How to Choose a Web Hosting Service

There are presently many web hosting deals in the market. It is therefore very important to understand the various factors affecting the price of these hosting packages in order to choose the right deal for yourself. Below are 5 key factors which you should consider:

1. Space – How much disk space do you need?

Pay only for what you need. To determine how much disk space you will need, simply open “Windows Explorer” or “My Computer” in Microsoft Windows and click on the folder that contains your web sites files. Create a new folder for your web site if you don’t have one and then move all of files you plan to host on the web server into that folder. All you have to do now is right click on your folder to check the size of that folder and you will know how much disk space you will use on the server.

2. Bandwidth – How much traffic are you expecting?

Bandwidth is the amount of traffic that is allowed to occur between your web site and the rest of the internet. The amount of bandwidth a hosting company can provide is determined by their network connections, both internal to their data centre and external to the public internet.

You can try to estimate your site’s monthly data transfer by using the following formula:
[Average size of your web page(s) + any graphics included within] * [number of visitors you expect each day * number of pages each visitor will view] * [30 days in a month] = Total Monthly Data Transfer Usage.

3. Support – Do they provide at least 24/7 Support Desk?

Support is extremely crucial; this is something that cannot be compromised. You should have access to support 24 hours a day, such as the 24/7/365 Live Chat Technical Support by HostGator. This will ensure that your website is up and running most of the time.

You can also test the support desk. Choose anytime of the day or night and contact the support desk to test response time by asking any questions you might have.

4. Budget – How much are you willing to invest?

After you determine the space, bandwidth and extent of support that you require, set a realistic budget for yourself.

There are some companies that offer free web hosting. However, there is no guarantee on the stability of the service provided. In addition, before you purchase a package, search for existing discount coupons. For example, HostGator offers a discount of 25% off the total bill if you input the discount code “Valuediscount25″ before you pay for any of their hosting packages.

5. Terms and conditions – Are there any hidden clauses?

Obtain a clear and written understanding of all services and charges of your hosting package by reading the web hosting company’s Terms of Service & Privacy Policy. If questions still remain or some terms are unclear, it is strongly advised that you ask for clarification before signing up for a package.

After you have considered the above 5 factors, you should already be in a much better position to purchase a hosting package that meets your personal or business needs.

In my opinion there are many web hosting service, if you dont know where to start try Psykedinc.com there seem to be Just right for beginners

 

Dual boot ubuntu 10.10 and fedora 14

So it’s been a long time since I have added a post but I decided to take time off and add one on this interesting topic.

I already had Ubuntu installed on my toshiba satellite laptop and now I decided to install fedora 14.

Once I installed Fedora it did not detect ubuntu and after a lot of Googling I found that I had to first recover ubuntu grub2 and then do
an update-grub to get the option of installing both.

I booted the system via live usb and installed the grub via the below command into the MBR

grub-install /dev/sda


Reboot

Then I ran ‘update-grub’ and did a reboot again but it did not detect fedora 14 and booted straight into ubuntu.
Again after a lot of googling I realized that since fedora was installed on the extended partition it was not detected.

So Now what? Well the solution was simple but it tool me a long time to find out.
All you need to do is install startup manager

sudo apt-get install startupmanager


run by typing

sudo startupmanager


and thats it it wil create the grub file along with the option to boot fedora

 

Tcpdump to capture passwords

TCPdump is a very powerful command line interface packet sniffer.

1. Install tcpdump
Ubuntu

sudo apt-get install tcpdump 

Fedora/Centos/Red hat

sudo yum install tcpdump

2. TCPDUMP USE
- To display the Standard TCPdump output:

tcpdump

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

- Network interfaces available for the capture:

 tcpdump -D

1.eth1
2.any (Pseudo-device that captures on all interfaces)
3.lo

- Capture the traffic of a particular interface:

 tcpdump -i eth0

- To capture the UDP traffic:

tcpdump udp

- To capture the TCP port 80 traffic:

 tcpdump port http

- To capture the traffic from a filter stored in a file:

 tcpdump -F file_name

To create a file where the filter is configured (here the TCP 80 port)

vim file_name

port 80

- To send the capture output in a file instead of directly on the screen:

tcpdump -w capture.log

- To read a capture file:

tcpdump -r capture.log

- To display the packets having “wordpress.com” as their source or destination address:

tcpdump host wordpress.com

- To display the FTP packets coming from 192.168.1.100 to 192.168.1.2:

tcpdump src 192.168.1.100 and dst 192.168.1.2 and port ftp

- To display the packets content:

tcpdump -A port ftp 
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ath0, link-type EN10MB (Ethernet), capture size 96 bytes
20:53:24.872785 IP local.40205 > 192.168.1.2.ftp: S 4155598838:4155598838(0) win 5840
….g………………..
…………
20:53:24.879473 IP local.40205 > 192.168.1.2.ftp: . ack 1228937421 win 183
….g.I@………….
……..
20:53:24.881654 IP local.40205 > 192.168.1.2.ftp: . ack 43 win 183
….g.I@…….8…..
……EN
20:53:26.402046 IP local.40205 > 192.168.1.2.ftp: P 0:10(10) ack 43 win 183
….g.I@……`$…..
…=..ENUSER amateur

20:53:26.403802 IP local.40205 > 192.168.1.2.ftp: . ack 76 win 183
….h.I@………….
…>..E^
20:53:29.169036 IP local.40205 > 192.168.1.2.ftp: P 10:25(15) ack 76 win 183
….h.I@……#c…..
……E^PASS test123

20:53:29.171553 IP local.40205 > 192.168.1.2.ftp: . ack 96 win 183
….h.I@.,………..
……Ez
20:53:29.171649 IP local.40205 > 192.168.1.2.ftp: P 25:31(6) ack 96 win 183
….h.I@.,………..
……EzSYST

20:53:29.211607 IP local.40205 > 192.168.1.2.ftp: . ack 115 win 183
….h.I@.?…..j…..
……Ez
20:53:31.367619 IP local.40205 > 192.168.1.2.ftp: P 31:37(6) ack 115 win 183
….h.I@.?………..
……EzQUIT

20:53:31.369316 IP local.40205 > 192.168.1.2.ftp: . ack 155 win 183
….h.I@.g………..
……E.
20:53:31.369759 IP local.40205 > 192.168.1.2.ftp: F 37:37(0) ack 156 win 183
….h.I@.h…..e…..
……E.

Packets capture during a FTP connection. The FTP password can be easily intercepted because it is sent in clear text to the server.
We see in this capture the FTP username (amateur) and password (hosting).
You can use this incase you forget your ftp password and have stored it in your ftp client

Please note that this should not be used for any illegal and this blog will not be responsible for any actions that lead to illegal use

 

Expect

Dowload expect.pm from ubuntu and install using dpkg packahe manager
1. Expect

* a program to control interactive applications
o it maybe possible to control interactive applications from other scripting languages as well
+ python, perl
* expect programming is very easy compared to perl!
o crackers use expect to try and gain access to machines via ssh, ftp, telnet
+ ask AJC Blyth

2. Expect example uses

* as system administrators we may have need for automating interactive activities
o testing remote access works (telnet, ftp)
o down loading ftp files
o changing password
o running security checks
* we could build a script which test that our server is safe
o from guest accounts
o no telnet access is allowed
o no ssh from lab machines is allowed
+ but ssh from privileged machines is working

3. Expect and examples

* automatically creating passwords
o can be done via C
+ takes a lot of time to write such programs
+ will it work with NIS, shadow passwords or Kerboros?
* with expect we run the user program passwd and send keyboard input

4. Password Trial

* advice first run the program that you want to connect to expect by hand
o note the output and build expect around it
o so let us change a password for bob
*

passwd bob
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

o passwords were entered, but obviously the passwd program did not echo back our input!

5. Trial results

* we note that the program prompted us for a password twice
o both times it ended its sentence with password:
o as we are lazy we can wait until we see password: and ignore anything that was before
+ why is this good practice?
+ what must we watch out for?
*

#!/usr/bin/expect

spawn passwd [lindex $argv 0]
set password [lindex $argv 1]
expect “password:”
send “$password\r”
expect “password:”
send “$password\r”
expect eof

6. Testing the example

*

./exp1.exp bob 123
spawn passwd bob
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

* here we change user bob password to 123

7. Script explanation

*

#!/usr/bin/expect

spawn passwd [lindex $argv 0]
set password [lindex $argv 1]
expect “password:”
send “$password\r”
expect “password:”
send “$password\r”
expect eof

* #!/usr/bin/expect script is interpreted via expect located in directory /usr/bin
* spawn passwd [lindex $argv 0]
o run the program passwd bob and connect expect to this program
o note that [lindex $argv 0] resolves to bob
+ actually argument one (hmm..)

8. Script explanation

* set password [lindex $argv 1]
o defines a variable password and sets it to 123
* expect “password:”
o waits for the program passwd to issue password: before continuing
* send “$password\r”
o sends the users password to passwd followed by a carriage return
* note the script repeats the last two commands, why?
* finally expect eof wait for passwd to finish

9. Anchoring

* you might want to match text at the beginning or end of a line, this is via
o ^ for the beginning of a line
o $ for the end of a line
* also note that * means any number of characters

10. Pattern action pairs

*

#!/usr/bin/expect

set timeout 15

expect “hi” { send “You said hi\n” } \
“hello” { send “Hello to you\n” } \
“bye” { send “Goodbye\n” } \
timeout { send “I’m fed up\nbye\n” }

* if we run the script as shown below and type nothing we get:
*

I’m fed up
bye

* note that different actions can be associated with different input
o note also that the default timeout time is set at 10 seconds to disable the timeout facility
o set timeout -1

11. Autoftp and expect

* so far we have built the front end to autoftp
o scans the input file for URLs
o handles arguments
* we will use expect to control ftp, we will build this up this utility
* firstly we will ftp manually

12. Ftp session

*

fred@merlin:$ ftp guenevere
Connected to guenevere.
220 guenevere FTP server (Version wu-2.6.0(1))
Name (guenevere:fred): anonymous
331 Guest login ok, send your complete e-mail
331 address as password.
Password:nobody@nowhere.com

230-Welcome, archive user anonymous@merlin !
230-
230-The local time is: Mon Feb 12 15:18:14 2001
230-
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.

*

ftp> dir
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
total 20
d–x–x–x 2 0 0 4096 Aug 10 2000 bin
d–x–x–x 2 0 0 4096 Aug 10 2000 etc
d–x–x–x 2 0 0 4096 Aug 10 2000 lib
dr-xr-xr-x 4 0 0 4096 Sep 28 22:17 pub
-rw-r–r– 1 0 0 346 Aug 10 2000 welcome.msg
226 Transfer complete.
ftp> quit
221-You have transferred 0 bytes in 0 files.
221-Total traffic for this session was 1182
221-bytes in 1 transfers.
221-Thank you for using the FTP service on
221-guenevere. Goodbye.

13. Simple semi automated ftp script

* this script will log us into a site and then interact with the user
*

#!/usr/bin/expect

set site [lindex $argv 0]
spawn ftp $site
expect “Name”
send “anonymous\r”
expect “Password:”
send “nobody@nowhere.com\r”
interact

* note the interact statement
o connects the keyboard to the ftp program
* most ftp servers do not check for a valid email address!

14. Expect control constructs

* expect uses extends the Tcl language
* expect provides: if then else, while, set, interact, expect, for, switch, incr, return, proc
*

if {$count < 0} {
set total 1
}

*

if {$count < 5} {
puts "count is less than five"
} else {
puts "count is not less than five"
}

* you must place the statement begin brace on the same line as the if or else
o if in doubt follow the templates in these notes

15. More complex if

*

if {$count 0 {
puts “count is greater than zero”
} else {
puts “count is equal to zero”
}

16. While statement

*

#!/usr/bin/expect

set count 10
while {$count > 0} {
puts “the value of count is $count”
set count [expr $count-1]
}

* note the effect of the braces in {$count > 0}
o they defer evaluation of $count
o if you remove the braces then $count > 0 is internally replaced via: 10 > 0

17. for command

* has the syntax

for start expression next {

}
*

#!/usr/bin/expect

for {set count 10} {$count > 0} {incr count -1} {
puts “the value of count is $count”
}

18. Expressions

* 0 is false, 1 is true
* boolean operators || (or), && (and), ! (not)
* comparison operators <=, ==, != etc
* the brackets [ ] give this expression a higher precedence
* so in the example
*

set count [expr $count-1]

* the [expr $count-1] is evaluated before the set!

19. proc and return

*

#!/usr/bin/expect

proc mycompare {a b} {
if {$a $b} {
puts “$a is greater than $b”
return 1
} else {
puts “$a is equal to $b”
return 0
}
}

set value [mycompare 1 4]
puts “comparison returned $value”

*

./exp6.exp
1 is less than 4
comparison returned -1

20. Autoftp Tutorial

*

#!/usr/bin/expect
# this program is called exp7.exp
proc connect {} {
expect {
“Name*:” {
send “anonymous\r”
expect {
“Password:” {
send “nobody@nowhere.com\r”
expect “login ok*ftp>”
return 0
}
}
}
}
# timed out
return 1
}

*

set site [lindex $argv 0]
spawn ftp $site
while {[connect]} {
send “quit\r”
expect eof
spawn ftp $site
}
send “binary\r”
send “cd [lindex $argv 1]\r”
send “get [lindex $argv 2]\r”
send “quit\r”
expect eof

21. Laboratory session

* work on your assignment
* try out the following expect example
o you will need to add your password at the position yourpassword
*

#!/usr/bin/expect

log_user 0
spawn pwd
expect -re “(^.*/.*)$”
set localdir $expect_out(1,string)
expect eof

log_user 0
spawn ssh moppsy.comp.glam.ac.uk
expect “assword: “
send “yourpassword\r”
expect “\\$”
send “cd $localdir”
interact

 

Rapidshare Download Manager for Linux and Windows

JDownloader a.k.a JD

One of the best download managers, JD can be used to download from rapidshare, megaupload, filesserve, hotfile and numerous other sites.

Jdownloader install on Ubuntu 10.04

sudo add-apt-repository ppa:jd-team/jdownloader

sudo apt-get update

sudo apt-get install jdowloader

You may face an issue where JD randomly closes when dowloads are active. In that case you need to update java as below

sudo apt-get install sun-java6-jre

sudo update-alternatives --config java
and select sun java

For windows it can be downloaded from the site jdownloader.com

 

Top torrent sites and Torrent Search engines

Today I have decided to help those who keep searching the Internet For torrents.

Here is the list of Top Torrent sites with some very useful tips for getting exactly what you are searching for.

1) www.makeuseof.com

10 Ways To Speed Up Torrent Downloads

Top 6 Torrent Alternatives To The Pirate Bay

Top Torrent Search Engines for All Torrent Downloaders

How To Create Torrent Files & Share Them Using Transmission

How To Use RSS Feeds To Download Torrents Automatically

7 Apps to Make Most of TORRENTs

2)www.toorgle.com

Believe it or not, there’s a website Toorgle, the web interface looks quite similar to Google, is able to search up to 200+ torrent websites and it now has over 5,000,000 torrents indexed. If you don’t want to use software to do searches such as Torrent Harvester, you can try Toorgle.

3)www.raymond.cc

How To Download Torrent IF You Can’t Install and Run BitTorrent Client

Download Torrent Files in Firefox – FoxTorrent and FireTorrent Review

Auto search Torrents on multiple websites

How To Search and Download MP3 using Google

4) http://www.torrent-toolbar.com/

Torrnet search & Find Matching Subtitles!

The Torrent Toolbar searches in 1 click many popular BitTorrent sites and automatically matches available Subtitles translations from various subtitles sites in your language, saving you a lot of hassle and time.

5) Top Torrent Sites

* BTjunkie
* BTmon
* Demonoid
* IsoHunt
* Mininova
* SumoTorrent
* The Pirate Bay
* TorrentPortal
* TorrentReactor
* Torrentz

 

Proxy How to and Huge proxy list 3

Proxies

One of the best and powerful HTTP proxies is www.hidden.cc.

To check for rankings of proxy sites

www.proxytopsitelist.com/

High anonymous proxy list

211.138.124.198:80 high-anonymous proxy server China
69.167.158.167:80 high-anonymous proxy server United States
221.130.17.243:80 high-anonymous proxy server China
211.138.124.200:80 high-anonymous proxy server China
211.138.124.211:80 high-anonymous proxy server China
219.133.34.110:808 high-anonymous proxy server China
173.201.183.172:8080 high-anonymous proxy server United States
60.255.61.200:9415 high-anonymous proxy server China
220.20.199.74:8080 high-anonymous proxy server Japan
24.69.196.41:8000 high-anonymous proxy server Canada
193.55.112.41:3128 high-anonymous proxy server France
208.96.213.149:80 high-anonymous proxy server United States
69.146.181.221:2323 high-anonymous proxy server United States
217.216.139.224:8088 high-anonymous proxy server Spain
24.25.255.138:8085 high-anonymous proxy server United States
208.67.253.170:80 high-anonymous proxy server United States
76.167.189.244:8085 high-anonymous proxy server United States
98.179.216.229:8085 high-anonymous proxy server United States
59.148.22.142:8088 high-anonymous proxy server Hong Kong
211.138.124.196:80 high-anonymous proxy server China
221.130.7.82:80 high-anonymous proxy server China
218.201.21.176:80 high-anonymous proxy server China
218.201.21.158:80 high-anonymous proxy server China
221.130.13.225:80 high-anonymous proxy server China
221.130.7.228:80 high-anonymous proxy server China
174.142.24.205:3128 high-anonymous proxy server Canada
221.130.162.243:80 high-anonymous proxy server China
211.138.124.233:80 high-anonymous proxy server China
174.142.24.203:3128 high-anonymous proxy server Canada
221.130.7.226:80 high-anonymous proxy server China
207.61.241.100:9090 high-anonymous proxy server Canada
81.202.111.205:8090 high-anonymous proxy server Spain
123.125.156.142:80 high-anonymous proxy server China
211.138.124.232:80 high-anonymous proxy server China
221.130.13.39:80 high-anonymous proxy server China
173.203.215.116:80 high-anonymous proxy server United States
211.138.124.199:80 high-anonymous proxy server China
221.130.13.41:80 high-anonymous proxy server China
221.130.13.38:80 high-anonymous proxy server China
80.193.72.145:80 high-anonymous proxy server United Kingdom
221.130.13.232:80 high-anonymous proxy server China
221.130.162.244:80 high-anonymous proxy server China
221.130.13.233:80 high-anonymous proxy server China
218.201.21.178:80 high-anonymous proxy server China
137.165.1.111:3128 high-anonymous proxy server United States
87.118.94.44:3128 high-anonymous proxy server Germany
221.7.154.28:1080 high-anonymous proxy server China
211.138.124.210:80 high-anonymous proxy server China
213.0.89.53:8080 high-anonymous proxy server Spain
221.130.162.249:80 high-anonymous proxy server China
174.142.104.57:3128 high-anonymous proxy server Canada

And for those of you who are noobs or don’t know how to configure a proxy you may want to check the link below
www.ehow.com/how_2269615_use-a-proxy.html

 

Ubuntu 10.04 Desktop Customization Guide

From This

To This

Click Here

 

Linux tips and tricks

Uncompress multiple .zip .gz or .bz2

.zip

for file in *.zip; do unzip “${file}”; done

.gz

gunzip *.gz

.bz2

bunzip2 *.bz2

tar.gz

for file in *.tar.gz; do tar zxf “${file}”; done

tar.bz2

for file in *.tar.bz2; do tar jxf “${file}”; done

Shell script usage

If you use one of the snippets that uses a for loop in a script with an arbitrary number of archives, you may want to set the shell to use “nullglobs”. For instance, normally *.tar.gz will evaluate to *.tar.gz when no files were found that match this wildcard, rather than evaluating to an empty string. As a result ‘tar’ is executed with this string as a parameter. To avoid this, you can request that the shell uses nullglobs with:

shopt -s nullglob

If no matches were found, the shell will return an empty string, and the for loop is terminated.

Search and Replace in multiple files.

Example: Replace every instance of yourdomain with mydomain in all .html files in current path using Perl.

perl -pi -e “s/yourdomain/mydomain/g;” *.html

Same as above but make a copy of original file for backup.

perl -pi -e.bak “s/yourdomain/mydomain/g;” *.html

Or, if you prefer a lightweight solution, you can use sed:

sed -i ‘s/yourdomain/mydomain/g’ *.html

(Add -r if you want to use extended regular expressions with sed.)

This Tips & Trix will cover banners for SSH and the console prompt.

About legal issues

An often forgotten area in system protection is an well formed banner text.

Since the publication of the “Computer Misuse Act 1990″ it has been strongly recommended that computers display a banner before allowing users to log in. The Act stipulates that an offense of unauthorized access can only be committed if the offender knew at the time that the access he intended to obtain was unauthorized. Login banners are the best way to achieve this. The “Regulation of Investigatory Powers Act 2000″ also requires information to be given to computer users: login banners may also be a good way to do this dissemination.

/etc/motd

Console login The content of this file is shown after the user has logged in, and immediately before the shell is started.

/etc/issue.net

Network login

OBS By default is this disabled in ssh!

The content of this file is shown when a ssh session is connected and before the authorization.

To enable this in ssh you have to follow this simple steps:

1. Create a /etc/issue.net file and fill it with the desired context

2. Edit /etc/ssh/sshd_config, to look like this Banner /etc/issue.net

3. Restart sshd, service sshd restart

FTP Greeting Banner

This topic is covered in the “Deployment Guide” for CentOS 5.1 in section 43.2.6.1. “FTP Greeting Banner”

*

[javascript:void(0);/*1234255103621*/ http://www.centos.org/docs/5/html/5.1/Deployment_Guide/s2-server-ftp-gbanner.html]

TCP Wrappers and Connection Banners

This topic is covered in the Deployment Guide” for CentOS 5.1 in section 43.2.1.1.1. “TCP Wrappers and Connection Banners”

*

[javascript:void(0);/*1234255117465*/ http://www.centos.org/docs/5/html/5.1/Deployment_Guide/s3-server-tcp-banner.html]

Sample banner texts

Example #1

Unauthorized access to this machine is prohibited
Press if you are not an authorized user

Example #2

********************************************************************
* *
* This system is for the use of authorized users only. Usage of *
* this system may be monitored and recorded by system personnel. *
* *
* Anyone using this system expressly consents to such monitoring *
* and is advised that if such monitoring reveals possible *
* evidence of criminal activity, system personnel may provide the *
* evidence from such monitoring to law enforcement officials. *
* *
********************************************************************

Fancy banners

linux_logo

“Create nice ASCII Art logos”

linux_logon is a tool that creates ASCII Art banners. The default ASCII art can be seen in the example below or other created from a template file. It does also add system stats like kernel version, CPU version, RAM and utilization values.

Example

#####
#######
@ ##O#O##
###### @@# #VVVVV#
## # ## VVV ##
## @@@ ### #### ### ### ##### ###### # ##
## @ @# ### ## ## ## ### ## # ##
## @ @# ## ## ## ## ### # ###
## @@# ## ## ## ## ### QQ# ##Q
## # @@# ## ## ## ## ## ## QQQQQQ# #QQQQQQ
## ## @@# # ## ## ### ### ## ## QQQQQQQ# #QQQQQQQ
############ ### #### #### #### ### ##### ###### QQQQQ#######QQQQQ
Linux Version 2.6.18-53.1.4.el5, Compiled #1 SMP Fri Nov 30 00:45:16 EST 2007
One 2.19GHz AMD AMD Turion(tm) 64 Mobile ML-40 Processor, 256M RAM, 4394.20 Bogomips Total
localhost.localdomain

An alternative to linux_logo is FIGlet.

Programs that could be used to create ASCII/ANSI logos

http://dag.wieers.com/rpm/packages/linux_logo/

http://www.deater.net/weave/vmwprod/linux_logo/

 

Linux System administration tutorials and How to

Monitoring the system:

Basic command line:

pstree Processes and parent-child relationships
top Show top processes
iostat Report CPU statistics and input/output statistics for devices and partitions.
ps -auxw process status
uname -a print system information
cat /proc/version Display Linux kernel version in use.
cat /etc/redhat-release Display Red Hat Linux Release. (also /etc/issue)
uptime Tell how long the system has been running. Also number of users and system’s load average.
w Show who is logged on and what they are doing.
/sbin/lsmod List all currently loaded kernel modules.
Same as cat /proc/modules
/sbin/runlevel Displays the system’s current runlevel.
hostname Displays/changes the system’s node name. (Must also manually change hostname setting in /etc/sysconfig/network. Command will change entry in /etc/hosts)
service Red Hat/Fedora command to display status of system services.
Example: service –status-all
Help: service –help

Process Management:

The basic Linux monitoring commands such as pstree and ps -auxw and top will inform you of the processes running on your system. Sometimes a process must be terminated. To terminate a process:

1. Identify the process:
* pstree -p
OR
* ps -auxw
OR
* top
2. Kill the process:
* kill
* killall

This will perform an orderly shutdown of the process. If it hangs give a stronger signal with: kill -9 . This method is not as sanitary and thus less preferred.

A signal may be given to the process. The program must be programmed to handle the given signal. See /usr/include/bits/signum.h for a full list. For example, to restart a process after updating it’s configuration file, issue the command kill -HUP

In the previous example, the HUP signal was sent to the process. The software was written to trap for the signal so that it could respond to it. If the software (command) is not written to respond to a particular signal, then the sending of the signal to the process is futile.

Identify all known signals: fuser -l

lsof – Processes attached to open files or open network ports:

The command lsof shows a list of processes attached to open files or network ports.

* List processes attached to a given file: lsof filename:

[root@test DIR]# lsof path to file

The process attached to an open file can be killed using the command fuser -ki filename

* List all open files on system: lsof
(Long list)

* List all files opened by user: lsof -u user-id

* The commands netstat -punta and socklist will list open network connections.
Use the command lsof -i TCP:port-number to see the processes attached to the port.
Example:

[root@test DIR]# lsof -i TCP:389

Restricting user resources:

* ulimit: (bash shell command)

Shell and process resources may be controlled and reported using the ulimit command. Display the limits of a shell using the bash command “ulimit -a”. Limits can be set for the number of open files and processes, memory and virtual memory etc.

* See limits assigned in /etc/security

* Modify process scheduling priority: Range goes from -20 (highest priority) to 19 (lowest).
o Lower scheduling priority (runs slower and less likely to slow you down.)
nice -n 19 program-to-launch
Default for “nice -n” is 10
o Show default for any process: nice executable
Shows nice value to be used if run.
Memory Usage:

Linux Commands to Monitor Memory Usage:

vmstat Monitor virtual memory
free Display amount of free and used memory in the system. (Also: cat /proc/meminfo)
pmap Display/examine memory map and libraries (so). Usage: pmap pid
top Show top processes
sar -B Show statistics on page swapping.
time -v date Show system page size, page faults, etc of a process during execution. Note you must fully qualify the command as “/usr/bin/time” to avoid using the bash shell command “time”.
cat /proc/sys/vm/freepages Display virtual memory “free pages”.
One may increase/decrease this limit: echo 300 400 500 > /proc/sys/vm/freepages
cat /proc/meminfo Show memory size and usage

System crash and disk check upon boot:

Pertains to Red Hat 7.1 EXT2 filesystems and earlier which require an integrity check. (RH 7.2+ uses EXT3 which is a journaled file system which maintains file system integrity even with a crash.)

If the system crashes (due to power outage etc…) then upon boot the system will check if the disk was unmounted cleanly. If not you may get the following message:

Unexpected inconsistency; Run fsck Manually
…
*** An error occurred during the file system check.
*** Dropping you to a shell; the system will reboot
…
.
Give root password for maintenance
(or type Control-D for normal startup):

At this point enter the root password then run fsck:

(repair file system) 1# fsck -A -y
…
..
.
***** FILE SYSTEM WAS MODIFIED *****
…
..
.
(repair file system) 2# exit

The system will hopefully reboot properly at this point.
fsck man page
Note that fsck is NOT run against mounted file systems.

User Info:

Commands:

who Displays currently logged in users.
Use who -uH for idle time and terminal info.
users Show all users logged in.
w Displays currently logged in users and processes they are running.
whoami Displays user id.
groups Display groups you are part of.
Use groups user-id to display groups for a given user.
set Display all environment variables in your current environment.
id Display user and all group ids.
Use id user-id to display info for another user id.
last Listing of most recent logins by users. Show where from, date and time of login (ftp, ssh, …) Also see lastlog command.
Show last 100 logins: last -100
history Shell command to display previously entered commands.

RPM – Redhat Package Manager:

The rpm command is used to manage software applications and system modules for Red Hat, Fedora, CentOS, Suse and many other Linux distributions.

Step One: Import Red Hat and Fedora GPG signature keys:

View your public key: (RHEL5)

[root@yoserver2 ~]# rpm -qa gpg-pubkey
gpg-pubkey-ed555983-3457f7f3
[root@yoserver2 ~]# rpm -qi gpg-pubkey-ed555983-3457f7f3
…
…

(Thus already installed. Your system is ready.)

Remove your public key: (RHEL5)

[root@yoserver2 ~]# rpm -e gpg-pubkey-ed555983-3457f7f3

Install public key: (Red Hat package up2date – now depricated. Use YUM.)

[root@yoserver2 ~]# rpm –import /usr/share/rhn/RPM-GPG-KEY
[root@yoserver2 ~]# rpm –import /usr/share/rhn/RPM-GPG-KEY-fedora

Do this once to configure RPM so that you won’t constantly get the warning message that the signature is “NOKEY”.
The purpose is to protect you from using a corrupt or hacked RPM.
Once these command are performed, you are ready to use the RPM command. (This is also required for the YUM commands below.)

YUM config file: /etc/yum.conf (Fedora Core 3)

[main]
cachedir=/var/cache/yum
debuglevel=2
logfile=/var/log/yum.log
pkgpolicy=newest
distroverpkg=redhat-release
tolerant=1
exactarch=1
retries=20
obsoletes=1
gpgcheck=1
exclude=firefox mozplugger gftp

# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d

You may list packages you wish NOT to update (Space delimited list. ‘*’ wildcards allowed.): exclude=package-name
(i.e. On x86_64 I do not update firefox or mozplugger with the 64 bit version, I use the 32 bit version so that 32 bit plugins will work.)
Set “gpgcheck=0″ to avoid the signature check.
For the option “gpgcheck=1″ to work, use the “rpm –import GPG-KEY commands as detailed above in section one of the RPM tutorial.

[root@server2 ~]# rpm –import /usr/share/rhn/RPM-GPG-KEY
[root@server2 ~]# rpm –import /usr/share/rhn/RPM-GPG-KEY-fedora

File: /etc/yum.repos.d/fedora.repo (Fedora Core 3)

[base]
name=Fedora Core $releasever – $basearch – Base
#baseurl=http://download.fedora.redhat.com/pub/fedora/linux/core/$releasever/$basearch/os/
mirrorlist=http://fedora.redhat.com/download/mirrors/fedora-core-$releasever
enabled=1
gpgcheck=1

Mirror site/sites which contain Fedora base configuration RPM’s.
Other protocols such as ftp can be used as well as http.

File: /etc/yum.repos.d/fedora-updates.repo (Fedora Core 3)

[updates-released]
name=Fedora Core $releasever – $basearch – Released Updates
#baseurl=http://download.fedora.redhat.com/pub/fedora/linux/core/updates/$releasever/$basearch/
mirrorlist=http://fedora.redhat.com/download/mirrors/updates-released-fc$releasever
enabled=1
gpgcheck=1

Mirror site which contain Fedora updated RPM’s.

List of mirrors: http://fedora.redhat.com/download/mirrors.html

Terms:

* releasever: Release Version – current version of Fedora.
* basearch: Base Architecture – system hardware architecture i.e. i386

Add other repositories: (not included in default install)

* Fedora Extras:
Create file: /etc/yum.repos.d/extras.repo

[extras]
name=Fedora Extras $releasever – $basearch
baseurl=http://mirrors.kernel.org/fedora/extras/$releasever/$basearch/

http://www.mirrorservice.org/sites/download.fedora.redhat.com/pub/fedora/linux/extras/$releasever/$basearch/

http://fr2.rpmfind.net/linux/fedora/extras/$releasever/$basearch/

gpgcheck=1

Adding FreshRPM GPG signature key:

[root@server2 ~]# rpm –import http://download.fedora.redhat.com/pub/fedora/linux/extras/RPM-GPG-KEY-Fedora-Extras

* Add FreshRPM repository site to your list for downloads of non-standard Fedora software.
(Software not released by Red Hat like DVD players, audio encoders/rippers, etc)
Create file: /etc/yum.repos.d/freshrpms.repo

[freshrpms]
name=Fedora Linux $releasever – $basearch – freshrpms
baseurl=http://ayo.freshrpms.net/fedora/linux/$releasever/$basearch/freshrpms
enabled=0
gpgcheck=1

To directly enable a particular repository which is currently disabled (enabled=0): yum -y –enablerepo=freshrpms install kino

Adding FreshRPM GPG signature key:

[root@server2 ~]# rpm –import http://freshrpms.net/packages/builds/yum/RPM-GPG-KEY.freshrpms

More examples of FreshRPMs yum.conf

* Add: dag.wieers.com
Create file: /etc/yum.repos.d/dag.repo

[dag]
name=Dag APT Repository
baseurl=http://dag.freshrpms.net/fedora/$releasever/en/$basearch/dag/

http://dag.atrpms.net/fedora/$releasever/en/$basearch/dag/

http://ftp.heanet.ie/pub/freshrpms/pub/dag/fedora/$releasever/en/$basearch/dag/

enabled=0
gpgcheck=1

Directly enable repository: yum -y –enablerepo=dag install fortune-oneliners Adding dag GPG signature key:

[root@server2 ~]# rpm –import http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt

* Add: Macromedia.mplug.org
Create file: /etc/yum.repos.d/flash.repo

[flash]
name=Macromedia Flash plugin
baseurl=http://macromedia.mplug.org/apt/fedora/$releasever

http://sluglug.ucsc.edu/macromedia/apt/fedora/$releasever

http://ruslug.rutgers.edu/macromedia/apt/fedora/$releasever

http://macromedia.rediris.es/apt/fedora/$releasever

enabled=0
#gpgcheck=1

To directly enable a particular repository which is currently disabled (enabled=0): yum -y –enablerepo=flash install flash-plugin

Using YUM and YUM examples:

* Update:
o List packages which will be updated: yum check-update
(Does not perform an update)
o Update all packages on your system: yum update
o Update a package: yum update package-name
o Update all with same prefix: yum update package-name-prefix\*
This command will update your system. It will interactively ask permission. i.e. “Is this ok [y/N]:”
o To avoid the prompt/questions use the command: yum -y
# To install a single package: yum -y install package-name
This will also resolve package dependencies.
# Remove a package: yum remove package-name
# Info:

* List available packages, version and state (base, installed, updates-released): yum list
* List the packages installed which are not available in repository listed in config file: yum list extras
* List packages which are obsoleted by packages in yum repository: yum list obsoletes

# Clean local cache of headers and RPM’s: yum clean all
(See: /var/cache/yum/)

Form of command: find path operators

Examples:

* Search and list all files from current directory and down for the string ABC:
find ./ -name “*” -exec grep -H ABC {} \;
find ./ -type f -print | xargs grep -H “ABC” /dev/null
egrep -r ABC *
* Find all files of a given type from current directory on down:
find ./ -name “*.conf” -print
* Find all user files larger than 5Mb:
find /home -size +5000000c -print
* Find all files owned by a user (defined by user id number. see /etc/passwd) on the system: (could take a very long time)
find / -user 501 -print
* Find all files created or updated in the last five minutes: (Great for finding effects of make install)
find / -cmin -5
* Find all users in group 20 and change them to group 102: (execute as root)
find / -group 20 -exec chown :102 {} \;
* Find all suid and setgid executables:
find / \( -perm -4000 -o -perm -2000 \) -type f -exec ls -ldb {} \;
find / -type f -perm +6000 -ls

Note: suid executable binaries are programs which switch to root privileges to perform their tasks. These are created by applying a “sticky” bit: chmod +s. These programs should be watched as they are often the first point of entry for hackers. Thus it is prudent to run this command and remove the “sticky” bits from executables which either won’t be used or are not required by users. chmod -s filename
* Find all world writable directories:
find / -perm -0002 -type d -print
* Find all world writable files:
find / -perm -0002 -type f -print
find / -perm -2 ! -type l -ls
* Find files with no user:
find / -nouser -o -nogroup -print
* Find files modified in the last two days:
find / -mtime 2 -o -ctime 2
* Compare two drives to see if all files are identical:
find / -path /proc -prune -o -path /new-disk -prune -o -xtype f -exec cmp {} /new-disk{} \;

Finding/Locating files:

locate/slocate Find location/list of files which contain a given partial name
which Find executable file location of command given. Command must be in path.
whereis Find executable file location of command given and related files
rpm -qf file Display name of RPM package from which the file was installed.

Note: The script /etc/cron.daily/updatedb.cron generates the index for the locate command. It will generate the database /var/lib/locatedb

File Information/Status/Ownership/Security:

ls List directory contents. List file information
chmod Change file access permissions
chmod ugo+rwx file-name :Change file security so that the user, group and all others have read, write and execute privileges.
chmod go-wx file-name :Remove file access so that the group and all others have write and execute privileges revoked/removed.
chown Change file owner and group
chown root.root file-name :Make file owned by root. Group assignment is also root.
fuser Identify processes using files or sockets
If you ever get the message: error: cannot get exclusive lock
then you may need to kill a process that has the file locked. Either terminate the process through the application interface or using the fuser command: fuser -k file-name
file Identify file type.
file file-name
Uses /usr/share/magic, /usr/share/magic.mime for file signatures to identify file type. The file extension is NOT used.

CRON – Scheduling a re-occurring task:

Add shell script to have run hourly, daily, weekly or monthly into the appropriate directory:

* /etc/cron.hourly/
* /etc/cron.daily/
* /etc/cron.weekly/
* /etc/cron.monthly/

These are preconfigured schedules. To assign a very specific schedule add a line to the /etc/crontab file. Cron entries may also be added to a crontab formatted file located in the directory /var/spool/cron/.