Vigilant system administrators will notice many failed login attempts on their internet connected servers. While its good to know that you are preventing these logins, they are filling your logs and potentially making it harder to see other problems. Additionally, these failed logins are taking up bandwidth and likely trying over and over again to get into your system. Fortunately, there is a solution to preventing these attacks from continuing on a Linux based system. The following tutorial will set up Fail2ban on a RedHat based system. We will monitor failed SSH logins and failed Webmin logins. Additionally, we will set up a unique jail that will block persistant attackers for a longer period of time.
Posts Tagged security
Server security is not something that should be ignored. If an attacker gets on to your servers, do you know what they changed? Sure you’ve removed the gigabytes of malware with a virus scanner and manually cleaned up countless directories of illegal software, but is that all they left behind? Did they modify any of your important files, such as ‘su’ or ‘cp’ or ‘rm’? How would you know this? One answer is the Open Source project Tripwire. This tutorial will cover how to install, configure and maintain Tripwire on a Fedora 11 machine. This tutorial should be easily translatable to RedHat and CentOS 5.x with few (if any modifications) and to other Linux distributions with only minor changes.
Read the rest of this entry »
SSH without password
Jun 27
Managing remote systems is a time consuming endeavour. Aside from just standard maintance, other things are required to be an effective System Administrator. One of those is secure system access. It wouldn’t be good for you (or your client) if your System Admin password was suddenly common knowledge. Just like everyone else, System Admins tend to select easy to remember, short passwords.
Fortunately, there is a solution. When connecting two Linux machines together – whether its because an administrator is connecting to a remote system, or you are doing a remote back up (you do store data off site, right?) – the ability to automatically connect to another machine is a huge time saver.
Sudo Tutorial
Jun 16
Aliases
Aliases are good ways to group commands together or create a shorthand version for something. There are four different kinds of aliases: Runas aliases, User aliases, Command aliases, and Host aliases. Aliases are very easy to define. Simply indicate what kind of alias you’re defining, provide a name for the alias, and then provide the value for the alias. Values can be comma-delimited when multiple values are being assigned to that alias name. The type of alias is provided using one of the following keywords. I’ve also included a description of what exactly each alias is for.
Read the rest of this entry »