Here is the addition to fail2ban mit xt_recent. Fail2ban can ban ip only until the server restarts. I therefore add the bans not only in the firewall, but store them also into a mysql database. Basics I´ve created the database systemlog which containing two tables – one for the configs […]
The robot of Hetzner`s, but I would monitor the utilization of the backup space with Nagios. My plugin for nagios requieres sftp for the ftp-server access. The setup for sftp ist documented very well here. The plugin is very quick&dirty and doesn´t match the requirements for nagios completly, but it […]
The pattern-db of syslog-ng is extremely convenient to divide individual messages or to highlight specific messages. As long as a message fits into a certain pattern, it can be marked with a tag that can then be used in the syslog-ng.conf. For example: <patterns> <pattern>Accepted publickey for @STRING:.sys.ssh.user@ from @IPv4:.sys.ssh.ip@ […]
I’ve recently discovered multitail for me. This allows the view of different logfiles simultaneously in fixed places. Previously I have used tail -f /var/log/a.log /var/log/b.log This works well but you have to be extremely careful which log it has just changed. Multitail is much better for this task. An accurate […]
To redirect traffic from one port, you can either use iptables PREROUTING or – if need be only tcp – also rinted. Rinetd has the advantage that the setup is simpler. You only have to adjust the settings in /etc/rinetd.conf. To redirect. http and https: #source port destination port 176.9.24.113 […]
my english version Durch mod_cband lässt sich die verfügbare Bandbreite von Apache nach verschiedenen Kriterien drosseln. Das Modul kann von http://cband.linux.pl/download/ oder auch von http://sourceforge.net/projects/cband/ heruntergeladen werden. Zum Installieren reicht wie üblich ./configure make make install Voraussetzung ist aber das APache eXtenSion tool. Die meisten Distributionen bieten mod_cband aber auch […]
I use for my ftp backups always ncftspooler. It´s a part of NcFTP Clients, which runs as a daemon und moves on request files to ftp-server. The installation is very simple: wget ftp://ftp.ncftp.com/ncftp/ncftp-3.2.5-src.tar.bz2 tar xfj ncftp-3.2.5-src.tar.bz2 cd ncftp-3.2.5 ./configure make make install mkdir /root/.ncftp mkdir /root/.ncftp/spool To start ncftpspool simply […]
Fail2ban an sich is a very handy tool to keep out potential attacking. But it is sometimes unhandly when you just want to unlock a specific ip. I had almost forgotten about the issue until I have to get a comment. 😉 I am now writing the recent entries in […]