You have installed LAMP and OpenSSH on your Ubuntu 9.04 Server. The first thing to do is to harden it in order to avoid some kind of attacks.
You can do the following steps in front of your Ubuntu 9.04 Server or remote access it via OpenSSH.
For OpenSSH, your Ubuntu 9.04 Server is at 192.168.0.10 :
ssh 192.168.0.10 -l nikesh
Step 1 :
The avoid someone to list your files on your Apache directory, you should do the following step.
sudo nano /etc/apache2/sites-available/default
Add a minus "-" in the front of "Indexes" and it will looking like this :
Options -Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
Step 2 :
To enable the rewrite module of Apache.
sudo a2enmod rewrite
To avoid Cross-Site-Tracing attack. Add the following lines within " " :
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
Step 3 :
To avoid HTTP DoS,...
Category Archives: Linux
How to Protect your Server Against the Shellshock Bash Vulnerability
On September 24, 2014, a GNU Bash vulnerability, referred to as Shellshock or the "Bash Bug", was disclosed. In short, the vulnerability allows remote attackers to execute arbitrary code given certain conditions, by passing strings of code following environment variable assignments. Because of Bash's ubiquitous status amongst Linux, BSD, and Mac OS X distributions, many computers are vulnerable to Shellshock; all unpatched Bash versions between 1.14 through 4.3 (i.e. all releases until now) are at risk.
The Shellshock vulnerability can be exploited on systems that are running Services or applications that allow unauthorized remote users to assign Bash environment variables. Examples of exploitable systems include the following:
- Apache HTTP Servers that use CGI scripts (via
mod_cgi
andmod_cgid
) that are written in Bash or launch to Bash subshells - Certain DHCP clients
- OpenSSH servers that use the
ForceCommand
capability - Various network-exposed services that use Bash
Converting WAV files
Converting WAV files
If you have a wav file (in what format?) you can convert it using the sox program. - Raw linear, signed 16 bit, mono, 8000 Hz (.slin)sox file.wav -t raw -r 8000 -c 1 -w -s file.slin- Raw mu-law, mono, 8000 Hz (.mulaw or .u)
sox file.wav -t raw -r 8000 -c 1 -b 8 -U file.mulaw- Raw A-law, mono, 8000 Hz (.alaw or .A)
sox file.wav -t raw -r 8000 -c 1 -b 8 -A file.alaw- Raw GSM, mono, 8000 Hz (.gsm)
sox file.wav -t raw -r 8000 -c 1 -b 8 -g file.gsm (not all versions of sox support this conversion)- SUN/SGI audio/basic file, mono 8000 Hz (.au) containing:
- Signed linear ...
VPN Installer for CentOS 6 Installation
To get started with your own secure VPN, simply execute the following commands at your servers command-line:
yum install -y git
cd /opt && git clone git://github.com/drewsymo/VPN.git
cd VPN && bash vpn-setup-vanilla.sh
If you’re on Linode, you can simply rebuild your instance with the PPTP VPN Installer StackScript.
Note: OpenVZ users, currently one of the iptables rules used in this script is not virtualised in OpenVZ (masquerade). This means you will need to run this line of code once you have finished installing the CentOS PPTP VPN script for it to work:
iptables -t nat -A POSTROUTING -j SNAT --to-source x.x.x.x
Where x.x.x.x is your venet0 IP address
In addition to this, you will also need OpenVZ kernel 2.6.32
How do I connect to my VPN?
You can now connect to your VPN using your servers IP as the hostname (this depends on your VPN...
Adding Additional Disk Drives to CentOS 5/6
Making use of a second drive for extra space? Here's a quick run-down:
1) Make sure you know which disk is being formatted. First, second, and third drives will be /dev/sda, /dev/sdb, and /dev/sdc respectively. Check this with
fdisk -l
[03:50:04] [root@virt ~]# fdisk -l Disk /dev/sda: 34.3 GB, 34359738368 bytes 255 heads, 63 sectors/track, 4177 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 * 1 13 104391 83 Linux /dev/sda2 ...
Get Linux Server Sends Email Alert on Root Login
This guide is to improve the security of the server, which is exposed to the Internet and possible to get hacked worldwide, it’s best to enable server to automatically send a notification email to predefined email address every time someone logs in as root to the host. To configure the automatic email alert notification to a default email address on each incident of root log on on the server, use the following guide.
- Login to the server via SSH using as root ID.
- Ensure that you’re at home directory of root. The open up the .bash_profile for editing using vi by typing one of the following commands at command shell line:vi .bash_profile
- Scroll down to the end of the file and add the following line:
echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root...