iptables | Linuxaria

How to verify DDOS attack with netstat command on Linux Terminal

May 102014

Your server appearing pretty slow could be many things from wrong configs, scripts and dodgy hardware – but sometimes it could be because someone is flooding your server with traffic known as DoS ( Denial of Service ) or DDoS ( Distributed Denial of Service ).

Denial-of-service attack (DoS attack) or Distributed Denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. This attack generally target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. DoS attacks are implemented by either forcing the targeted computer to reset, or consuming its resources so that it can no longer provide its services or obstructs the communication media between the users and the victim so that they can no longer communicate adequately.

In this small article you’ll see how to check if your server is under attack from the Linux Terminal with the netstat command

How to protect Apache with Fail2ban

Guides 12 Responses »

Apr 232013

Around 2 years ago I wrote an article about fail2ban.

Fail2ban is an intrusion prevention framework written in the Python programming language. It is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally (such as, iptables or TCP Wrapper).
Fail2ban’s main function is to block selected IP addresses that may belong to hosts that are trying to breach the system’s security. It determines the hosts to be blocked by monitoring log files (e.g. /var/log/pwdfail, /var/log/auth.log, etc.) and bans any host IP that makes too many login attempts or performs any other unwanted action within a time frame defined by the administrator.

Today I want to show you some configurations that you can use to improve the security of your Apache.
Continue reading »

How to put Varnish in front of your Webserver without doing any change.

Articles, Guides 12 Responses »

Apr 302012

Varnish is an open source “web accelerator” which you can use to speed up your website.

It can cache certain static elements, such as images or javascript but you can also use it for other purposes such as Load balancing or some additional security, in general most of the people want to try it and test their website to see if it’s really so amazing (IMO yes, but test it yourself).

The traditional guides will tell you to move your webserver to another port, perhaps 81,8080 or just bind to localhost, configure Varnish to listen to port 80 and use the web server as backend, the server where Varnish will forward requests not found in his cache.

This is the “normal” configuration and it works fine, but sometimes you just want to make a quick Test or perhaps you are using a Control Panel, such as Cpanel, Kloxo or ISPConfig and in my experience change the standard listening ports of Apache is not a decision to be taken lightly with these tools.

So in a VPS (with Kloxo) I’ve used a different approach: iptables.
Continue reading »

Protect your server with SSHGuard

11/01/2011
Protect your server with SSHGuard
Posted by Riccardo at 23:01
9 Responses
Guides, Reviews
Tagged with: daemon, fail2ban, firewall one, firewalling, iptables, linux, log message, logcheck, logs, networked service, security, sshguard, syslog

I’ve already talked about fail2ban and logcheck, 2 tools that can scan your logs and do actions, based on rules that you can give/modify, usually modify your iptables rules to stop active attacks against your server or simply send you a warning if some thing is found in the logs. Today we’ll see a similar […]

Online resource collection for Linux Administrators

06/19/2011
Online resource collection for Linux Administrators
Posted by Riccardo at 23:32
2 Responses
Pills
Tagged with: ascii art, corntab, crontab, htpasswd, iptables, linux, password generator, regular expression

These are some sites i use to do specific jobs, i hope they can serve you well too. Corntab Corntab is a simple crontab web GUI With Corntab you can ensure that you always have the correct crontab syntax. Don’t worry about forgetting the proper crontab format because Corntab let’s you click on all of […]

Page 1 of 2 1 2 Older Entries