Posts

Showing posts from August, 2013

Kernel recompilation

Simple Steps: 1. cd /usr/src 2. wget -c http://kernel.org/pub/linux/kernel/v2.6/linux-2.6.20.tar.bz2 3. tar xvfj linux-2.6.20.tar.bz2 4. cd linux-2.6.20 5. make clean && make mrproper 6. make menuconfig 7  make clean 8. make bzImage 9. make modules 10. make modules_install 11.make install It will install three files into /boot directory as well as modification to your kernel grub configuration file:     System.map-2.6.25     config-2.6.25     vmlinuz-2.6.25 12. mkinitrd /boot/initrd-2.6.20.img 2.6.20 Then new compiled kernel shown in /etc/grub.conf with existing kernel,now you edit it with yourself with using default option      

Cpanel update failure in upcp

upcp errors on your cpanel update Most of time cpanel update won’t get any errors and shows like cpanel update failure in upcp. If you getting the following error when cPanel tries to update.  Running `/usr/local/cpanel/scripts/updatenow –upcp –log=/var/cpanel/updatelogs/update.12522061.log` failed, exited with code 25 (signal = 0) Check the following files which is OS version and cpanel sysinfo configuration. cat /etc/redhat-release cat /var/cpanel/sysinfo.config open your /var/cpanel/sysinfo.config file and  make sure “ rpm_dist_ver ” is not configured as “unknown”.  It should match the major version of the OS. change like rpm_dist_ver=5   if you OS is 5.9. For example : +-(root@cPanel)(04:51:50) +-(~)->cat /etc/redhat-release CentOS release 5.9 (Final) +-(root@cPanel)(04:44:19) +-(~)->cat /var/cpanel/sysinfo.config ises=2 lock= release=5.9 rpm_arch= rpm_dist=centos rpm_dist_ver=unknown +-(root@cPanel)(04:44:57) +-(~)->/usr/local

NAT in linux

network-address-translation (NAT) on a Linux system with iptables rules so that the system can act as a gateway and provide internet access to multiple hosts on a local network using a single public IP address. This is achieved by rewriting the source and/or destination addresses of IP packets as they pass through the NAT system. The system on which NAT is set up will act as the gateway for private network. According to this tutorial this computer should meet the following requirements: 1) It should have at least 2 NICs(network interface controllers). One to connect to Internet and the other to connect to the private network. 2) It should be running Linux. 3) It should have a kernel supporting iptables. Terminologies and Concepts The 2 interfaces concerned will be eth0 and eth1. eth0 -> This will be the interface connected to the Internet. eth1 -> This interface will be connected to the private network. Now, let us see if they are being recognized as network

How to reinstall the Grub Boot loader on Dedicated Linux Server

Below steps will help to rebuild / reinstall the corrupted or unknowingly deleted Grub Boot loader using the rescue mode in Redhat / Centos. Boot the system from Redhat / Centos Installation Disk/DVD or Flash Drive Type the ‘linux rescue’ command at the installation prompt to enter into the rescue environment. Type the command   ‘chroot /mnt/sysimage’ to mount the root partition. Type the command ‘/sbin/grub-install /dev/sda’ to reinstall the GRUB BOOT LOADER here boot partition is there in 'sda'.    Review the /boot/grub/grub.conf.   Then Reboot the server

RHEL / CentOS Linux: Mount and Access NTFS Partition

Image
H ow to enable NTFS support on CentOS Linux version 5 or 6? How do I mount ntfs partition under RHEL 5 or 6? First, you need to install EPEL repo as described here . The following command will turn in EPEL repo on RHEL / CentOS version 6.x: $ cd /tmp # rpm -ivh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm NTFS-3G NTFS-3G is a stable, open source, GPL licensed, POSIX, read/write NTFS driver for Linux. It provides safe handling of the Windows XP, Windows Server 2003, Windows 2000, Windows Vista, Windows Server 2008 and Windows 7 NTFS file systems. NTFS-3G can create, remove, rename, move files, directories, hard links, and streams; it can read and write normal and transparently compressed files, including streams and sparse files; it can handle special files like symbolic links, devices, and FIFOs, ACL, extended attributes; moreover it provides full file access right and ownership support. How Do I Install NTFS-3G? Type the following

whitelist particular domain in spamassassin for server wide.

For example you have want to whitelist *@abc.com in the server.There is one option in spamassasin to whitelist this,but you have only whitelisted this for each user account which means you have login into each cpanel account and manually whitelisted *@abc.com in spamassassin under mail option. But I have created one script to whitelist this *@abc.com for all accounts[server level]. Step1: Go to exim configuration manager, Enabled this option"" SpamAssassin™: Forced Global ON "". Then try this script.[one by one]  for i in `ls /var/cpanel/users` ; do mkdir /home/$i/.spamassassin ; done for i in `ls /var/cpanel/users` ; do touch /home/$i/.spamassassin/user_prefs  ; done for i in `ls /var/cpanel/users` ; do echo whitelist_from *@abc.com  > /home/$i/.spamassassin/user_prefs  ; done for i in `ls /var/cpanel/users` ; do chown $i.$i /home/$i/.spamassassin ; done for i in `ls /var/cpanel/users` ; do chown $i.$i /home/$i/.spamassassin/user_prefs ; done Thats

Domlog files are not getting updated.

Image
Today, I noticed that awstat not showing any usage and while checking, I could see that no logs are getting added to the domlogs file. I checked awstat settings in the server via WHM and everything was fine. I googled the issue a lot and finally end up with the following fix. FIX: Open the apache conf. #vi /usr/local/apache/conf/httpd.conf Search for the line ——– ErrorLog /usr/local/apache/logs/error_log ——– Beneth that line add the following: ——– LogFormat “%h %l %u %t “%r” %>s %b “%{Referer}i” “%{User-Agent}i”” combined LogFormat “%{Referer}i -> %U” referer LogFormat “%h %l %u %t “%r” %>s %b” common LogFormat “%{User-agent}i” agent ——– Save and exit, then run: ——– /usr/local/cpanel/bin/apache_conf_distiller –update /usr/local/cpanel/bin/build_apache_conf restart apache /scripts/restartsrv_httpd ——– Awstat started updating itself at last.

Change shared memory ownership and permission

We know that we can use ipcs to view shared memory segment information,we can use ipcrm to delete a segment. But wait. Assume that you first run a program as root user,  which creates a shared memory segment of 40GB size. Then you realize that for security resaon, we should use as less privilege as possible, so you decide to run it as the nobody user. However, because the segment was created with perm 0600, the nobody user can’t access it. You definitely don’t want to dump the whole memory and recreate a new segment and recover.  It would be nice if we can simply change the ownership and permission of the  segment. So I created the tool called chshm for this purpose, Usage: ./chshm [Options] shmid ... Options: -u|--user change owner to -g|--group change group to -m|--mode change mode to in octal eg: ./chshm -u nobody -m 0660 65535 This will change shm id 65535's owner to nobody, mode to 0660

How to find PHP Shell on your server

In most of the hacking or defacing the most common tool used is PHP Shell. If you scan your server regularly for php shell and delete them you can avoid many hacking and defacing attempt on your server. #!/bin/bash #Scanning all users directory for various php shell # Below command is one line so see that its one line in your script or else it will generate error echo "No PHP Shell was Found" > /root/scan.txt /bin/egrep "cgitelnet|webadmin|PHPShell|tryag|r57shell|c99shell|noexecshell|/etc/passwd|revengans|myshellexec" /home/*/public_html -R | cut -d: -f1 | uniq > /root/scan.txt /bin/cat /root/scan.txt | mail -s "PHP Shell Scan" user@domain.com #Replace your email address above #Cron Settings # 0 6 * * * PATH TO SCRIPT The above script is a very simple shell script which will scan all public_html directories of all cpanel accounts for various php shell. Then the script will mail you the locations of