Lets grab the source for vnStat and get it running and configured:
Quote:
|
# tar -xzvf vnstat/vnstat-1.9.tar.gz
|
Now we'll test that vnStat is fine and then start the daemon. Lets select the interface we want to monitor and create the database entry for it.
My output for that command is: "Available interfaces: lo dummy0 eth0 tunl0 gre0" Pretty much everytime eth0 is the one you'd want to monitor.
Now lets take a look at what our little friend can do:
Make sure it runs OK then exit and we'll create the init.d script.
Quote:
|
# nano /etc/init.d/vnstat
|
Paste
this into the file then save and exit. Make the file executable and update the rc.d.
Quote:
|
# chmod x /etc/init.d/vnstat
|
Quote:
|
# update-rc.d vnstat defaults
|
The daemon is now running so we can grab the frontend and install it.
Quote:
|
# tar -xzvf vnstat_php_frontend-1.4.1.tar.gz
|
Quote:
|
# cd vnstat_php_frontend-1.4.1
|
Quote:
|
# rm vnstat_php_frontend-1.4.1.tar.gz
|
Quote:
|
# rm -rmf vnstat_php_frontend-1.4.1
|
Now we have the files where they should be lets edit their config and test it out.
Look for the line that says:
Change it to:
Quote:
|
$vnstat_bin = '/usr/bin/vnstat';
|
Now lets test it out:
https://SERVER.ADDRESS/vnstat/
If you see some data on the page then all is well! You can edit the other PHP files if you don't want to have the other interfaces appear or if you want a different colour scheme.
vsftpd
vsftpd is my favourite FTP daemon. It is light and secure and is able to provide encryption. Pretty much everything you could need. Remember that even during encrypted FTP sessions only the command channel is encrypted. The data channels remain unencrypted so anyone who is sniffing can see what is transferred. For the most secure possible session investigate rsync/sFTP over SSH. If you'd prefer another FTPd then you can also check out
Pure-FTPd or
ProFTPD.
Lets grab the vsftpd source.
Quote:
|
# tar -xzvf vsftpd-2.2.1.tar.gz
|
Remove the standard configuration file
Reopen the file and paste this configuration to get a more standard configuration.
Quote:
listen_port=65497
listen=YES
#listen_ipv6=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
#local_umask=022
#anon_upload_enable=NO
#anon_mkdir_write_enable=NO
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
#chown_uploads=YES
#chown_username=whoever
#xferlog_file=/var/log/vsftpd.log
#xferlog_std_format=YES
#idle_session_timeout=600
#data_connection_timeout=120
nopriv_user=admin
#async_abor_enable=YES
#ascii_upload_enable=YES
#ascii_download_enable=YES
#ftpd_banner=Welcome to blah FTP service.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
chroot_local_user=NO
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd.chroot_list
#ls_recurse_enable=YES
#
#
# Debian customization
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
pasv_min_port=65401
pasv_max_port=65410
|
You can change the port if you'd like but most definitely don't use the standard FTP communication port.
Security
Most of this information can be found in other places but as I have time I will add it here; probably in different tutorials as this one is long enough already.
To Add:
Changing the FTPd and SSHd port.
Authorized Keys.
Limit number of SSHd connection attempts.
Limit root login.
Configuring iptables.
PortSentry (listen on 21 & 22 to see who tries to connect).
rsync/sFTP over SSH (completely encrypted file transfer).
Troubleshooting
Common Problems
Coming soon...