Archive

Archive for the ‘Linux’ Category

Ubuntu Fix: Stacks Applet Not Working

April 14th, 2010 1 comment

When trying to add “Stacks Applet” to the AWN dock, it only shows a white vertical bar. From ~/.Xsession-errors file, I found some error message like this:

File “/usr/local/bin/avant-launchers”, line 36, in
import gnomedesktop
ImportError: No module named gnomedesktop
Traceback (most recent call last):
File “/usr/local/bin/avant-applets”, line 36, in
import gnomedesktop
ImportError: No module named gnomedesktop

The fix is simple: install “gnome-python2-desktop” package.

sudo apt-get install gnome-python2-desktop
Categories: Linux, Tips and Tricks Tags:

Ubuntu Fix: AWN Manager Not Working

April 14th, 2010 No comments

When trying to run AWN Manager from a terminal, I got some error message like this:

File “/usr/share/avant-window-navigator/awn-manager/awnPreferences.py”, line 368, in reload_look
if self.client.get_int(defs.BAR, defs.BAR_ANGLE) == 0:
glib.GError: Type mismatch: Expected `int’ got `float’ for key /apps/avant-window-navigator/bar/bar_angle

To fix this problem, try these steps:

  1. Open a terminal and type “gconfig-editor”.
  2. Go into “/apps/avant-window-navigator/bar” on the right side you should see “bar_angle”.
  3. Double click “bar_angle” and a “Edit Key” window will open. If you see “Float” in the “Type” that’s the problem. It should be set to “Integer”.
  4. Close the “Edit Key” window. Remember the value of “bar_angle”. Right click on “bar_angle” then select “Unset Key”. This will change its type back to “Integer”. Re-enter the value for “bar_angle”.
Categories: Linux, Tips and Tricks Tags:

Fix Backspace’s Behavior in Firefox under Linux

April 13th, 2010 No comments

Firefox under Linux: Fix Backspace’s Behavior to Take You to the Previous Page:

  1. In Firefox, type about:config into Location Bar.
  2. Click on “I’ll be careful, I promise!” button.
  3. In the filter text box, enter the following text string: browser.backspace_action.
  4. Double click on the browser.backspace_action and change its value to “0”.
  5. Close the tab, and the change will take effect immediately.
Categories: Linux, Tips and Tricks Tags:

Fail2Ban – Preventing Brute Force SSH

August 9th, 2009 No comments

[ Note: This article is copied directly from UNI Debian Page. ]

Fail2ban is used to combat brute force SSH attacks. It does this by watching the log files for invalid logins by specific IPs under a certain amount of time and then using iptables to ban them.

[Configure Fail2Ban]

Fail2ban is automatically configured for the most part. However, little items need to be tweaked. /etc/fail2ban/fail2ban.conf is responsible for general settings for fail2ban, such as what log to append to. More specific settings can be changed in /etc/fail2ban/jail.conf. However, it’s recommended that this file not be directly changed. Instead, make a copy to jail.local (cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local) and the local file will override the .conf one.

First, find ignoreip. It’s always important for you to have a way in! These are IPs are fail2ban will ignore – IPs listed here can always have invalid login attempts and still not be blocked. In my file, I’m putting down the network ranges for my internal network (192.168.1.0/24) as well as one other trusted IP address of a machine that I will be able to SSH into if need be. These need to be space separated! If they are not, fail2ban won’t block anyone.

# "ignoreip" can be an IP address, a CIDR mask or a DNS host
ignoreip = 192.168.1.0/24 X.X.X.X

Default options are listed somewhere near the top of the file. Although there are specific filters specified further down, these default options will take effect unless override in the specific filters. bantime specifies how long an IP address sits in “time out” before it is allowed to attempt to log in again. The default of 600 seconds (10 minutes) is probably fine.

Individual filters are specified with brackets surrounding the filter’s name. By default, only [ssh] is active. Notice this filter has a higher maxretry than specified in the default above. Maxretry specifies the number of times an IP address can attempt to log in before being banned. I changed mine down to 3.

[ssh]
enabled = true
port    = ssh
filter  = sshd
logpath  = /var/log/auth.log
maxretry = 3

After making changes to any files, restart fail2ban with:

/etc/init.d/fail2ban restart.

[ Oops!… Unblocking Blocked IPs]

Fail2ban timesout are only temporary. Still, it’s important to know how to unblock an IP address once fail2ban has started blocking it. If you do iptables -L, you’ll see all the IPs currently blocked:

root@pbx:~# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
fail2ban-ssh  tcp  --  anywhere             anywhere            tcp dpt:ssh
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
 
Chain fail2ban-ssh (1 references)
target     prot opt source               destination
DROP       0    --  lucient.rootmypc.net  anywhere
RETURN     0    --  anywhere             anywhere

Notice lucient.rootmypc.net is currently being blocked here. Rather than waiting ten minutes for it to be unblocked, you can tell iptables to drop that rule. The syntax is iptables -D <rulename> <rule line>. To unblock lucient.rootmypc.net, I issued

root@pbx:/etc/fail2ban# iptables -D fail2ban-ssh 1

Entering iptables -L again should show that that rule is now gone, and that IP address is again allowed to SSH in (at least until they try to log in incorrectly the magic number of times again).

Categories: Linux, Tips and Tricks Tags: