jenskiebee
Honorary Poster
- Joined
- Jul 21, 2016
- Posts
- 715
- Reaction
- 197
- Points
- 249
Alam ko meron na diba pero iba naman ito using for debian and setting with security proxy.
Para sa mga gusto ng own server ssh and remote proxy/squid.
You do not have permission to view the full content of this post. Log in or register now.
register here add credits para maka gawa ng own server.
pde gamitin ang payment dito:
click mo + to add server:
select server location. Note: ikaw bahala kung ano server location mo gusto
select server type sympre un debian tayo kase for debian7 TUT natin.
select server size. ikaw bahala kung ano size depende sa location kung meron $2.50 na open kase iba close tulad nito kase puno na un server nila for $2.5 nila for SG location server. im selecting $5.00 muna
NOTED: wag ka mag alala per hour deduction nito kahit anong oras pde mo burahin server mo.
next last para created server na.
server hostname & label lagay ka kahit ano gusto mo hostname/label.
then deploy wait mo lang matapos steps niya INSTALLING to MANAGE.
manage server click mo para makita mo un IP at password mo.
then use bitvise ssh client for pc to manage server set up
or juiceSSH for android device to manage server set up
LOG IN muna tayo sa server kunin mo details:
use apps bitvise ssh client or juiceSSH.
then log in mo na lalabas ito parang cmd niya.
at ito sftp window, rightside is un mga file ng server mo.
use natin command/cmd ng server.
before change password natin muna un server para madali access..
type this command:
passwd
--enter mo lalabas un Enter new UNIX password:
--lagay ka ng password mo. ex. phcjenskiebee ----enter again
--Retype new UNIX password: phcjenskiebee ---enter again
passwd: password updated successfully
after nyan pag mag log in ka new password na gagamitin mo para madali at TANDA mo.
PART 1
Now mag start na tayo for ssh server.
add new port ssh server add tayo ng 443.
but pde naman di na mag add kase meron na tayo port 22 pde naman gamitin un as DEFAULT
type this command:
nano /etc/ssh/sshd_config
--enter
bandang una lang naman add mo.
port 443 at un default port 22 na.
ctrl+o to save enter
ctrl+x exit. balik sa main
then add tayo ng new user for ssh para magamit natin sa injector.
type this command for add user:
useradd "username mo gusto" ----enter mo
ex. useradd phcjenskie
type this command for fill the password for username phcjenskie:
passwd "username mo gusto" ----enter mo
ex. passwd phcjenskie
Enter new UNIX password: "di nakikita pag nag type ng password"
Retype new UNIX password: "di nakikita pag nag type ng password"
Meron kana account sa SSH server pde muna gamitin sa injector tapos pulot ka ng mga RP/squid dyan.
at sa part 2 dun nadin natin lagyan ng monitor kung ilang mb na gagamit mo sa port ng ssh account mo.
PART 2
Now gagawa naman nayo ng squid/rp mong sarili para di kana namumulot with password.
and ma check mo kung ilang mb na nagamit ng RP/squid.
installing squid3/RP
first update muna tayo.
type this command:
apt-get update && apt-get upgrade -y
---enter mo
type this command:
apt-get install squid3 apache2-utils -y
---enter mo
wait mo lang matapos pag may ok na.
mag add tayo ng files sa loob ng squid3 folder niya with account security.
type this command:
htpasswd -c /etc/squid3/passwd "USERNAMEn gusto mo sa squid3/rp" ---enter mo
ask new password for squid.
ex. htpasswd -c /etc/squid3/passwd jenskiebee
palitan natin ng permission un files na dinagdag natin sa squid forder para maaccess siya.
type this command:
chmod 777 /etc/squid3/passwd
edit natin un config ng squid para new script
pero backup muna tayo ng script
type this command to back up script:
cp /etc/squid3/squid.conf /etc/squid3/squid.conf.bak
type this command to erase content script:
echo '' > /etc/squid3/squid.conf
type this command to write new script:
nano /etc/squid3/squid.conf
lilitaw dyan blank wala naka sulat. then paste mo ito dyan lahat
UPDATED: NOW 2 TYPES OF SQUID/RP
1.THIS SQUID SET UP WITH USERNAME AND PASSWORD - un password at username ito set niyo bago edit un squid file.
http_port 3128
#default lng siya 3128 pde mo palitan port 8080,80 ikaw bahala ang gusto mo port
cache deny all
hierarchy_stoplist cgi-bin ?
access_log none
cache_store_log none
cache_log /dev/null
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl Safe_ports port 22
acl SSL_ports port 22
acl Safe_ports port 443 # https
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd
auth_param basic children 5
#auth_param basic realm Squid Basic Authentication
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl password proxy_auth REQUIRED
http_access allow localhost
http_access allow password
http_access deny all
forwarded_for off
2.THIS SQUID SET UP IS ONLY YOUR IP CAN USE - no need username and password because the set up of allow ip only. NOTE: please read the read letter
http_port 3128
#default lng siya 3128 pde mo palitan port 8080,80 ikaw bahala ang gusto mo port
cache deny all
hierarchy_stoplist cgi-bin ?
access_log none
cache_store_log none
cache_log /dev/null
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl vpnservers dst 45.024.14.24
#45.024.14.24 palitan mo ip na ito sa ip na gagamitin mo or un vps server ip mo.
acl vpnservers dst 127.0.0.1
acl Safe_ports port 22
acl SSL_ports port 22
acl Safe_ports port 443 # https
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd
#auth_param basic children 5
#auth_param basic realm Squid Basic Authentication
#auth_param basic realm Squid proxy-caching web server
#auth_param basic credentialsttl 2 hours
#acl password proxy_auth REQUIRED
http_access allow localhost
#http_access allow password
#http_access deny all
http_access allow vpnservers
http_access deny !vpnservers
http_access allow all
forwarded_for off
ctrl+o to save enter
ctrl+x exit. balik sa main
restart natin un squid3/rp natin
type this command:
/etc/init.d/squid3 restart
lalabas dyan un waiting medyo matagal mga 2mins.
hanggang sa lumitaw un OK
tandaan mo username at password at port ng squid3/rp mo, IP ng squid3/rp un vps mo na mismo.
Last para malaman mo kung ilang MB/GB/TB na ang na-allocate mo set tayo ng ip tables.
type this command:
for port 3128:
iptables -I OUTPUT -p tcp --sport 3128 -j DROP && iptables -I OUTPUT -p tcp --sport 3128 -m quota --quota 500000000000 -j ACCEPT
for port 8080:
iptables -I OUTPUT -p tcp --sport 8080 -j DROP && iptables -I OUTPUT -p tcp --sport 8080 -m quota --quota 500000000000 -j ACCEPT
for port 443:
iptables -I OUTPUT -p tcp --sport 443 -j DROP && iptables -I OUTPUT -p tcp --sport 443 -m quota --quota 500000000000 -j ACCEPT
for port 22:
iptables -I OUTPUT -p tcp --sport 22 -j DROP && iptables -I OUTPUT -p tcp --sport 22 -m quota --quota 1000000000000 -j ACCEPT
to check kung ilang mb na un sila.
type this command:
iptables -nvL -t filter --line-numbers
to reset capacity all port:
type this command:
iptables -Z OUTPUT
-----------------------------------------------------------------------
Additional tips kung wala ng nakaka access ng squid3/Rp
tapos bigla nag off un squid3/port lagyan natin ng set time auto restart un squid3/rp natin.
tama muna natin un date and time for location.
type this command:
dpkg-reconfigure tzdata
check mo date natin sa server.
type this command:
date
kung mali set mo ito ayusin mo nlang kung anong oras na.
type this command:
date --set 16:30:00
pag okay na date at time.
type this command:
crontab -e
paste mo ito sa pinaka baba last part 12am ng madaling araw mag rerestart ang squid3/RP.
00 * * * * /etc/init.d/squid3 restart >> /var/log/r-squid3.log 2>&1
ctrl+o to save enter
ctrl+x exit. balik sa main
sana may natutunan ka heheh kahit sobrang haba nito.
hits like and follow me.
thank you.
phcorner By jenskiebee.
Para sa mga gusto ng own server ssh and remote proxy/squid.
You do not have permission to view the full content of this post. Log in or register now.
register here add credits para maka gawa ng own server.
pde gamitin ang payment dito:
- Credit Card
- Paypal
- Bitcoin
- Alipay
click mo + to add server:
select server location. Note: ikaw bahala kung ano server location mo gusto
select server type sympre un debian tayo kase for debian7 TUT natin.
select server size. ikaw bahala kung ano size depende sa location kung meron $2.50 na open kase iba close tulad nito kase puno na un server nila for $2.5 nila for SG location server. im selecting $5.00 muna
NOTED: wag ka mag alala per hour deduction nito kahit anong oras pde mo burahin server mo.
next last para created server na.
server hostname & label lagay ka kahit ano gusto mo hostname/label.
then deploy wait mo lang matapos steps niya INSTALLING to MANAGE.
manage server click mo para makita mo un IP at password mo.
then use bitvise ssh client for pc to manage server set up
or juiceSSH for android device to manage server set up
LOG IN muna tayo sa server kunin mo details:
- IP address
- username default: root
- password
- default port niya: 22
use apps bitvise ssh client or juiceSSH.
then log in mo na lalabas ito parang cmd niya.
at ito sftp window, rightside is un mga file ng server mo.
use natin command/cmd ng server.
before change password natin muna un server para madali access..
type this command:
passwd
--enter mo lalabas un Enter new UNIX password:
--lagay ka ng password mo. ex. phcjenskiebee ----enter again
--Retype new UNIX password: phcjenskiebee ---enter again
passwd: password updated successfully
after nyan pag mag log in ka new password na gagamitin mo para madali at TANDA mo.
PART 1
Now mag start na tayo for ssh server.
add new port ssh server add tayo ng 443.
but pde naman di na mag add kase meron na tayo port 22 pde naman gamitin un as DEFAULT
type this command:
nano /etc/ssh/sshd_config
--enter
bandang una lang naman add mo.
port 443 at un default port 22 na.
ctrl+o to save enter
ctrl+x exit. balik sa main
then add tayo ng new user for ssh para magamit natin sa injector.
type this command for add user:
useradd "username mo gusto" ----enter mo
ex. useradd phcjenskie
type this command for fill the password for username phcjenskie:
passwd "username mo gusto" ----enter mo
ex. passwd phcjenskie
Enter new UNIX password: "di nakikita pag nag type ng password"
Retype new UNIX password: "di nakikita pag nag type ng password"
Meron kana account sa SSH server pde muna gamitin sa injector tapos pulot ka ng mga RP/squid dyan.
at sa part 2 dun nadin natin lagyan ng monitor kung ilang mb na gagamit mo sa port ng ssh account mo.
PART 2
Now gagawa naman nayo ng squid/rp mong sarili para di kana namumulot with password.
and ma check mo kung ilang mb na nagamit ng RP/squid.
installing squid3/RP
first update muna tayo.
type this command:
apt-get update && apt-get upgrade -y
---enter mo
type this command:
apt-get install squid3 apache2-utils -y
---enter mo
wait mo lang matapos pag may ok na.
mag add tayo ng files sa loob ng squid3 folder niya with account security.
type this command:
htpasswd -c /etc/squid3/passwd "USERNAMEn gusto mo sa squid3/rp" ---enter mo
ask new password for squid.
ex. htpasswd -c /etc/squid3/passwd jenskiebee
palitan natin ng permission un files na dinagdag natin sa squid forder para maaccess siya.
type this command:
chmod 777 /etc/squid3/passwd
edit natin un config ng squid para new script
pero backup muna tayo ng script
type this command to back up script:
cp /etc/squid3/squid.conf /etc/squid3/squid.conf.bak
type this command to erase content script:
echo '' > /etc/squid3/squid.conf
type this command to write new script:
nano /etc/squid3/squid.conf
lilitaw dyan blank wala naka sulat. then paste mo ito dyan lahat
UPDATED: NOW 2 TYPES OF SQUID/RP
1.THIS SQUID SET UP WITH USERNAME AND PASSWORD - un password at username ito set niyo bago edit un squid file.
http_port 3128
#default lng siya 3128 pde mo palitan port 8080,80 ikaw bahala ang gusto mo port
cache deny all
hierarchy_stoplist cgi-bin ?
access_log none
cache_store_log none
cache_log /dev/null
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl Safe_ports port 22
acl SSL_ports port 22
acl Safe_ports port 443 # https
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd
auth_param basic children 5
#auth_param basic realm Squid Basic Authentication
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl password proxy_auth REQUIRED
http_access allow localhost
http_access allow password
http_access deny all
forwarded_for off
2.THIS SQUID SET UP IS ONLY YOUR IP CAN USE - no need username and password because the set up of allow ip only. NOTE: please read the read letter
http_port 3128
#default lng siya 3128 pde mo palitan port 8080,80 ikaw bahala ang gusto mo port
cache deny all
hierarchy_stoplist cgi-bin ?
access_log none
cache_store_log none
cache_log /dev/null
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl vpnservers dst 45.024.14.24
#45.024.14.24 palitan mo ip na ito sa ip na gagamitin mo or un vps server ip mo.
acl vpnservers dst 127.0.0.1
acl Safe_ports port 22
acl SSL_ports port 22
acl Safe_ports port 443 # https
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/passwd
#auth_param basic children 5
#auth_param basic realm Squid Basic Authentication
#auth_param basic realm Squid proxy-caching web server
#auth_param basic credentialsttl 2 hours
#acl password proxy_auth REQUIRED
http_access allow localhost
#http_access allow password
#http_access deny all
http_access allow vpnservers
http_access deny !vpnservers
http_access allow all
forwarded_for off
ctrl+o to save enter
ctrl+x exit. balik sa main
restart natin un squid3/rp natin
type this command:
/etc/init.d/squid3 restart
lalabas dyan un waiting medyo matagal mga 2mins.
hanggang sa lumitaw un OK
tandaan mo username at password at port ng squid3/rp mo, IP ng squid3/rp un vps mo na mismo.
Last para malaman mo kung ilang MB/GB/TB na ang na-allocate mo set tayo ng ip tables.
type this command:
for port 3128:
iptables -I OUTPUT -p tcp --sport 3128 -j DROP && iptables -I OUTPUT -p tcp --sport 3128 -m quota --quota 500000000000 -j ACCEPT
for port 8080:
iptables -I OUTPUT -p tcp --sport 8080 -j DROP && iptables -I OUTPUT -p tcp --sport 8080 -m quota --quota 500000000000 -j ACCEPT
for port 443:
iptables -I OUTPUT -p tcp --sport 443 -j DROP && iptables -I OUTPUT -p tcp --sport 443 -m quota --quota 500000000000 -j ACCEPT
for port 22:
iptables -I OUTPUT -p tcp --sport 22 -j DROP && iptables -I OUTPUT -p tcp --sport 22 -m quota --quota 1000000000000 -j ACCEPT
to check kung ilang mb na un sila.
type this command:
iptables -nvL -t filter --line-numbers
to reset capacity all port:
type this command:
iptables -Z OUTPUT
-----------------------------------------------------------------------
Additional tips kung wala ng nakaka access ng squid3/Rp
tapos bigla nag off un squid3/port lagyan natin ng set time auto restart un squid3/rp natin.
tama muna natin un date and time for location.
type this command:
dpkg-reconfigure tzdata
check mo date natin sa server.
type this command:
date
kung mali set mo ito ayusin mo nlang kung anong oras na.
type this command:
date --set 16:30:00
pag okay na date at time.
type this command:
crontab -e
paste mo ito sa pinaka baba last part 12am ng madaling araw mag rerestart ang squid3/RP.
00 * * * * /etc/init.d/squid3 restart >> /var/log/r-squid3.log 2>&1
ctrl+o to save enter
ctrl+x exit. balik sa main
sana may natutunan ka heheh kahit sobrang haba nito.
hits like and follow me.
thank you.
phcorner By jenskiebee.
Attachments
-
You do not have permission to view the full content of this post. Log in or register now.
Last edited: