How to create a site-to-site IPsec VPN tunnel using Openswan in Linux

A virtual private network (VPN) tunnel is used to securely interconnect two physically separate networks through a tunnel over the Internet. Tunneling is needed when the separate networks are private LAN subnets with globally non-routable private IP addresses, which are not reachable to each other via traditional routing over the Internet. For example, VPN tunnels […]
Continue reading…

 

How to sniff HTTP traffic from the command line on Linux

Suppose you want to sniff live HTTP web traffic (i.e., HTTP requests and responses) on the wire for some reason. For example, you may be testing experimental features of a web server. Or you may be debugging a web application or a RESTful service. Or you may be trying to troubleshoot PAC (proxy auto config) […]
Continue reading…

 

What are useful CLI tools for Linux system admins

System administrators (sysadmins) are responsible for day-to-day operations of production systems and services. One of the critical roles of sysadmins is to ensure that operational services are available round the clock. For that, they have to carefully plan backup policies, disaster management strategies, scheduled maintenance, security audits, etc. Like every other discipline, sysadmins have their […]
Continue reading…

 

How to set up a Samba file server to use with Windows clients

According to the Samba project web site, Samba is an open source/free software suite that provides seamless file and print services to SMB/CIFS clients. Unlike other implementations of the SMB/CIFS networking protocol (such as LM Server for HP-UX, LAN Server for OS/2, or VisionFS), Samba (along with its source code) is freely available (at no […]
Continue reading…

 

How to analyze Squid logs with SARG log analyzer on CentOS

In a previous tutorial, we show how to configure a transparent proxy with Squid on CentOS. Squid provides many useful features, but analyzing a raw Squid log file is not straightfoward. For example, how could you analyze the time stamps and the number of hits in the following Squid log? 1404788984.429 1162 172.17.1.23 TCP_MISS/302 436 […]
Continue reading…

 

How to set up two-factor authentication for SSH login on Linux

With many high-profile password leaks nowadays, there is a lot of buzz in the industry on “multi-factor” authentication. In a multi-factor authentication system, users are required to go through two distinct authentication procedures: providing something they know (e.g., username/password), and leveraging something they have “physical” access to (e.g., one-time passcode generated by their mobile phone). […]
Continue reading…

 

How to set up Squid as a transparent web proxy on CentOS or RHEL

In a previous tutorial, we have seen the method of creating a gateway using iptables. This tutorial will focus on turning the gateway into a transparent proxy server. A proxy is called “transparent” when clients are not aware that their requests are processed through the proxy. There are several benefits of using a transparent proxy. […]
Continue reading…

 

How to set up a secure FTP service with vsftpd on Linux

FTP or File Transfer Protocol is one of the widely used services on the Internet, mainly for transferring files from one host to other. FTP itself was not designed as a secure protocol, and as such, the classic FTP service is vulnerable to common attacks such as man in the middle and brute force attacks. […]
Continue reading…