Cygwin – Linux Distribution on windows

Posted on by Leave a comment

Open Source tools which provide functionality similar to a Linux distribution on Windows. It is a Windows command line on steroids which runs useful Linux Unix commands. The core part is the Cygwin library which provides the POSIX system calls and environment these programs expect. Cygwin allows easy porting of many Unix/Linux programs without the need for extensive changes to the source code.

It consists of two parts:

  • A DLL (cygwin1.dll) which acts as a Linux API emulation layer providing substantial Linux API functionality.
  • A collection of tools which provide Linux look and feel.
cygwin install

cygwin installation

 

Use this tool to Rsync or SCP over windows server.

Download and install the Cygwin

Goto Cygwin website Click “Install Cygwin” ⇒ Download the setup program “setup-x86_64.exe” (64-bit Windows) or “setup-x86.exe” (32-bit Windows).

Verify Cygwin

Start the Cygwin Command shell (bash or sh) by running “cygwin.bat”. You shall see the command prompt “$”. You may need to create the users’ group and password files by running the following commands:

$ mkpasswd –l > /etc/passwd
$ mkgroup –l > /etc/group

 

Install the Cygwin, SSH, PowerShell and Rsync using the following Windows patch script.

Deploy Cygwin, PowerShell, openssh and Rsync v3.2_latest

Download above script and Unzip and run the script. Once the installation has completed, you can use “Cygwin64 Terminal” in Desktop.

 

 

Fail2ban – block failed login attempts

Posted on by Leave a comment

Fail2ban is a log parsing application that monitors system logs for symptoms of an automated attack on your server. If you pay attention to application logs for these services, you will often see repeated, systematic login attempts that represent brute force attacks by users and bots alike. Use this to block failed login attempts.

Fail2ban will add a new rule to iptables, thus blocking the IP address of the attacker, either for a set amount of time or permanently. Fail2ban will also alert you through email that an attack is occurring.

fail2ban block failed login attempt

block failed login attempt

The fail2ban package is available under Debian/unstable and also as a download for other Linux systems.

Installing Fail2ban on CentOS 7

Ensure your system is up to date and install the EPEL repository:

# yum update && yum install epel-release
# yum install fail2ban

This will be installed fail2ban and will be running as a daemon. However, you might want to edit the configuration file and stop/start the daemon to get it running how you want. The configuration file can be found at /etc/fail2ban.conf.
Install Sendmail if you are looking email support to send alerts.

# yum install sendmail

Start and enable Fail2ban

# systemctl start fail2ban
# systemctl enable fail2ban

For Sendmail

# systemctl start sendmail
# systemctl enable sendmail

 

Installing Fail2ban on Debian / Ubuntu

Make sure all are up to date.

# apt-get update && apt-get upgrade -y
# apt-get install fail2ban

The service will automatically start.
fail2ban will monitor the auth.log file for failed access attempts. As soon as the daemon is running your ssh port (22) will be protected from brute-force attacks – preventing more than a small number of attempts at one time.

Actions taken by the daemon are logged by default in /var/log/fail2ban.log

 

Configure fail2ban

Most entries don’t need to be changed but there are a few that you might want to edit. The DEFAULT settings apply to all sections:

[DEFAULT]

maxfailures = 3
bantime = 900
findtime = 600

Needs to be set to true if you want to receive emails.

[MAIL]

enabled = true
to = root@localhost

If you want to monitor apache logs,

[Apache]

enabled = false

fail2ban will monitor the auth.log file for failed access attempts.

[SSH]

enabled = true
logfile = /var/log/auth.log

 

To customize the configuration file, check the fail2ban documentation.