GRUB single user mode
To get into the single user mode follow the steps below :
1. At the GRUB boot prompt, select the image to be booted and press e.
2. Select the line containing kernel and press e.
3. At the end of the line specify the runlevel, for single user mode specify 1. So the line looks like,
kernel /vmlinuz-2.6.16.5 ro root=LABEL=/ rhgb quiet 1
4. Press Enter to save the line, and press b to boot the modified image.
5. You will be logged to the single usermode.
6. If you only needed a root shell, in step 3, you may specify
kernel /vmlinuz-2.6.16.5 ro root=LABEL=/ rhgb quiet init=/bin/bash
Tags: GRUB, single
Enable IPTABLES support in Linux Kernel
You need to recompile kernel to enable IPTABLES support. I am giving the steps to enable IPTABLES support during kernel recompilation.
Get into the kernel source directory:
# cd /usr/local/src/kernel
# make menuconfig
Select the following option (not as a loadable module)
Networking >> Networking options >> Network packet filtering (replaces ipchains) >> Core Netfilter Configuration >> Netfilter Xtables support (required for ip_tables) and select the all following options as modules.
Networking >> Networking options >> Network packet filtering (replaces ipchains) >> IP: Net Filter configurationS >> IP Tables support
# make
# make modules
# make modules_install
# make install
Tags: iptables, Linux Kernel, support
How to redirect port using IPTABLES
You can redirect the port in IPTABLES using the prerouting parameter.
Following is the command you can use to redirect the traffic of port 8080 to port 80.
$ /sbin/iptables -t nat -I PREROUTING -p tcp –dport 8080 -j REDIRECT –to-port 80
$ /etc/init.d/iptables save
$ /etc/init.d/iptables restart
You can change the ports in the above command according to your need.
Tags: iptables, Port, redirect
Tcpdump command to monitor the SMTP activity from a IP or range of IP.
The tcpdump is a useful utility to monitor the network activity in the server.
You can monitor the SMTP activity to find out the mail account used by spammer.
tcpdump -i eth0 -n src 192.168.1.4 \or dst 192.168.1.4 -w smtp.tcpdump -s 2048
The above command will monitor the SMTP activity from the IP address 192.168.1.4 and will log to the file smtp.tcpdump.
Please use the following command to monitor a range of IP
tcpdump -i eth0 -n src net 219.91.0.0/16 \or dst net 219.91.0.0/16 -w smtp.tcpdump -s 2048
The above command will monitor the range of IP starting with 219.91. You can use less or Wireshark to analyze the dump file. You need to replace the network device with your network device EG : venet0:0 in a VPS.
Tags: from a IP, range of IP, SMTP activity, Tcpdump
How to uninstall apf in linux machine
You can use the following steps to uninstall apf in a linux machine:
Stop the apf service running in the server.
$ /etc/rc.d/init.d/apf stop
Remove the apf files from the server.
$ rm -Rf /etc/apf
$ rm -Rf /etc/rc.d/init.d/apf
$ rm -Rf /var/log/apf_log
$ rm -Rf /var/log/apfados_log
$ rm -Rf /usr/local/sbin/apf
Disable apf in the run levels.
$ /sbin/chkconfig –level 345 apf off
Open up and remove this line:
$ vi /etc/cron.daily/fw
/etc/rc.d/init.d/apf restart >> /dev/null 2>&1
Tags: linux machine, uninstall apf
