Tag Archives: debian

Preventing Brute Force Attacks With BlockHosts On Debian Etch

1 Reply

cd
wget http://www.aczoom.com/tools/blockhosts/BlockHosts-2.1.0.tar.gz
tar xvfz BlockHosts-2.1.0.tar.gz
cd cd BlockHosts-2.1.0
python setup.py install –force
nano /etc/blockhosts.cfg

修改

[…]
HOSTS_BLOCKFILE = "/etc/hosts.allow"
[…]
HOST_BLOCKLINE = ["ALL: ", " : deny"]
[…]
LOGFILES = [ "/var/log/auth.log", "/var/log/proftpd/proftpd.log", ]
[…]
COUNT_THRESHOLD = 3
[…]
AGE_THRESHOLD = 12
[…]
MAIL = True
[…]
NOTIFY_ADDRESS = [email protected]
[…]
SMTP_SERVER = "localhost"
SENDER_ADDRESS = ‘BlockHosts <[email protected]>’
[…]
IPBLOCK = "iptables" […]

In HOSTS_BLOCKFILE we can specify either /etc/hosts.allow or /etc/hosts.deny. It doesn’t matter which one we choose. I’m using /etc/hosts.allow here. In the LOGFILES line we specify the log files that BlockHosts should look at. OpenSSH is logging failed login attempts to /var/log/auth.log, ProFTPd to /var/log/proftpd/proftpd.log. COUNT_THRESHOLD specifies the number of failed login attempts from the same host after which BlockHosts should block that host. AGE_THRESHOLD is the numer of hours after which blocked hosts get unblocked. IPBLOCK specifies if you’d like to block hosts with iptables or iproute in addition to adding these hosts to /etc/hosts.allow (or /etc/hosts.deny).

Next we must modify /etc/hosts.allow. First back up your current /etc/hosts.allow:

cp /etc/hosts.allow /etc/hosts.allow_bak
nano /etc/hosts.allow

Continue reading

debian上qlogic存储空间划分

Leave a reply

 debian上挂载的存储,一共2快。大小分别为1T和2T。因为刚刚挂载,所以没有分区。下面是分区过程。同时发现debian下的图形化分区工具cfdisk,效果不错。只是似乎不能选择reserfs格式。但是对于其他应用非常不错

首先对2T空间sdd分区,首先还是建立分区

bt:/# fdisk /dev/sdd

The number of cylinders for this disk is set to 130541.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
   (e.g., DOS FDISK, OS/2 FDISK)

Command (m for help): n
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-130541, default 1):
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-130541, default 130541):
Using default value 130541

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

分配文件格式,为了提高效率,设置的reiserfs格式

bt:/# mkfs.reiserfs /dev/sdd1
mkfs.reiserfs 3.6.19 (2003 www.namesys.com)

A pair of credits:
Edward Shushkin wrote the encryption and compression  file plugins,  and the V3
journal relocation code.

The  Defense  Advanced  Research  Projects Agency (DARPA, www.darpa.mil) is the
primary sponsor of Reiser4.  DARPA  does  not  endorse  this project; it merely
sponsors it.

Guessing about desired format.. Kernel 2.6.18-4-686 is running.
Format 3.6 with standard journal
Count of blocks on the device: 262142624
Number of blocks consumed by mkreiserfs formatting process: 16211
Blocksize: 4096
Hash function used to sort names: “r5”
Journal Size 8193 blocks (first block 18)
Journal Max transaction length 1024
inode generation number: 0
UUID: afd18a2b-f8fd-448a-ac64-7886b53706bd
ATTENTION: YOU SHOULD REBOOT AFTER FDISK!
        ALL DATA WILL BE LOST ON ‘/dev/sdd1’!
Continue (y/n):y
Initializing journal – 0%….20%….40%….60%….80%….100%
Syncing..ok

Tell your friends to use a kernel based on 2.4.18 or later, and especially not a
kernel based on 2.4.9, when you use reiserFS. Have fun.

ReiserFS is successfully created on /dev/sdd1.

然后挂载分区

bt:/# mount -t reserfs /dev/sdc1 /var/ftp/

 

开机自动挂载,修改/etc/fstab就可以了

Technorati 标记: , , , ,

Debia下安装Qlogic 2460 HBA卡

1 Reply

新到的存储,准备在Debian下使用,但是Qlogic官方没有提供for debian的驱动,只有for redhat ,SLSE的。在debian下需要自己安装下。

首先插上HBA卡,启动系统。从启动信息中发现似乎已经找到了。

进入系统,执行lsmod,发现模块已经加载了。

qla2xxx               126560  0
firmware_class          9600  1 qla2xxx
scsi_transport_fc      28544  1 qla2xxx

但是无法正常驱动,查看系统日志: more /var/log/systemlog

发现如下信息

QLogic Fibre Channel HBA Driver
qla2xxx 0000:02:01.0: Found an ISP2100, irq 10, iobase 0xf8826000
qla2xxx 0000:02:01.0: Configuring PCI space…
qla2xxx 0000:02:01.0: Configure NVRAM parameters…
qla2xxx 0000:02:01.0: Verifying loaded RISC code…
qla2xxx 0000:02:01.0: Firmware image unavailable.
qla2xxx 0000:02:01.0: Firmware images can be retrieved from: ftp://ftp.qlogic.com/outgoing/linux/firmware/.
qla2xxx 0000:02:01.0: Failed to initialize adapter

提示firmware有问题,到提示的地址下载,ftp://ftp.qlogic.com/outgoing/linux/firmware/.

结果网络实在是太慢。。。下载不到。。于是google了一下debian的deb包,发现确实有。

于是执行

wget ftp://ftp.debian.org/debian/pool/non-free/f/firmware-nonfree/firmware-qlogic_*

dpkg -i firmware-qlogic_*

update-initramfs -k all -u

然后执行

#find / -name *logic

/usr/src/qlogic
/usr/share/doc/firmware-qlogic
/usr/share/initramfs-tools/hooks/firmware_qlogic

然后执行

./usr/share/initramfs-tools/hooks/firmware_qlogic

重新执行

update-initramfs -k all -u

重新启动系统,然后查看系统日志,已经正确加载

QLogic Fibre Channel HBA Driver
PCI: Enabling device 0000:0f:03.0 (0150 -> 0153)
ACPI: PCI Interrupt 0000:0f:03.0[A] -> GSI 160 (level, low) -> IRQ 74
qla2xxx 0000:0f:03.0: Found an ISP2312, irq 74, iobase 0xf88f8000
qla2xxx 0000:0f:03.0: Configuring PCI space…
qla2xxx 0000:0f:03.0: Configure NVRAM parameters…
qla2xxx 0000:0f:03.0: Verifying loaded RISC code…
qla2xxx 0000:0f:03.0: Allocated (412 KB) for firmware dump…
qla2xxx 0000:0f:03.0: LIP reset occured (f8f7).
qla2xxx 0000:0f:03.0: Waiting for LIP to complete…
qla2xxx 0000:0f:03.0: LIP occured (f8f7).
qla2xxx 0000:0f:03.0: LOOP UP detected (2 Gbps).
qla2xxx 0000:0f:03.0: LIP reset occured (f7f7).
qla2xxx 0000:0f:03.0: LIP occured (f7f7).
qla2xxx 0000:0f:03.0: Topology – (Loop), Host Loop address 0x0

参考文章

http://john.parnefjord.se/node/8

http://blog.sina.com.cn/u/544465b00100067v

这些大网站都用什么操作系统与 Web 服务器 ?

Leave a reply

Google
用哪些软件做 Web Server?
除了有两个节点操作系统看出来是 Linux 外,其他的都是未知的. Web 服务器用的都是 GWS ? 我估计是 Google Web Server 的缩写.

Yahoo!
操作系统都是 FreeBSD. 其他的都不可知.Yahoo! 的网络安全据说是一级棒!

微软
操作系统全是 Windows 2003(如果使用 Linux 会被笑死) , 看来 Windows 2000 已经退出微软自己的舞台.Web 服务器用的是Microsoft-IIS/6.0.

eBay
操作系统用:Windows Server 2003 /2000, Web服务器用 Microsoft-IIS/6.0 (5.0). 对这个检测有些怀疑.eBay 大规模使用 Windows ?

GNU.org
操作系统全是 Debian Linux(没错,Debian 是 GNU 正宗传人). Web 服务器: Apache/1.3.31 (Debian GNU/Linux) mod_python/2.7.10 Python/2.3.4 , 也有的配置是:Apache/1.3.26 (Unix) Debian GNU/Linux mod_python/2.7.8 Python/2.1.3.GNU.org 对 Python 用的比较多的.

看看国内的一些公司.

阿里巴巴
操作系统是 Linux . Web 服务器: Apache/1.3.29 (Unix) mod_alibaba/1.0 Resin/2.1.13 .
(+mod_gzip/1.3.26.1a). mod_alibaba 模块估计是专门定制的.

Sina
操作系统是 FreeBSD. Web 服务器都是 Apache/2.0.54 .

百度
操作系统是 Linux , Web 服务器: Apache/1.3.27. 整齐划一.

搜狐
操作系统居然是 SCO UNIX ,Web 服务器信息: Apache/1.3.33 (Unix) mod_gzip/1.3.19.1a
看来业界传闻”Sohu 的技术力量最差”并不夸张.

网易
操作系统:Linux. Web 服务器信息: Apache/2.0.5x

这些数据是在Netcraft得到的.

分析一下上述数据,可以得到的基本信息如下:

1. Linux vs FreeBSD 半斤八两.很多公司用 Linux , FreeBSD 也不乏拥趸.但开源操作系统做 Web 应用是首选已经是一个既定事实.
2. 关于 Apache ,虽然 Apache 目前还是推荐使用 1.3 版本. 但是很多公司还是使用了 2.0 版.而 Apache.org 自己也全在使用 Apache 2.0 .甚至是 2.2 .
3. Mod_gzip 被一些公司有选择的使用.
4. 技术实力强的公司定制自己专用的模块.

这些判断的前提是 Netcraft 的探测是正确的并且具备代表性.