Tuesday, January 18, 2011

How to Password Protect the GRUB

The main reason to password protect the GRUB boot loder is to Prevent Access to Single User Mode — If attackers can boot the system into single user mode, they are logged in automatically as root without being prompted for the root password.

To do this, open a shell prompt, log in as root, and type:

/sbin/grub-md5-crypt

When prompted, type the GRUB password and press Enter. This returns an MD5 hash of the password.

Next, edit the GRUB configuration file /boot/grub/grub.conf. Open the file and below the timeout line in the main section of the document, add the following line:

password --md5

Replace with the value returned by /sbin/grub-md5-cryp

Kishore

To convert man pages in the PDF format

Here is the way to convert man pages to PDF format

===============
 man -t cat | ps2pdf - > cat.pdf
===============

This command will export your cat man page to cat.pdf file.

One more example is given below:

==============
man -t sendmail | ps2pdf - sendmail.pdf
==============

Kishore

Some DNS tools to troubleshoth the DNS issue

Dnsstuff
http://www.dnsstuff.com

Global Whois Tool
http://www.ratite.com/whois

Dnsreport
http://www.dnsreport.com/

Dnstools
http://www.dns.net/dnsrd/tools.html

Online nslookup tool

http://www.enc.com.au/itools/nslookup.php

CheckDNS
http://www.checkdns.net

squish.net dns checker
http://www.squish.net/dnscheck

DNScheck
http://dnscheck.se

Zonecheck
http://www.zonecheck.fr/demo

Pingability
http://pingability.com

DNSdoctor
http://demo.dnsdoctor.org

Name Server Zone Transfer Tool
http://www.digitalpoint.com/tools/zone-transfer

MyDNSConfig
http://www.mydnsconfig.org

Lookup Server
http://www.lookupserver.com



Kishore

Some Useful tips for the Apache Webserver

Hide PHP Version in Apache from remote users requests:

 In order to prevent PHP from exposing the fact that it is installed on the server, by adding its signature to the web server header we need to locate in php.ini the variable expose_php and turn it off.
By default expose_php is set to On.

In your php.ini (based on your Linux distribution this can be found in various places, like /etc/php.ini, /etc/php5/apache2/php.ini, etc.) locate the line containing “expose_php On” and set it to Off:
--------------
expose_php = Off
--------------
After making this change PHP will no longer add it’s signature to the web server header. Doing this, will not make your server more secure… it will just prevent remote hosts to easily see that you have PHP installed on the system and what version you are running.

How to get web server software and version of a remote server

 This can be achieved in many ways, but the simplest one in my opinion is to use a basic telnet connection on port 80 to the remote server and issue a regular request like “HEAD / HTTP/1.0” (I will use HEAD because we don’t care about the content):

telnet remote_server.com 80
Trying remote_server.com...
Connected to remote_server.com.
Escape character is '^]'.
HEAD / HTTP/1.0 <- after this press 2 times ENTER

HTTP/1.1 200 OK
Date: Fri, 19 Jun 2006 08:18:06 BST
Server: Apache/2.0.55 (Debian) PHP/5.1.2-1+b1 mod_ssl/2.0.55 OpenSSL/0.9.8b
Connection: close
Content-Type: text/html; charset=UTF-8

Connection closed by foreign host.

or

Another tip about GET , HEAD….
lwp-request, GET, HEAD, POST - Simple WWW user agent

HEAD remote_server.com
200 OK
Connection: close
Date: Fri, 09 Jun 2006 11:17:33 GMT
Server: Apache/2.0.55 (Debian) PHP/5.1.2-1+b1 mod_ssl/2.0.55 OpenSSL/0.9.8b
Content-Type: text/html; charset=UTF-8
Client-Date: Fri, 09 Jun 2006 15:13:39 GMT
Client-Peer: 192.23.0.12:80
Client-Response-Num: 1
X-Powered-By: PHP/5.1.2-1+b1

So as you can see, it is so simple to find out that this server is using: Debian as OS (from the other versions we can assume it is Etch version), Apache 2.0.55 as web server, PHP 5.1.2, and OpenSSL 0.9.8b.

Kishore




Some Useful commands that a server administrator should know.

Command to find files accessed in last 30 days. will find files that is accessed in last 30 days, under root folder.
# find / type f -atime -30
----------------------------------------------------------------------------------------------------------------------------------------List 
contents of a folder along with contents of its subfolder. But it will traverse only to a depth of one. ie, it will not show the contents of subfolder's subfolder.
# ls *
-----------------------------------------------------------------------------------------------------------------------------------------

To print the iptables rules along with line number.
# iptables -L --line-numbers
-----------------------------------------------------------------------------------------------------------------------------------------

To find a particular rule with rule number #; where # is the rule number you want to list
# iptables -L OUTPUT --line-numbers | grep ^#
-----------------------------------------------------------------------------------------------------------------------------------------

Change permission only for folders
# find . -type d -exec chmod 755 {} \;
-----------------------------------------------------------------------------------------------------------------------------------------

List with 777 permission
#find . -type d -perm 777
--------------------------------------------------------------------------------------------------------------------------

To list all the processes listening to port 80
# lsof -i TCP:80|awk {'print $2'}
-----------------------------------------------------------------------------------------------------------------------------------------

To kill all the process listening to apache port 443/80
# lsof -i TCP:443|awk {'print $2'} | xargs kill -9
-----------------------------------------------------------------------------------------------------------------------------------------

Recursively chmod only directories
find . -type d -exec chmod 755 {} \;
-----------------------------------------------------------------------------------------------------------------------------------------

Recursively set the execute bit on every directory
chmod -R a+X *

The +X flag sets the execute bit on directories only
-----------------------------------------------------------------------------------------------------------------------------------------

Recursively chmod only files
find . -type f -exec chmod 644 {} \;
-----------------------------------------------------------------------------------------------------------------------------------------

Recursively chmod only PHP files (with extension .php)
find . -type f -name '*.php' -exec chmod 644 {} \;
-----------------------------------------------------------------------------------------------------------------------------------------

Find all files in /home/user/demo directory
$ find /home/user/demo -print-----------------------------------------------------------------------------------------------------------------------------------------

Now find all files in /home/user/demo directory with permission 777
$ find /home/user/demo -perm 777 -print-----------------------------------------------------------------------------------------------------------------------------------------

Next you need to apply chmod on all these files using -exec option:
$ find /home/user/demo -perm 777 -print -exec chmod 755 {} \;
-----------------------------------------------------------------------------------------------------------------------------------------

Command to find files modified on July 15
ll|grep dr|awk '{print $9}' > 123
for i in `cat 123`;do ls -ld $i;done|grep "Jul 15"
-----------------------------------------------------------------------------------------------------------------------------------------

How to See the SSH password guesses

First, find the PID of the listening SSH daemon process:
# ps axuww | egrep 'PID|ssh'
Now become root and attach to the running daemon with strace:
#
strace -f -e 'read,write' -p12345
----------------------------------------------------------------------------------------------------------------------------------------

Screen Command

Command to create screen:
# screen -S screen_name

To exit from screen:
Just close the shell without logout

To list all running screens:
# screen -ls

To login to a particular screen with screen name "xxxx.screen_name"
# screen -r xxxx.screen_name
 
Kishore

Port Numbers

 
7/TCP,UDP Echo
15/TCP,UDP NETSTAT
20/TCP FTP—data
21/TCP FTP—control (command)
22/TCP,UDP Secure Shell (SSH)—used for secure logins, file transfers (scp, sftp) and port forwarding
23/TCP,UDP Telnet protocol
25/TCP,UDP Simple Mail Transfer Protocol (SMTP)
42/TCP,UDP nameserver, ARPA Host Name Server Protocol
43/TCP WHOIS protocol
53/TCP,UDP Domain Name System (DNS)
79/TCP Finger protocol
80/TCP Hypertext Transfer Protocol (HTTP)
110/TCP Post Office Protocol 3 (POP3)
115/TCP Simple File Transfer Protocol (SFTP)
143/TCP,UDP Internet Message Access Protocol (IMAP)
156/TCP,UDP SQL Service
443/TCP Hypertext Transfer Protocol over TLS/SSL (HTTPS)
514/TCP Shell
546/TCP,UDP DHCPv6 client
547/TCP,UDP DHCPv6 server
873/TCP rsync file synchronisation protocol
901/TCP Samba Web Administration Tool (SWAT)
902/TCP VMware Server Console[27]
904/TCP VMware Server Alternate
1025/TCP NFS-or-IIS
1194/TCP,UDP OpenVPN
1433/TCP,UDP Microsoft SQL Server database management system Server
2049/UDP Network File System
2082/TCP CPanel default
2083/TCP CPanel default SSL
2083/TCP CPanel default SSL
2083/TCP CPanel default SSL
2095/TCP CPanel default Web mail
2096/TCP CPanel default SSL Web mail
2096/TCP CPanel default SSL Web mail
3306/TCP,UDP MySQL database system
3690/TCP,UDP Subversion version control system
5050/TCP Yahoo! Messenger
5432/TCP,UDP PostgreSQL database system
8080/TCP Apache Tomcat
8086/TCP HELM Web Host Automation Windows Control Panel
8087/TCP SW Soft Plesk Control Panel
8443/TCP SW Soft Plesk Control Panel
33434/TCP,UDP traceroute