ProFTPD Server wont start?

Failed to start FTP server :

Job for proftpd.service failed because the control process exited with error code. See “systemctl status proftpd.service” and “journalctl -xe” for details.

The journalctl -xe shows some usefull info:

proftpd: fatal: SFTPHostKey: Unable to use ‘/etc/ssh/ssh_host_rsa_key’ as host key, as it is group- or world-accessible on line 436 of ‘/etc/proftpd.conf’

Solution:

Locate the .conf file:

/etc/proftpd.conf

At the end of the .conf file comment the lines…

# SFTPHostKey /etc/ssh/ssh_host_rsa_key
# SFTPHostKey /etc/ssh/ssh_host_dsa_key

Start ProFTPD Server

et voilà!

Dovecot won’t start?

I have run into a problem after a fresh install of CentOS 7, Webmin, Vitualmin, Postfix and Dovecot. It seem that the hostname was not configured properly. Here is what I did to fix this problem.

Locate and edit this file:
/etc/hostname

Make sure that the hostname is set to localhost.localdomain.(YOUR_DOMAIN_NAME)

So it will be like this:
localhost.localdomain.mydomain.com

Save and start Dovecot!

Postfix will not start?

Postfix will not start? Error Code 89

Using CENTOS 7 / WEBMIN / VIRTUALMIN / POSTFIX / DEVOCOT

Postfix is installed even if CentOS system was installed with [Minimal Install], but if Postfix is not, Install it first like follows.

[root@mail ~]#
yum -y install postfix

This example shows how to configure SMTP-Auth to use Dovecot’s SASL function.

Edit the main.cf file

/etc/postfix/main.cf

Make sure that the following line of code is set like this…

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

[root@mail ~]#

vi /etc/postfix/main.cf
# line 75: uncomment and specify hostname

myhostname =mail.server.world

# line 83: uncomment and specify domain name

mydomain = server.world

# line 99: uncomment

myorigin = $mydomain

# line 116: change

inet_interfaces = all

# line 164: add

mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain

# line 264: uncomment and specify your local network

mynetworks = 127.0.0.0/8, 10.0.0.0/24

# line 419: uncomment (use Maildir)

home_mailbox = Maildir/

# line 574: add

smtpd_banner = $myhostname ESMTP

# add follows to the end
# limit an email size for 10M

message_size_limit = 10485760

# limit a mailbox for 1G

mailbox_size_limit = 1073741824

# for SMTP-Auth

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_mynetworks,permit_auth_destination,permit_sasl_authenticated,reject

[root@mail ~]#
systemctl restart postfix

[root@mail ~]#
systemctl enable postfix

VirtualBOX Open Source

VirtualBOX

VirtualBox is a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL) version 2. See “About VirtualBox” for an introduction.

Presently, VirtualBox runs on Windows, Linux, Macintosh, and Solaris hosts and supports a large number of guest operating systems including but not limited to Windows (NT 4.0, 2000, XP, Server 2003, Vista, Windows 7, Windows 8, Windows 10), DOS/Windows 3.x, Linux (2.4, 2.6, 3.x and 4.x), Solaris and OpenSolaris, OS/2, and OpenBSD.

VirtualBox is being actively developed with frequent releases and has an ever growing list of features, supported guest operating systems and platforms it runs on. VirtualBox is a community effort backed by a dedicated company: everyone is encouraged to contribute while Oracle ensures the product always meets professional quality criteria.

Download

PFSENSE Open Source Firewall Solution

pfsense-logo

The pfSense project is a free, open source tailored version of FreeBSD for use as a firewall and router with an easy-to-use web interface.

You can install the software yourself on your own hardware or buy it pre-installed on hardware from the pfSense Store. We have a great community that helps support each other, but we also provide commercial support for high demand environments.

pfsense-firewall

Download

Webmin Server Status

Webmin Server Status will monitor your critical webserver components and will alert you by email or SMS. A great feature that you should consider using.

Webmin monitoring tools

Overview of the Webmin Monitoring Tools Settings

Webmin monitoring tools

Disabling Root SSH Access in CentOS

By default the root account automatically have SSH access remotely. After installing CentOS and the SSH server, open any SSH client and attempt to sign on as root. Access will be granted.

To disable that, open SSH configuration file using the commands below.

sudo vi /etc/ssh/sshd_config

Then change the line as shown below :

#Authentication:

#LoginGranceTime 2m
PermitRootLogin no
#StrictMode yes
#MaxAuthTries 6
#MaxSessions 10

Change the highlighted line above by removing the # symbol. It should be like this:

PermitRootLogin no

Save the file and restart the SSH server by running the commands below.

sudo systemctl restart sshd.service

Now try logging in as root and you’ll be denied or access won’t be granted.

To re-enable the root account, just put the # symbol for the PermitRootLogin directive in the file and save it. The restart SSH server.

Another thing to remember is that SSH traffic blocked on the firewall by default. You won’t be able to access the SSH server remotely by default.

You must enable SSH through the firewall. To do that in CentOS 7, run the commands below.

firewall-cmd --permanent --zone=public --add-service=ssh

Then reload the firewall to connect.

firewall-cmd –reload

That’s it!

Enjoy!

Scanning CentOS 7 Server for Malware

clamav

Some unexpected behaviour on a Linux server could be a result of malware infection, while other malicious software might not alert to their presence. Scanning your system for different types of unwanted programs can help identify issues, or at least give you the peace of mind for having a clean server.

There are multiple options for making sure your cloud server is clean of any malware, this guide goes over a couple of scanning software you can utilise for checking your system.

ClamAV

ClamAV is a popular open source antivirus engine available on multitude of platforms including the majority of Linux distributions. Install it on CentOS 7 with the following command

sudo yum install clamav clamav-update clamav-scanner-systemd clamav-server-systemd

Afterwards you’ll need to edit the configuration a little by commenting out the Example text from two files, the simplest way to do so is to use sed for some fast editing with the these commands

sudo sed -i -e "s/^Example/#Example/" /etc/freshclam.conf
sudo sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

With the required modules installed and configured, next you should update the virus database for ClamAV by running the updater application with

sudo freshclam

When you’ve finished updating the virus definitions, do a test scan to your home directory just to make sure the scanning works as it should, use the following command

sudo clamscan -r /home

Granted that your home directory didn’t contain any viruses or other type of malware, the scan should come back empty.

So how do you know it works?

For this, you can download an anti-virus test file, which is a small completely harmless program that most anti-virus software report as infected, though with an obvious test file name EICAR-AV-Test. Use the following command to download the test file to your home directory.

wget -P ~/ http://www.eicar.org/download/eicar.com

Now scan your home folder again with the same command as above, you should receive notice of one infected file at the end summary after the scan is completed. When you’ve confirmed that ClamAV finds the test file correctly, use the command below to scan it again and remove the infected file once found.

sudo clamscan --infected --remove --recursive /home

Be careful when using the –remove parameter. First run a broader scans without it, and then more localized scan when removing files, or remove them manually.

To perform a complete scan of your cloud server, use the this command

sudo clamscan --infected --recursive --exclude-dir="^/sys" /

The scan goes through each directory in your system root recursively, but skips /sys just to avoid unnecessary warning printouts, as the virtual file system consists of some unreadable files, which could not contain viruses anyway.

Rkhunter on CentOS 7

Rkhunter is a common options for scanning your system for rootkits and general vulnerabilities. It can be easily installed from the package manager on CentOS using the following command:

sudo yum install rkhunter

Once installed and before scanning you’ll need to update the file properties database with:

sudo rkhunter --propupd

This lets the scanner to know the current state of certain files to prevent some false alarms. After the update, simply run the scanner with the following:

sudo rkhunter --checkall

The scanner goes through some system commands, checks for actual rootkits and some malware, network and local host settings, and then gives you the summary as well as recording the findings to a log file.

Afterwards you can get a condensed look at the scan log with this command:

sudo cat /var/log/rkhunter/rkhunter.log | grep -i warning

Go through the output to get some tips on what you could do to improve your system security.

Team Communication for the 21st Century! TEAMWORK!!!

slack

Slack is…

Channels
Organize your team conversations in open channels. Make a channel for a project, a topic, a team, or anything—everyone has a transparent view of all that’s going on.

Private Channels
For sensitive information, create private channels and invite a few team members. No one else can see or join your private channels.

Direct Messages
To reach a colleague directly, send them a Direct Message. It’s completely private and secure.

Drag, drop, and share your files
Not just your messages, but all your files, images, PDFs, documents, and spreadsheets can be dropped right into Slack and shared with anyone you want. Add comments, star for later reference, and it’s all completely searchable.

If you use any services like Google Drive, Dropbox, or Box, just paste the link and that document is immediately in sync and searchable too.

All your tools in one place
Connect all the tools you use to Slack and avoid all that constant switching between apps. Set up your integration so that you get all your notifications directly within Slack—from support requests, code check-ins, and error logs to sales leads—all of them searchable in one central archive.

Search your entire archive
Everything in Slack—messages, notifications, files, and all—is automatically indexed and archived so that you can have it at your fingertips whenever you want. Slack also indexes the content of every file so you can search within PDFs, Word documents, Google docs, and more. With one search box and a set of powerful search operators, you can slice and dice your way to that one message in your communication haystack.

https://slack.com

To the Moon!