Denyhosts is another utility similar to fail2ban. It parses log files to identify potential attacks against SSH services. A clear advantage that Denyhosts has over fail2ban is the synchronisation mechanism since version 2.0[1]. Denyhosts permits communication with a central server to exchange information about denied hosts by other Denyhosts daemons. However unlike fail2ban, it does not modify any firewall (iptables) rules, instead it relies on tcpwrapper and the hosts.deny file to block ssh access. Fail2ban also offers the advantage of monitoring other services and logs, whereas Denyhosts is specific to SSH. There are other utilities which use tcpwrapper such which can handle additional services[2].
[Read More]Configuring RANCID on CentOS 6.5
RANCID stands for really awesome new cisco configuration differ[1] and polls Cisco devices to get a copy of the configuration and an inventory of the hardware and commits the details to a version control system such a CVS or SVN. The version control is used to maintain a history of the changes, and any changes to the configuration are reported. There are a number of guides available for installing RANCID[2,4,5], but I’ve documented the steps I took here for my reference.
[Read More]Installing OpenVPN 2.2 on CentOS 6.3 64bit
This post is just an update of a previous post that used CentOS 5.7 and OpenVPN 2.2 (http://nkush.blogspot.com.au/2011/10/installing-openvpn-22-on-centos-57.html). The basic instructions are the same, however this post uses some newer packages which may have been relocated to new URLs. Again this blog and the posts are mostly for my own reference and not intended as step-by-step instuctions for other systems/network administrators
Install RPMForge or RepoForge as it’s now known[1]
[Read More]Installing OpenVPN 2.2 on Centos 5.7
OpenVPN is an SSL based VPN. There are other VPN solutions such as IPsec, etc. but OpenVPN provides a cost effective alternative. I like OpenVPN as it support two-way authentication, i.e. both the client and server authenticate using certificates. To install OpeVPN on CentOS we need a number of cryptographic libraries. The simplest way is to use the DAG/RPMForge repository.
Set-up the RPMForge repository [1], as this contains the packages necessary for the installation and the instructions are provided below. The instructions below are just to document this specific installation and therefore this blog post is not to be misinterpreted as a best practises guide. The instructions are adapted from the OpenVPN website [2], but this blog post is intended more as a quick and dirty guide to getting OpenVPN running on CentOS 5.7. Additionally the set-up and configuration of the client is considered beyond the scope of this blog post.
[Read More]Installing Snort 2.9.1.2 on CentOS 5.7
CentOS 5.7 uses an older version of libpcap (0.9.4), but Snort’s Data Acquisition Library (daq) needs a newer version of libpcap (>=1.0.0). The latter is not an issue with the CentOS 6.0. Vishesh Kumar [1] provides an excellent instructions to getting Snort 2.9 to run on RHEL 5 (http://www.linuxmantra.com/2010/10/install-snort-29-on-rhel-5.html). The purpose of this post is not to duplicate his efforts, but to extend it slightly to include instructions for a complete Snort set-up.
[Read More]