APF installation error on VPS : unable to load iptables module (ip_tables), aborting.
While installing APF on your VPS you get the following error :
apf -s
apf(13665): {glob} status log not found, created
apf(13665): {glob} activating firewall
apf(13744): {glob} unable to load iptables module (ip_tables), aborting.
apf(13665): {glob} firewall initalized
apf(13665): {glob} !!DEVELOPMENT MODE ENABLED!! – firewall will flush every 5 minutes.
You need to configure the APF for your VPS.
nano /etc/apf/conf.apf
modify
SET_MONOKERN=”0?
to
SET_MONOKERN=”1?
Read more…
Script to daily email APF status
You are running APF on your server, but sometimes you think “is APF running fine ?”
This script sends you an email with APF satus.
Log in to your server as root
Create the script:
nano apfstatus.sh
Put this on the file:
#!/bin/bash
tail -200 /var/log/apf_log | mail -s "APF Status" youemail@domain.com
Save and Exit
Ctrl+X and Y
Read more…
How to install (D)DOS-Deflate
What is DOS-Deflate?
(D)DoS Deflate is a shell script developed by Zaf, originally for use on MediaLayer servers to assist in combating denial of service attacks. However, it was seen to be very effective for our purpose, and therefore was released as a contribution to the web hosting community. (D)DoS Deflate is now used by not only many web hosts, but by many people who run their own servers looking for additional security in dealing with such attacks.
How to install
Read more…
How to install KISS Firewall
What is KISS My Firewall?
KISS My Firewall is a FREE iptables script designed for a typical web server. It takes advantage of the latest firewall technologies including stateful packet inspection and connection tracking. It also contains some preventative measures for port scanning, DoS attacks, and IP spoofing, among other things.
KISS My Firewall 2 is very easy to install and does not require any initial configuration. It will work with any stock installation of Ensim WEBppliance Basic & Pro, Plesk, and Webmin. Cpanel installations require some modifications. Available at: http://www.geocities.com/steve93138/
What’s New in Version 2 ?
The biggest change is that it does not require any initial configuration. With version 2, you won’t automatically lock yourself out of your server unless you set some of the variables incorrectly. It also does extensive error checking and is distributed as a tar file. This solves a lot of the issues that were present with the older version. In addition, version 2 is highly configurable and was tested to work with the latest version of iptables – version 1.2.8.
HOW TO: Install KISS My Firewall
Read more…
How To install BFD (Brute Force Detection)
What is BFD (Brute Force Detection)?
BFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and brute force auditing programs in the linux community that work in conjunction with a firewall or real-time facility to place bans.
Note: You MUST have APF Firewall Installed before installing BFD – it works with APF and requires some APF files to operate.
Installation:
Read more…
How to install APF (Advanced Policy Firewall)
What is APF (Advanced Policy Firewall)? APF Firewall
APF is a policy based iptables firewall system designed for ease of use and configuration. It employs a subset of features to satisfy the veteran Linux user and the novice alike. Packaged in tar.gz format and RPM formats, make APF ideal for deployment in many server environments based on Linux. APF is developed and maintained by R-fx Networks: http://www.rfxn.com/projects/advanced-policy-firewall/
This guide will show you how to install and configure APF firewall, one of the better known Linux firewalls available.
Read more…