DOCSLIB.ORG

การติดตั้ง Webserver โดยใช้ Freebsd

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
การติดตั้ง Webserver โดยใช้ Freebsd การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 Rev001: Apr 1,2011 § การตดติ งั้ WebServer โดยใช ้ FreeBSD 8.2 § กรณีศกษาึ www.mu-ph.org โดย เสรมพิ นธั ุ ์ นตยิ นรา์ Email: [email protected] 1 เมษายน 2554 [** Rev01 : Apr 01,2011 **] * * * * * * * * * Objective: ต้องการทาํ WebServer ของ องค์กร ให้ทุกฝ่ ายในองค์กรม ี WebSite ใช้งาน โดยให้เนือท้ ฝี่ ่ ายละ 1 GBytes Specifications ของเครื่องที่ใช้ www# dmesg Copyright (c) 1992-2011 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 8.2-RELEASE #0: Fri Feb 18 02:24:46 UTC 2011 [email protected]:/usr/obj/usr/src/sys/GENERIC i386 Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Xeon(TM) CPU 2.40GHz (2392.06-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf29 Family = f Model = 2 Stepping = 9 Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI, MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE> Features2=0x4400<CNXT-ID,xTPR> real memory = 1073741824 (1024 MB) avail memory = 1036226560 (988 MB) ACPI APIC Table: <DELL PE1600SC> FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs FreeBSD/SMP: 4 package(s) x 1 core(s) cpu0 (BSP): APIC ID: 0 cpu1 (AP): APIC ID: 1 cpu2 (AP): APIC ID: 6 cpu3 (AP): APIC ID: 7 แบ่ง partition ดังนี ้ www# df Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/amrd0s1a 1012974 176512 755426 19% / devfs 1 1 0 100% /dev /dev/amrd0s1h 63488502 4 58409418 0% /backups /dev/amrd0s1g 1012974 12 931926 0% /tmp /dev/amrd0s1e 5077038 832996 3837880 18% /usr /dev/amrd0s1f 50777034 4 46714868 0% /usr/local/www /dev/amrd0s1d 15231278 278 14012498 0% /var www# โปรแกรมทลงี่ 1. แก้ไขแฟ้มที่จําเป็น 2. Compile Kernel เพื่อให้รองรับ Firewall และ Quota 3. Update ports tree 4. การติดตั้ง Firewall 5. การทํา Quota 6. ติดตั้ง mysql55-server 7. ติดตั้ง Apache22 การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 โดย เสริมพนธั ุ ์ นิตยนรา์ Page 1 การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 Rev001: Apr 1,2011 8. ติดตั้ง PHP52 9. ติดตั้ง PHP52-extensions 10. ติดตั้ง ZendOptimizer 11. ติดตั้ง webmin 12. ติดตั้ง phpmyadmin 13. ติดตั้ง vsftp 14. ติดตั้ง awstats 15. ติดตั้ง ntp 16. ติดตั้ง clamav 17. ติดตั้ง lynx 18. ติดตั้ง denyhosts 19. ติดตั้ง zip & unzip 20. การ Backup เวบ การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 โดย เสริมพนธั ุ ์ นิตยนรา์ Page 2 การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 Rev001: Apr 1,2011 ลําดบทั ี่ 1). แก้ไขแฟ้มทจี่ ําเป็น ในการตดติ งสามารถศั้ กษาไดึ จาก้ http://bsd.psru.ac.th/microcom/micro240/install53_1.pdf http://bsd.psru.ac.th/microcom/micro240/install53_2.pdf เมอตื่ ดติ งั้ FreeBSD 8.1 เรยบรี อยแล้ ว้ เราก็ทําการแกไขแฟ้ ้ มทจี่ ําเป็ นเบองตื้ น้ ทําไดโดย้ login as: sermpan Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 8.2-RELEASE (GENERIC) #0: Fri Feb 18 02:24:46 UTC 2011 Welcome to FreeBSD! Before seeking technical support, please use the following resources: o Security advisories and updated errata information for all releases are at http://www.FreeBSD.org/releases/ - always consult the ERRATA section for your release first as it's updated frequently. o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and, along with the mailing lists, can be searched by going to http://www.FreeBSD.org/search/. If the doc distribution has been installed, they're also available formatted in /usr/share/doc. If you still have a question or problem, please take the output of `uname -a', along with any relevant error messages, and email it as a question to the [email protected] mailing list. If you are unfamiliar with FreeBSD's directory layout, please refer to the hier(7) manual page. If you are not familiar with manual pages, type `man man'. You may also use sysinstall(8) to re-enter the installation and configuration utility. Edit /etc/motd to change this login announcement. $ su Password: เรมดิ่ วยแก้ แฟ้ ้ม /etc/motd ลบทไมี่ จ่ ําเป็ นออก เหลอเพื ยงี 4 บรรทัดขางล้ าง่ แลว้ save www# vi /etc/motd FreeBSD 8.2-RELEASE (GENERIC) #0: Fri Feb 18 02:24:46 UTC 2011 Welcome to FreeBSD! ลําดับตอไปแก่ แฟ้ ้ม Welcome ใหลดการ้ Delay จาก 10 วนาทิ ี เหลอื 3 วนาทิ ี www# vi /boot/defaults/loader.conf ############################################################## ### Loader settings ######################################## ############################################################## #autoboot_delay="10" # Delay in seconds before autobooting, autoboot_delay="3" # Delay in seconds before autobooting, และแกแฟ้ ้ม sshd_config เพออนื่ ุญาตให ้ User ชอื่ sermpan สามารถทจะี่ Secure Shell ไดแต้ เพ่ ยงผี เดู ้ ยวี www# vi /etc/ssh/sshd_config # Authentication: AllowUsers sermpan #LoginGraceTime 2m #PermitRootLogin no #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 Save แลวส้ ง่ั Reload www# /etc/rc.d/sshd reload www# การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 โดย เสริมพนธั ุ ์ นิตยนรา์ Page 3 การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 Rev001: Apr 1,2011 ลําดบทั ี่ 2). Compile Kernel เพื่อให้รองรับ Firewall และ Quota www# cd /usr/src/sys/i386/conf/ www# cp GENERIC MU-PH www# vi MU-PH ; ใหได้ เป้ ็ นดังน ี้ (เพมใสิ่ ส่ วนท่ เปี่ ็ นพนสื้ แดงี ) www# cat MU-PH # # GENERIC -- Generic kernel configuration file for FreeBSD/i386 # # For more information on this file, please read the handbook section on # Kernel Configuration Files: # # http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html # # The handbook is also available locally in /usr/share/doc/handbook # if you've installed the doc distribution, otherwise always see the # FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the # latest information. # # An exhaustive list of options and more detailed explanations of the # device lines is also present in the ../../conf/NOTES and NOTES files. # If you are in doubt as to the purpose or necessity of a line, check first # in NOTES. # # $FreeBSD: src/sys/i386/conf/GENERIC,v 1.474.2.15.2.1 2008/11/25 02:59:29 kensmith Exp $ cpu I486_CPU cpu I586_CPU cpu I686_CPU #ident GENERIC ident MU-PH # To statically compile in device wiring instead of /boot/device.hints #hints "GENERIC.hints" # Default places to look for devices. # Use the following to compile in values accessible to the kernel # through getenv() (or kenv(1) in userland). The format of the file # is 'variable=value', see kenv(1) # # env "GENERIC.env" makeoptions DEBUG=-g # Build kernel with gdb(1) debug symbols options SCHED_ULE # ULE scheduler options PREEMPTION # Enable kernel thread preemption options INET # InterNETworking options INET6 # IPv6 communications protocols options SCTP # Stream Control Transmission Protocol options FFS # Berkeley Fast Filesystem options SOFTUPDATES # Enable FFS soft updates support options UFS_ACL # Support for access control lists options UFS_DIRHASH # Improve performance on big directories options UFS_GJOURNAL # Enable gjournal-based UFS journaling options MD_ROOT # MD is a potential root device options NFSCLIENT # Network Filesystem Client options NFSSERVER # Network Filesystem Server options NFSLOCKD # Network Lock Manager options NFS_ROOT # NFS usable as /, requires NFSCLIENT options MSDOSFS # MSDOS Filesystem options CD9660 # ISO 9660 Filesystem options PROCFS # Process filesystem (requires PSEUDOFS) options PSEUDOFS # Pseudo-filesystem framework options GEOM_PART_GPT # GUID Partition Tables. options GEOM_LABEL # Provides labelization options COMPAT_43TTY # BSD 4.3 TTY compat (sgtty) options COMPAT_FREEBSD4 # Compatible with FreeBSD4 options COMPAT_FREEBSD5 # Compatible with FreeBSD5 options COMPAT_FREEBSD6 # Compatible with FreeBSD6 options COMPAT_FREEBSD7 # Compatible with FreeBSD7 options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI options KTRACE # ktrace(1) support options STACK # stack(9) support options SYSVSHM # SYSV-style shared memory options SYSVMSG # SYSV-style message queues options SYSVSEM # SYSV-style semaphores options P1003_1B_SEMAPHORES # POSIX-style semaphores options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions options PRINTF_BUFR_SIZE=128 # Prevent printf output being interspersed. options KBD_INSTALL_CDEV # install a CDEV entry in /dev options HWPMC_HOOKS # Necessary kernel hooks for hwpmc(4) options AUDIT # Security event auditing options MAC # TrustedBSD MAC Framework options FLOWTABLE # per-cpu routing cache การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 โดย เสริมพนธั ุ ์ นิตยนรา์ Page 4 การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 Rev001: Apr 1,2011 #options KDTRACE_HOOKS # Kernel DTrace hooks options INCLUDE_CONFIG_FILE # Include this file in kernel options KDB # Kernel debugger related code options KDB_TRACE # Print a stack trace for a panic # # Add Firewall & Quota to kernel # options IPFIREWALL options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=120 options IPDIVERT options QUOTA # # End of Additional Line # . www# pwd /usr/src/sys/i386/conf www# ll -rw-r--r-- 1 root wheel 13 Jun 20 2005 .cvsignore -rw-r--r-- 1 root wheel 598 Dec 22 00:09 DEFAULTS -rw-r--r-- 1 root wheel 13322 Dec 22 00:09 GENERIC -rw-r--r-- 1 root wheel 878 Dec 22 00:09 GENERIC.hints -rw-r--r-- 1 root wheel 13638 Apr 1 13:27 MU-PH -rw-r--r-- 1 root wheel 148 Dec 22 00:09 Makefile -rw-r--r-- 1 root wheel 31788 Dec 22 00:09 NOTES -rw-r--r-- 1 root wheel 1646 Dec 22 00:09 PAE -rw-r--r-- 1 root wheel 3487 Dec 22 00:09 XBOX -rw-r--r-- 1 root wheel 3238 Dec 22 00:09 XEN www# config MU-PH Kernel build directory is ../compile/MU-PH Don't forget to do ``make cleandepend && make depend'' www# cd ../compile/MU-PH www# make depend ; make ; make install . ===> zfs (install) install -o root -g wheel -m 555 zfs.ko /boot/kernel install -o root -g wheel -m 555 zfs.ko.symbols /boot/kernel ===> zlib (install) install -o root -g wheel -m 555 zlib.ko /boot/kernel install -o root -g wheel -m 555 zlib.ko.symbols /boot/kernel kldxref /boot/kernel www# รอจนกระทงท่ั ํางานเสร็จ สง่ั Reboot www# reboot การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 โดย เสริมพนธั ุ ์ นิตยนรา์ Page 5 การติดต้งั WebServer โดยใช ้ FreeBSD 8.2 Rev001: Apr 1,2011 ลําดบทั ี่ 3).
Load more

Recommended publications
  • The Science DMZ
    The Science DMZ Brian Tierney, Eli Dart, Eric Pouyoul, Jason Zurawski ESnet Supporting Data-Intensive Research Workshop QuestNet 2013 Gold Coast, Australia July 2, 2013 What’s there to worry about? © Owen Humphreys/National Geographic Traveler Photo Contest 2013 7/2/13 2 Lawrence Berkeley National Laboratory U.S. Department of Energy | Office of Science The Science DMZ in 1 Slide Consists of three key components, all required: “Friction free” network path • Highly capable network devices (wire-speed, deep queues) • Virtual circuit connectivity option • Security policy and enforcement specific to science workflows • Located at or near site perimeter if possible Dedicated, high-performance Data Transfer Nodes (DTNs) • Hardware, operating system, libraries all optimized for transfer • Includes optimized data transfer tools such as Globus Online and GridFTP Performance measurement/test node • perfSONAR Details at http://fasterdata.es.net/science-dmz/ Lawrence Berkeley National Laboratory U.S. Department of Energy | Office of Science Overview Part 1: • What is ESnet? • Science DMZ Motivation • Science DMZ Architecture Part 2: • PerfSONAR • The Data Transfer Node • Data Transfer Tools Part 3: • Science DMZ Security Best Practices • Conclusions Lawrence Berkeley National Laboratory U.S. Department of Energy | Office of Science The Energy Sciences Network (ESnet) A Department of Energy Facility Naonal Fiber footprint Distributed Team of 35 Science Data Network Internaonal Collaboraons Mul3ple 10G waves 5 Lawrence Berkeley National Laboratory U.S. Department of Energy | Office of Science ESnetSC Supports Supports Research DOE at More Office than 300 of Institutions Science Across the U.S. Universities DOE laboratories The Office of Science supports: 27,000 Ph.D.s, graduate students, undergraduates, engineers, and technicians 26,000 users of open-access facilities 300 leading academic institutions 17 DOE laboratories 6 Lawrence Berkeley National Laboratory U.S.
    [Show full text]
  • Linux Networking Cookbook.Pdf
    Linux Networking Cookbook ™ Carla Schroder Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo Linux Networking Cookbook™ by Carla Schroder Copyright © 2008 O’Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (safari.oreilly.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 or [email protected]. Editor: Mike Loukides Indexer: John Bickelhaupt Production Editor: Sumita Mukherji Cover Designer: Karen Montgomery Copyeditor: Derek Di Matteo Interior Designer: David Futato Proofreader: Sumita Mukherji Illustrator: Jessamyn Read Printing History: November 2007: First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. The Cookbook series designations, Linux Networking Cookbook, the image of a female blacksmith, and related trade dress are trademarks of O’Reilly Media, Inc. Java™ is a trademark of Sun Microsystems, Inc. .NET is a registered trademark of Microsoft Corporation. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
    [Show full text]
  • Webserver-Freebsd-7-2.Pdf
    µ¦·´Ê WebServer Ã¥Äo FreeBSD 7.2 § дѥішѧчшѤѸк WebServer ѱчѕѲнҖ FreeBSD 7.2 § діцѨћѩдќѥ www.mu-ph.org ѱчѕ ѯѝіѧєёѤьыѫҙ ьѧшѕҙьіѥ Email: [email protected] 12 ѝѧкўѥзє 2552 * * * * * * * * * Objective: шҖѠкдѥіъѼѥ WebServer еѠк Ѡкзҙді ѲўҖъдѐѫ ҐѥѕѲьѠкзҙдієѨ WebSite ѲнҖкѥь ѱчѕѲўҖ ѯьѪѸѠъзьјѣѨѷ 5 GBytes Specifications °Á¦ºÉ°¸ÉÄo CPU: Intel(R) Xeon(R) CPU E5405 @ 2.00GHz (1995.01-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x1067a Stepping = 10 Ram 2G HardDisk IDE 500G ¨³ 250 εª­°o° o°Â¦ 500G ­¦oµ / , swap ¨³ /backups o°¸É­° 250G ­¦oµ /var , /tmp , /usr ¨³ /usr/local Lan card 1 Ä (onboard) Ân partion ´¸Ê www# df Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/ad5s1a 507630 146844 320176 31% / devfs 1 1 0 100% /dev /dev/ad7s1g 400913540 16644420 352196038 5% /backups /dev/ad7s1e 1012974 12 931926 0% /tmp /dev/ad7s1f 10154158 1150928 8190898 12% /usr /dev/ad5s1d 231978828 4 213420518 0% /usr/local /dev/ad7s1d 60931274 1066 56055708 0% /var www# ѱюіѰдієъѨѷјк 1. ÂoŠ¢j¤¸ÉεÁ} 2. Compile Kernel Á¡ºÉ°Ä®o¦°¦´ Firewall ¨³ Quota 3. Update ports tree 4. µ¦·´Ê Firewall 5. µ¦Îµ Quota 6. ·´Ê mysql50-server 7. ·´Ê Apache22 8. ·´Ê PHP5 9. ·´Ê PHP5-extensions 10. ·´Ê ZendOptimizer 11. ·´Ê webmin 12. ·´Ê phpmyadmin 13. ·´Ê vsftp 14. ·´Ê awstats 15. ·´Ê ntp 16. ·´Ê clamav 17. ·´Ê hostsentry 18. ·´Ê portsentry 19. ·´Ê lynx 20. ·´Ê phpbb3 21. ·´Ê denyhosts 22. µ¦ Backup Áª µ¦·´Ê WebServer Ã¥Äo FreeBSD 7.2 Ã¥ Á­¦·¤¡´»r ¥· r¦µ Page 1 µ¦·´Ê WebServer Ã¥Äo FreeBSD 7.2 јѼѥчѤэъѨѷ 1).
    [Show full text]
  • Leveraging Data from Open-Source Intrusion Detection Systems for Enhancing Security of Systems
    Leveraging Data from Open-Source Intrusion Detection Systems for Enhancing Security of Systems Viren Chhabria A Dissertation Presented to the University of Dublin, Trinity College in partial fulfilment of the requirements for the degree of Master of Science in Computer Science (Data Science) Supervisor: Dr. Stephen Farrell August 2019 Declaration I, the undersigned, declare that this work has not previously been submitted as an exercise for a degree at this, or any other University, and that unless otherwise stated, is my own work. Viren Chhabria August 14, 2019 Permission to Lend and/or Copy I, the undersigned, agree that Trinity College Library may lend or copy this thesis upon request. Viren Chhabria August 14, 2019 To my mother, Bhavna R Chhabria and father, Rajkumar T Chhabria, for their endless love and support! Acknowledgments I would like to express my sincere gratitude to my supervisor Dr. Stephen Farrell for his constant support and supervision. His knowledge and experience helped me over- come challenging situations during the course of this dissertation. A big thank you to my parents and family for enabling me to pursue my MSc program at Trinity College Dublin and supporting me throughout this wonderful journey. I would like to thank Prof. Khurshid Ahmad, for mentoring, motivating and support- ing me. Last, but not the least, I would like to thank my friends. Ankita for motivating me throughout the project. Arun and Debrup for providing me innovative ideas and technical guidance. Rohit, for helping me with machine learning during the project. Dr. Husanbir Singh Pannu for motivating me and providing tips for efficient writing.
    [Show full text]
  • Reflection for Secure IT for UNIX
    User's Guide Reflection for Secure IT for UNIX Version 8.0 SP2 Copyrights and Notices © 2016 Attachmate Corporation, a Micro Focus company. All rights reserved. No part of the documentation materials accompanying this Micro Focus software product may be reproduced, transmitted, transcribed, or translated into any language, in any form by any means, without the written permission of Micro Focus or its affiliates. The content of this document is protected under copyright law even if it is not distributed with software that includes an end user license agreement. The content of this document is furnished for informational use only, is subject to change without notice, and should not be construed as a commitment by Micro Focus. Micro Focus assumes no responsibility or liability for any errors or inaccuracies that may appear in the informational content contained in this document. Micro Focus, the Micro Focus logo, FileXpress, and Reflection are registered trademarks of Micro Focus or its subsidiaries or affiliated companies in the United Kingdom, United States and other countries. All other trademarks, trade names, or company names referenced herein are used for identification only and are the property of their respective owners. 1Installation 7 Which Package do I Need? . 8 Replace an Earlier Version or other Existing Secure Shell Program . 9 Install and Uninstall on Linux . 10 Set up High Availability Red Hat Clusters . 11 Install and Uninstall on Oracle Solaris 10 . 12 Install and Uninstall on Oracle Solaris 11. 13 Install and Uninstall on HP-UX. 17 Install and Uninstall on IBM AIX . 17 Migrate Settings from Existing Configuration Files.
    [Show full text]
  • SANS Institute Linux Security Checklist
    Interested in learning more about securing Linux? SANS Institute Security Consensus Operational Readiness Evaluation This checklist is from the SCORE Checklist Project. Reposting is not permited without express, written permission. Linux Security Checklist Copyright SANS Institute Author Retains Full Rights Linux Security Checklist Prepared by: Lori Homsher Contributor: Tim Evans Table of Contents I ntroduction ............................................................................................................... 1 C hecklist ................................................................................................................... 2 B oot and Rescue Disk ........................................................................................... 2 S ystem Patches .................................................................................................... 2 D isabling Unnecessary Services ........................................................................... 3 C heck for Security on Key Files ............................................................................ 3 D efault Password Policy ........................................................................................ 3 L imit root access using SUDO .............................................................................. 4 O nly allow root to access CRON ........................................................................... 4 W arning Banners ..................................................................................................
    [Show full text]
  • PC-BSD Guide
    PC-BSD Guide Welcome to the PC-BSD Guide; brought to you by the Documentation Team: Jacob Cervantes - Paul J Baptie - Brian J. Barber - Karl Fischer - Dragon Flyer - Wayne Fowler - James Knightly - Roger O'Donnell - Terry Poulin - Terry Schima - Roberto Soriano - Gerard van Essen - Terrance Young This Guide is aimed at users new to PC-BSD, FreeBSD and Unix in general. As it is under constant development, you may come across mistakes and out-of-date information. If so, feel free to report them to us on the documentation forum or the Documentation Mailinglist . For the latest and most up-to-date version please visit the PC-BSD Guide online. We hope this guide is both simple and useful and make using PC-BSD an enjoyable experience. If you have suggestions for PC-BSD, you can either let us know on the forum , or send an e-mail to the Public Mailinglist , we value your opinion. Thank you for your support. Click on any of the links below or open/download the Guide as one file: HTML ( gz , 7z , zip ) PDF ( gz , 7z , zip ) RTF ( gz , 7z , zip ) ODT (gz , 7z , zip ) TEXT ( gz , 7z , zip ) 1 Introduction 1.1 Welcome to PC-BSD Welcome to PC-BSD and many thanks for your interest. Early 2005 Kris Moore, the founder of PC-BSD , presented the first beta version of PC-BSD to the community. What some FreeBSD advocates had been waiting for for years had finally arrived: an easy-to-use FreeBSD-based operating system for the desktop, with very little configuration necessary.
    [Show full text]
  • Secure Remote Administration with SSH
    7 Secure Remote Administration With SSH 7.0 Introduction In this chapter and the next chapter we'll look at some of the ways Linux offers to remotely administer a server, or to remotely access your workstation. Linux gives users great flexibility and functionality. You may have command-line only or a full graphical desktop, just as though you were physically present at the remote machine. OpenSSH is the tool of choice for remote command-line administration. It's secure, and easy to set up and use. It's also good for running a remote graphical desktop, because you can tunnel X Windows securely over SSH. This works well over fast local links. However, it's less satisfactory over a dialup or Internet connection because you'll experience significant lag. Rdesktop is a simple Linux client for connecting to Windows Terminal Servers, and to the Windows XP Professional Remote Desktop. This is useful for some system administration tasks, and for accessing Windows applications from Linux. For dialup users who want a remote graphical desktop over dialup, FreeNX is just the ticket. It is designed to deliver good performance over slow links. Currently you can use it to access a Linux PC from Linux, Windows, MacOSX, and Solaris. VNC is the reigning champion of cross-platform remote graphical desktops. With VNC you may do all sorts of neat things: run several PCs from a single keyboard, mouse, and monitor, mix and match operating systems, and do remote technical support. In this chapter we'll look at how to use OpenSSH. The next chapter is devoted to Rdesktop, FreeNX, and VNC.
    [Show full text]
  • Malware: Viruses and Worms Lecture Notes on “Computer and Network
    Lecture 22: Malware: Viruses and Worms Lecture Notes on “Computer and Network Security” by Avi Kak ([email protected]) April 8, 2021 5:19pm ©2021 Avinash Kak, Purdue University Goals: • Attributes of a virus • Educational examples of a virus in Perl and Python • Attributes of a worm • Educational examples of a worm in Perl and Python • Some well-known worms of the past • The Conficker and Stuxnet worms • The WannaCry worm and the DoublePulsar backdoor • How afraid should we be of viruses and worms? CONTENTS Section Title Page 22.1 Viruses 3 22.2 The Anatomy of a Virus with Working 7 Examples in Perl and Python — the FooVirus 22.3 Worms 14 22.4 Working Examples of a Worm in 17 Perl and Python — the AbraWorm 22.5 Morris and Slammer Worms 34 22.6 The Conficker Worm 37 22.6.1 The Anatomy of the Conficker Worm 46 22.7 The Stuxnet Worm 52 22.8 The WannaCry Worm and the DoublePulsar 56 Backdoor 22.9 How Afraid Should We Be of Viruses 61 and Worms 22.10 Homework Problems 67 2 Computer and Network Security by Avi Kak Lecture 22 Back to TOC 22.1 VIRUSES • A computer virus is a malicious piece of executable code that propagates typically by attaching itself to a host document that will generally be an executable file. [In the context of talking about viruses, the word “host” means a document or a file. As you’ll recall from our earlier discussions, in the context of computer networking protocols, a “host” is typically a digital device capable of communicating with other devices.
    [Show full text]
  • Table of Contents 1/8
    Table Of Contents 1/8 Table Of Contents Default Config Files and SSH Port ...................................................................................................... 2 #1: Disable OpenSSH Server ............................................................................................................. 2 #2: Only Use SSH Protocol 2 .............................................................................................................. 2 #3: Limit Users' SSH Access ............................................................................................................... 3 #4: Configure Idle Log Out Timeout Interval ....................................................................................... 3 #5: Disable .rhosts Files ...................................................................................................................... 3 #6: Disable Host-Based Authentication ............................................................................................... 3 #7: Disable root Login via SSH ........................................................................................................... 3 #8: Enable a Warning Banner ............................................................................................................. 3 #8: Firewall SSH Port # 22 .................................................................................................................. 4 Netfilter (Iptables) Configuration ......................................................................................................................................
    [Show full text]
  • Logs and Logwatch
    Linux logging and logfiles monitoring with swatch Sebastian Büttrich, wire.less.dk edit: November 2009, Pacnog6 7 November 2005 ItrainOnline MMTK http://creativecommons.org/licenses/by-nc-sa/3.0/ 1 Sebastian Büttrich www.itrainonline.org Agenda • Linux logging • The most important logs • Swatch and other log watchers 7 November 2005 ItrainOnline MMTK 2 Sebastian Büttrich www.itrainonline.org Linux Logging • two daemons that control logging: klogd (sysklogd) and syslogd. • klogd deals with kernel messages. • syslogd deals with other system messages, such as applications. • You can configure the behavior of both by editing the files /etc/syslog.conf and /etc/sysconfig/syslog 7 November 2005 ItrainOnline MMTK 3 Sebastian Büttrich www.itrainonline.org Linux Logging directory • default directory for most logs is /var/log • logrotating (now default in Ubuntu) is essential, else you will strangulate your own resources (= have beautiful backlog, but run out of space) • Backup important logfiles to external place by using rsync or scp 7 November 2005 ItrainOnline MMTK 4 Sebastian Büttrich www.itrainonline.org Linux Essential log files • /var/log/messages: General system and kernel messages • /var/log/auth.log: Authenication logs • /var/log/kern.log: Kernel logs • /var/log/cron.log: Crond logs (cron job) • /var/log/maillog: Mail server ᄑlogs • /var/log/httpd/ or /var/log/apache: Apache access and error logs directory, typically: access.log, error.log • /var/log/boot.log : System boot log • /var/log/secure: Authentication log • /var/log/utmp or
    [Show full text]
  • Linux: Configuring and Securing Your Server Howto Guide
    Linux: Configuring and securing your server howto guide A technical howto document presented to H3ABioNet Created by The System Administrator Task-force Prepared for The greater H3ABioNet and H3Africa Consortium community Document Control Date Author Authorization By Version Description 27 June 2014 Suresh System Administrator 1.0 First draft Maslamoney Task-force Contributors Last Name First Name Institution Country Alibi Mohamed Pasteur Institute of Tunis (IPT) Tunisia Brown David Rhodes University (RU) South Africa Indome David Noguchi Memorial Institute for Medical Research Ghana (NMIMR) Scheepers Inus Centre for High Performance Computing (CHPC) South Africa Maslamoney Suresh Computational Biology Group – UCT (CBIO) South Africa Panji Sumir Computational Biology Group – UCT (CBIO) South Africa Van Heusden Peter South African National Bioinformatics (SANBI) South Africa Marcello Lucio (CIDRES) Burkina Faso Reviewers Last Name First Name Institution Country HowTo: Linux Server Management and Configuration Guide Page 2 of 33 Acronyms and Abbreviations Acronym and Abbreviations Description CLI The Command Line Interface refers to the actual local terminal on the Linux server used to navigate, configure and manage the system NIC A Network Interface Card is a physical network card installed the physical server OS A Operating System is a piece of software which is installed on a computer system and manages communication between the physical hardware and user based applications SL Scientific Linux Operating System HowTo: Linux Server Management
    [Show full text]