mdadm command for Raid
mdadm –create /dev/md0 –level=0 –raid-devices=2 /dev/sdb1 /dev/sdb2
This will crate raid devices level 0 with /dev/sdb1 /dev/sdb2
mdadm –query /dev/name-of-device
This will find out if a given device is a RAID array, or is part of one, and will provide brief information about the device.
This will assemble and start all arrays listed in the standard config file. This command will typically go in a system startup file.
This will shut down all arrays that can be shut down (i.e. are not currently in use). This will typically go in a system shutdown script.
tcpdump - dump traffic on a network
Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression. It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. In all cases, only packets that match expression will be processed by tcpdump.
Example:
root@u12:~# tcpdump -nnvvXS -c2 port 80
-n
Don’t convert host addresses to names. This can be used to avoid DNS lookups.
-nn
Don’t convert protocol and port numbers etc. to names either.
-vv
Even more verbose output. For example, additional fields are printed from NFS reply packets, and SMB packets are fully decoded.
-X
When parsing and printing, in addition to printing the headers of each packet, print the data of each packet (minus its link level header) in hex and ASCII. This is very handy for analysing new protocols.
-S
Print absolute, rather than relative, TCP sequence numbers.
Summary
A remote code execution vulnerability exists in Exim versions between 4.70 and 4.80, inclusive. Exim is the mail transfer agent used by cPanel & WHM.
Security Rating
This vulnerability has been rated as Critical[1] by the cPanel Security team.
Description
A remote code execution flaw in Exim has been discovered by an internal audit performed by the Exim developers[2]. This vulnerability may lead to arbitrary code execution with the privileges of the user executing the Exim daemon. In some circumstances this may lead to privilege escalation.
The vulnerability is tied to the DKIM support introduced in Exim 4.70. It has been assigned CVE-2012-5671[3].
The following Exim RPMs, as distributed by cPanel, Inc. are known to be vulnerable:
* exim-4.76-1
* exim-4.77-0
* exim-4.77-1
* exim-4.80-0
* exim-4.80-1
These RPMs were shipped as part of cPanel & WHM versions 11.32 and 11.34.
Solution
Contact us at info@serverbuddies.com for patching your Exim server with the latest security patches and run a Full Security Audit on your server.
Configuring Sudo
To run as root use the su or sudo commands. Avoid using root for any non-administration usage, since the root account makes it easy to create security or data risks. If you frequently use a single user desktop, you may find it convenient to configure sudo so you can use the same password for both root and your regular account. To do this, follow this procedure:
Become the root user using the su command. Enter the password for the root account when prompted.
Run this command, using your user account name in the place of “sampleusername”:
echo ’serveradmin ALL=(ALL) ALL’ >> /etc/sudoers
Note that when sudo prompts you for a password, it expects your user password, not root’s.