ServerBuddies Support Blog

mysqlshow - display database, table, and column information

SYNOPSIS

DESCRIPTION
The mysqlshow client can be used to quickly see which databases exist, their tables, or a table´s columns or indexes.

mysqlshow provides a command-line interface to several SQL SHOW statements.
The same information can be obtained by using those statements directly.

For example, you can issue them from the mysql client program.

Invoke mysqlshow like this:

If no database is given, a list of database names is shown.
If no table is given, all matching tables in the database are shown.

Tags: column, database, mysqlshow, table

The host bus adapter (HBA)

The server connects to the SAN through a host bus adapter (HBA) — an I/O adapter card that fits inside your server and connects it to the fabric layer.

The Gigabit Interface Connector (GBIC)

The Gigabit Interface Converter (GBIC) is where the cable plugs into the HBA card. Every HBA has a GBIC that snaps into an opening in the card or is soldered to the card. The openings in the GBIC extend out the back of the server so you can plug in the cable. The GBIC houses the laser and electronics that convert the data inside your server into light pulses that travel over the cables. GBICs are used not only in the HBA, but in every device in the SAN. Anywhere an optical cable has to be plugged in, you find a GBIC.

Tags: GBIC, HBA

There is a new SSHD rookit rolling around since few days ago, it looks it’s affecting mostly RHEL/CentOS servers.

Servers with cPanel, Plesk, VirtualMin and DirectAdmin are affected well.
 
According to a Security Audition in one of the hacked servers we found the Rootkit deposits files in /lib64 and /lib, main file name is libkeyutils.so.1.9.
 
It changes symlinks of /lib64/libkeyutils.so.1 to point to the mentioned lib.
 
We believe this lib is capable of stealing passwords, SSH keys and /etc/shadow files from the server. It’s also used as a backdoor to
gain access to the server through a different port, the rootkit will also modify all the authentication mechanisms of the server preventing any login or command history to be logged through this backdoor.

The intruder has full root access which means there is a exploit among with this rootkit capable of root privilege escalation.

You can see if your server is infected by running the following script:

# wget -qq -O - http://www.serverbuddies.com/files/libkeyutilscheck.sh | sh

We highly encourage our customers to submit a 1x Hour of Support if you see the script is showing your server as compromised.

Don’t hesitate to contact our Support Team for any inquiry you may have!

Tags: libkeyutils-1.2 exploit, new centos exploit, new rhel exploit, sshd exploit, sshd rootkit

Running The Apache Tomcat 7.0 Servlet/JSP Container

Requirements:

(1) Download and Install a Java SE Runtime Environment (JRE)

(1.1) Download a Java SE Runtime Environment (JRE),release version 6 or later, from
http://www.oracle.com/technetwork/java/javase/downloads/index.html

(1.2) Install the JRE according to the instructions included with the release.
You may also use a full Java Development Kit (JDK) rather than just a JRE.

(2) Download and Install Apache Tomcat
(2.1) Download a binary distribution of Tomcat from: http://tomcat.apache.org/

Tags: Apache, Container, Running, Servlet/JSP, Tomcat 7.0

MIME Types

MIME types tell browsers how to handle specific extensions. For example, the text/html MIME type equates to .htm, .html, and .shtml extensions on most servers, and this tells your browser to interpret all files with those extensions as HTML files. You can alter or add new MIME types specifically for your site (note that you can not alter the system defined MIME type values). MIME types are often used to handle new technologies as they appear. When WAP technology first appeared no one had these extensions set up on their server. With MIME types, however, you could have set it up yourself and begun serving WAP pages immediately.

Examples: MIME Type & Extension(s)

Tags: MIME, Types