ServerBuddies Support Blog

What is Reverse Domain Name Hijacking?

Reverse domain name hijacking has become a significant security threat that is largely overlooked by the web hosting community. This form of domain theft involves copyright owners asserting expansive trademark rights in order to take ownership of a domain from its rightful owner. In most cases, this form of domain theft is actually practiced by larger companies that want to claim a domain name from a smaller company.

In the case of ‘reverse domain name hijacking’ the offending party will typically file a report in conjunction with the UDRP (Uniform Domain-Name Dispute-Resolution Policy), which claims that the current domain owner registered the domain in violation of trademark rights. The goal in filing this report is to have the current domain ownership rights revoked and handed over to the offender. Unfortunately, even though in many cases the larger companies are overstepping their trademark rights, most small companies do not have the funds or knowledge needed to defend themselves through any type of opposition. it is possible to file an action in court against the offending party, which states that your registration of the domain was lawful and in accordance with the Anticybersquatting Consumer Protection Act (ACPA). The ACPA is basically a law that serves to protect domain registrants from the outreaching and unjust claims of trademark owners.

How to use lsof command to Find Open Files

The lsof utility can help identify which files are being used by any given application, which network ports are open, and much more.

A process would show up in top or ps aux, but the executable may not seem to exist. Using lsof, we could hunt down the scripts or executables used to run the program. If we run just lsof, it will attempt to show all files (which includes network sockets, pipes and special files) that are open.

If we want to see all the open files owned by a process, we can use the -p option (for PID) like so:

Just replace XXXXX with the process ID (PID) of the process you want to see. The output will show the command that has the file open, the PID, the user, the file descriptor, type, size of the file and the name of the file.

We can also see what files are open by users. Running lsof -u user will show all open files by processes owned by the user. You can also substitute the user ID (UID) for the username. If you want to eliminate a user from the listing, use ^user instead. The preceding caret will negate the selection, so the user will be ignored.

If we want to see what network sockets are owned by a particular user or process? Try ..

That will show only the open TCP and UDP sockets. If we want to see what files are open over the network, use -i. This will show you which files and sockets are open, and their respective protocols, hostnames and so on. We can narrow network parameters down by IP version (-i4 for IPv4, -i6 for IPv6), protocol (UDP or TCP), and even hostname or port.

By default, lsof will look up hostnames, but we can turn this off using the -n option. It will run faster without needing to do name lookups.

lsof 4.81
latest revision: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/
latest FAQ: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/FAQ
latest man page: ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/lsof_man

kill - terminate a process

The command kill sends the specified signal to the specified process or process group. If no signal is specified, the TERM signal is sent.
The TERM signal will kill processes which do not catch this signal. For other processes, it may be necessary to use the KILL (9) signal, since this signal cannot be caught.

Most modern shells have a builtin kill function, with a usage rather similar to that of the command described here. The `-a’ and `-p’ options, and the possibility to specify pids by command name is a local extension.

Negative PID values may be used to choose whole process groups; see the PGID column in ps command out?put. A PID of -1 is special; it indicates all processes except the kill process itself and init.

EXAMPLES

kill -9 -1
Kill all processes you can kill.

kill -l 11
Translate number 11 into a signal name.

Using system-config-lvm

The LVM utility allows you to manage logical volumes within X windows or graphically. You can access the application by selecting from your menu panel System > Administration > Logical Volume Management.

Alternatively you can start the Logical Volume Management utility by typing system-config-lvm from a terminal.

To initialize a partition or unpartioned space, select the partition and click on the Initialize Entity button. Once initialized, a volume will be listed in the ‘Unallocated Volumes’ list.

To add the volume to an existing volume group, click on the Add to Existing Volume Group button. Clicking on the Add to Existing Volume Group button will display a pop up window listing the existing volume groups to which you can add the physical volume you are about to initialize. A volume group may span across one or more hard disks.

Once added to an existing volume group the new logical volume is automatically added to the unused space of the selected volume group.

Installing Softaculous in cPanel

Softaculous is a great Auto Installer having 150 great scripts and we are still adding more. Softaculous is ideal for Web Hosting companies and it could give a significant boost to your sales. These scripts cover most of the uses a customer could ever have.

Note: Before starting the installation make sure ionCube Loaders are enabled. For that go to WHM and click on Tweak Settings. Please make sure that the Ioncube loader is selected for the backend copy of PHP. Now SSH to your server and enter following commands:

Now go to : WHM > Plugins (Add-Ons on older versions than 11) > Softaculous - Instant Installs