Linux

UB、RH、LD、FB……

Use fail2ban Bind9 be used to prevent DNS amplification attacks

Foreword

Ali cloud I built for personal use dnsmasq server,DNS is used to make pollution-free,The recent disclosure of the IP,Sure enough, it was attacked - is actually being used DNS amplification attacks。

Since dnsmasq itself is not designed to provide external DNS service,So it is for security profile is not a lot (no!),But it's very easy to configure Resolution Policy ([……]

Click link to continue reading...

Build OpenConnect VPN server AnyConnect (ocserv)

This article had written the,But never had a chance to do the experiment too--estimation,Anyway, writing,I will come,Everyone if necessary in conjunction with a look at ... ...?note,Please refer to theLatest notes

To build on the server ocserv,Should first install dependency

Download ocserv

access ft[……]

Click link to continue reading...

Why UNIX systems, such as the hidden directory to point at the beginning?

we all know,exist Windows Hidden folders are invisible,They some system files,While others arevirus。If you have to display words,After warning system,You can be in the form of semi-transparent folder to see this folder,Systems in order to identify a folder is hidden,It has a "-s"Properties,Protected by the system。

So a lot of people are new to Linux、OSX,Will be very[……]

Click link to continue reading...

Open nat masquerading and port forwarding on ufw

Possible until now,You have been very skilled how to open nat and port forwarding on Linux - after all, this operation may also require a server at the time of deployment。But its operation is too cumbersome,Especially when we use edit iptables ufw after that,But you can not directly edit the iptables,This time in the end what to do it?

want使用 ufw[……]

Click link to continue reading...

Ali cloud Ubuntu update image source

Update:for some reason,Ali cloud is no longer recommended updates the source,Give youThis page,Click to go can help you generate USTC mirror automatically depending on the version update source。

In order to facilitate their own domestic vps server configuration updates,Usually all you need to change and update the source dns,Do not try to patch ............ otherwise life short,NetEase previously used source but recently always cramp,So nowRecommended Ali cloud

Another[……]

Click link to continue reading...