Fail2ban – Prevent Postfix Brute Force

Installation

# apt-get install fail2ban

To limit memory usage, add to /etc/default/fail2ban:

+ulimit -s 256

Configuration
Local config file
Create a local config file /etc/fail2ban/jail.local to override settings in jail.conf:

SSH
To ban authentication via SSH after 3 failed attempts add the following to /etc/fail2ban/jail.local:

[ssh]
enabled   = true
port      = ssh
filter    = sshd
logpath   = /var/log/auth.log
maxretry  = 3

Restart:

# /etc/init.d/fail2ban restart

Postfix and Dovecot
To ban authentication to Postfix and Dovecot after 3 failed attempts add the following to /etc/fail2ban/jail.local:

[dovecot]
enabled = true
port = pop3,pop3s,imap,imaps
filter = dovecot
logpath = /var/log/mail.log
maxretry  = 3

[postfix]
enabled  = true
port     = smtp,ssmtp
filter   = postfix
logpath  = /var/log/mail.log
maxretry  = 3

[sasl]
enabled   = true
port      = smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
filter    = sasl
logpath   = /var/log/mail.log
maxretry  = 3

Fail2ban (Debian Squeeze) isn’t shipped with a configuration for Dovecot, so create /etc/fail2ban/filter.d/dovecot.conf:

[Definition]
failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed).*rip=(?P\S*),.*
ignoreregex =

Restart fail2ban:

# /etc/init.d/fail2ban restart

Apache
To ban IPs after 3 failed login attempts add the following to /etc/fail2ban/jail.local:

[apache]
enabled = true
port    = http,https
filter  = apache-auth
logpath = /var/log/apache*/*error.log
maxretry = 3
Advertisements

Copy Large amount of data using rsync

Copying large amount of data,like 300 or 400GB’s from one hdd to another using nautilus or any file manager may fail on some occasions. Using the command rsync will be a better idea to copy large piles of data. This will show the progress percentage and the amount of data copied.

rsync -ah --info=progress2 SOURCE_PATH DESTINATION_PATH

change SOURCE and DESTINATION path according to your needs.

Configure Reliance Netconnect/BSNL EVDO on Ubuntu 10.04

Firstly we need to install these packages usb-modswitch, usb-modswitch-data

Open up Terminal,and type the following

 $sudo apt-get install -yq usb-modeswitch usb-modeswitch-data wvdial

Then we need to edit wvdial.conf file,type this in the Terminal

$sudo gedit /etc/wvdial.conf

Type the following in the file opened,be sure to add your phone number

[Modem0]
Modem = /dev/ttyUSB0
Baud = 115200
SetVolume = 0
Dial Command = ATDT
Init1 = ATZ
FlowControl = Hardware (CRTSCTS)
[Dialer netconnect]
Username = your device phone number
Password = password usually the device phone number
Phone = #777
Stupid Mode = 1
Inherits = Modem0

close the editor and reboot the system,now to connect you need to type

 $sudo wvdial netconnect
sudo modprobe usbserial vendor=0x19d2 product=0xfffd

Debian Kernels and Tigon TG3 Firmware

If you are updating the kernel on your Debian 5.0 (Lenny) or Debian 6.0 (Squeeze) installation and have a Tigon Gigabit ethernet controller, such as the one on the Dell Poweredge T110, you may receive the following warning messages:

W: Possible missing firmware /lib/firmware/tigon/tg3_tso5.bin for module tg3
W: Possible missing firmware /lib/firmware/tigon/tg3_tso.bin for module tg3
W: Possible missing firmware /lib/firmware/tigon/tg3.bin for module tg3

How to fix this problem

1.) Add the “non-free” repository to the sources.lst file.

vim /etc/apt/sources.list
deb http://ftp.us.debian.org/debian/ squeeze main contrib non-free
deb-src http://ftp.us.debian.org/debian/ squeeze main contrib non-free

2.) Update apt-get and install the “firmware-linux-nonfree” package.

apt-get update
apt-get install firmware-linux-nonfree

Upgrading the kernel to 2.6.39 in Debian 6

Some applications require a newer kernel version to make them work better . But the current stable kernel is 2.6.32.

First of all;
1. backup your /boot!

cp /boot /root -R

2. Make changes to your sources.list .

vim /etc/apt/sources.list

3. Add the line below to the bottom of the file.

deb http://backports.debian.org/debian-backports squeeze-backports main

4. Update your repositories

apt-get update

5. Install  the backport and the kernel. (note: the linux headers and other dependencies will be installed aswell)

apt-get install -t squeeze-backports linux-image-2.6.39-bpo.2-amd64

The install will update the grub config aswell, and will put the 2.6.39 kernel at the top (so it will boot first). If all goes well you should reboot the server and the kernel will be loaded.

If the server doesnt reboot and gives you the grub shell . You can try to boot from a live disk, and copy the files from your backup back to /boot of your install.

How to Reinstall apache2 properly in GNU/Linux

If you have issues with apache2 and you want to reinstall it but you are getting errors,then here it isthe solution for you.

i had an issue with apache, when i tried to start it i got this error message.

 /etc/init.d/apache2   start.: 45: Can't open /etc/apache2/envvars

i need to remove it completely.To do that i will use this command :

 sudo apt-get remove --purge apache2 apache2-utils
This command will completely remove all apache2 configuration files and directories.
– Reinstall again apache using the normal command
sudo apt-get install apache2

How to configure RAID in Debian Squeeze

Purpose of RAID

Improve read/write performance and ensure redundancy in case of a hard disk failure.

RAID levels

Raid levels can be known in detail from wikipedia http://en.wikipedia.org/wiki/RAID

/proc/mdstat

cat /proc/mdstat

If there are any RAID devices present, they will be shown in the terminal…like this

md2 : active raid1 sda4[0] sdb4[1]

md1 is a RAID 1 (mirror) device, spanning sda4 and sdb4 partitions. This device is active and mounted. If it were not used, it would have been listed under unused devices further below.

458111864 blocks super 1.2 [2/2] [UU]

[2/2] [UU ]  – tells us both partitions are used.

if  it appears like this  [1/2]  or [U_] then you have a degraded RAID array.

Do manual partition and make partitions as per you need

edit partitions and select use as physical volume for raid

repeat this for all partitions and make all partitions physical volume for raid

Then select Configure Software Raid

Then select write changes to disk if correct

the next step is to create a new MD device.Choose Create MD device

 

Then choose the raid type you want

Choose no of devices

need to decide how many (active) devices will participate in the mirror.here its two

The next step is to choose spares here its zero

Next choose devices we need to select which devices we want to use. For the first device, we’ll use sda1 and sdb1.

repeat the procedure for the other two devices

Now select root ,swap and home partitions….

Then installation begins………….

After  installation boot up to your system open terminal and type

cat  /proc/mdstat