Life with Linux

1.       Download actual version of squint and extract it: http://www.ledge.co.za/software/squint/ wget www.ledge.co.za/software/squint/squint-0.3.18.tar.gz 2.       tar – zxvf squint-0.3.18.tar.gz         3.        cd squint-0.3.18            ##To see installation steps --- more INSTALL   ### 4.       cp squint.pl squint.cron.sh /usr/local/bin/ 5.         cd /usr/local/bin# restart squint.pl squint.cron.sh squint.cron.sh init 6.       squint.cron.sh all 7.       squint.cron.sh regen 8.       Now Edit BASEDIR=”/var/www/localhost/htdocs/squint”          ### unhash this Line and Changed to >     ...

To setup authentication, first we need to download the package apache2 (Debian). First, we need to create a file that would contain the username and passwords of users who are allowed access. Step 1: #apt-get install apache2 Step 2 : #vim /etc/squid/password_file Now, the file ownership must be changed as owner: root and group: proxy #chown root:proxy /etc/squid/password_file #chmod 640 /etc/squid/password_file   Step 3 : Create the users: #htpasswd /etc/squid/passwd username   Step 4:  #/etc/squid/squid.conf   acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl bol_network src 192.168.200.0/24 acl login proxy_auth REQUIRED    ### Edit This line   http_access allow bol_network login       ### Edit This line http_access deny all   edit:   auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd   The following lines should be...

The following lines have been taken from the file squid.conf. Each day can be represented by an alphabet. Moreover,browsing time can be limited using h1:m1 – h2:m2 parameters, where h1:m1 > h2:m2. #acl aclname time [day-abbrevs] [h1:m1-h2:m2] # day-abbrevs: # S - Sunday # M - Monday # T - Tuesday # W - Wednesday # H - Thursday # F - Friday # A - Saturday # h1:m1 must be less than h2:m2 # /etc/squid/squid.conf acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl time_limit time SMTWH 10:00 – 14:00 acl our_network src 192.168.200.0/24 http_access deny our_network time_limit http_access deny all Example: allow browsing during office hours only # /etc/squid/squid.conf acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl office_hours time SMTWH 08:00-18:00 acl non_office_hours time SMTWHFA 17:01-00:00 acl non_office_hours time SMTWHFA 00:00-08:59 acl our_network src 192.168.200.0/24 http_access deny our_network non_office_hou...

Blocking Specific MAC: acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl bad_MAC arp 192.168.200.100/32 acl our_network src 192.168.200.0/24 http_access deny bad_MAC http_access allow our_network http_access deny all Blocking Multiple MAC: We could write down the MACs one by one separated with ‘spaces’. Or we could create a file (in this case /etc/squid/invalid_MAC _file) containing the MACs. 48:5B:39:0C:CE:10 00:1F:D0:63:A3:03 acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl invalid_MAC src 48:5B:39:0C:CE:10 00:1F:D0:63:A3:03 acl invalid_MAC src “/etc/squid/invalid_MAC_file” acl our_network src 192.168.200.0/24 OR http_access deny invalid_MAC http_access allow our_network http_access deny all

Step 1: We could write down the IPs one by one separated with ‘spaces’. Or we could create a file (in this case /etc/squid/invalid_ip_file ) containing the IPs. 192.168.200.100 192.168.200.101 192.168.200.102 Step 2: vim /etc/squid/squid.conf acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl invalid_IP src 192.168.200.100 192.168.200.101 acl invalid_IP src “/etc/squid/invalid_ip_file”     ### Add this line acl our_network src 192.168.200.0/24 OR http_access deny invalid_IP    ###### Add this line http_access allow our_network http_access deny all

Step 1 : Create a folder  /etc/squid/bad_IP and put the IP: Step 2: vim /etc/squid/squid.conf acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 acl bad_IP src 192.168.200.100/32    ### Add this Line acl our_network src 192.168.200.0/24 http_access deny bad_IP       ### Add this line http_access allow our_network http_access deny all :wq!     ### Save and Exit

We would create a file /etc/squid/sitelist and add all to be blocked websites in the file. Below is a sample content of this file:      .bad_site.com \.hacker.$ \.mp3$                   #   \keyword? Indicates string keyword string acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8             acl our_network src 192.168.200.0/24 acl facebook url_regex [i] .facebook.com acl bad_domain urlpath_regex [i] “/etc/squid/sitelist”               http_access deny bad_domain http_access deny facebook http_access allow our_network   http_access deny all

This task can be done using the url_regex, srcdomain and dstdomain. url_regex checks the url for matching characters. acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8             acl our_network src 192.168.200.0/24 acl facebook url_regex [i] .facebook. com          #[i] means ignore case     http_access deny facebook http_access allow our_network http_access deny all                                                         

#apt-get install squid Minimum Configuration:                    edit      http_port 8080   acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 add      acl our_network src 192.168.200.0/24   In the part “ # Recommended minimum configuration:”   add       http_access allow our_network http_access deny all   save & exit (Esc+Shift+:wq!) # /etc/init.d/squid restart

1. apt-get install gcc g++ cpp libgmp3-dev zip file tnef make patch 2. apt-get install clamav-base clamav-daemon 3. freshclam -v For Spamassassin 4. apt-get install spamassassin    [ If show spamassassin Mail Filter Demon : Disabled ; then # vim /etc/default/spamassassin  ENABLED= 0 ( default )  ENABLED= 1 ( Changed to 1 ) ] 5. wget http://www.mailscanner.info/ files/4/tar/MailScanner- install-4.84.3-1.tar.gz [ -> http://www.mailscanner.info -> Downloads -> Stable : -> Version 4.84.5-3 for Solaris / BSD / Other Linux / Other Unix ] 6. tar -zxvf MailScanner-install-4.84.3-1 7. cd MailScanner-install-4.84.3-1 8. ./ install.sh             [ to run the installer scrip . After completion:  pkill -9 MailScanner (Stop) and /opt/MailScanner/bin/check_ mailscanner (Start) ] 9. vim rc.local  #  [ /opt/MailScanner/bin/check_ mailscanner (a...

Sometimes we may face problem with our webmail when the spam mails generated from it changing the from ID and from server itself (127.0.0.1). In that case we may enforce a authentication to access our webmail. Lets see how we can do it. Step 1: Create a file: vim /var/www/.htaccess AuthType Basic AuthName "Password Required" AuthUserFile /var/www/webmail/.htpasswd AuthGroupFile /dev/null Require user test Save and Exit. Step 2: Create another file: vim /var/www/webmail/.htpasswd Save and exit. Step 3: Edit the following file: vim /etc/apache2/sites-available/default Change  AllowOverride None to  AllowOverride All Save and Exit. Step 4: Now create the password: htpasswd -m /var/www/webmail/.htpasswd test New password: Re-type new password: Step 5: Now restart apache: /etc/init.d/apache2 restart Access your webmail address now

I used Debian 6.0.0 OS. Step: 1 At first we need apache. apt-get install apache2 Step: 2 Download openwebmail tar from internet. #wget http://www.openwebmail.org/openwebmail/download/release/openwebmail-2.53.tar.gz Step: 3 tar -zxvf openwebmail-2.53.tar.gz you will get to dirrectories named: " data " and " cgi-bin " Step: 4 cp -R cgi-bin/openwebmail  /usr/lib/cgi-bin/ # cd data/ cp -R openwebmail  /var/www vim /usr/lib/cgi-bin/openwebmail/etc/openwebmail.conf Edit the following: domainnames             pijush.com auth_module             auth_unix.pl mailspooldir            /var/mail ow_cgidir               /usr/lib/cgi-bin/openwebmail ow_cgiurl        ...

Mail Box: /var/mail : echo> "mail_ID"

1. Defferred mails delete:   postsuper -d ALL deferred   2.   Delete all queued messages from or to the domain called fackspamdomain.com : ./ postfix-delete.pl fackspamdomain.com   3. Delete all queued messages that contain the word "xyz" in the e-mail address: ./ postfix-delete.pl xyz

  By default postfix SMTP works on 25 port.   You can check this by following command with the output below: #netstat -nat tcp        0      0 0.0.0.0:25             0.0.0.0:*               LISTEN    Here we will change the port to 465 with SASL authentication. It is useful technique to fight against spam. Users those travel here and there with their laptops need not to change their e-mail client software settings also. Here is how we can do it.   Step 1 . Edit the file /etc/dovecot.conf and make sure your auth default section has the lines below. auth default { socket listen {   client {    path = /var/spool/postfix/private/auth    mode = 0660    user = postfix    group = postfix     }   }   mechanisms = plain login } Step 2 . Edit /etc/postfix/main.cf , fin...

Sometimes we get some undelivered mails from our users. It shows:   " cannot update mailbox /var/mail/xxxx. error writing message: File too large ". Step 1. Just put a line in postfix main.cf file. # vim /etc/postfix/main.cf virtual_mailbox_limit = 0 Let’s see how it works.

At first install the following packages. Step 1: apt-get install libtimedate-perl libnet-netmask-perl libberkeleydb-perl   Step 2: apt-get install pop-before-smtp   Step 3: vim /etc/pop-before-smtp/pop-before-smtp.conf ( unhash the following lines) $logto = '/var/log/pop-before-smtp'; $dbfile = '/var/lib/pop-before-smtp/hosts'; and the 4 lines portion of the following for Dovecot POP3/IMAP when using syslog. (Unhash the following four lines) $pat = '^[LOGTIME] \S+ (?:dovecot: )?(?:imap|pop3)-login: ' .    'Login: .*? (?:\[|rip=)[:f]*(\d+\.\d+\.\d+\.\d+)[],]'; $out_pat = '^[LOGTIME] \S+ (?:dovecot: )?(?:imap|pop3)-login: ' .    'Disconnected.*? (?:\[|rip=)[:f]*(\d+\.\d+\.\d+\.\d+)[],]'; Step 4: Now integrate with postfix. vim /etc/postfix/main.cf hash:/var/lib/pop-before-smtp/hosts (add this line with my networks) Step 5: restart pop-before-smtp   restart postfix       Checking log: t...