Connecting to and Disconnecting from the MySQL Server
you should be able to connect like this:
shell> mysql -h host -u user -p
Enter password: ********
host and user represent the host name where your MySQL server is running and the user name of your MySQL account. Substitute appropriate values for your setup.
The ******** represents your password; enter it when mysql displays the Enter password: prompt.
If that works, you should see some introductory information followed by a mysql> prompt:
shell> mysql -h host -u user -p
The mysql> prompt tells you that mysql is ready for you to enter commands.
MySQL Server and Server-Startup Programs
mysqld — The MySQL Server
mysqld_safe — MySQL Server Startup Script
mysql.server — MySQL Server Startup Script
mysqld_multi — Manage Multiple MySQL Servers
The mysqld program has many options that can be specified at startup. For a complete list of options, run this command:
shell> mysqld –verbose –help
Permission denied error, while executing Nagios binaries
Nagios provides enterprise-class Open Source monitoring of hosts and services.
Make sure that the Nagios user has correct ownership/permissions to Nagios files in the Nagios installation directory.
Check if SElinux is enabled. If it is enabled, the Nagios binaries won’t be executed.
There are 3 alternative solutions for this.
1) Disable SElinux, SELINUX=disable.
2) Make it execute non-built-in services like Nagios by setting, SELINUX=permissive. This would cause the binaries to execute with only warnings logged to /var/log/messages.
If you go for the fix 1 or 2, you would need to reboot the server once.
3) You can change the security context of the Nagios binaries and make them executable with SElinux enabled.
chcon -t sbin_t /usr/local/nagios/sbin
chcon -R -t sbin_t /usr/local/nagios/sbin/
How to Encrypt Shell Script
We all know that anyone can read shell script.Think if any one gets access to the shell script which has root password and all stored in it. Its really a security risk. Now we have a solution for that ie all this risk can be avoided if the shell script is encrypted and then executed. The utility used for that is called shc
I will explain how to install it and then use it for the encrypting purpose
1) Download from http://www.datsi.fi.upm.es/~frosal/sources/shc-3.7.tgz
wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.7.tgz
2) Untar it
3) To install it follow the below given steps
cd shc-X.X/
make
make install
4) After install it will create a binary called shc, use it to encrypt the shell scripts
5) Write a shell script, lets call it heloworld.sh
#!/bin/bash
echo ” Helo world ”
6) To test shc execute the command
Option -f is used to encrypt
7) Now you will get an encrypted version of the script. It will be named something like heloworld.sh.x
Its an encrypted version and you can execute it as you wish
9) You have an encrypted shell script.
Preventing potential cross-site scripting vulnerability
There is a security issue related to Acrobat Reader version 7.08 and earlier versions . The flaw let hackers use a technique known as cross-site scripting, in which they blend malicious JavaScript with a link to a Portable Document Format (PDF) file on a Web site to hijack a user’s computer.
There is a server wide workaround for those who do not have the latest versions.
1 Search DefaultType in /usr/local/apache/conf/httpd.conf
After “DefaultType text/plain”
Add
AddType application/octect-stream .pdf
2 Next Enable mod_headers and check the version of apache (go to the specified directory)
cd /home/cpapachebuild/buildapache/apache_1.3.37/src/modules/standard
/usr/local/apache/bin/apxs -c mod_headers.c
/usr/local/apache/bin/apxs -i -a -n headers mod_headers.so
3 Search modsec in /usr/local/apache/conf/httpd.conf after the line add the following.
<IfModule mod_headers.c>
<FilesMatch “\.pdf$”>
Header append Content-Disposition “attachment;”
</FilesMatch>
</IfModule>
4 Restart apache
