Posted on May 20, 2008 under Security, Webserver |
It is better to disable ping on your linux servers which will eventually lessen the visibility
of your server. Which also prevents hacking using certain scripts and another optional
thing is to specify a different port range for ssh rather than default 22, it is always better
to specify higher ports.
Wikipedia on “PING” :
ping is a computer network tool used
to test whether a particular host is reachable across an IP network.
It works by sending ICMP “echo request” packets to the target host and
listening for ICMP “echo response” replies. ping estimates the
round-trip time, generally in milliseconds, and records any packet
loss, and prints a statistical summary when finished.
The word
ping is also frequently used as a verb or noun, where it can refer
directly to the round-trip time, the act of running a ping program or
measuring the round-trip time.
Command to disable ping :
echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all
Coomand to enable ping :
echo 0 >/proc/sys/net/ipv4/icmp_echo_ignore_all
Posted on Nov 27, 2007 under Security, Ubuntu, Webserver |
Are you browsing and checking emails or other websites which has no SSL connections unlike banking websites which secures you and make sure every transactions are secured via SSL. (https://somebank.com). Any data that is not encrypted is exposed can be easily sniffed through the LAN network.Doesn’t this bothers you if you are connecting from some WIFI spots from somewhere?
Well this is when Squid comes in. You just need to install squid on a remote server and get it up and running.The server can be your home pc which runs linux or you have remote server will be great.I have installed it on my debian 4.0 , for other distros please refer to the packages and look for squid.
In your Debian type this :
sudo apt-get install squid
And.. Thats about it you are done.Now by default, if you didn’t touch the configurations files that comes along with squid you just need to change the way your browser connect to the internet.For example:
In Firefox:
Edit > Preference > Advanced > Network > Settings
Choose the option saying Manual Configuration and and the http proxy part into “localhost” and port “3128″.And choose “use this proxy server for all protocols”.Next you have create a tunnel to your remote squid server:
ssh -L squidport:ipordomainname:squidport username@ipordomainname
ssh -L 3128:linuxbay.org:3128 gravin@linuxbay.org
Remember that you must be always connected to the remote squid server via ssh tunneling.If you are not, you can’t keep browsing using squid.Now, go to www.whatismyip.com and you will see that your ip is different.This is because you are using a ssh tunneling via squid server into the internet rather than direct connection to the internet. How awesome is that. 
Posted on Nov 08, 2007 under Security, Webserver |
There are many ways to password protect your website.The easiest way is to use .htaccess file to password protect your website. This way, username and password will be requested to visit your website.
Create an .htaccess file and include these lines:
AuthName “My Website, Provide Username and Password”
AuthType Basic
AuthUserFile /full/path/to/.htpass
Require valid-user
create an password file :
In your shell:
htpasswd -c .htpass username
The path to the file must be a full path, for example : /home/gravin/public_html/.htpass .If you don’t have a shell to create the password file then you can use this link here to create one. Password Generator .Then create a file named .htpass and upload it in same location as .htaccess file. The username and encrypted password will look something like this in your .htpass file:
gravin:Z3uvWlkzas0Ck
Thats it, you will be prompted to enter username and password to proceed to your website.