Category Archives: Linux Ubuntu

Linux Ubuntu

Certificate Installation: Apache & mod_ssl

Installing your Certificate on Apache with mod_ssl

  1. Extract all of the contents of the ZIP file that was sent to you and copy/move them to your server. The extracted contents will typically be named: yourDomainName.crt and yourDomainName.ca-bundle
    Move all of the certificate related files to their appropriate directories.

    A typical setup:

    1. Move the Private Key that was generated earlier to the ssl.key directory, which is typically found in /etc/ssl/. This must be a directory which only Apache can access.
  1. Move the yourDomainName.crt and yourDomainName.ca-bundle to the ssl.crt directory, which is typically found in the /etc/ssl/ directory.

Continue reading

วิธี Generate Private Key และ CSR บน Linux Apache 2048 linux command

  1. Login เข้าเครื่องโดยใช้สิทธิ์ root
  2. เริ่มต้นโดยทำการ Generate Private Key ด้วยการพิมพ์คำสั่งต่อไปนี้

openssl genrsa -out /etc/httpd/ssl/privatekey.key 2048

หมายเหตุ  /etc/httpd/ssl/   คื่อที่เก็บ  file   privatekey.key 2048

  1. ทำการ Generate CSR จากไฟล์ Key ที่ทำการ Gen ไว้ก่อนหน้านี้โดยพิมพ์คำสั่ง

openssl req -new -key /etc/httpd/ssl/privatekey.key -out /root/Desktop/request.csr

หมายเหตุ  out /root/Desktop/request.csr  คือที่เก็บ  file equest.csr

Continue reading

Basic Guide on IPTables (Linux Firewall) Tips / Commands

This tutorial guides you how firewall works in Linux Operating system and what is IPTables in Linux? Firewall decides fate of packets incoming and outgoing in system. IPTables is a rule based firewall and it is pre-installed on most of Linux operating system. By default it runs without any rules. IPTables was included in Kernel 2.4, prior it was called ipchains or ipfwadm. IPTables is a front-end tool to talk to the kernel and decides the packets to filter. This guide may help you to rough idea and basic commands of IPTables where we are going to describe practical iptables rules which you may refer and customized as per your need.

Different services is used for different protocols as:

  1. iptables applies to IPv4.
  2. ip6tables applies to IPv6.
  3. arptables applies to ARP.
  4. ebtables applies to Ethernet frames..

IPTables main files are:

  1. /etc/init.d/iptables – init script to start|stop|restart and save rulesets.
  2. /etc/sysconfig/iptables – where Rulesets are saved.
  3. /sbin/iptables – binary.

There are at present three tables.

  • Filter
  • NAT
  • Mangle

Continue reading

The Beginner’s Guide to iptables, the Linux Firewall

About iptables

iptables is a command-line firewall utility that uses policy chains to allow or block traffic. When a connection tries to establish itself on your system, iptables looks for a rule in its list to match it to. If it doesn’t find one, it resorts to the default action.

iptables almost always comes pre-installed on any Linux distribution. To update/install it, just retrieve the iptables package:

sudo apt-get install iptables

 

Continue reading

Block an IP address or an IP range with Iptables

1. Block an IP address or an IP range with Iptables

To block a hacker, you need to block its IP address in the firewall on your Linux server.
For this, we will use iptables to block incoming traffic from the IP address “xx.xx.xx.xx” (where xx.xx.xx.xx is the IP address of the hacker).

Code : Bash

1
iptables -I INPUT -s xx.xx.xx.xx -j DROP

If the hacker uses an IP range (for example : 10.0.0.10, 10.0.0.11, 10.0.0.12, … 10.0.0.20), simply use this command :

Code : Bash

1
iptables -I INPUT -m iprange --src-range 10.0.0.10-10.0.0.20 -j DROP

If you want to block the outgoing connection (your server => other servers) to an IP range, use the “–dst-range” parameter instead of the “–src-range” parameter.
Thus, your server will no longer be able to send data to this IP range.

Code : Bash

1
iptables -I INPUT -m iprange --dst-range 10.0.0.10-10.0.0.20 -j DROP

 

Continue reading

Changing file Permissions on linux

On computer filesystems, different files and directories have permissions that specify who and what can read, write, modify and access them. This is important because WordPress may need access to write to files in your wp-content directory to enable certain functions.

Permission Modes

  7       5     5
 user   group  world
 r+w+x  r+x    r+x
 4+2+1  4+0+1  4+0+1  = 755

The permission mode is computed by adding up the following values for the user, the file group, and for everyone else. The diagram shows how.

  • Read 4 – Allowed to read files
  • Write 2 – Allowed to write/modify files
  • eXecute1 – Read/write/delete/modify/directory
  7       4      4
 user   group  world
 r+w+x    r      r
 4+2+1  4+0+0  4+0+0  = 744

Example Permission Modes

Continue reading

ติดตั้ง DHCP Server บน Ubuntu

ติดตั้ง DHCP Server เพื่อทำให้ server แจกไอพีให้กับเครื่องลูกข่าย

# apt-get install dhcp 3-server
ตั้งค่าให้ DHCP Server แจกไอพี
# nano /etc/dhcp 3/dhcpd.conf
ตัวอย่างการตั้งค่า
subnet 192.168.10.0 netmask 255.255.255.0 {
range 192.168.10.10 192.168.10.250;
option domain-name-server 203.113.24.199 , 203.113.127.199;
option domain-name “homgun.com” ;
option routers 192.168.10.1 ;
option broadcast–address 192.168.10.255 ;
default–lease–time 600 ;
max–lease–time 7200 ;
}
สั่งให้ dhcp เริ่มทำงานใหม่

Continue reading