linux poison RSS
linux poison Email
1

How to enable IP Forwarding

By default any modern Linux distributions will have IP Forwarding disabled. This is normally a good idea, as most peoples will not need IP Forwarding, but if we are setting up a Linux router/gateway or maybe a VPN server (pptp or ipsec) or just a plain dial-in server then we will need to enable forwarding. This can be done in several ways that I will present bellow.

Check if IP Forwarding is enabled
We have to query the sysctl kernel value net.ipv4.ip_forward to see if forwarding is enabled or not:

Using sysctl:
sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
or just checking out the value in the /proc system:
cat /proc/sys/net/ipv4/ip_forward
0
As we can see in both the above examples this was disabled (as show by the value 0).

Enable IP Forwarding on the fly
As with any sysctl kernel parameters we can change the value of net.ipv4.ip_forward on the fly (without rebooting the system):
sysctl -w net.ipv4.ip_forward=1
or
echo 1 > /proc/sys/net/ipv4/ip_forward
the setting is changed instantly; the result will not be preserved after rebooting the system.

Permanent setting using /etc/sysctl.conf
If we want to make this configuration permanent the best way to do it is using the file /etc/sysctl.conf where we can add a line containing net.ipv4.ip_forward = 1
/etc/sysctl.conf:
net.ipv4.ip_forward = 1
if you already have an entry net.ipv4.ip_forward with the value 0 you can change that 1.

To enable the changes made in sysctl.conf you will need to run the command:
sysctl -p /etc/sysctl.conf
On RedHat based systems this is also enabled when restarting the network service:
service network restart
Read more
0

How to use hosts.allow and hosts.deny (tcpwrappers)

1. Open terminal
2. su - if you not a root user
3. Use your favorite editor like vi.
4. Type vi /etc/hosts.deny
5. At the bottom line just type “ALL:ALL:deny” to restricted all of deamon process
6. Save it.
7. Open “/etc/hosts.allow” with vi editor
8. At the buttom line “ALL:(some ip that you allow):allow” to allow anything from my IP address
9. Save it.
Read more
0

Safer, Faster, and Smarter internet access

Safer, Faster, and Smarter internet access by using OpenDNS

If you are not aware of OpenDNS, please do look here first.

OpenDNS protects you from phishing — bad websites trying to steal your personal information. When you try to go to a phishing site, Opendns let you know.
Let's try to configure and use this on Linux.

1) Make sure named is installed on your system.

2) Edit your /etc/resolv.conf file and add following entry
nameserver 127.0.0.1

3) Now edit your /etc/named.conf file, you should have similar to this... in your "options" section of named.conf file

options {
directory "/var/lib/named";
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
forwarders { 208.67.222.222; 208.67.220.220; };
forward first;
listen-on port 53 { 127.0.0.1; };
allow-query { 127.0.0.1; };
notify no;
};

Here most important part is entry of opendns servers in forwarders section.

4) Now restart your named server.

5) open your browser and type : http://www.opendns.com/welcome/ --> You should see something similar to this ...

Read more
2

Do not worry about spyware in Linux

Read more
0

HowTo get your System Information

System Activity Information: sar
To use sar, sadc (system activity data collector) needs to be running. Check its status or start it with rcsysstat {start|status}.
sar can generate extensive reports on almost all important system activities, among them CPU, memory, IRQ usage, IO, or networking. With its many options, it is too complex to explain further here. Refer to the man page for extensive documentation with examples.

Memory Usage: free
The utility free examines RAM usage. Details of both free and used memory and swap areas are shown:
poison:~ # free
total used free shared buffers cached
Mem: 450128 398428 51700 0 10280 141204
-/+ buffers/cache: 246944 203184
Swap: 514040 182656 331384
The options -b,-k,-m,-g show output in bytes, KB, MB, or GB, respectively

User Accessing Files: fuser
It can be useful to determine what processes or users are currently accessing certain files. Suppose, for example, you want to unmount a file system mounted at /mnt. umount returns “device is busy.” The command fuser can then be used to determine what processes are accessing the device:
poison:~ # fuser -v /home/nikesh/
USER PID ACCESS COMMAND
/home/nikesh/: nikesh 5476 ..c.. su

Kernel Ring Buffer: dmesg
poison:~ # dmesg | more
Linux version 2.6.18.2-34-default (geeko@buildhost) (gcc version 4.1.2 20061115 (prerelease) (SUSE Linux)) #1 SMP Mon Nov 27
11:46:27 UTC 2006
BIOS-provided physical RAM map:
BIOS-e820: 0000000000000000 - 000000000009f400 (usable)
BIOS-e820: 000000000009f400 - 00000000000a0000 (reserved)
BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved)
BIOS-e820: 0000000000100000 - 000000001bef0000 (usable)
BIOS-e820: 000000001bef0000 - 000000001bef3000 (ACPI NVS)
BIOS-e820: 000000001bef3000 - 000000001bf00000 (ACPI data)
BIOS-e820: 00000000e0000000 - 00000000f0000000 (reserved)
BIOS-e820: 00000000fec00000 - 0000000100000000 (reserved)
0MB HIGHMEM available.
446MB LOWMEM available.
found SMP MP-table at 000f5e30
On node 0 totalpages: 114416
DMA zone: 4096 pages, LIFO batch:0
Normal zone: 110320 pages, LIFO batch:31
DMI 2.3 present
…………………

List of Open Files: lsof.
To view a list of all the files open for the process with process ID PID, use -p. For example, to view all the files used by the current shell, enter:
poison:~ # lsof -p $$
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
bash 4700 root cwd DIR 3,6 4096 1811521 /root
bash 4700 root rtd DIR 3,6 4096 2 /
bash 4700 root txt REG 3,6 557704 913931 /bin/bash
bash 4700 root mem REG 3,6 131115 2139537 /lib/ld-2.5.so
bash 4700 root mem REG 0,0 0 [heap] (stat: No such file or directory)
bash 4700 root mem REG 3,6 42546 2137956 /lib/libnss_files-2.5.so
bash 4700 root mem REG 3,6 238464 344723 /usr/lib/locale/en_US.utf8/LC_CTYPE
bash 4700 root mem REG 3,6 1494633 2140298 /lib/libc-2.5.so
bash 4700 root mem REG 3,6 16082 2140299 /lib/libdl-2.5.so
bash 4700 root mem REG 3,6 294652 2140313 /lib/libncurses.so.5.5
bash 4700 root mem REG 3,6 28088 2140319 /lib/libhistory.so.5.1
bash 4700 root mem REG 3,6 192840 2140316 /lib/libreadline.so.5.1
bash 4700 root mem REG 3,6 42325 2137960 /lib/libnss_nis-2.5.so
bash 4700 root mem REG 3,6 95913 2140304 /lib/libnsl-2.5.so
bash 4700 root mem REG 3,6 32135 2137952 /lib/libnss_compat-2.5.so
bash 4700 root mem REG 3,6 25460 329733 /usr/lib/gconv/gconv-modules.cache
bash 4700 root 0u CHR 136,4 6 /dev/pts/4
bash 4700 root 1u CHR 136,4 6 /dev/pts/4
bash 4700 root 2u CHR 136,4 6 /dev/pts/4
bash 4700 root 255u CHR 136,4 6 /dev/pts/4

Interprocess Communication: ipcs
The command ipcs produces a list of the IPC resources currently in use:
poison:~ # ipcs
—— Shared Memory Segments ——–
key shmid owner perms bytes nattch status
0×00000000 98304 root 600 33554432 7 dest
0×00000000 32769 root 666 66136 2 dest
0×00000000 524290 root 600 393216 2 dest
0×00000000 557059 root 600 393216 2 dest
0×00000000 589828 root 600 393216 2 dest
0×00000000 622597 root 600 393216 2 dest
0×00000000 786438 root 666 131040 1 dest
—— Semaphore Arrays ——–
key semid owner perms nsems
0×00000000 65536 wwwrun 600 1
0×00000000 98305 wwwrun 600 1
—— Message Queues ——–
key msqid owner perms used-bytes messages

Process Tree: pstree
The command pstree produces a list of processes in the form of a tree:

Processes: top
The command top, which stands for “table of processes,” displays a list of processes that is refreshed every two seconds. To terminate the program, press Q. The parameter -n 1 terminates the program after a single display of the process list. The following is an example output of the command top -n 1:

Who Is Doing What: w
With the command w, find out who is logged onto the system and what each user is doing. For example:
poison:~ # w
00:32:58 up 33 min, 8 users, load average: 1.71, 1.35, 0.82
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
root :0 00:00 ?xdm? 2:06 0.21s /bin/sh /usr/bin/kde
root pts/0 00:00 32:03 0.00s 1.17s kded –new-startup
root pts/1 00:01 31:48 0.14s 0.13s wvdial
root pts/2 00:01 31:18 0.08s 0.04s tail -f access.log
root pts/3 00:01 20:04 2.55s 0.03s /bin/bash
root pts/4 00:01 1.00s 0.07s 0.00s w
root pts/5 00:01 8:36 0.08s 0.06s -bash
root pts/6 00:01 31:33 0.03s 0.03s /bin/bash


Read more
0

HowTo use .htaccess file for Apache authentication

1. Create the directory you want to password protect (example: nikesh)

2. Create a file /var/www/html/nikesh/.htaccess in that director that looks something like this:

AuthName “Add your login message here.”
AuthType Basic
AuthUserFile /etc/apache/.htpasswd
AuthGroupFile /dev/null
require user name-of-user

In this case the “name-of-user” is the login name you wish to use for accessing the web site.

3. In apache configuration file, change the AllowOverride to AuthConfig for the directory that you wan to protect with password.


AllowOverride AuthConfig

3. Create the password file /etc/apache/.htpasswd using the program htpasswd:

# htpasswd -c .htpasswd name-of-user

Read Man page: htpasswd

Read more
0

Spam filtering in sendmail by using DNSBL definitions

If you wish to be even more aggressive with your spam filtering, you can configure Sendmail to completely ignore senders that have bad reputations. With this step, Sendmail won’t even talk to them.

Editing the file /etc/mail/sendmail.mc, insert the following lines anywhere in the FEATURE section of the file:

dnl #
dnl # Here are Sharky's favorite DNSBL definitions.
dnl #
FEATURE(`dnsbl', `list.dsbl.org')dnl
FEATURE(`dnsbl', `bl.spamcop.net')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org')dnl
FEATURE(`dnsbl', `blackholes.mail-abuse.org')dnl
FEATURE(`dnsbl', `relays.mail-abuse.org')dnl

Apply the changes by saving the file and running the following commands:

cd /etc/mail
make all
/sbin/service sendmail restart

From this point on, every time an SMTP client connects to Sendmail, Sendmail will refer to the blacklist authorities you added to verify the client’s reputation. If the client is reported to have a shady reputation, Sendmail will hang up on him.

Read more
0

Limits for Linux filesystems

File System File Size (Bytes) File System Size (Bytes)
Ext2 or Ext3 (1 kB block size) 234 (16 GB) 241 (2 TB)
Ext2 or Ext3 (2 kB block size) 238 (256 GB) 243 (8 TB)
Ext2 or Ext3 (4 kB block size) 241 (2 TB) 243-4096 (16 TB-4096 Bytes)
Ext2 or Ext3 (8 kB block size) (systems with 8 kB pages, like Alpha) 246 (64 TB) 245 (32 TB)
ReiserFS v3 246 (64 TB) 245 (32 TB)
XFS 263 (8 EB) 263 (8 EB)
NFSv2 (client side) 231 (2 GB) 263 (8 EB)
NFSv3 (client side) 263 (8 EB) 263 (8 EB)
Read more
1

How to install and use chkrootkit

Here are the steps used to manually install chkrootkit on a Linux system:

1. # wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
2. # tar zxvf chkrootkit.tar.gz
3. # cd chkrootkit-version_number
4. # make
5. Copy chkrootkit and associated executable into /usr/local/bin

# find . -type f -perm +001 -exec cp {} /usr/local/bin \;

Next, create a root crontab entry to run chkrootkit daily.

0 3 * * * (cd /usr/local/bin; ./chkrootkit 2>&1 | /bin/mail -s “`/bin/hostname` chkrootkit output for `/bin/date +\%m`-`/bin/date +\%d`-`/bin/date +\%y`” root)


Read more
11

Howto check disk drive for errors and badblocks

badblocks is a Linux utility to check for bad sectors on a disk drive (A bad sector is a sector on a computer's disk drive or flash memory that cannot be used due to permanent damage or an OS inability to successfully access it.). It creates a list of these sectors that can be used with other programs, like mkfs, so that they are not used in the future and thus do not cause corruption of data. It is part of the e2fsprogs project.

It can be a good idea to periodically check for bad blocks. This is done with the badblocks command. It outputs a list of the numbers of all bad blocks it can find. This list can be fed to fsck to be recorded in the filesystem data structures so that the operating system won’t try to use the bad blocks for storing data. The following example will show how this could be done.

From the terminal, type following command:
$ sudo badblocks -v /dev/hda1 > bad-blocks
The above command will generate the file bad-blocks in the current directory from where you are running this command.

Now, you can pass this file to the fsck command to record these bad blocks
$ sudo fsck -t ext3 -l bad-blocks /dev/hda1
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Check reference counts.
Pass 5: Checking group summary information.

/dev/hda1: ***** FILE SYSTEM WAS MODIFIED *****

/dev/hda1: 11/360 files, 63/1440 blocks
If badblocks reports a block that was already used, e2fsck will try to move the block to another place. If the block was really bad, not just marginal, the contents of the file may be corrupted.

Looks at badblocks man pages for more command line options.
Read more
0

How to Restore a MySQL database

The most common and basic way to restore, is a restore of a database.

# mysql -u username –password=password DB < DB.sql

Restoring your database to another database over the network

# mysqldump -u username –password=password DB | mysql –host=192.168.0.23 -C DB
Read more
0

Configure and Install KDE4 in OpenSuse 10.3

Regular KDE 4 Packages and an openSUSE-based KDE Four Live CD have been available throughout the whole cycle, and final versions of them are also available now. On openSUSE 10.3 you can use 1-click-install to get the KDE 4.0 desktop environment -- Here

Or you can choose to install a more basic KDE 4 desktop. Developers can also optionally install the KDE 4 build dependencies: all the packages you need to have installed for compiling KDE 4.0 from source (experts only).


Read more
0

Classy picture of Richard Stallman - Thank's GNU

Read more
2

How to have complete security - (Antivirus, Rootkit, Firewall, Email , Web , Network, IDS, VPN, Encryption)

Antivirus

Perhaps the ultimate definition of computer security is the effectiveness of your antivirus. Antivirus software keeps the most problematic forms of malware from corrupting your computer.
Clam AntiVirus – Extremely popular antivirus solution for UNIX based machines. Includes real time virus scanning and a virus definition database updated multiple times per day.
AVScan – A front-end for Clam AntiVirus.
AVG Anti-Virus – Effective virus scanning suite. Requires regular virus definition updates.
Avast Home Edition – Complete antivirus suite including real time scanning, email protection, internet traffic filtering, a firewall and more.
Housecall – Web based scanner that detects and removes viruses, worms, trojans and spyware. Also points out system vulnerabilities and offers advice on obtaining security patches.
Symantec Security Check – Simple antivirus solution that searches your computer for various forms of malware and deletes them. Offers a secondary scan to measure the vulnerability of your computer.

Rootkit

Rootkits are about the nastiest forms of malware around. To keep your computer (and your privacy) safe, you’ll need an app to scan for rootkits.
chkrootkit – The definitive solution for finding and removing rootkits from Linux machines.

Firewall

A well regarded firewall with a strict rule set is the first line of defense against intruders. Keep hackers from sneaking malware onto your system in the first place with these freebie firewall solutions.
Firestarter – Real time firewall that monitors all of the open ports and active network connections on your computer. Allows you to specify a very strict rule set.
Firewall Builder – Useful tool for assembling a firewall rule set or policy for popular UNIX based firewalls including iptables, ipfilter, etc.
TuxGuardian – Verifies the integrity of applications trying to gain access to the network. Useful for preventing viruses, trojans, spyware, etc. from spreading throughout the network.
HardWall Firewall – Iptables based script that performs detailed packet inspection and filtering to keep your computer free from malicious traffic.
BullDog – Complex firewall for advanced users.
PeerGuardian – Blocks IPs from accessing your network. Especially useful for protecting your privacy when using peer to peer software.

Email Security

Thunderbird – Highly customizable secure email client. Comes equipped with spam email filters, phishing protection and encryption capabilities.
Smart sendmail filters – A collection of tools to block and filter sendmail spam as well as scan attachments for viruses.
Sagator – An interface for the postfix, sendmail and other smtpd gateways that run popular antivirus and antispam solutions.
Tiger Envelopes – Encrypts email messages. Integrates into Outlook, Thunderbird, Mac Mail and KMail.

Web Utility

Malware infestation is probably the most annoying aspect of surfing the internet. It starts by accidentally downloading a toolbar here, failing to read a EULA there, and eventually your whole computer is one big slow piece of junk. To prevent this from happening (again) try using these apps when surfing.
Tor – Uses a network of virtual tunnels to provide anonymity for surfing the internet and transferring files over a network.
Firefox – A fan favorite browser for it’s secure architecture and available add-ons. Uses SSL browsing by default.
WebCleaner – Allows you to control the type of data your proxy parses. Useful for eliminating dangerous malware and removing annoying popup ads.
McAfee Site Advisor – Rates websites by their ability to infect your computer with malware. Advises you if a site is safe or not.

Network

With an insecure network not only will you be vulnerable to the perils of the internet, everyone connected to your network will too. Meaning instead of having one computer down due to a nasty virus, you could have hundreds. These freebie apps will help you manage the challenge of keeping your network safe.
SmoothWall – Firewall, IDS and VPN system for home users and networks.
Nagios – Comprehensive web based tool equipped with virtually every imaginable feature for knowing exactly what’s going on in your network.
Nessus – Industry leading open source network vulnerability scanner. Highly scalable and very thorough.
Wireshark – Powerful tool for capturing network protocol data for analysis. Contains more than 25 methods for reading packets making it useful for a wide array of networks.

Intrusion Detection System

Implementing an effective intrusion detection system is a surefire step to improving the security of your network and personal computer. Here are several popular solutions.
Snort – The premier free IDS solution. Detects a wide variety of attacks including buffer overflows, OS fingerprinting, CGI scans and more. Uses real time traffic analysis and packet logging on IP networks
Open Source Host-based Intrusion Detection System – Personal IDS performing log analysis, registry monitoring, malware detection, time-based alerting and active response.
Prelude – Detects system anomalies and reports findings to the user. Also analyzes logs for anomalies.

Virtual Private Network

VPN usage has exploded the past few years due to its new found ease of use and high level of security.
SSL-Explorer – Highly scalable VPN that integrates directly into your browser. Requires only a single open port to work.
OpenVPN – Popular VPN solution specializing in remote access.
strongSwan – IPsec based VPN using multiple encryption methods.

Encryption

Encryption is a must for the most sensitive types of data. After all, we all know what happens when a password or credit card number winds up in the wrong persons hands. That’s why we recommend you check out a few of the following encryption apps.
GNU Privacy Guard – A command line based encryption tool using multiple encryption algorithms including OpenPGP, AES, SHA-1, and more.
TrueCrypt – Creates virtual encrypted drives.


Read more
1

Howto change your MAC address (helps in hacking)

Open up a terminal and switch to root user.
Suppose : xx:xx:xx:xx:xx:xx = new mac address you wan to assign to you box
example: 1a:2b:3c:4d:5e:6f

Characters allowed in mac address: 1 2 3 4 5 6 7 8 9 0 a b c d e f
enter the following:
# ifconfig eth0 down
# ifconfig eth0 hw ether 1a:2b:3c:4d:5e:6f
# ifconfig etho up
Check the new MAC address by using following command
# ifconfig


Read more
0

How to load programs faster (prelink)?

# Install package: prelink (here)

Create backup: cp /etc/default/prelink /etc/default/prelink.bak

# Edit “/etc/default/prelink” as root, and find this line:

PRELINKING=unknown

# Change it to:

PRELINKING=yes

# Exit from editor, saving the file.
# Execute the following command - sudo prelink -avmR

Restart and see the difference


Read more
1

Reinstall Grub after installation/upgrade of Windows (Vista)

This is for Windows (XP or Vista) dual boot with Fedora Core (any version)

Boot the Fedora cd disk #1 (installation disk).
At the installation menu, type in linux rescue (hit the enter key)

Now system will try to find your linux installation and all goes fine it will mount your root filesystem under /mnt/sysimage directory.

At the terminal prompt, Type in chroot /mnt/sysimage
then type: cd /boot/grub this is where your grub files are.
Type cat grub.conf and note which hd it is referring to.

If this does not work for some reason, type in df or rdev and this will show you where the root drive is, usually the first entry (line).

Then type; (I am installing grub on the MBR of first hardisk)

grub-install –recheck/dev/hda

This may take a minute or so and should just return a command prompt with no errors. Once it does, type in reboot and see if grub comes up normally.

Read more
0

Tape drives naming convention

SCSI tape device names
The st driver provides the interface to a variety of SCSI tape devices under Linux.

  • First (auto rewind) SCSI tape device name: /dev/st0
  • Second (auto rewind) SCSI tape device name: /dev/st1
  • First the non-rewind SCSI tape devices: /dev/nst0
  • Second the non-rewind SCSI tape devices: /dev/nst1

IDE tape device names
The ht driver provides the interface to a variety of IDE tape devices under Linux.

  • First (auto rewind) IDE tape device name: /dev/ht0
  • Second (auto rewind) IDE tape device name: /dev/ht1
  • First the non-rewind IDE tape devices: /dev/nht0
  • Second the non-rewind IDE tape devices: /dev/nht1
Read more
0

Popular Linux OS download links

Read more
0

How To Install Xfce on Ubuntu Linux

Xfce is a lightweight desktop environment for UNIX-like operating systems. It aims to be fast and low on system resources, while still being visually appealing and user friendly.

Xfce embodies the traditional UNIX philosophy of modularity and re-usability. It consists of a number of components that provide the full functionality one can expect of a modern desktop environment. They are packaged separately and you can pick among the available packages to create the optimal personal working environment.

Another priority of Xfce is adhereance to standards, specifically those defined at freedesktop.org.

Xfce can be installed on several UNIX platforms. It is known to compile on Linux, NetBSD, FreeBSD, OpenBSD, Solaris, Cygwin and MacOS X, on x86, PPC, Sparc, Alpha...


Paste in this command in terminal
sudo aptitude update && sudo aptitude install xubuntu-desktop
To use Xfce after you’ve installed it:
1) Log out
2) Under “Session”, select “Xfce”
3) Log back in again.

Read more
0

Protect your SSH by using Denyhost

DenyHosts is a Python script that analyzes the sshd server log messages to determine what hosts are attempting to hack into your system. It also determines what user accounts are being targeted. It keeps track of the frequency of attempts from each host.

Additionally, upon discovering a repeated attack host, the /etc/hosts.deny file is updated to prevent future break-in attempts from that host. An email report can be sent to a system admin.

Installation:
You will need to run DenyHosts as root (in order for DenyHosts to update /etc/hosts.deny and read entries from /var/log), so you first must become root. Once you have either logged in as root (or used su - root, for instance) you can then run the following command:

# crontab -e

The above command will launch the crontab editor. To launch DenyHosts every 20 minutes you would then add the following line to the crontab:

0,20,40 * * * * python PATH_TO_DENYHOSTS/denyhosts.py -c PATH_TO_DENYHOSTS_CONFIG/denyhosts.cfg

You will need to substitute your site-specific paths above. As an example, if you installed DenyHosts in /usr/local/etc and maintain your configuration file there as well, then the following crontab entry would be appropriate:

0,20,40 * * * * python /usr/local/etc/denyhosts/denyhosts.py -c /usr/local/etc/denyhosts/denyhosts.cfg

Once you have edited the crontab you should then save it. Assuming you didn't make any errors, the crontab will automatically install itself.

There are other lot's of option you can use - visit and download DenyHost


Read more
0

How to forward your mails to someother account

Ever wondered how to forward your mails especially if you are a webmaster managing number of sites. You might need to forward any email sent to your primary email address. Its that easy. Just create a .forward file on your home directory. Insert list of emails addresses separated by commas, where you want to get forwarded.

Login as user and type

echo 'destination_email_address' > .forward

Just Delete .forward file if you dont want any forwarding.

Read more
0

Make your box invisible to ping

The following firewall rules will drop ICMP requests.

Iptables:
iptables -A OUTPUT -p icmp -d 0/0 -j DROP
OR drop all incomming pings:
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
This is sometimes necessary to look invisible to DOS (Denial Of Service) attackers who use ping to watch your machine and launch an attack when it's pressence is detected
Read more
0

Activating and De-Activating your NIC

Commands for starting and stopping TCP/IP network services on an interface:
  • Activate: /sbin/ifup eth0
    (Also: ifconfig eth0 up - Note: Even if no IP address is assigned you can listen.)
  • De-Activate: /sbin/ifdown eth0
    (Also: ifconfig eth0 down)
Read more
2

How to change hostname in Linux

1) Edit file /etc/sysconfig/network using your favourite editor.
vi /etc/sysconfig/network

2) Look for HOSTNAME=xxxxxx

3) Change the xxxx to the name you wish to set for your computer. (ex:HOSTNAME=abc.com)

4) Save the file and restart the network service. (ex: type service network restart in your shell)

Done! You have just changed your hostname in Linux platform

Read more
0

How to remove/uninstall Lilo/Grub?

If you want to remove the Lilo or Grub boot loader from your system (if you are uninstalling linux etc) follow the procedures below:

For Windows 95/98 etc:
Use a dos boot disk and at the command prompt type:
fdisk /mbr

For Windows XP:
Boot off the XP Installation CD and go into rescue mode. From there run the command:
fixmbr
Read more
0

Maximize performace of Oracle and IBM DB2

Commercial databases such as Oracle and IBM DB2 can maximize performance by using raw I/O. One may use the raw command for both IDE and SCSI devices. This will map a raw device to a blocked device for an entire disk partition. To see if your system is using raw I/O issue the command: raw -a

* Configuration file: /etc/sysconfig/rawdevices

Add entries to this file to invoke raw I/O upon system boot.
* Devices: /dev/raw/raw??
* Raw device controller: /dev/rawctl
* Sample use of command: raw /dev/raw/raw1 /dev/hdb5
* One must be of group disk to use the raw device or change permissions:

chmod a+r /dev/rawctl

chmod a+r /dev/hdb5
chmod a+rw /dev/raw/raw1

Note: The above information applies to Red Hat distributions. This info may be different for other distributions. i.e. S.U.S.E. uses /dev/raw1 as a device and /dev/raw as the controller.
You can mimic Red Hat behavior with a symbolic link: ln -s /dev/your_raw_controller /dev/rawctl
Read more
4

Linux Commands to Monitor Memory Usage

Linux Commands to Monitor Memory Usage:

vmstat Monitor virtual memory
free Display amount of free and used memory in the system.
pmap Display/examine memory map and libraries (so). Usage: pmap pid
top Show top processes
sar -B Show statistics on page swapping.
time -v date Show system page size, page faults, etc of a process during execution. Note you must fully qualify the command as "/usr/bin/time" to avoid using the bash shell command "time".
cat /proc/sys/vm/freepages Display virtual memory "free pages".
One may increase/decrease this limit: echo 300 400 500 > /proc/sys/vm/freepages
cat /proc/meminfo Show memory size and usage.
Read more
0

Want to write Linux Kernel?

  • Title: "Iptables-tutorial"
    Author: Oskar Andreasson.
    URL: http://iptables-tutorial.frozentux.net
    Keywords: iptables, netfilter, firewalls.
    Description: The aim of the iptables-tutorial is to explain iptables in a complete and simple way. It information on all the currently available matches and targets (in kernel), as well as complete example scripts and explanations. It contains a complete section on iptables syntax, as well as other interesting commands such as iptables-save and iptables-restore.
  • Title: "Ipsysctl-tutorial"
    Author: Oskar Andreasson.
    URL: http://ipsysctl-tutorial.frozentux.net
    Keywords: IP sysctl, ipsysctl, firewalls, Interface reference, sysctl/proc basics.
    Description: This document aims at giving more in depth explanations about the different ip sysctl calls available in the Linux kernel.
  • Title: "The Linux Kernel"
    Author: David A. Rusling.
    URL: http://en.tldp.org/LDP/tlk/tlk.html
    Keywords: everything!, book.
    Description: On line, 200 pages book describing most aspects of the Linux Kernel. Probably, the first reference for beginners. Lots of illustrations explaining data structures use and relationships in the purest Richard W. Stevens' style. Contents: "1.-Hardware Basics, 2.-Software Basics, 3.-Memory Management, 4.-Processes, 5.-Interprocess Communication Mechanisms, 6.-PCI, 7.-Interrupts and Interrupt Handling, 8.-Device Drivers, 9.-The File system, 10.-Networks, 11.-Kernel Mechanisms, 12.-Modules, 13.-The Linux Kernel Sources, A.-Linux Data Structures, B.-The Alpha AXP Processor, C.-Useful Web and FTP Sites, D.-The GNU General Public License, Glossary". In short: a must have.
  • Title: "Linux Device Drivers, 2nd Edition"
    Author: Alessandro Rubini and Jonathan Corbet.
    URL: http://www.xml.com/ldd/chapter/book/index.html
    Keywords: device drivers, modules, debugging, memory, hardware, interrupt handling, char drivers, block drivers, kmod, mmap, DMA, buses.
    Description: O'Reilly's popular book, now also on-line under the GNU Free Documentation License.
    Notes: You can also buy it in paper-form from O'Reilly. See below under BOOKS (Not on-line).
  • Title: "Conceptual Architecture of the Linux Kernel"
    Author: Ivan T. Bowman.
    URL: http://plg.uwaterloo.ca/~itbowman/papers/CS746G-a1.html
    Keywords: conceptual software arquitecture, extracted design, reverse engineering, system structure.
    Description: Conceptual software arquitecture of the Linux kernel, automatically extracted from the source code. Very detailed. Good figures. Gives good overall kernel understanding.
  • Title: "Concrete Architecture of the Linux Kernel"
    Author: Ivan T. Bowman, Saheem Siddiqi, and Meyer C. Tanuan.
    URL: http://plg.uwaterloo.ca/~itbowman/papers/CS746G-a2.html
    Keywords: concrete arquitecture, extracted design, reverse engineering, system structure, dependencies.
    Description: Concrete arquitecture of the Linux kernel, automatically extracted from the source code. Very detailed. Good figures. Gives good overall kernel understanding. This papers focus on lower details than its predecessor (files, variables...).
  • Title: "Linux as a Case Study: Its Extracted Software Architecture"
    Author: Ivan T. Bowman, Richard C. Holt and Neil V. Brewster.
    URL: http://plg.uwaterloo.ca/~itbowman/papers/linuxcase.html
    Keywords: software architecture, architecture recovery, redocumentation.
    Description: Paper appeared at ICSE'99, Los Angeles, May 16-22, 1999. A mixture of the previous two documents from the same author.
  • Title: "Overview of the Virtual File System"
    Author: Richard Gooch.
    URL: http://www.atnf.csiro.au/~rgooch/linux/vfs.txt
    Keywords: VFS, File System, mounting filesystems, opening files, dentries, dcache.
    Description: Brief introduction to the Linux Virtual File System. What is it, how it works, operations taken when opening a file or mounting a file system and description of important data structures explaining the purpose of each of their entries.
  • Title: "The Linux RAID-1, 4, 5 Code"
    Author: Ingo Molnar, Gadi Oxman and Miguel de Icaza.
    URL: http://www.linuxjournal.com/article.php?sid=2391
    Keywords: RAID, MD driver.
    Description: Linux Journal Kernel Korner article. Here is it's abstract: "A description of the implementation of the RAID-1, RAID-4 and RAID-5 personalities of the MD device driver in the Linux kernel, providing users with high performance and reliable, secondary-storage capability using software".
  • Title: "Dynamic Kernels: Modularized Device Drivers"
    Author: Alessandro Rubini.
    URL: http://www.linuxjournal.com/article.php?sid=1219
    Keywords: device driver, module, loading/unloading modules, allocating resources.
    Description: Linux Journal Kernel Korner article. Here is it's abstract: "This is the first of a series of four articles co-authored by Alessandro Rubini and Georg Zezchwitz which present a practical approach to writing Linux device drivers as kernel loadable modules. This installment presents an introduction to the topic, preparing the reader to understand next month's installment".
  • Title: "Dynamic Kernels: Discovery"
    Author: Alessandro Rubini.
    URL: http://www.linuxjournal.com/article.php?sid=1220
    Keywords: character driver, init_module, clean_up module, autodetection, mayor number, minor number, file operations, open(), close().
    Description: Linux Journal Kernel Korner article. Here is it's abstract: "This article, the second of four, introduces part of the actual code to create custom module implementing a character device driver. It describes the code for module initialization and cleanup, as well as the open() and close() system calls".
  • Title: "The Devil's in the Details"
    Author: Georg v. Zezschwitz and Alessandro Rubini.
    URL: http://www.linuxjournal.com/article.php?sid=1221
    Keywords: read(), write(), select(), ioctl(), blocking/non blocking mode, interrupt handler.
    Description: Linux Journal Kernel Korner article. Here is it's abstract: "This article, the third of four on writing character device drivers, introduces concepts of reading, writing, and using ioctl-calls".
  • Title: "Dissecting Interrupts and Browsing DMA"
    Author: Alessandro Rubini and Georg v. Zezschwitz.
    URL: http://www.linuxjournal.com/article.php?sid=1222
    Keywords: interrupts, irqs, DMA, bottom halves, task queues.
    Description: Linux Journal Kernel Korner article. Here is it's abstract: "This is the fourth in a series of articles about writing character device drivers as loadable kernel modules. This month, we further investigate the field of interrupt handling. Though it is conceptually simple, practical limitations and constraints make this an ``interesting'' part of device driver writing, and several different facilities have been provided for different situations. We also investigate the complex topic of DMA".
  • Title: "Device Drivers Concluded"
    Author: Georg v. Zezschwitz.
    URL: http://www.linuxjournal.com/article.php?sid=1287
    Keywords: address spaces, pages, pagination, page management, demand loading, swapping, memory protection, memory mapping, mmap, virtual memory areas (VMAs), vremap, PCI.
    Description: Finally, the above turned out into a five articles series. This latest one's introduction reads: "This is the last of five articles about character device drivers. In this final section, Georg deals with memory mapping devices, beginning with an overall description of the Linux memory management concepts".
  • Title: "Network Buffers And Memory Management"
    Author: Alan Cox.
    URL: http://www.linuxjournal.com/article.php?sid=1312
    Keywords: sk_buffs, network devices, protocol/link layer variables, network devices flags, transmit, receive, configuration, multicast.
    Description: Linux Journal Kernel Korner. Here is the abstract: "Writing a network device driver for Linux is fundamentally simple---most of the complexity (other than talking to the hardware) involves managing network packets in memory".
  • Title: "The Venus kernel interface"
    Author: Peter J. Braam.
    URL: http://www.coda.cs.cmu.edu/doc/html/kernel-venus-protocol.html
    Keywords: coda, filesystem, venus, cache manager.
    Description: "This document describes the communication between Venus and kernel level file system code needed for the operation of the Coda filesystem. This version document is meant to describe the current interface (version 1.0) as well as improvements we envisage".
  • Title: "Programming PCI-Devices under Linux"
    Author: Claus Schroeter.
    URL: ftp://ftp.llp.fu-berlin.de/pub/linux/LINUX-LAB/whitepapers/pcip.ps.gz
    Keywords: PCI, device, busmastering.
    Description: 6 pages tutorial on PCI programming under Linux. Gives the basic concepts on the architecture of the PCI subsystem, as long as basic functions and macros to read/write the devices and perform busmastering.
  • Title: "Writing Character Device Driver for Linux"
    Author: R. Baruch and C. Schroeter.
    URL: ftp://ftp.llp.fu-berlin.de/pub/linux/LINUX-LAB/whitepapers/drivers.ps.gz
    Keywords: character device drivers, I/O, signals, DMA, accessing ports in user space, kernel environment.
    Description: 68 pages paper on writing character drivers. A little bit old (1.993, 1.994) although still useful.
  • Title: "Design and Implementation of the Second Extended Filesystem"
    Author: Rémy Card, Theodore Ts'o, Stephen Tweedie.
    URL: http://web.mit.edu/tytso/www/linux/ext2intro.html
    Keywords: ext2, linux fs history, inode, directory, link, devices, VFS, physical structure, performance, benchmarks, ext2fs library, ext2fs tools, e2fsck.
    Description: Paper written by three of the top ext2 hackers. Covers Linux filesystems history, ext2 motivation, ext2 features, design, physical structure on disk, performance, benchmarks, e2fsck's passes description... A must read!
    Notes: This paper was first published in the Proceedings of the First Dutch International Symposium on Linux, ISBN 90-367-0385-9.
  • Title: "Journaling the Linux ext2fs Filesystem"
    Author: Stephen C. Tweedie.
    URL: ftp://ftp.uk.linux.org/pub/linux/sct/fs/jfs/journal-design.ps.gz
    Keywords: ext3, journaling.
    Description: Excellent 8-pages paper explaining the journaling capabilities added to ext2 by the author, showing different problems faced and the alternatives chosen.
  • Title: "Linux Kernel Module Programming Guide"
    Author: Peter Jay Salzman, Michael Burian, Ori Pomerantz.
    URL: http://tldp.org/LDP/lkmpg/2.6/html/
    Keywords: modules, /proc, ioctls, system calls, interrupt handlers .
    Description: Very nice 73 pages free book on the topic of modules programming. Lots of examples. Updated to 2.6 kernels.
  • Title: "Device File System (devfs) Overview"
    Author: Richard Gooch.
    URL: http://www.atnf.csiro.au/~rgooch/linux/docs/devfs.txt
    Keywords: filesystem, /dev, devfs, dynamic devices, major/minor allocation, device management.
    Description: Document describing Richard Gooch's controversial devfs, which allows for dynamic devices, only shows present devices in /dev, gets rid of major/minor numbers allocation problems, and allows for hundreds of identical devices (which some USB systems might demand soon).
  • Title: "I/O Event Handling Under Linux"
    Author: Richard Gooch.
    URL: http://www.atnf.csiro.au/~rgooch/linux/docs/io-events.html
    Keywords: IO, I/O, select(2), poll(2), FDs, aio_read(2), readiness event queues.
    Description: From the Introduction: "I/O Event handling is about how your Operating System allows you to manage a large number of open files (file descriptors in UNIX/POSIX, or FDs) in your application. You want the OS to notify you when FDs become active (have data ready to be read or are ready for writing). Ideally you want a mechanism that is scalable. This means a large number of inactive FDs cost very little in memory and CPU time to manage".
  • Title: "Kernel Hacking HOWTO"
    Author: Andrew Ebling.
    URL: http://www.kernelhacking.org/docs/kernelhacking-HOWTO/
    Keywords: HOWTO, kernel hacking, getting started, source navigation, kernel debugging, profiling, benchmarking.
    Description: Another kernel hacking howto. More recent than the now lost Rusty's one.
  • Title: "ALSA 0.5.0 Developer documentation"
    Author: Stephan 'Jumpy' Bartels .
    URL: http://www.math.TU-Berlin.de/~sbartels/alsa/
    Keywords: ALSA, sound, soundcard, driver, lowlevel, hardware.
    Description: Advanced Linux Sound Architecture for developers, both at kernel and user-level sides. Work in progress. ALSA is supposed to be Linux's next generation sound architecture.
  • Title: "Programming Guide for Linux USB Device Drivers"
    Author: Detlef Fliegl.
    URL: http://usb.in.tum.de/usbdoc/
    Keywords: USB, universal serial bus.
    Description: A must-read. From the Preface: "This document should give detailed information about the current state of the USB subsystem and its API for USB device drivers. The first section will deal with the basics of USB devices. You will learn about different types of devices and their properties. Going into detail you will see how USB devices communicate on the bus. The second section gives an overview of the Linux USB subsystem [2] and the device driver framework. Then the API and its data structures will be explained step by step. The last section of this document contains a reference of all API calls and their return codes".
    Notes: Beware: the main page states: "This document may not be published, printed or used in excerpts without explicit permission of the author". Fortunately, it may still be read...
  • Title: "Linux Kernel Mailing List Glossary"
    Author: John Levon.
    URL: http://www.movement.uklinux.net/glossary.html
    Keywords: glossary, terms, linux-kernel.
    Description: From the introduction: "This glossary is intended as a brief description of some of the acronyms and terms you may hear during discussion of the Linux kernel".
  • Title: "Linux Kernel Locking HOWTO"
    Author: Various Talented People, and Rusty.
    URL: http://netfilter.kernelnotes.org/unreliable-guides/kernel-locking-HOWTO.html
    Keywords: locks, locking, spinlock, semaphore, atomic, race condition, bottom halves, tasklets, softirqs.
    Description: The title says it all: document describing the locking system in the Linux Kernel either in uniprocessor or SMP systems.
    Notes: "It was originally written for the later (>2.3.47) 2.3 kernels, but most of it applies to 2.2 too; 2.0 is slightly different". Freely redistributable under the conditions of the GNU General Public License.
  • Title: "Global spinlock list and usage"
    Author: Rick Lindsley.
    URL: http://lse.sourceforge.net/lockhier/global-spin-lock
    Keywords: spinlock.
    Description: This is an attempt to document both the existence and usage of the spinlocks in the Linux 2.4.5 kernel. Comprehensive list of spinlocks showing when they are used, which functions access them, how each lock is acquired, under what conditions it is held, whether interrupts can occur or not while it is held...
  • Title: "Porting Linux 2.0 Drivers To Linux 2.2: Changes and New Features "
    Author: Alan Cox.
    URL: http://www.linux-mag.com/1999-05/gear_01.html
    Keywords: ports, porting.
    Description: Article from Linux Magazine on porting from 2.0 to 2.2 kernels.
  • Title: "How To Make Sure Your Driver Will Work On The Power Macintosh"
    Author: Paul Mackerras.
    URL: http://www.linux-mag.com/1999-07/gear_01.html
    Keywords: Mac, Power Macintosh, porting, drivers, compatibility.
    Description: The title says it all.
  • Title: "Video4linux Drivers, Part 1: Video-Capture Device"
    Author: Alan Cox.
    URL: http://www.linux-mag.com/2000-01/gear_01.html
    Keywords: video4linux, driver, video capture, capture devices, camera driver.
    Description: The title says it all.
  • Title: "Video4linux Drivers, Part 2: Video-capture Devices"
    Author: Alan Cox.
    URL: http://www.linux-mag.com/2000-02/gear_01.html
    Keywords: video4linux, driver, video capture, capture devices, camera driver, control, query capabilities, capability, facility.
    Description: The title says it all.
  • Title: "Linux 2.4 Kernel Internals"
    Author: Tigran Aivazian and Christoph Hellwig.
    URL: http://www.moses.uklinux.net/patches/lki.html
    Keywords: Linux, kernel, booting, SMB boot, VFS, page cache.
    Description: A little book used for a short training course. Covers building the kernel image, booting (including SMP bootup), process management, VFS and more.
  • Title: "Linux IP Networking. A Guide to the Implementation and Modification of the Linux Protocol Stack."
    Author: Glenn Herrin.
    URL: http://www.cs.unh.edu/cnrg/gherrin
    Keywords: network, networking, protocol, IP, UDP, TCP, connection, socket, receiving, transmitting, forwarding, routing, packets, modules, /proc, sk_buff, FIB, tags.
    Description: Excellent paper devoted to the Linux IP Networking, explaining anything from the kernel's to the user space configuration tools' code. Very good to get a general overview of the kernel networking implementation and understand all steps packets follow from the time they are received at the network device till they are delivered to applications. The studied kernel code is from 2.2.14 version. Provides code for a working packet dropper example.
  • Title: "Linux PCMCIA Programmer's Guide"
    Author: David Hinds.
    URL: http://pcmcia-cs.sourceforge.net/ftp/doc/PCMCIA-PROG.html
    Keywords: PCMCIA.
    Description: "This document describes how to write kernel device drivers for the Linux PCMCIA Card Services interface. It also describes how to write user-mode utilities for communicating with Card Services.
  • Title: "(nearly) Complete Linux Loadable Kernel Modules. The definitive guide for hackers, virus coders and system administrators."
    Author: pragmatic/THC.
    URL: http://packetstormsecurity.org/docs/hack/LKM_HACKING.html
    Keywords: syscalls, intercept, hide, abuse, symbol table.
    Description: Interesting paper on how to abuse the Linux kernel in order to intercept and modify syscalls, make files/directories/processes invisible, become root, hijack ttys, write kernel modules based virus... and solutions for admins to avoid all those abuses.
    Notes: For 2.0.x kernels. Gives guidances to port it to 2.2.x kernels.
  • Title: "Linux Kernel Threads in Device Drivers"
    Author: Martin Frey.
    URL: http://www.scs.ch/~frey/linux/kernelthreads.html
    Keywords: threads, creation, stopping, initialization.
    Description: How to start and stop kernel threads in a loadable module.
  • Title: "The Linux Kernel Hackers' Guide"
    Author: Michael K.Johnson and others.
    URL: http://en.tldp.org/LDP/khg/HyperNews/get/khg.html
    Keywords: everything!
    Description: Probably, too old to be useful... Many people have contributed. The interface is similar to web available mailing lists archives. You can find some articles and then some mails asking questions about them and/or complementing previous contributions. A little bit anarchic in this aspect, but with some valuable information in some cases.
Read more
Related Posts with Thumbnails