Linux Consulting

Links

2007-11-05T19:15:00.002-08:00

Using truss, ldd and nm to explore binary filesSolaris 10 Tuning: serves as a good reference.Maxpgio discussion on WHT. Another interesting mailing list post about maxpgio.Sun/Oracle Best practices blueprint. This is a PDF doc published by SMI Performance and AvailabilityEngineering (PAE) group. I find it interesting for the doc to say:Inparticular, on large memory SMP systems, we routinely use

maxpgio

2007-11-05T19:15:00.001-08:00

An interesting discussion on maxpgio.

Solaris 10 Tuning

2007-11-05T18:38:00.000-08:00

I find this page to be very handy for referencing Solaris 10 Tuning options.

ln -s examples

2007-11-03T13:49:00.000-07:00

ln is the command used to link files. ln -s creates a soft link "from" a file "to" a file.Suppose you have two mounts, one with sufficient disk space (new) and the other without ample disk space (old) and you need to create a soft link so that when you create a new file in /old it will actually be created in /newcd /oldmkdir /new/directoryln -s /new/directory /old/directory

Solaris 10: Solaris Internals and OpenSolaris Kernel Architecture

2006-12-14T17:52:00.000-08:00

OpenSolaris was introduced in June 2005 by Sun Microsystems. The OpenSolaris source code is also available online.There is also a site for the Solaris Internals book.Richard McDougall: a Distinguished Engineer at Sun Microsystems who specializes in operating systems technology and systems performance.Jim Mauro: a Senior Staff Engineer in the Performance, Architecture, and Applications Engineering

GeoTrust Seal: Internet Explorer not showing the padlock icon for security

2006-12-08T09:56:00.000-08:00

Today, I experienced a very weird issue with a site using GeoTrust seal on Internet Explorer. One of my site was showing the padlock icon only for a few seconds and then it would disappear. Additionally, Internet Explorer wasn't showing the security warning "this page has both secure and insecure items."So after investigating I found the issue to be related to a mod_rewrite redirect. Basically

ldd

2006-11-15T12:20:00.000-08:00

Here is one way you can find out the sared library dependencies using ldd-bash-3.00$ ldd `which mysql` libcurses.so.1 => /lib/sparcv9/libcurses.so.1 librt.so.1 => /lib/sparcv9/librt.so.1 libcrypt_i.so.1 => /usr/lib/sparcv9/libcrypt_i.so.1 libgen.so.1 => /lib/sparcv9/libgen.so.1 libsocket.so.1 => /lib/sparcv9/libsocket.so.1

Getting date to use in a filename

2006-11-13T17:31:00.000-08:00

The default output of "date" command isn't suitable to be used in filenames. So when you need to use date in a filename, you need to pass formatting options.Some formatting options$ date '+%m%d%y'111306 $ date '+%H%M%S'202928$ date '+%m%d%y%H%M%S'111306203011

Hello World! ASP

2006-10-04T20:18:00.000-07:00

After ignoring ASP for quite long, I have finally decided to jump in and play with the language. Since my IIS is now working, I decided to give it a try.<%Dim count Dim textFor count = 1 To 10 Step 1%> <%= count %> Hello World<% Next %>Once I went to the page, it worked as intended. Yay!

IIS: Internet Information Services Default Username and Password

2006-10-04T20:04:00.000-07:00

After re-installing Microsoft Visual Studio .NET on my new laptop, I decided to play around with IIS. I am very experienced with Apache but totally new to IIS. After installing IIS for development, I tried to go to http://localhost in Firefox and was prompted for a password. Obviosuly, since I didn't set the password in first place I had no idea what password/user it is talking about. A lit bit

Creating Public / Private DSA Key Pair

2006-09-11T08:24:00.000-07:00

Generating a public/private DSA key pair is easy. The following generates a password less key pairfmashraqi@frank[~]$ ssh-keygen -N "" -t dsa -f ~/.ssh/id_dsa_svnGenerating public/private dsa key pair.Your identification has been saved in /home/fmashraqi/.ssh/id_dsa_svn.Your public key has been saved in /home/fmashraqi/.ssh/id_dsa_svn.pub.The key fingerprint is:0a:fc:a4:b9:8c:ae:67:dd:d9:1d:68:2c

Uninstalling Studio11

2006-09-08T08:21:00.000-07:00

Recently I wanted to reinstall Sun Studio 11. Here's how I did it.[root@db32:/home/fmashraqi/install/bench/sysbench-0.4.7] cd /var/sadm/prod/com.sun.studio_11/[root@db32:/var/sadm/prod/com.sun.studio_11] ./batch_uninstall_allStarting the uninstallation ...uninstall_Documentationuninstall_Source_Distributionuninstall_Sun_Performance_Libraryuninstall_Sun_Studio_SoftwareEnd of the uninstallation ...

Installing gcc compiler on Solaris 10

2006-08-22T09:48:00.000-07:00

So today I needed to compile a few programs on one of the Solaris servers but found there was no compiler installed. The installation of the compiler was painless. First I went to sunfreeware.com and downloaded gcc-3.3.2 and libiconv packages for SPARC/Solaris 10.wget ftp://ftp.sunfreeware.com/pub/freeware/sparc/10/gcc-3.3.2-sol10-sparc-local.gzwget ftp://ftp.sunfreeware.com/pub/freeware/sparc/10

C Programming

2006-07-23T13:55:00.000-07:00

Sample C program main() { int i; printf("\t # \t\t Square\n"); for (i=0; i<=25;++i) printf("\t %d \t\t\t %d \n",i,square_root(i)); } square_root(int i) { return i*i; } Compiling our sample c program using the GNU's GCC (g++) compilergcc test.cor using the Sun's CC compilercc test.cBy default the program will

Background and Foreground Jobs

2006-07-23T12:41:00.000-07:00

View the one liners to manage background (bg) and foreground (fg) processes and jobs at the programming one liners blog.

Zooomr offers free premium accounts to bloggers

2006-07-10T08:14:00.000-07:00

Zooomr is offering free premium accounts to bloggers of all sizes. Zooomr is a photo service for bloggers with some really nice and innovative features.1151417318_fHosted on Zooomr

RAID: Redundant Array of Inexpensive Disks

2006-06-23T06:56:00.000-07:00

RAID 0 not an original RAID level aka striped set (data is striped across multiple disks) data is splitted evenly across multiple (two or more) disks not redundant uses increases performance can create a large virtual disk from many small physical disks disks of multiple size can be used only the size of the smallest disk will be added to the array I/O

Misc commands

2006-06-16T07:03:00.000-07:00

What server I am onbash-3.00# unameSunOSbash-3.00# uname -aSunOS frank 5.10 Generic_118844-26 i86pc i386To view ypcat[root@polland:/var/yp] ypcat -k passwdto push changes to polland/usr/ccs/bin/makeFind packages matching criteriapkginfo | grep mozInstall package remotelypkgadd -r packagename

Installing Firefox 1.5 on Solaris 10

2006-06-16T06:27:00.000-07:00

Today is my second day at my new job (more on this later). For right now my default work station is Solaris 10 and today I needed to install Firefox 1.5. Here's how I did itwget http://releases.mozilla.org/pub/mozilla.org/firefox/releases/1.5.0.1/contrib/solaris_pkgadd/firefox-1.5.0.1.en-US.solaris2.10-i386-pkg.tar.bz2bunzip2 firefox-1.5.0.1.en-US.solaris2.10-i386-pkg.tar.bz2tar xf firefox-

Buffer Management API

2006-06-08T18:06:00.000-07:00

The buffer management API, or the buffer management system, is an API that allows computer programs to interact with the operating system to transfer data from the hard disk to RAM and vice versa.

Hard Disk

2006-06-08T17:15:00.000-07:00

Notes and clips about the workings of a hard disk drive.Hard disk platter http://en.wikipedia.org/wiki/Hard_disk_platter A spindle mounts several plattersMade of aluminum or glass substrateA typical bit on a hard disk platter (in 2006) is about 200-250 nanometers wide (in the radial direction of the platter) and extends about 25-30 nanometers in the down-track direction (the

Viewing a specific version of a man page

2006-05-25T22:32:00.000-07:00

These days, I have been blogging mostly on Adoppt. You can check out my blog at adoppt.com/blog/frankI just posted a small note on how you can view the specific version of a man page. For instance: crontab(5)

Social Bookmarking

2006-05-21T23:18:00.000-07:00

Social bookmarking has literally changed the way people bookmark. While there are many great social bookmarking services, they leave a lot to be desired. For that reason, I have been working on a social bookmarking application that is currently in Alpha. There are many cool features of this social bookmarking application about which I will talk in near future. For right now, a user can get their

Exit Status Code of a Program on Unix / Linux

2006-03-20T18:52:00.000-08:00

Depending on the shell you are using, you can find the exit status code of a program on Unix/Linux usingin bash$?or in csh,$statusA non-zero exit code states that the program terminated with an error whereas an exit code of zero states that the program /script terminated normally.

CSS two column layout

2006-03-10T21:18:00.000-08:00

Here is a CSS two column layout for you to enjoy

Top heading

left

right

Footer

Automatically check for /var/log/secure for intruders: Auto Spell for Directories

2006-03-04T11:11:00.000-08:00

Here's what I like to keep in my .bash_profile to automatically tell me about intruders upon loginecho -e "*************************\nSystem Security Messages" >> /designerz/security/log/frankly.messages;echo "Current Users " >> /designerz/security/log/frankly.messages;who >> /designerz/security/log/frankly.messages#who | uniq | sortecho "Last Users | Unique " >> /designerz/security/log/

Linux commands: The funny linux commands

2006-03-02T13:20:00.000-08:00

Hope you enjoy these funny Linux commands as much as I did:% cat "food in cans"cat: can't open food in cans% nice man womanNo manual entry for woman.% "How would you rate Quayle's incompetence?Unmatched ".% Unmatched ".Unmatched ".% [Where is Jimmy Hoffa?Missing ].% ^How did the sex change operation go?^Modifier failed.% If I had a ( for every $ the Congress spent, what would I have?Too many ('s.

Test Post Tagged

2006-02-18T15:08:00.000-08:00

I want to tag this test post as mrrrrrareportaddsd

RadioShack CEO lied on resume: USATODAY.com

2006-02-16T12:38:00.000-08:00

This story caught my eye:USATODAY.com - RadioShack CEO lied on resume: "RadioShack (RSH) Chief Executive David Edmondson said he lied about his academic record, leading the electronics retailer's board to hire a lawyer to advise it on the matter, according to statements released by the company late Wednesday.The questions about Edmondson's education — and the revelation that he has been involved

"RadioShack Saves Millions of Dollars by Choosing Windows over Linux": Microsoft

2006-02-10T16:33:00.000-08:00

Case Study: "RadioShack is one of the best-known electronics retailers in the world, with approximately 5,100 company-owned stores and 1,800 dealer-franchise locations that people turn to for batteries, toys, telephones, PCs, and more. However, the company's 11-year-old, UNIX-based point-of-sale systems had reached the end of their useful life and had to be updated. After an extensive evaluation

Banning abusing bots using mod_rewrite, .htaccess and modsecurity

2006-02-10T09:47:00.000-08:00

Here are the currently blocked user agents as per my /etc/modsecurity/useragents.conf file: # http://www.gotroot.com/mod_security+rules# Gotroot.com ModSecurity rules## Created by The Prometheus Group (http://www.prometheus-group.com)## User Agent Security Rules## Download from: http://www.gotroot.com/downloads/ftp/mod_security/useragents.conf# Copyright 2005, all rights reserved.## Commercial

Hacked this AM - ServerBeach Forums

2006-02-10T09:32:00.000-08:00

Today I came across the following discussion where one of my tutorials was mentioned:Hacked this AM - ServerBeach Forums: "Someone used a PHP exploit to take down several of our sites this morning. Replaced the homepages with their hacker page ~DESTROYER~We had backups but they actually took the time to delete one of our databases, leaving the rest untouched. We traced it to the hosting company,

Innodb or MyISAM?

2006-02-02T17:51:00.000-08:00

Post has moved here.

Upgrading APF (Advanced Policy Firewall) - and random thoughts

2006-02-02T16:53:00.000-08:00

This post is available here.

People, please don't post illegal projects

2006-01-31T19:47:00.000-08:00

I saw this project today on a popular Software house:I sell 3rd party utilites for an online game. Recently the game developers have found a way to detect my applications. I inject code, hook etc. I use rootkit technology to hide my applications. If you are an expert with this kind of technology and think you can figure out how they detect my applications please bid on this project.I will give

Using DocBook on Windows

2006-01-31T16:47:00.000-08:00

Long time ago, I bookmarked Jim Crafton's tutorial Documentation with Docbook on Windows to follow later in the hopes of installing (and using) docbook on my Windows box. Today I finally decided to download CygwinFollowing his instructions I installed the following: bash make libxslt sed tar gzip find and ofcouse Docbook-xsl-* and HTML Help Workshop by Microsoft.At first I had selected

Freelance Work

2006-01-17T11:37:00.000-08:00

Looking for Freelance work?The following web sites can help you find freelance work.ScriptLance

Mod_security CheckURLEncoding - 100th post - Valentines day

2006-01-12T07:18:00.000-08:00

I had a weird problem today. When attempting to add a resource using my toolbar to one of my projects, I noticed that I kept getting a 500 error. Upon investigation, I found that the error was due to mod_security installed recently. Further investigation revealed that the following configuration directive was causing issues.SecFilterCheckURLEncoding OnMy question now is, does anyone know about

Notes on Apache tuning

2005-12-28T11:00:00.000-08:00

Some random personal notes: Enable the following in php.ini because even your server generates the file quickly, it may still take a lot of time for a user behind a slow connectionoutput_handler = ob_gzhandler No matter what you do with PHP, PHP files are still served slower than static HTML filesPass objects and arrays by reference when dealing with functions (PHP 4+) Use ps and top to

Forums

2005-12-17T21:32:00.000-08:00

Here are some of the forums I visit from time to time.North Georgia Business ForumsHome Business OnlineSmall Business BriefWebmasterWorldPHP BBStylesAble2KnowTechnorati Tags: forums

.htaccess

2005-12-17T20:55:00.000-08:00

RedHat has some good reference information on how to use .htaccess

SMTP on Port 26

2005-12-17T20:48:00.000-08:00

To open up a new port (26) and redirect all packets to port 25, useiptables -t nat -A PREROUTING -p tcp -d 192.168.0.1 --dport 26 -j DNAT --to 192.168.0.1:25 --dport 26 does the redirection job. pblinux pointed the following for Ensim Pro 4.0.1 on RHEL/sbin/iptables -t nat -A PREROUTING -p tcp --dport 20025 -i eth0 -j DNAT --to xxx.xxx.xxx.xxx:25

Linux Tips

2005-12-15T11:20:00.000-08:00

A friend of mine was having issues using wget. He said that when trying to download images, wget just "hangs". Upon investigation I found that he was not properly quoting the URL and the ampersand character was causing the "hanging up". When using wget to download images that have dynamic URLs (include "?" or "&" in the URL) you must quote the URLs using single or double quotes.#WRONGwget http://

Johnny Knoxville The Ringer-

2005-12-14T18:43:00.000-08:00

I honestly think Johnny Knoxville's 'The Ringer' is a crap movie. I can't even watch it's commercials. I don't know why some people do this just for money and fame? Dare to differ?johnny knoxville the ringer

Do Not Call List - Disclaimer/Permission to call

2005-12-14T17:58:00.000-08:00

An interesting disclaimer about Do Not Call List: By providing your phone number on this form, you give us permission to call you in response to this request, even if this/your phone number is in the State and/or National Do Not Call Registry. Your privacy is very important to us. We never sell, trade or share your personal information with any third party or organization, and only one of our

Yahoo! acquires Delicious

2005-12-10T10:13:00.000-08:00

Yahoo! has acquired Del.icio.us as of yesterday. For more read the article Yahoo! is Delicious on SearchMarketingAmbassador.com Now Yahoo! only needs to acquire Technorati to become the champ of web 2.0.In related news, Bill Gates says that MSN may start providing some sort of incentive to its users.web 2.0 Yahoo Microsoft Delicious Yahoo

Securing Apache with mod_security

2005-12-09T20:02:00.000-08:00

Abusing bots are a problem for all successful sites. When dealing with abusive bots, you can take the WebmasterWorld's senseless route to block all user agents or you can be a bit smart, and install mod_security. That way you won't have to block all the indexing bots and no one will call you stupid. In this post, I will show you how to secure your Apache 2 installation with mod_securityFirst, we

ping: sendmsg: Operation not permitted

2005-12-08T18:56:00.000-08:00

I wasn't able to ping a machine on my PNET. When pinging I was getting the following messageping: sendmsg: Operation not permittedThe reason was my firewall was not allowing any traffic on eth1. So I modified the followingIFACE_TRUSTED="eth1"and after restarting AFP usingservice apf restarteverything started working fine.

SSL on RHEL - SSL Certificate on working - Domain not resolving

2005-12-08T11:30:00.000-08:00

Recently after migrating data from an older hard drive, I needed to transfer SSL configuration for a domain. The domain was not working with the SSL. Pinging the domain was returning the following error message ping: unknown host So here we had two main issues. One is that domain isn't resolving to the server and other one being that SSL isn't working. After running some grep operations, I found

Ensim Webppliance - Domain Resolving to Admin Panel - Domain not working

2005-12-07T11:50:00.000-08:00

Sometimes a domain on ensim starts going to the webppliance admin panel instead of the domain. Here we will investigate that case. Make sure the site exists #Checktail -f /var/log/httpd/access_log # Checktail -f /var/log/httpd/error_log # Findsitelookup -s siteXsitelookup -d domain.org Verify /etc/httpd/conf/virtual/site12 exists. If not create it. A demo file (not for production

Hunting down spammers

2005-12-05T10:02:00.000-08:00

In this work-in-process guide, I aim to show you to hunt down bastard spammers who have been using your server.USE AT OWN RISK. I AM STILL WORKING ON ITOnce again we will start with log files in /var/log/, especially /var/log/secureDec 4 05:59:07 ensim xinetd[1556]: START: pop3 pid=25338 from=216.12.192.107#A start session will look something like:4 06:23:35 ensim xinetd[1556]: START: pop3 pid=

Mayday Mayday

2005-12-04T09:12:00.000-08:00

When you notice a comment similar to the following in an open-source application, it's better not to use it ;)// we are in trouble !mayday open source

Just me on Google :)

2005-11-23T21:37:00.000-08:00

This is cool. Today I noticed a hit from Google for the search term [sysctl.conf kernel.mem_nmi_panic] and guess what? Two pages from this blog were the only two results in Google. Pretty cool!I decided to check Yahoo! for the same query [sysctl.conf kernel.mem_nmi_panic] and was surprised to find 9 results.MSN also returned only two results for [sysctl.conf kernel.mem_nmi_panic]I know there has

Yahoo small business merchants: Get Firefox search plugin to help users search your Yahoo store

2005-11-17T14:18:00.000-08:00

If you are a Yahoo! Small Business merchant (Yahoo! store owner), then you may like to know that you can provide your users with a search plugin that can be installed by your customers using Mozilla Firefox browser. Near holiday shopping season, many Yahoo! store owners start experiencing explosive growth in traffic, espcially from Yahoo! shopping. By giving your customers a plugin that they can

eBay Developers Program - Open source patents search

2005-11-17T09:49:00.000-08:00

Open Source Development Labs (OSDL) launches open-source patents search.Ray Ozzie, CTO of Microsoft, starts a new blog. Microsoft eyes supercomputer market.eBay makes changes to its developers program. API access now free.UPS and eBay allow eBay sellers to ship globally.eBay's developer challenge announces some cool prizes.More from open source patents post.Technorati Tags: eBay developers

Apache - HTTPD - Extended Server Status with server-status and ExtendedStatus

2005-11-16T17:21:00.000-08:00

HTTPD (Apache 2) comes with really cool server status monitoring module that is often loaded by default. To start using it, you need to place code similar to following in the httpd.conf file.# FM 11/16/05 server-status module enabledExtendedStatus On SetHandler server-statusOrder Deny,AllowDeny from allAllow from .domain.comRemember to modify .domain.com to the domain from where you will be

Address already in use: make_sock: could not bind to address - Apache - HTTPD Error

2005-11-16T16:54:00.000-08:00

So I was getting the following error on one of my servers.Starting httpd: (98)Address already in use: make_sock: could not bind to address 0.0.0.0:443no listening sockets available, shutting downUnable to open logs!The fix is as follows. Run the following commandnetstat -lnp | grep '0.0.0.0:80'# outputtcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 30982/crondIn my

Optimize Apache 2.0 (Apache2) on RHEL - Track users using Clickstream

2005-11-16T14:07:00.000-08:00

First, make a backup and then modify /etc/httpd.conf and change settings as follows# change Timeout 300 toTimeout 45# change KeepAlive Off toKeepAlive On# MaxKeepAliveRequests: The maximum number of requests to allow# during a persistent connection. Set to 0 to allow an unlimited amount.# We recommend you leave this number high, for maximum performance.# -- change MaxKeepAliveRequests 100 to

Apache ServerTokens

2005-11-16T13:58:00.000-08:00

In /etc/httpd.conf file, you can change the ServerTokens value to control how much information about Apache is displayed in the headers. By default the settings areServerTokens OSApache/2.0.46 (Red Hat or Windows) Server at 192.168.0.1 Port 80By changing ServerTokens to Prod, you can have only Apache displayed in the headers. ServerTokens ProdApache Server at 192.168.0.1 Port 80If the

CSS - Cool pre formatting effect

2005-11-16T13:34:00.000-08:00

On PlanetMySQL, I noticed a cool pre style. You can also try by placing CSS code similar to following for pre HTML tags..phpcode, pre { overflow: auto; padding-left: 15px; padding-right: 15px; font-size: 11px; line-height: 15px; margin-top: 10px; width: 93%; display: block; background-color: #eeeeee; color: #000000; max-height: 300px;} Long text of code that never ends cause we just

Turn off php signature

2005-11-16T13:18:00.000-08:00

To turn off PHP information signature, you can modify /etc/php.ini file and change the following (turns PHP signature on)expose_php = Onto (turns PHP signature Offexpose_php = OffNote from PHP.ini file:; Decides whether PHP may expose the fact that it is installed on the server; (e.g. by adding its signature to the Web server header). It is no security; threat in any way, but it makes it

sysctl - Kernel Optimization - /etc/sysctl.conf

2005-11-16T06:34:00.000-08:00

IP Forwarding: Is IP forwarding currently on?/sbin/sysctl net.ipv4.ip_forwardTurn IP forwarding on manually/sbin/sysctl -w net.ipv4.ip_forward=1Turning IP packet forwarding off manually[root@plain scripts]# /sbin/sysctl -w net.ipv4.ip_forward=1net.ipv4.ip_forward = 1[root@plain scripts]# /sbin/sysctl -w net.ipv4.ip_forward=0net.ipv4.ip_forward = 0The following command will do the same job as the

Linux Cool Commands

2005-11-15T19:47:00.000-08:00

Linux Conversion: Tutorial - Convert from Red Hat to Debian Remotely.CPU Information: View CPU Information including processor, vendor_id, cpu family, model, model name, stepping, cpu MHz, cache size, physical id and much more cat /proc/cpuinfoMemory Information: View memory information cat /proc/meminfo total: used: free: shared: buffers: cached:Mem: 2104721408 1756086272 348635136

How to Install / Upgrade Apache 2.0 (Apache2)

2005-11-15T19:17:00.000-08:00

While I prepare a detailed how-to guide about installing and upgrading Apache, checkout How to upgrade to Apache 2.0 on EV1 forums.apache apache+2.0

SMART Disks - Controlling and monitoring SMART SCSI disks with smartctl

2005-11-15T18:55:00.000-08:00

What are SMART disks?SMART is an abbreviation for Self-Monitoring, Analysis and Reporting Technology (SMART). SMART system is built into many ATA-3, ATA, IDE and SCSI-3 hard drives.What is smartctl?According to manual entry for smartctl, smartctl is a command line utility designed to perform SMART tasks such as printing the SMART self-test and error logs, and enabling and disabling

hostname - Changing server host name

2005-11-15T16:59:00.000-08:00

Before starting ensure that your desired hostname is resolving to the server and read the disclaimer below. Steps in changing the hostname on a plain Red Hat Enterprise Linux server are:1. Modifying /etc/sysconfig/network (replace XXX.XXX.XXX.XXX with your gateway IP )NETWORKING=yesHOSTNAME="plain.ev1servers.net"GATEWAY="XXX.XXX.XXX.XXX"GATEWAYDEV="eth0"FORWARD_IPV4="yes"2. Modify /etc/hosts (

audit.d crashing - Auditd save files consuming large amount of disk space in /var/log/audit.d/save

2005-11-14T20:18:00.000-08:00

Today, as I was about to copy over some directories from an old drive on a Linux web server, I was shocked to notice that my SCSI hard disk dive was 90% full. BTW, it is a good system administration practice to always check for disk space before you copy over large directories. To quickly view disk usage statistics in human readable form, use the following command.df -hSo I was really amazed at

AJAX and Web 2.0

2005-11-12T21:51:00.000-08:00

I made a post on my AJAX blog about AJAX, Web 2.0 and SOAP, including a latest AJAX tutorial on how to build SOAP client using AJAX from a software engineer of IBM.In the coming days, I will post more on AJAX and Web 2.0, so please keep an eye on my blog.ThanksFrank MashMore blogs about web 2.0 AJAX XML SOAP

Restoring drives on a RHEL server

2005-11-11T12:12:00.000-08:00

- Restore server A .- Slave the hard drives of server A on restored server.- Slave the /home (primary hard drive) of server AAfter restore the server A witll have 4 drvies:1. New Drive2. New Drive3. Slaved Drive (Primary) of server B4. Slaved Drive (Secondary) of server BIn 72 hours we would like the following changes:1. Remove Drive (Primary) of server A from server B2. Slaved Drive (

Sony rootkit update

2005-11-03T16:22:00.000-08:00

I am just amazed at how fast Sony rootkit talk has encompassed the web. Although Sony has released a patch, using the patch may make the CD unplayable.Mark Russinovich: Sony, Rootkits and Digital Rights Management Gone Too FarInquirer also has a story on Sony's DRM being worse than we think. Inquirer comments about the discrimnation Sony has put in place.IMO, F-Secure has tried to downplay the

"Sony knows ... what you listen to" - Internal techincal support says, "So sue us"

2005-11-03T12:41:00.000-08:00

According to a comment posted on SysInternals:Btw, I checked with a sniffer. The DRM system connects to connected.sonymusic.com and www.sonymusic.com and tells them an id number, apparently identifying the album. So, sony knows your ip address and what you listen to.So, Sony is spying on you. Really sickening stuff. In related news, Amazon users are calling for a complete Sony Boycott.QUOTES FROM

For System Administrators

2005-11-03T09:49:00.000-08:00

Just some notes for system administrators1. Checking logs for previous break-in attempts.2. Checking server for existence of rootkits (used to hack and change programs on server without making them detectable to the admin) using multiple tools.3. Create an alternate account (userKabacha) or (userDRM) which will act as the root account.4. Changing the root login shell so even if a hacker breaks

Sony rootkit and viruses - Think again before installing that music cd from Sony

2005-11-03T06:42:00.000-08:00

Sony is installing rootkit and viruses on computers? I could have never believed it just a couple of years ago. But today seeing how greedy corporations are getting, I have no choice but to believe it.GameShout reportsSony is using spyware and rootkit technologies to prevent unauthorized copying of its music CDs. It has become the basis of a dispute that once again pits comptuer advocates against

Network Security Blacklist for November 1, 2005

2005-11-01T06:28:00.000-08:00

I have started a new blog about Network Security - Blacklists to publish blacklists of IP addresses involved in attacks.View today's blacklistsNetwork Security blacklists

Hackers - Go hack your mama!

2005-10-31T12:28:00.000-08:00

I am sick and tired of hackers trying to break in to my box. For them, all I can say isHACK YOUR MAMA!These are the machines involved in hacking attempts. I encourage you to go ahead and block these IPs. 3 attempts by 163.27.207.193 345 attempts by 211.5.239.194 8 attempts by 211.60.75.199 2 attempts by 84.243.73.25 14 attempts by ali.2kads.cz 17 attempts by c66.110.175-

SMUX - session management protocol

2005-10-30T22:29:00.000-08:00

Today, I got a question about SMUX. After answering the question, I decided to blog about it so you all can also become familiar with SMUX.What is SMUX?In short, SMUX is a session management protocol. SMUX separates the underlying transport from the upper level application protocols. According to W3C, SMUX aims to ease transitions to future Web protocols, and communications of client applets

Load Balancing and Failover - BalanceNG does it all

2005-10-30T22:11:00.000-08:00

Simplicity has its own rewards. BalanceNG by Inlab is a simple, but effective (gets the job done) load balancer and failover software product for Linux.Configurable via command line, BalanceNG puts you in control. Stay tuned as I will post about how to use BalanceNG for your server. In the meantime check'em out at http://www.inlab.de/If you use MySQL, you can checkout MySQL Planet. My MySQL

Restoring network configuration from an old drive

2005-10-30T01:51:00.000-08:00

If you have many IP addresses on a server, you can restore IP bindings from your old hard drivecp -p /old/etc/sysconfig/network-scripts/ifcfg-eth0* /etc/sysconfig/network-scripts/Restart network and verifyservice network restartifconfig

Linux System Integrity Monitor - Installation and Configuration Guide

2005-10-29T22:26:00.000-07:00

SIM - System Integrity Monitor# ./setup-i Install-q Quick install-u Uninstall-c Install/Uninstall cronjob--------Paths to pertent files for SIM are (defaults):- Executable: /usr/local/sim/sim- Executable symlink: /usr/local/sbin/sim- Config file: /usr/local/sim/conf.sim- Autoconf script: /usr/local/sim/autoconf- Autoconf symlink: /usr/local/

Brute Force Detection - BFD Installation

2005-10-29T22:08:00.000-07:00

Installing BFDwget http://www.r-fx.ca/downloads/bfd-current.tar.gzgunzip bfd-current.tar.gz tar -xvf bfd-current.tarsh install.shHere is the installation progress for brute force detection..: BFD installedInstall path: /usr/local/bfdConfig path: /usr/local/bfd/conf.bfdExecutable path: /usr/local/sbin/bfd Imported tracking and options from BFD 0.9 to 0.9.This is it. Our installation for

SSH - cannot login to web server - Access denied

2005-10-29T18:59:00.000-07:00

If you were editing the file /etc/passwd and during the process the server was rebooted, you may not be able to login to your box due to presence of /etc/.pwd.lock files. Try logging in as a user that can su to a super user and then fix the issue. The issue can also occur when there is a misconfiguration in sshd config file.

Mounting /tmp with noexec

2005-10-29T16:01:00.000-07:00

These commands will help you in creating a /tmp partition with noexeccd /dev# 100MB file for /tmpdd if=/dev/zero of=tmpMnt bs=1024 count=100000# extended filesystemmke2fs /dev/tmpMnt# backupcp -p -r /tmp /home/backup/tmp# if you have mysql.sock file, recreate the symbolic link for itcd /cp -R /tmp /tmp_backup# mount with noexecmount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmpchmod 0777 /tmp# copy

iptables - network firewall

2005-10-28T12:29:00.000-07:00

First log the ip address if it matches criteria/sbin/iptables -A INPUT -p tcp -s 59.104.0.0/15 --dport 25 -j LOG## and then reject#BLOCK / REJECT/sbin/iptables -A INPUT -p tcp -s 59.104.0.0/15 --dport 25 -j DROPGet the current firewall rules[root@plain iptables]# iptables --listChain INPUT (policy ACCEPT)target prot opt source destinationLOG tcp -- 59.104.0.0/15

Nessus - Network Administrators

2005-10-28T11:29:00.000-07:00

I tried compiling Nessus but kept getting errors. Then I found atrpm.net and downloaded (and verified sigs) the RPMs. The installation was a breeze from that point onwards.[root@plain nasl]# rpm --checksig libnessus-2.2.5-16.el3.at.i386.rpmlibnessus-2.2.5-16.el3.at.i386.rpm: (sha1) dsa sha1 md5 gpg OK[root@plain nasl]# rpm -ivh nessus-server-2.2.5-19.el3.at.i386.rpm nessus-2.2.5-19.el3.at.i386.

Virtual Memory - VMSTAT

2005-10-28T01:13:00.000-07:00

vmstat displays virtual memory information.vmstat referencevmstat: invalid option -- ?usage: vmstat [flags] [delay [count]] --noheaders, -n do not reprint the headers --active, -a print active/inactive page stats --bytes, -b print statistics in bytes --kb, -k print statistics in KB --mb, -m print statistics in MB --gb, -g print statistics in GB

Linux Network Security - Host Routing table using netstat

2005-10-28T00:46:00.000-07:00

netstat is a handy utility for network administrators as it provides a lot of information about network infrastructure for your server. The following comand will display host routing table for your server.netstat -rTo view all open portsnetstat -aTo view all open ports listening on your web servers without resolving the IP addresses in to domain namesnetstat -an# abbreviated help output for

Network Security - Port scan on your server for open ports

2005-10-28T00:38:00.000-07:00

Scan your web server for open ports that are currently listeningnmap -p 1-65535 localhostRunning nmap for the first time to scan your listening ports may take a few moments. After scanning all the open ports on your linux web server, nmap will return output similar to following.Starting nmap V. 3.00 ( www.insecure.org/nmap/ )Interesting ports on localhost.localdomain (127.0.0.1):(The 65528 ports

Upgrade Apache Web Server

2005-10-27T23:42:00.000-07:00

You should upgrade your webserver as often as possible. Here is how Apache web server can be upgraded on Red Hat Enterprise Linux 3 #upgrade httpdwget ftp://ftp.linux.ncsu.edu/pub/redhat/linux/updates/enterprise/3ES/en/os/SRPMS/httpd-2.0.46-54.ent.src.rpm#check rpmrpm --checksig httpd-2.0.46-54.ent.src.rpm# httpd-2.0.46-54.ent.src.rpm: (sha1) dsa sha1 md5 gpg OKrpm -Uvh httpd-2.0.46-54.

Critical Lynx Security Threat

2005-10-27T23:06:00.000-07:00

Upgrade lynx today"An attacker could ... execute arbitrary code as the user running lynx" - Red Hat An updated lynx package that corrects a security flaw is now available.This update has been rated as having critical security impact by the Red Hat Security Response Team. Lynx is a text-based Web browser.Ulf Harnhammar discovered a stack overflow bug in Lynx when handling connections to NNTP (

mail - email messages and mailing lists on linux dedicated server

2005-10-27T17:54:00.000-07:00

mailA server administrator should be a master of using mail to his benefit.Invoke mailmail run mail with mail mode (detail)mail -vUpon exiting mail, undeleted email messages are written to the mbox, which can be specified with -f or -u. For example, using -f mail -f /var/spool/mail/userand example of invoking mail to view email messages in a mailbox of user using -u mail -f /var/spool/mail/

Logwatch - Lets you keep an eye on your server security logs.

2005-10-27T17:49:00.000-07:00

If you have a web server with Linux operating system, you have logwatch installed but unless you know what you are doing, you have probably never cared enough to learn about logwatch. I will guide you about logwatch in this post.Logwatch notifies you with log summaries --------------------- pam_unix Begin ------------------------su: Authentication Failures: admin(500) -> root: 1 Time(s)

Network connections, routing tables, interface statistics - netstat

2005-10-27T17:30:00.000-07:00

If you manage a dedicated linux server, you can use netstat to print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships. Use netstat -a to get a report on all connectionsnetstat -areturns the following information on etwork connections, routing tables, interface statistics, masquerade connections, and multicast memberships Active

Disable Root Login - Computer Security - Linux

2005-10-27T17:02:00.000-07:00

Allowing root login to a web server is a big security threatBy disabling root access , you can help fight against brute force attacks.Your server should not allow root logins. Here is how you can accomplish this. Create a different super user with the same uid as root (0). See adding Linux users article for information on how to add new users. Change the shell in /etc/passwd file to /sbin/

New Server Security Hardening

2005-10-27T16:50:00.000-07:00

In this guide I will help you in hardening security on your server. Only follow this if you know what you are doing. I take no responsibility, you have been warned. Disable TelnetDisable root login CODE

Oneliner - Programming Languages - Count Failed login attempts in /var/log using AWK

2005-10-27T16:28:00.000-07:00

This bash oneliner will allow you to search a $logfile for $search and report the total occurrencessearch="Failed .*"; logile="/var/log/secure"; cat $logile | grep "$search" | awk -F: '{ print $7 }' | awk '{count[$1]++} END { for( i in count ) { if ( count[i] >= 5 ){print i "Total Failed Attempts: " count[i] ""} }}'Server administrators can use an alternative way to perform the same tasksearch="

Computer Security: CHMOD reference and examples

2005-10-27T14:09:00.000-07:00

chmod (change modifications) is an important utility. Unfortunately many Linux users don't take the time to fully understand chmodThree Types of files: d — a directory - (dash) — a regular file (rather than directory or link) l — a symbolic link to another program or file elsewhere on the system Permission "modes" r — file can be read w — file can be written to x —

Wildcards and Regular Expressions reference

2005-10-27T14:05:00.000-07:00

Wildcards and regular expressions reference * — Matches all characters ? — Matches one character \* — Matches the * character \? — Matches the ? character \) — Matches the ) character RHEL 3 Server Administration Guide

Difference between more and less

2005-10-27T14:02:00.000-07:00

In Linux, you can use both the more and less commands to paginate screens. I often wondered what the difference precisely is and today, I found it in RHEL 3 documentationls -al /etc | morels -al /etc | lessThe main difference between more and less is that less allows backward and forward movement using the arrow keys, while more only uses the [Spacebar] and the [B] key for forward and backward

Concatenate files with cat - BASH Linux

2005-10-27T14:01:00.000-07:00

cat lets you concatenate files. To combine contents of file1.txt and file2.txt into file3.txt, you would usecat file1.txt file2.txt > file3.txt

Disable Telnet - Stop unneeded services on your server

2005-10-27T13:12:00.000-07:00

You should never run telnet on your server. Always use sshd. To turn telnet off on your server, edit the file /etc/xinetd.d/telnet and replace disable = no with disable = yesAfter stopping, your code will look like:service telnet{ flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin