Linux « ActiveSpark

SSH Filter and Server Security Apps

June 24, 2009 activespark 5 comments

In simple one line sshdfilter is an application that will help you block the ssh attacks. Its a good little application easy to configure. I and my colleagues had already written the complete steps to install and configure the sshdfilter at the following URL:- SSHDFilter. Please go through the article and let us know if there is something you would like to add or would like to know.

we had this little app installed on our company’s internal servers and found it quite good. But honestly speaking, I would suggest if you want a good security for your server, i would also suggest the same common apps that most webhost guys suggest and sshdfilter is not one of them, The first thing is the Firewall and i recommend APF (Advanced Policy Firewall) it uses iptables internally, but is a handy app for any sysadmin.

The second and a very important recommended app is the BFD (Brute Force Detection) It Detects and blocks brute force attacks.

Categories: Linux Tags: admins, Linux, liquidweb, security, sshdfilter, sysadmin, webhost

Useful tools for sysadmins from SmashingApps.com

June 16, 2009 activespark Leave a comment

Well i had already written a little article on smashingapps.com, and the webhsoting category page is must visit for sysadmins, Well in this article i picked out some apps which i think would surely be useful for Sysadmins:

1) Server Check – http://www.servercheck.me

Welcome to Server Check – the online server checking resource. Check if a website is working or if a server is offline, lookup a server’s IP address, search for other domain names and websites hosted on a server – all FREE tools provided by ServerCheck.ME

2) CentralOps – http://www.centralops.net

CentralOps.net

Advanced Online Internet Utilities – This is one of the oldest online tools site used by many sysadmins worldwide. The First Link of “Domain Dossier” is excellent it not only shows you the domain registrar details of the website, but also shows you the complete DNS of the Site and also checks the sevices for you. Surely, Check this site out, It has some really useful utilities. Also checkout the other useful sites like network-tools.com, mxtoolbox.com, intodns.com and checkdns.net

3) phpWatch – http://aaron-rosenfeld.com

phpWatch is a general purpose service monitor that is able to send notifications of outages via e-mail or text-message (SMS). The purpose of this system is two-fold: it allows administrators to easily check the status of many different services running on any number of servers and also allows developers to interface with the query and notification APIs.

A demonstration of the administrator view is available at – http://aaron-rosenfeld.com/phpWatch/demo

4) PHP Web Stat – http://www.php-web-statistik.de

The PHP Web Stat offers you a highly configurable web tracker and detailed real-time web stat script. You will be able to analyze and monitor all visitors of your website. The script is totally FREE and licensed under the GNU General Public License (GPL).

5) osTicket – http://osticket.com

osTicket is a widely-used open source support ticket system. Easily manage, organize and archive all your support requests and responses in one place. Your clients will also be able to view ticket’s status and history online.

Categories: Linux

Commands to Find out the Hardware info of a Linux machine

December 23, 2008 activespark Leave a comment

Hello, i have come up with this little post, the thing is many a times when we would require and Hardware info of any PC in our oprganisation, like the amount of RAM, no of HDDs connected, the Processor, the motherboard, the motherboard serial no. and etc, whenever such info was required, the Hardware Guy would go to the User’s place and shut down the PC, open up the cabinet and write down all the hardware info on a piece of paper.

This sounds foolish, when you have a linux PC why you need to do all this. Yes, But this happens in most of the organisations in mumbai who are running linux on their Desktops or Servers.

So Here’s a small post on the Tools, utilities and commands to find the Hardware info without the need to shutdown the PC and open up the cabinet.

Some info that are required by the Desktop admins or the Hardware admins to keep an inventory of the system or for any other purpose :-

The Processor model, type, its frequency, max speed, cache, etc.
RAM
HDD
Motherboard model, chipset, serial no., etc
Soundcard
NetworkCard

Tools :-

1) dmidecode – standardized description of a PC hardware including characteristics such as BIOS serial number and hardware connectors
2) hardinfo – displays information about your hardware and operating system
3) hwinfo – information about the hardware installed on a system
4) sysinfo – displays computer and system information
5) sysutils :- procinfo
6) lspci
7) lshw

Tool 1:-

dmidecode :- you can find many detailed info about the hardware.
# dmidecode -t smbios (will give you all the valid keywords to find the system information)

# dmidecode -t smbios
Invalid type keyword: smbios
Valid type keywords are:
bios
system
baseboard
chassis
processor
memory
cache
connector
slot

# dmidecode -t bios (will give the complete bios information including vendor, release date, and what all things are supported by the Bios

# dmidecode -t processor (will give the info about the CPU vendor, model, capacity, speed, voltage, clock, cache)

# dmidecode -t slot (will give the info of the no. of PCI slots)

Categories: Linux Tags: commands, firmware, hardware, Linux

creating a ssl certificate

September 23, 2008 activespark 3 comments

A little tutorial on creating an SSl certificate, you can also generate your own self signed certificate to be used in the intranet or for demo :-

1) The first step is to create your RSA Private Key. This key is a 4096 bit RSA key which is encrypted using Triple-DES and stored in a PEM format so that it is readable as ASCII text.

>> openssl genrsa -des3 -out domainname.com.key 4096

Once you run the above command, it will ask you to enter a Pass phrase for your domain key file.

2) Generating a CSR (Certificate signing request) :-

Once the private key is generated a Certificate Signing Request can be generated. The CSR is then used in one of two ways. Ideally, the CSR will be sent to a Certificate Authority, such as Thawte or Verisign who will verify the identity of the requestor and issue a signed certificate. or you can use it to create your own self signed certificate for intranets or for demo purpose.

These are the X.509 attributes of the certificate. One of the prompts will be for “Common Name (e.g., YOUR name)”. It is important that this field be filled in with the fully qualified domain name of the server to be protected by SSL. If the website to be protected will be https://domainname.com, then enter domainname.com at this prompt. If you want to create a so called “wildcard” certificate, which means the same certificate can be used on an unlimited number of subdomains, just enter an asterisk as the hostname, in our example that would be *.domainname.com.

Categories: Linux Tags: apache, certificate, csr, ssl

error while compiling PHP

August 29, 2008 activespark Leave a comment

while compiling PHP if you get the error

configure: error: utf8_mime2text() has new signature, but U8T_CANONICAL is missing

then you need to install

libc-client-devel package

if you are using a debian/ubuntu pc you need to search for the deb package and if on a redhat or centos or fedora pc then search for the rpm file.

Categories: Linux Tags: compile, error, php

cpanel exim – not able to send mails

August 6, 2008 activespark Leave a comment

Hello,

If your users are complaining that they are not able to send mails, a case where their internet is working, but when they try sending mail from their email client like outlook, outlook express, thunderbird, eudora, etc. and in their mail client they are getting an error like ‘not able to connect to the smtp on the server ….’

you may find that when you configure their email account , you may be able to send mails , but they are not, their email client is not even able to connect to your smtp server, and ehn you check , you may find that you are even able to telnet to your port 25 and 110

You may think that it may be the ISP’s issue at the customer’s end.

But its not the same always.

This time we figured outthat the relayd on exim was not working, we asked the user for their public ip address.

and entered the ip address in

# /etc/relayhosts

# /etc/relayhostsusers

then restart the exim.

This helped us, the issue was solved, the user was able to send mails

Categories: cpanel, exim, Linux Tags: cpanel, exim, mails

local MySQL server’s socket is not correctly configured

August 5, 2008 activespark Leave a comment

The server is not responding (or the local MySQL server’s socket is not correctly configured)

check for the mysql first, if not running restart and check, if running

search for mysql.sock file

make sym link in /tmp folder

#ln -s /var/lib/mysql/mysql.sock /tmp/mysql.sock

Then restart the mysql and then the apache.

Categories: cpanel, Linux Tags: cpanel, mysql, php, phpmyadmin

SmashingApps.com

August 4, 2008 activespark Leave a comment

smashingapps is one cool site i visit quite often, you can find many useful web resources on this site, one cool thing i found today was the creative logo masterpieces on this URL:- Creative masterpieces of Logo Designs I am also adding some of the logo designs in here: