About Linux FAQ

• So much to read, so little time! Read our FAQ to help you cut through the clutter of information overload. more »

• nixCraft welcomes readers' articles and guest blogging posts. We're interested in articles on programming, security, database, Linux and anything else related to technology.

Archive for the 'Security' Category

« Previous Page — Next Page »

• Understanding Bash fork() bomb ~ :(){ :|:& };: :

  Q. Can you explain following bash code or bash fork() bomb?
  :(){ :|:& };:
  A. This is a bash function. It gets called recursively (recursive function). This is most horrible code for any Unix / Linux box. It is often used by sys admin to test user processes limitations (Linux process limits can be configured via [...]

• How to Tunnel X Windows Securely over SSH :

  Q. How do I tunnel X Windows Securely over SSH? I’d like to run X program on my remote Linux server and get back display to Laptop computer connected by high speed internet?
  A. A tunneling protocol is a network protocol which encapsulates a payload protocol, acting as a payload protocol. Reasons to tunnel include carrying [...]

• How to: Allow telnet and ssh through iptables under Linux :

  Q. I run both RHEL / CentOS Linux server and by default firewall blocked out everything including telnet / ssh access. How do I allow telnet - port 23 and ssh port 22 thought Linux iptables firewall ?
  A.By default firewall rules stored at /etc/sysconfig/iptables location / file under CentOS / RHEL. All you have to [...]

• Squid Proxy Server Mac Address based filtering :

  Q. I’m using squid proxy server under CentOS Linux version 5. How to filter a particular MAC address under squid?
  A. Not all operating system supports Mac address based filtering. For some operating systems. Squid calls these “ARP ACLs” and they are supported on Linux, Solaris, and BSD variants.
  How do I set up ACL’s based [...]

• Squid proxy authentication in transparent mode :

  Q. I was referring to your Squid transparent proxy configuration howto, and my question to you - can proxy authentication be done in transparent mode?
  A. Short answer: noop, you cannot use Squid proxy authentication in transparent mode.
  From official squid docs:
  Authentication cannot be used in a transparently intercepting proxy as the client then thinks it is [...]

• How to: Turning off SFTP server under Linux / UNIX cpanel server :

  Q. I’ve CentOS Linux cpanel server. I’d like to turn off SFTP server but only allow SSH for root user. How do I trun off sftp server?
  A. OpenSSH / sshd reads configuration data from /etc/ssh/sshd_config. The file contains keyword-argument pairs, one per line. Lines starting with ‘#’ and empty lines are interpreted as comments. [...]

• Block ip address of spammers with iptables under Linux :

  Q. How do I block ip address of spammers with iptables based firewall under CentOS Linux 5?
  A. You can simply block IP address of spammers by editing /etc/sysconfig/iptables file under:
  a) CentOS Linux
  b) Fedora Linux
  c) RHEL 4.x/5.x etc
  Open file /etc/sysconfig/iptables:
  # vi /etc/sysconfig/iptables
  Append ip address of spammers as follows:
  -A RH-Firewall-1-INPUT -s SPAMMER-IP -j DROP
  -A RH-Firewall-1-INPUT -s SPAMMER-SUBNET-BLOCK [...]

• Disable SELinux for only Apache / httpd in Linux :

  Q. How do I disable SELinux protection for only Apache web server in Linux? I’m using CentOS Linux server.
  A. You can disable Apache SELinux protection easily. Please keep in mind that by disabling SELinux for apache you are inviting more security related problems.
  Disable Apache SELinux Protection
  Open /etc/selinux/targeted/booleans file using a text editor:
  # vi /etc/selinux/targeted/booleans
  Append or [...]

• Linux: Openssh (ssh server) deny root user access :

  Q. How do I block access to root user over ssh session?
  A.. sshd (OpenSSH Daemon) is the daemon program for ssh. Server side ssh configuration is defined in /etc/ssh/sshd_config file.
  You need to use DenyUsers option to block access to root user.
  This option can be followed by a list of user name patterns, separated by [...]

• HP-UX start or stop / restart OpenSSH SSHD service :

  Q. I’ve HP-UX installed on my HP UX UNIX server. But I’m not able to start or restart the OpenSSH ssh server. How do I stop or restart sshd under HP-UX?
  A. HP-UX Secure Shell uses Pluggable Authentication Module for password authentication. Server configuration file is located at /opt/ssh/etc/sshd_config.
  HP-UX SSHD System Startup and Shutdown script:
  /sbin/init.d/secsh {start|stop}
  System [...]

Search FAQs

Advertisements

Archives

• Select Month July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006

more ~/options

• About us
• Testimonials
• Contact us

nixCraft RSS Feeds

Copyright © 2006-2008 nixCraft. All rights reserved - TOS/Disclaimer - Privacy policy - Sitemap - Powered by Open source software.