Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Search results for IPTABLES Explained Part 4: IPTables and Portsentry, the dynamic duo

Unix+clones

A web server in a shell script

Post date: March 14, 2006, 08:03 Category: Programming Views: 16516 Comments
Tutorial quote: Suppose you want to experiment a little with web pages and CGI's, but you don't want the hassle of installing the full Apache package. This quick and dirty shell script could just be what you need.

Put simply, a web server is an application that sends local text files over the network to the clients that request them. If you let another program (for example inetd) deal with the network part, the web server could be reduced to a mere cat "$filename" to stdout. Of course, the difficult part would be to extract that filename out of the HTTP request string: nothing that a Bash script cannot easily do!
Linux

Building an LDAP Server on Linux, Part 2

Post date: April 15, 2005, 17:04 Category: Network Views: 3639 Comments
Tutorial quote: Welcome back! In Part 1 we learned basic concepts of LDAP and the uses for an LDAP server. Today we'll install and configure an OpenLDAP directory.

A quick note before we get started: this is LDAP 101. We are not installing any kind of encryption or strong authentication; we'll get to that in part 3. In my experience, learning LDAP in small chunks works best. (Then again, perhaps I'm just a bit dim.) So sit back, strap in, and keep your fingers away from the training wheels.

"The wise sysadmin will consult the documentation for their distro; it's quite possible that OpenLDAP will be packaged and ready to go in a pleasing manner (or ready to go in an odd manner--you never know). I'm all for easy--if your particular distribution provides an easy way, use it. RPMs can also be obtained from rpmfind.net, which thoughtfully lists all the required additional packages.

"Debian of course goes its own merry way. apt-get does the job just fine; the tricky bit is finding out the package names. Debian users want ldap-utils; slapd, which is OpenLDAP; and libdb4.1, to get the Sleepycat DB. These three components are enough to get you up and running. apt-get will walk you through a minimal configuration and will automatically start up slapd, the LDAP server daemon.
CentOS

How To Harden PHP5 With Suhosin On CentOS 5.0

Post date: August 3, 2007, 22:08 Category: Security Views: 3787 Comments
Tutorial quote: This tutorial shows how to harden PHP5 with Suhosin on a CentOS 5.0 server. From the Suhosin project page: "Suhosin is an advanced protection system for PHP installations that was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections."
Fedora

How To Harden PHP5 With Suhosin On Fedora 7

Post date: July 25, 2007, 23:07 Category: Security Views: 3288 Comments
Tutorial quote: This tutorial shows how to harden PHP5 with Suhosin on a Fedora 7 server. From the Suhosin project page: "Suhosin is an advanced protection system for PHP installations that was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections."
Debian

Restricting Users To SFTP Plus Setting Up Chrooted SSH/SFTP (Debian Squeeze)

Post date: September 6, 2011, 07:09 Category: Miscellaneous Views: 5299 Comments
Tutorial quote: This tutorial describes how to give users chrooted SSH and/or chrooted SFTP access on Debian Squeeze. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of. I will also show how to restrict users to SFTP so that they cannot use SSH (this part is independent from the chroot part of this tutorial).
Debian

Configuring Dynamic DNS & DHCP on Debian Stable

Post date: February 3, 2006, 01:02 Category: Network Views: 3647 Comments
Tutorial quote: For the average home computer user there is no need to install a complex package such as the Internet Software Consortium's BIND DNS or DHCP server, since there are far simpler lower resource tools to use, for example dnsmasq. For those who you wish to learn how to use ISC's BIND and DHCP, for example as a learning exercise, this is how I got it all to work in Debian Sarge, the current stable version of Debian GNU/Linux.

This short article was prompted by my question on the Debian-Administration forum site, where I was able to get some answers to the issues I faced and I did promise to post a solution if I got one.
Linux

Creating DjVu Documents Linux HOWTO

Post date: July 16, 2006, 16:07 Category: Miscellaneous Views: 3684 Comments
Tutorial quote: This document explains some of the uses of djvulibre implementation of DjVu for creating quality DjVu documents in linux. DjVu format features bitmap document compression and hypertext structure. It is used by numerous web sites all around the world for storing and distributing digital documents including scanned documents and high-resolution pictures. One of the advantages of DjVu files is that they are notably small, often smaller than PDF or JPEG files with the same content. This makes DjVu a helpful tool for digitizing books and journals, especially scientific ones.

Below it is considered the case when a DjVu document is created from a number of separate JPEG files each containing a single page. Here JPEG format is not a limitation, and the examples can cover arbitrary image formats. Conversion from PDF to DjVu is also discussed. Usage of scanner software is not explained: refer to the relevant documentation.
Linux

Backing Up and Restoring Using the cpio Command in Linux and Unix

Post date: May 26, 2006, 18:05 Category: System Views: 2743 Comments
Tutorial quote: The cpio command is one of the most commonly used Linux back up tools.

The cpio command has two unusual features

Unlike tar , in which the files to back up are typed in as part of the command, cpio reads the files to work with from the standard input (in other words, the screen).

This feature means that cpio must be used as part of a multiple command or with a redirection pipe. Examples of this usage are shown in the tables below.

cpio must always be used with one of three flags. Flags are options that set the mode in which the command runs. Only one flag can be used at a time, and it must come before any other options. In addition, the choice of flags limits the options that can be used. Each flag also has a gnu option that can used in its place. The gnu option gives a convenient name for each flag: extract, create, and pass- through.
Linux

Connecting to a Wireless LAN with Linux, Part 2

Post date: April 13, 2005, 19:04 Category: Hardware Views: 3686 Comments
Tutorial quote: In Part 1 we reviewed hardware options, which wireless utilities should be present, how to use Windows drivers, and how to be open to connect to any available wireless access point. Today we'll cover configurations on Red Hat- and Debian-type systems, basic security, and hardware discovery.

Wireless connectivity can be rather overly friendly, allowing connections from anyone. This howto assumes you have a wireless access point on a LAN, which can be all wireless or mixed wired and wireless. You don't want it wide open to just any random person with a desire to snoop on your network or "borrow" your bandwidth, but you want some access controls and security. Your access point should have a unique SSID (service set identifier), WEP (wireless equivalent privacy) or WPA/WPA2 (Wi-fi protected access) set up and working, and either a DHCP server or a pool of assigned IP addresses for clients.
Ubuntu

Installing and configuring FireHOL - Part I

Post date: September 20, 2006, 22:09 Category: Network Views: 7172 Comments
Tutorial quote: This tutorial guides user on how to install and configure FireHOL, a Linux-based firewall.
Web-based applications and online marketing solutions - LumoLink