Configure Fail2Ban for Zimbra Server with route instead of iptables to block IPs

 Apache2, CentOS 7 / RHEL 7, Clusterweb, ClusterWeb, Debian, Hospedagem, Leitura Recomendada, Linux, Profissional de TI, Redes, Segurança, Servidor de E-mail, Ubuntu, Zimbra  Comentários desativados em Configure Fail2Ban for Zimbra Server with route instead of iptables to block IPs
fev 092021
 

Overview

Install and configure Fail2Ban to block attacking hosts using a null route or blackhole routes.

PRO:
– Works on all kernel versions and as no compatibility problems (back to debian lenny and WAY further).
– It’s FAST for very large numbers of blocked ips.
– It’s FAST because it Blocks traffic before it enters common iptables chains used for filtering.
– It’s per host, ideal as action against ssh password bruteforcing to block further attack attempts.
– No additional software required beside iproute/iproute2
CON:
– Blocking is per IP and NOT per service, but ideal as action against bruteforcing hosts.

Continue reading »

Migration of servers to Proxmox VE

 Clusterweb, Profissional de TI, Proxmox, Segurança, Virtualização  Comentários desativados em Migration of servers to Proxmox VE
jun 222018
 

Introduction

You can migrate existing servers to Proxmox VE. Moving Linux servers is always quite easy so you will not find much hints for troubleshooting here.

Windows systems specific P2V issues

inaccessible boot device

Booting a virtual clone (IDE) of a physical Windows system partition may fail with a BSOD referring to the problem

STOP: 0x0000007B (0xF741B84C,0xC0000034,0x00000000,0x00000000)
INACCESSIBLE_BOOT_DEVICE

this means that the source physical windows machine had no support for IDE controller, or at least the one virtually replaced by kvm (see Microsoft KB article article for details): as Microsoft suggests, create a mergeide.reg file (File:Mergeide.zip) file on the physical machine and merge that in the registry, ‘before the P2V migration. Btw, it may not be necessary but should be no harm, anyway, and save you lots of time and headaches.

Continue reading »

MOUNTING FTP HOST TO LOCAL DIRECTORY ON TOP OF FUSE

 Backup, CentOS 7 / RHEL 7, Clusterweb, ClusterWeb, Leitura Recomendada, Linux, Profissional de TI, Redes, Segurança, Shell Script  Comentários desativados em MOUNTING FTP HOST TO LOCAL DIRECTORY ON TOP OF FUSE
mar 262018
 

I have wrote a post regarding on how to access ftp host using curl. And this time, let us look at how to mount the ftp host to a local directory on top of FUSE.

FUSE (Filesystem in userland) is a userland build on top of virtual filesystem, it allows you to implement functional filesystem in userspace application. Robson Braga Araujo wrote an app based on fuse and curl that allows you to mount a ftp host to a local directory, curlftpfs.

What is the benefit of mounting ftp host to a local directory?
The most obvious benefit is easing file management in ftp host. After mounting ftp host to a local dir, you can simply copy, move and delete files using command such as cp, mv, rm. You can easily transfer files from your localhost to ftp host and vice versa.

Continue reading »