How to enable IP Forwarding

By default any modern Linux distributions will have IP Forwarding disabled. This is normally a good idea, as most peoples will not need IP Forwarding, but if we are setting up a Linux router/gateway or maybe a VPN server (pptp or ipsec) or just a plain dial-in server then we will need to enable forwarding. This can be done in several ways that I will present bellow.

Check if IP Forwarding is enabled
We have to query the sysctl kernel value net.ipv4.ip_forward to see if forwarding is enabled or not:

Using sysctl:

sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0

or just checking out the value in the /proc system:

cat /proc/sys/net/ipv4/ip_forward
0

As we can see in both the above examples this was disabled (as show by the value 0).

Enable IP Forwarding on the fly
As with any sysctl kernel parameters we can change the value of net.ipv4.ip_forward on the fly (without rebooting the system):

sysctl -w net.ipv4.ip_forward=1

or

echo 1 > /proc/sys/net/ipv4/ip_forward

the setting is changed instantly; the result will not be preserved after rebooting the system.

Permanent setting using /etc/sysctl.conf
If we want to make this configuration permanent the best way to do it is using the file /etc/sysctl.conf where we can add a line containing net.ipv4.ip_forward = 1

/etc/sysctl.conf:
net.ipv4.ip_forward = 1

if you already have an entry net.ipv4.ip_forward with the value 0 you can change that 1.

To enable the changes made in sysctl.conf you will need to run the command:

sysctl -p /etc/sysctl.conf

On RedHat based systems this is also enabled when restarting the network service:

service network restart

Read more

How to use hosts.allow and hosts.deny (tcpwrappers)

1. Open terminal
2. su - if you not a root user
3. Use your favorite editor like vi.
4. Type vi /etc/hosts.deny
5. At the bottom line just type “ALL:ALL:deny” to restricted all of deamon process
6. Save it.
7. Open “/etc/hosts.allow” with vi editor
8. At the buttom line “ALL:(some ip that you allow):allow” to allow anything from my IP address
9. Save it.

Read more

Safer, Faster, and Smarter internet access

Safer, Faster, and Smarter internet access by using OpenDNS

If you are not aware of OpenDNS, please do look here first.

OpenDNS protects you from phishing — bad websites trying to steal your personal information. When you try to go to a phishing site, Opendns let you know.
Let's try to configure and use this on Linux.

1) Make sure named is installed on your system.

2) Edit your /etc/resolv.conf file and add following entry
nameserver 127.0.0.1

3) Now edit your /etc/named.conf file, you should have similar to this... in your "options" section of named.conf file

options {
directory "/var/lib/named";
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
forwarders { 208.67.222.222; 208.67.220.220; };
forward first;
listen-on port 53 { 127.0.0.1; };
allow-query { 127.0.0.1; };
notify no;
};

Here most important part is entry of opendns servers in forwarders section.

4) Now restart your named server.

5) open your browser and type : http://www.opendns.com/welcome/ --> You should see something similar to this ...

Read more

Do not worry about spyware in Linux

Q I’m thinking of trying out Linux, but I can’t seem to find any information on anti-spyware programs for that operating system. Do you know where I can find such software?
I am prepared to pay for them as it’s not worth the risk otherwise, based on my experience with Windows.

A You’ll be pleased to hear that there’s a good reason why it’s so hard to find an anti-spyware program for Linux: the threat from spyware is far smaller when using Linux than when using Windows.
Because of the way Linux works, it’s far harder to create spyware that can get at your personal information. Also, because the number of Linux users is still relatively small, it makes more sense for spyware creators to concentrate on spyware for Windows, where they are likely to get a bigger response. The same goes for viruses on Linux – no-one has yet seen a true virus for it.

That’s not to say it can’t happen, and in the future it’s perfectly possible that both viruses and spyware will start to appear. For now, however, it’s safe to go without anti-spyware protection when using Linux. Anti-virus software is available for Linux such as the free version of AVG.
There are two good reasons for installing this. The first is that you will be prepared in case someone does release a virus for Linux, and the second is that it will prevent you from inadvertently sending a virus to a friend using Windows.

One thing you shouldn’t go without is a firewall, however. Most Linux distributions will include one as standard, but make sure it is switched on and active before using the internet. This will provide an excellent line of defense against all kinds of online threats.
It is also very important to update Linux just as you would run Windows Update. Most distributions come with a way of doing this automatically.

Read more

HowTo get your System Information

System Activity Information: sar
To use sar, sadc (system activity data collector) needs to be running. Check its status or start it with rcsysstat {start|status}.
sar can generate extensive reports on almost all important system activities, among them CPU, memory, IRQ usage, IO, or networking. With its many options, it is too complex to explain further here. Refer to the man page for extensive documentation with examples.

Memory Usage: free
The utility free examines RAM usage. Details of both free and used memory and swap areas are shown:
poison:~ # free
total used free shared buffers cached
Mem: 450128 398428 51700 0 10280 141204
-/+ buffers/cache: 246944 203184
Swap: 514040 182656 331384
The options -b,-k,-m,-g show output in bytes, KB, MB, or GB, respectively

User Accessing Files: fuser
It can be useful to determine what processes or users are currently accessing certain files. Suppose, for example, you want to unmount a file system mounted at /mnt. umount returns “device is busy.” The command fuser can then be used to determine what processes are accessing the device:
poison:~ # fuser -v /home/nikesh/
USER PID ACCESS COMMAND
/home/nikesh/: nikesh 5476 ..c.. su

Kernel Ring Buffer: dmesg
poison:~ # dmesg | more
Linux version 2.6.18.2-34-default (geeko@buildhost) (gcc version 4.1.2 20061115 (prerelease) (SUSE Linux)) #1 SMP Mon Nov 27
11:46:27 UTC 2006
BIOS-provided physical RAM map:
BIOS-e820: 0000000000000000 - 000000000009f400 (usable)
BIOS-e820: 000000000009f400 - 00000000000a0000 (reserved)
BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved)
BIOS-e820: 0000000000100000 - 000000001bef0000 (usable)
BIOS-e820: 000000001bef0000 - 000000001bef3000 (ACPI NVS)
BIOS-e820: 000000001bef3000 - 000000001bf00000 (ACPI data)
BIOS-e820: 00000000e0000000 - 00000000f0000000 (reserved)
BIOS-e820: 00000000fec00000 - 0000000100000000 (reserved)
0MB HIGHMEM available.
446MB LOWMEM available.
found SMP MP-table at 000f5e30
On node 0 totalpages: 114416
DMA zone: 4096 pages, LIFO batch:0
Normal zone: 110320 pages, LIFO batch:31
DMI 2.3 present
…………………

List of Open Files: lsof.
To view a list of all the files open for the process with process ID PID, use -p. For example, to view all the files used by the current shell, enter:
poison:~ # lsof -p $$
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
bash 4700 root cwd DIR 3,6 4096 1811521 /root
bash 4700 root rtd DIR 3,6 4096 2 /
bash 4700 root txt REG 3,6 557704 913931 /bin/bash
bash 4700 root mem REG 3,6 131115 2139537 /lib/ld-2.5.so
bash 4700 root mem REG 0,0 0 [heap] (stat: No such file or directory)
bash 4700 root mem REG 3,6 42546 2137956 /lib/libnss_files-2.5.so
bash 4700 root mem REG 3,6 238464 344723 /usr/lib/locale/en_US.utf8/LC_CTYPE
bash 4700 root mem REG 3,6 1494633 2140298 /lib/libc-2.5.so
bash 4700 root mem REG 3,6 16082 2140299 /lib/libdl-2.5.so
bash 4700 root mem REG 3,6 294652 2140313 /lib/libncurses.so.5.5
bash 4700 root mem REG 3,6 28088 2140319 /lib/libhistory.so.5.1
bash 4700 root mem REG 3,6 192840 2140316 /lib/libreadline.so.5.1
bash 4700 root mem REG 3,6 42325 2137960 /lib/libnss_nis-2.5.so
bash 4700 root mem REG 3,6 95913 2140304 /lib/libnsl-2.5.so
bash 4700 root mem REG 3,6 32135 2137952 /lib/libnss_compat-2.5.so
bash 4700 root mem REG 3,6 25460 329733 /usr/lib/gconv/gconv-modules.cache
bash 4700 root 0u CHR 136,4 6 /dev/pts/4
bash 4700 root 1u CHR 136,4 6 /dev/pts/4
bash 4700 root 2u CHR 136,4 6 /dev/pts/4
bash 4700 root 255u CHR 136,4 6 /dev/pts/4

Interprocess Communication: ipcs
The command ipcs produces a list of the IPC resources currently in use:
poison:~ # ipcs
—— Shared Memory Segments ——–
key shmid owner perms bytes nattch status
0×00000000 98304 root 600 33554432 7 dest
0×00000000 32769 root 666 66136 2 dest
0×00000000 524290 root 600 393216 2 dest
0×00000000 557059 root 600 393216 2 dest
0×00000000 589828 root 600 393216 2 dest
0×00000000 622597 root 600 393216 2 dest
0×00000000 786438 root 666 131040 1 dest
—— Semaphore Arrays ——–
key semid owner perms nsems
0×00000000 65536 wwwrun 600 1
0×00000000 98305 wwwrun 600 1
—— Message Queues ——–
key msqid owner perms used-bytes messages

Process Tree: pstree
The command pstree produces a list of processes in the form of a tree:

Processes: top
The command top, which stands for “table of processes,” displays a list of processes that is refreshed every two seconds. To terminate the program, press Q. The parameter -n 1 terminates the program after a single display of the process list. The following is an example output of the command top -n 1:

Who Is Doing What: w
With the command w, find out who is logged onto the system and what each user is doing. For example:
poison:~ # w
00:32:58 up 33 min, 8 users, load average: 1.71, 1.35, 0.82
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
root :0 00:00 ?xdm? 2:06 0.21s /bin/sh /usr/bin/kde
root pts/0 00:00 32:03 0.00s 1.17s kded –new-startup
root pts/1 00:01 31:48 0.14s 0.13s wvdial
root pts/2 00:01 31:18 0.08s 0.04s tail -f access.log
root pts/3 00:01 20:04 2.55s 0.03s /bin/bash
root pts/4 00:01 1.00s 0.07s 0.00s w
root pts/5 00:01 8:36 0.08s 0.06s -bash
root pts/6 00:01 31:33 0.03s 0.03s /bin/bash

Read more