1.Mở đầu:
Bài viết tham khảo hình ảnh, nội dung từ trang chủ của LVS www.linuxvirtualserver.org. Ngoài ra, không copy từ mọi tài liệu khác.
Read more…
Thiết lập openvpn trên server linux . Bước đầu tiên chúng ta login vào server với quyền root rồi tại source của openvpn và lzo .
Read more…
What is Postfix, Postfixadmin, Cyrus-SASL, Courier Authlib, Courier-Imap, Squirellmail ?
Postfix is a free open source mail transfer agent (MTA), a computer program for the routing and delivery of email. It is intended as a fast, easy-to-administer, and secure alternative to the widely-used Sendmail MTA.
Postfix Admin is a web based interface to configure and manage a Postfix based email server for many users.
Cyrus-SASL is a package contains a Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols.
Courier Authlib is the Courier authentication library.
Courier-Imap is a fast, scalable, enterprise IMAP server that uses Maildirs. Many E-mail service providers use Courier-IMAP to easy handle hundreds of thousands of mail accounts. With its built-in IMAP and POP3 aggregation proxy, Courier-IMAP has practically infinite horizontal scalability. In a proxy configuration, a pool of Courier servers service initial IMAP and POP3 connections from clients.
Squirellmail is a Webmail for user to sending and receiving email.
I assume we already have a clean install server with Centos4 up and running.
We also need to make sure web server apache, php and mysql installed on the server.
FYI : We weil install all packages from FreeBSD ports
We assume you already have Freebsd 7 OS with MYSQL PHP and Apache installed on it.
Read more…
As the name implies, SQL injection vulnerabilities allow an attacker to inject (or execute) SQL commands within an application. It is one of the most wide spread and dangerous application vulnerability. The CLASP project provides a good overview of SQL injection.
Nowadays, every modern web development environment offers a way to manipulate URL on the fly using a rule-based configuration rather than hard coded program logic. Probably every approach has its origins in famous Apache mod_rewrite module. In the Java world, de facto standard is a wonderful Url Rewrite Filter. It can do everything what you expect from such tool and has some delicious topping as a benefit:
During the last few days I got more familiar with this powerful tool and want to show the value it can bring into any Java based Web application. I won’t describe the syntax of the configuration file because there is a comprehensive manual which outlines all options. Also I’m not going to describe simplest use cases, let’s start from something interesting like the first step in integration with affiliate partner.
For instance, in case of integration with Commission Junction affiliate service provider, your application have to set a cookie which identifies a user that come from an affiliate partner, and then redirect the user to the page stated as a request parameter.
So, there are some steps I want to implement with UrlRewrite library:
1. User came to your site by clicking on a banner with link http://example.com/?CJURL=http%3a%2f%2fexample.com%2fregister%2fnew.html (parameter is encoded string http://example.com/register/new.html) Tip: to url encode test data you can use a simple online encoding tool.
2. Your application recognizes a CJURL request parameter and set a cookie (expire time >= 24h) to know that the user came from CJ affiliate program
3. Redirect the user to the landing page equal to CJURL parameter
Munin is a highly flexible and powerfull solution used to create graphs of virtually everything imaginable throughout your network, while still maintining a rattling easy of installation and configuration.
I will use the following scenario:
munin-server.example – 192.168.1.254 # Munin Server
station1.example.com – 192.168.1.1 # Munin client
station2.example.com – 192.168.1.2 # Munin client
Trong bài viết này tôi sẽ giới thiệu với các bạn cách chúng ta thao tác với các StoredProcedure trong java với đối tượng CallableStatement.
CallableStatement là đối tượng kế thừa từ đối tượng PreparedStatement, như vậy có các tính chất của 1 PreparedStatement (tức có các tính chất của Statement(public interface CallableStatement extends PreparedStatement). Chúng ta tạo 1 CallableStatement bằng cú pháp sau:
If you have developed one Servlet application that uses MySQL database (or others), and you are using the local database for the debuging and programming, normally, I have used to define the database server host, user name,password as the pulbic static variant in some class, and changed them when I upload the compiled class to the server or the customers, because the server database or the customers’ will not use the server host, user name or password same as yours
. After some time of debuging, uploading new classes, I am tired of changing those parameters every time, and I found one problem — could let the users change such parameter themself, not me? That means the parameters will not be compiled in the class, but written in one separated file, and the users have the right to edit the file in the server.
PREROUTING: Được dùng để chuyển đổi địa chỉ IP trước khi routing, mục tiêu là chuyển đổi địa chỉ IP cho tương thích với routing table, thông thường được dùng với Destination NAT (DNAT)
POSTROUTING: Được dùng để chuyển đổi địa chỉ IP sau khi routing, hay nói cách khác dùng cho NAT source IP (SNAT)
Ví dụ:
-A PREROUTING -p tcp –dport 110 -d 210.31.24.140 -j DNAT –to -destination 172.16.24.2:110
-> Bất cứ packet nào đến port 110 có destination IP = 210.31.24.140 thì sẽ change IP destination thành 172.16.24.2 sau đó firewall sẽ forward packet đến máy 172.16.24.2.
-A POSTROUTING -d 192.168.2.0/255.255.255.0 -j SNAT –to -source 192.168.2.254
-> Nếu bất cứ packet nào có destination là 192.168.2.0/24 thì chuyển đổi source IP thành 192.168.2.254
VD Firewall có 2nic : internet <–>eth3(192.168.2.254)–eth0(10.3.0.254)<–>pc
-A POSTROUTING -d 192.168.2.0/255.255.255.0 -j SNAT –to -source 192.168.2.254
-A PREROUTING -s 172.16.0.0/255.255.255.0 -j RETURN
Tham khảo từ tài liệu :
http://www.linuxhomenetworking.com/w…k_HOWTO_:_Ch14
_:_Linux_Firewalls_Using_iptables
Vẫn còn rất thiếu sót trong tài liệu này . Mong mọi người ủng hộ và đóng góp ý
kiến để tài liệu này hoàn thiện hơn . Mọi ý kiến đóng góp xin gởi về
Read more…
