Introduction to SSL:
Secure Sockets Layer (SSL) is the most widely known protocol that offers privacy and good reliability for client-server communication over the Internet. SSL itself is conceptually quite simple: it negotiates the cryptography algorithms and keys between two sides of a communication, and establishes an encrypted tunnel through which other protocols (like HTTP) can be transported. Optionally, SSL can also authenticate both sides of communication through the use of certificates.
First you have to setup your dedicated server, Check this Guide on how to Setup Perfect Server on Centos also we need to install mbstring for phpmyadmin later using this code
yum install php-mbstring
next is to Generate Self-Signed SSL
if you already have your self-signed SSL move it to a secure folder eg: /etc/httpd/conf and restart apache by /etc/init.d/httpd restart now we need to add a username for editing or uploading files on your webserver because we don’t want to use ROOT username..... Read more
When malicious intruders compromise a web server, there’s an excellent chance a famous Russian PHP script, r57shell and c99shell variant, will follow. The r57shell PHP script gives the intruder a number of capabilities, including, but not limited to: downloading files, uploading files, creating backdoors, setting up a spam relay, forging email, bouncing a connection to decrease the risk of being caught, and even taking control of SQL databases. All these functions become readily available through an easy to use web interface, but now you can fight back.
find /home/account/ -name "*".php -type f -print0 | xargs -0 grep r57 | uniq -c | sort -u | cut -d":" -f1 | awk '{print "rm -rf " $2}' | uniq
You can also search regular text (.txt) files:
find /home/account/ -name "*".txt -type f -print0 | xargs -0 grep r57 | uniq -c | sort -u | cut -d":" -f1 | awk '{print "rm -rf " $2}' | uniq
Or even cleverly disguised GIF image files:
find /home/account/ -name "*".gif -type f -print0..... Read more
Question: I know #!/bin/bash is shebang line. But, I noticed a few shell script shebang line ends with a single dash ( #!/bin/bash - ) or double dash ( #!/bin/bash -- ). Can you explains me purpose of such shebang line?
Answer: A - or -- signals the end of options and disables further option processing i.e. bash will not accept any of its option. Any arguments after the -- are treated as filenames and arguments. An argument of - is equivalent to --. This is done to improve script security. Some user may perform setuid based script root spoofing. Sponsored Links:google_ad_client = "pub-0983540800597903";
google_ad_width = 468;
google_ad_height = 15;
google_ad_format = "468x15_0ads_al";
google_color_border = "FFFFFF";
google_color_bg = "FFFFFF";
google_color_link = "FFFFFF";
google_color_text = "555555";
google_color_url = "555555";To avoid interpreter spoofing you need to add -- to #!/bin/bash. This is rare but possible attack.
..... Read more
Question: How do I enable EPEL (Extra Packages for Enterprise Linux) repo and install the packages under RHEL / CentOS Linux?
Answer: EPEL (Extra Packages for Enterprise Linux) is a volunteer-based community effort from the Fedora project to create a repository of high-quality add-on packages that complement the Fedora-based Red Hat Enterprise Linux (RHEL) and its compatible spinoffs, such as CentOS and Scientific Linux.
EPEL provide lots of packages for CentOS / RHEL, It is not part of RedHat or CentOS but is designed to work with these major distributions. Please note that EPEL only provides free and open source software unencumbered by patents or any legal issues. In short you will not find mp3, dvd and music / media player under EPEL. However, you will find many programs related to networking, monitoring, sys admin, programming and so on.
Packages are supplied in RPM format and in most cases are ready to use. Beware that some packages may break something and you should not blindly ..... Read more
vnStat is a network traffic monitor for Linux that keeps a log of daily network traffic for the selected interface(s). vnStat isn’t a packet sniffer. The traffic information is analyzed from the /proc -filesystem, so vnStat can be used without root permissions. However at least a 2.2.x kernel is required.
Quick install guide (I have set it up on a Centos 5.3 box):
[user@host] $ wget http://tinyurl.com/mx9yrf
[user@host] $ tar zxvf vnstat-1.7.tar.gz
[user@host] $ cd vnstat-1.7
[user@host] $ make
[user@host] $ su
Password:
[root@host] # make install
#create databases for NICs
[root@host] # vnstat -u -i eth0
[root@host] # vnstat -u -i eth1
[root@host] # crontab -e
Sponsored Links:google_ad_client = "pub-0983540800597903";
google_ad_width = 468;
google_ad_height = 15;
google_ad_format = "468x15_0ads_al";
google_color_border = "FFFFFF";
google_color_bg = "FFFFFF";
google_color_link = "FFFFFF";
google_color_text = "555555";
google_color_url = "555555";Add the..... Read more
