Johnny Leche's Spiff Linux Stuff

  1. Restarting Sendmail
  2. Restarting MySQL
  3. Resetting the root password
  4. Blocking spam from IPs
  5. How do I change my password?
  6. How do I change somebody else's password?
  7. How do I use screens?
  8. What if I have more than one screen running?
  9. How do I enable FTP on Slackware 10?
  10. I just installed squirrel mail on my new server but I get a "Error connecting to IMAP server: localhost. 111 : Connection refused" error. Can you help me out?
  11. How do I find out who owns files in a certain location?
  12. How do I log in as a different user?
  13. How do I scan for open ports?
  14. How do I change the owner of a file?
  15. How do I delete a whole directory?
  16. How can I find out how much space is left on my hard drives?
  17. How do I start/stop/restart my Apache server?
  18. I just set up a new server but I can't connect through it from my gaming machine to the Internet. What should I do?
  19. How can I get all those emails to admin and webmaster and stuff forwarded to my regular email?
  20. Is there a way to stop people trying to log in as root?
  21. How do I see hidden files or directories?
  22. Some scrub is trying to crack into my server. How can I stop that assmonkey?
  23. Setting the server clock


Restarting Sendmail
If your root password stops working because of hackers or you are trying to turn on mysql like has happened to me twice...
  1. Login as root
  2. type /etc/rc.d/rc.sendmail restart


Restarting MySQL
This is assuming you had MySQL already running at some point
  1. Login as the mysql user (log in as root and then type su mysql to swith to the mysql user if you don't know the mysql user password)
  2. Type /etc/rc.d/rc.mysqld restart


Resetting the root password
If your root password stops working because of hackers or you are trying to turn on mysql like has happened to me twice...
  1. Boot up the server using your Slackware disc
  2. Mount the OS hard drive
    • /dev/hda1 /mnt
  3. Go to the /mnt/etc/ directory
    • cd /mnt/etc
  4. Open shadow
    • vi shadow
  5. Blank out the password for root
    • Move to the root password and press x to remove characters
    • Example edit of /mnt/etc/shadow

      root:jei8DkE/hf06siGldjQke0:12190:0:::::

      change to

      root::12190:0:::::

  6. Save and quit vi
    • ctrl-x
  7. Reboot
    • type "reboot now" at the prompt
  8. Log in as root and set your new password at the prompt


Blocking spam from IPs
  1. as root edit access by typing vi /etc/mail/access
  2. add ips like this...
    xx.xx.xx.xx REJECT
    leave off a couple of the numbers to block the whole range like this
    xx.xx REJECT
  3. save the file and close it
  4. rebuild the file with new ips by typing this...
    /usr/sbin/makemap hash /etc/mail/access < /etc/mail/access
How do I change my password?
  1. using putty, log in to your server using your current password
  2. type passwd
  3. follow the instructions
How do I change somebody else's password?
  1. as root type passwd <user name>
  2. follow the instructions
How do I use screens?
  • type screen -A -m -S <screen name here>. you should now be in a screen
  • to exit the screen but leave it running so you can log out or open other screens (useful when you are running a game server), hit ctrl-d
  • to go back into the screen, type screen -r.
What if I have more than one screen running?
  1. type screen -r to see a list of the running screens
  2. type screen -r <number*>. * number is the number to the left of the screen you wish to attach to
How do I enable FTP on Slackware 10?
  1. To enable FTP uncomment the ftp stream tcp nowait root /usr/sbin/tcpd proftpd line in /etc/inetd.conf.
  2. Then force the server to re-read inetd.conf by typing ps ax | grep inetd to find out the pid number (the number all the way to the left).
  3. Once you know the pid, kill it by typing kill -HUP <the pid number>.
GEE WHIZ FACT: Did you know that WinSCP is more secure than FTP and it's free?

I just installed squirrel mail on my new server but I get a "Error connecting to IMAP server: localhost. 111 : Connection refused" error. Can you help me out?
  1. You need to tweak your /etc/inetd.conf file. While logged in as root type vi /etc/inetd.conf file.
  2. look for the imap line

    # POP and IMAP mail servers
    #
    # Post Office Protocol version 3 (POP3) server:
    # pop3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/popa3d
    # Internet Message Access Protocol (IMAP) server:
    # imap2 stream tcp nowait root /usr/sbin/tcpd imapd
    #

  3. remove the number sign (#) in front of imap2 and save the file.
  4. Then force the server to re-read inetd.conf by typing ps ax | grep inetd to find out the pid number (the number all the way to the left).
  5. Once you know the pid, kill it by typing kill -HUP <the pid number> and your server will start accepting connections on the imap port (143)
How do I find out who owns files in a certain location?
  • type ls -l
How do I see hidden files or directories?
  • type ls -a
  • type ls -al to see who owns those hidden files or directories.
How do I log in as a different user?
  1. type su <user name>
  2. enter the password for the user you are trying to log in as
If you are trying to log in as root, just type su and you will be prompted for the root password
To exit the current account and return to your previous account, type ctrl-d

How do I scan for open ports?
  • type nmap -p 1-65535 192.168.1.1
This particular variation of the command scans all available ports (1 to 65535 inclusive) on 192.168.1.1. while the open ports above can be trojaned versions of ftp, ssh, or http, a real trouble sign is when you have ports with numbers higher than a few thousand where very few legitimate services normally listen to incoming connections. It is possible, and advisable, to periodically scan your whole network and identify any differences there might be between the outputs for different time periods.

How do I change the owner of a file?
  1. log in to your server as yourself
  2. change to the root account by typing su and the <root password> when prompted
  3. type chown <user name>:users <file or directory name>
To change all files in a folder, type chown -R <folder name>

How do I delete a whole directory?
  • type rm -R <folder name>
How can I find out how much space is left on my hard drives?
  • type df -h
How do I start/stop/restart my Apache server?
  1. log in to your server as yourself
  2. change to the root account by typing su and the <root password> when prompted
    • type apachectl stop to stop the apache web server
    • type apachectl start to start the apache web server
    • type apachectl configtest to test your changes before restarting
    • type apachectl restart to stop and then restart the apache web server after making changes
How can I get all those emails to admin and webmaster and stuff forwarded to my regular email?

Set up an alias in /etc/mail/aliases
  1. log in to your server as yourself
  2. change to the root account by typing su and the <root password> when prompted
  3. type vi /etc/mail/aliases
  4. under decode: root add another line that says root: <the name of the user to receive the mail>
  5. hit esc and :x to save the changes and exit the aliases file
  6. type newaliases to apply the changes
Is there a way to stop people trying to log in as root?

Set up an alias in /etc/mail/aliases
  1. log in to your server as yourself
  2. change to the root account by typing su and the <root password> when prompted
  3. type vi /etc/ssh/sshd_config
  4. look for a line that looks like #PermitRootLogin yes and remove the number sign at the beginning and change yes to no
  5. hit esc and :x to save the changes and exit the aliases file
I just set up a new server but I can't connect through it from my gaming machine to the Internet. What should I do?
  1. ask egrep for a copy of rc.firewall or find out how to make your own rc.firewall over on the slackware help forum
  2. once you have rc.firewall, log in to your server as yourself
  3. change to the root account by typing su and the <root password> when prompted
  4. save rc.firewall in /etc/rc.d
  5. execute the script by typing /etc/rc.d/rc.firewall start
to make rc.firewall execute at startup
  1. log in to your server as yourself
  2. change to the root account by typing su <root password>
  3. change to the rc.d directory by typing cd /etc/rc.d
  4. open /etc/rc.d/rc.inet2 for editing by typing vi rc.inet2
  5. press page down to get to the bottom of the file
  6. press i to insert.
  7. copy the following and paste it into rc.inet2
    if [ -x /etc/rc.d/rc.firewall ]; then
    rc.inet2: /etc/rc.d/rc.firewall start
    fi
  8. press esc to stop inserting
  9. type :x to save your changes and close vi rc.inet2
  10. start the firewall by typing /etc/rc.d/rc.firewall start
to download files to your server
  1. log in to your server as yourself
  2. type wget http://<absolute url to the file you are trying to download>
note: if the file has a referer url on it, add single quotes around the url
ex:wget 'http://<absolute url to the file you are trying to download>'

note: if the file requires a user name and password, add them after the http:// separated by a colon and followed by an @ symbol
ex: wget http://<user name>:<password>@<absolute url to the file you are trying to download>

useful vi commands
  • to open a file to edit, type vi <file name>
  • esc will cancel insert mode
  • i to insert text
  • x to delete text
  • :x to save and exit
  • :q to exit without saving
  • :e! to undo all changes you have made
  • dd to remove a line
Backing up content when you want to reinstall the OS
egrep says: Here is my list of files. I use:
tar -zcpf /home/backups/backup-20050605.tar.gz `cat backup.txt`

to perform the backup, and here is the contents of backup.txt:
(the p option in zcpf means to preserve owner:group on the files)
(This is in addition to any /home/* dirs you want to backup)
(I would use /usr/local/apache as the apache command, as that
will backup ALL the apache stuff in case the version is different).

/etc/hosts.allow
/etc/hosts.deny
/etc/passwd
/etc/shadow
/etc/rc.d/rc.inet1
/etc/rc.d/rc.inet2
/etc/rc.d/rc.firewall
/etc/hosts
/etc/mail
/etc/named.conf
/var/named
/var/spool/mail
/usr/local/apache/bin
/usr/local/apache/conf
/usr/sbin/sendmail

Some scrub is trying to crack into my server. How can I stop that assmonkey?
You can find out if somebody is trying to break into your server by checking your log files. You can view them as root by typing

vi /var/log/secure

The log file will show the offending IP and you can add it to your iptables with a dump command like this:

iptables -A INPUT -s <IP ADDRESS> -j DROP

Setting the server clock
  • as root enter timeconfig and choose your time zone
  • type date 05041012 to set the software clock to the current time. 05041012 should be the current month, day and hour
  • type /sbin/hwclock --systohc to set the hardware clock to the software clock















  • when starting a game on the linux box:
  • ./tribes2d -dedicated -serverprefs bwadminSeverPrefs.cs -mod bwadmin (screen command-to start-the game)
  • ^A^D (to detach)
    Then you can log out
  • screen -r (to re-attach)


    using putty to transfer files from work to pirk.com
  • C:\path-to-pscp\pscp mp3.mp3 leche@pirk.com:music-dir/


    Starting nmap V. 2.54BETA34 ( www.insecure.org/nmap/ )
    Interesting ports on mail (192.168.1.1):
    (The 65524 ports scanned but not shown below are in state: closed)
    PortStateService
    21/tcpopenftp
    22/tcpopenssh
    23/tcpopentelnet
    25/tcpopensmtp
    37/tcpopentime
    79/tcpopenfinger
    80/tcpopenhttp
    111/tcpopensunrpc
    113/tcpopenauth
    515/tcpopenprinter
    587/tcpopensubmission
    Nmap run completed -- 1 IP address (1 host up) scanned in 14 seconds

    server's gone down and you can't connect with putty. what do you do?
    telnet in as yourself then change to root
    su [root password]
    then
    /usr/local/sbin/sshd
    installing a .run file
    sh tribes2-25026-x86.run
    show all files including .directory

    to copy a file to another directory
    cp pbsvnew.so /home/leche/.sof2/pb
    adding a new hard drive
    cfdisk /dev/hdb
    select the FAT32 partition and make it a primary linux partition.

    Once that is done, we need to mkfs (make filesystem) on the partition so that it is mountable in /etc/fstab
    mkfs /dev/hdb1 #of blocks
    #of blocks is what cfdisk reported
    fstype is ext2 by default, so you do not need
    to specify it. If you want bad block checking use:
    mkfs -c /dev/hdb1 #of blocks
    I believe blocks are 512K byte chunks...
    Please hold a sec... Yes, default size for blocks is 512 bytes, so on a 4 gig hard drive... 4,304,250 bytes / 512 = 8406
    mkfs /dev/hdb1 8406

    mkfs /dev/hdb1 4304250
    or
    mkfs /dev/hdb1 8608500


    Ok, mkfs is a "front-end" command for many mkfs.? type commands (each one for different file systems).
    In our case, we can use mke2fs (to make an ext2 filesystem), and you can omit the number of blocks and let it figure it out...
    So, I am going to issue the following and then reboot....

    mke2fs -i 4096 /dev/hdb1

    Will make an ext2 filesystem with 4096 byte inodes and will calculate the max size for the drive by reading it partition info... Got it?

    mount that assmonkey!!!
    mount /dev/hdb1 /games

    to unmount, umount /dev/hdb1 /games
    copy a file from a remote host to your server
    cd to the destination directory and type:
    wget http://www.shaka-zulu.net/downloads/lechebagpipes.wav

    It will get saved as lechebagpipes.wav

    MAKING A SECURE FOLDER
    edit httpd.conf
    vi /location/of/your/httpd.conf

    # SECURE FOLDER START
    <Directory /home/billy/public_html/private>
       AuthType Basic
       AuthName Reynolds
       AuthUserFile /path/to/.htpasswd
    *    Satisfy All
      <Limit GET>
       require valid-user
      </Limit>
    </Directory>
    # SECURE FOLDER END

    * go to the folder where you are pointing to in httpd.conf for the pasword above and type
    htpasswd -c .htpasswd your password (your password is the actual password you will use)

    restart the server
    apachectl restart

    go to the folder and you should need a password to get in.

    stop/start the apache server
    /usr/local/apache/bin/apachectl start (stop, restart)