Posted inLinux Security

How to force HTTPS in Horde (Plesk)

If your using Horde as your preferred webmail client on a Plesk virtual hosting server, its advisable to enable (and force) the use of HTTPS in order to secure webmail users against their login information and email communication being compromised.

To force HTTPS within Horde:

# nano -w /etc/psa-webmail/horde/horde/conf.php

Then change:

$conf['use_ssl'] = 2;

to:

$conf['use_ssl'] = 1;

Next edit the Horde virtual host file:

nano -w /etc/httpd/conf.d/zzz_horde_vhost.conf

And just below the “ServerAdmin [email protected]” line add:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}

Make sure to tab the lines in to match the delimiter of the previous servername/alias/admin lines.

September 7, 2010
Posted inLinux Security

Secure Courier-IMAP POP3/IMAP (Plesk) against brute forcing

This article outlines the process of configuring Fail2Ban to secure a Plesk server running Courier-IMAP as its IMAP and POP3 server against brute forcing.

Prerequisite: This article expects that you have already completed the installation of Fail2Ban as outlined here.

Once you have completed the installation of Fail2Ban –

1. Edit /etc/fail2ban/filter.d/courierlogin.conf using nano.

nano -w /etc/fail2ban/filter.d/courierlogin.conf

And change: “LOGIN FAILED, .*, ip=\[< HOST >\]$”

To: “LOGIN FAILED, ip=\[< HOST >\]$”

2. Add the following configuration to /etc/fail2ban/jail.conf:

September 4, 2010
Posted inLinux

How to check a CentOS ISO checksum

When you download a CentOS DVD ISO file (for example: http://iso.linuxquestions.org/download/1274/2996/ftp/mirror.its.uidaho.edu/CentOS-5.5-i386-bin-DVD.iso), it can be helpful to check the files checksum against the download list to…
September 3, 2010
Posted inLinux

Linux ‘Give root password for maintenance’ Lost Password

In the event your Linux box experiences disk or file system issues you may receive a “Give root password for maintenance” prompt upon reboot. If you have your root password you can login but in the event your using ‘slide’ or ‘sudo’ for wheel access or you’ve just mis-placed your root password – you’ll need to reset it.

To reset your root password:

1. When the GRUB loader shows during boot press the spare bar to pause boot.

2. Select your boot kernel.

3. Type ‘e’ to edit the default kernel line.

4. Type ‘e’ again on the line that starts with ‘kernel’.

5. Add ‘init=/bin/bash’ to the end of the ‘kernel’ line then press enter.

6. Type ‘b’ to boot the modified kernel parameters.

September 3, 2010
Posted inLinux Security

Protect your Asterisk server against brute forcing

As Internet accessible corporate Voice over IP servers continue to grow in number, so does the risk of rogue individuals gaining access to SIP extensions due to weak or poorly managed Asterisk passwords.

You can protect your Asterisk server using Fail2Ban. Fail2ban scans log files like /var/log/asterisk/full or /var/log/secure and bans IP addresses with to any password failures. It then updates firewall rules to reject the IP address permenantly or for a administrator defined period of time.

This article does NOT negate the need to set strong SIP extension passwords or change system default passwords, this is purely aimed at countering the most common way to hack SIP servers: Brute-forcing SIP passwords.

To install Fail2Ban for Asterisk –

SSH to your VoIP server and login as root , then type the following commands:

yum -y install jwhois
cd /usr/src/
wget http://sourceforge.net/projects/fail2ban/files/fail2ban-stable/fail2ban-0.8.4/fail2ban-0.8.4.tar.bz2/download
tar -jxf fail2ban-0.8.4.tar.bz2
cd fail2ban-0.8.4
python setup.py install
cp /usr/src/fail2ban-0.8.4/files/redhat-initd /etc/init.d/fail2ban
chmod 755 /etc/init.d/fail2ban
cd /etc/fail2ban/filter.d
touch asterisk.conf

Copy these the following into a new configuration file: /etc/fail2ban/filter.d/asterisk.conf:

August 30, 2010