Security

How to enable 1:1 NAT in Iptables

1:1 NAT maps a single Public IP Address to one of your computer within your local area network (LAN).
Unlike port forwarding, 1:1 NAT forwards all ports from one external IP to one internal IP.

iptables -t nat -A POSTROUTING -o eth0 -s 192.168.1.2 -j SNAT --to-source 83.229.64.2
iptables -t nat -A PREROUTING -i eth0 -d 83.229.64.2 -j DNAT --to-destination 192.168.1.2
iptables -A FORWARD -s 83.229.64.2 -j ACCEPT
iptables -A FORWARD -d 192.168.1.2 -j ACCEPT

How to enable Port Forwarding in Iptables

What is Port Forwarding

Port forwarding allows remote computers, for example, computers on the Internet, to connect to a specific computer or service within a private local area network (LAN).

How to install and configure VNC in Fedora 12

Open up your terminal and install tigervnc via yum.
Type this command in your terminal:

yum -y install tigervnc tigervnc-server

Edit the VNC configuration file

vi /etc/sysconfig/vncservers

and append these lines:

VNCSERVERS="1:user"
VNCSERVERARGS[1]="-geometry 800x600 -depth 16"

Where VNCSERVERS= is for configuring the username.

How to fix X11 Forwarding in CentOS 5

This tutorial describes how to fix the ssh X11 forwarding problem in CentOS 5.5 server.

Autoselected keyboard map en-us
ERROR: Failed to open display:

Make sure that the "xorg-x11-xauth" is also installed in your system. If not, this comm

yum -y install xorg-x11-xauth

Ensure that "X11Forwarding" is enabled in your ssh server configuration file. Edit the file "/etc/ssh/sshd_config".

How to Install IPP2P in Debian Etch to Filter P2P Traffic in your Network

What is IPP2P

The goal of the IPP2P project is to identify peer-to-peer (P2P) data in IP traffic. For this purpose we extended the iptables/netfilter architecture by a new matching module. Thereby IPP2P integrates itself easily into existing Linux firewalls and it's functionality can be used by adding appropriate filter rules.

How to Create Self-signed SSL Certifcate using OpenSSL in Debian Etch and Ubuntu 8.04

What is SSL?

Secure Sockets Layer is an application-level protocol which was developed by the Netscape Corporation for the purpose of transmitting sensitive information, such as Credit Card details, via the Internet. SSL works by using a private key to encrypt data transferred over the SSL-enabled connection, thus thwarting eavesdropping of the information. The most popular use of SSL is in conjunction with web browsing (using the HTTP protocol), but many network applications can benefit from using SSL. By convention, URLs that require an SSL connection start with https: instead of http:.

Howto build a Wifi Hotspot using Chillispot and Debian Etch

This is a step by step tutorial how to build a Wifi Hotspot using Chillispot and Debian GNU/Linux.

Configure your NIC

You need at least two network interface cards to make the chillispot working. Install Debian GNU/Linux and configure the ip address of your network cards.

vi /etc/network/interfaces

Your network card configuration should be look like this:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
    address 192.168.0.2
    netmask 255.255.255.0
    gateway 192.168.0.1

eth0 (WAN) IP Address assigned by your ISP
eth1 (LAN) no need to assign IP Address.

We don't need to configure eth1 since Chillispot takes care for the role of IP Address assignment using its own DHCP.

Edit your /etc/resolv.conf file and add the ip address of your DNS server.

vi /etc/resolv.conf

Your resolv.conf file should look like this:

nameserver 10.0.0.1
nameserver 10.0.0.2

Installing Chillispot

To install chillispot on your Debian machine, type this command:

apt-get install apache2 ssl-cert mysql-client mysql-server chillispot freeradius freeradius-mysql

This will install Apache, MySQL, Chillispot and FreeRadius. After the installation an ncurses-based configuration menu will appear.

How to Setup Transparent Proxy and Content Filtering using Squid and Dansguardian in Debian Etch

This guide will walk through the setup and installation of Debian GNU/Linux and Squid proxy. Optionally, DansGuardian may be used in addition to provide URL blacklisting and content filtering. This guide will also work in CentOS, Ubuntu Dapper and later versions of Ubuntu.

The setup process contains the following steps:

How to Configure your Debian Etch or Ubuntu 8.04 box as an Internet Gateway/Router using IP Masquerading

This is a step by step tutorial how to make an Internet Gateway using Debian Etch or Ubuntu 8.04 LTS machine.

1. Configure your NIC

Add two network cards to your pc and install Debian or Ubuntu (I will prefer Debian Etch or Ubuntu 8.04 LTS). Configure the ip address of your network cards.

vi /etc/network/interfaces

Your network card configuration should be look like this:

How to Configure your CentOS 4 box as an Internet Gateway/Router using IP Masquerading

What is IP Masquerading?

IP Masquerade is a form of Network Address Translation or NAT which NAT allows internally connected computers that do not have one or more registered Internet IP addresses to communicate to the Internet via the Linux server's Internet IP address. The software interface which enables one to configure the kernel for IP masquerading is iptables.

To configure IP Masquerading, you need to have two LAN cards, a PC with CentOS 4 Linux installed.
Install the LAN cards and configure the IP address of your public and private network.

1. Configure the IP address of your public network, it should be similar like this one.

Syndicate content