Suppose we have a signed SSL certificate, or we will receive it from Let’s Encrypt, as I described in this article:Installing Certbot in Ubuntu To install an SSL certificate for iRedMail, you need to specify it in the Dovecot, Postfix and Apache2 configuration.
Category Archives: Security
How to configure IP access in nginx?
I will give an example of setting up access by IP in nginx. Suppose you use the standard nginx configuration file, open it in a text editor:
Directories with a large number of files
Once there was an interesting situation, in the same directory there were millions of files. And some of them are necessary. When you try to view the list of files, you will naturally get a stupor for a long time. Alternatively, they can be viewed via FTP, which has 10,000 for the frequent standard limit […]
Shredding data with Shred
Shred – allows you to overwrite the specified file with random data in order to ensure, if necessary, the more difficult process of recovery or the impossibility of data recovery. On some file systems, data deletion is not guaranteed and the use of shred may not be effective. The list of possible arguments: Help program:
Using wipe in Linux
wipe – utility for secure full erasing of information. Install command in Linux Ubuntu/Debian: I will describe some startup keys: -f Disable confirmation requests. -r Recursively Removes all subdirectories, symbolic links are not touched. -c If the rights of the directory are read-only, then they will be changed to write. -i Detailed information mode. -s […]
View and configure sharing of files and folders Windows from the command line
I will give an example of some commands for setting up sharing of resources. View shared resources: Deleting a shared resource: Sharing a folder: Example of disconnecting users from the share: To close an open network file, use the command: An example of granting user rights to a file (N – not set, W – […]
Installing and using the nbtscan network scanner
Install command in Linux Ubuntu/Debian: The Windows version can be downloaded from http://www.unixwiz.net/tools/nbtscan.html Network scan example: I will describe the possible startup keys: -O FILENAME (output information to file) -v (more detailed information output) -p (port indication) -H (generate HTTP header) -m (MAC address indication) -n (do not convert names to DNS, display only IP) […]
Blocking third-party DHCP on Cisco via DHCP Snooping
On the test, I configure DHCP Snooping on the Cisco Catalyst 6509-E to block third-party DHCP servers, on the other Cisco switches, the configuration is basically the same. After connecting to the device immediately go to the configuration mode:
How to run MySQL server on specific IP
The appropriate solution I found for running MySQL server on specific IP addresses is to run it at all and then filter the connected clients through iptables. For the test, I used Ubuntu Server 16.04.5 LTS, which had more than 200 external white IPs and was highly loaded.
Configuring SSH session timeout
To configure the timeout for SSH sessions, let’s see where the SSH server configuration file is located: Open it in any text editor, for example nano: