Using Fail2ban to Secure Your Server. Updated by Linode Fail2ban is a log-parsing application that monitors system logs for symptoms of an automated attack on your Linode. When an attempted compromise is located, using the defined parameters, Fail2ban will add a new rule to iptables, thus blocking the IP address of the attacker, either for a set amount of time or permanently. Fail2ban will also alert you through email that an attack is occurring. Fail2ban is primarily focused on SSH attacks, although it can be further configured to work for any service that uses log files and can be subject to a compromise. The steps required in this guide require root privileges. Fail2ban is intended to be used in conjunction with an already-hardened server and should not be used as a replacement for secure firewall rules. Installing Fail2ban Follow the Getting Started guide to configure your basic server. CentOS 7 Debian Ensure your system is up to date: Install Fail2ban: The service will automatically start.
Fedora Ubuntu IP Whitelisting. Control Network Traffic with iptables. Updated by Linode Packet filtering using network rules such as NAT (network address translation) can be accomplished by using iptables. Iptables utilize ports and protocols and may also be used as a firewall. Using iptables for IPv4 By default, the iptables tool is included with your Linode supplied distribution. In order to use iptables, you will have to have root privileges to make changes. The location of the iptables files is in the /sbin directory.
However, you will make changes to these files by invoking commands, not with a text editor. The iptables Command There are a number of options that can be used with iptables. Basic iptables Parameters In order to start using iptables, you will need to understand some basics about the command syntax. In the sample above you are invoking iptables by its name. For example, the rule above is added to the beginning of the chain, and it will drop all packets from the address 12.34.56.78 received from anywhere. Default Tables Basic iptables Options Or. Tip: How to clear sendmail mailbox for root & other users (Page 1) — Mail — The FreeBSD Community. Home | Linux Journey. 192.69.217. Strong Random Password Generator.
Supported Linux distributions. LinuxLive USB Creator is currently supporting these Linux distributions: .IMG files are supported but it's experimental: it works only with a Live mode (no persistence) and no virtualization (because there is not enough free space on the USB key after writing the IMG file). LinuxLive USB Creator will only burn the .IMG on your USB key, nothing more. These versions should work but I will provide no support whatsoever: Any modified variants of the supported versions (like translated ISO)Any Linux using syslinux or grub and USB boot capable (most of them are)Any non "Live" version of the supported Linuxes (but only for booting and installing on disk since they are not "Live") These versions WILL NOT WORK: BSD variantsISO of Windows XP or Mac OSX If you want me to add support for another Linux distribution, please use the Submit a Linux form.
FreeDOS bootable image generation HOWTO | chtaube.eu. This document describes how to make a small image which can be booted either via PXE or after writing it to an USB flash drive. I used Debian Linux 7 "wheezy" for this. But other Linux distributions should work too. What you will need syslinux – BootloaderGNU parted – Other partitioning tools did not yield a bootable image.mkfs.msdos (or mkdosfs) – Debian and Arch Linux users can install the dosfstools packagekpartx – A tool for mounting partitions within an image file; Debian has this in the kpartx package; For Arch Linux the multipath-tools from AUR look promising.The FreeDOS distribution ISO: fd11src.iso (or look here for the latest release: smaller utilities everyone should have: dd, unzip, find, xargs … There is no fancy GUI for all the tools involved, so you should be familiar with the console. :) The Instructions Create an image file with bootable partition First, we use dd to write a blank file, 30 MB in size: Looks fine!
Mount filesystem config.sys. How to stop your IP address being blocked by denyhosts. What is free software? The Free Software Definition Have a question about free software licensing not answered here? See our other licensing resources, and if necessary contact the FSF Compliance Lab at licensing@fsf.org. “Free software” means software that respects users' freedom and community. Roughly, it means that the users have the freedom to run, copy, distribute, study, change and improve the software. Thus, “free software” is a matter of liberty, not price. To understand the concept, you should think of “free” as in “free speech,” not as in “free beer”. We sometimes call it “libre software,” borrowing the French or Spanish word for “free” as in freedom, to show we do not mean the software is gratis. We campaign for these freedoms because everyone deserves them.
The four essential freedoms A program is free software if the program's users have the four essential freedoms: [1] The freedom to run the program as you wish, for any purpose (freedom 0). “Free software” does not mean “noncommercial”. Copyleft. Parallel tutorial. This tutorial shows off much of GNU parallel's functionality. The tutorial is meant to learn the options in GNU parallel.
The tutorial is not to show realistic examples from the real world. Spend an hour walking through the tutorial. Your command line will love you for it. To run this tutorial you must have the following: parallel >= version 20160222 Install the newest version using your package manager or with: (wget -O - pi.dk/3 || curl pi.dk/3/ || fetch -o - | bash This will also install the newest version of the tutorial: man parallel_tutorial Most of the tutorial will work on older versions, too. abc-file: The file can be generated by: parallel -k echo ::: A B C > abc-file def-file: parallel -k echo ::: D E F > def-file abc0-file: perl -e 'printf "A\0B\0C\0"' > abc0-file abc_-file: perl -e 'printf "A_B_C_"' > abc_-file tsv-file.tsv perl -e 'printf "f1\tf2\nA\tB\nC\tD\n"' > tsv-file.tsv num8 perl -e 'for(1..8){print "$_\n"}' > num8 num128 perl -e 'for(1..128){print "$_\n"}' > num128 foo */!
Use multiple CPU Cores with your Linux commands -- awk, sed, bzip2, grep, wc, etc. | RankFocus - Systems and Data. Here’s a common problem: You ever want to add up a very large list (hundreds of megabytes) or grep through it, or other kind of operation that is embarrassingly parallel? Data scientists, I am talking to you. You probably have about four cores or more, but our tried and true tools like grep, bzip2, wc, awk, sed and so forth are singly-threaded and will just use one CPU core.
To paraphrase Cartman, “How do I reach these cores”? Let’s use all of our CPU cores on our Linux box by using GNU Parallel and doing a little in-machine map-reduce magic by using all of our cores and using the little-known parameter –pipes (otherwise known as –spreadstdin). Your pleasure is proportional to the number of CPUs, I promise. Cat bigfile.bin | bzip2 --best > compressedfile.bz2 Do this: cat bigfile.bin | parallel --pipe --recend '' -k bzip2 --best > compressedfile.bz2 Especially with bzip2, GNU parallel is dramatically faster on multiple core machines.
Grep pattern bigfile.txt do this: or this: do this! Enjoy! Examples using grep. 4.2.1. What is grep? Grep searches the input files for lines containing a match to a given pattern list. When it finds a match in a line, it copies the line to standard output (by default), or whatever other sort of output you have requested with options. Though grep expects to do the matching on text, it has no limits on input line length other than available memory, and it can match arbitrary characters within a line.
Some examples: With the first command, user cathy displays the lines from /etc/passwd containing the string root. Then she displays the line numbers containing this search string. With the third command she checks which users are not using bash, but accounts with the nologin shell are not displayed. Then she counts the number of accounts that have /bin/false as the shell. Now let's see what else we can do with grep, using regular expressions. 4.2.2. 4.2.2.1. From the previous example, we now exclusively want to display lines starting with the string "root": 4.2.2.2. 4.2.2.3.
Kolmisoft MOR Fail2ban. Parallel. GNU parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU parallel can then split the input and pipe it into commands in parallel. If you use xargs and tee today you will find GNU parallel very easy to use as GNU parallel is written to have the same options as xargs.
If you write loops in shell, you will find GNU parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. For each line of input GNU parallel will execute command with the line as arguments. Downloading GNU Parallel Official packages exist for: Documentation. Free software, free society: Richard Stallman at TEDxGeneva 2014. GNU Parallel tutorial. Use multiple CPU Cores with your Linux commands -- awk, sed, bzip2, grep, wc, etc. | RankFocus - Systems and Data.
Regular expressions. 4.1.1. What are regular expressions? A regular expression is a pattern that describes a set of strings. Regular expressions are constructed analogously to arithmetic expressions by using various operators to combine smaller expressions. The fundamental building blocks are the regular expressions that match a single character. Most characters, including all letters and digits, are regular expressions that match themselves. 4.1.2. A regular expression may be followed by one of several repetition operators (metacharacters): Table 4-1. Two regular expressions may be concatenated; the resulting regular expression matches any string formed by concatenating two substrings that respectively match the concatenated subexpressions. Two regular expressions may be joined by the infix operator "|"; the resulting regular expression matches any string matching either subexpression. Repetition takes precedence over concatenation, which in turn takes precedence over alternation. 4.1.3.