Linux How to use, Tutorials and scripts; Guides

netstat Netstat, like ps, is a Linux tool that administrators use every day. It displays a lot of network related information, such as socket usage, routing, interface, protocol, network statistics, and more. Some of the most commonly used options are: -a Show all socket information -r Show routing information -i Show network interface statistics -s Show network protocol statistics ============= [root@server1 ~]# netstat -s Ip:     15052515222 total packets received     2847931 with invalid headers     14 with invalid addresses     15024657038 forwarded     0 incoming packets discarded     22028450 incoming packets delivered     15055903966 requests sent out     2633 outgoing packets dropped     260 dropped because of missing route     10469 fragments dropped after timeout     5600773 reassemblies required     2727990 packets reassembled ok     10469 packet reassembles failed     2710586 fragments received ok     128 fragments failed     5553326 fragments creat

To check php extension grep extension /usr/local/lib/php.ini ==================================== php -m | grep -i mcrypt grep -i mcrypt /usr/local/lib/php.ini ============================== Would you be able to uninstall and reinstall Source Guardian on the server to see if the error ceases to occur? Code: /scripts/phpextensionmgr uninstall SourceGuardian /scripts/phpextensionmgr install SourceGuardian

Now you've download the template for your virtual machine. You can just start a VPS based on the template you have just downloaded, by typing the following commands: # vzctl create 10 --ostemplate ubuntu-9.04-x86_64 vzctl set 10 --onboot yes --save ### Set IP for VPS ### vzctl set 10 --ipadd 192.168.1.5 --save ### Set Nameservers IP for VPS ### vzctl set 10 --nameserver 192.168.1.111 --save vzctl set 10 --nameserver 192.168.1.111 --save ### Set Hostname IP for VPS ### vzctl set 10 --hostname vps.nixcraft.in --save ### Set Disk quota for VPS (10G min [soft] and 11G max hard limit) ### vzctl set 10 --diskspace 10G:11G --save ### Okat let start it ### vzctl start 10 ### Set root user password for VPS ### vzctl exec 10 passwd vzctl is used to create and set various vps properties such as memory, disk usage and much more. Where,     create 10 : Your VPS ID.     --ostemplate ubuntu-9.04-x86_64 : VPS template.     --config vps.ubuntu: Save confi

To login (from unix shell) use -h only if needed. # [mysql dir]mysql  -u username -p Create a database on the sql server. mysql> create database [databasename]; List all databases on the sql server. mysql> show databases; Switch to a database. mysql> use [db name]; To see all the tables in the db. mysql> show tables; To see database’s field formats. mysql> describe [table name]; To delete a db. mysql> drop database [database name]; To delete a table. mysql> drop table [table name]; Show all data in a table. mysql> SELECT * FROM [table name]; Returns the columns and column information pertaining to the designated table. mysql> show columns from [table name]; Show certain selected rows with the value “whatever”. mysql> SELECT * FROM [table name] WHERE [field name] = “whatever”; Show all records containing the name “Bob” AND the phone number ’3444444′. mysql> SELECT * FROM [table name] WHERE name = “Bob” AND

Exim Commands Introduction: Here are some useful things to know for managing an Exim  server. Message-IDs and spool files. The message-IDs that Exim uses to refer to messages in its queue are mixed-case alpha-numeric, and take the form of: XXXXXX-YYYYYY-ZZ. Most commands related to managing the queue and logging use these message-ids. There are three -- count 'em, THREE -- files for each message in the spool directory. If you're dealing with these files by hand, instead of using he appropriate exim commands as detailed below, make sure you get them all, and don't leave Exim with remnants of messages in the queue. Files in /var/spool/exim/msglog contain logging information for each message and are named the same as the message-id. Files in /var/spool/exim/input are named after the message-id, plus a suffix denoting whether it is the envelope header (-H) or message data (-D). These directories may contain further hashed subdirectories to deal with larger

IPTABLES:- =================== To open a port in iptables:- iptables -A INPUT -p tcp --dport 3306 -j ACCEPT iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT We can go ahead and break this down: -A tells the IP table to append a rule to the table. INPUT designates this rule as part of the Input chain. -m conntrack followed by the --cstate ESTABLISHED,RELATED guarantees that the result of this rule will only apply to current connections and those related to them are allowed -j ACCEPT tells the packet to JUMP to accept and the connections are still in place. Let’s assume that we want to block all incoming traffic, except for those coming in on 2 common ports: 22 for SSH and 80 for web traffic. We proceed by allowing all traffic on the designated ports with the following commands:  iptables -A INPUT -p tcp --dport ssh -j ACCEPT  iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --destination-port 6881:6999 -j ACCEPT  In b

It has become popular now days to receive incoming attack from foreign server, with the only goal to discard all access/connections to your server. Those attacks are generally call “DoS” or “Denial of Service” attack. SYN flood or SYN attack is a denial-of-service method affecting hosts that run TCP server processes. The attack takes advantage of the state retention TCP performs for some time after receiving a SYN segment to a port that has been put into the LISTEN state. The basic idea is to exploit this behavior by causing a host to retain enough state for bogus half-connections that there are no resources left to establish new legitimate connections (RFC4987). SYN flood is relatively hard to mitigate, and that's why very popular. Why? It often uses random source IPs which cannot be banned, as they are generated in each packet; It consumes little resources on the attacker side and lots of on the victim’s; The protection is quite complex, full of nuances and req

[root@openfire~]# rpm -ivh openfire-3.7.1-1.i386.rpm  Now it's time for database, you can use your desired database like, mssql, oracle etc... i  use MySQL for this tutorial. Let's install MySQL thencreate a database named 'openfire' and an user 'admin'. If you want feel difficult with external databases, you can also use the embedded database. [root@openfire~]# yum install mysql-server [root@openfire~]# mysql -u root -p Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> create database openfire; Query OK, 1 row affected (0.00 sec) mysql> create user admin@localhost identified by 'passwd'; Query OK, 0 rows affected (0.00 sec) mysql> grant all on openfire.* to admin@localhost identified by 'passwd'; Query OK, 0 rows affected (0.00 sec) DB has been created just  check it by logging in to  it with specified user to confirm. [root@openfire~]# mysql -u admin -p

SFTP:- Using the sftp we can transfer the file without installing the Vsftp on server. 1) Create a group : groupadd sftpgroup 2) Create a user : useradd -g sftpgroup -d /home/mysftpuser -s /sbin/nologin mysftpuser 3) Open /etc/ssh/sshd_config file and comment following line    #Subsystem      sftp    /usr/libexec/openssh/sftp-server 4) Add following lines to /etc/ssh/sshd_config     Subsystem      sftp    internal-sftp     ChrootDirectory /home/%u 5) Save and exit from /etc/ssh/sshd_config file 6) Restart sshd service 7) Try to login from server/client machine [nginx_test:main.LINUX5 ~]# sftp mysftp@127.0.0.1 Connecting to 127.0.0.1... mysftp@127.0.0.1's password: sftp> sftp> pwd Remote working directory: /

About vsftpd The first two letters of vsftpd stand for "very secure" and the program was built to have strongest protection against possible FTP vulnerabilities.  Step One—Install vsftpd You can quickly install vsftpd on your virtual private server in the command line: yum install vsftpd We also need to install the FTP client, so that we can connect to an FTP server: yum install ftp Once the files finish downloading, vsftpd will be on your VPS. Generally speaking, the virtual private server is already configured with a reasonable amount of security. However, it does provide access to anonymous users. Step Two—Configure VSFTP Once VSFTP is installed, you can adjust the configuration. Open up the configuration file: vi /etc/vsftpd/vsftpd.conf One primary change you need to make is to change the Anonymous_enable to No: anonymous_enable=NO Prior to this change, vsftpd allowed anonymous, unidentified users to access the VPS's files. This is useful if you are

# Remote Desktop Sharing ------------------------- # Required RPMs: ---------------- vnc-server-4.1.2-9.el5 vnc-4.1.2-9.el5 # Use the following command on graphical terminal vino-prefrences # Remote Desktop Prefrences ---------------------------- # Allow other users to view your desktop # Allow other users to control your desktop # Ask you for the confirmation # Require the user to enter this password Password: ******* # Goto Applications ---> Accessories ---> VNC viewer # Enter the destination IP address. # Remote Connectivity ---------------------- # To connect remote shell use the command ssh [options] <IP Address/Hostname> e.g. ssh -l user1 server.praveshsailor.com # Open SSH Key-based Authentication ----------------------------------- # Without passphrase -------------------- # Add the users on your system useradd user1;passwd user1 # Then login as user1 and use the following commands to generate the public key for authentication. s