You have installed LAMP and OpenSSH on your Ubuntu 9.04 Server. The first thing to do is to harden it in order to avoid some kind of attacks.
You can do the following steps in front of your Ubuntu 9.04 Server or remote access it via OpenSSH.
For OpenSSH, your Ubuntu 9.04 Server is at 192.168.0.10 :
ssh 192.168.0.10 -l nikesh
Step 1 :
The avoid someone to list your files on your Apache directory, you should do the following step.
sudo nano /etc/apache2/sites-available/default
Add a minus "-" in the front of "Indexes" and it will looking like this :
Options -Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
Step 2 :
To enable the rewrite module of Apache.
sudo a2enmod rewrite
To avoid Cross-Site-Tracing attack. Add the following lines within " " :
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
Step 3 :
To avoid HTTP DoS,...
About: Nikesh Shakya
Recent Posts by Nikesh Shakya
How to Protect your Server Against the Shellshock Bash Vulnerability
On September 24, 2014, a GNU Bash vulnerability, referred to as Shellshock or the "Bash Bug", was disclosed. In short, the vulnerability allows remote attackers to execute arbitrary code given certain conditions, by passing strings of code following environment variable assignments. Because of Bash's ubiquitous status amongst Linux, BSD, and Mac OS X distributions, many computers are vulnerable to Shellshock; all unpatched Bash versions between 1.14 through 4.3 (i.e. all releases until now) are at risk.
The Shellshock vulnerability can be exploited on systems that are running Services or applications that allow unauthorized remote users to assign Bash environment variables. Examples of exploitable systems include the following:
- Apache HTTP Servers that use CGI scripts (via
mod_cgi
andmod_cgid
) that are written in Bash or launch to Bash subshells - Certain DHCP clients
- OpenSSH servers that use the
ForceCommand
capability - Various network-exposed services that use Bash
Adding Additional Disk Drives to CentOS 5/6
Making use of a second drive for extra space? Here's a quick run-down:
1) Make sure you know which disk is being formatted. First, second, and third drives will be /dev/sda, /dev/sdb, and /dev/sdc respectively. Check this with
fdisk -l
[03:50:04] [root@virt ~]# fdisk -l Disk /dev/sda: 34.3 GB, 34359738368 bytes 255 heads, 63 sectors/track, 4177 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 * 1 13 104391 83 Linux /dev/sda2 ...
Get Linux Server Sends Email Alert on Root Login
Posted on by Nikesh Shakya
in
Linux
This guide is to improve the security of the server, which is exposed to the Internet and possible to get hacked worldwide, it’s best to enable server to automatically send a notification email to predefined email address every time someone logs in as root to the host. To configure the automatic email alert notification to a default email address on each incident of root log on on the server, use the following guide.
- Login to the server via SSH using as root ID.
- Ensure that you’re at home directory of root. The open up the .bash_profile for editing using vi by typing one of the following commands at command shell line:vi .bash_profile
- Scroll down to the end of the file and add the following line:
echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root...
Remove Duplicate Rows from a Table in SQL Server
Firstly, we will create a table, where we will insert some duplicate rows to understand the topic properly. Create a table called ATTENDANCE by using the following code:
CREATE TABLE [dbo].[ATTENDANCE](
[EMPLOYEE_ID] [varchar](50) NOT NULL,
[ATTENDANCE_DATE] [date] NOT NULL
) ON [PRIMARY]
Now insert some data into this table.
INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES
('A001',CONVERT(DATETIME,'01-01-11',5))
INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES
('A001',CONVERT(DATETIME,'01-01-11',5))
INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES
('A002',CONVERT(DATETIME,'01-01-11',5))
INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES
('A002',CONVERT(DATETIME,'01-01-11',5))
INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES
('A002',CONVERT(DATETIME,'01-01-11',5))
INSERT INTO dbo.ATTENDANCE (EMPLOYEE_ID,ATTENDANCE_DATE)VALUES
('A003',CONVERT(DATETIME,'01-01-11',5))
After inserting the data, check the data of the below table. If we grouped the employee_id and attendance_date, then A001 and A002 become duplicates.
EMPLOYEE_ID ATTENDANCE_DATE
A001 2011-01-01
A001 2011-01-01
A002 2011-01-01
A002 2011-01-01
A002 2011-01-01
A003 2011-01-01
So how can we delete those duplicate data?
Solution
First, insert an identity column in that table by using the following code:
ALTER TABLE dbo.ATTENDANCE ADD AUTOID INT IDENTITY(1,1)
Now the table data will be like the following table:
EMPLOYEE_ID ATTENDANCE_DATE AUTOID
A001 2011-01-01 1
A001 2011-01-01 2
A002...
Ever been Hacked and now you can’t delete the file…Operation not permitted
You can check the file and ownership permissions as well as if the file is set to immutable with these commands in root SSH:
ls -lah /home/username/public_html/pathtofile
lsattr /home/username/public_html/pathtofile
The first command will show the file and ownership permissions. If they are 000 or root:root, the root user should still be able to remove the file regardless with this command:
cd /home/username/public_html/pathtofolder
rm filename
People can really get into trouble by running rm commands without ensuring they are at the correct directory path for the removal.
Next, the "lsattr" command above, the second one, will show if there are any attributes set on the file. If you see a -i on the lsattr command, then run this command to unset that attribute:
chattr -i /home/username/public_html/pathtofile
This will remove that immutable file attribute. What immutable does would be preventing changing and removing a file. If...
Recent Comments by Nikesh Shakya
No comments by Nikesh Shakya yet.