In our first app we will use Express framework. Express is a minimal and flexible Node.js web application framework that provides a robust set of features for web and mobile applications. To install express use command:
npm install express
Node.js – Lesson 2: Start server, install dependencies
Next step of creating Node.js application is installing additional frameworks and dependencies that facilitate work with the project.
In our lesson we will use popular web framework “Express” and utility “Nodemon”, that will monitor for any changes in your source and automatically restart your server.
To install this dependencies in console write commands:
npm install express npm install -D nodemon
Flag -D means that this is developer dependency and it not used in production project.
In section “scripts” write create script “start” and “dev”:
"start": "node index.js", "dev": "nodemon index.js"
Node.js – Lesson 1: Create first application
First of all You need to install Node.js. On Windows computers go to https://nodejs.org/en/ website, download latest version and install it.
On Linux (Debian, Ubuntu Mint) add PPA repository of Node.js:
curl -sL https://deb.nodesource.com/setup_12.x | sudo -E bash -
And install nodejs package
sudo apt-get install nodejs
To check Node.js version use command:
node -v v12.18.3
Now let’s create new application. We will use Visual Studio Code editor. Open terminal and initialize NPM by command:
npm init
This command will create package.json configuration file. This file contains information about all packages, used in application.
How to create and compare md5 checksum of files
To create md5 checksum of all files in folder use command:
md5sum /etc/*
This comment will show all md5 checksum in /etc directory:
To write this checksum in text document use command:
md5sum /etc/* >> /file.txt
To compare checksum of files in folder with checksum of files in text document use command:
md5sum -c /file.txt
If checksums match, near the file will be record “Success”, it means that the file has not changed. Otherwise it means that the file was edited by someone.
To check your system, regularly create checksum files for directories: /etc, /bin, /sbin, / lib
Use md5sub recursive in sub-directories
If You want to create md5 checksum of all files in all sub-directories use next command, it will create md5 checksum of all files in /etc directory:
find -type f -exec md5sum '{}' \; > md5sum.txt
Send Passwords and Restricted Data Securely
Never send your passwords and restricted data openly to other people! All social networks and messengers always save your data on servers and some third persons possibly can read your messages.
If you need to send secret data – send encrypted link that can only be viewed once. Don’t write from which service is this password, tell it to other person by phone or in other messenger.
In this case, the connection between the service and the password is broken and no one will be able to get the password, except to whom you sent the message.
One of such service, that encrypt your messages and delete it immediately after reading is: One Time Self Destructing Links (https://note.uax.cloud/en)
This service with open source and MIT license encrypt your message and generate special URL link, that you can send in social network or messenger to other people, after reading your message it will be automatically destroyed and no one will be able to read your message again.
Cambium ePMP 1000 configure 30 km wireless link
To build 30 km point-to-point wireless connection on speed 100 Mbit/s we used two Cambium ePMP 1000 and two 27 dBi parabolic MIMO antennas.
To create point-to-point wireless link we need to configure first antenna as Access Point and the second antenna as Station. First of all make sure there are no interference in front of the antennas:
Let’s configure access point, to log in to the configuration panel open in your web browser address: 192.168.0.1 (Access Point) or 192.168.0.2 (Station). By default enter login: admin and password: admin
We will configure our link based on this schema:
On Access Point select SSID, your country code, work frequency, channel width (20 or 40 mHz) and security password:
Also to achieve the best result select TDD wireless protocol.
On the other side on Station antenna select the same parameters, but in Radio Mode select Subscriber Module.
Don’t forget to change default administrator passwords on both antennas and change your own static or dynamic IP addresses.
On page Monitor->Wireless make sure that your Station connected to Access Point:
Mikrotik – block access between two networks
We have two local networks on Mikrotik router, for example:
Network1: 192.168.1.0/24 on ether1 interface
Network2: 192.168.2.0/24 on ether2 interface
Let’s prevent access between devices of this two networks.
In Mikrotik terminal go to Firewall Filter:
/ip firewall filter
And create this two rules:
add chain=forward action=drop src-address=192.168.2.0/24 dst-address=192.168.1.0/24 add chain=forward action=drop src-address=192.168.1.0/24 dst-address=192.168.2.0/24
That’s all, now Mikrotik will block all traffic from computers in Network1 to computers in Network2 and from Network2 to Network1.
All other traffic to Internet will be working normally.
If You want to block traffic only from Network2 to Network1 – write only one rule:
add chain=forward action=drop src-address=192.168.2.0/24 dst-address=192.168.1.0/24
Mikrotik firewall DNS attach prevent
If You have white IP on Your mikrotik You can watch high transmit traffic on the WAN interface.
To prevent this – block DNS traffic to 53 port on Your WAN interface (IP > Firewall > Filter):
On graph we can see that after blocking 53 port transmit traffic fell from 25 Mbit/s to 5 Mbit/s:
How To Set Up Apache Virtual Hosts on Ubuntu Linux
You will need to have Apache installed in order to work through these steps. If you haven’t already done so, you can get Apache installed on your server through apt-get:
sudo apt-get update sudo apt-get install apache2
For example let’s create virtual Apache host test.host. Create host directory:
sudo mkdir -p /var/www/test.host/public_html
Now we have the directory structure for our files, but they are owned by our root user. If we want our regular user to be able to modify files in our web directories, we can change the ownership by doing this:
sudo chown -R $USER:$USER /var/www/test.host/public_html
We should also modify our permissions a little bit to ensure that read access is permitted to the general web directory and all of the files and folders it contains so that pages can be served correctly:
sudo chmod -R 755 /var/www
Virtual host files are the files that specify the actual configuration of our virtual hosts and dictate how the Apache web server will respond to various domain requests.
Apache comes with a default virtual host file called 000-default.conf that we can use as a jumping off point. We are going to copy it over to create a virtual host file for each of our domains.
We will start with one domain, configure it, copy it for our second domain, and then make the few further adjustments needed. The default Ubuntu configuration requires that each virtual host file end in .conf. Start by copying the file for the first domain:
sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/test.host.conf
Open the new file in your editor with root privileges:
sudo nano /etc/apache2/sites-available/test.host.conf
Change this file look something like this:
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName test.host
ServerAlias www.test.host
DocumentRoot /var/www/test.host/public_html
<Directory /var/www/test.host/public_html>
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Now that we have created our virtual host files, we must enable them. Apache includes some tools that allow us to do this.
sudo a2ensite test.host.conf
Next, disable the default site defined in 000-default.conf:
sudo a2dissite 000-default.conf
When you are finished, you need to restart Apache to make these changes take effect:
sudo service apache2 restart
Mikrotik create SSTP server
1. Create CA certificate on Mikrotik:
On tab “Key Usage” leave only crl sign and key cert. sign
2. Create server certificate:
On tab “Key Usage” uncheck all options:
3. Open certificate CA and Sign it:
CA CRL Host – host where your certificate will be checked, write there IP address or domain name of Your Mikrotik.
Field CA need to be empty.
4. Now we signed root certificate, let’s sign Server certificate: open Server certificate, click Sign, in field CA select certificate CA.
That’s all we created our certificates, now let’s create SSTP Server on Mikrotik
5. Creating SSTP Server on Mikrotik.
And now create Your user profile: go to PPP > Secrets, click Add (+) and write user name, password, service, IP address like on screenshot:
Configure SSTP client in Windows 10
First go to the System > Certificates and Export CA certificate:
Download certificate from Mikrotik > Files to Your PC and install it:
Now create new VPN connection:
Also You can use this SSTP connection in Linux – How to install SSTP Client in Linux read in this article: Connect to SSTP server from Linux