Everyone has a PC today, but they also get attacked by computer viruses all the time. Though PC penetration has been on the raise, the percentage of internet security conscious users has reduced.
Here are a few tips for readers to understand the DOs and DONTs on the internet
DOs
The foremost thing to do when you are an internet user is to install an internet security product. The product should essentially contain a working firewall system and a database of virus information to help protect your computer from any latest security threats.
The second thing is to educate yourself, on the levels of safety of various sites. Though it might seem that most site seem credible, with a days it should be easy for anyone to get a hang of which sites are safe and which ones are not.
Beware of what you download. Most of the viruses in the internet spread through downloads. Having said that one of the major activities on the internet is to download relevant data from the internet. Make sure you run a virus scan to ensure that the downloaded item is virus free.
Learn more about the internet securityand how vulnerable your computer is. Learn to change the settings of your system to ensure that there is no possibility of an attack.
DONTs
Do not use your credit card or back account number is an unauthorized site. Many cases are reported along these lines when members have given their security details on the internet which was misused.
There are many viruses that spared through emails. When opening an email always beware of a threat. Do not open executable files when sent through email from an unknown sender.
Always carry financial transactions, only through secure websites. These sites have been verified by a third party to ensure the cash transfer process is secure. The site will begin with https:// if it is a SSL secured website.
Don�t leave your system logged in, which can be misused by other users. It is advisable to "Lock Before You Walk" from your Computer.
Hi all, In this artical i am going to setup YUM ( Yellowdog Update Modified) server on a Windows based FTP server.Here we go; First of all copy Full DVD of your linux distribution on a windows ftp server. In my case i have copied all the contented of Fedora core-11dvd on my windows ftp server (192.168.5.52\fedora11) The exact link location is ftp://192.168.5.52/fedora11
Now on Linux system follow the following steps 1. Move all the repo file to a backup location in my case /backup/yum.repod
Hi all, In this artical i am going to setup YUM ( Yellowdog Update Modified) server on a Windows based FTP server.Here we go; First of all copy Full DVD of your linux distribution on a windows ftp server. In my case i have copied all the contented of Fedora core-11dvd on my windows ftp server (192.168.5.52\fedora11) The exact link location is ftp://192.168.5.52/fedora11
Now on Linux system follow the following steps 1. Move all the repo file to a backup location in my case /backup/yum.repod
What do you think if someone come to you and he makes everything in funny act? That the happened on Twitter base camp. Over flood by joker. Do you arrived there too? Can you tell me more about something crazy?
Honestly, joke is important when you got stressed, maybe on you r job or in situation in your life that seems make you not interested. Althogh of this, try to find out, what gone in
What do you think if someone come to you and he makes everything in funny act? That the happened on Twitter base camp. Over flood by joker. Do you arrived there too? Can you tell me more about something crazy?
Honestly, joke is important when you got stressed, maybe on you r job or in situation in your life that seems make you not interested. Althogh of this, try to find out, what gone in
Technology news about AT&T that risen up today. They fixed some problem for connecting facebook on their product. So, what is the results of this? Let you read the full article below.
Mobile iphone become most popular now days, that why many people around the word searching for this mobile aplication, in ordder to make their communication more effective. Are you use it too? It is good, so, try
Technology news about AT&T that risen up today. They fixed some problem for connecting facebook on their product. So, what is the results of this? Let you read the full article below.
Mobile iphone become most popular now days, that why many people around the word searching for this mobile aplication, in ordder to make their communication more effective. Are you use it too? It is good, so, try
His death make everyone not believe, because he died so young. I think, this is only a tragedy that make everyone to care about their self too.We have to learn something for that happened.
I, my self, I don't know who this man, but many people say that they know him very closely. Gaines Adams maybe a public figure, so many people take to look on him. How about you? Did you care too?
His death make everyone not believe, because he died so young. I think, this is only a tragedy that make everyone to care about their self too.We have to learn something for that happened.
I, my self, I don't know who this man, but many people say that they know him very closely. Gaines Adams maybe a public figure, so many people take to look on him. How about you? Did you care too?
Donate haitian? Haiti thruogh Wyclef's? Yeah, what is this? I don't know for sure, but this is the old story and that a true story. I hear from my friend blog that Wyclef's Corrupt Charity. Ow, what going on?
Befor talking about that, you have to see what are they write about. Here are below that they written.
Do you believe? Try to think and make a best decision on it. It all about you and
Donate haitian? Haiti thruogh Wyclef's? Yeah, what is this? I don't know for sure, but this is the old story and that a true story. I hear from my friend blog that Wyclef's Corrupt Charity. Ow, what going on?
Befor talking about that, you have to see what are they write about. Here are below that they written.
Do you believe? Try to think and make a best decision on it. It all about you and
Haiti is need your help, need your arms for helping them. They are in trouble, especially on the earthquake that happened to them.
They need much more, such are water, instant food, and other stuff. Would you like to help them? Many people that have arrived there, but they need more, because there are so many of the victims, so, if you have a spent time, they need your help and your money too.
Haiti is need your help, need your arms for helping them. They are in trouble, especially on the earthquake that happened to them.
They need much more, such are water, instant food, and other stuff. Would you like to help them? Many people that have arrived there, but they need more, because there are so many of the victims, so, if you have a spent time, they need your help and your money too.
Gmail is the mail provider that that the biggest today. I my self using gmail for receive or sending email for my friend and another use. How about you?
But, Who knows, there are a holes or something bad bug that make gmail not secure anymore. So, for make it secure when you using it, try GPG encryption. If you use this, your account and email more secure from attacker in cyber.
Gmail is the mail provider that that the biggest today. I my self using gmail for receive or sending email for my friend and another use. How about you?
But, Who knows, there are a holes or something bad bug that make gmail not secure anymore. So, for make it secure when you using it, try GPG encryption. If you use this, your account and email more secure from attacker in cyber.
IE (internet explorer) 8 is the new release of microsoft browser in the world, but who knows, there are holes in that browser that affected US firms. This is the bad news for Microsoft about their product.
How do you think about this IE hole and how to overcome this problems? Let see what will they take.
So, for more secure, you should not use it until the hole be prepared. Let's see and wait
IE (internet explorer) 8 is the new release of microsoft browser in the world, but who knows, there are holes in that browser that affected US firms. This is the bad news for Microsoft about their product.
How do you think about this IE hole and how to overcome this problems? Let see what will they take.
So, for more secure, you should not use it until the hole be prepared. Let's see and wait
Are you fans of MySpace? This is the good news for you. You can login to your account by using Facebook connect. So, you are in MySpace and in Facebook too, it's amazing, isn't it?
Try to use this new facilities, and get it all. Tell your friends about this news. If you find something more new again, please tell me to post over here, than the other reader could read it from here.
Are you fans of MySpace? This is the good news for you. You can login to your account by using Facebook connect. So, you are in MySpace and in Facebook too, it's amazing, isn't it?
Try to use this new facilities, and get it all. Tell your friends about this news. If you find something more new again, please tell me to post over here, than the other reader could read it from here.
File Transfer Protocol (FTP) is a standard network protocol used to exchange and manipulate files over a TCP/IP based network, such as the Internet. FTP is built on a client-server architecture and utilizes separate control and data connections between the client and server applications. Applications were originally interactive command-line tools with a standardized command syntax, but graphical user interfaces have been developed for all desktop operating systems in use today. FTP is also often used as an application component to automatically transfer files for program internal functions. FTP can be used with user-based password authentication or with anonymous user access.
Types of FTP
From a networking perspective, the two main types of FTP are active and passive. In active FTP, the FTP server initiates a data transfer connection back to the client. For passive FTP, the connection is initiated from the FTP client. These are illustrated in Figure 15-1.
Figure : Active And Passive FTP Illustrated
From a user management perspective there are also two types of FTP: regular FTP in which files are transferred using the username and password of a regular user FTP server, and anonymous FTP in which general access is provided to the FTP server using a well known universal login method. Take a closer look at each type.
Active FTP
The sequence of events for active FTP is:
Your client connects to the FTP server by establishing an FTP control connection to port 21 of the server. Your commands such as 'ls' and 'get' are sent over this connection.
Whenever the client requests data over the control connection, the server initiates data transfer connections back to the client. The source port of these data transfer connections is always port 20 on the server, and the destination port is a high port (greater than 1024) on the client.
Thus the ls listing that you asked for comes back over the port 20 to high port connection, not the port 21 control connection.
FTP active mode therefore transfers data in a counter intuitive way to the TCP standard, as it selects port 20 as it's source port (not a random high port that's greater than 1024) and connects back to the client on a random high port that has been pre-negotiated on the port 21 control connection. Active FTP may fail in cases where the client is protected from the Internet via many to one NAT (masquerading). This is because the firewall will not know which of the many servers behind it should receive the return connection.
Passive FTP
Passive FTP works differently:
Your client connects to the FTP server by establishing an FTP control connection to port 21 of the server. Your commands such as ls and get are sent over that connection.
Whenever the client requests data over the control connection, the client initiates the data transfer connections to the server. The source port of these data transfer connections is always a high port on the client with a destination port of a high port on the server.
Passive FTP should be viewed as the server never making an active attempt to connect to the client for FTP data transfers. Because client always initiates the required connections, passive FTP works better for clients protected by a firewall. As Windows defaults to active FTP, and Linux defaults to passive, you'll probably have to accommodate both forms when deciding upon a security policy for your FTP server.
With Redhat / Fedora you can configure VSFTPD to start at boot you can use the chkconfig command.
[root@satish.malanchlinux.com]# chkconfig vsftpd on
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you'll have to restart VSFTPD each time you edit the file in order for the changes to take effect. The file may be located in either the /etc or the /etc/vsftpd directories depending on your Linux distribution. This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that's the same as their email address, I would suggest turning this off. The configuration file's anonymous_enable directive can be set to no to disable this feature. You'll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
If you enable anonymous FTP with VSFTPD, remember to define the root directory that visitors will visit. This is done with the anon_root directive.
anon_root=/data/directory
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn't allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
The configuration file is fairly straight forward as you can see in the snippet below where we enable anonymous FTP and individual accounts simultaneously.
# Allow anonymous FTP?
anonymous_enable=YES
...
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
anon_root=/data/directory
...
# Uncomment this to allow local users to log in.
local_enable=YES
...
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
...
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
...
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
...
# Activate logging of uploads/downloads.
xferlog_enable=YES
...
# You may override where the log file goes if you like.
# The default is shown below.
xferlog_file=/var/log/vsftpd.log
...
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user's access to non-anonymous FTP, and you can change the configuration to not display the FTP server's software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, you may restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn't have FTP access. As FTP doesn't encrypt passwords, thereby increasing the risk of data or passwords being compromised, it is a good idea to let these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= Welcome to Satish Malnch ftp services
Client Site access :
In Windows OS you can access the ftp services by typeing ftp server address in your webbrowser:
ie.
ftp://satish.malanch.com or ftp://192.168.5.20
it will prompt you for authonitaction then provide user name and password to login.
File Transfer Protocol (FTP) is a standard network protocol used to exchange and manipulate files over a TCP/IP based network, such as the Internet. FTP is built on a client-server architecture and utilizes separate control and data connections between the client and server applications. Applications were originally interactive command-line tools with a standardized command syntax, but graphical user interfaces have been developed for all desktop operating systems in use today. FTP is also often used as an application component to automatically transfer files for program internal functions. FTP can be used with user-based password authentication or with anonymous user access.
Types of FTP
From a networking perspective, the two main types of FTP are active and passive. In active FTP, the FTP server initiates a data transfer connection back to the client. For passive FTP, the connection is initiated from the FTP client. These are illustrated in Figure 15-1.
Figure : Active And Passive FTP Illustrated
From a user management perspective there are also two types of FTP: regular FTP in which files are transferred using the username and password of a regular user FTP server, and anonymous FTP in which general access is provided to the FTP server using a well known universal login method. Take a closer look at each type.
Active FTP
The sequence of events for active FTP is:
Your client connects to the FTP server by establishing an FTP control connection to port 21 of the server. Your commands such as 'ls' and 'get' are sent over this connection.
Whenever the client requests data over the control connection, the server initiates data transfer connections back to the client. The source port of these data transfer connections is always port 20 on the server, and the destination port is a high port (greater than 1024) on the client.
Thus the ls listing that you asked for comes back over the port 20 to high port connection, not the port 21 control connection.
FTP active mode therefore transfers data in a counter intuitive way to the TCP standard, as it selects port 20 as it's source port (not a random high port that's greater than 1024) and connects back to the client on a random high port that has been pre-negotiated on the port 21 control connection. Active FTP may fail in cases where the client is protected from the Internet via many to one NAT (masquerading). This is because the firewall will not know which of the many servers behind it should receive the return connection.
Passive FTP
Passive FTP works differently:
Your client connects to the FTP server by establishing an FTP control connection to port 21 of the server. Your commands such as ls and get are sent over that connection.
Whenever the client requests data over the control connection, the client initiates the data transfer connections to the server. The source port of these data transfer connections is always a high port on the client with a destination port of a high port on the server.
Passive FTP should be viewed as the server never making an active attempt to connect to the client for FTP data transfers. Because client always initiates the required connections, passive FTP works better for clients protected by a firewall. As Windows defaults to active FTP, and Linux defaults to passive, you'll probably have to accommodate both forms when deciding upon a security policy for your FTP server.
With Redhat / Fedora you can configure VSFTPD to start at boot you can use the chkconfig command.
[root@satish.malanchlinux.com]# chkconfig vsftpd on
The vsftpd.conf File
VSFTPD only reads the contents of its vsftpd.conf configuration file only when it starts, so you'll have to restart VSFTPD each time you edit the file in order for the changes to take effect. The file may be located in either the /etc or the /etc/vsftpd directories depending on your Linux distribution. This file uses a number of default settings you need to know about.
VSFTPD runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of anonymous and a password that's the same as their email address, I would suggest turning this off. The configuration file's anonymous_enable directive can be set to no to disable this feature. You'll also need to simultaneously enable local users to be able to log in by removing the comment symbol (#) before the local_enable instruction.
If you enable anonymous FTP with VSFTPD, remember to define the root directory that visitors will visit. This is done with the anon_root directive.
anon_root=/data/directory
VSFTPD allows only anonymous FTP downloads to remote users, not uploads from them. This can be changed by modifying the anon_upload_enable directive shown later.
VSFTPD doesn't allow anonymous users to create directories on your FTP server. You can change this by modifying the anon_mkdir_write_enable directive.
VSFTPD logs FTP access to the /var/log/vsftpd.log log file. You can change this by modifying the xferlog_file directive.
By default VSFTPD expects files for anonymous FTP to be placed in the /var/ftp directory. You can change this by modifying the anon_root directive. There is always the risk with anonymous FTP that users will discover a way to write files to your anonymous FTP directory. You run the risk of filling up your /var partition if you use the default setting. It is best to make the anonymous FTP directory reside in its own dedicated partition.
The configuration file is fairly straight forward as you can see in the snippet below where we enable anonymous FTP and individual accounts simultaneously.
# Allow anonymous FTP?
anonymous_enable=YES
...
# The directory which vsftpd will try to change
# into after an anonymous login. (Default = /var/ftp)
anon_root=/data/directory
...
# Uncomment this to allow local users to log in.
local_enable=YES
...
# Uncomment this to enable any form of FTP write command.
# (Needed even if you want local users to be able to upload files)
write_enable=YES
...
# Uncomment to allow the anonymous FTP user to upload files. This only
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
...
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
...
# Activate logging of uploads/downloads.
xferlog_enable=YES
...
# You may override where the log file goes if you like.
# The default is shown below.
xferlog_file=/var/log/vsftpd.log
...
To activate or deactivate a feature, remove or add the # at the beginning of the appropriate line.
Other vsftpd.conf Options
There are many other options you can add to this file:
Limiting the maximum number of client connections (max_clients)
Limiting the number of connections by source IP address (max_per_ip)
The maximum rate of data transfer per anonymous login. (anon_max_rate)
The maximum rate of data transfer per non-anonymous login. (local_max_rate)
Descriptions on this and more can be found in the vsftpd.conf man pages.
FTP Security Issues
FTP has a number of security drawbacks, but you can overcome them in some cases. You can restrict an individual Linux user's access to non-anonymous FTP, and you can change the configuration to not display the FTP server's software version information, but unfortunately, though very convenient, FTP logins and data transfers are not encrypted.
The /etc/vsftpd.ftpusers File
For added security, you may restrict FTP access to certain users by adding them to the list of users in the /etc/vsftpd.ftpusers file. The VSFTPD package creates this file with a number of entries for privileged users that normally shouldn't have FTP access. As FTP doesn't encrypt passwords, thereby increasing the risk of data or passwords being compromised, it is a good idea to let these entries remain and add new entries for additional security.
Anonymous Upload
If you want remote users to write data to your FTP server, then you should create a write-only directory within /var/ftp/pub. This will allow your users to upload but not access other files uploaded by other users. The commands you need are:
Change the default greeting banner in the vsftpd.conf file to make it harder for malicious users to determine the type of system you have. The directive in this file is.
ftpd_banner= Welcome to Satish Malnch ftp services
Client Site access :
In Windows OS you can access the ftp services by typeing ftp server address in your webbrowser:
ie.
ftp://satish.malanch.com or ftp://192.168.5.20
it will prompt you for authonitaction then provide user name and password to login.
In this artical i am going to mention some to the new cool and robust featue of Red Hat Fedora core 11.
1. Booting Time : Boot time in this edition is minimum ever.With default software Packages in GNome session the booting time in between boot screen to login screen in less than 20 sec ( In init-5, in Init3 terminal is even fast ).
2.ABRT: Automatic Bug Reporting Tool: Help non-power users with bug reporting, making it as easy as a few mouse clicks.
3. ext4 file System:
Make ext4 the default files system for anaconda-driven installs (replacing ext3). User should notice generally better performance, and benefit from things like persistent preallocation when using updated torrent clients, etc.Risk of data lose are very less in this file system. GRUB still does not offer Ext4 support under Fedora. 4. Better Surfing with Mozila Firefox 3.5: Firefox has been upgraded to version 3.5 . 5. Gnome Version 2.26 6. KDE Desktop version KDE 4.2 7. Tiger VNC : Tiger VNC is new tool for Remote support
In this artical i am going to mention some to the new cool and robust featue of Red Hat Fedora core 11.
1. Booting Time : Boot time in this edition is minimum ever.With default software Packages in GNome session the booting time in between boot screen to login screen in less than 20 sec ( In init-5, in Init3 terminal is even fast ).
2.ABRT: Automatic Bug Reporting Tool: Help non-power users with bug reporting, making it as easy as a few mouse clicks.
3. ext4 file System:
Make ext4 the default files system for anaconda-driven installs (replacing ext3). User should notice generally better performance, and benefit from things like persistent preallocation when using updated torrent clients, etc.Risk of data lose are very less in this file system. GRUB still does not offer Ext4 support under Fedora. 4. Better Surfing with Mozila Firefox 3.5: Firefox has been upgraded to version 3.5 . 5. Gnome Version 2.26 6. KDE Desktop version KDE 4.2 7. Tiger VNC : Tiger VNC is new tool for Remote support
