The Penguinlinux.com Blog

Mike Chirico (mchirico@users.sourceforge.net) or (mchirico@comcast.net)
Copyright (c) 2005 (GNU Free Documentation License)
Last Updated: Sun Jan 15 08:23:29 EST 2006

[http://souptonuts.sourceforge.net/quota_tutorial.html]

Implementing Disk Quotas on Linux

This tutorial walks you through implementing disk quotas for both
users and groups on Linux, using a virtual filesystem, which is a
filesystem created from a disk file. Since quotas work on a per-filesystem basis,
this is a way to implement quotas on a sub-section, or even multiple
subsections of your drive, without reformatting. This tutorial also
covers quotactl, or quota’s C interface, by way of an example program that can store
disk usage in a SQLite database for monitoring data usage over time.

Continua”How to configure quota on Red Hat Linux”

With the introduction of the Apache2 packages in Debian it is much simpler to create and use a secure SSL protected webserver than in the old days with Apache 1.3, here we’ll show how it is done.

If you have Apache 2.x installed already then you’re good to go as you don’t need anything extra installed.

Continua”SSL sites with Apache 2″

Found on .

http://www.debian-administration.org/articles/352

Recently I inheritted ownership of an SVN server which was misbehaving. Trying to determine why it wasn’t working correctly involved a few hours of testing, careful thought, and caffeine. Eventually I got it working correctly using the often-overlooked tool strace.

strace is a common tool upon many GNU/Linux systems including Debian. Put simply strace is a “system call tracer” - which is where it gets its name from.

Using strace, as root, you can monitor the system calls made by any process upon your system. This can be enormously beneficial when you have a misbehaving program.

Continua”Using strace to debug weird application errors”

Installing PostgreSQL
From CleversafeWiki
Jump to: navigation, search
Contents [hide]
1 RPM Installation
1.1 Fedora Core 4
1.2 Centos 4
2 Source Installation

This is just a quick guide on how to install Postgres on a Redhat machine.

]RPM Installation
Fedora Core 4
Goto http://www.postgresql.org/ftp/binary/v8.1.4/linux/rpms/fedora/fedora-core-4/ and download the following RPM packages:
postgresql-libs-8.1.4-1PGDG.i686.rpm
postgresql-8.1.4-1PGDG.i686.rpm
postgresql-server-8.1.4-1PGDG.i686.rpm
As a privileged user, install the RPM packages in the following order:
rpm -ihv postgresql-libs-8.1.4-1PGDG.i686.rpm
rpm -ihv postgresql-8.1.4-1PGDG.i686.rpm
rpm -ihv postgresql-server-8.1.4-1PGDG.i686.rpm
Start PostgreSQL by executing the command ‘/etc/init.d/postgresql start’
In the file ‘/var/lib/pgsql/data/pg_hba.conf’, replace all entries of “ident sameuser” with “trust”
In the file ‘/var/lib/pgsql/data/postgresql.conf’, change the line “max_connections=100″ to “max_connections=500″
Restart PostgreSQL by executing the command ‘/etc/init.d/postgresql restart’
[edit]Centos 4
Goto http://www.postgresql.org/ftp/binary/v8.1.4/linux/rpms/redhat/rhel-as-4/ and download the following RPM packages:
postgresql-libs-8.1.4-1PGDG.i686.rpm
postgresql-8.1.4-1PGDG.i686.rpm
postgresql-server-8.1.4-1PGDG.i686.rpm
As a privileged user, install the RPM packages in the following order:
rpm -ihv postgresql-libs-8.1.4-1PGDG.i686.rpm
rpm -ihv postgresql-8.1.4-1PGDG.i686.rpm
rpm -ihv postgresql-server-8.1.4-1PGDG.i686.rpm
Start PostgreSQL by executing the command ‘/etc/init.d/postgresql start’
In the file ‘/var/lib/pgsql/data/pg_hba.conf’, replace all entries of “ident sameuser” with “trust”
In the file ‘/var/lib/pgsql/data/postgresql.conf’, change the line “max_connections=100″ to “max_connections=500″
Restart PostgreSQL by executing the command ‘/etc/init.d/postgresql restart’
[edit]Source Installation
If your platform does not have an RPM package available, you also have the option to build and install PostgreSQL from source. It is actually a very simple process outlined below:

Login as an unpriviledge user (i.e. a standard user login)
Download the source from ftp://ftp.postgresql.org/pub/source/v8.1.4/postgresql-8.1.4.tar.gz
Extract the source by executing the command ‘tar -xzf postgresql-8.1.4.tar.gz’
Enter the newly created directory, postgresql-8.1.4
Configure the build process: execute ‘./configure’
If any dependencies are reported missing, you will need to install them
Build the software: execute ‘make’
Switch to superuser mode: execute ’su’
Install the software: execute ‘make install’
Create a ‘postgres’ system user: execute ‘adduser postgres’
Create the database directory: execute ‘mkdir /usr/local/pgsql/data’
Change ownership of database directory to ‘postgres’ user: execute ‘chown postgres /usr/local/pgsql/data’
Switch to ‘postgres’ account: execute ’su - postgres’
Initialize the database: execute “/usr/local/pgsql/bin/initdb -D /usr/local/pgsql/data”
In the file ‘/usr/local/pgsql/data/postgresql.conf’, change the line “max_connections=100″ to “max_connections=500″
Start the database: /usr/local/pgsql/bin/postmaster -D /usr/local/pgsql/data >logfile 2>&1 &

I am still getting blank emails from a verizon dsl customer. I found the IP address after viewing the source. 71.247.113.185

here is the command to use to block this ip address.

iptables -I INPUT -s 71.247.113.185 -j DROP

This command will simply drop any packet coming from the address 71.247.113.185 To list the chains:

iptables -L -n
.
.
[root@kpenguin root]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all — 71.247.113.185 0.0.0.0/0
acct_int all — 0.0.0.0/0 0.0.0.0/0
acct_ext all — 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT)
target prot opt source destination
acct_int all — 0.0.0.0/0 0.0.0.0/0
acct_int all — 0.0.0.0/0 0.0.0.0/0
acct_ext all — 0.0.0.0/0 0.0.0.0/0
acct_ext all — 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
acct_int all — 0.0.0.0/0 0.0.0.0/0
acct_ext all — 0.0.0.0/0 0.0.0.0/0

Chain acct_ext (4 references)
target prot opt source destination

Chain acct_int (4 references)
target prot opt source destination
.
.
.

The -n sticks with just IP addresses, rather than resolving the name. This is useful if you have a lot of IP addresses. It can take a lot of time to resolve all of the addresses, particularly since they are probably funky. After all, you have blocked them for some reason. If you need to investigate with names, just use the command with out -n:

iptables -L
.
.
.
DROP all — 55.55.55.25.i.portscan.com anywhere
DROP all — 55.56.55.202.many.fetch.api.request.com anywhere
.
.
.

If you later decide that you don’t want to drop packets from a particular host, use the -D option instead of -I:

iptables -D INPUT -s 71.247.113.185 -j DROP

The annoying emails stopped after I added that rule to the firewall. This is annoying and not a good solution, but this emails are coming from a dynamic IP and there is no way to contact the user behind this ip address.

At work I have been having problems with getting email from a customer that is infected by a worm that
keeps sending email to our s erver. This worm is sending blank emails and a few people have noticed it.

I don’t want to get any more emails from this ip address and I tried to edit SpamAssassin local.cf to block that
ip but you can only block by email address or domain name.

I will try to block the ip address to block it from sending us email .

using this dirty trick.

Continua”How to block an IP address without IPTables”

Here we go again with another article about rootkits.

How do you know if you server has been hacked or not?

you can find out with the help fo root kit scanners. :)

Rootkit scanners help you to find rootkits or detect their presence. Probably you are familiar
with chkrootkit and rkhunter, they are good tools to scan your Linux system for rootkit activity.

If you are not aware of those tools google them or search for them on this blog.

Browsing the web I came across another toolcalled rootcheck and I found it on this site.

http://www.webhostgear.com/164.html

So after reading the above guide I am going to show you how to scan your server using rootcheck to
scan your computer for signs of tampering.

Let’s try to do it on one of our servers here at work.

Continua”Detecting Root Kits with Rootcheck”

Here is the problem.

You have an SSH server and you have given access to SSH to certain users you want those users be able to access their shell accounts but also you want to prevent them from running.

su -l root

or becoming root.

Here is the solution: The first thing is to give yourself permission to become root because once you enforce this rule even your account will be locked out if you do not allow your account to become root.

Continua”Preventing shell users from becoming root”

When we covered port scanning a short while ago we discovered how to tell which ports had processes listening upon them, via port scanning. What we didn’t do was learn how to tell which processes were associated with each open port.
Continua”How to find out which process is listening upon a port”

The iptables firewall has several useful extension modules which can be used to in addition to the basic firewall functionality. One of the more interesting of these extensions is the “recent” module which allows you to match recent connections, and perform simple throttling on incoming connections.
Continua”Using iptables to rate-limit incoming connections”