Posts

Showing posts from 2013

Update kernel version in debian wheezy server

Check the previous kernel versions and architecture. Edit /etc/apt/sources.list,  vi /etc/apt/sources.list Add the line [backports], deb http://ftp.us.debian.org/debian/ wheezy-backports main contrib non-free Update the apt-get, apt-get update To find the latest kernel image,type the following line, apt-cache search linux-image-3 And select latest kernel image, Run the command. apt-get -t wheezy-backports install linux-image-3.10-0.bpo.3-amd64 firmware-linux-free Reboot the system reboot Please check new kernel, uname -r 3.10-0.bpo.3-amd64 Let's enjoy

Kernel recompilation

Simple Steps: 1. cd /usr/src 2. wget -c http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.20.tar.bz2 3. tar xvfj linux-2.6.20.tar.bz2 4. cd linux-2.6.20 5. make clean && make mrproper 6. make menuconfig 7  make clean 8. make bzImage 9. make modules 10. make modules_install 11.make install It will install three files into /boot directory as well as modification to your kernel grub configuration file:     System.map-2.6.25     config-2.6.25     vmlinuz-2.6.25 12. mkinitrd /boot/initrd-2.6.20.img 2.6.20 Then new compiled kernel shown in /etc/grub.conf with existing kernel,now you edit it with yourself with using default option      

Cpanel update failure in upcp

upcp errors on your cpanel update Most of time cpanel update won’t get any errors and shows like cpanel update failure in upcp. If you getting the following error when cPanel tries to update.  Running `/usr/local/cpanel/scripts/updatenow –upcp –log=/var/cpanel/updatelogs/update.12522061.log` failed, exited with code 25 (signal = 0) Check the following files which is OS version and cpanel sysinfo configuration. cat /etc/redhat-release cat /var/cpanel/sysinfo.config open your /var/cpanel/sysinfo.config file and  make sure “ rpm_dist_ver ” is not configured as “unknown”.  It should match the major version of the OS. change like rpm_dist_ver=5   if you OS is 5.9. For example : +-(root@cPanel)(04:51:50) +-(~)->cat /etc/redhat-release CentOS release 5.9 (Final) +-(root@cPanel)(04:44:19) +-(~)->cat /var/cpanel/sysinfo.config ises=2 lock= release=5.9 rpm_arch= rpm_dist=centos rpm_dist_ver=unknown +-(root@cPanel)(04:44:57) +...

NAT in linux

network-address-translation (NAT) on a Linux system with iptables rules so that the system can act as a gateway and provide internet access to multiple hosts on a local network using a single public IP address. This is achieved by rewriting the source and/or destination addresses of IP packets as they pass through the NAT system. The system on which NAT is set up will act as the gateway for private network. According to this tutorial this computer should meet the following requirements: 1) It should have at least 2 NICs(network interface controllers). One to connect to Internet and the other to connect to the private network. 2) It should be running Linux. 3) It should have a kernel supporting iptables. Terminologies and Concepts The 2 interfaces concerned will be eth0 and eth1. eth0 -> This will be the interface connected to the Internet. eth1 -> This interface will be connected to the private network. Now, let us see if they are being recognized as network...

How to reinstall the Grub Boot loader on Dedicated Linux Server

Below steps will help to rebuild / reinstall the corrupted or unknowingly deleted Grub Boot loader using the rescue mode in Redhat / Centos. Boot the system from Redhat / Centos Installation Disk/DVD or Flash Drive Type the ‘linux rescue’ command at the installation prompt to enter into the rescue environment. Type the command   ‘chroot /mnt/sysimage’ to mount the root partition. Type the command ‘/sbin/grub-install /dev/sda’ to reinstall the GRUB BOOT LOADER here boot partition is there in 'sda'.    Review the /boot/grub/grub.conf.   Then Reboot the server

RHEL / CentOS Linux: Mount and Access NTFS Partition

Image
H ow to enable NTFS support on CentOS Linux version 5 or 6? How do I mount ntfs partition under RHEL 5 or 6? First, you need to install EPEL repo as described here . The following command will turn in EPEL repo on RHEL / CentOS version 6.x: $ cd /tmp # rpm -ivh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm NTFS-3G NTFS-3G is a stable, open source, GPL licensed, POSIX, read/write NTFS driver for Linux. It provides safe handling of the Windows XP, Windows Server 2003, Windows 2000, Windows Vista, Windows Server 2008 and Windows 7 NTFS file systems. NTFS-3G can create, remove, rename, move files, directories, hard links, and streams; it can read and write normal and transparently compressed files, including streams and sparse files; it can handle special files like symbolic links, devices, and FIFOs, ACL, extended attributes; moreover it provides full file access right and ownership support. How Do I Install NTFS-3G? Type the following...

whitelist particular domain in spamassassin for server wide.

For example you have want to whitelist *@abc.com in the server.There is one option in spamassasin to whitelist this,but you have only whitelisted this for each user account which means you have login into each cpanel account and manually whitelisted *@abc.com in spamassassin under mail option. But I have created one script to whitelist this *@abc.com for all accounts[server level]. Step1: Go to exim configuration manager, Enabled this option"" SpamAssassin™: Forced Global ON "". Then try this script.[one by one]  for i in `ls /var/cpanel/users` ; do mkdir /home/$i/.spamassassin ; done for i in `ls /var/cpanel/users` ; do touch /home/$i/.spamassassin/user_prefs  ; done for i in `ls /var/cpanel/users` ; do echo whitelist_from *@abc.com  > /home/$i/.spamassassin/user_prefs  ; done for i in `ls /var/cpanel/users` ; do chown $i.$i /home/$i/.spamassassin ; done for i in `ls /var/cpanel/users` ; do chown $i.$i /home/$i/.spamassassin/user_prefs ; done Thats...

Domlog files are not getting updated.

Image
Today, I noticed that awstat not showing any usage and while checking, I could see that no logs are getting added to the domlogs file. I checked awstat settings in the server via WHM and everything was fine. I googled the issue a lot and finally end up with the following fix. FIX: Open the apache conf. #vi /usr/local/apache/conf/httpd.conf Search for the line ——– ErrorLog /usr/local/apache/logs/error_log ——– Beneth that line add the following: ——– LogFormat “%h %l %u %t “%r” %>s %b “%{Referer}i” “%{User-Agent}i”” combined LogFormat “%{Referer}i -> %U” referer LogFormat “%h %l %u %t “%r” %>s %b” common LogFormat “%{User-agent}i” agent ——– Save and exit, then run: ——– /usr/local/cpanel/bin/apache_conf_distiller –update /usr/local/cpanel/bin/build_apache_conf restart apache /scripts/restartsrv_httpd ——– Awstat started updating itself at last.

Change shared memory ownership and permission

We know that we can use ipcs to view shared memory segment information,we can use ipcrm to delete a segment. But wait. Assume that you first run a program as root user,  which creates a shared memory segment of 40GB size. Then you realize that for security resaon, we should use as less privilege as possible, so you decide to run it as the nobody user. However, because the segment was created with perm 0600, the nobody user can’t access it. You definitely don’t want to dump the whole memory and recreate a new segment and recover.  It would be nice if we can simply change the ownership and permission of the  segment. So I created the tool called chshm for this purpose, Usage: ./chshm [Options] shmid ... Options: -u|--user change owner to -g|--group change group to -m|--mode change mode to in octal eg: ./chshm -u nobody -m 0660 65535 This will change shm id 65535's owner to nobody, mode to 0660

How to find PHP Shell on your server

In most of the hacking or defacing the most common tool used is PHP Shell. If you scan your server regularly for php shell and delete them you can avoid many hacking and defacing attempt on your server. #!/bin/bash #Scanning all users directory for various php shell # Below command is one line so see that its one line in your script or else it will generate error echo "No PHP Shell was Found" > /root/scan.txt /bin/egrep "cgitelnet|webadmin|PHPShell|tryag|r57shell|c99shell|noexecshell|/etc/passwd|revengans|myshellexec" /home/*/public_html -R | cut -d: -f1 | uniq > /root/scan.txt /bin/cat /root/scan.txt | mail -s "PHP Shell Scan" user@domain.com #Replace your email address above #Cron Settings # 0 6 * * * PATH TO SCRIPT The above script is a very simple shell script which will scan all public_html directories of all cpanel accounts for various php shell. Then the script will mail you the locations of...

view external: query (cache) denied

I have registered my nameserver  at registrar. I have properly updated the zone file in the server. But for some reason while checking the dig result the new name-server details were not showing correctly. I have checked the logs and got the following error. view external: query (cache) denied Reason : in the view external section in named.conf, the entry for my domain was commented. Once I un-comment, everything was correct. If you got similar type of error, check your named.conf and also check whether named.conf and the zone file is ok using the following commands named-checkconf named-checkzone domain.com /var/named/domain.com.db

MY SCRIPTS

Drop DDOS attack 20 04 2009 1. Find.. to which IP address in the server is targeted by the ddos attack netstat -plan  | grep  :80 | awk ‘{print $4}’ | cut -d: -f1 |sort |uniq -c 2. Find… from which IPs, the attack is coming netstat -plan  | grep  :80 | awk '{print $5}' | cut -d: -f1 |sort |uniq -c netstat -plan |grep :25 | awk '{print $5}' |cut -d: -f1 |sort |uniq -c |sort -n                   rsync give thie command in destination server. rsync --progress --stats -avzxl --rsh='ssh -p22' [source]52825@rsync1.cloudkeeper.net:/usr/home/52825/server.scalateam.inf/home/ekozasti/ [destination]/home/ekozasti/ rsync --progress --stats -avzxl --rsh='ssh -p22' 52825@rsync1.cloudkeeper.net:/usr/home/52825/server.scalateam.inf/home/ekozasti/ /home/ekozasti/ rsync -avz -e  /var/named/cpanelphp.txt root@ scp -P 2255 villaaqu_hotel.sql root@173.192.73.130:/root/     ...

Script to optimize apache webserver

#!/bin/bash # Credits Gus Maskowitz, Rob Wilderspin, Dan Farmer, Mark Hyde # ===================================== DO SECTION ===================================== ME=`whoami` LAST_ECHO=0 TYPE_ECHO=0 if [ "$ME" != "root" ]; then echo “You’ll need to be root to run this”   exit 1 fi /sbin/service httpd status 2>&1 >/dev/null if [ $? -ne 0 ]; then exit 0 fi apachetuner_version=”Apachetuner v1.0″ if [ -f /etc/redhat-release ]; then system=$(cat /etc/redhat-release) else echo “This does not appear to be Red-Hat and is unfortunately not yet supported”   exit 0 fi # This was written specifically for a Rackspace environment if [ -f /root/.rackspace/server_number ]; then server_number=$(cat /root/.rackspace/server_number) fi server_name=$(uname -n) server_httpd_rpm=$(rpm -qf $(which httpd)) memtotal_mb=$(awk ‘/MemTotal/ {printf “%d”, $2/1024}’ /proc/meminfo) # mem_alert_level=$(echo $memtotal_mb | awk ...