Archive for the tag 'Using'

SBDavid

Using hashlimit in iptables

Using hashlimit in iptables

iptables -I INPUT -m hashlimit -m tcp -p tcp –dport 23032 –hashlimit 1/min –hashlimit-mode srcip –hashlimit-name ssh -m state –state NEW -j ACCEPT

This rule limits one connection to the SSH port from one IP address per minute.

hashlimit match options

  --hashlimit-upto            max average match rate
                                   [Packets per second unless followed by
                                   /sec /minute /hour /day postfixes]
  –hashlimit-above           min average match rate
  –hashlimit-mode           mode is a comma-separated list of
                                   dstip,srcip,dstport,srcport (or none)
  –hashlimit-srcmask      source address grouping prefix length
  –hashlimit-dstmask      destination address grouping prefix length
  –hashlimit-name           name for /proc/net/ipt_hashlimit
  –hashlimit-burst 	    number to match in a burst, default 5
  –hashlimit-htable-size     number of hashtable buckets
  –hashlimit-htable-max      number of hashtable entries
  –hashlimit-htable-gcinterval    interval between garbage collection runs
  –hashlimit-htable-expire        after which time are idle entries expired?

Upgrading to PHP5 using /script/easyapache

1. Connect to server as root
2. /scripts/upcp –force ##this can take a while.
3. /script/easyapache

SELECT OPTION 7

1. Select “Php Module —>”
2. Uncheck current PHP version
3. Check latest version of PHP5
4. Select “Exit”
5. Select “Exit” again
6. Sit back and wait, it can take 10-60 minutes to complete

Using find Command for security check

The ‘find’ command is usually used to find filenames which have specific patterns. However, we can also use it to find the files modified/accessed within a specific time period.

For example we can find all files in /etc owned by root that have been modified within the last 2 days:

find /etc -user root -mtime -2

The options we can use here are:

-atime: when the file was last accessed
-ctime: when the file’s permissions were last changed
-mtime: when the file’s data was last modified

You may have noticed that we have a minus sign in front of ‘2′ in the last example. The ‘time’ options for the find command are expressed in 24-hour increments, and the sign in front of the number can indicate ‘less than’ or ‘greater than’. Thus ‘-2′ means we want to find files which were modified within the last two days. If we wanted to find files that were modified more than 2 days ago, we would need to put a plus sign in front of the 2:

find /etc -user root -mtime +2

There are also versions of the atime, ctime, and mtime arguments that measure time in minutes:

-amin: when (in minutes) the file was last accessed
-cmin: when (in minutes) the file’s permissions were last changed
-mmin: when (in minutes) the file’s data was last modified

To match -atime +1, a file has to have been accessed at least two days ago. More example in the find man pages.

How to check packet Flows using tcpdump

Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression. It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. In all cases, only packets that match expression will be processed by tcpdump.

One of the most common uses of tcpdump is to determine whether you are getting basic two-way communication.

Command Options:

icmp View icmp packets
tcp port port-number View TCP packets with packets with either a source or destination TCP port of port-number
udp port port-number View UDP packets with either a source or destination UDP port of port-number

Example:

tcpdump -i eth0 icmp

By using the -w filename option you can send the entire Ethernet frame, not just a brief IP information that normally goes to the screen, to a file. This can then be analyzed by graphical analysis tools such as Wireshark, which is available in both Windows and Linux

tcpdump -i eth0 -w /tmp/tcp.dump tcp port 22

The -n switch stops DNS name lookups and will make tcpdump work more reliably.

tcpdump -i eth0 -n tcp port 22

Using Parallels Pro Control Panel to change the logo

To upload your logo to the server:

In the shortcuts area of the Home page, Click Upload Logo (Configuration section).
In the Upload new logo field, enter the name of your custom logo file including the full path or click

Browse to locate and select the file on your computer.
Note: Your logo size should not exceed 73 x 46 pixels.
Click Upload Logo.

Using the command line to change the logo

Using SSH, log on to the server as the root user.

Use either the move (mv) or copy (cp) command to move your logo.gif file to the customization directory /etc/appliance/customization/. For example:

mv /home/ftp_username/logo.gif /etc/appliance/customization/logo.gif

Where ftp_username is the user name of your FTP user account on the server.

Next »