http://www.ducea.com (Good Link)

Kemarin pas waktu lagi browsing, nemu link bagus banget….. biar ndak lupa makanya aku posting linknya disini….

http://www.ducea.com/

Sekilas tentang si empunya web…

My name is Marius Ducea. Iā€™m living in Romania, in a city called Sibiu, with my beautiful wife, Anca, which still has the patience to put up with the long hours I spend in front of the computer.

I have been working as a System Administrator (sysadmin) for my entire career (about 7 years). I used to work in various local companies all in the ISP field in positions like system administrator, network administrator, security specialist, technical manager. About 2 years ago I have started my own consulting company, and started freelancing and working on various contract projects. I have ended doing this as a full time job now and I ended up focusing on my own business than working for someone else.

20 ways to Secure your Apache Configuration

Here are 20 things you can do to make your apache configuration more secure.

Disclaimer: The thing about security is that there are no guarantees or absolutes. These suggestions should make your server a bit tighter, but don’t think your server is necessarily secure after following these suggestions.

Selengkapnya : http://www.petefreitag.com/item/505.cfm

Install and Configure DJBDNS

Hanya mendokumentasikan tutorial dari Pak Arief Yudhawarman

Howto Install DJBDNS

THE SOURCE CODE IS OBTAINED FROM www.djbdnsrocks.org
ALSO INCLUDED THE PATCH FOR DAEMONTOOLS, UCSPI & DJBDNS
THE SOURCE: djbdnsrocks.tar.gz

By xwings and edited by awarmanf@mega-plasma.net
Created 10/16/2003 – 21:47

Title : Install and configure djbdns
Os : Linux
Distro : Actually made for slackware but can be installed
on RedHat 9 and Fedora Core (at last FC3)
URL : … (sorry, lupa )

Domain: yourdomain.org
Another domain: yourdomain.com
IP Server: 192.168.0.254

i. Install Daemontools

# mkdir -p /var/package
# chmod 1755 /var/package
# cd /var/package
# tar zxvf daemontools-0.76.tar.gz
# cd admin
# cd daemontools-0.76
# patch -p1 < daemontools_errnopatch
# package/install

ii. Install ucspi-tcp

# cd /tmp
# tar zxvf ucspi-tcp-0.88.tar.gz
# cd ucspi-tcp-0.88
# patch -p1 < ucspi-tcp_errnopatch
# make
# make setup check

iii. Editing daemontools

# mkdir /var/service
# cd /command
# vi svscanboot

— Notes : Add /var infront of all the /service directory
/command/svc -dx /var/service/* /var/service/*/log
env – PATH=$PATH svscan /var/service 2>&1 | \

# vi /etc/inittab

— Notes : Comment out SVSCAN part

# init q
# vi /etc/inittab

— Notes : Uncomment out SVSCAN part

# ps -aux

— Check and see SVS is running on /var/service

iv. Edit /etc/resolv.conf

— Add in —
domain yourdomain.org
nameserver 192.168.0.254
————

v. Preparing for djbdns

# mkdir /var/dns
# groupadd dns
# useradd dnscache -g dns -d /var/dns -s /bin/false
# useradd dnslog -g dns -d /var/dns -s /bin/false
# useradd dns -g dns -d /var/dns -s /bin/false

vi. Install djbdns

# cd /tmp
# tar xvzf djbdns-1.05.tar.gz
# cd djbdns-1.05
# patch -p1 < djbdns_errnopatch
# make
# make setup check

vii. Bringing up djbdns – dns server

# tinydns-conf dns dnslog /var/dns/namedb 127.0.0.1
# ln -s /var/dns/namedb /var/service
# cd /var/dns/namedb/root
# ./add-ns yourdomain.org 127.0.0.1
# ./add-ns 0.168.192.in-addr.arpa 127.0.0.1
# ./add-host proxy.yourdomain.org 192.168.0.254
# ./add-mx yourdomain.org 192.168.0.254
# ./add-ns yourdomain.com 127.0.0.1
# ./add-host www.yourdomain.com 192.168.0.254
# ./add-alias webmail.yourdomain.com 192.168.0.254
# ./add-alias ftp.yourdomain.com 192.168.0.254
# ./add-alias groupware.yourdomain.com 192.168.0.254
# ./add-alias forum.yourdomain.com 192.168.0.254
# ./add-alias postfix.yourdomain.com 192.168.0.254
# ./add-mx yourdomain.com 192.168.0.254
# make

viii. Bringing up djbdns – dns cache server

# dnscache-conf dnscache dnslog /var/dns/dnscache 192.168.0.254
# ln -s /var/dns/dnscache /var/service
# touch /var/dns/dnscache/root/ip/192.168.0
# echo 127.0.0.1 > /var/dns/dnscache/root/servers/yourdomain.org
# echo 127.0.0.1 > /var/dns/dnscache/root/servers/yourdomain.com
# echo 127.0.0.1 > /var/dns/dnscache/root/servers/1.0.0.127.in-addr.arpa
# echo 127.0.0.1 > /var/dns/dnscache/root/servers/0.168.192.in-addr.arpa

ix. Forwarding ISP external cache
# echo 202.134.1.10 > /var/dns/dnscache/root/servers/@
# echo 202.134.0.155 >> /var/dns/dnscache/root/servers/@
# echo 1 > /var/dns/dnscache/env/FORWARDONLY
# echo 1000000 > /var/dns/dnscache/env/CACHESIZE
# echo 3000000 > /var/dns/dnscache/env/DATALIMIT
# svc -t /var/service/dnscache

Testing :

# dnsqr a www.yourdomain.com
1 www.yourdomain.com:
54 bytes, 1+1+0+0 records, response, noerror
query: 1 www.yourdomain.com
answer: www.yourdomain.com 86168 A 192.168.0.254

Maintain SVC

Restart Service
# svc -t /var/dns/dnscache
Stop
# svc -d /var/dns/dnscache

Semoga bermanfaat…. Amien… šŸ™‚

Debian: Starting up stuff at boot time (rc.locals)

Execute this command to find your default runlevel:
cat /etc/inittab | grep initdefault

You should see a line like this:

id:2:initdefault:

That means 2 is your default runlevel. This may also be 3, or rarely 4 or 5. Create your rc.local file like this (as root):

touch /etc/init.d/rc.local
chmod 774 /etc/init.d/rc.local

Set it to be run at boot time by doing this:

ln -s /etc/init.d/rc.local /etc/rcX.d/S99local

Replace the X with your default runlevel from step one. For example, rc2.d. Edit your /etc/init.d/rc.local script.

This’ll cause your rc.local script to be run last during the bootup process (because of the 99). This is generally what you want to do, to make sure your network connection is up and all the basic services are started before your custom startup script runs.