Blog

Scanning for malware with Linux Malware Detect (LMD)

Linux Malware Detect (LMD), also known as Maldet, is a malware scanner for Linux released under the GNU GPLv2 license. It is particularly effective for the detection of php backdoors, darkmailers and many other malicious files that can be uploaded on a compromised website. It will help you do detect infected websites and clean the infection, however securing the compromised user or website is still necessary to avoid re-infection. If the server has cPanel , we recommend you install ClamAV first, as maldet will use the ClamAV scan engine. ClamAV installation instructions are available here. You will need to be logged in as root to the server over SSH. 1 - Install maldet
cd /usr/local/src/ && wget http://www.rfxn.com/downloads/maldetect-current.tar.gz && tar -xzvf maldetect-current.tar.gz && cd maldetect-* && sh install.sh
This will automatically install a cronjob inside /etc/cron.daily/maldet so a daily...

Change the current timezone in CentOS

Type the following commands as root: cp /etc/localtime /root/old.timezone rm /etc/localtime ln -s /usr/share/zoneinfo/America/Chicago /etc/localtime Verify new settings by typing the following two commands: date ls -l /etc/localtime Thats it :)...

Find and replace text within a file using commands on Linux

How can I find and replace specific words in a text file using command line? cd /path/to/your/folder/nikeshshakya sed -i 's/original/new/g' file.txt Explanation: sed = Stream EDitor -i = in-place (i.e. save back to the original file) The command string: s = the substitute command original = a regular expression describing the word to replace (or just the word itself) new = the text to replace it with g = global (i.e. replace all and not just the first occurrence) file.txt = the file name Or to make replace on all files on folder cd /path/to/your/folder/nikeshshakya sed -i 's/foo/bar/g' *...

How To Create a New User and Grant Permissions in MySQL

In the cases where more restrictions may be required, there are ways to create users with custom permissions. Let’s start by making a new user within the MySQL shell: CREATE USER 'nikesh'@'localhost' IDENTIFIED BY 'password'; Sadly, at this point newuser has no permissions to do anything with the databases. In fact, if newuser even tries to login (with the password, password), they will not be able to reach the MySQL shell. Therefore, the first thing to do is to create new database and provide the user with access to that database. create database nikeshdb; GRANT ALL PRIVILEGES ON nikeshdb.* TO 'nikeshshk'@'localhost'; The asterisks in this command refer to table that they can access—this specific command allows to the user to read, edit, execute and perform all tasks across all the databases and tables. Once you have finalized the permissions that you want...

Ubuntu – ownCloud Secure Access with SSL

Enable ssl sudo a2enmod ssl Create new directory for the self signed certificate sudo mkdir /etc/apache2/ssl Create the self signed certificate and the server key that protects it, and placing both of them into the new directory sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/owncloud.key -out /etc/apache2/ssl/owncloud.crt Now we setup the certificate sudo nano /etc/apache2/sites-available/default-ssl.conf The lines that need changing are the following ServerName 192.168.1.11:443 SSLEngine on SSLCertificateFile /etc/apache2/ssl/owncloud.crt SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key Activate the new vhost sudo a2ensite default-ssl Restart apache sudo service apache2 restart...

Hardening your Apache and PHP on Ubuntu 9.04 Server

You have installed LAMP and OpenSSH on your Ubuntu 9.04 Server. The first thing to do is to harden it in order to avoid some kind of attacks. You can do the following steps in front of your Ubuntu 9.04 Server or remote access it via OpenSSH. For OpenSSH, your Ubuntu 9.04 Server is at 192.168.0.10 : ssh 192.168.0.10 -l nikesh Step 1 : The avoid someone to list your files on your Apache directory, you should do the following step. sudo nano /etc/apache2/sites-available/default Add a minus "-" in the front of "Indexes" and it will looking like this :     Options -Indexes FollowSymLinks MultiViews     AllowOverride None     Order allow,deny     allow from all Step 2 : To enable the rewrite module of Apache. sudo a2enmod rewrite To avoid Cross-Site-Tracing attack. Add the following lines within " " :     RewriteEngine On     RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)     RewriteRule .* - [F] Step 3 : To avoid HTTP DoS,...