Debian Tutorials Copy/Paste tutorials for Debian based Linux distros

15Dec/110

Scan your web server for vulnerabilities with Nikto on squeeze

Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.

1. Add non-free archive to apt sources (pico /etc/apt/sources.list)

deb http://ftp.uk.debian.org/debian/ squeeze main non-free
deb-src http://ftp.uk.debian.org/debian/ squeeze main non-free

3Nov/111

Scan your server for rootkits with rkhunter

Rootkit hunter (rkhunter)rkhunter (Rootkit Hunter) is a tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online database, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD.

1. Install rkhunter

apt-get install rkhunter

31May/110

Running Apache2 virtual hosts as different users with mpm-itk

apache2-mpm-itk is an MPM (Multi-Processing Module) for the Apache web server. mpm-itk allows you to run each of your vhost under a separate uid and gid — in short, the scripts and configuration files for one vhost no longer have to be readable for all the other vhosts.

1. Install the apache2-mpm-itk package

apt-get install apache2-mpm-itk

21Jun/105

Prevent brute force attacks using fail2ban

fail2ban monitors log files such as /var/log/auth.log and /var/log/apache/access.log and temporarily or persistently bans failure-prone addresses by updating existing firewall rules. Currently, by default, fail2ban supports ssh/apache/vsftpd but configuration can be easily extended for monitoring any other ASCII file.

1. Install fail2ban

apt-get install fail2ban

13Jun/105

Installing HAVP (HTTP Antivirus Proxy)

HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV anti-virus scanner. The main aims are continuous, non-blocking downloads and smooth scanning of dynamic and password protected HTTP traffic. Havp antivirus proxy has a parent and transparent proxy mode. It can be used with squid or standalone.

1. Install HAVP

apt-get install havp

9Jun/101

OpenID authentication with the mod_auth_openid Apache module

mod_auth_openid is an authentication module for the Apache 2 webserver. It handles the functions of an OpenID consumer as specified in the OpenID 2.0 specification.

After a user authenticates themselves, the user's identity will be available in the REMOTE_USER variable. A cookie named open_id_session_id is saved to maintain each user's session.

1. Install the module

apt-get install libapache2-mod-auth-openid

1Jun/101

Install mod_spamhaus Apache module to fight comment spam

mod_spamhaus is an Apache module for DNS Block Listing that protects web services by denying access to particular IP addresses. It can stop spam relaying via web form URL injection, and block HTTP DDoS attacks from bot-nets.

It queries sbl-xbl.spamhaus.org, taking advantage of the Spamhaus Block List (SBL) and the Exploits Block List (XBL).

1. Download the latest mod_spamhaus deb package from sid package repository (mod_spamhaus is not available for lenny but we can use the sid package)

wget http://ftp.us.debian.org/debian/pool/main/m/mod-spamhaus/libapache2-mod-spamhaus_0.7-1_i386.deb

17Feb/108

Installing and configuring PPTP VPN server on lenny

If you would like to setup a Virtual Private Network (VPN) for Windows clients, PPTP is a great choice. It's easy to set up on the server and you don't need any additional software for the Windows clients to connect.

1. Install the required packages

apt-get install pptpd

1Jan/101

Installing suPHP

suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.

1. Install suPHP

apt-get install libapache2-mod-suphp

28Dec/090

Scan your web server for vulnerabilities with Nikto

Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.

1. Install Nikto

apt-get install nikto