Port forwarding on CISCO and Huawei Routers

The main objective of this article is to find out a simple port forwarding technique that uses two rather popular routers. As shown in this picture, let see how we can access a local network from a remote one, and then access that IP via port forwarding. For this configuration, we will be using CISCO and HUAWEI routers.

To forward a port on a CISCO system, we’ll have to access the firewall and its subcategory “Single Port Forwarding” to assign a necessary port to forward. Here I have assigned any traffic that’s coming outside of WAN to be forwarded to port 1815 and the IP address 192.168.1.104 in LAN. I have labelled it as IPCAM under the Application column.

Complete Video stream can not be seen for a local site if you haven’t enabled Remote management, HTTP and UPnP. Even, UPnP is giving us a better infrastructure to communication, by enabling it gives us an additional risk through outside hacking. It is not always wise to enabling UPnP without a reasonable explanation.

On this router, I have forwarded a port by assigning a Virtual Server (IPCAM). As in the previous router, WAN port 1815 – I have direct it into LAN port 1815 with IP 192.168.8.101.

The Universal Plug and Play (UPnP) service allow intelligent connection between two UPnP devices through port forwarding. UPnP devices can obtain IP addresses automatically and access the Internet dynamically. Although, UPnP does all of these magical things- enabling it is a great security risk, and should only be activated if absolutely necessary.

Finally, go to the Local Network, and issue the following (http://wan_ip:1815) to access the IP cam in Remote Network. Now you can access the IPCam by entering its username and password.

Clamav Antivirus on Linux OS

ClamAV is an open-source antivirus that is compatible with many operating systems, including CentOS 8. Linux is resistant to viruses most of the time, but it’s still susceptible to attacks. So, installing an antivirus on Linux gives it an additional layer of protection, especially on mail servers and other commercial servers.

Before installing ClamAV, make sure to download and enable the EPEL repositories on the machine. If not, use the following command below.

Then install ClamAV and its update tool, ClamAV-update.

Make sure to adjust the SELinux Booleans appropriately, as mentioned below.

• To enable the antivirus program to scan no secure content in the system, we will need to enable the “antivirus_can_scan_system” boolean as follows. However, it is disabled by default.

• In addition to that, to enable JIT (just-in-time) compile setup, it is important to enabling “antivirus_use_jit” boolean as shown in below. By default, it is also disabled.

Now Make sure the database is updating (DatabaseMirror database.clamav.net), and logs are writing (LogSyslog yes) by checking (correct configurations) the “/etc/freshclam.conf.” And then update the database as follows.

If you need to, download the virus signature from EICAR (European Institute of Computer Anti-virus Research) as I have done here for testing purposes.

Finally, scan for viruses. Once you have finished, ClamAV will notify you about the result of the scan. For further configurations, refer to the related man pages for “clamscan.”

Here, it scans infected files recursively throughout the machine (/).

Scan results show that there is one infected file on the system.

Reference

• antivirus_selinux (8) – Linux Man Pages

https://www.systutorials.com/docs/linux/man/8-antivirus_selinux/

• Refer the man pages of clamdscan(1), freshclam(1), freshclam.conf(5).

Update My Existing Repositories in Github via New Machine or Clone someone’s repository in GitHub using the command line.

Downloading and uploading repositories is very easy, it is just a few clicks, but let see how do we do it in the command line.

Step 1

Install git one new machine.

[root@L2 ~]# yum install git

Step 2

Create a folder named: “stage2” under root.

[root@L2 ~]# mkdir stage2

[root@L2 ~]# tree /root/

/root/

├── anaconda-ks.cfg

├── original-ks.cfg

└── stage2

Step 3

Next, change the directory to “stage2” and run the git initialize command.

[root@L2 ~]# cd stage2/

[root@L2 stage2]# git init

Initialized empty Git repository in /root/stage2/.git/

Step 4

Clone the repository, my_linux_notepad, with a new machine.

Then it will copy all the content in my_linux_notepad (repository in GitHub) into a stage2 folder.

Step 5

Change directory to my_linux_notepad and make necessary changes to existing files or add or remove files from to it.

Step 6

Git adds, commits and pushes into the master branch.

An update can be seen in GitHub as follows.

Important Links in Linux

• CentOS Mirrors

• Oracle Linux 8

• Oracle Linux 8 (x86_64) BaseOS Latest

• The Linux System Administrator’s Guide

• The CentOS Project (All)

• Welcome to the RPM repository on fr2.rpmfind.net (Packages)

• Packages Search for Linux and Unix (Packages)

• Linux.org (All)

• EPEL(Repositoies)

• Fedora Project Wiki (All)

• Welcome to Fedora Package Sources

• Die.net (Online Manuals)

• GitHub Sign In

• Bitbucket Sign In