Home Research Personal activity Linux & Security Link

  Setting up Linux firewall using IPTABLE.

   As the system administrator of our lab, setting up a Linux gateway/NAT and put every machine behind it is the most profitable effort I have done. After setting up the gateway, all of our dozens of Linux and Windows computers are behind the firewall/NAT with private IP addresses. For security, I only need to patch several services' vulnerabilities, such as Email, Web, SSH, on two or three special servers in our lab. Beyond that, I don't need to upgrade or patch any of our computers except after a serious worm incident, such as Blaster (During the Blaster incident, no vulnerable computers in our lab were infected because of their inaccessible private IP addresses). 

   Before IPv6 is implemented, using NAT with inaccessible private IP addresses is an effective defense against scan-based worms, such as Code Red, Slammer, Blaster, etc. Current IPv4 is too small and too easy to be attacked by any scan-based worm --- for the technical detail, please see our paper "Routing Worm: A Fast, Selective Attack Worm based on IP Address Information".

  Automatic backup through SSH.

    This SSH backup script will let Backup server to initiate the SSH connection, which makes the backup server more secure than ordinary way (usually people will let other computers to initiate the SSH connection to Backup server).

  Linux administration notes.

    As the administrator of our lab, I often need to deal with some problems in Linux. After I find the answer, I put them into my notes. Here is my notes.

  Writing Latex Documents under Windows.

    Windows is easier to use than Linux while Latex is easier, more elegant and professional than MS Word to write academic paper. Here I introduce a way to write Latex paper under Windows conveniently.

  Latex source files for some of our papers

    Writing Latex paper is a learning process. I have learned a lot in these two years when writing papers. There are many small tips or tricks you need to accumulate, and you will find that writing latex paper becomes easier and easier as you have collected many templates or examples. Here I put the latex sources files of some papers of us, hoping that you can find examples and templates helpful for you.

  Using SSH to connect VNC Viewer on Windows to Linux Server

    I have installed VNC in the Linux servers in our lab, which are in the private network behind a Linux gateway. Our users want to use their Windows laptops to have X-windows connection to these Linux servers from any place on the Internet. To ensure security, this document tells our users how to set up VNC viewers and SSH on their Windows machines to have secure VNC connection.