Using hashlimit in iptables
iptables -I INPUT -m hashlimit -m tcp -p tcp –dport 23032 –hashlimit 1/min –hashlimit-mode srcip –hashlimit-name ssh -m state –state NEW -j ACCEPT
This rule limits one connection to the SSH port from one IP address per minute.
hashlimit match options
--hashlimit-upto max average match rate
[Packets per second unless followed by
/sec /minute /hour /day postfixes]
–hashlimit-above min average match rate
–hashlimit-mode mode is a comma-separated list of
dstip,srcip,dstport,srcport (or none)
–hashlimit-srcmask source address grouping prefix length
–hashlimit-dstmask destination address grouping prefix length
–hashlimit-name name for /proc/net/ipt_hashlimit
–hashlimit-burst number to match in a burst, default 5
–hashlimit-htable-size number of hashtable buckets
–hashlimit-htable-max number of hashtable entries
–hashlimit-htable-gcinterval interval between garbage collection runs
–hashlimit-htable-expire after which time are idle entries expired?
Upgrading to PHP5 using /script/easyapache
1. Connect to server as root
2. /scripts/upcp –force ##this can take a while.
3. /script/easyapache
SELECT OPTION 7
1. Select “Php Module —>”
2. Uncheck current PHP version
3. Check latest version of PHP5
4. Select “Exit”
5. Select “Exit” again
6. Sit back and wait, it can take 10-60 minutes to complete
Using find Command for security check
The ‘find’ command is usually used to find filenames which have specific patterns. However, we can also use it to find the files modified/accessed within a specific time period.
For example we can find all files in /etc owned by root that have been modified within the last 2 days:
find /etc -user root -mtime -2
The options we can use here are:
-atime: when the file was last accessed
-ctime: when the file’s permissions were last changed
-mtime: when the file’s data was last modified
You may have noticed that we have a minus sign in front of ‘2′ in the last example. The ‘time’ options for the find command are expressed in 24-hour increments, and the sign in front of the number can indicate ‘less than’ or ‘greater than’. Thus ‘-2′ means we want to find files which were modified within the last two days. If we wanted to find files that were modified more than 2 days ago, we would need to put a plus sign in front of the 2:
find /etc -user root -mtime +2
There are also versions of the atime, ctime, and mtime arguments that measure time in minutes:
-amin: when (in minutes) the file was last accessed
-cmin: when (in minutes) the file’s permissions were last changed
-mmin: when (in minutes) the file’s data was last modified
To match -atime +1, a file has to have been accessed at least two days ago. More example in the find man pages.
How to check packet Flows using tcpdump
Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression. It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. In all cases, only packets that match expression will be processed by tcpdump.
One of the most common uses of tcpdump is to determine whether you are getting basic two-way communication.
Command Options:
icmp View icmp packets
tcp port port-number View TCP packets with packets with either a source or destination TCP port of port-number
udp port port-number View UDP packets with either a source or destination UDP port of port-number
Example:
By using the -w filename option you can send the entire Ethernet frame, not just a brief IP information that normally goes to the screen, to a file. This can then be analyzed by graphical analysis tools such as Wireshark, which is available in both Windows and Linux
tcpdump -i eth0 -w /tmp/tcp.dump tcp port 22
The -n switch stops DNS name lookups and will make tcpdump work more reliably.
tcpdump -i eth0 -n tcp port 22
Using Parallels Pro Control Panel to change the logo
To upload your logo to the server:
In the shortcuts area of the Home page, Click Upload Logo (Configuration section).
In the Upload new logo field, enter the name of your custom logo file including the full path or click
Browse to locate and select the file on your computer.
Note: Your logo size should not exceed 73 x 46 pixels.
Click Upload Logo.
Using the command line to change the logo
Using SSH, log on to the server as the root user.
Use either the move (mv) or copy (cp) command to move your logo.gif file to the customization directory /etc/appliance/customization/. For example:
mv /home/ftp_username/logo.gif /etc/appliance/customization/logo.gif
Where ftp_username is the user name of your FTP user account on the server.
