Block IPs by country – Apache

Step 1 If you are using debian or ubuntu, install the mod-geoip package. sudo apt-get install libapache2-mod-geoip   Step 2 Enable GeoIPEnable, edit geoip.conf

  Step 3 Find Country Code Lookup: https://en.wikipedia.org/wiki/ISO_3166-1 In Apache vhosts file, outside of the </Directory> tags:

Step 4 service apache2 restart  

Linux – if anyone logs in notify SSH

Put the following in /etc/profile: The script /etc/profile is executed at every login (for bash shell users).  

  If you have issues delivering mail to a GMAIL inbox, make sure your domain is the first entry in /etc/hosts.. 127.0.0.1 .

Fix Open Postfix Relay – Unauthenticated Email

If your mail server is left open, anyone can use your SMTP service to send mail, and spammers will use it. This can result in your server being blacklisted and extraneous use of system resources that neither benefit you nor your users. Postfix logoTo secure Postfix, there are a number of functions you can add[…]

UNIX – Fork Explained

Mr. Peabody Explains fork() Introduction How Windows Does It How Unix Does It So Why Do People Want the Unix Way? How does it work in Perl? Introduction Say, Mr Peabody. I was just reading through the Perl 5.6 release notes and noticed that a new function called fork() is now supported in Perl. In[…]

Ubuntu – What package does a file belong to??

or

  To install apt-file, use:

You will need to update its database before you can use it:

Ubuntu – Which Process is Using a port?

1- Find what application/process is using the pro, type: sudo netstat -lpn |grep :8080 and press Enter. You will get an output similar to this one tcp6       0      0 :::8080                 :::*                    LISTEN      6782/java 2- I have got the process Id, which is 6782, now this is the process that is using port 8080.  

Heart Bleed – Exploit Example Code

If you need to test your server for the vulnerability, here is a simple Python script… [python] #!/usr/bin/python import sys import struct import socket import time import select import re from optparse import OptionParser options = OptionParser(usage=’%prog server [options]’, description=’Test for SSL heartbeat vulnerability (CVE-2014-0160)’) options.add_option(‘-p’, ‘–port’, type=’int’, default=443, help=’TCP port to test (default: 443)’)[…]

SFTP Only for a user – Debian

Add the user info the sshd_config file in /etc/ssh/sshd_config Ensure the line is uncommented; Subsystem sftp /usr/lib/openssh/sftp-server Match User userbob ForceCommand internal-sftp ChrootDirectory /home/userbob X11Forwarding no AllowTcpForwarding no Ensure the home directory is not group writeable. It should be 755. /etc/init.d/ssh restart service ssh restart Test the login via SSH, the result should display this[…]