APF is a policy based iptables firewall system designed for ease of use and configuration. It employs a subset of features to satisfy the veteran Linux user and the novice alike. Packaged in tar.gz format and RPM formats, make APF ideal for deployment in many server environments based on Linux. APF is developed and maintained… Continue reading What is APF (Advanced Policy Firewall)? APF Firewall
Category: Command Line
Authentication token lock busy
This usually happens when you are trying to change a password while the root filesystem (or wherever /etc is) is mounted read-only, for example when you booted up using the init trick, or in some maintenance mode (runlevel, usually). You can mount a filesystem read-write using: mount -o remount,rw / (This can also be useful… Continue reading Authentication token lock busy
How do I Drop or block attackers IP with null routes?
Someone might attack on your system. You can drop attacker IP using IPtables. However one of our sr. sys admin highlighted something new for me. You can nullroute (like some time ISP do prevent your network device from sending any data to a remote system.) stopping various attacks coming from a single IP (read as… Continue reading How do I Drop or block attackers IP with null routes?
DNS Cache Poisoning Test
Q. How do I verify that my ISP or my own recursive resolvers are free from DNS cache poisoning bug that is promised full disclosure of the flaw by Dan on August 7 at the Black Hat conference? How do I test my dns server for DNS cache pollution or DNS Cache Poisoning bug? A.… Continue reading DNS Cache Poisoning Test
hwclock – query and set the hardware clock
set the system time from the hardware clock ============================================ root@s1 [~]# /sbin/hwclock –hctosys root@s1 [~]# set the hardware clock to the current system time ============================================ root@s1 [~]# /sbin/hwclock –systohc root@s1 [~]# root@s1 [~]# /sbin/hwclock –help hwclock – query and set the hardware clock (RTC) Usage: hwclock [function] [options…] Functions: –help show this help –show read… Continue reading hwclock – query and set the hardware clock
error: stat of /var/log/cron failed: No such file or directory
Hi guys… Today I faced a issue with a new VPS installed with EZ template Centos 5.2. I was preparing the VPS with logwatch, apf and other security and got cron error under roots mail. Cron errors shows log errors : /etc/cron.daily/logrotate: error: stat of /var/log/boot.log failed: No such file or directory error: stat of… Continue reading error: stat of /var/log/cron failed: No such file or directory
Securing MySQL.
Due to differing needs and requirements this is difficult to answer except on a case by case basis. The MySQL website has a section regarding general security of a MySQL database available here: http://dev.mysql.com/doc/refman/5.0/en/security.html Additionally some good practices are: Verify your root MySQL account password is set the test account and database that were created… Continue reading Securing MySQL.
iptables string match to drop malicious urls
iptables string match to drop malicious urls ================================== Usually modsecurity rules can help filter many malicious url attack patterns combined with apache on apache port (http|https). But what if a malicious attack using a vulnerable url pattern, that exposes or tries to break into your system is coming onto another port? This is where iptables… Continue reading iptables string match to drop malicious urls
Hotlink protection: How-To prevent people from stealing your files
Create an .htaccess file in your public_html directory with the following code: RewriteEngine on RewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !^http://(www.)?domain.com.*$ [NC] RewriteRule .(gif|jpg)$ – [F] Where domain.com is your domain.
semget: No space left on device
This relates to semaphores on your system (you’ve run out). Run the following to clear them out: ipcs | grep apache | awk ‘{print $2}’ > sem.txt for i in `cat sem.txt`; do { ipcrm -s $i; }; done; For cPanel servers : ipcs | grep nobody | awk ‘{print $2}’ > sem.txt for i… Continue reading semget: No space left on device