SNMP (v3) Monitoring with Debian & Ubuntu

With Version 3 of the SNMP Protocol Security comes to SNMP which makes a lot of things smarter but also a bit more complicate to configure. That is why I would like to give a small introduction How-To setup SNMP v3 within this blog article for all Debian and Ubuntu Linux Environments. Installing SNMP (daemon and agent) First at all we need to installing SNMP (daemon and agent) packages on the server: apt-get install snmp snmpd After the successful installation we could start to define SNMPv3 users, authentication and encryption parameters. The following NEW security levels could be used with SNMPv3: noAuthNoPriv – No authorisation and no encryption authNoPriv – Authorisation is required but collected data sent over the network is not encrypted. authPriv – Authorisation required and everything sent over the network is encrypted. Let’s start with the configuration: Open the file /etc/snmp/snmpd.conf with an editor of your choice.  Be [...]

By | 2016-10-29T13:48:58+00:00 September 24th, 2016|Debian, Linux|Comments Off on SNMP (v3) Monitoring with Debian & Ubuntu

Finding spam sending PHP scripts on a linux server

Sometimes there are users on a server that may have installed old PHP scripts with known security gaps this can cause that this PHP scripts will spam senders. Finding these PHP scripts could be very difficult. With the release of of PHP 5.3 they have added new functionality to make it easier to handel the tracking of spammers or exploited web forms. The new functions are affected by settings in the server php.ini, you should have a more detailed look on the offical documentation ( If we open the server php.ini file we should find the following 3 settings: mail.add_x_header (Add X-PHP-Originating-Script that will include UID of the script followed by the filename.) mail.log (The path to a log file that will log all mail() calls. Log entries include the full path of the script, line number, To address and headers.) mail.force_extra_parameters (Force the addition of the specified parameters to be passed as extra parameters [...]

By | 2016-10-29T13:50:15+00:00 May 24th, 2016|Allgemein, Debian, Linux|Comments Off on Finding spam sending PHP scripts on a linux server

Confixx: Postfix Spam Mails automatisch in einen Ordner verschieben

Bei Confixx gibt es derzeit leider keine integrierte Möglichkeit Spam E-Mails in einen dafür vorgesehenen Ordner abzulegen, daher hier eine kleine Anleitung wie Ihr dies in wenigen Schritten selbst bewerkstelligen könnt. System: Debian 6.0 mit Confixx 3.x und Postfix + Procmail File: /etc/procmailrc sucht hier nach: # Mails with a score of 15 or higher are almost certainly spam (with 0.05% # false positives according to rules/STATISTICS.txt). Let's put them in a # different mbox. (This one is optional.) :0: * ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\* almost-certainly-spam File: /etc/procmailrc Snippet zum einfügen: # All mail tagged as spam (eg. with a score higher than the set threshold) # is moved to "SPAM". :0: * ^X-Spam-Status: Yes $DEFAULT.SPAM/ Komplett sollte das ganze dann ca. so aussehen: # SpamAssassin sample procmailrc # ============================== # The following line is only used if you use a system-wide /etc/procmailrc. # See procmailrc(5) for infos [...]

By | 2013-11-14T13:58:19+00:00 August 23rd, 2012|Allgemein, Confixx, Debian, Linux|Comments Off on Confixx: Postfix Spam Mails automatisch in einen Ordner verschieben

Debian suPHP & Confixx

Im nachfolgendem HOWTO wird die Installation / Migration (von mod_php) von suPHP auf einem Debian Linux System mit bereits installiertem Confixx beschrieben. Bitte beachten Sie vor der Installation: suPHP wird von Confixx erst ab Version 3.2 unterstützt. Installiern von suPHP auf dem Debian System: apt-get install libapache2-mod-suphp suphp-common Konfiguration von suPHP: Jetzt muss die Datei /etc/suphp/suphp.conf angepasst werden. Einstellung logfile Wert /var/log/apache2/suphp.log Beschreibung - Einstellung allow_file_group_writeable allow_file_others_writeable allow_directory_group_writeable allow_directory_others_writeable Wert true Beschreibung - Einstellung errors_to_browser Wert false Beschreibung Wert: false wird Fehlercode 500 ausgeliefert Einstellung umask Wert 0022 Beschreibung Wenn dieser Wert auf 0077 (default) steht kann der Webserver Dateien die von PHP angelegt wurden nicht lesen Einstellung x-httpd-php Wert php:/srv/www/cgi-bin/php5 Beschreibung Hier muss der Pafd zum php-cgi Binary passen Falls mod_php noch im Apache 2 aktiviert ist dieses deaktivieren: a2dismod php5 Nun können wir suphp im Apache 2 einbinden: a2enmod suphp Confixx über die auf [...]

By | 2016-10-22T11:39:41+00:00 April 9th, 2010|Debian, Linux|3 Comments