28 Steps on how to harden your Linux server

If you run your own Linux server here are some tips on server hardening, liberally stolen from the CFS security GUI script for cPanel/WHM, that I have become only too familiar with since yesterday: On your firewall (you do have one don’t you?) check the incoming MySQL port and if 3306 is open, close it.(…)

How to Configure PIX−to−PIX−to−PIX IPSec (Hub and Spoke)

Introduction This configuration allows a central Cisco Secure PIX Firewall to communicate with networks behind two other PIX Firewall boxes through VPN tunnels over the Internet or any public network using IPsec. The two outlying networks have no need to communicate with each other, but there is connectivity to the central network. The two outlying(…)

How to Configuring Cisco PIX to Use a Syslog Server

Most Cisco devices use the syslog protocol to manage system logs and alerts. But unlike their PC and server counterparts, Cisco devices lack large internal storage space for storing these logs. To overcome this limitation, Cisco devices offer the following two options: * Internal buffer— The device’s operating system allocates a small part of memory(…)

What is robots.txt

Web site owners use the /robots.txt file to give instructions about their site to web robots; this is called The Robots Exclusion Protocol. It works likes this: a robot wants to vists a Web site URL, say Before it does so, it firsts checks for, and finds: User-agent: * Disallow: / The “User-agent:(…)

How to Configure a Cisco Router

Configuring your Cisco Router If you have just turned on the router, it will be completely unconfigured. If it is already configured, you may want to view its current configuration. Even if it has not been previously configured, you should familiarize yourself with the show commands before beginning to configure the router. Enter privileged mode(…)

How to remotely administer IIS by using the Internet Information Services Manager

To remotely administer IIS over an intranet, use the Internet Information Services Manager. IIS 6.0 supports down-level remote administration with this tool. This means that you can use the Internet Information Services Manager on your server running IIS 6.0 to remotely connect to and administer an IIS 5.1-based server or an IIS 5.0-based server. To(…)

How To Install FreeNas

Introduction FreeNAS is an open source popular software appliance package that can turn a computer into a NAS appliance, or in easier terms: a file server. This guide shows the basic steps to prepare a server for use in a diskless LTSP environment. This document is correct as of FreeNAS v0.67.1. Full documentation on installing(…)

How to Create Web or FTP Sites in Windows 2003

IIS creates a default Web site configuration on your hard disk at the time of installation. You can use the \Inetpub\Wwwroot directory to publish your Web content, or create any directory or virtual directory you choose. The File Transfer Protocol (FTP) service must be installed and started in order to create an FTP site. It(…)

Introduction to SSL/TLS in Windows Server 2003

SSL/TLS is most widely recognized as the protocol that provides secure HTTP (HTTPS) for internet transactions between Web browsers and Web servers. It can also be used for other application level protocols such as FTP, LDAP, and SMTP. The SSL/TLS protocol enables server authentication, client authentication, data encryption and data integrity over networks such as(…)

NAT in Windows 2003: Setup and Configuration

NAT acts as a middle man between the internal and external network; packets coming from the private network are handled by NAT and then transferred to their intended destination. A single external address is used on the Internet so that the internal IP addresses are not shown. A table is created on the router that(…)

How to Install OpenVPN

OpenVPN can be downloaded here. For security, it’s a good idea to check the file release signature after downloading. The OpenVPN executable should be installed on both server and client machines, since the single executable provides both client and server functions. Linux Notes (using RPM package) If you are using a Linux distribution which supports(…)

How to Configure Cisco pix Site to Site VPN

This section describes an example configuration for using pre-shared keys. It contains the following topics: Scenario Description Configuring PIX Firewall 1 with VPN Tunneling Configuring PIX Firewall 2 for VPN Tunneling If you have a limited number of registered IP addresses and you cannot use PAT, you can configure PIX Firewall to use NAT for connections(…)