Debian/Ubuntu Tips and Tricks

Debuntu

Debian/Ubuntu Tips and Tricks

Archive for the 'Networking' Category

How Tos related to networking from accessing remote hosts, configuring a service or administration.

Secure your SSH server with Public/Private key authentification

Posted by chantra on 11th January 2007

Open SSH is the most widely used SSH server on Linux. Using SSH, one can connect to a remote host and gain a shell access on it in a secure manner as all traffic is encrypted.

A neat feature of open SSH is to authenticate a user using a public/private key pair to log into the remote host. By doing so, you won't be prompted for the remote user's password.

This tutorial will describe how to create a SSH public/private key pair, how to enable key based authentication and finally how to disable password authentication.

Read the rest of this entry »

Tags: , ,
Posted in Administration, HowTo, Networking | No Comments »

Iptables: How-to Share your internet connection — page 4

Posted by chantra on 15th December 2006

This entry is part 4 of 4 in the series Iptables: How-to Share your internet connection

4. Using iptables'script

4.1. From the command line

One way to apply the rules we define, is simply to run the script from the command line like:

sudo sh /path/to/firewall-script.sh

but this has the bad effect of not being restore on reboot :s, but still, this will be of great help while tweaking up your firewall.

Read the rest of this entry »

Tags: , ,
Posted in Administration, HowTo, Networking | No Comments »

Iptables: How-to Share your internet connection — page 3

Posted by chantra on 14th December 2006

This entry is part 3 of 4 in the series Iptables: How-to Share your internet connection

3.3. Defining custom chains

In order to get a easier to maintain iptables script, it is handy to define some custom chains, also called user-defined chains. This way, you can gather common actions into 1 chain, then, using our target switch (-j) we will be able to send packets that match specific rules to that target.
In order to create a user-defined chain, we need to use:

Read the rest of this entry »

Tags: , ,
Posted in Administration, HowTo, Networking | No Comments »

Iptables: How-to Share your internet connection — page 2

Posted by chantra on 12th December 2006

This entry is part 2 of 4 in the series Iptables: How-to Share your internet connection

3. Iptables Script

OK, now that we know the really basis, let see what the script is going to look like.

In this example, I assume that eth0 is the interface connected to the Internet, eth1 is the one connected to our local network.

Read the rest of this entry »

Tags: , ,
Posted in Administration, HowTo, Networking | No Comments »

Iptables: How-to Share your internet connection

Posted by chantra on 10th December 2006

This entry is part 1 of 4 in the series Iptables: How-to Share your internet connection

iptables is a command line tool which allow system administrators to configure Linux packet filtering ruleset.

Using iptables, you are able to tweak packet filtering, Network Address Translation (NAT) and packet mangling which in the end are going to allow you to secure your server, share your Internet connection and log unwanted traffic.

iptables is not really what we could call an easy to get with tool, but once you know the basis, it won't be that scary :).

This tutorial will provide a sample script you can use to share your Internet access and will give an overview on how to use iptables

Read the rest of this entry »

Tags: , ,
Posted in Administration, HowTo, Networking | 22 Comments »

How-To: Monitoring a Server with Munin — page 2

Posted by chantra on 2nd December 2006

This entry is part 2 of 2 in the series How-To: Monitoring a Server with Munin

2. Setting up apache

Okie, now we are going to set up an apache virtual host called monitoring.example.com in order to be able to access our statistics through http://monitoring.example.com url.

To do so, you need to have a working apache server. If you do not yet. Please install apache with:

$sudo apt-get install apache2

Read the rest of this entry »

Posted in Administration, HowTo, Networking, System | 1 Comment »

How-To: Monitoring a Server with Munin

Posted by chantra on 1st December 2006

This entry is part 1 of 2 in the series How-To: Monitoring a Server with Munin

Munin is a simple to configure tool that make real nice graph about your server status. It can actually deal with almost any aspect of your server (load average, network cards status, CPU usage, memory usage, postfix, exim4, mysql ...) without spending much time in configuring it.

Munin produce MRTG likes graph so you can easily see how your server health is going.

Read the rest of this entry »

Posted in Administration, HowTo, Networking, System | No Comments »

Postfix and Postgrey: A proactive approach to spam filtering — page 2

Posted by chantra on 23rd November 2006

This entry is part 2 of 2 in the series Postfix and Postgrey: A proactive approach to spam filtering

4. Tweaking up Postgrey

4.1. Postgrey Configuration files

There is two main configuration files in /etc/postgrey: whitelist_clients and whitelist_recipients.

In whitelist_clients, you can define a list of mail server that you do not want to greylist. Either because there are hosts that you trust, or because there are host that it is an issue to greylist.
Client addresses can be specified as follow:

Read the rest of this entry »

Posted in Administration, HowTo, Networking | 2 Comments »

Postfix and Postgrey: A proactive approach to spam filtering

Posted by chantra on 23rd November 2006

This entry is part 1 of 2 in the series Postfix and Postgrey: A proactive approach to spam filtering

Greylisting is yet another way for preventing your mailbox getting full of spam. A famous spam fighter software is spamassassin which filter emails. Greylisting won't replace such softwares but it will behave as a powerful proactive barrier which will reduce the amount of spam getting through your mail server.

Read the rest of this entry »

Posted in Administration, HowTo, Networking | No Comments »

Postfix and Spamassassin: How to filter spam — page 2

Posted by chantra on 20th November 2006

This entry is part 2 of 2 in the series Postfix and Spamassassin: How to filter spam

3. Make Postfix call Spamassassin

Now, we need to tell postfix to use spamassassin. In our case, spamassassin will be invoked only once postfix has finished with the email.

Read the rest of this entry »

Posted in Administration, HowTo, Networking | No Comments »