Johnny Leche's Spiff Linux Stuff
- Restarting Sendmail
- Restarting MySQL
- Resetting the root password
- Blocking spam from IPs
- How do I change my password?
- How do I change somebody else's password?
- How do I use screens?
- What if I have more than one screen running?
- How do I enable FTP on Slackware 10?
- I just installed squirrel mail on my new server but I get a "Error connecting to IMAP server: localhost. 111 : Connection refused" error. Can you help me out?
- How do I find out who owns files in a certain location?
- How do I log in as a different user?
- How do I scan for open ports?
- How do I change the owner of a file?
- How do I delete a whole directory?
- How can I find out how much space is left on my hard drives?
- How do I start/stop/restart my Apache server?
- I just set up a new server but I can't connect through it from my gaming machine to the Internet. What should I do?
- How can I get all those emails to admin and webmaster and stuff forwarded to my regular email?
- Is there a way to stop people trying to log in as root?
- How do I see hidden files or directories?
- Some scrub is trying to crack into my server. How can I stop that assmonkey?
- Setting the server clock
- Using Bind
- Add a new user
- Installing new packages
- Update resolve.conf
If your root password stops working because of hackers or you are trying to turn on mysql like has happened to me twice...
- Login as root
- type /etc/rc.d/rc.sendmail restart
This is assuming you had MySQL already running at some point
- Login as the mysql user (log in as root and then type su mysql to swith to the mysql user if you don't know the mysql user password)
- Type /etc/rc.d/rc.mysqld restart
If your root password stops working because of hackers or you are trying to turn on mysql like has happened to me twice...
- Boot up the server using your Slackware disc
- Mount the OS hard drive
- Go to the /mnt/etc/ directory
- Open shadow
- Blank out the password for root
- Move to the root password and press x to remove characters
- Example edit of /mnt/etc/shadow
root:jei8DkE/hf06siGldjQke0:12190:0:::::
change to
root::12190:0:::::
- Save and quit vi
- Reboot
- type "reboot now" at the prompt
- Log in as root and set your new password at the prompt
- as root edit access by typing vi /etc/mail/access
- add ips like this...
xx.xx.xx.xx REJECT
leave off a couple of the numbers to block the whole range like this
xx.xx REJECT
- save the file and close it
- rebuild the file with new ips by typing this...
/usr/sbin/makemap hash /etc/mail/access < /etc/mail/access
- using putty, log in to your server using your current password
- type passwd
- follow the instructions
- as root type passwd <user name>
- follow the instructions
- type screen -A -m -S <screen name here>. you should now be in a screen
- to exit the screen but leave it running so you can log out or open other screens (useful when you are running a game server), hit ctrl-d
- to go back into the screen, type screen -r.
- type screen -r to see a list of the running screens
- type screen -r <number*>. * number is the number to the left of the screen you wish to attach to
- To enable FTP uncomment the ftp stream tcp nowait root /usr/sbin/tcpd proftpd line in /etc/inetd.conf.
- Then force the server to re-read inetd.conf by typing ps ax | grep inetd to find out the pid number (the number all the way to the left).
- Once you know the pid, kill it by typing kill -HUP <the pid number>.
GEE WHIZ FACT: Did you know that WinSCP is more secure than FTP and it's free?
- You need to tweak your /etc/inetd.conf file. While logged in as root type vi /etc/inetd.conf file.
- look for the imap line
# POP and IMAP mail servers
#
# Post Office Protocol version 3 (POP3) server:
# pop3 stream tcp nowait root /usr/sbin/tcpd /usr/sbin/popa3d
# Internet Message Access Protocol (IMAP) server:
# imap2 stream tcp nowait root /usr/sbin/tcpd imapd
#
- remove the number sign (#) in front of imap2 and save the file.
- Then force the server to re-read inetd.conf by typing ps ax | grep inetd to find out the pid number (the number all the way to the left).
- Once you know the pid, kill it by typing kill -HUP <the pid number> and your server will start accepting connections on the imap port (143)
- type ls -a
- type ls -al to see who owns those hidden files or directories.
- type su <user name>
- enter the password for the user you are trying to log in as
If you are trying to log in as root, just type su and you will be prompted for the root password
To exit the current account and return to your previous account, type ctrl-d
- type nmap -p 1-65535 192.168.1.1
This particular variation of the command scans all available ports (1 to 65535 inclusive) on 192.168.1.1. while the open ports above can be trojaned versions of ftp, ssh, or http, a real trouble sign is when you have ports with numbers higher than a few thousand where very few legitimate services normally listen to incoming connections. It is possible, and advisable, to periodically scan your whole network and identify any differences there might be between the outputs for different time periods.
- log in to your server as yourself
- change to the root account by typing su and the <root password> when prompted
- type chown <user name>:users <file or directory name>
To change all files in a folder, type chown -R <folder name>
- log in to your server as yourself
- change to the root account by typing su and the <root password> when prompted
- type apachectl stop to stop the apache web server
- type apachectl start to start the apache web server
- type apachectl configtest to test your changes before restarting
- type apachectl restart to stop and then restart the apache web server after making changes
Set up an alias in /etc/aliases
- log in to your server as yourself
- change to the root account by typing su and the <root password> when prompted
- type vi /etc/aliases
- under decode: root add another line that says root: <the name of the user to receive the mail>
- hit esc and :x to save the changes and exit the aliases file
- type newaliases to apply the changes
Set up an alias in /etc/mail/aliases
- type vi /etc/ssh/sshd_config
- look for a line that looks like #PermitRootLogin yes and remove the number sign at the beginning and change yes to no
- hit esc and :x to save the changes and exit the aliases file
- ask egrep for a copy of rc.firewall or find out how to make your own rc.firewall over on the slackware help forum
- once you have rc.firewall, log in to your server as yourself
- change to the root account by typing su and the <root password> when prompted
- save rc.firewall in /etc/rc.d
- execute the script by typing /etc/rc.d/rc.firewall start
- log in to your server as yourself
- change to the root account by typing su <root password>
- change to the rc.d directory by typing cd /etc/rc.d
- open /etc/rc.d/rc.inet2 for editing by typing vi rc.inet2
- press page down to get to the bottom of the file
- press i to insert.
- copy the following and paste it into rc.inet2
if [ -x /etc/rc.d/rc.firewall ]; then
rc.inet2: /etc/rc.d/rc.firewall start
fi
- press esc to stop inserting
- type :x to save your changes and close vi rc.inet2
- start the firewall by typing /etc/rc.d/rc.firewall start
- log in to your server as yourself
- type wget http://<absolute url to the file you are trying to download>
note: if the file has a referer url on it, add single quotes around the url
ex:wget 'http://<absolute url to the file you are trying to download>'
note: if the file requires a user name and password, add them after the http:// separated by a colon and followed by an @ symbol
ex: wget http://<user name>:<password>@<absolute url to the file you are trying to download>
- to open a file to edit, type vi <file name>
- esc will cancel insert mode
- i to insert text
- x to delete text
- :x to save and exit
- :q to exit without saving
- :e! to undo all changes you have made
- dd to remove a line
egrep says: Here is my list of files. I use:
tar -zcpf /home/backups/backup-20050605.tar.gz `cat backup.txt`
to perform the backup, and here is the contents of backup.txt:
(the p option in zcpf means to preserve owner:group on the files)
(This is in addition to any /home/* dirs you want to backup)
(I would use /usr/local/apache as the apache command, as that
will backup ALL the apache stuff in case the version is different).
/etc/hosts.allow
/etc/hosts.deny
/etc/passwd
/etc/shadow
/etc/rc.d/rc.inet1
/etc/rc.d/rc.inet2
/etc/rc.d/rc.firewall
/etc/hosts
/etc/mail
/etc/named.conf
/var/named
/var/spool/mail
/usr/local/apache/bin
/usr/local/apache/conf
/usr/sbin/sendmail
Make sure the txt file uses Linux line breaks and not Windows carriage returns.
You can find out if somebody is trying to break into your server by checking your log files. You can view them as root by typing
vi /var/log/secure
The log file will show the offending IP and you can add it to your iptables with a dump command like this:
iptables -A INPUT -s <IP ADDRESS> -j DROP
as root enter timeconfig and choose your time zone
type date 05041012 to set the software clock to the current time. 05041012 should be the current month, day and hour
type /sbin/hwclock --systohc to set the hardware clock to the software clock
when starting a game on the linux box:
./tribes2d -dedicated -serverprefs bwadminSeverPrefs.cs -mod bwadmin (screen command-to start-the game)
^A^D (to detach)
Then you can log out
screen -r (to re-attach)
using putty to transfer files from work to pirk.com
C:\path-to-pscp\pscp mp3.mp3 leche@pirk.com:music-dir/
Starting nmap V. 2.54BETA34 ( www.insecure.org/nmap/ )
Interesting ports on mail (192.168.1.1):
(The 65524 ports scanned but not shown below are in state: closed)
Port | State | Service |
21/tcp | open | ftp |
22/tcp | open | ssh |
23/tcp | open | telnet |
25/tcp | open | smtp |
37/tcp | open | time |
79/tcp | open | finger |
80/tcp | open | http |
111/tcp | open | sunrpc |
113/tcp | open | auth |
515/tcp | open | printer |
587/tcp | open | submission |
Nmap run completed -- 1 IP address (1 host up) scanned in 14 seconds
server's gone down and you can't connect with putty. what do you do?
telnet in as yourself then change to root
su [root password]
then
/usr/local/sbin/sshd
installing a .run file
sh tribes2-25026-x86.run
show all files including .directory
to copy a file to another directory
cp pbsvnew.so /home/leche/.sof2/pb
adding a new hard drive
cfdisk /dev/hdb
select the FAT32 partition and make it a primary linux partition.
Once that is done, we need to mkfs (make filesystem) on the partition so that it is mountable in /etc/fstab
mkfs /dev/hdb1 #of blocks
#of blocks is what cfdisk reported
fstype is ext2 by default, so you do not need
to specify it. If you want bad block checking use:
mkfs -c /dev/hdb1 #of blocks
I believe blocks are 512K byte chunks...
Please hold a sec... Yes, default size for blocks is 512 bytes, so on a 4 gig hard drive... 4,304,250 bytes / 512 = 8406
mkfs /dev/hdb1 8406
mkfs /dev/hdb1 4304250
or
mkfs /dev/hdb1 8608500
Ok, mkfs is a "front-end" command for many mkfs.? type commands (each one for different file systems).
In our case, we can use mke2fs (to make an ext2 filesystem), and you can omit the number of blocks and let it figure it out...
So, I am going to issue the following and then reboot....
mke2fs -i 4096 /dev/hdb1
Will make an ext2 filesystem with 4096 byte inodes and will calculate the max size for the drive by reading it partition info... Got it?
mount that assmonkey!!!
mount /dev/hdb1 /games
to unmount,
umount /dev/hdb1 /games
copy a file from a remote host to your server
cd to the destination directory and type:
wget http://www.shaka-zulu.net/downloads/lechebagpipes.wav
It will get saved as lechebagpipes.wav
MAKING A SECURE FOLDER
edit httpd.conf
vi /location/of/your/httpd.conf
# SECURE FOLDER START
<Directory /home/billy/public_html/private>
AuthType Basic
AuthName Reynolds
AuthUserFile /path/to/.htpasswd *
Satisfy All
<Limit GET>
require valid-user
</Limit>
</Directory>
# SECURE FOLDER END
* go to the folder where you are pointing to in httpd.conf for the pasword above and type
htpasswd -c .htpasswd your password (your password is the actual password you will use)
restart the server
apachectl restart
go to the folder and you should need a password to get in.
stop/start the apache server
/usr/local/apache/bin/apachectl start (stop, restart)
Using Bind
Bind is used for setting up DNS services on servers. While logged in as the root user, type...
./etc/rc.d/rc.bind status to see the current Bind status.
./etc/rc.d/rc.bind start to start Bind.
./etc/rc.d/rc.bind stop to stop Bind.
./etc/rc.d/rc.bind restart to restart Bind.
Add a new user
While logged in as the root user, type adduser . Follow the prompts. You should only need to enter the new user's name and leave the rest as the defaults by pressing 'Enter'.
Installing new packages
While logged in as the root user, type...
installpkg <package name>.txz to install a new package.
removepkg <package name> to remove a new package. The file extension (.txz) is not required when uninstalling.
Updating resolve.conf
/etc/resolve.conf has a list of nameservers your server can look for domain names on. You can update it directly while logged in as the root user by editing it by typing vi /etc/resolve.conf by adding individual lines of nameserver 'nameserver ip' or update /etc/resolveconf.conf by adding a list of space separated ips in quotes after name_servers = . Then run resolveconf -u .
|