About: Nikesh Shakya

Recent Posts by Nikesh Shakya

Hardening your Apache and PHP on Ubuntu 9.04 Server

You have installed LAMP and OpenSSH on your Ubuntu 9.04 Server. The first thing to do is to harden it in order to avoid some kind of attacks. You can do the following steps in front of your Ubuntu 9.04 Server or remote access it via OpenSSH. For OpenSSH, your Ubuntu 9.04 Server is at 192.168.0.10 : ssh 192.168.0.10 -l nikesh Step 1 : The avoid someone to list your files on your Apache directory, you should do the following step. sudo nano /etc/apache2/sites-available/default Add a minus "-" in the front of "Indexes" and it will looking like this :     Options -Indexes FollowSymLinks MultiViews     AllowOverride None     Order allow,deny     allow from all Step 2 : To enable the rewrite module of Apache. sudo a2enmod rewrite To avoid Cross-Site-Tracing attack. Add the following lines within " " :     RewriteEngine On     RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)     RewriteRule .* - [F] Step 3 : To avoid HTTP DoS,...

How to Protect your Server Against the Shellshock Bash Vulnerability

On September 24, 2014, a GNU Bash vulnerability, referred to as Shellshock or the "Bash Bug", was disclosed. In short, the vulnerability allows remote attackers to execute arbitrary code given certain conditions, by passing strings of code following environment variable assignments. Because of Bash's ubiquitous status amongst Linux, BSD, and Mac OS X distributions, many computers are vulnerable to Shellshock; all unpatched Bash versions between 1.14 through 4.3 (i.e. all releases until now) are at risk. The Shellshock vulnerability can be exploited on systems that are running Services or applications that allow unauthorized remote users to assign Bash environment variables. Examples of exploitable systems include the following:
  • Apache HTTP Servers that use CGI scripts (via mod_cgi and mod_cgid) that are written in Bash or launch to Bash subshells
  • Certain DHCP clients
  • OpenSSH servers that use the ForceCommand capability
  • Various network-exposed services that use Bash
A detailed...

Adding Additional Disk Drives to CentOS 5/6

Making use of a second drive for extra space? Here's a quick run-down: 1) Make sure you know which disk is being formatted. First, second, and third drives will be /dev/sda, /dev/sdb, and /dev/sdc respectively. Check this with fdisk -l
[03:50:04] [[email protected] ~]# fdisk -l

Disk /dev/sda: 34.3 GB, 34359738368 bytes
255 heads, 63 sectors/track, 4177 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          13      104391   83  Linux
/dev/sda2        ... 						
						

Get Linux Server Sends Email Alert on Root Login

This guide is to improve the security of the server, which is exposed to the Internet and possible to get hacked worldwide, it’s best to enable server to automatically send a notification email to predefined email address every time someone logs in as root to the host. To configure the automatic email alert notification to a default email address on each incident of root log on on the server, use the following guide.
  1. Login to the server via SSH using as root ID.
  2. Ensure that you’re at home directory of root. The open up the .bash_profile for editing using vi by typing one of the following commands at command shell line:vi .bash_profile
  3. Scroll down to the end of the file and add the following line:
    echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root... 						
    						

Remove Duplicate Rows from a Table in SQL Server

Firstly, we will create a table, where we will insert some duplicate rows to understand the topic properly. Create a table called ATTENDANCE by using the following code: CREATE TABLE [dbo].[ATTENDANCE]( [EMPLOYEE_ID] [varchar](50) NOT NULL, [ATTENDANCE_DATE] [date] NOT NULL ) ON [PRIMARY] Now insert some data into this table. INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES ('A001',CONVERT(DATETIME,'01-01-11',5)) INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES ('A001',CONVERT(DATETIME,'01-01-11',5)) INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES ('A002',CONVERT(DATETIME,'01-01-11',5)) INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES ('A002',CONVERT(DATETIME,'01-01-11',5)) INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES ('A002',CONVERT(DATETIME,'01-01-11',5)) INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES ('A003',CONVERT(DATETIME,'01-01-11',5)) After inserting the data, check the data of the below table. If we grouped the employee_id and attendance_date, then A001 and A002 become duplicates. EMPLOYEE_ID ATTENDANCE_DATE A001 2011-01-01 A001 2011-01-01 A002 2011-01-01 A002 2011-01-01 A002 2011-01-01 A003 2011-01-01 So how can we delete those duplicate data? Solution First, insert an identity column in that table by using the following code: ALTER TABLE dbo.ATTENDANCE ADD AUTOID INT IDENTITY(1,1) Now the table data will be like the following table: EMPLOYEE_ID ATTENDANCE_DATE AUTOID A001 2011-01-01 1 A001 2011-01-01 2 A002...

Ever been Hacked and now you can’t delete the file…Operation not permitted

You can check the file and ownership permissions as well as if the file is set to immutable with these commands in root SSH: ls -lah /home/username/public_html/pathtofile lsattr /home/username/public_html/pathtofile The first command will show the file and ownership permissions. If they are 000 or root:root, the root user should still be able to remove the file regardless with this command: cd /home/username/public_html/pathtofolder rm filename People can really get into trouble by running rm commands without ensuring they are at the correct directory path for the removal. Next, the "lsattr" command above, the second one, will show if there are any attributes set on the file. If you see a -i on the lsattr command, then run this command to unset that attribute: chattr -i /home/username/public_html/pathtofile This will remove that immutable file attribute. What immutable does would be preventing changing and removing a file. If...

Recent Comments by Nikesh Shakya

    No comments by Nikesh Shakya yet.