Life with Linux

apt-get install vsftpd /etc# vim vsftpd.conf ​​ listen=YES anonymous_enable=NO local_enable=YES write_enable=YES anon_upload_enable=NO anon_mkdir_write_enable=NO dirmessage_enable=YES use_localtime=YES xferlog_enable=YES connect_from_port_20=YES secure_chroot_dir=/var/run/ vsftpd/empty pam_service_name=vsftpd rsa_cert_file=/etc/ssl/ private/vsftpd.pem

Question: 1. how to install squint? 2. how to restart squint? 3. how to set schedule timer for update at squint? 4. how can we create user for squint? Solution: 1. Squint Installation: root@proxy:~# wget www.ledge.co.za/software/squint/squint-0.3.8.tar.gz [root@mail ~]# tar -zxvf squint-0.3.8.tar.gz squint-0.3.8/ squint-0.3.8/Makefile squint-0.3.8/COPYING squint-0.3.8/Changelog squint-0.3.8/TODO squint-0.3.8/fakenames squint-0.3.8/INSTALL squint-0.3.8/userlist squint-0.3.8/squint.cron.sh squint-0.3.8/squint.pl root@proxy:~# cd /root/squint-0.3.8 root@proxy:~# cp squint.pl squint.cron.sh /usr/local/bin root@proxy:~# squint.cron.sh init root@proxy:~# squint.cron.sh all 2. Restart Squint: root@proxy:~# squint.cron.sh all 3. Set the update schedule everyday at 1:30 PM from corn.d file like this way, root@proxy:~# vim /etc/crontab # m h dom mon dow user  command # squint squid reports # Weekly, on Mondays 00 01 * * *  root /usr/lo

1 .apt-get update     apt-get upgrade 2. wget http://prdownloads.sourceforge.net/webadmin/webmin_1.590_all.deb 3. dpkg --install webmin_1.590_all.deb ############# http://webmin.com/deb.html ################# webmin password change: /usr/share/webmin/ changepass. pl /etc/webmin username password

1: apt-get install isc-dhcp-server 2. vim /etc/dhcp/dhcpd.conf Edit these two lines: option domain-name "bol-online.com"; option domain-name-servers 202.84.32.22, 202.84.32.23;            [ DNS ] And also these three lines: subnet 192.168.4.0 netmask 255.255.255.0 { range 192.168.4.1 192.168.4.20 ; option routers 192.168.4.254 ;                        [ Local Gateway ] } 3. /etc/init.d/isc-dhcp-server restart

1.       Download actual version of squint and extract it: http://www.ledge.co.za/software/squint/ wget www.ledge.co.za/software/squint/squint-0.3.18.tar.gz 2.       tar – zxvf squint-0.3.18.tar.gz         3.        cd squint-0.3.18            ##To see installation steps --- more INSTALL   ### 4.       cp squint.pl squint.cron.sh /usr/local/bin/ 5.         cd /usr/local/bin# restart squint.pl squint.cron.sh squint.cron.sh init 6.       squint.cron.sh all 7.       squint.cron.sh regen 8.       Now Edit BASEDIR=”/var/www/localhost/htdocs/squint”          ### unhash this Line and Changed to >             BASEDIR=”/var/www/squint/”              LOGDIR=”/var/log/squid”      ### UNHASH THIS Line           HTTPDCONF=/etc/ apache2 /httpd.conf        #### add apache2   :wq! 9.        squint.cron.sh all 10.    vim /etc/crontab Edid time to required restart squint 11.    /etc/init.d/cron restart Now Squint is ready to

To setup authentication, first we need to download the package apache2 (Debian). First, we need to create a file that would contain the username and passwords of users who are allowed access. Step 1: #apt-get install apache2 Step 2 : #vim /etc/squid/password_file Now, the file ownership must be changed as owner: root and group: proxy #chown root:proxy /etc/squid/password_file #chmod 640 /etc/squid/password_file   Step 3 : Create the users: #htpasswd /etc/squid/passwd username   Step 4:  #/etc/squid/squid.conf   acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl bol_network src 192.168.200.0/24 acl login proxy_auth REQUIRED    ### Edit This line   http_access allow bol_network login       ### Edit This line http_access deny all   edit:   auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd   The following lines should be in the file. It is likely that no change would be required   auth_para

The following lines have been taken from the file squid.conf. Each day can be represented by an alphabet. Moreover,browsing time can be limited using h1:m1 – h2:m2 parameters, where h1:m1 > h2:m2. #acl aclname time [day-abbrevs] [h1:m1-h2:m2] # day-abbrevs: # S - Sunday # M - Monday # T - Tuesday # W - Wednesday # H - Thursday # F - Friday # A - Saturday # h1:m1 must be less than h2:m2 # /etc/squid/squid.conf acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl time_limit time SMTWH 10:00 – 14:00 acl our_network src 192.168.200.0/24 http_access deny our_network time_limit http_access deny all Example: allow browsing during office hours only # /etc/squid/squid.conf acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl office_hours time SMTWH 08:00-18:00 acl non_office_hours time SMTWHFA 17:01-00:00 acl non_office_hours time SMTWHFA 00:00-08:59 acl our_network src 192.168.200.0/24 http_access deny our_network non_office_hou

Blocking Specific MAC: acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl bad_MAC arp 192.168.200.100/32 acl our_network src 192.168.200.0/24 http_access deny bad_MAC http_access allow our_network http_access deny all Blocking Multiple MAC: We could write down the MACs one by one separated with ‘spaces’. Or we could create a file (in this case /etc/squid/invalid_MAC _file) containing the MACs. 48:5B:39:0C:CE:10 00:1F:D0:63:A3:03 acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl invalid_MAC src 48:5B:39:0C:CE:10 00:1F:D0:63:A3:03 acl invalid_MAC src “/etc/squid/invalid_MAC_file” acl our_network src 192.168.200.0/24 OR http_access deny invalid_MAC http_access allow our_network http_access deny all

Step 1: We could write down the IPs one by one separated with ‘spaces’. Or we could create a file (in this case /etc/squid/invalid_ip_file ) containing the IPs. 192.168.200.100 192.168.200.101 192.168.200.102 Step 2: vim /etc/squid/squid.conf acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl invalid_IP src 192.168.200.100 192.168.200.101 acl invalid_IP src “/etc/squid/invalid_ip_file”     ### Add this line acl our_network src 192.168.200.0/24 OR http_access deny invalid_IP    ###### Add this line http_access allow our_network http_access deny all

Step 1 : Create a folder  /etc/squid/bad_IP and put the IP: Step 2: vim /etc/squid/squid.conf acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl bad_IP src 192.168.200.100/32    ### Add this Line acl our_network src 192.168.200.0/24 http_access deny bad_IP       ### Add this line http_access allow our_network http_access deny all :wq!     ### Save and Exit

We would create a file /etc/squid/sitelist and add all to be blocked websites in the file. Below is a sample content of this file:      .bad_site.com \.hacker.$ \.mp3$                   #   \keyword? Indicates string keyword string acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8             acl our_network src 192.168.200.0/24 acl facebook url_regex [i] .facebook.com acl bad_domain urlpath_regex [i] “/etc/squid/sitelist”               http_access deny bad_domain http_access deny facebook http_access allow our_network   http_access deny all

This task can be done using the url_regex, srcdomain and dstdomain. url_regex checks the url for matching characters. acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8             acl our_network src 192.168.200.0/24 acl facebook url_regex [i] .facebook. com          #[i] means ignore case     http_access deny facebook http_access allow our_network http_access deny all                                                         

#apt-get install squid Minimum Configuration:                    edit      http_port 8080   acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 add      acl our_network src 192.168.200.0/24   In the part “ # Recommended minimum configuration:”   add       http_access allow our_network http_access deny all   save & exit (Esc+Shift+:wq!) # /etc/init.d/squid restart

1. apt-get install gcc g++ cpp libgmp3-dev zip file tnef make patch 2. apt-get install clamav-base clamav-daemon 3. freshclam -v For Spamassassin 4. apt-get install spamassassin    [ If show spamassassin Mail Filter Demon : Disabled ; then # vim /etc/default/spamassassin  ENABLED= 0 ( default )  ENABLED= 1 ( Changed to 1 ) ] 5. wget http://www.mailscanner.info/ files/4/tar/MailScanner- install-4.84.3-1.tar.gz [ -> http://www.mailscanner.info -> Downloads -> Stable : -> Version 4.84.5-3 for Solaris / BSD / Other Linux / Other Unix ] 6. tar -zxvf MailScanner-install-4.84.3-1 7. cd MailScanner-install-4.84.3-1 8. ./ install.sh             [ to run the installer scrip . After completion:  pkill -9 MailScanner (Stop) and /opt/MailScanner/bin/check_ mailscanner (Start) ] 9. vim rc.local  #  [ /opt/MailScanner/bin/check_ mailscanner (add this line) ] 10. vim /opt/MailScanner/etc/ MailScanner.conf    ->   Run As Us

Sometimes we may face problem with our webmail when the spam mails generated from it changing the from ID and from server itself (127.0.0.1). In that case we may enforce a authentication to access our webmail. Lets see how we can do it. Step 1: Create a file: vim /var/www/.htaccess AuthType Basic AuthName "Password Required" AuthUserFile /var/www/webmail/.htpasswd AuthGroupFile /dev/null Require user test Save and Exit. Step 2: Create another file: vim /var/www/webmail/.htpasswd Save and exit. Step 3: Edit the following file: vim /etc/apache2/sites-available/default Change  AllowOverride None to  AllowOverride All Save and Exit. Step 4: Now create the password: htpasswd -m /var/www/webmail/.htpasswd test New password: Re-type new password: Step 5: Now restart apache: /etc/init.d/apache2 restart Access your webmail address now

I used Debian 6.0.0 OS. Step: 1 At first we need apache. apt-get install apache2 Step: 2 Download openwebmail tar from internet. #wget http://www.openwebmail.org/openwebmail/download/release/openwebmail-2.53.tar.gz Step: 3 tar -zxvf openwebmail-2.53.tar.gz you will get to dirrectories named: " data " and " cgi-bin " Step: 4 cp -R cgi-bin/openwebmail  /usr/lib/cgi-bin/ # cd data/ cp -R openwebmail  /var/www vim /usr/lib/cgi-bin/openwebmail/etc/openwebmail.conf Edit the following: domainnames             pijush.com auth_module             auth_unix.pl mailspooldir            /var/mail ow_cgidir               /usr/lib/cgi-bin/openwebmail ow_cgiurl               /cgi-bin/openwebmail ow_htmldir              /var/www/openwebmail ow_htmlurl              /openwebmail logfile                 /var/log/openwebmail.log Step: 5 vim /usr/lib/cgi-bin/openwebmail/etc/defaults/auth_unix.conf Edit the following: passwdfile_encrypted    /

Mail Box: /var/mail : echo> "mail_ID"

1. Defferred mails delete:   postsuper -d ALL deferred   2.   Delete all queued messages from or to the domain called fackspamdomain.com : ./ postfix-delete.pl fackspamdomain.com   3. Delete all queued messages that contain the word "xyz" in the e-mail address: ./ postfix-delete.pl xyz

  By default postfix SMTP works on 25 port.   You can check this by following command with the output below: #netstat -nat tcp        0      0 0.0.0.0:25             0.0.0.0:*               LISTEN    Here we will change the port to 465 with SASL authentication. It is useful technique to fight against spam. Users those travel here and there with their laptops need not to change their e-mail client software settings also. Here is how we can do it.   Step 1 . Edit the file /etc/dovecot.conf and make sure your auth default section has the lines below. auth default { socket listen {   client {    path = /var/spool/postfix/private/auth    mode = 0660    user = postfix    group = postfix     }   }   mechanisms = plain login } Step 2 . Edit /etc/postfix/main.cf , find the keys below and change its values as follows or add it at the bottom of the file if the key (the word before the = sign) cannot be found. mynetworks = 127.0.0.0/8 smtpd_sasl_type

Sometimes we get some undelivered mails from our users. It shows:   " cannot update mailbox /var/mail/xxxx. error writing message: File too large ". Step 1. Just put a line in postfix main.cf file. # vim /etc/postfix/main.cf virtual_mailbox_limit = 0 Let’s see how it works.