Tuesday, July 13, 2010

Squid Setting Ubuntu

Ubuntu squid simple, I happened to use the following Ubuntu squid easily.

First install squid first via synaptic or via a terminal:
yoyok@yoyok-desktop: ~ $ apt-get install squid
Once completed, the direct Squid can be configured in a way:
yoyok@yoyok-desktop: ~ $ sudo vim /etc/squid/squid.conf

But before the first backup before editing the original file so that if damaged can be returned to the default:
yoyok@yoyok-desktop: ~ $ sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.bak

New script and then configure Squid:
yoyok@yoyok-desktop: ~ $ sudo vim /etc/squid/squid.conf

Then it will appear Squid configuration file is very long, follows the steps that must be considered

HTTP Port: This port is used to run Squid
http_port 3128

Visible Host Name: So if an error occurs Squid can find a valid hostname
visible_hostname airaku.com

Cache Manager: To define the email address of the Squid Cache Manager
cache_mgr airaku22@yahoo.com

Squid Cache Directory: Defining the location and magnitude squid directory.
Figures 500 show directory size in MB
Figure 16 shows the number of sub-directory one level
Figures 256 show the number of subdirectories subdirectory level 2 level 1
The number above the bigger the better

UFS cache_dir /var/spool/squid 500 16 256

Filtering: This is an important part of the Squid, by this we can set a rule-rule, starting from anyone who can access the internet until what websites are allowed to access. Access List: Anyone who can access the Internet

command: acl user src 192.168.1.1/255.255.255.255

acl: an access list command
user: username or group that has an IP
src: source ip is used, could use the range if you want to create a group

ex: acl src laros 192.168.1.1-192.168.1.12/255.255.255.255

Time Filtering: Provides access permissions based on time and day

command: acl-access time of 08:00 to 16:00 time MTWHFA

acl: access list command
Access time: caption for command acl
time: Squid command to define the time
MTWHFA: Squid is a command to define the time
M: Monday, T: Tuesday, etc ... ..

08:00 to 16:00: It is time that is allowed to provide Internet access to penggunaFiltering Website: Filter any website which should not be accessed by the user.

Previously must be made before a document containing the list of url-list to be blocked.

example:
yoyok@yoyok-desktop: ~ $ sudo vim /etc/squid/pornourl.txt

then input by:
worldsex com
17tahun

Then give the command squid squid.conf file with the command:

acl blokporno dstdomain "/etc/squid/pornourl.txt"

Keyword Filtering: Filter keywords entered by users, suppose a user enters the word 'sex' in google, then Squid will membloknya.Sebelum add a command in the squid.conf, you must create a file containing those keywords will be blocked with the command:

yoyok@yoyok-desktop: ~ $ sudo vim /etc/squid/keywordblock.txt

Then fill with words that will be on the block:

example: sex, fuck
And give commands in squid.conf with the command:

url_regex keywordblok acl-i "/etc/squid/keywordblock.txt"

Commands such filter is enough to make a simple Squid Server, the next step is to give permissions on the rules that have been made previously. Http_access in Squid command is called. The command is as follows:

http_access deny blokporno # mendeny all urls contained in acl blokporno
http_access deny keywordblock # mendeny keywords that exist on keywordblock acl
http_access time it_user # Allow access acl acl-time access to user micokelana
http_access deny all # Mendeny all users who are not registered in the squid.conf
http_reply_access allow all # default
acp_access allow all # default

Then do not forget to save the configuration file squid.conf we have to edit using the command:
:WQ # w: save q: out (Command vim)

Then in the command you are typing the command terminal;

yoyok@yoyok-desktop: ~ $ squid-z

Function: to create a cache directory that we have made on the command squid.

Transparent Proxy

Squid is a technique to be a transparent proxy or not visible, that is if we normally enter the proxy address on every browser, if applied to the transparent proxy will not be visible on your browser we enter our proxy addresses. Before entering the command on squid transparent proxy, then we must do in order to redirect the command iptable existing ports on the client computer. That is, if we set squid on port 3128, then the client requests the Internet generally are in the port 80 then we have to redirect port 80 from client to our proxy port that is on port 3128. IP Forwarding, so transparent proxy can be implemented, then we must enable IP forwarding by providing a value in the file "/proc/sys/net/ipv4/ip_forward" by:

yoyok@yoyok-desktop: ~ $ echo 1> /proc/sys/net/ipv4/ip_forward

But should we run the command auto startup, so if the computer dead squid repot2 we need not run the command continuously. Next we have to run so that clients can redirect ip_tables squid port our server with the command:

yoyok@yoyok-desktop: ~ $ iptables-A PREROUTING-t nat-p tcp-dport 80-j REDIRECT-to-port 3128

Everything that can be recorded on the file / etc / rc.local (probably could be discussed on the other time)
Then restart the proxy with the command:

yoyok@yoyok-desktop: ~ $ squid-k reconfigure

enjoy it, try this setting for your server for a better connectivity.
 Read More

Posted by Linux and Web at 3:40 PM 2 comments
Labels:

Auto Mount Ubuntu Lucid Lynx

Auto mount on Ubuntu 10:04 Lucid Lynx occasionally make the user be careful in mengakases a partition. Just imagine if someone can access a partition or a directory with no password asked again. This version, is very easy for nuebi at ubuntu.

For that there are some tricks that are used to maintain security. There are two options in the resolution of this issue is with the terminal or GUI.

A. With the GUI
1. Install pysdm (Storage Device Manager)
2. Could use: apt-get install pysdm or by searching in sypnaptic pysdm
3. Search in the System - administration - Storage Device Manager
4. Open and Click sda or hda
5. After clicking Ok, Choose Assistant
6. There will appear the options to auto-mount or not when booting ubuntu
7. Apply and make Once completed reboot

B. Terminal
1. Open a terminal window on your computer
2. Type sudo vi / etc / fstab
3. Determine which partition will be mounted or not
for example like this: (sda5 will automount)
#
proc / proc proc defaults 0 0
# / Was on / dev/sda5 During installation
UUID = 30d28e71-a8d6-48be-b463-f79b610bc838 / ext3 relatime, errors = remount-ro 0 1

The above also applies to folders or directories, it's just easier to manage. Do rename like this:

original name: coba_coba
destination name. coba_coba
command: mv coba_coba. coba_coba

The most important thing is to know the permissions from the folder, chmod-rwx can use to determine the permission of the folder.


Read More

Posted by Linux and Web at 10:43 AM 2 comments
Labels:

Sunday, February 14, 2010

10 Security Issues found in the Linux Kernel

10 security issues are important (see below for details) found in the Linux kernel packages by various hackers. Therefore, it is strongly recommended to update your system as soon as possible!
The following Linux kernel vulnerability found:

1. The ext4 filesystem HFS and fails to examine the various structures of the disk. Therefore, an attacker can trick a user to mount the filesystem that is designed specifically and can cause the affected system crash or get a root (system administrator). The problem was discovered by Amerigo Wang and Eric Sesterhenn and affect all the Ubuntu system.

2. FUSE (Filesystem in userspace) failed to examine the various requests. Because of this, a local attacker who has access to the accident could FUSE mount an affected system or gain root (system administrator). The problem only affects Ubuntu 6.06 LTS, LTS 8:04, 8.10 and 9.04 systems.

3. KVM fails to decode a variety of guest instructions. This can lead to DoS attacks and accidents of the affected system, by triggering the "damage" in the host. The problem only affects Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10.

4. Firewire OHCI driver failed to handle the various ioctls. Because of this, local attackers could get hit by accident root (system administrator) privileges. The problem only affects Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10 systems.

5. Linux kernel fails to handle O_ASYNC in locked files. Because of this, a local attacker can gain root (system administrator) privileges. Problems discovered by Tavis Ormandy and only affects Ubuntu 9.04 and 9.10 systems.

6. The e1000e and e1000 network drivers for the Eee PC failed to check the Ethernet frames' sizes. Because of this, a local attacker on the LAN can hit or get a root by sending a specially designed traffic. This problem was discovered by Neil hormones and Eugene Teo, and affects all Ubuntu systems.

7th. Random kernel memory contents can be shown through the "print-fatal-signals" reporting. This could lead to a loss of privacy. The problem only affects Ubuntu 8.04 LTS, 8.10, 9.04 and 9.10 systems.

8. IPv6 fails to handle the jumbo frames. This can lead to DoS attacks. The problem was discovered by Olli Järva, and Tuomo Untinen, and only affects Ubuntu 9.04, and 9.10 systems.

9. Netfilter rules of bridge can be modified by ordinary users. This can cause DoS attacks, by the fault of network traffic. This problem was discovered by Florian Westphal and affects all Ubuntu systems.

10. Linux kernel memory can be leaked by various mremap operations. This can cause DoS attacks, by consuming all available memory. This problem was discovered by Al VIRO and affects all Ubuntu systems.

 Read More

Posted by Linux and Web at 3:45 PM 0 comments
Labels:

Saturday, January 16, 2010

Linux's Anti Virus aka CLAMAV

Linux's Anti Virus aka CLAMAV, Starting from the question seoarang friends. Is there an anti virus in linux that is not from a terminal command?. Yes, I answered. But still a little install it using the command in the terminal. Here, we practice:

airaku22@airaku22-desktop:~ $:sudo apt-get install clamav

This will complete the basic scanner installation.

GTK frontend for the Clam AntiVirus scanner

If you want to install GTK frontend for the Clam AntiVirus scanner in ubuntu you can install avscan or clamtk

This example i am installing clamTK

Download clamtk using the following command

airaku22@airaku22-desktop:~ $:wget http://puzzle.dl.sourceforge.net/sourceforge/clamtk/clamtk_3.05-1_all.deb

Now you need to install clamtk .deb package using the following command

airaku22@airaku22-desktop:~ $:sudo dpkg -i clamtk_3.05-1_all.deb

If you get any problems use the following command

airaku22@airaku22-desktop:~ $:sudo apt-get -f install

This will complete the installation of Anti Virus

If you want to open clamtk go to Applications--->Accessories--->Virus Scanner

 Read More

Posted by Linux and Web at 12:23 PM 0 comments
Labels:
Subscribe to: Posts (Atom)