As we know the kerberos authentication method is the most secure network authentication method ever build. In normal method the password is sent accross the network, which is vulnerable but in kerberos method no password is sent accross the network. The Steps included in kerberos authentication users enters his user name and password to login [...]
We usally configure the proxy server to share the internet over the internal network, users inside the network can access the internet through the proxy server. All the logs of the internet usage are stored in proxy server logs files, but there is a problem in this condition. we cannot track the usage of internet [...]
In some areas they are different networks in the same building, we need a DHCP server to provide Ip address for the computers in this different networks. It is possible to configure DHCP server with multiple range of ip address. Configuration Example In the working example configuration shown below, the DHCP server host is only [...]
In mail service we can use alias function to forward the mails coming to a mail id to a another mail address, In some cases the destination mail address may be one for more. Basically they are 5 different types of alias methods which can be used to forward the mails. The 5 types are [...]
In some cases we can seen that there is attack coming to our server from a particular range of ip, in that case we need to block only that range not the full range. In that situtation we can use iptables Example: If attack is coming from 202.10.100.20 to range of 202.10.100.50 Use the command [...]
Hotlinking is the use of a linked object, often an image, from one site into a web page belonging to a second site. The second site is said to have an inline link to the site where the object is located. It is always recommended to enable hotlinking of images, else others use just links [...]
Kernel It makes sure that all processes in the system works fine Rebuilding It is done to optimize the kernel to suit our requirements as well as make it more secure from internet attacks Steps 1. Determining the current hardware This is required during configuration process to enable hardwares that our new kernel has to [...]
To find the processor type and details Get the Processor details: cat /proc/cpuinfo Find whether the processor is 32 or 64 bit: getconf LONG_BIT Find the architecture: uname -i
Ping Requests use ICMP protocols. This is enabled/disabled using sysctl values. To Disable Ping: echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all To Enable Ping: echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all
Scenario To log into “Server A” from “Server B” without using passwords. Users for both the server will be “root” Process Login to “Server B” as root user and generate key for the root user. No need to enter any passphrase while generating this key. ssh-keygen -t rsa Once the key is generated, copy [...]
Install openvpn using the rpm Installing OpenVPN from a binary RPM package has these dependencies: openssl lzo pamInstall rpms as root:# rpm -ivh openvpn-2.0.5-1.el4.rf.i386.rpm installing rpm rpm -ivh lzo-1.08-4.2.el4.rf.i386.rpm The main configuration directory for open vpn is /etc/openvpn Setting up your Certificate Authority (CA) and generating certificates and keys for an OpenVPN [...]
This comes into picture when one Admin doesn’t have physical access to a system in which Linux needs to be installed. Here we need help from one person who is having physical access to that remote machine to get it booted from bootable media and to type the command shown below command at boot prompt. [...]
Edit /etc/grub.conf dma=off apci=off apm=off edit /etc/hdparm.conf command_line { hdparm -d1 /dev/cdrom } command_line { hdparm -d1 /dev/cdrom1 } Edit sysctl.conf dev.cdrom.check_media = 0
Hi.. Guys Please follow the steps to install SSL certificate on Apache # cd /usr/local/apache # mkdir cert # cd cert 1. Generate your own Certificate Authority (CA) # openssl genrsa -out ca.key 4096 # openssl req -new -x509 -days 365 -key ca.key -out ca.crt 2.Generate a server key and request for signing (csr) # [...]
1.Download the compatibility plugin and Local Auto Responder plugin from http://squirrelmail.org 2.Extract it to the Squirrelmail – plugins directory cd /var/www/html/squirrelmail/plugins # tar xzf compatibility-2.0.9-1.0.tar.gz # cd compatibility 3.Patch it to your squirrelmail version # patch -p0 < patches/compatibility_patch-1.4.11.diff patching file ../../functions/strings.php 4.Configure the Squirrelmail to include the plugin # cd ../../config # ./conf.pl 5.Extract [...]
Hi All, I am Riyesh, Working as a Linux network engineer in Dubai, This site is maintained not for generating any revenues, instead, to share my thoughts and ideas freely on the Open source technology with the world. Please share your ideas or comments with me. You can always contact me riyesh@gmail.com Thanks, Riyesh Pulikkottil