Dustin Larmeir's tech blog.
Posts tagged Linux
Setting up a pptp vpn server on Debian and Ubuntu
Mar 20th
Yesterday I decided to setup a vpn server so a friend and I could play some coop mode on call of duty 5. This was so easy to setup I thought I would share it with the rest of the world:
Step 1. Installing pptpd – the pptpd is the daemon that runs the pptp server. To install this just use apt-get:
$ apt-get install ssh pptpd -y
Step2. Next you will need to modify the pptpd.conf
$ vi /etc/pptpd.conf
Then scroll down to the bottom and modify the following lines with the subnets you would like assigned:
# (Recommended) #localip 192.168.0.1 #remoteip 192.168.0.234-238,192.168.0.245 # or localip 192.168.2.0 remoteip 192.168.2.2-238,192.168.2.245
Step 3. The vpn server is now configured and now you must setup authenticated users:
$ vi /etc/ppp/chap-secrets
The config file is very straight forward and I have an example of a user included:
# Secrets for authentication using CHAP # client server secret IP addresses clown pptpd bigshoes "*"
Step 4. When pptpd was installed it started automatically so we will need to restart it to apply the changes:
$ /etc/init.d/pptpd restart
Then just to make sure all is good lets check to make sure the service is listening:
$ netstat -anp | grep pptpd tcp 0 0 0.0.0.0:1723 0.0.0.0:* LISTEN 7565/pptpd unix 2 [ ] DGRAM 15781 7565/pptpd
If you see a listen on port 1723 you are ready to connect.
Optional: Now, if you would like to add internet access over this vpn, you can do this:
$ vi /etc/sysctl.conf
and find the line for ipv4 forwarding and make sure it = 1:
# Uncomment the next line to enable packet forwarding for IPv4 net.ipv4.ip_forward=1
The use iptables to get the net forwarded:
$ /sbin/iptables -P FORWARD ACCEPT $ /sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE
Optionally you can install bind9 and have a DNS resolver you can use for the vpn connection:
$ apt-get install bind9 -y
Then start it:
$ /etc/init.d/bind9 start
The configuration of the vpn client that is connecting can be modified to use this DNS resolver now to allow for more control.
Connecting to the vpn from a Windows 7 client ( Click images to zoom in):
Step 1. Open the Network and Sharing center
Step 2. Set up a new connection or network
Step 3. Connect to a workplace
Step 4. No create a new connection if other connections exist
Step 5. Use my internet cconnection:
Step 6. Enter the internet address and name of the vpn connection
Step 7. Enter the username and password:
Step 8. Connect!!
This should pretty much cover all you need for the installation of a basic Debian or Ubuntu PPTP vpn server. Enjoy!
Bittorrent for RedHat Enterprise 5 – Packaged with installer
Nov 7th
Anyone who uses RedHat enterprise will find that plugging into third party repositories to get non standard software is risky. Today I needed to install bittorrent and noticed that the redhat enterprise 5 repository does not have what I need. Well, I got the packages needed and built a installer so that anyone using RedHat Enterprise 5 can install bittorrent easily.
————-
Instructions:
login as root or su
wget http://larmeir.com/downloads/rhel5-bitorrent.tar.gz
tar xvzf rhel5-bitorrent.tar.gz
cd bittorrent-rhel5
sh bt-install.sh
————
And that is it! You will have a fully working bittorrent installation. You can find the commands in /usr/bin
# ls /usr/bin/ | grep bit
bittorrent-console*
bittorrent-curses*
bittorrent-tracker*
To start downloading a torrent us bittorrent-curses
/usr/bin/bittorrent-curses (url or path to torrent with no brackets)
Enjoy! – Dustin
Server was down for a few hours. Did some security hardening procedures.
Jun 2nd
I took the server offline for a few hours today to make some improvements on security. My server has been bombarded by ssh & ftp bruteforce attacks, http based exploit attempts, and general exploits. I work hard to keep my server patched and locked down but you can never be too careful. I am also in the process of writing some shell scripts that will let me know when people are being bad and notify me 
