The following Iptables rules will block all Torrent traffic on your server:

Log all torrent blocked traffic:

iptables -N LOG > /dev/null 2> /dev/null
iptables -F LOG
iptables -A LOG -j LOG --log-prefix "LOG"
iptables -A LOG -j DROP

Torrent block rules:

iptables -A FORWARD -m string --algo bm --string "BitTorrent" -j LOG
iptables -A FORWARD -m string --algo bm --string "BitTorrent protocol" -j LOG
iptables -A FORWARD -m string --algo bm --string "peer_id=" -j LOG
iptables -A FORWARD -m string --algo bm --string ".torrent" -j LOG
iptables -A FORWARD -m string --algo bm --string "announce.php?passkey=" -j LOG
iptables -A FORWARD -m string --algo bm --string "torrent" -j LOG
iptables -A FORWARD -m string --algo bm --string "announce" -j LOG
iptables -A FORWARD -m string --algo bm --string "info_hash" -j LOG

openssh

On Fri, 22 Mar 2013 OpenSSH 6.2 was released and like always, bring more improvements including support for multiple required authentication in SSH
protocol 2 via an AuthenticationMethods option:

sshd(8): Added support for multiple required authentication in SSH
   protocol 2 via an AuthenticationMethods option. This option lists
   one or more comma-separated lists of authentication method names.
   Successful completion of all the methods in any list is required for
   authentication to complete. This allows, for example, requiring a
   user having to authenticate via public key or GSSAPI before they
   are offered password authentication.

You can read more about this release here: https://lwn.net/Articles/543961/

If you want to disable wget to download your site pages you need to declare wget as bad_bot. For that you need to add the following code in the .htaccess file located under website’s public_html directory.
after you inserted this code, if anybody tries to download your site pages using wget will receive a 403 error.

#Declare Wget a bad_bot
SetEnvIfNoCase User-Agent "^Wget" bad_bot
Order Allow,Deny
Allow from all
Deny from env=bad_bot

[email protected]:~# wget http://www.debian-tutorials.com/
--2013-02-14 xx:xx:xx--  http://www.debian-tutorials.com/
Resolving dev.slayergame.com... xxx.yyy.zzz.aaa
Connecting to www.debian-tutorials.com|xxx.yyy.zzz.aaa|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2013-02-14 xx:xx:xx ERROR 403: Forbidden.

5 Steps to Secure your SSH Server

Valic —  February 5, 2013 — 3 Comments

SSH is the standard method for Admin’s to connect to Linux servers securely. But the default install of SSH server way far from perfect and may allow attackers to hack your server. This guide shows you how to secure your SSH server in few steps

1. Use Strong SSH Passwords

Try to make all your passwords more secure by following next rules:

  • Try to use minimum of 8 characters
  • Use upper and lower case letters
  • Also use  numbers in your password
  • special characters like #$&*

You have also a password generator in Linux called pwgen. Install and use it with the following commands:

apt-get install pwgen

pwgen command will generate a list of passwords of 8 characters. You can use the man documents to find more options.

2. Disable SSH root logins Continue Reading…

I will show you how to degug Fail2ban when you can’t start it and you get the following error:

Starting Fail2ban: [FAILED]

You can’t find any errors in syslog or Fail2ban log because the Fail2ban init script is writing the output of the fail2ban-client to /dev/null The best way to debug Fail2ban is to call directly the fail2ban-client and that will show any syntax error found in the config files. The command and the output looks like this:

fail2ban-client -xd start
WARNING 'findtime' not defined in 'apache-noscript'. Using default value
WARNING 'findtime' not defined in 'pam-generic'. Using default value
WARNING 'findtime' not defined in 'vsftpd'. Using default value Continue Reading...

Page 1 of 71234567