Fail2ban scans log files and bans IPs that show malicious signs, something like too many password failures and looking for the most common exploits.

Step1. Install Fail2ban on Debian

apt-get install fail2ban

Step2.  Configure Fail2ban.

You can configure Fail2Ban using the configuration files located in /etc/fail2ban/

The main config file and the most important is jail.local

In the following steps I will show you some configuration examples. You can study the Fail2ban man files later.

Step2.1 Add or modify the following line to set email destination for Fail2ban notifications:

destemail = contact@your-domain.tld Continue Reading...

ClamAV is a virus scanner for Linux/Unix file systems. In this tutorial I will show you how to install ClamAV on Debian and how to keep it updated and also how to do a daily scan.

ClamAV will report only if infected threats are found. You can also scan only specific folders and remove infected files automatically.

Step1. Install ClamAV:

apt-get install clamav

Step2. Update virus database:

freshclam is a virus database update utility for ClamAV antivirus.
Update virus database simply by running the following command:

freshclam

Continue Reading…

In this tutorial I will show you how to integrate ClamAV antivirus into PureFTPd on Debian for virus scanning on upload.

Step 1. First make sure you have followed this tutorial : How to install PureFTPd on Debian

Step2. Install ClamAV and update the virus signatures.

Install ClamAV:

apt-get install clamav

Now update the virus signatures:

# freshclam
ClamAV update process started at Wed Sep 19 10:49:29 2012
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.97.5 Recommended version: 0.97.6
DON’T PANIC! Read http://www.clamav.net/support/faq
main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
daily.cld is up to date (version: 15370, sigs: 262330, f-level: 63, builder: jesler)
bytecode.cld is up to date (version: 190, sigs: 36, f-level: 63, builder: neo)

Step3. Configure PureFTpd to use ClamAV: Continue Reading…

Most of Linux distributions comes with Linux Auditing Technique that makes it feasible to track file changes.

It’s a useful functionality for sysadmins who need to know who and when  changed sensitive files like /etc/passwd, /etc/sudoers or PHP files.

In the following tutorial I will show you how to track changes on your PHP files:

1. Fist step is creating a MD5 file that corresponding with your PHP files from your website. (for example from /var/www/debian-tutorials.com)

We will find all php file from /var/www/debian-tutorials.com and we wll create a MD5 for every file and save that md5 file in /root

find /var/www/debian-tutorials.com  -name “*.php”  | xargs md5sum > /root/md5-debian-tutorials

The file will look like this: Continue Reading…

Page 2 of 71234567