config Interface"
hw-id: 00:0C:6E:8E:00:00
duplex: "auto"
speed: "auto"
address 192.168.1.1 {
prefix-length: 24
disable: false
}
}
ethernet eth1 {
disable: false
discard: false
description: ""
hw-id: 00:00:E8:70:00:00
duplex: "auto"
speed: "auto"
bridge-group {
bridge: "br0"
}
}
ethernet eth2 {
disable: false
discard: false
description: ""
hw-id: 00:E0:7D:EA:00:00
duplex: "auto"
speed: "auto"
bridge-group {
bridge: "br0"
}
}

The bridge interface is:
bridge br0 {
description: "Bridge"
disable: false
aging: 300
stp: false
priority: 0
forwarding-delay: 15
hello-time: 2
max-age: 20
}

nmap

nmap -T Aggressive -A -v

Tags:

reset ilo2

There is a known problem with the iLO2 console management devices causes the iLO2 to become unresponsive to certain tools including the HP XC power daemon and the iLO2 Web interface. When this happens, you will see CONNECT_ERROR messages from the power daemon.Additional symptoms include not being able to use the iLO2 Web interface and not being able to control the node’s boot options through the Onboard Administrator (OA) on HP server blade enclosures.When the problem occurs, the iLO2 is not completely dead; only parts of it are hung.You can clear up the problem using two methods:

  • Completely remove power from the node by either removing the power cord or in the case of an HP server blade, removing the server from the enclosure. Wait 15 seconds and restore power to the node. This restarts the iLO2 . Of course, doing this also reboots the node.

  • If you do not want to reboot the node, you can reboot the iLO2 device through the iLO2command line interface (which is not hung) as follows:

    1. Use telnet or ssh to access the iLO2 device that is hung.
    2. Log in to the iLO2. Use the standard XC user name and password you defined for your console devices.
    3. Reboot the iLO2:
      reset map1

IP masquerading

http://linuxfocus.org/Castellano/May2000/article151.shtml

Hide sendmail version

vim sendmail.cf

Cambiar lo siguiente:

# SMTP initial login message (old $e macro)
#O SmtpGreetingMessage=$j Sendmail $v/$Z; $b
O SmtpGreetingMessage=$j Sendmail ; $b

Hide apache and php version

http://nixcraft.com/server-configuration-tutorials/746-apache-php-web-server-security-hiding-version-information.html

How do I Hide Apache Version info?
Open httpd.conf file (located in /etc/httpd/ directory /etc/apache2/ )

 

Code:

vi httpd.conf

Set Apache ServerTokens to product only but don’t show version and other info:

 

Code:

ServerTokens Prod

This directive controls whether Server response header field which is sent back to clients includes a description of the generic OS-type of the server as well as information about compiled-in modules.

Setting this to Prod only displays Apache and nothing else.

Set Apache ServerSignature off

 

Code:

ServerSignature Off

The ServerSignature directive allows the configuration of a trailing footer line under server-generated documents.

How do I hide php info?
Open php.ini (located in /etc/php.ini or /etc/php5 or /etc/php4 directory)

 

Code:

vi php.ini

Make sure php does not display errors and other php information. Modify add setting as follows:

 

Code:

expose_php = Off

display_errors=Off

register_globals = Off

Also send all errors to /var/log/php-scripts-error.log and not on screen to end user. It can provide serious information to user.
error_log = /var/log/httpd/php-scripts-error.log

Restart Apache.

 

Code:

/etc/init.d/httpd restart

Now all php script errors are written to /var/log/httpd/php-scripts-error.log. Ask your website developers to use following commands to view log files

 

Code:

tail -f /var/log/httpd/php-scripts-error.log

vi /var/log/httpd/php-scripts-error.log.

For more info please read Apache 2 docs http://httpd.apache.org/docs/2.2/mod/core.html

Procesor HVM

processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 15
model name      : Intel(R) Xeon(R) CPU            5130  @ 2.00GHz
stepping        : 6
cpu MHz         : 2000.082
cache size      : 4096 KB
physical id     : 0
siblings        : 1
core id         : 0
cpu cores       : 1
fpu             : yes
fpu_exception   : yes
cpuid level     : 10
wp              : yes
flags           : fpu tsc msr pae mce cx8 apic mtrr mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall lm constant_tsc pni monitor ds_cpl vmx tm2 cx16 xtpr lahf_lm
bogomips        : 5002.72
clflush size    : 64
cache_alignment : 64
address sizes   : 36 bits physical, 48 bits virtual
power management: