Pages

Friday, February 15, 2013

Special permissions on files and directories: SetUID, SetGID and Sticky bit.

Special Permissions

























Special permissions on files and directories: SetUID, SetGID and Sticky bit.
Special Permissionson a Fileon a Directory
SUID or Set User IDA program is executed with the file owner's permissions (rather than with the permissions of the user who executes it).Files created in the directory inherit its UID.
SGID or Set Group IDThe effective group of an executing program is the file owner group.Files created in the directory inherit its GID.
Sticky (bit)A program sticks in memory after execution.Any user can create files, but only the owner of a file can delete it.


































Permissions as output in columns 2 to 10 of
ls -l and their meaning.
PermissionsMeaning
--S------SUID is set, but user (owner) execute is not set.
--s------SUID and user execute are both set.
-----S---SGID is set, but group execute is not set.
-----s---SGID and group execute are both set.
--------TSticky bit is set, bot other execute is not set.
--------tSticky bit and other execute are both set.
Posted by at No comments:
Labels:

Thursday, February 14, 2013

Disabling Mod-Security for a single account

Disabling Mod-Security for a single account

To disable the mod_security for a particular account, just add the following in the users .htaccess file

SecFilterEngine Off

SecFilterScanPOST Off
Posted by at No comments:
Labels: ,

Wednesday, February 13, 2013

lsof--List all Open Files with lsof Command

1. List all Open Files with lsof Command

In the below example, it will show long listing of open files some of them are extracted for better understanding which displays the columns like Command, PID, USER, FD, TYPE etc.

# lsof

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
init 1 root cwd DIR 253,0 4096 2 /

Sections and it’s values are self-explanatory. However, we’ll review FD & TYPE columns more precisely.

FD – stands for File descriptor and may seen some of the values as:

cwd current working directory
rtd root directory
txt program text (code and data)
mem memory-mapped file

Also in FD column numbers like 1u is actual file descriptor and followed by u,r,w of it’s mode as:

r for read access.
w for write access.
u for read and write access.

TYPE – of files and it’s identification.

DIR – Directory
REG – Regular file
CHR – Character special file.
FIFO – First In First Out

2. List User Specific Opened Files

# lsof -u user

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1838 user cwd DIR 253,0 4096 2 /
sshd 1838 user rtd DIR 253,0 4096 2 /

3. Find Processes running on Specific Port

To find out all the running process of specific port, just use the following command with option -i. The below example will list all running process of port 22.

# lsof -i TCP:22

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1471 root 3u IPv4 12683 0t0 TCP *:ssh (LISTEN)
sshd 1471 root 4u IPv6 12685 0t0 TCP *:ssh (LISTEN)

4. List Only IPv4 & IPv6 Open Files

In below example shows only IPv4 and IPv6 network files open with separate commands.

# lsof -i 4

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rpcbind 1203 rpc 6u IPv4 11326 0t0 UDP *:sunrpc
rpcbind 1203 rpc 7u IPv4 11330 0t0 UDP *:954

# lsof -i 6

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rpcbind 1203 rpc 9u IPv6 11333 0t0 UDP *:sunrpc
rpcbind 1203 rpc 10u IPv6 11335 0t0 UDP *:954

5. List Open Files of TCP Port ranges 1-1024

To list all the running process of open files of TCP Port ranges from 1-1024.

# lsof -i TCP:1-1024

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rpcbind 1203 rpc 11u IPv6 11336 0t0 TCP *:sunrpc (LISTEN)

6. Exclude User with ‘^’ Character

Here, we have excluded root user. You can exclude a particular user using ‘^’ with command as shown above.

# lsof -i -u^root

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rpcbind 1203 rpc 6u IPv4 11326 0t0 UDP *:sunrpc
rpcbind 1203 rpc 7u IPv4 11330 0t0 UDP *:954
rpcbind 1203 rpc 8u IPv4 11331 0t0 TCP *:sunrpc (LISTEN)

7. Find Out who’s Looking What Files and Commands?

Below example shows user user is using command like ping and /etc directory .

# lsof -i -u user

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
bash 1839 user cwd DIR 253,0 12288 15 /etc
ping 2525 user cwd DIR 253,0 12288 15 /etc

8. List all Network Connections

The following command with option ‘-i’ shows the list of all network connections ‘LISTENING & ESTABLISHED’.

# lsof -i

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
rpcbind 1203 rpc 6u IPv4 11326 0t0 UDP *:sunrpc
rpcbind 1203 rpc 7u IPv4 11330 0t0 UDP *:954

9. Search by PID

The below example only shows whose PID is 1 [One].

# lsof -p 1

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
init 1 root cwd DIR 253,0 4096 2 /
init 1 root rtd DIR 253,0 4096 2 /

10. Kill all Activity of Particular User

Sometimes you may have to kill all the processes for a specific user. Below command will kills all the processes of user user.

# kill -9 `lsof -t -u user`
Posted by at No comments:
Labels: ,

Tuesday, February 12, 2013

FFMPEG installation along with all support modules

yum install gcc gcc-c++ libgcc gd gd-devel gettext freetype \
freetype-devel ImageMagick ImageMagick-devel libjpeg* libjpeg-devel* \
libpng* libpng-devel* libstdc++* libstdc++-devel* libtiff* \
libtiff-devel* libtool* libungif* libungif-deve* libxml* libxml2* \
libxml2-devel* zlib* zlib-devel* automake* autoconf* samba-common* \
ncurses-devel ncurses patch make -y

 

mkdir  /usr/src/ffmpegscript

mkdir /usr/local/cpffmpeg

==================
libwmf-0.2.8.3.tar.gz
==================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/177e3hskscfvkfa/libwmf-0.2.8.3.tar.gz
tar -zxvf libwmf-0.2.8.3.tar.gz
cd libwmf-0.2.8.3/
./configure --prefix=/usr/local/cpffmpeg
make
make install

====================
ruby-1.8.6.tar.gz
====================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/45q2nalubstz5jk/ruby-1.8.6.tar.gz
tar -zxvf ruby-1.8.6.tar.gz
cd ruby-1.8.6/
./configure --prefix=/usr/local/cpffmpeg
make
make install

=====================
flvtool2_1.0.5_rc6.tgz
=====================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/hppyhpev0ylyi8f/flvtool2_1.0.5_rc6.tgz
tar -zxvf flvtool2_1.0.5_rc6.tgz
cd flvtool2_1.0.5_rc6
/usr/local/cpffmpeg/bin/ruby setup.rb config
/usr/local/cpffmpeg/bin/ruby setup.rb setup
/usr/local/cpffmpeg/bin/ruby setup.rb install
ln -s /usr/local/cpffmpeg/bin/flvtool2 /usr/local/bin/flvtool2
ln -s /usr/local/cpffmpeg/bin/flvtool2 /usr/bin/flvtool2

====================
lame-3.97.tar.gz
====================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/vd99zooleq1rlgv/lame-3.97.tar.gz
tar -zxvf lame-3.97.tar.gz
cd lame-3.97
./configure --prefix=/usr/local/cpffmpeg --enable-mp3x --enable-mp3rtp
make
make install

======================
all-20071007.tar.bz2
======================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/5mvcho608fagu8r/all-20071007.tar.bz2
tar -xvjf all-20071007.tar.bz2
chown -R root.root all-20071007/
mkdir -pv /usr/local/cpffmpeg/lib/codecs/
cp -vrf all-20071007/* /usr/local/cpffmpeg/lib/codecs/
chmod -R 755 /usr/local/cpffmpeg/lib/codecs/

====================
libogg-1.1.3.tar.gz
====================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/1t33o4r1qpx2jv2/libogg-1.1.3.tar.gz
tar -xvzf libogg-1.1.3.tar.gz
cd libogg-1.1.3/
./configure --prefix=/usr/local/cpffmpeg
make
make install

====================
libvorbis-1.1.2.tar.gz
====================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/cc8rb3ikk8zjr37/libvorbis-1.1.2.tar.gz
tar -xvzf libvorbis-1.1.2.tar.gz
cd libvorbis-1.1.2
/configure --prefix=/usr/local/cpffmpeg
make
make install

=====================
vorbis-tools-1.1.1.tar.gz
=====================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/3gif7xywt42e1aa/vorbis-tools-1.1.1.tar.gz
tar -xvzf vorbis-tools-1.1.1.tar.gz
cd vorbis-tools-1.1.1/
./configure --prefix=/usr/local/cpffmpeg
make
make install

========================
libtheora-1.0alpha7.tar.gz
========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/os8jkmj20bppb9t/libtheora-1.0alpha7.tar.gz
tar -xvzf libtheora-1.0alpha7.tar.gz
cd libtheora-1.0alpha7/
./configure --prefix=/usr/local/cpffmpeg --with-ogg=$INSTALL_DDIR --with-vorbis=$INSTALL_DDIR
make
make install

==========================
amrnb-7.0.0.1.tar.bz2
==========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/di95tlyrkip4asw/amrnb-7.0.0.1.tar.bz2
tar -xvjf amrnb-7.0.0.1.tar.bz2
cd amrnb-7.0.0.1/
./configure --prefix=/usr/local/cpffmpeg
make
make install

==========================
amrwb-7.0.0.2.tar.bz2
==========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/xl4utvgikqkwpgl/amrwb-7.0.0.2.tar.bz2
tar -xvjf amrwb-7.0.0.2.tar.bz2
cd amrwb-7.0.0.2/
./configure --prefix=/usr/local/cpffmpeg
make
make install

=========================
a52dec-0.7.4.tar.gz
=========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/eaugb32ppzbmmyo/a52dec-0.7.4.tar.gz
tar -xvzf a52dec-0.7.4.tar.gz
cd a52dec-0.7.4/
./bootstrap
ARCh=`arch`
#64bit processor bug fix
if [[ $ARCh == 'x86_64' ]];then
./configure --prefix=/usr/local/cpffmpeg --enable-shared 'CFLAGS=-fPIC'

else
./configure --prefix=/usr/local/cpffmpeg --enable-shared
fi
make
make install

==========================
faac-1.26.tar.gz
==========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/55y56ud5quqtssa/faac-1.26.tar.gz
tar -xvzf faac-1.26.tar.gz
cd faac/
./bootstrap
./configure --prefix=/usr/local/cpffmpeg --with-mp4v2
make
make install

============================
faad2-2.6.1.tar.gz
============================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/zwk4gcxkk3km0ge/faad2-2.6.1.tar.gz
tar -xvzf faad2-2.6.1.tar.gz
cd faad2/
./bootstrap
./configure --prefix=/usr/local/cpffmpeg --with-mpeg4ip
make
make install

=========================
yasm-0.6.1.tar.gz
=========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/facxu4ofmxdz7cb/yasm-0.6.1.tar.gz
tar -xvzf yasm-0.6.1.tar.gz
cd yasm-0.6.1/
./configure --prefix=/usr/local/cpffmpeg/
make
make install
ln -sf /usr/local/cpffmpeg/bin/yasm /usr/local/bin/yasm
ldconfig

========================
nasm-2.02.tar.gz
========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/a6jkolmxva0jxmv/nasm-2.02.tar_2.gz
tar -xvzf nasm-2.02.tar.gz
cd nasm-2.02/
./configure --prefix=/usr/local/cpffmpeg/
make
make install
ln -sf /usr/local/cpffmpeg/bin/nasm /usr/local/bin/nasm
ldconfig

=======================
xvidcore-1.1.0.tar.gz
=======================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/iqpwt8qkjja6m5f/xvidcore-1.1.0.tar.bz2
tar -xvzf tar -xvzf $_package
cd xvidcore-1.1.0/build/generic/
./configure --prefix=/usr/local/cpffmpeg/
make
make install

========================
x264-snapshot-20080516-2245.tar.gz
========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/wzd3215mvygwy6o/x264-snapshot-20080516-2245.tar.gz
tar -xvzf x264-snapshot-20080516-2245.tar.gz
cd x264-snapshot-20080516-2245/
./configure --enable-shared
make
make install

========================
re2c-0.13.4.tar.gz
========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/7gua46n3t2clvgo/re2c-0.13.5.tar.gz
tar -xvzf re2c-0.13.5.tar.gz
cd re2c-0.13.5/
./configure --prefix=/usr/local/cpffmpeg/
make
make install
ln -s /usr/local/cpffmpeg/bin/re2c /usr/local/bin/re2c

=========================
MPlayer-1.0rc1.tar.bz2
=========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/mxd56u8pgmmdm30/MPlayer-1.0rc1.tar.bz2
tar -xvjf MPlayer-1.0rc1.tar.bz2
cd MPlayer-1.0rc1/
./configure --prefix=/usr/local/cpffmpeg/ --with-codecsdir=/usr/local/cpffmpeg/lib/codecs/ \
--with-extraincdir=/usr/local/cpffmpeg/include --with-extralibdir=/usr/local/cpffmpeg/lib
make
make install
cp -f etc/codecs.conf /usr/local/cpffmpeg/etc/mplayer/codecs.conf
ln -sf /usr/local/cpffmpeg/bin/mplayer /usr/local/bin/mplayer
ln -sf /usr/local/cpffmpeg/bin/mplayer /usr/bin/mplayer
ln -sf /usr/local/cpffmpeg/bin/mencoder /usr/bin/mencoder
ln -sf /usr/local/cpffmpeg/bin/mencoder /usr/local/bin/mencoder

=========================
ffmpeg-SVN-r14473.tar.gz
=========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/lmvpaz0e7hgirab/ffmpeg-SVN-r14473.tar.gz
tar -xvzf ffmpeg-SVN-r14473.tar.gz
cd ffmpeg/
ldconfig
./configure --prefix=/usr/local/cpffmpeg --enable-shared --enable-nonfree \
--enable-gpl --enable-pthreads --enable-liba52 --enable-libamr-nb \
--enable-libamr-wb --enable-libfaac --enable-libfaad --enable-libmp3lame \
--enable-libtheora --enable-libvorbis --enable-libx264 --enable-libxvid \
--extra-cflags=-I/usr/local/cpffmpeg/include/ --extra-ldflags=-L/usr/local/cpffmpeg/lib \
--enable-cross-compile
make
make tools/qt-faststart
make install
cp -vf tools/qt-faststart /usr/local/cpffmpeg/bin/
ln -sf /usr/local/cpffmpeg/bin/ffmpeg /usr/local/bin/ffmpeg
ln -sf /usr/local/cpffmpeg/bin/ffmpeg /usr/bin/ffmpeg
ln -sf /usr/local/cpffmpeg/bin/qt-faststart /usr/local/bin/qt-faststart
ln -sf /usr/local/cpffmpeg/bin/qt-faststart /usr/bin/qt-faststart
ldconfig
/usr/bin/ffmpeg -formats

=============================
=========================
MPlayer-1.0rc1.tar.bz2
=========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/mxd56u8pgmmdm30/MPlayer-1.0rc1.tar.bz2
tar -xvjf MPlayer-1.0rc1.tar.bz2
cd MPlayer-1.0rc1/
./configure --prefix=/usr/local/cpffmpeg/ --with-codecsdir=/usr/local/cpffmpeg/lib/codecs/ \
--with-extraincdir=/usr/local/cpffmpeg/include --with-extralibdir=/usr/local/cpffmpeg/lib
make
make install
cp -f etc/codecs.conf /usr/local/cpffmpeg/etc/mplayer/codecs.conf
ln -sf /usr/local/cpffmpeg/bin/mplayer /usr/local/bin/mplayer
ln -sf /usr/local/cpffmpeg/bin/mplayer /usr/bin/mplayer
ln -sf /usr/local/cpffmpeg/bin/mencoder /usr/bin/mencoder
ln -sf /usr/local/cpffmpeg/bin/mencoder /usr/local/bin/mencoder

=============================

export LD_LIBRARY_PATH=/usr/local/cpffmpeg/lib:/usr/local/lib:/usr/lib:$LD_LIBRARY_PATH
export LIBRARY_PATH=/usr/local/cpffmpeg/lib:/usr/lib:/usr/local/lib:$LIBRARY_PATH
export CPATH=/usr/local/cpffmpeg/include:/usr/include/:usr/local/include:$CPATH

=========================
ffmpeg-php-0.5.3.1.tbz2
=========================
ldconfig
cd /usr/src/ffmpegscript
wget https://www.dropbox.com/s/o5shxs6zsxps7ur/ffmpeg-php-0.5.3.1.tbz2
tar -jxvf ffmpeg-php-0.5.3.1.tbz2
cd ffmpeg-php-0.5.3.1/
phpize
./configure --enable-shared --with-ffmpeg=/usr/local/cpffmpeg
make -
make install

=====================
echo '[PHP]' > $PHP_INI
echo " " >> $PHP_INI
echo "extension_dir = \"$EXTENSION_DIR\" " >> $PHP_INI
echo "post_max_size = 200M " >> $PHP_INI
echo "upload_max_filesize = 200M " >> $PHP_INI
echo "extension=ffmpeg.so" >>$PHP_INI
echo " " >> $PHP_INI
cat $PHP_INI.ffmpeg >> $PHP_INI
=====================
Posted by at No comments:
Labels: ,

Monday, February 11, 2013

Mod_Evasive – mod_evasive is an evasive maneuvers module for Apache

Mod_Evasive – mod_evasive is an evasive maneuvers module for Apache that provides evasive action in the event of an HTTP DoS attack or brute force attack. It is also designed to be a detection and network management tool and can be easily configured to talk to ipchains, firewalls, routers, and more.


Download the latest source file from http://www.zdziarski.com
cd /usr/local/src/
wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
tar -xvzf mod_evasive_1.10.1.tar.gz
cd mod_evasive/

We also have cPanel running on this box, so, to install, we run the following:

/usr/local/apache/bin/apxs -i -a -c mod_evasive20.c

Now, that will create an entry in the httpd.conf file, and, if we want to retain that after an upgrade/rebuild, we need to tell cPanel not to take it out! Do do this, we now run this:

/usr/local/cpanel/bin/apache_conf_distiller –update

Now, to change the settings for mod_evasive, we need to add them in some place. All we have done so far, is install the actually module into apache, and, even with a restart, it would not be using it. So, I like to add things into my includes files through either WHM, or, directly through the terminal. To do this, we run the following:

vim /usr/local/apache/conf/includes/post_virtualhost_2.conf

Once the file is open, lets add in the following lines to the bottom of the file:


DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 3600
DOSEmailNotify root
Posted by at No comments:
Labels: , ,

Mod_Security –

Mod_Security – ModSecurity is an embeddable web application firewall. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring and real-time analysis with no changes to existing infrastructure.


To install mod_security, go to WHM => EasyApache (or alternatively via CLI, run /scripts/easyapache). After you select your Apache and PHP versions, you’ll be brought to the Short Options page. Select mod_security from the list, then proceed with the build.

When the build is done, mod_security will be installed. The files are kept in the following location:
/usr/local/apache/conf/modsec2.user.conf

When hack attempts are identified by mod_security, they are logged in /usr/local/apache/logs/audit_log with the IP of the offender and what rule was violated. Visitors that trigger mod_security rules are greeted with a “406: Not Acceptable” error when doing so. However, mod_security does occasionally block legitimate website access attempts, specifically for software that happens to make calls consistent with a specific rule that mod_security is configured to block. Therefore, you may wish to either disable that rule, or disable mod_security for a specific domain or part of your website. Doing this is rather easy from command line.
First, open up your httpd.conf (/usr/local/apache/conf/httpd.conf) and locate your domain’s block. Under it you’ll see a line like this that is commented out:

# Include "/usr/local/apache/conf/userdata/std/2/$user/$domain/*.conf"

Uncomment this line, then create the folder indicated (note that $user is your username, and $domain is your domain name):

mkdir -p /usr/local/apache/conf/userdata/std/2/$user/$domain/
cd /usr/local/apache/conf/userdata/std/2/$user/$domain/

Create a file called modsec.conf, and insert this line:

SecRuleEngine Off

To apply, restart Apache


mod_security rules
http://www.webhostingtalk.com/showthread.php?t=1072701
Posted by at No comments:
Labels: , ,

MultiTail – MultiTail is a program for monitoring multiple log files, in the fashion of the original tail program

MultiTail – MultiTail is a program for monitoring multiple log files, in the fashion of the original tail program
cd /usr/src/
wget http://www.vanheusden.com/multitail/multitail-5.2.12.tgz
tar zxvf multitail-5.2.12.tgz
cd multitail-*
yum install ncurses ncurses-devel -y
make install
multitail -i /etc/host.conf -i /etc/sysctl.conf
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)