Safer SSH…

Assuming you’re using a Debian or Ubuntu based Linux.

While the SSH daemon is secure enough for most people, some may wish to further enhance their security by changing certain sshd settings. As there are tools out there (such as the ones found in Backtrack and ArchPwn Linux) that can attempt to guess your password, either doing damage by succeeding or starting a DoS attack (bombard your server so much that it stops doing its job as it becomes overwhelmed) All changes, unless otherwise stated, are made in the /etc/ssh/sshd_config file. Lines with a pound sign (#) are commented and not read.

To edit this file from a terminal:

sudo nano /etc/ssh/sshd_config

Please remember, after making any changes, sshd must be restarted, which can be done from the terminal with this command:

sudo /etc/init.d/ssh restart

Continue reading “Safer SSH…”

Safer SSH…

Analyse network traffic in detail…

iftop is a real good utility both for your own computer and for your server. Specially good for the latter and even better if this server is acting as the main router in your premises or your experiencing unusual network usage.

Well lets explain what iftop does, it is more or less like top, or htop but it does not measure the processes in the processor, it measures the “processes” in the Ethernet interface, giving you information about the IPs that have a connection with the computer where iftop is running, also giving information about the traffic, if it is incoming or outgoing, also how much traffic there is in that connection and the total amount of traffic in the interface.

To install on a Debain/Ubuntu like Linux OS use the following terminal command:

sudo apt-get install iftop

You may find some of the options useful;
-p Enables promiscuous mode, so the traffic on any interface (if there is more than once) is checked and counted.

-P Shows also the port that connection is using both on our side and on the other side.

-N Do not resolve port names, which is the default behaviour when you enable the -P option, so it will shows you :www or :80

If you want to know any more about iftop simply use the command (outside of iftop):

man iftop

and this will bring up the iftop manual.

Have fun analysing!

Analyse network traffic in detail…

SSH Basics & Server Setup…

Have just managed to get to grips with ssh! (openssh-server & openssh-client) Now from my point of view I’m planning to set up a Ubuntu Desktop (Linux Mint) with SSH so we can VNC/FTP to it over the internet safely.

SSH allows you to set up a safe tunnel between two computers then pump pretty much anything you wan though it, whether that be files or services such as VNC. To use SSH you need a SSH Server on the computer you would like to connect to (im my case the ubuntu) and a SSH client on the computer you wish to connect from; iPhone, iPad, Windows, Mac, Linux etc.

Next, how to install and use SSH.
Continue reading “SSH Basics & Server Setup…”

SSH Basics & Server Setup…

Setting up a ubtunu FTP server…

Setting up an FTP server on ubuntu 9.10 (jaunty) has never been easier.
The following will allow the ubuntu desktop users to login using their usernames and passwords to their home directories.
This will require some terminal work, don’t worry, it’s only a copy and paste job.

First we need to install the FTP program, we are going to be using VSFTPd. This program will run in the background (a deamon, hence the lower case “d” at the end of it’s name) of your computer and deal with the FTP connections.

Copy and paste this code into terminal and hit enter.

sudo apt-get install vsftpd

Continue reading “Setting up a ubtunu FTP server…”

Setting up a ubtunu FTP server…