I will give an example of setting up two-factor authentication in Nextcloud using Google Authenticator.
Continue reading “Nextcloud two-factor authentication”Category Archives: Security
How to configure IPTables
IPTables is a command line utility that is the standard interface for managing the firewall.
Continue reading “How to configure IPTables”How to detect DDOS attacks
I will give examples of viewing the number of active compounds:
Continue reading “How to detect DDOS attacks”The script against DDOS attacks
I will give an example of a simple script against DDOS attacks for NAT servers.
The script is executed when the total number of “conntrack” connections is more than 500000, it saves to the text file the IP address which has the most “conntrack” connections, who has more than 10,000 – adds to the ipset list.
Install SSL Certificate for iRedMail
Suppose we have a signed SSL certificate, or we will receive it from Let’s Encrypt, as I described in this article:
Installing Certbot in Ubuntu
To install an SSL certificate for iRedMail, you need to specify it in the Dovecot, Postfix and Apache2 configuration.
Continue reading “Install SSL Certificate for iRedMail”How to configure IP access in nginx?
I will give an example of setting up access by IP in nginx.
Suppose you use the standard nginx configuration file, open it in a text editor:
Continue reading “How to configure IP access in nginx?”
Directories with a large number of files
Once there was an interesting situation, in the same directory there were millions of files.
And some of them are necessary.
When you try to view the list of files, you will naturally get a stupor for a long time.
Alternatively, they can be viewed via FTP, which has 10,000 for the frequent standard limit on the number of displayed files, for example, the FileZilla FTP client conveniently moves files in directories, but this option is long, because time is spent on FTP requests, the load on the drive is low.
If the files are not needed, you can delete them with the command (with the confirmation request to delete)
rm -r /dir/
Or delete everything without a request along with the directory:
rm -rf /dir/
In my case, small files were unnecessary, so going to the right directory, deleted the command below with anything that is smaller than the specified size:
cd /dir/ find -size -2 -type f -print -delete
Before deleting, you can see the number of such files and the total number, but this is also a lengthy process:
find -maxdepth 1 -size -2 -type f -print | wc -l find -maxdepth 1 -type f -print | wc -l
If, instead of -2, you specify 0, then files with zero size will be deleted, that is, empty.
If you need to sort the files by directories, go to the directory with files, create the necessary directories, for example, by dates and move the files by template (all whose names begin on 2017, -maxdepth 1 indicates that you do not need to search for files in subdirectories):
cd /dir/
mkdir 2017
find -maxdepth 1 -type f -name '2017*' -exec mv -vn -t /dir/2017 {} \+
The result of the execution can be written to the file by adding to the command “> file”, for example:
find -maxdepth 1 -type f -name '2017*' -exec mv -vn -t /dir/2017 {} \+ > /dir/dir/file.log
Shredding data with Shred
Shred – allows you to overwrite the specified file with random data in order to ensure, if necessary, the more difficult process of recovery or the impossibility of data recovery.
On some file systems, data deletion is not guaranteed and the use of shred may not be effective.
The list of possible arguments:
Help program:
--help man shred
Using wipe in Linux
wipe – utility for secure full erasing of information.
Install command in Linux Ubuntu/Debian:
sudo apt-get install wipe
I will describe some startup keys:
-f Disable confirmation requests.
-r Recursively Removes all subdirectories, symbolic links are not touched.
-c If the rights of the directory are read-only, then they will be changed to write.
-i Detailed information mode.
-s Quiet mode, most messages are not displayed.
-q Fast mode, directories are overwritten with random data 4 times.
-Q The number of rewrite cycles. Standard 4.
-a Stop execution on error.
-R Install a random device.
-l
-D Follow symbolic links, they don’t get touched by default.
-v Displays the version of the program.
-h Display help.
View and configure sharing of files and folders Windows from the command line
I will give an example of some commands for setting up sharing of resources.
View shared resources:
net share
Deleting a shared resource:
net share <sharename> /delete
Sharing a folder:
net share sharename=C:\dir
Example of disconnecting users from the share:
net session \\pc1 /delete
To close an open network file, use the command:
net file file_id /close
An example of granting user rights to a file (N – not set, W – write, C – change, F – full access):
cacls file.txt /G User:w
To cancel user access to a share:
cacls /R User
We allow up to 5 users to simultaneously connect to a shared resource:
net share sharename /users:5
Example of caching settings from a share (manual/BranchCache/documents/programs/none):
net share myshare /cache:manual
I want to note that when opening a share to a resource in the firewall, the following ports should be opened: TCP 139, TCP 445, UDP 137, UDP 138.
See also my articles:
Installing and using the nbtscan network scanner
Some information about the virus encryptor Trojan.Encoder.12544 attacked 06/27/2017