this objectives is to visualize my logs like fail2ban, vpn & co using elasticsearch/kibana/logstash
i will describe how to install and configure elasticsearch stacks on debian 8
this objective is to have an architecture looking like this as i deployed several time :
Elasticsearch & Suricata. I won't go into details about "App server" in this topic but i will probably add more and more over time. Suricata is only an example of an "App".
thanks to the very good https://www.digitalocean.com i improve some of my architecture. I will try to give you another point of view about these kinds of architecture and how to deploy it.
This tutorial is made for you to be able to test how to do SSH over a standard https SSL/TLS connection (at least for the CONNECT). the objective is to understand how it's working and to be able for you to make a POC if you want to. I'm not responsible for what purpose you are using it to. most of this tutorial was possible thanks to the hard work of blog.chmd.fr
this tutorial is definitely doable on a Raspbeery Pi
do not hesitate to let me a comment to ask questions.
Why using back up on a personal scale ? because at home in my Synology NAS i got all my photos and important files. I got a RAID 5 in case of HD failure, but what happen if my house burn or if i got robbed ? for these kinds of risks i decided to set in place a remote back up roughly once a month.
So I was during a while backuping part of my Synology to a friend's Synology. But this friends has a very low maintenance level of his Synology!! So, for reason unknown, my backuped failed most of the time ...
So i recently decided to look for another solution. I first thought of using this web server as a Rsync backup, but the cost would have been too high. Indeed it's a hosted server not aiming to backup lot of files. I'm mostely backuping my Photos and some important Files: Roughly 30GB, but over time it will grow obvisouly.
So during my search i found several different type of solution and i chose to look more closely into Amazon Backup Glacier: It's very low cost, and for my needs the price would be negligeable... Take my word carefuly for the moment since I just start to use it yesterday ! I will come back to edit my saying if i'm wrong!
one of the advantage of amazon glacier, is that it's 100% compatible with your Synology: "There is an App for it !" ;)
i know some people will say we should start using ipv6 ! ... and i'm mostly agree with them ... BUT i'm still no expert with ipv6 and i have WEEEEIIIIRD behavior on my network because of it ...
so for the moment i'm trying to disabled it on all my new jessie.
To do so just edit your /etc/sysctl.conf file and add these lines :
After editing sysctl.conf, you should run sysctl -p to activate changes or reboot system.
there is several options to have a remote access to your home network using your iphone. you can use builtin function VPN : pptp (http://www.howtogeek.com/51237/setting-up-a-vpn-pptp-server-on-debian/) or you can use openVPN application. we will talk about this second point on this tutorial. Of course the objective is to do it without any jailbreak or whatever.
the objective is to be able to use your home network services without directly exposing them to Internet like :
- NAS server for photos, documents & Co
as a openVPN server you can use a RaspberryPi