Showing headlines posted by nixcraft

A rootkit is a program designed to take fundamental control of a computer system, without authorization by the system’s owners and legitimate managers. Most rootkits use the power of the kernel to hide themselves, they are only visible from within the kernel. How do I detect rootkits under CentOS or Debian Linux server?

biosdecode is a command line utility to parses the BIOS memory and prints information about all structures (or entry points) it knows of. The DMI table doesn’t only describe what the system is currently made of, it also can report the possible evolutions such as the fastest supported CPU or the maximal amount of memory supported. In this tip you will learn about decoding BIOS data (dumping a computer’s DMI ) and getting all information about computer hardware without rebooting the server.

FTP is an insecure protocol, but file-transfer is required all the time. You can use OpenSSH Server to transfer files using SCP and SFTP (secure ftp) without setting up an FTP server. However, this feature also grants ssh shell access to a user. In this article series we will help you provide secure restricted file-transfer services to your users without resorting to http://FTP. It also covers chroot jail setup instructions to lock down users to their own home directories (allow users to transfer files but not browse the entire Linux / UNIX file system of the server) as well as per user configurations.

By hiding out DNS server version number you can improve server security. fpdns is a program that remotely determines DNS server versions. It does this by sending a series of borderline DNS queries which are compared against a table of responses and server versions. (just like nmap command's remote OS detection facility). A nameserver basically responds to a query. Interoperability is an obvious requirement here. The standard protocol behavior of different DNS implementations is expected to be the same.

Linux networking cookbook is a book for both a seasoned and new Linux network administrator. It includes valuable time saving recipes, tools and related resources. The book is written in clear and concise style with tons of examples and working code. Book covers wild verity of topics or so called recipes for Linux networking.

Adobe Acrobat is a commercial tool for manipulating PDF files. Earlier I was using CUPs - printing system, to export PDF files. I’ve also tried out gv for the same purpose. However, I needed complete editing of pdf documents. My search ended with PDFedit software, which is free and open source editor for manipulating PDF documents. The PDFEdit software available in both GUI and CLI (commandline) interface.

Demilitarized zone, used to secure an internal network from external access. You can use Linux firewall to create DMZ easily. There are many different ways to design a network with a DMZ. The basic method is to use a single Linux firewall with 3 Ethernet cards. The following simple example discusses Linux DMZ setup and forwarding public traffic to internal servers.

Pound is a reverse-proxy load balancing server. It accepts requests from HTTP / HTTPS clients and distributes them to one or more Web servers. The HTTPS requests are decrypted and passed to the back-ends as plain HTTP. It will act as:

Your Debian / Ubuntu Linux box security depends upon access to system services (one of many aspects). For example, you may need to provide a web server (Apache service) to serve web pages. However, if you do not need use a service, you should always turn off all unused services to avoid exploits.Under Red hat and Centos Linux you can use chkconfig command (ntsysv command) to configure Sys V style init script links. There is also service command to stop / start / restart services. So if you are addicted to the service command under RHEL / CentOS / Mandriva Linux and have wondered what to do in Debian / Ubuntu, Linux try sysvconfig package.

If a kernel panic occurs for the first time you have to no choice but to reboot Linux box manually. If you want the server to get rebooted automatically after kernel hit by a pain error message, try adding panic=N to /etc/sysctl.conf file. It specify kernel behavior on panic. By default, the kernel will not reboot after a panic, but this option will cause a kernel reboot after N seconds.

If you are Linux on desktop chances are you are using small partition, but on server you need large partition. For example, you cannot create 4TB partition size (RAID based) using fdisk command. It will not allow you to create a partition that is greater than 2TB. To solve this problem use GNU parted command with GPT. It supports Intel EFI/GPT partition tables. Partition Table (GPT) is a standard for the layout of the partition table on a physical hard disk. It is a part of the Extensible Firmware Interface (EFI) standard proposed by Intel as a replacement for the outdated PC BIOS, one of the few remaining relics of the original IBM PC. EFI uses GPT where BIOS uses a Master Boot Record (MBR).
Creating a Partition Size Larger than 2TB

Internet SCSI (iSCSI) is a network protocol that allows you to use of the SCSI protocol over TCP/IP networks. It is good alternative to Fibre Channel-based SANs. You can easily manage, mount and format iSCSI Volume under Linux. It allows access to SAN storage over Ethernet. Open-iSCSI project is a high-performance, transport independent, multi-platform implementation of iSCSI. Open-iSCSI is partitioned into user and kernel parts.

DNS server can be attacked using various techniques such as:
[a] DNS spoofing

[b] Cache poisoning

[c] Registration hijacking

One of the simplest ways to defend is limit zone transfers between nameservers by defining ACL. I see many admin allows BIND to transfer zones in bulk outside their network or organization. There is no need to do this. Remember you don't have to make an attacker's life easier. Restricting zone transfers with IP addresses in BIND DNS Server

The problem of cooling the computer is not new. The more powerful and faster computers become, the "hotter" they get. Coolers inside computer cases, video card and power supply units are quite common nowadays. However, hard disk has no additional means to cool them. Most hard disk manufacture recommends 35-40 C working temperature for a hard drive. Once it crossed the limit safety of your data and hard disk becomes critical. Computer hard drive is the main storage media for your data. This article explains how to monitor hard disk temperature and prevent the loss of data under Linux using automated scripts.

Shell Script Pearls is designed to provide information about shell scripting. The book is collection with all tips and code sample you need to learn about shell scripting. Author has clearly demonstrated unique tools and script samples that go beyond the level of basic scripting. The book is useful for geeks, hackers, sys admin and advanced users. The book doesn’t explain basic programming structure and syntax. If you are the beginner get some basic book or start with our own tutorial. You will find lots of useful collection of a shell scripts and practical examples that can be used in day today life.

Sometime by mistakes all package file permissions get changed and you need to restore file permission. For example a shell script or some sort of corruption could change the permissions for packages (installed files), it may be necessary to reset them. For example a long time ago my shell script run chmod and chown commands on /usr and changed the permission. Luckily rpm command can reset package permission. Sun Solaris pkg command and IBM can also reset permissions. How to: Linux reset the permissions of the installed rpm packages

netcat utility (nc command) considered as TCP/IP swiss army knife. It reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable “back-end” tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

This howto explain migrating data between two server hard drives using netcat over a network. It is very easy to copy complete drive image from one server to another.

smartctl command controls the Self-Monitoring, Analysis and Reporting Technology (SMART) system built into many ATA-3 and later ATA, IDE and SCSI-3 hard drives. The purpose of SMART is to monitor the reliability of the hard drive and predict drive failures, and to carry out different types of drive self-tests. smartctl is a command line utility designed to perform SMART tasks such as printing the SMART self-test and error logs, enabling and disabling SMART automatic testing, and initiating device self-tests. This article demonstrates usage of smartctl tool to test if hard disk is going bad.

FreeBSD Update is a system for automatically building, distributing, fetching, and applying binary security updates for FreeBSD. This makes it possible to easily track the FreeBSD security branches without the need for fetching the source tree and recompiling. This article talks about using combinations of various tools to keep your FreeBSD system up to date.

Procedure for creating a CSR on postfix MTA is just like web server. You need to use OpenSSL which is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related ryptography standards under Linux / UNIX. To configure postfix SSL SMTP you need 3 files
(a) The private key
(b) Your .crt certificate file
(c) CA certificate

Linux Postfix mail server SSL certificate installations and configuration