Install Firewall (APF or CSF Firewall with BFD)
ModSecurity (Web application firewall)
ModEvasive (Prevent DDOS attacks)
Harden SSH server
Fix Open DNS Recursion
Install RKhunter
Install ClamAV (Antivirus)
XInet Servers Hardening (Disable Telnet/Finger or unwanted services)
Securing PHP
PortsEntry (tool to detect portscans)
Harden host.conf (against IP spoofing)
Check User Uploaded files
Secure /tmp Folders (noexec, nosuid)
This article assumes that you have installed a RedHat Enterprise or CentOS and not guaranteed to work, although we have tested on several CentOS 4.5 with success.
The first thing is make sure we have installed the libxml2 library, for it only have to do a search on our system, if installed normally. (XPC Note: Try “yum install libxml2-devel”) 继续阅读install mod_security2 on centos / redhat
本机操作系统为vista,virtualbox版本为3.1.2 r56127,虚拟机为CentOS 5.4 i386。安装vitualbox增强功能的步骤:
1.启动CentOS,以root身份登录,进入桌面环境。
2.在virtualbox菜单中选择“设备–>安装增强功能”,会在桌面上出现一个“VBOXADDITIONS_3.1.2_56127”图标。
3.双击上述图标,打开文件窗口,选择“工具–>打开终端”菜单,进入终端模式。
4.执行如下命令:
#yum install kernel-devel //执行此命令提示有错误,忽略;
#yum install gcc //执行此命令提示有错误,忽略;
ln -s /usr/src/kernels/2.6.18-……-i686 /usr/src/linux //省略号处用TAB键补全
sh VBoxLinuxAdditions-x86.run
5.重启系统即可。
6.更改屏幕分辨率:
#vi /etc/X11/xorg.conf SubSection "Display" Viewport 0 0 Depth 24 Modes "1024x768" "800x600" "640x480" EndSubSection
一步完成mysql数据库复制。
mysqldump esojourn --opt -u root -p | mysql esojourn -h 192.168.0.2 -u root -p
我下面对这个命令的几个部分说明一下。mysqldump wap –opt,是把名为wap的这个数据库导出到标准输出。并且使用–opt选项。 –opt 等效于–add-drop-table, –add-locks, –create-options, –quick, –extended-insert, –lock-tables, –set-charset, 和–disable-keys。这在完全导出然后完全导入数据的时候,非常有用。
小心前后别弄反。要不就悲剧大了。
不说过程,直接说结论吧。用ext2fsd兼容性很好。http://www.ext2fsd.com/
其他很多工具都没能找到RAID卡带起来的硬盘。感觉ext2fsd用了更底层的办法,直接找到RAID驱动,找到了linux分区。重启后就挂接到windows自己的资源管理器里了。很不错。
下载:http://sourceforge.net/projects/ext2fsd/files/
Fail2ban is failing to ban VSFTPD bruteforce:
In my case with VSFTPD, with unresolvable DNS names from /var/log/secure:
Scenario: VSFTP configuration is set for PAM authentication, using xferlog in standard format. Fail2ban for vsftpd is watching /var/log/secure
Problem: PAM sends failed login information to /var/log/secure, but the remote server’s IP address has been replaced by a DNS name. Resulting DNS name does not resolve or does not resolve correctly, thus fail2ban is unable to ban the IP address.
Fix: Configure VSFTP for “dual_log_enable=YES”, and have fail2ban watch /var/log/vsftpd.log instead. This log file shows the incoming ip address instead of the DNS name.
[ update: you also need to adde’use_localtime=YES’ to config file of VSFTPD. otherwise, above trick not working. it took me hours to solve the problem. :(]