Linux Tips

Learn about everything you'll need to build and maintain your Linux servers, and to deploy Web applications to them. Whether you're planning on running Linux at home, or on a leased Web Server, this book will walk you step-by-step t hrough all of the common administration tasks, from managing traffic reporting to log-file rotation. This guide even includes step-by-step instructions on installing Linux (Fedora 4), Apache 2.0, PHP 5 and MySQL 4.1 on a home or office development server, so you can test all of your applications before rolling them out.

For Ubuntu Installing Apache $ sudo aptitude install apache2 Setting a Static IP Address Now make sure that you have a static IP address $ sudo vi /etc/network/interfaces And change the following (bold) to match your network # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.1.2 netmask 255.255.255.0 gateway 192.168.1.1 Press Esc then :wq to save and exit. After saving the file, you must now restart the networking process $ sudo /etc/init.d/networking restart Installing and Configuring Squid Install the Squid Proxy Server $ sudo aptitude install squid If you want to change the default port that squid listens on [3128], change the http_port tag using vi, making a backup copy first $ sudo cp /etc/squid/squid.conf /etc/squid/squid.conf_backup $ sudo vi /etc/sq...

Recently published a pretty big vulnerability for Apache 1.x and 2.x pass Squid. The vulnerability is Intentionally incomplete HTTP requests and this makes the server open a connection waiting for a header. This would be the header that is sent to the server: GET / HTTP/1.1\r\n Host: host\r\n User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.503l3; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MSOffice 12)\r\n Content-Length: 42\r\n So far, no one knows any apache configuration to protect itself from this attack, what could be done is to increase the number of requests to add complexity for the attacker, however this would not be a solution to the problem, moreover Tomasz Miklos, mentions that the attack succeeded counteract a known Perlbal reverse proxy. Hopefull news or security updates for apache, good news for those using IIS, as this vulnerability does not affect them.