Today I have got a request from a client that has a server with no control panel on it to change one ftp password. Server is using proftpd as it’s ftp server. This is really easy task to do if proftp is setup by default and uses /etc/passwd for storing it’s passwords.
If you know username all you need to do is type in
(replace USERNAME with actual username), enter new password two times and you’re done.
If you however don’t know the username (and that can happen too) you can open /etc/passwd file and try and locate it in there.
Tags: proftpd change password, proftpd change user password, change proftpd password, proftpd password change, change ftp password proftpd, change password proftpd, proftpd default password
In order to protect your server the best way possible, beside running iptables you should install some additional software. I can recommend ConfigServer Security & Firewall. I’m using it on couple of servers right now and it’s prove it self to be stable and low on resource usage. It also has WHM/cPanel plugin that helps you managing your firewall even if you’re not very experienced user/admnin.
Before installing you must be sure that you do not have any other firewalls installed (such as APF)
Installation is really simple. You just need to run those couple of commands in SSH:
tar -xzf csf.tgz
Don’t forget to disable testing flag by setting TESTING = 0.
You can do that easily in WHM/cPanel: after logging in at WHM and in Plugins section of sidebar you’ll find “ConfigServer Security&Firewall”. Then click on Firewall Configuration and change testing value. Save it and restart firewall and there you go! Your CSF firewall is up and running!
Continue Reading →
Iptables is the current Linux firewall and routing service. It controls incoming and outgoing network.
How to stop/start/restart iptables?
Basically just like any other Linux service:
service iptables start
service iptables stop
service iptables restart
How to check if iptables is currently running?
Simply call service status
service iptables status
and check the result:
Firewall is stopped.
If the status message is “Firewall is stopped.” that means that iptables are not running and you should start it with sertvice iptables start. If you get some tables with bunch of geek stuff that means that iptables are running.
How to automatically start iptables service on Linux boot?
To enable iptables starting on boot run
chkconfig iptables on
or run code below to disable it
chkconfig iptables off
Continue Reading →
Tags: service iptables status
This simple guide will help you secure your server in indirect way by hiding software versions from possible attackers. This can help you prevent many automated attacks and attacks based on software version number. If a hacker want’s to probe your system for hole he’ll start from collecting all version numbers from your running services. This guide will teach you setup common services not to give away their version numbers. This is called Security by obscurity and it’s not something to rely on but it can lower chances of getting your system hacked.
Apache (Web Server)
Let’s start with Apache first. It’s config file should at path
Open that with an editor of choice. For beginners I always suggest Midnight Commander but if you’re more experienced you can use antother editor like pico or vi. Anyway, in MC open file for editing by pressing F4 while the file is selected.
Locate those two lines and set it as follows. If you cant find them – add them.
Server Signature will remove the identification of Apache version from error pages, and ServerTokens will identify Apache as “apache” without version number or OS information. Save the file and restart the Apache.
service httpd restart
Continue Reading →