Tag: linux

Posted on

How to Secure SSH server from Brute-Force and DDOS with Fail2ban ( Ubuntu )

Fail2ban is a security tool used for preventing brute-force attack and Distributed Denial of Service (DDoS) attack to your GNU/Linux box.

Fail2ban monitors failed login attempts and subsequently blocks the ip address from further logins. Although Fail2ban can also be used to secure other services in Ubuntu server, in this post, I will only focus on securing SSH server.

Step 1: Install Fail2ban and (optionally) sendmail

sudo apt-get install fail2ban
sudo apt-get install sendmail-bin

Step 2: Setting up Fail2ban

Next, you need to configure fail2ban by creating a copy of ‘jail.conf’ to ‘jail.local’

cd /etc/fail2ban
sudo cp jail.conf jail.local

Step 3: General fail2ban configuration

Edit fail2ban configuration file using your favorite text-edito (I personally use ‘nano’)

sudo nano /etc/jail.local

You can set IP address for fail2ban to ignore, IP addresses can be separated by space.

Bantime is the duration of time that you want fail2ban to block suspicious attempt, the value is in seconds
Maxretry is the number of failed attempts before fail2ban block the IP-address, in this case 3600 means 1-hour ban

# "ignoreip" can be an IP address, a CIDR mask or a DNS host
ignoreip = 127.0.0.1 192.168.1.1
bantime  = 3600
maxretry = 3

Step 4: Enabling ssh and ssh-ddos protection
Find ssh configuration under [ssh] heading, and enable it.

[ssh]
enabled = true
port    = ssh
filter  = sshd
logpath  = /var/log/auth.log
maxretry = 3

Similarly, you can also enable [ssh-dos] protection by changing the enabled value to “enabled = true

[ssh-ddos]
enabled = true
port    = ssh
filter  = sshd-ddos
logpath  = /var/log/auth.log
maxretry = 2

Step 5: Enable Sending Notification Email (optional)
Optionally you can have fail2ban sends you notification email in case of suspicious login detected. To do that, you need to locate destemail settings and changed it to your email

destemail = security@mypapit.net

Fail2ban can use ‘sendmail’ and ‘mail’ application to send notification email

Step 6: (Re-)start Fail2ban
After all is done, you may save the file, and (re)start the fail2ban service

sudo /etc/init.d/fail2ban restart

You can test the configuration by trying to login into your box. You may also check fail2ban log in /var/logs/auth.log (or in other directory specified in jail.local)

For more information about fail2ban, you can read : the official fail2ban manual

Recommended Reading

Posted on

Dell Inspiron Duo Tablet Notebook Running Ubuntu (with Ubermix)

The video shows how cool Dell Inspiron Duo is when running Ubuntu.

This particular demo uses Ubuntu 10.10 (Maverick Meerkat) with Ubermix customization, which contains a collection of application suitable for netbook users.

Ubermix can be downloaded from its official website, please check the Netbook/table model specific instructions for proper installations.

Supported Netbooks

  • Dell Inspiron DUO iD-4495FNT Laptop
  • ASUS EEEPC 900 BK090XNetbooks)
  • ASUS Eee PC 1015PX
  • Dell Inspiron Mini 1018

    •  

    Posted on

    How to make sudo display funny error messages in Ubuntu Linux

    sudo is probably the most used command in Ubuntu.

    In this post, I will show you how to make ‘sudo’ display funny and humorous error messages in Ubuntu Linux.

    To do that, you would only need to edit the /etc/sudoers :

    sudo nano /etc/sudoers

    Then find the line that starts with Defaults env_reset, add insults at the end of the line so it would look like this:

    # See the man page for details on how to write a sudoers file
    #
    Defaults env_reset, insults

    Save the file, and you are done! You can test the results by running the sudo command and entering the wrong password.

    Screenshot Demo

    sudo insults

    Posted on

    Goodbye 2.6.x – A downloadable archive of all Linux 2.6.x kernel releases

    Linus Torvalds has announced Linux kernel 3.0-rc1, this marks the end of 2.6.x series line which has 40 releases since late 2003.

    To mark this event, Con Kolivas has made a tarball archive (163MB) of all 2.6.x releases available for download. The archive uses lrzip compression which can be installed from the standard Ubuntu apt-get repository.

    Note that the size of of the archive after decompression would reach 10.3 GB!

    Happy downloading, and hello Linux 3.0!

    Posted on

    How to solve Apache – Could not reliably determine the server’s fully qualified name – error in Ubuntu

    Apache2 web server will almost always display this information message :
    "Could not reliably determine the server's fully qualified name"
    when it is first started in Ubuntu and Debian server.

    The reason behind this message is because the web server fails to find the suitable domain name in the system.

    How to remove the message
    First, you need to edit “/etc/hosts” file and put your server name of choice in the file. For example:

    127.0.0.1 server.mylocal

    Then you need to add “ServerName” directive in the “/etc/apache2/apache2.conf” file.

    ServerName server.mylocal

    Finally, restart the web server for the changes to take effect. You will notice that the information message is gone now.

    $ sudo service apache2 restart

    Posted on

    How to mine Bitcoin in Ubuntu using OpenCL and Bitcoinminer.py

    Bitcoin is a form of decentralize digital currency, so unlike other digital currency services (like e-gold), bitcoin is not susceptible to be frozen, seized or invalidated. Bitcoin can be transfered transfered directly from person to person directly without intermediaries.

    Bitcoin are generated over the internet by application called bitcoin miners using a set of algorithm to ensure that the number of generated bitcoin is within predictable and limited range. Though with the numbers of bitcoin in circulation today means that it would require significant processing power to generate bitcoins, it doesn’t stop anybody who are willing to try and mine them.

    For a brief introduction to Bitcoin, please watch :

    Bitcoin Miner on Ubuntu ?
    Enter OpenCL and Bitcoinminer.py which allows bitcoin to be mined using a much more efficient GPU power (certain models of Nvidia and ATI graphic cards only, with appropriate drivers).

    Step 1: To install the miner, you need to “install python-pyopencl subversion.

    Step 2: Then you need to use subversion to obtain python-jsonrpc, by running:

    svn checkout http://svn.json-rpc.org/trunk/python-jsonrpc
    cd python-jsonrpc/
    sudo python setup.py install

    Step 3: Then you need to generate bitcoin.conf file:

    cd ..
    mkdir .bitcoin
    echo "rpcuser=username" > .bitcoin/bitcoin.conf
    echo "rpcpassword=password" >> .bitcoin/bitcoin.conf

    Step 4: After that, download BitcoinMiner files

    wget --no-check-certificate https://github.com/m0mchil/poclbm/raw/master/BitcoinMiner.cl
    wget --no-check-certificate https://github.com/m0mchil/poclbm/raw/master/BitcoinMiner.py
    wget --no-check-certificate https://github.com/m0mchil/poclbm/raw/master/poclbm.py

    Step 5: Download bitcoin server for linux

    wget http://iweb.dl.sourceforge.net/project/bitcoin/Bitcoin/bitcoin-0.3.19/bitcoin-0.3.19-linux.tar.gz
    tar xvf bitcoin-0.3.19-linux.tar.gz
    ~/bitcoin-0.3.19/bin/64/bitcoin -server&

    Step 6: Then finally, running the miner

    python poclbm.py -d 0 --user username --pass password

    The parameter -d 0 denotes that the miner will use GPU #1 for its bitcoin mining generation, increment it to -d 1 for GPU #2 and so forth. Change the “password” and “username” parameter from Step 3 and Step 6 appropriately to keep people from reaping the fruits (read: steal bitcoins) of your mining operation.

    For more information about mining bitcoins and about Bitcoin in general, please visit : WeUseCoins website