nmap - Network exploration tool and security / port scanner
Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
A typical Nmap scan is shown in Example 1. The only Nmap arguments used in this example are -A, to enable OS and version detection,script scanning, and traceroute; -T4 for faster execution; and then the two target hostnames.
Example 1. A representative Nmap scan
# nmap -A -T4 scanme.nmap.org
Fedora systemctl command line tool
start, stop, and restart the services on the command line using the systemctl utility.
Configuring Services
To allow you to configure which services are started at boot time, Fedora is shipped with the systemctl command line tool. Do not use the ntsysv and chkconfig utilities. Although it is still possible to use the ntsysv and chkconfig utilities to manage services that have init scripts installed in the /etc/rc.d/init.d/ directory, it is advised that you use the systemctl utility.
Enabling the Service
To configure a service to be automatically started at boot time, use the systemctl command in the following form:
systemctl enable service_name.service
Running the Service
To run a service, use the systemctl command in the following form:
systemctl start service_name.service
Unit Commands:
list-units List loaded units
start [NAME...] Start (activate) one or more units
stop [NAME...] Stop (deactivate) one or more units
reload [NAME...] Reload one or more units
restart [NAME...] Start or restart one or more units
try-restart [NAME...] Restart one or more units if active
reload-or-restart [NAME...] Reload one or more units is possible,
otherwise start or restart
reload-or-try-restart [NAME...] Reload one or more units is possible,
otherwise restart if active
isolate [NAME] Start one unit and stop all others
kill [NAME...] Send signal to processes of a unit
Cpanel Tool to configure PHP and SuExec
Main >> Service Configuration >> Configure PHP and SuExec
This tool allows you to configure the Apache PHP Handler, the default PHP version and suEXEC support.
The default PHP version determines which version of PHP is used for files with a ‘.php’ extensions when served by Apache.
Enabling suEXEC provides support for Apache to run CGI programs as the user ID of the account owner. suEXEC is not PHPSuExec.
Please refer to the documentation for a detailed explanation of how each handler functions.
Reference: http://www.cpanel.net/support/docs/ea/ea3/ea3php_php_requests.html
Tool for checking issues before upgrade or migration to Parallels Plesk 10.x version
Due to the changes in business model in Parallels Plesk Panel 10.x release, not all previous accounts settings will be portable from the previous Parallels Plesk Panel releases.
Attached is a script that allows checking environment before upgrade or migration. Now it is checking business logic issues and it works for both platform: Linux and Windows. This tool could be launched prior to upgrade for the purpose of getting a report on potential problems with the upgrade. Based on the report a hoster can decide whether upgrade to Parallels Plesk Panel 10.x is suitable.
How to use..
# php plesk10_preupgrade_checker.php [plesk-admin-password] -d safe_mode=Off
Nikto2 web server assessment tool Install.
Nikto is a web server assessment tool. It is designed to find various default and insecure files, configurations and programs on any type of web server.
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Installation
Any system which supports a basic Perl installation should allow Nikto to run. For SSL support the Net::SSLeay Perl module must be installed (which in turn requires OpenSSL on the Unix platform).
Perl: http://www.cpan.org/
LibWhisker: http://www.wiretrip.net/
ActiveState Perl: http://www.activestate.com/
OpenSSL: http://www.openssl.org/
Perl modules RPC::XML::Client and RPC::XML for Metasploit logging integration
Download - http://cirt.net/nikto/nikto-2.1.3.tar.bz2
Unpack the download file:
tar -xvfz nikto-2.1.3.tar.bz2
Basic Testing
The most basic Nikto scan requires simply a host to target, since port 80 is assumed if none is specified. The host can either be an IP or a hostname of a machine, and is specified using the -h (-host) option. This will scan the IP 192.168.0.1 on TCP port 80:
perl nikto.pl -h 192.168.0.1
To check on a different port, specify the port number with the -p (-port) option. This will scan the IP 192.168.0.1 on TCP port 443:
perl nikto.pl -h 192.168.0.1 -p 443
