Tag Archives: linux

Configuring VPN client under Linux

Leave a reply

Due to my work I sometimes have to VPN to my job from home. But I use a Linux PowerPC laptop and have to log in to a Cisco box. Cisco doesn’t provides support for Linux on PowerPC. So where is the solution? The solution is VPNC. How do we install it? Easy:

shell$ sudo aptitude install vpnc

Now we need to configure the config file. We are going to modify /etc/vpnc/example.conf.

shell$ sudo cp /etc/vpnc/example.conf /etc/vpnc/connect.conf
shell$ cat /etc/vpnc/connect.conf
#IPSec gateway
#IPSec ID
#IPSec secret
#IKE Authmode hybrid
#Xauth username

We need to replace the gateway entry with the IP/hostname of the server we want to connect to, the ID with the group you belong to, the secret with the password for the group you belong to and the username with your username. Once configured you just have to fire up vpnc.

shell$ sudo vpnc /etc/vpnc/connect.conf
Enter password for username@server:
Connect Banner:
| Connecting to VPN.

VPNC started in background (pid: 4566)…
shell$

Now you should be able to see a tun interface when executing /sbin/ifconfig.

shell$ /sbin/ifconfig tun0
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.20.22 P-t-P:192.168.20.22 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1412 Metric:1
RX packets:2 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:290 (290.0 B) TX bytes:154 (154.0 B)
shell$

Enjoy your VPN connection. More info here and here.

Google to stop using Windows

Leave a reply

I just woke up today and find out in the Financial Times that Google is going to stop using Windows due to security concerns.

Here is the link to the article. Think about the effect this has. It is true Google and Microsoft are competing in the Internet search and mobile phone market among other things. Microsoft tried to buy Yahoo in 2008 but negotiations failed. The fact that Google will no longer use Windows is like slapping Microsoft in the face and telling them their OS is a piece of crap even when they have 90% of the market. Could this be the start of Microsoft decline in the OS market? Time will tell, but I’ve heard this before.

Using expect

Leave a reply

Let’s give a brief intro to expect. Basically is a tool for automating interactive applications such as FTP, telnet, ssh and similar. Expect has regular expression pattern matching and general program capabilities.

Let’s start installing Expect. Type in your Debian based box:

sudo aptitude install expect

That’s it. You are done.

Now lets write a simple ssh expect script. Substitute user, password and hostname for the user, password and hostname to the machine you want to log into.

#!/usr/bin/expect
spawn ssh user@hostname
expect “user@hostname’s password:”
send “password\r”
expect “$\r”
send “who; pwd; last | head\r”
expect “$\r”
send “date; exit\r”
expect eof

The script is pretty simple. It basically logs into a box and executes date, pwd, who and last commands. But it clearly shows the power of expect for automating tasks.

More info at Wikipedia and Expect homepage.

Apache mod ReWrite in Debian

Leave a reply

Installing apache on a Debian server is quite easy. Just type:

sudo aptitude install apache2

But the previous command misses an important Apache module. The ModRewrite module. How do we install this module? There are two ways, the easy and the hard way. Lets explain the easy way first. Type:

sudo a2enmod rewrite && sudo /etc/init.d/apache2 restart

That’s it. Module installed and ready to go. Lets explain the hard way now.

sudo find /usr/lib -type f -name “mod_rewrite.so”

sudo vim /etc/apache2/mods-enabled/rewrite.load

Write the where the rewrite module is located, probably:

LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so

And finally:

sudo /etc/init.d/apache2 restart

Here is a small intro on how to use this module.

Enjoy.

Blocking SSH attacks with IPtables

Leave a reply

If you have a website running you might get brute force attacks on the ssh port. Below is an excerpt from the logs in /var/log/auth.log

Jan 28 21:32:16 server sshd[10855]: Failed password for illegal user root from 213.191.74.219 port 51033 ssh2
Jan 28 21:32:16 server sshd[10857]: Illegal user root from 213.191.74.219
Jan 28 21:32:16 server sshd[10857]: Failed password for illegal user root from 213.191.74.219 port 53722 ssh2
Jan 28 21:32:16 server sshd[10859]: Illegal user root from 213.191.74.219
Jan 28 21:32:16 server sshd[10859]: Failed password for illegal user root from 213.191.74.219 port 54393 ssh2
Jan 28 21:32:16 server sshd[10861]: Illegal user root from 213.191.74.219
Jan 28 21:32:16 server sshd[10861]: Failed password for illegal user root from 213.191.74.219 port 55099 ssh2

Blocking this attacks is really easy with IPtables. Just type the following from the CLI.


sudo iptables -A INPUT -i eth0 -p tcp –dport 22 -m state –state NEW -m recent –set –name SSH
sudo iptables -A INPUT -i eth0 -p tcp –dport 22 -m state –state NEW -m recent –update –seconds 60 –hitcount 3 –rttl –name SSH -j DROP

The above command will block ssh attacks on the SSH port on your server. Enjoy.