×


Blog


Tips to secure mail server

This article covers some tips to secure a mail server.

Email on the internet is sent by the Simple Mail Transfer Protocol (SMTP). Where a mail flow between servers is not encrypted, it could be intercepted by an ISP or government agency and the contents can be read by passive monitoring.
Basically, When emails are sent between two parties, unless BOTH parties use encryption the message is open and can be read by anyone who intercepts it.
Any emails sent to and received from mailboxes that only send cleartext emails should be considered as security liabilities.

Tips on how to secure your mail server:
1. Encryption: When securing your mail server, make sure you are using secure connections. Encrypt POP3 and IMAP authentication and use SSL and TLS.

2. Mail relay configuration: Avoid being an open relay for spammers by specifying which domains/IP addresses your mail server will relay mail for.

3. Connections and default settings: To avoid DoS attacks, limit the number of connection and authentication errors that your systems will accept. Remove unneeded server functionality by disabling any unnecessary default settings. Have a dedicated mail server and move other services like FTP to other servers. Keep total, simultaneous, and maximum connections to your SMTP server limited.

4. Access Control: To protect your server from unauthorized access, implement authentication and access control. For example, SMTP authentication requires users to supply a username and password to be able to send mail from the server. Make sure access to your servers is on a need-to-have basis and is shared with as few people as possible.

5. Abuse prevention: Check DNS-based blacklists (DNSBLs) and reject email from any domains or IPs listed on them. Check Spam URI Real-time Blocklists (SURBL), and reject any messages containing invalid or malicious links.
Also, maintain a local blacklist and block any IP addresses that specifically target you. Employ outbound filtering and use CAPTCHA/reCAPTCHA with your web forms.


Ansible error Shared connection to server closed

This article covers the Shared connection to server closed error which occur when we run an Ansible command to execute commands on two newly deployed CentOS 8 servers.
Ansible is an open-source automation tool, or platform, used for IT tasks such as configuration management, application deployment, intraservice orchestration, and provisioning.
While you can write Ansible modules in any language, most Ansible modules are written in Python, including the ones central to letting Ansible work. By default, Ansible assumes it can find a /usr/bin/python on your remote system that is either Python2, version 2.6 or higher or Python3, 3.5 or higher.

A quick fix to Ansible error Shared connection to server closed is to just add the path to python 3 in your inventory file.
It would look something like this:
ip_address ansible_python_interpreter=/usr/bin/python3
Then you could test if it works with the ping module:
ansible -m ping all

From the error details, the connection failed because the shell(s) in the remote system couldn't find the Python interpreter (/usr/bin/python) as indicated by the line: "module_stdout": "/bin/sh: /usr/bin/python: No such file or directory\r\n".
After checking the remote hosts, we discovered that the systems don't have Python 2 installed.
Check Python Binary
They have Python 3 installed by default and its binary is /usr/bin/python3.

According to the Ansible documentation, Ansible (2.5 and above) works with Python version 3 and above only.
Also, Ansible is supposed to automatically detect and use Python 3 on many platforms that ship with it.
However, if it fails to, then you can explicitly configure a Python 3 interpreter by setting the ansible_python_interpreter inventory variable at a group or host level to the location of a Python 3 interpreter.


Manage Networking with NetworkManager in RHEL CentOS 8

This article covers NetworkManager daemon for managing the networking service to dynamically configure and control network devices and keep connections up and active when they are available.
Netstat is a command line utility that can be used to list out all the network (socket) connections on a system.
It lists out all the tcp, udp socket connections and the unix socket connections.
To reboot Linux using the command line: To reboot the Linux system from a terminal session, sign in or “su”/”sudo” to the “root” account.
Then type “ sudo reboot ” to reboot the box. Wait for some time and the Linux server will reboot itself.

To troubleshoot network connectivity with Linux server:
i. Check your network configuration.
ii. Check the network configuration file.
iii. Check the servers DNS records.
iv. Test the connection both ways.
v. Find out where the connection fails.
vi. Firewall settings.
vii. Check Host status information.

To change the hostname in Linux Ubuntu:
i. Type the following command to edit /etc/hostname using nano or vi text editor: sudo nano /etc/hostname. Delete the old name and setup new name.
ii. Next Edit the /etc/hosts file: sudo nano /etc/hosts.
iii. Reboot the system to changes take effect: sudo reboot.

To reinstall #network service in #Linux (#Ubuntu / #Debian):
i. Use the following command to restart the server networking service. # sudo /etc/init.d/networking restart or
# sudo /etc/init.d/networking stop # sudo /etc/init.d/networking start else # sudo systemctl restart networking.
ii. Once this done, use the following command to check the server network status.


Django Application with Kubernetes

This article covers deploying a Scalable and Secure Django Application. Kubernetes is a powerful open-source container orchestrator.
Kubernetes is a powerful open-source container orchestrator that automates the deployment, scaling and management of containerized applications.
Kubernetes objects like ConfigMaps and Secrets allow you to centralize and decouple configuration from your containers, while controllers like Deployments automatically restart failed containers and enable quick scaling of container replicas.
TLS encryption is enabled with an Ingress object and the ingress-nginx open-source Ingress Controller.
The cert-manager Kubernetes add-on renews and issues certificates using the free Let’s Encrypt certificate authority.


Scanners For Security Linux Servers

This article covers a few good scanners for securing #Linux Servers.
ClamAV ranked 13 out of 16 for Linux malware and viruses beating McAfee, Comodo and F-prot.
To run a ClamAV scan in Linux, you can open a terminal and insert “sudo apt-get install clamav” and press enter.
You may also build ClamAV from sources to benefit from better scanning performance.
To update the signatures, you type “sudo freshclam” on a terminal session and press enter.
Now we are ready to scan our system.
clamscan is a #command line tool which uses libclamav to scan files and/or directories for viruses. Unlike clamdscan , clamscan does not require a running clamd instance to function. Instead, clamscan will create a new engine and load in the virus database each time it is run.
Clam AntiVirus (#ClamAV) is one such open-source antivirus software that helps to detect many types of malicious software including viruses.

Rootkits are a type of malware that are designed so that they can remain hidden on your computer. But while you might not notice them, they are active. Rootkits give cybercriminals the ability to remotely control your computer.


SQL Server Memory Allocation

This article covers SQL server memory allocation best practices to follow while allocating memory.
By default, SQL Server can change its memory requirements dynamically based on available system resources.
SQL Server is designed to use all the memory on the server by default.
The reason for this is that #SQL Server cache the data in the database in #RAM so that it can access the data faster than it could if it needed to read the data from the disk every time a user needed it.
Changing SQL Server's Max Server memory is an online option – you don't need to restart SQL Server.
Though when you do make the change, you can and likely will cause data or procs to leave their caches so things could be a slight bit slower for a short while after you run it.
SQL Server will always give you better performance because the query is executed on the server.
Access on the back-end won't help because your client application will need to pull all the data from the tables, and then perform the join locally.
SQL Server has better indexing options.
'Max server memory' ensures that SQL Server buffer pool will not use more memory than specified in 'max server memory'.
So, SQL Server can use less memory than the value of 'max server memory' and other services can use the remaining memory.

You can monitor memory use at the database level as follows:
1. Launch SQL Server Management Studio and connect to a server.
2. In Object Explorer, right-click the database you want reports on.
3. In the context menu select, Reports -> Standard Reports -> Memory Usage By Memory Optimized Objects.