Category: Linux

Linux faq, HowTos, Tips & Tricks, Optimization, tools.

Categories
Linux Scripts

Emergency DOS or DDOS stopping script for Linux

DDOS Attack
Click to view in Original size.

If you are under a DOS or DDOS attack and running out of your mind or don’t know what to do, use this script to get ride of this panic situation.

DoS or DDoS is an attempt to make a victim website unavailable by creating hundreds to hundreds thousands of established connections that overflow victim resources and makes a website unavailable to the genuine users/visitors.

Short and useful slide that definite this script can be view on slideshare

You can run script to mitigate a low level ddos attack some how while and can stop DOS attack completely. This script is available under GPL license from the author.

How to mitigate DoS or DDoS attack?

Stop or flush other rules for now :

service apf stop
iptables -F
wget http://www.hackersgarage.com/wp-content/uploads/2011/08/antiDDoS.txt
mv antiDDoS.txt antiDDoS.sh
chmod u+x antiDDoS.sh
./antiDDoS.sh

Continue reading “Emergency DOS or DDOS stopping script for Linux”
Categories
HowTos Linux

How to track Linux Shell Users activity?

Linux Shell users loggingQuestion:

I am managing a team of Linux System Administrators, which manages a large number of servers remotely. This admins require root level privileges on servers. Now how can I keep track of each user activity for audit purpose and to keep record of each command is executed on server. Recommend open source application on Linux.

There are couple of available tools/scripts on Linux to achieve this goal. But we have found Rootsh a simple solution to this hitch.

What is rootsh?

rootsh is a shell wrapper that logs all keystrokes of a terminal with output and save it into a file whcih is randmoly generated for each user. rootsh also supports logging into syslog but it is bad idea because syslog file can easily be removed by a root user.

We will create a separate folder for logs where we will apply group level privileges & apply append attribute to restrict the group members to write/read only to this folder so our files would be secured.

How to install rootsh?

cd /tmp/

wget http://sourceforge.net/projects/rootsh/files/rootsh/1.5.3/rootsh-1.5.3.tar.gz/download
tar -zxvf rootsh-1.5.3.tar.gz

Create logs directory :

mkdir -vp /secure/admins-logs
./configure --disable-syslog --disable-linenumbering --with-logdir=/secure/admins-logs/
make && make install

Create a group for your admins so limited users can write to this folder.

groupadd admins

Creating a testadmin user and adding it to the group.

useradd testadmin
usermod -G testadmin admins

Applying appropriate permissions to logs folder & apply attributes.

chmod 770 /secure/admins-logs
chgrp admins /secure/admins-logs
chattr +a /secure/admins-logs

Edit /etc/shells – to allow our new loggable shell.

echo "/usr/local/bin/rootsh" >> /etc/shells

Enable logging for our user “testadmin”

vim /etc/passwd

search for a user testadmin and replace /bin/bash with /usr/local/bin/rootsh

Thats it! Now, try to login in with testadmin and you should see a log file created with username+timestamp e.g /secure/admins-logs/testadmin.3243423432.log

If you have any question, feel free to ask in comments.

Categories
HowTos Linux

How to use WorldCall EVDO USB on Linux?

Few days back, one of our friend from Pakistan requested us to write a recipe to Use WorldCall USB on Linux. By default Linux 2.6 Kernel support USB EVO devices but it required a little configuration in /etc/wvdial.conf.

BTW We are using BackTracK 5 Linux on our stations.

Configuring WorldCall usb on linux :

Install a PPP dialer on Ubuntu/BackTrack Linux

aptitude install wvdial

lsusb

You should see following
Bus 004 Device 002: ID 16d5:6502 AnyDATA Corporation

vim /etc/wvdial.conf

copy & paste following configuration,

[Dialer Defaults]
init1 = ATZ
init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
;init3 = AT+CGDCONT=1,"IP","data:tre:se"
Modem Type = USB Modem
Dial Command = ATDT
Baud = 460800
New PPPD = yes
Modem = /dev/ttyUSB0
Stupid Mode = 1
ISDN = 0
Phone = #777
Username = wcall@worldcall.com
Password = wcall

Run wvdial and start surfing internet 🙂

wvdial

DONE!

Categories
HowTos Linux

How to install Memcache on CPanel / WHM running CEntOS

PHP

Few days back I was working for a client where I had to transfer one application to a new server. Application had memcache php extension need and the following error appeared in apache error log ;

PHP Fatal error: Class ‘Memcache’ not found in

If you are having difficulties in same situation you should stay away from recompiling your php using /scripts/easyapache – BAD IDEA.

Solution is simple, build memcache and include it in php.ini. Let see, how we do it.

Step 1 – Download memcache

mkdir repo
cd repo
wget http://pecl.php.net/get/memcache-3.0.6.tgz
tar -xvfz memcache-3.0.6.tgz

Step 2 – Compilation & installation

cd memcache-3.0.6
phpize

you should see something like this;

Configuring for:
PHP Api Version: 20041225
Zend Module Api No: 20060613
Zend Extension Api No: 220060519

./configure
make
make install

Step 3 – Load in php.ini

Enable memcache in php.ini.

echo "extension=memcache.so" >> /usr/local/lib/php.ini
service httpd restart

Categories
HowTos Linux Troubleshootings

CPanel / WHM Troubleshootings & Short HowTos

CPanel / WHM

CPanel is a popular WHM solution. In past few days, i faced trouble while working with it. Thought to share with you if you face the same problem.

/scripts/easyapache

Not a HASH reference at /var/cpanel/perl/easy/Cpanel/Easy.pm line 340

Solution
/scripts/checkperlmodules --full

How to Disable ConfigServer Security & Firewall
/etc/csf/uninstall.sh

How to Disable Mandatory SSL (Web Login to WHL)
vim /var/cpanel/cpanel.config

Find,

alwaysredirecttossl=1
requiressl=1

And change the “1” to “0”, and save the file changes.
Now execute the following command to effect the changes;
/usr/local/cpanel/whostmgr/bin/whostmgr2 --updatetweaksettings

How to Install RRDTOOL
Download the required packages and execute rpm to install it.
wget http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-1.2.23-1.el5.rf.x86_64.rpm
wget http://dag.wieers.com/rpm/packages/rrdtool/perl-rrdtool-1.2.23-1.el5.rf.x86_64.rpm
wget http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-devel-1.2.23-1.el5.rf.x86_64.rpm
rpm -ivh rrdtool-1.2.23-1.el5.rf.x86_64.rpm rrdtool-devel-1.2.23-1.el5.rf.x86_64.rpm perl-rrdtool-1.2.23-1.el5.rf.x86_64.rpm

[ipcheck] Problem with DNS setup on

When your server hostname doesn’t resolve to IP address and you don’t want to add ‘A’ record in your dns, you will have to disable this script to stop sending these alerts.

ls -l /scripts/ipcheck

-rwxr-xr-x 1 root root 7428 Jun 28 18:47 /scripts/ipcheck

chmod  000 /scripts/ipcheck

Make it write protected, so its permission won’t change.

chattr +i /scripts/ipcheck

ls -l /scripts/ipcheck

———- 1 root root 7428 Jun 28 18:47 /scripts/ipcheck

Categories
Linux Troubleshootings

Openx – configuration file is locked for security reasons

Openx is enterprise class ad inventory solution for your business. Normally I carry out its configuration from command line interface but this moment I decided to enable one plugin using UI (Web based Interface) but it failed and the following error appeared on screen:

It is not possible to edit all settings because the configuration file is locked for security reasons. If you want to make changes, you may need to unlock the configuration file for this installation first.

 

I tried to see all option but didn’t find a way to unlock the configuration file. Finally I found that its config file should be writable by your apache user.

To UnLock Configuration File :

chmod 666 /home/hackersgarage/public_html/var/ads.hackersgarage.com.conf.php

To Lock Configuration file back :

chmod 644 /home/hackersgarage/public_html/var/ads.hackersgarage.com.conf.php

It is recommended to lock it back when you are finished with your web based configuration.