Using a script to count login activities in a KF log file. I wanted to effectively go through all the *.log?? files, ignoring zipped files. Finally settled on: my $logpath=”/var/log/kforum”; chdir($logpath) or die “$!”; @files = glob “*.log *.log.[0-9] *.log.[0-9][0-9]”;

Sometimes you have servers hanging out in the public internet in ways that you have little control over the network and hardware firewalls. Setting up a hosted server, such as a Virtual Private Server (VPS) or “node” in the cloud can be scary. Fortunately software firewalls, such as iptables, can add a little to piece of mind. But, in these days of automated attacks, it is still not enough. Usually the primary means of access to these servers is SSH. There are a couple really simple things can be done to make SSH more secure. I recently setup a new node on Linode. In the first hour there...

I recently setup a CentOS 6.3 server on Linode.com. One of the first things I wanted to do was lock it down with iptables. Unfortunately iptables was not starting cleanly. Specifically, It was failing here: Iptables Error – Setting Chains To Policy ACCEPT: Security Raw Nat Mangle Filter [FAILED] It turns out that was happening due to the paravirt kernel having a “security” chain compiled into it, and the default “iptables” init script included with CentOS does not know how to handle it. After a bit of searching I found a patch for the init script, posted by one of the...

In CentOS 6, on backwater, iptables was not starting cleanly. Found a patch for the init script. Create a file named centos.iptables.patch that contains: — 5350.orig.sh 2011-05-27 19:58:32.000000000 +0100 +++ 5350.sh 2011-05-27 19:57:32.000000000 +0100 @@ -120,6 +120,12 @@ for i in $tables; do echo -n “$i ” case “$i” in + security) + $IPTABLES -t security -P INPUT $policy \ + && $IPTABLES -t security -P OUTPUT $policy \ + && $IPTABLES -t security -P FORWARD $policy \ + || let ret+=1 + ;; raw) $IPTABLES -t raw -P PREROUTING $policy \ && $IPTABLES -t...

The first thing I wanted to do was deal with the web server. I didn’t want apache serving any pages other than nagios. I decided to redirect everything to techmentor.com. To do this I has to allow overrides int the main conf file: <Directory “/var/www/html”>     Options Indexes FollowSymLinks    AllowOverride All    Order allow,deny    Allow from all </Directory> Then in /var/www/html I created the following .htaccess file: RewriteEngine on AddType text/cache-manifest manifest RewriteCond %{HTTP_HOST} ^backwater\.techmentor\.com$ RewriteRule ^/?$...