Tuesday, August 6, 2013

Monitor Proftpd Server by Using phpftpwho

Install phpftpwho

Note :- phpftpwho must be installed on the same machine that is running Proftpd server.

Download phpftpwho from here using the following command in apache web server root document folder (/var/www)

#wget http://www.rivetcode.com/files/phpftpwho/phpftpwho-1_05.tar.gz

Now you have tar.gz file you need to extract using the following command

# tar xzvf phpftpwho-1_05.tar.gz

Now you should be having phpftpwho folder in your apache root document folder(/var/www)

If you want to access your phpftpwho program you need to go to http://yourserverip/phpftpwho

Now you need to login into the ftp server and refresh your phpftpwho page you should see similar to the following screen



Get access to Linux files from Windows

There are a number of evident merits of the program, which you should know. First of all, DiskInternals Linux Reader is absolutely free.

Secondly, the program provides for read-only access and does not allow you to make records in Ext2/Ext3 file system partitions. This guarantees that the interference in an alterative file system will not affect the work of Linux later. Apart from this, it is necessary to note, that it gives you an

opportunity to use common Windows Explorer for extracting data. A preview option for pictures is one more pleasant point, which is worth mentioning. 

While saving, it ignores file security policies. It means that it is possible to access absolutely any file on a Linux disk from Windows. The program can create and open images of Ext2/Ext3 disks.”
Download LinuxReader

Squid server to use other Proxy (cache)

If you want Squid to be part of a hierarchy of proxies or want Squid to fetch content from another proxy
cache_peer proxy.isp.com parent 8080 0 no-query no-digest ever_direct allow all

For Multiple parent
cache_peer proxy.isp1.com parent 8080 0 no-query no-digest default
cache_peer proxy.isp2.com parent 8080 0 no-query no-digest


Multiple parents with weight:
cache_peer proxy.isp1.com parent 8080 0 no-query no-digest weight=1 
cache_peer proxy.isp2.com parent 8080 0 no-query no-digest weight=2


Multiple parents with round-robin:
cache_peer proxy.isp1.com parent 8080 round-robin no-query
cache_peer proxy.isp2.com parent 8080 round-robin no-query
cache_peer proxy.isp3.com parent 8080 round-robin no-query

In above examples proxy.isp1.com, proxy.isp2.com and proxy.isp2.com are other cache servers

squid server and Ad Zapper Block Ads

It has been observed that 30% of your bandwidth is consume by Ads so if you block these ads you can save this 30% bandwidth and can use to some other things. How we can do this …

Make sure your squid is configured and working fine
Get ad-zapper using following commands:
# cd  /etc/squid
# wget  http://voidmain.is-a-geek.net/files/scripts/update-zapper
# chown  root:root  update-zapper
# chmod  700  update-zapper  
Now run the update-zapper which should automatically download the latest adzapper Perl script from sourceforge: # ./update-zapper

If the script ran properly you should now see an executable Perl script named squid_redirect
# ls  squid_redirect

Edit squid_redirect file and make sure the perl path ( command - # whereis perl) is defined according to your system

#!/usr/bin/perl

Now you want to edit the squid.conf file with your favorite text editor and search for the section containing the tag redirect_program. This is where we tell Squid to use the ad zapper script.

Edit squid.conf file and insert the following line
redirect_program /path/to/squid_redirect

Restart the squid - # service  squid   reload 

Squid proxy server Block mp3, mpg, mpeg, exe files

First open squid.conf file /etc/squid/squid.conf:
# vi /etc/squid/squid.conf
Now add following lines to your squid ACL section:
acl blockfiles urlpath_regex “/etc/squid/multimedia.files.acl”
Now create the the file
# vi /etc/squid/multimedia.files.acl
\.[Ee][Xx][Ee]$
\.[Aa][Vv][Ii]$
\.[Mm][Pp][Gg]$
\.[Mm][Pp][Ee][Gg]$
\.[Mm][Pp]3$
Save and close the file and Restart Squid:
# /etc/init.d/squid restart


Monday, August 5, 2013

How to use hosts.allow and hosts.deny

1. Open terminal
2. su - if you not a root user
3. Use your favorite editor like vi.
4. Type vi /etc/hosts.deny
5. At the bottom line just type “ALL:ALL:deny” to restricted all of deamon process
6. Save it.
7. Open “/etc/hosts.allow” with vi editor
8. At the buttom line “ALL:(some ip that you allow):allow” to allow anything from my IP address
9. Save it.

Read more: http://linuxpoison.blogspot.com/2008/01/how-to-use-hostsallow-and-hostsdeny.html#ixzz2b4xRVqjx

Safer, Faster, and Smarter internet access

Safer, Faster, and Smarter internet access by using OpenDNS

If you are not aware of OpenDNS, please do look here first.
OpenDNS protects you from phishing — bad websites trying to steal your personal information. When you try to go to a phishing site, Opendns let you know.
Let's try to configure and use this on Linux.
1) Make sure named is installed on your system.
2) Edit your /etc/resolv.conf file and add following entry
nameserver 127.0.0.1
3) Now edit your /etc/named.conf file, you should have similar to this... in your "options" section of named.conf file
options {
directory "/var/lib/named";
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
forwarders { 208.67.222.222; 208.67.220.220; };
forward first;
listen-on port 53 { 127.0.0.1; };
allow-query { 127.0.0.1; };
notify no;
};
Here most important part is entry of opendns servers in forwarders section.
4) Now restart your named server.
5) open your browser and type : http://www.opendns.com/welcome/ --> You should see something similar to this ...


Read more: http://linuxpoison.blogspot.com/2008/01/safer-faster-and-smarter-internet.html#ixzz2b4x6cTug

How to configure Linux as Internet Gateway for small office

Step by Step Procedure

Step 1. Add 2 Network cards to the Linux box

Step 2. Verify the Network cards, check if they installed properly or not

Step 3. Configure eth0 for Internet with a Public (External network or Internet)
# cat ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
BROADCAST=xx.xx.xx.255    # Optional Entry
HWADDR=00:50:BA:88:72:D4    # Optional Entry
IPADDR=xx.xx.xx.xx
NETMASK=255.255.255.0    # Provided by the ISP
NETWORK=xx.xx.xx.0       # Optional
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
GATEWAY=xx.xx.xx.1    # Provided by the ISP
Step 4. Configure eth1 for LAN with a Private IP (Internal private network)
# cat ifcfg-eth1
BOOTPROTO=none
PEERDNS=yes
HWADDR=00:50:8B:CF:9C:05    # Optional 
TYPE=Ethernet
IPV6INIT=no
DEVICE=eth1
NETMASK=255.255.0.0        # Specify based on your requirement
BROADCAST=""
IPADDR=192.168.1.1        # Gateway of the LAN
NETWORK=192.168.0.0        # Optional
USERCTL=no
ONBOOT=yes
 Step 5. Host Configuration    (Optional)
# cat /etc/hosts
    127.0.0.1       nat localhost.localdomain   localhost

Step 6. Gateway Configuration
# cat /etc/sysconfig/network
    NETWORKING=yes
    HOSTNAME=nat
    GATEWAY=xx.xx.xx.1    # Internet Gateway, provided by the ISP
Step 7. DNS Configuration
# cat /etc/resolv.conf
    nameserver 208.67.222.222      # Primary DNS Server provided by the ISP
    nameserver 208.67.220.220      # Secondary DNS Server provided by the ISP
Step 8. NAT configuration with IP Tables
First of all you have to flush and delete existing firewall rules. So flush rules by typing in terminal:
iptables -F
iptables -t nat -F
iptables -t mangle -F
Now delete these chains:
iptables -X
iptables -t nat -X
iptables -t mangle -X
# Set up IP FORWARDing and Masquerading
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth1 -j ACCEPT
# Enables packet forwarding by kernel (save this setting in /etc/sysctl.conf file)
echo 1 > /proc/sys/net/ipv4/ip_forward
 #Apply the configuration
service iptables save
service iptables restart
 # Check if iptables is set to start during boot up
chkconfig –list iptables
 Step 9. Testing
Ping the Gateway of the network from client system: ping 192.168.2.1
Try it on your client systems: ping google.com

Configuring PCs on the network (Clients)
All PC's on the private office network should set their "gateway" to be the local private network IP address of the Linux gateway computer. 
The DNS should be set to that of the ISP on the internet. 

Windows 2000, XP,  Configuration:
Select "Start" + Settings" + "Control Panel" 
Select the "Network" icon 
Select the tab "Configuration" and double click the component "TCP/IP" for the ethernet card. (NOT the TCP/IP -> Dial-Up Adapter) 

Read more: http://linuxpoison.blogspot.com/2009/02/how-to-configure-linux-as-internet.html#ixzz2b4wMEVQv

OwnCloud server install & basic configuration

First step: 

[lbazan@ILBR001 ~]$ su
Contraseña:
[root@ILBR001 lbazan]# yum install owncloud


Second step:

Initialize apache:

[root@ILBR001 lbazan]#service httpd start
Redirecting to /bin/systemctl start  httpd.service

[root@ILBR001 lbazan]#

Third step:

when the installation finish go to your browser and write:

http://localhost/owncloud 


When appear the owncloud home page you can write admin user and password. ownCloud don't have default user and password so you should think of one for that time. You can select the DB system for your election, in this case I use SQLite for a basic installation.

If you are user MySQL you need first create the database and then configure the user and password then put this configuration == in the ownCloud home page or you can edit the config file in "vi cd /etc/owncloud/config.php" directly. 

Ok! you finish the third step.

Now you have personal CLOUD


Screen Shots:

User Home Page

Expand configuration area

User admin area: You can create users and groups

Personal area: edit personal data and others

Aplication area: for install more addons

Administration area: some additional things for the good administration of the cloud
Links:
http://fedoraproject.org/wiki/Features/OwnCloud
http://owncloud.org/
http://doc.owncloud.org/
http://owncloud.org/features/ 

Installing Tomcat 6 on Fedora, Red Hat or CentOS

Installing Tomcat 6 on Fedora, Red Hat or CentOS

yum install tomcat6-webapps
Tomcat will get installed across the following directories
/etc/tomcat6             conf files     $CATALINA_HOME/conf
/usr/share/java/tomcat6  libs           $CATALINA_HOME/lib
/usr/share/tomcat6/bin   executables    $CATALINA_HOME/bin
/var/log/tomcat6         logs           $CATALINA_HOME/logs
/var/cache/tomcat6/temp  temp files     $CATALINA_HOME/temp
/usr/share/tomcat6       home directory $CATALINA_HOME
/var/lib/tomcat6/webapps web apps       $CATALINA_HOME/webapps
/var/cache/tomcat6/work  compiled stuff $CATALINA_HOME/work
Set CATALINA_HOME in /etc/profile
export CATALINE_HOME=/usr/share/tomcat6
Tomcat can be stopped, started and restarted using the following commands
# service tomcat6 stop
# service tomcat6 start
# service tomcat6 restart

How To Block Pings ICMP

How To Block Pings ICMP

first, ping your server and make sure you are getting ping replies. i am using widows xp, so i will open the DOS terminal and ping my ip: example:

C:\Users\MyPC>ping 192.168.0.2

Pinging 192.168.0.2 with 32 bytes of data:
Reply from 192.168.0.2: bytes=32 time<1ms TTL=12
Reply from 192.168.0.2: bytes=32 time<1ms TTL=12
Reply from 192.168.0.2: bytes=32 time<1ms TTL=12
Reply from 192.168.0.2: bytes=32 time<1ms TTL=12

Ping statistics for 192.168.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
then send this command to edit sysctl.conf
SHELL COMMAND:
# Vim  /etc/sysctl.conf
net.ipv4.icmp_echo_ignore_all = 1

#/etc/init.d/network  restart

SMTP, IMAP and POP server settings for major ISPs

SMTP, IMAP and POP server settings for major ISPs


Standard ports
Here are the standard port for most SMTP / IMAP / POP3 servers
·         SMTP AUTH:
·         Port 25 or 587
·         SMTP SSL:
·         Port 465
·         SMTP StartTLS:
·         Port 587
·         POP3 :
·         Port 110
·         IMAP
·         Port 143
·         IMAP SSL
·         Port 993
·         IMAP StartTLS
·         Port 143


1&1
·         POP Server: pop.1and1.com (Port 25 or 587)
·         SMTP Server : smtp.1and1.com
·         IMAP Server : imap.1and1.com


Adelphia Cable
·         POP Server: mail.adelphia.net
·         SMTP Server : mail.adelphia.net
·         IMAP Server : mail.adelphia.net


AOL
·         POP Server: pop.aol.com
·         SMTP Server : smtp.aol.com
·         IMAP Server : imap.aol.com


AT&T
·         POP Server: pop.att.yahoo.com (port 110)
·         SMTP Server: smtp.att.yahoo.com (port 465)
·         IMAP Server: imap.att.yahoo.com (port 993)


ATT Broadband Internet
·         POP Server: mail.attbi.com
·         SMTP Server: mail.attbi.com
·         IMAP Server: mail.attbi.com


ATT WorldNet
·         POP Server: postoffice.worldnet.att.net (port 995)
·         SMTP Server : mailhost.worldnet.att.net (port 465)
·         IMAP Server : imap.aol.com (port 143)


Bell Atlantic
·         POP Server: pop.bellatlantic.net
·         SMTP Server : gtei.bellatlantic.net
·         IMAP Server : No imap.bellatlantic.net yet


Bluelight
·         POP Server: pop.mybluelight.com (port 995)
·         SMTP Server : smtp.mybluelight.com (port 465)
·         IMAP Server : No imap.mybluelight.com yet


BSNL
·         POP Server: mail.bsnl.in
·         SMTP Server : smtp.bsnl.in
·         IMAP Server : No imap.bsnl.in yet


BT internet
·         POP Server: mail.btinternet.com (port 995)
·         SMTP Server : mail.btinternet.com (port 465)
·         IMAP Server : imap.mail.yahoo.com (993), works with @btinternet.com email address


Clara.net
·         POP Server: pop.clara.net (port 995)
·         SMTP Server : smtp.clara.net (port 465)
·         IMAP Server : No imap.clara.net yet


Comcast.net
·         POP Server: mail.comcast.net (port 995)
·         SMTP Server : smtp.comcast.net (port 465)
·         IMAP Server : No imap.comcast.net yet


EarthLink
·         POP Server: pop.earthlink.net
·         SMTP Server : smtpauth.earthlink.net (587)
·         IMAP Server : No imap.earthlink.net yet


Frontier
·         POP Server: pop3.frontier.com (port 995)
·         SMTP Server : smtp.frontier.com (port 465)
·         IMAP Server : No imap.frontier.com yet


Gmail
·         POP Server: pop.gmail.com
·         SMTP Server : smtp.gmail.com
·         IMAP Server : imap.gmail.com
·         More info :


Hotmail
·         POP Server: pop3.live.com (Port 995 with SSL)
·         SMTP Server : smtp.live.com (Port 25 with SSL)
·         IMAP Server : no


iCloud
·         POP Server: mail.me.com (port 110)
·         SMTP Server : smtp.me.com (port 25)
·         IMAP Server : mail.me.com (port 143)


Mail.com
·         POP Server: pop.mail.com
·         SMTP Server : smtp.mail.com (port 465)
·         IMAP Server : imap.mail.com (port 993)


Me.com
·         POP Server: mail.me.com (port 110)
·         SMTP Server : smtp.me.com (port 25)
·         IMAP Server : mail.me.com (port 143)


Mobile Me
·         POP Server: mail.me.com (port 110)
·         SMTP Server : smtp.me.com (port 25)
·         IMAP Server : mail.me.com (port 143)


O2
·         POP Server: mail.o2.co.uk (port 995)
·         SMTP Server : smtp.o2.co.uk (port 465 with SSL)
·         IMAP Server : No imap.o2.co.uk yet


Prodigy
·         POP Server: pop.att.yahoo.com
·         SMTP Server : smtp.att.yahoo.com (port 465)
·         IMAP Server : imap.mail.yahoo.com (993)


RCN.com
·         POP Server: pop.rcn.com
·         SMTP Server : smtp.rcn.com (port 25, authentication required)
·         IMAP Server : no


RoadRunner - rr.com
·         POP Server: pop-server.rr.com
·         SMTP Server : smtp-server.rr.com
·         IMAP Server : no imap.rr.com yet


Sanchamet
·         POP Server: mail.bsnl.in
·         SMTP Server : smtp.bsnl.in
·         IMAP Server : No imap.bsnl.in yet


SBCGlobal.net
·         POP Server: pop.att.yahoo.com
·         SMTP Server : smtp.att.yahoo.com (port 465)
·         IMAP Server : imap.mail.yahoo.com (993)


Sky.com
·         POP Server: pop.tools.sky.com (port 995)
·         SMTP Server : smtp.tools.sky.com (port 465 with SSL)
·         IMAP Server : imap.tools.sky.com (port 993)


South West Bell
·         POP Server: pop.att.yahoo.com
·         SMTP Server : smtp.att.yahoo.com (port 465)
·         IMAP Server : imap.mail.yahoo.com (993)


SuddenLink
·         POP Server: pop.suddenlink.net (port 110)
·         SMTP Server : smtp.suddenlink.net (port 25 with authentication)
·         IMAP Server : No imap.suddenlink.net yet


Sympatico
·         POP Server: pop1.sympatico.ca
·         SMTP Server : smtp1.sympatico.ca
·         IMAP Server : no imap.sympatico.ca yet


TalkTalk
·         POP Server: mail.talktalk.net
·         SMTP Server : smtp.talktalk.net
·         IMAP Server : imap.talktalk.net


Tiscali.co.uk
·         POP Server: pop.tiscali.co.uk
·         SMTP Server : smtp.tiscali.co.uk
·         IMAP Server : imap.tiscali.co.uk


Windstream
·         POP Server: pop.windstream.net
·         SMTP Server : smtp.windstream.net (port 25 with authentication)
·         IMAP Server : no imap.windstream.net yet


Yahoo.co.uk
·         POP Server: pop.mail.yahoo.co.uk (port 995)
·         SMTP Server : smtp.mail.yahoo.co.uk (port 465 with SSL)
·         IMAP Server : imap.mail.yahoo.co.uk (port 993)


Yahoo.com
·         POP Server: pop.mail.yahoo.com (port 995)
·         SMTP Server : smtp.mail.yahoo.com (port 465 with SSL)
·         IMAP Server : imap.mail.yahoo.com (port 993)


Verizon
·         POP Server: incoming.verizon.net or incoming.yahoo.verizon.net
·         SMTP Server : outgoing.verizon.net or outgoing.yahoo.verizon.net (Port 587)
·         IMAP Server : incoming.verizon.net


Virgin Media
·         POP3 server: pop3.virginmedia.com
·         SMTP server: smtp.virginmedia.com
·         IMAP server : no imap.virginmedia.com yet