Home Download Debian

Upgrade Linux Kernel from source in Debian 6.0

After I have made a Kernel upgrade from backports repositories, I didn' like the testing Kernel. I needed the latest stable one. The only option available was to upgrade from the source.

Installing Linux Kernel from source


Installing dependencies:

apt-get install gcc
apt-get install libncurses5-dev

Download Linux Kernel

wget http://www.kernel.org/pub/linux/kernel/v3.0/linux-3.5.2.tar.bz2

change the Kernel version accordingly to one that is the latest stable version

Move the source to /usr/src/

mv linux-3.5.2.tar.bz2 /usr/src/

cd /usr/src/

Untar it

tar -xvf linux-3.5.2.tar.bz2

cd linux-3.5.2

Compile it

make menuconfig

make

this will take a long time

make zImage

if it doesn't work, use make bzImage

Create Debian packages

make deb-pkg

after this, you should have some .deb packages in parent folder.

Install the linux image

cd ..
dpkg -i linux-image-3.5.2_3.5.2-3_i386.deb

Testing the new Kernel

Reboot the system. You should have 2 more entries in Grub2 startup menu. The first ones are the new kernel. After system startup check the kernel version:

uname -r

it should say 3.5.2. Your version may be different.

Resources: newbiedoc.sourceforge.net/system/kernel-pkg.html, Linux Kernel, www.asteriskguru.com, www.tux.org/~tbr/

Updating DHCP IP address under Debian

DHCP (Dynamic Host Configuration Protocol) is a network protocol used by client computers to assign an IP address automatically. If there is a valid configuration in /etc/network/interfaces file and there is a DHCP server or a router in your LAN, an IP address will be assigned to you during system boot. But if the network card is down or we don't have a valid configuration in /etc/network/interfaces file on system boot, we can assign manually an IP address.

dhclient eth0

- eth0 is the network card the IP address will be assign to

If everything worked, no message will be displayed. To list our new IP address, we need to run ifconfig eth0.

Resources: serverfault.com

Upgrading Debian Kernel

I was having some problems with my newest ethernet NIC Atheros AR8151-B in Kernel 2.6.32.xx in Debian Squezee 6.0.5. I have found a usefull post about this.

To find out what version of kernel you are using:

uname -a

it should say something like Linux debian 2.6.32.xx #1 SMP Fri Jun 29 20:42:29 UTC 2012 x86_64 GNU/Linux

Upgrading Debian Kernel

1. Edit sources.list file and add the following line:

deb http://backports.debian.org/debian-backports squeeze-backports main

2. Update the repositories list

apt-get update

3. Find the name of the newest linux-image:

apt-cache search linux-image

you should see something like this linux-image-3.2.0-0.bpo.2-amd64 - Linux 3.2 for 64-bit PCs. Your version will certainly will be different.

4. Install the latest Kernel found (it will automatically install the required dependencies)

apt-get install -t squeeze-backports linux-image-3.2.0-0.bpo.2-amd64

After a successfull install, reboot. You should see 2 different versions of Debian on Grub Interface.

Resources: ticketing.nforce.com

Disable Popularity Contest

When I have install Debian, popularity-contest asked me about a permission to send out to developers some anonymous packages usage. I sayed yes and forget about it. If you said yes and want to disable it:

dpkg-reconfigure popularity-contest

and answer no.

Block brute force FTP attacks with iptables

If you leave your FTP server to listen on port 21, you will end up dictionary based brute force attacked. If you don't want to consider changing the port, you should add some rules to iptables to limit the connection per minute / ip, making the life harder for an attacker.

sudo iptables -A INPUT -i eth0 -p tcp --dport 21 -m state --state NEW -m recent --set --name FTPCON
sudo iptables -A INPUT -i eth0 -p tcp --dport 21 -m state --state NEW -m recent --update --seconds 60 --hitcount 8 --rttl --name FTPCON -j DROP

Explanation: the first line identifies and names all the NEW connections ending up on port 21, interface eth0; the second line limits the NEW connections to 8 hits per minute by dropping them. This line should be among your first lines of iptables firewall rules and before the allow FTP rule (if you have one).

If you would like to log all the FTP connections that are dropped:

sudo iptables -A INPUT -i eth0 -p tcp --dport 21 -m state --state NEW -m recent --set --name FTPCON
sudo iptables -A INPUT -i eth0 -p tcp --dport 21 -m state --state NEW -m recent --update --seconds 60 --hitcount 8 --rttl --name FTPCON -j LOG --log-prefix 'FTP REJECT: '
sudo iptables -A INPUT -i eth0 -p tcp --dport 21 -m state --state NEW -m recent --update --seconds 60 --hitcount 8 --rttl --name FTPCON -j DROP

The logging file should be /var/log/syslog.

Note: These rules will not work after the next reboot, you will have to reload them at each start. My choice is a startup script.

Resources: serverfault.com, kevin.vanzonneveld.net

Installing TeamSpeak server on Debian

TeamSpeak is a proprietary Voice over IP software that allows computer users to speak on a chat channel with fellow computer users, much like a telephone conference call. A TeamSpeak user will often wear a headset with an integrated microphone. Users use the TeamSpeak client software to connect to a TeamSpeak server of their choice, from there they can join chat channels and discuss things.

The target audience for TeamSpeak is gamers, who can use the software to communicate with other players on the same team of a multiplayer game. Communicating by voice gives a competitive advantage by allowing players to keep their hands on the controls. (wikipedia)

Installing TeamSpeak server

1. After logging in as root, we create a new user called teamspeak. For security reasons, this user will create an instance of Teamspeak at each system startup.

useradd -d /home/teamspeak teamspeak

/home/teamspeak will be user's home folder.

2. Download the latest version of Teamspeak from http://www.teamspeak.com/?page=downloads (change the filename accordingly).

wget http://teamspeak.gameserver.gamed.de/ts3/releases/3.0.3/teamspeak3-server_linux-x86-3.0.3.tar.gz -O teamspeak3-server_linux-x86-3.0.3.tar.gz

3. unpack the file

tar -zxvf teamspeak3-server_linux-x86-3.0.3.tar.gz

4. change directory

cd teamspeak3-server_linux-x86

5. run the startup script

./ts3server_minimal_runscript.sh

Warning: as this is the first time you will run the Teamspeak, it will provide you with some credentials required to manage your server. Write down the useraname (mine was serveradmin) and password (mine was 1I8QFi4f), and also the token (mine was t765VBfyu75viuytOVukgyAuH1VXRZWjC).

6. stop the Teamspeak server by pressing CTRL+C (as in ^C)

7. change the owner of Teamspeak folder

chown teamspeak:teamspeak teamspeak3-server_linux-x86 -R

8. create a startup script

nano /etc/init.d/ts3

9. paste in

#!/bin/sh

USER="teamspeak"
TS3='/home/username/teamspeak3-server_linux-x86'
STARTSCRIPT="$TS3/ts3server_startscript.sh"

cd $TS3

su $USER -c "$STARTSCRIPT start"

change /home/username/teamspeak3-server_linux-x86 with the path where you have unpacked the archive at step 3

10. make the script executable
chmod +x /etc/init.d/ts3


11. add our script to system startup

sudo update-rc.d ts3 defaults

12. usefull commands

to see if Teamspeak is running

top -u teamspeak

to send kill signal

kill -9 4977

where 4977 is the pid shown in top -u teamspeak

Install Webmin to Debian server

Webmin is a web interface for configuring your linux box. Using any modern web browser, you can setup user accounts, Apache, DNS, file sharing and much more, and all can be done remotely.

Install required libraries:

apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python python-minimal libapt-pkg-perl perl-base perl-modules

Now we can download the latest webmin archive (this might change in time). We choose debian package .deb

wget http://www.webmin.com/download/deb/webmin-current.deb

Install webmin by typing:

dpkg -i webmin-current.deb

Stop the server if webmin started:

/etc/webmin/stop

Edit the users file:

nano /etc/webmin/miniserv.users

and add:

username:x:0

replace username with your username that can run commands as root (mine was actually root).

Start server:

/etc/webmin/start

Now you can access webmin by putting this adress into your browser:

https://[your_server_IP_address]:10000

After login if you see only system information in webmin, you need to reinstall webmin:

dpkg --remove webmin
rm -r /usr/share/webmin/
dpkg --install webmin-current.deb

Resources: install webmin, www.linuxquestions.org, sourceforge.net