DNS Overview

Most records will be A records. This allows the greatest versatility in pointing your domain names where you want them go. Each record consists of a host name and an IP address.

Host field: The host name for that particular A record. The host name should be what precedes the .domain.com in your FQDN (fully qualified domain name). For instance, on www.domain.com, “www” is the host (without the quotation marks). Whatever is listed here, the lookup will automatically append “.domain.com” to the query. A blank A record ( domain.com rather than host.domain.com) is created by putting a ‘@’ sign in the host name field.

Common “A” records include: www.domain.com, ftp.domain.com, mail.domain.com, webmail.domain.com, mysql.domain.com

Points to field: This is where you list the IP address to which the host name should point.

CNAME section:

CNAME records point to domain names instead of IP addresses. The benefit to using a CNAME record is you can point a host to a particular domain name then only modify the target domain name’s A records to have the change take place on both domains. This is commonly used by those who own several TLD versions (.com, .net, .org, etc.) of the same domain.

For example, you own domain.com and you also own domain.net and you want the records to point to the same IP. You can create CNAME records for the www host of domain.net that point to www.domain.com. Then all you have to do to change the www host of domain.net is modify the A record of www.domain.com to point to its new IP address and www.domain.net is automatically changed:

A common mistake to using this method is that you can accidentally modify the records for several domains when you only intend to change one. I.E. – you have to make a note of which domains point to each other

Host field: The host name for that particular CNAME record. The host name should be what precedes the .domain.com in your FQDN. For instance, on www.domain.com, “www” is the host (without the quotation marks). Whatever is listed here, the lookup will automatically append “.domain.com” to the query. A blank A record ( domain.com rather than host.domain.com) is created by putting a ‘@’ sign in the host name field.

Points to field: The name that the record points to. This must be a domain name, and not an IP address. The domain name must also end with a dot. Otherwise, the domain record will wrap down when queried to the next period in the zone file.

MX section:

The MX section is the area that handles the direction of mail.

Priority field: This allows you to select your preference for an individual MX records. Records are procesed in order starting with the lowest priority and working to higher priorities. What this means is, if you have two mailservers or a mailserver and a mail spooler, set the lower priority to your main mailserver and a higher priorty to your backup mailserver or mail spooler.

Host field: You can specify a mail host name here, but in most cases it is not necessary. What is recommended is to create a blank host (use a ‘@’ for the host name) and point it to your mail server.

Goes to field: The address of the mail server. What is commonly done here is using the mail hostname you created in the A record section to point your mail.

It is highly recommended that you point MX records to a domain name, and that domain name (just like a CNAME record) must end with a dot.

TXT section:

A TXT record generally is a record that you can query which return information about a domain. These can be used for SPF indicators, crafting port an protocol connections, or just returning information about a domain. These are most commonly used with the spf protocol.

Name: The host that the TXT record can be queried by.

Value: What the TXT record will return, placed in quotes.

Error: Cannot find SSL binaries under /usr

This happens with the configure script for apache cannot find the “openssl” (or “ssleay”) binaries in any of
/usr/bin/openssl
/usr/sbin/openssl
/usr/apps/openssl

The usual location for “openssl” is /usr/bin/openssl

On a debian system, run

apt-get install openssl

Crontab basics

cron is a unix, solaris utility that allows tasks to be automatically run in the background at regular intervals by the cron daemon. These tasks are often termed as cron jobs in unix , solaris.
Crontab (CRON TABle) is a file which contains the schedule of cron entries to be run and at specified times.


Crontab syntax


A crontab file has five fields for specifying day , date and time  followed by the command to be run at that interval.

*     *   *   *    *  command to be executed
–     –    –    –    –
|     |     |     |     |
|     |     |     |     +—– day of week (0 – 6) (Sunday=0)
|     |     |     +——- month (1 – 12)
|     |     +——— day of month (1 – 31)
|     +———– hour (0 – 23)
+————- min (0 – 59)

* in the value field above means all legal values as in braces for that column.
The value column can have a * or a list of elements separated by commas. An element is either a number in the ranges shown above or two numbers in the range separated by a hyphen (meaning an inclusive range).

Crontab Example

min      hour      day/month      month      day/week       Execution time
30     0     1     1,6,12     *     — 00:30 Hrs  on 1st of Jan, June & Dec.

0     20     *     10     1-5     –8.00 PM every weekday (Mon-Fri) only in Oct.

0     0     1,10,15     *     *     — midnight on 1st ,10th & 15th of month

5,10     0     10     *     1     — At 12.05,12.10 every Monday & on 10th of every month


By default cron jobs sends a email to the user account executing the cronjob. If this is not needed put the following command At the end of the cron job line .

>/dev/null 2>&1


To collect the cron execution execution log in a file :

30 18  *    *   *    rm /home/someuser/tmp/* > /home/someuser/cronlogs/clean_tmp_dir.log

How to forward a website to another url using PHP

There are several ways to accomplish this task, but the simplest to understand is to use php.

To do this, you need to create the page that will do the forwarding. This can be any page, as long as it ends in “.php”. If you are trying to redirect a domain, you’d create “index.php” inside the public_html directory.

Once you decide which page you will use, then create the file and enter the following text:

<?php
header(“Location: http://whereyouwant.com/to/go.html“);
?>

Where http://whereyouwant.com/to/go.html is the location that you want the page to forward to. You can use local values, ie: /page.html, or full urls as in the above example (http://..etc.)

Apache : Showing files in a directory

Showing files in a directory
If you want to list all files in a directory that doesn’t use an index.html (or index.php) file, you can create an .htaccess file with the following contents:

Options +Indexes

This will tell apache that you want to list all files in the directory.

Plesk 9.3 Latest update of openssl breaks Parallels Panel :: Starting Plesk… failed

Latest update of the openssl package from CentOS breaks Parallels Panel 9.x. The following errors are displayed in the /var/log/sw-cp-server/error_log file when Panel is trying to start:

# tail /var/log/sw-cp-server/error_log
2010-04-07 01:56:38: (log.c.75) server started
2010-04-07 01:56:38: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-04-07 01:57:59: (log.c.75) server started
2010-04-07 01:57:59: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-04-07 01:57:59: (log.c.75) server started
2010-04-07 01:57:59: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-04-07 02:13:38: (log.c.75) server started
2010-04-07 02:13:38: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-04-07 02:13:38: (log.c.75) server started
2010-04-07 02:13:38: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)

# service psa start
Starting xinetd service... done
Starting named service... done
Starting mysqld service... done
Starting postgresql service... not installed
Starting psa-spamassassin service... done
Plesk: Starting Mail Server... already started
Starting mail handlers tmpfs storage
Starting Plesk... failed
Starting drwebd service... not installed
#

To fix this you need to update Parallels Panel web-engine:

1. Download the appropriate package using the wget utility. Example for CentOS 5 x86:
#wget -c http://kb.parallels.com/Attachments/12669/Attachments/sw-cp-server-1.0-6.201004011105.centos5.i386.rpm

2. Install the downloaded package. Example for CentOS 5 x86:
#rpm -Uhv sw-cp-server-1.0-6.201004011105.centos5.i386.rpm

# rpm -Uhv sw-cp-server-1.0-6.201004011105.centos5.i386.rpm
Preparing... ########################################### [100%]
Stoppping SWsoft control panels server... stale pidfile. [ OK ]
1:sw-cp-server ########################################### [100%]
Starting SWsoft control panels server...[ OK ]

-bash-3.2# service psa start
Starting xinetd service... done
Starting named service... done
Starting mysqld service... done
Starting postgresql service... not installed
Starting psa-spamassassin service... done
Plesk: Starting Mail Server... already started
Starting mail handlers tmpfs storage
Starting Plesk... done
Starting drwebd service... not installed
-bash-3.2#

Uninstall APF

Sometimes we may require to remove APF from the server. Here is a guide which shows how to remove APF completely from the server.

Stop the firewall first
service apf stop
/bin/rm -rfv /etc/apf
Remove the cron for APF
/bin/rm -fv /etc/cron.daily/fw
/bin/rm -fv /etc/init.d/apf
lastly disable at startup
chkconfig apf off

This should remove APF completely from the server as we removed the APF daemon, cron and files.

How to change time zone in Linux !

1. Log in as root, check which timezone your machine is currently using by executing `date`. You’ll see something like “Mon Feb 12 05:09:00 CST 2007″, CST in this case is the current timezone.

2. Change to the directory to /usr/share/zoneinfo, here you will find a list of time zone regions. Choose the most appropriate region. If you live in Canada or the US this directory is the “Americas” directory.

3. If you wish, backup the previous timezone configuration by copying it to a different location. Such as `mv /etc/localtime /etc/localtime-old`.

4. Create a symbolic link from the appropiate timezone to /etc/localtime. Example: `ln -s /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime`.

5. If you have the utility rdate, update the current system time by executing `rdate -s time.nist.gov` or `rdate -s rdate.cpanel.net`

6. Synchronize hardware clock with system clock by executing: ` /sbin/hwclock –systohc`

🙂

What is APF (Advanced Policy Firewall)? APF Firewall

APF is a policy based iptables firewall system designed for ease of use and configuration. It employs a subset of features to satisfy the veteran Linux user and the novice alike. Packaged in tar.gz format and RPM formats, make APF ideal for deployment in many server environments based on Linux. APF is developed and maintained by R-fx Networks: http://www.rfxnetworks.com/apf.php

This guide will show you how to install and configure APF firewall, one of the better known Linux firewalls available.10

Requirements:
– Root SSH access to your server

Lets begin!
Login to your server through SSH and su to the root user.

cd /root/downloads or another temporary folder where you store your files.

2. wget http://www.rfxnetworks.com/downloads/apf-current.tar.gz

3. tar -xvzf apf-current.tar.gz

4. cd  apf-9.6-5/ or whatever the latest version is.

5. Run the install file: ./install.sh
You will receive a message saying it has been installed

Installing APF 9.6-5: Completed.
Installation Details:
Install path:         /etc/apf/
Config path:          /etc/apf/conf.apf
Executable path:      /usr/local/sbin/apf
Other Details
Listening TCP ports: 53,2086,2087,3306
Listening UDP ports: 53,39437

Note: These ports are not auto-configured; they are simply presented for information purposes. You must manually configure all port options.

6. Lets configure the firewall: nano -w /etc/apf/conf.apf
We will go over the general configuration to get your firewall running. This isn’t a complete detailed guide of every feature the firewall has. Look through the README and the configuration for an explanation of each feature.

We like to use DShield.org’s “block” list of top networks that have exhibited
suspicious activity.
FIND: USE_DS="0"
CHANGE TO: USE_DS="1"

7. Configuring Firewall Ports:

Cpanel Servers
We like to use the following on our Cpanel Servers

Common ingress (inbound) ports
# Common ingress (inbound) TCP ports -3000_3500 = passive port range for Pure FTPD
IG_TCP_CPORTS="21,22,25,53,80,110,143,443,2082,2083, 2086,2087, 2095, 2096,3000_3500"
#
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="53"

Common egress (outbound) ports
# Egress filtering [0 = Disabled / 1 = Enabled]
EGF="1"

# Common egress (outbound) TCP ports
EG_TCP_CPORTS="21,25,80,443,43,2089"
#
# Common egress (outbound) UDP ports
EG_UDP_CPORTS="20,21,53"

Ensim Servers
We have found the following can be used on Ensim Servers – although we have not tried these ourselves as I don’t run Ensim boxes.

Common ingress (inbound) ports
# Common ingress (inbound) TCP ports
IG_TCP_CPORTS="21,22,25,53,80,110,143,443,19638"
#
# Common ingress (inbound) UDP ports
IG_UDP_CPORTS="53"

Common egress (outbound) ports
# Egress filtering [0 = Disabled / 1 = Enabled]
EGF="1"

# Common egress (outbound) TCP ports
EG_TCP_CPORTS="21,25,80,443,43"
#
# Common egress (outbound) UDP ports
EG_UDP_CPORTS="20,21,53"

Save the changes: Ctrl+X then Y

8. Starting the firewall
/usr/local/sbin/apf -s

Other commands:
usage ./apf [OPTION]
-s|--start ......................... load firewall policies
-r|--restart ....................... flush & load firewall
-f|--flush|--stop .................. flush firewall
-l|--list .......................... list chain rules
-st|--status ....................... firewall status
-a HOST CMT|--allow HOST COMMENT ... add host (IP/FQDN) to allow_hosts.rules and
immediately load new rule into firewall
-d HOST CMT|--deny HOST COMMENT .... add host (IP/FQDN) to deny_hosts.rules and
immediately load new rule into firewall

9. After everything is fine, change the DEV option
Stop the firewall from automatically clearing itself every 5 minutes from cron.
We recommend changing this back to “0” after you’ve had a chance to ensure everything is working well and tested the server out.

nano -w /etc/apf/conf.apf

FIND: DEVM="1"
CHANGE TO: DEVM="0"

10. Checking the APF Log

Will show any changes to allow and deny hosts among other things.
tail -f /var/log/apf_log


DDOS Check !

A quick and usefull command for checking if a server is
under ddos is:

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n