The following is a first step in finding and removing exploits and root kits on a Linux or BSD system. 1. EXECUTE THE FOLLOWING COMMANDS TO HELP PREVENT UPLOADS OF EXPLOITS: chmod 0750 `which curl` 2>&-; chmod 0750 `which fetch` 2>&-; chmod 0750 `which wget` 2>&- 2. EXECUTE THE FOLLOWING COMMANDS TO CHECK FOR POSSIBLE […]
Archive for December 6th, 2011
December 6th, 2011
SERVER LOAD TWEAKS…APACHE/MYSQL/SMTP-POP3/EXIM/IMAP
Q:- How to trace the server load? (Inludes with all application.) The steps are according to services :- —————————————————————- 1. Apache :- TOP command >> check for many httpd processes Login to WHM >> Check for “Apache ststus”,if find anyone downloading mp3,rar,exe,zip files then suspen that account Also used to check “cpu/memory/Mysql Usage” option from WHM […]
December 6th, 2011
Script to catch malicious perl scipts uploaded to /tmp
Following script can help you to catch malicious perl scipts uploaded to /tmp. #!/bin/bash #Script designed for http://dantechie.blogspot.com/. Its GNU,FREE,DISTRIBUTABLE ROOTBADSCRIPTS=/root/badperlscripts EMAILLOG=/root/emailperlscriptlog LOAD=`cat /proc/loadavg | awk ‘{print $1, $2, $3}’` HOST=`hostname` TIME=`date` ADMINEMAILS=”,admin@admin.com” if [ ! -e $ROOTBADSCRIPTS ]; then mkdir $ROOTBADSCRIPTS chmod 700 $ROOTBADSCRIPTS fi rm -f $EMAILLOG touch $EMAILLOG for FILES in /tmp/* do […]
December 6th, 2011
How to trace the DDOS attack on the server ?
1. Your should have following setting at the time of DDOS attack in httpd.conf: TimeOut = 20 KeepAlive Off MaxClients 384 MinSpareServers 20 MaxSpareServers 25 2. in /usr/local/ddos/ddos.conf NO_OF_CONNECTIONS=20 3. You should have 7 SSH session and 1 WHM at the time of DDOS. 4. Check the domlogs to trace out a particular website for […]
December 6th, 2011
How to set limit to remove the Frozen Maiils Automatically ?
vi /etc/exim.conf timeout_frozen_after = 8d ( 8 Days ) /scripts/restartsrv_exim
December 6th, 2011
Nobody Prevention Script
A big problem today is the abundance of Spammers listing as “Nobody”. This tutorial will outline how to properly set it up on Cpanel based systems. root@yourserver [~]# mv /usr/sbin/sendmail /usr/sbin/sendmail.real // backup your existing sendmail in the event of an error. root@yourserver [~]# pico /usr/sbin/sendmail // Open this badboy up, now paste the code […]
December 6th, 2011
TYPES OF WEB HOSTING SERVICE
Free web hosting service It is a free of cost web hosting service and frequently advertisement-supported and of limited features. It will either provide a sub-domain (yoursite.example.com) or a directory on host’s site (www.example.com/~yourname). Shared web hosting service Here your web site is hosted on the same server where many other sites are their, ranging […]
December 6th, 2011
How to uninstall apf on a linux machine
You can use the following steps to uninstall apf on a linux machine: First stop the apf service. # /etc/rc.d/init.d/apf stop Remove the apf files from the server. # rm -Rf /etc/apf # rm -Rf /etc/rc.d/init.d/apf # rm -Rf /var/log/apf_log # rm -Rf /var/log/apfados_log # rm -Rf /usr/local/sbin/apf Disable apf in the run […]
December 6th, 2011
Prevent hotlinking of images from .htaccess
Preventing Images Hotlinking on a Web Site Bandwidth theft or hotlinking is a direct linking to web site’s files (images, video, etc.). It can be prevented with the mod_rewrite module. Place rules like below into the .htaccess files for the domain (for example www.example.com): RewriteEngine on RewriteCond % !^$ RewriteCond % !^http://(www\.)?example\.com(/)?.*$ [NC] RewriteRule \.(gif|jpg|jpeg|png|swf)$ […]
December 6th, 2011
How to Set Up and Create Sender Policy Framework (SPF) Domain DNS TXT Record.
About SPF: SPF (Sender Policy Framework) is an open standard specifying a technical method that was created in order to stop and eliminate the forged or spoofed sender email addresses in the mail envelope SMTP MAIL FROM or Return-Path that commonly used in spam message. SPF allows the owner of an Internet domain to use […]
