Archive for February, 2010
-
How to check and close your open DNS servers ?
Open DNS servers
1) Go to http://www.dnsreport.com/tools/dnsreport.ch?domain=mydomain.com
2) Check for BIG RED “FAIL” (7th box, going down from up) saying “Open DNS servers”.
If you see the message, you can correct it the following way:
1) login to your server as root
2) nano -w /etc/named.conf (if you are running Bind)
3) Look for // query-source address * port 53; [...] -
Install mod_evasive !!!
Mod_Evasive will help to stop basic attacks on a server (HTTP, DDoS attack and brute force attack). Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denying any single IP address from any of the following:
-Requesting the same page more than a few times per second
-Making more than [...] -
self signed certificate for ftpserver !!
To create a self-signed certificate, you can use the following commands :
mkdir -p /etc/ssl/private
openssl req -x509 -nodes -newkey rsa:1024 -keyout \
/etc/ssl/private/pure-ftpd.pem \
-out /etc/ssl/private/pure-ftpd.pem
chmod 600 /etc/ssl/private/*.pem