B l o g .
robberthamburg.nl
Howto PPTP VPN Setup for a Debian
2 weeks ago
I needed a VPN to be able to securely connect to my servers. It seems to be easy.
To verify PPP is working, run:
|
1
|
cat /dev/ppp |
It should return this:
cat: /dev/ppp: No such device or address
Server Setup:
1. Install the pptp server package:
|
1
|
apt-get install pptpd |
2. Edit the “pptpd.conf” configuration file:
|
1
|
vim /etc/pptpd.conf |
Uncomment the localip and remoteip lines and change them to something like this:
|
1
2
|
localip 11.22.33.44remoteip 10.1.0.1-100 |
Where the “localip” is the address of your VPS, and the remoteip are the addresses that will be handed out to the clients, it is up to you to adjust these for your network’s requirements.
3. Edit the “pptpd-options” configuration file:
|
1
|
vim /etc/ppp/pptpd-option |
Uncomment the ms-dns lines and change them to:
|
1
2
|
ms-dns 208.67.222.222ms-dns 208.67.220.220 |
Where the IP used for the ms-dns line is the DNS server for the local network your client will be connecting to. In my example, I used OpenDNS’s DNS servers.
4. Edit the “chap-secrets” file:
|
1
|
vim /etc/ppp/chap-secrets |
Add the authentication credentials for a user’s connection, in the following syntax:
username<tab>*<tab> userpassword<tab>*
Make sure that you separate each entry with a single tab. It could be like this:
|
1
|
john * jsmith88 * |
5. Edit the MTU settings:
|
1
|
vim /etc/ppp/ip-up |
Add this line to the end of the file:
|
1
|
ifconfig $1 mtu 1400 |
6. Allow PPTP through the firewall (iptables):
|
1
|
iptables -t nat -A POSTROUTING -j SNAT --to-source 11.22.33.44 |
Change 11.22.33.44 to your VPS’s public IP address.
After that, type in:
|
1
|
iptables-save |
7. Restart the pptpd for the settings to take affect:
|
1
|
/etc/init.d/pptpd restart |
If you don’t want to grant yourself access to anything beyond the server, then you’re done on the server side.
8. Enable Forwarding:
By enabling forwarding we make the entire network available to us when we connect and not just the VPN server itself. Doing so allows the connecting client to “jump” through the VPN server, to all other devices on the network. If you don’t enable forwarding, you will not be able to browse the web through your proxy.
Edit the sysctl file:
|
1
|
vim /etc/sysctl.conf |
Find the “net.ipv4.ip_forward” and uncomment it by removing the “#”:
|
1
|
net.ipv4.ip_forward=1 |
You can either restart the system or issue this command for the setting to take affect:
|
1
|
sysctl -p |
With forwarding enabled, all the server side settings are prepared.
Here is a script to reapply iptables settings at boot (in case your server restarts/crashes/etc.) Make sure you change the IP address to your VPS address.
|
1
2
3
4
5
6
|
iptables-save > /etc/iptables.confcat > /etc/network/if-pre-up.d/iptables <<END#!/bin/shiptables-restore < /etc/iptables.confENDchmod +x /etc/network/if-pre-up.d/iptables |
Hope this works well for you, if not, let me know in the comments!
Howto Vi Vim color syntax
I just installed Debian (again) and found a way to change the default monochrome vi to color with syntax, thought it might help someone else looking for the same thing. I had to look awhile for this, so i thought i would share.
Do:
apt-get install vim-full
This will load all the syntax format info for most of the files you’re likely to ever need, i.e. apache2.conf, postfix/main.cf etc.
edit ~/.bashrc for whichever user you are
add:
alias vi='vim'
then edit:
/etc/vim/vimrc
and uncomment:
syntax on
and any other features you want to enable in that file (for example if you are using a dark barkground in terminal).
Detecting and removing the Flashback malware in OS X
1 month ago
You probably are reading this because you own a mac and you are worried that you were infected with the Flashback malware.
You can do a quick test to see if you are
F-Secure’s analysis offers a detailed method for detecting and ultimately removing the malware from your system, though you can easily detect the malware in its known variants by running the following three commands sequentially in the OS X Terminal utility (found in the /Applications/Utilities/ folder):
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
defaults read /Applications/Safari.app/Contents/Info DYLD_INSERT_LIBRARIES
defaults read /Applications/Firefox.app/Contents/Info DYLD_INSERT_LIBRARIES
By running these commands in the Terminal, if you see “does not exist” as part of the output then your system is not infected. Your output should be something like below. If you get other results be sure to read the extensive howto at f-secure.
mbpro:~ rha$ defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
2012-04-05 21:13:20.908 defaults[1121:707]
The domain/default pair of (/Users/rha/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist
mbpro:~ rha$ defaults read /Applications/Safari.app/Contents/Info DYLD_INSERT_LIBRARIES
2012-04-05 21:13:29.795 defaults[1124:707]
The domain/default pair of (/Applications/Safari.app/Contents/Info, DYLD_INSERT_LIBRARIES) does not exist
mbpro:~ rha$ defaults read /Applications/Firefox.app/Contents/Info DYLD_INSERT_LIBRARIES
2012-04-05 21:13:36.593 defaults[1126:707]
The domain/default pair of (/Applications/Firefox.app/Contents/Info, DYLD_INSERT_LIBRARIES) does not exist
mbpro:~ rha$ exit