human.network.web.id

Shorewall 4.x di TSL 3.0.5

Instan firewall yang mudah cara instalasinya.
Supaya saya tidak lupa dan bermanfaat buat yang lain, maka saya dokumentasikan saja :D.

Untuk trustix, dan “mungkin” distro lain yang tidak spesifik, sebaiknya ambil paketan “noarch”.
Bisa juga pakai versi tgz. Tapi saya lebih memilih yang rpm, biar ndak mumet. Namanya juga mau instant

Contoh kasus, shorewall akan dipasang di mesin mail dengan 1 interface, dan versi terbarunya 4.0.11
Read more »

Tags: ACCEPT, default, distro, drop, firewall, icmp, interface, mail, noarch, port, rpm, shorewall, smtp, source destination, ssh, tcp, trustix, vi

Filed in Linux | admin | May 27, 2008 10:40 am | Comments (2)

How to convert a MT box in an Anti Spam server with v2.9

Diambil dari http://forum.mikrotik.com/viewtopic.php?t=15721

Hi there, for months I have the idea how to transform one Mikrotik OS in an Anti Spam server. After more than 20 days applying few scripts, firewall rules and address list, I have achieved reduce from 45.000 mails per day to only 11.000/12.000 without many complaints from my customers.

Before continuing, some details about this:

Yes, I know that exists others solutions.
Yes, I know with Linux can obtain the same results.
Yes, I know that it seems a crazy solution.
Yes, I know (in the practice) that this solutions generate a moderate cpu usage. I have a Pentium IV with 75% of cpu usage (this can change with new features from MT… see scripts explanation) and we are a little ISP.
Yes, yes, yes…
but
I use MT from six years ago (when John Tully & Arnis Riekstins answered the company mails themselves) and always I try to resolve any networking necessity whit MT.
I had the trust that can resolve this whit MT.
and after thinking about this, I can’t never sleep all night from many days, so, for my health and wife I made it !!!

Tags: ACCEPT, antispam, check, dnsbl, firewall, HIT, host, icmp, icon, lease, linux, live, mail, mangle, mikrotik, network, nth, php, port, postfix, smtp, spam, ssh, tcp, time, TTL, tx, vi, xp

Filed in Mikrotik | admin | January 11, 2008 11:15 pm | Comments (1)

Looking port for spesific application

dari milist tanya jawab

# lsof -i -n -P
COMMAND   PID    USER   FD   TYPE   DEVICE SIZE NODE NAME
ntpd     1748     ntp    4u  IPv4     2487       UDP *:123
ntpd     1748     ntp    5u  IPv6     2488       UDP *:123
ntpd     1748     ntp    6u  IPv4     2489       UDP 127.0.0.1:123
ntpd     1748     ntp    7u  IPv4     2490       UDP 202.156.81.23:123
ntpd     1748     ntp    8u  IPv4     2491       UDP 202.156.81.68:123
sshd     1797    root    3u  IPv6     2669       TCP *:22 (LISTEN)
oidentd  2025  nobody    5u  IPv6     3399       TCP *:113 (LISTEN)

Tags: linux, mail, port, ssh, tcp, udp, user, vi

Filed in tanya-jawab | admin | January 7, 2008 11:11 am | Comments (0)

ssh no-login

dari url ini dan modifikasi dari Agus priyadi

client$ ssh-keygen -t dsa
(passphrasenya kosongin, laennya ikutin default kalo gak tau)
client$ scp ~/.ssh/id_dsa.pub server:
client$ ssh server
server$ cat ~/id_dsa.pub >> ~/.ssh/authorized_keys
server$ chmod 640 .ssh/authorized_keys
server$ rm -f ~/id_dsa.pub
server$ ^D
client$ ssh server

Tags: default, linux, mail, ssh

Filed in tanya-jawab | admin | December 18, 2007 5:13 pm | Comments Off