Saturday, April 26, 2008

What is NAT ??

NAT is nothing but the network address translation. It is an IETF standard. What NAT will do?
Nat enables the LAN- local area network to use the two set of IP address, one is for internal traffic and another is for external traffic. All the address translation are taking place in the LAN interface with the Internet. It will keep track on each session.

Monday, December 31, 2007

What is GNU?

The GNU Project was launched in 1984 to develop a complete Unix-like operating system.

GNU's kernel wasn't finished, so GNU is used with the kernel Linux. The combination of GNU and Linux is the GNU/Linux operating system, now used by millions. (Sometimes this combination is incorrectly called Linux.)

There are many distributions of GNU/Linux. The GNU/Linux distributions that are 100% free software; in other words, entirely freedom-respecting.

The name “GNU” is a recursive acronym for “GNU's Not Unix”; it is pronounced g-noo, as one syllable with no vowel sound between the g and the n.

Secure the Apache HTTP server

The Apache HTTP Server is one of the most stable and secure services that ships with Red Hat Enterprise Linux. There are an overwhelming number of options and techniques available to secure the Apache HTTP Server.

FollowSymLinks

This directive is enabled by default, so be careful when creating symbolic links to the document root of the Web server. For instance, it is a bad idea to provide a symbolic link to /.

The Indexes Directive

This directive is enabled by default, but may not be desirable. To prevent visitors from browsing files on the server, remove this directive.

The UserDir Directive

The UserDir directive is disabled by default because it can confirm the presence of a user account on the system. To enable user directory browsing on the server, use the following directives:

UserDir enabled
UserDir disabled root

These directives activate user directory browsing for all user directories other than /root/. To add users to the list of disabled accounts, add a space delimited list of users on the UserDir disabled line.

Do Not Remove the IncludesNoExec Directive

By default, the server-side includes module cannot execute commands. It is ill advised to change this setting unless absolutely necessary, as it could potentially enable an attacker to execute commands on the system.

Restrict Permissions for Executable Directories

Be certain to only assign write permissions to the root user for any directory containing scripts or CGIs. This can be accomplished by typing the following commands:

chown root
chmod 755

Also, always verify that any scripts running on the system work as intended before putting them into production.

Tuesday, December 25, 2007

Changing extensions and files to lowecase!!

change extensions from .abc to .123, use one of the following:
for i in *.abc; do mv $i `echo $i|sed 's/.abc$/.123$/'`; done # ©2007 dsplabs.com.au
for i in *; do mv $i `basename $i .abc`.123; done # ©2007 dsplabs.com.au

The following bash one-liners convert filenames to lowercase:

for f in `find *`; do mv "$f" "`echo "$f" | tr A-Z a-z`"; done # ©2007 dsplabs.com.au
for f in `find . -type f -name "*[A-Z]*"`; do mv "$f" "`echo "$f" | tr A-Z a-z`"; done # ©2007 dsplabs.com.au

tar — how to create and extract tar.gz and tar.bz2 archives

Creating archives

To create a tar archive the c switch is used. To further encode it using gzip compression the j option is also added, or for bzip2 compression the j switch is included. Note that tar program pipes its output into gzip and bzip2 tools in order to create the tar.gz and tar.bz2 archives, respectively. OK, to compress a directory called dir into dir.tar, dir.tar.gz and dir.tar.bz2 archives, the following commands are used, respectively.

tar cf dir.tar dir/  # ©2007 linux.dsplabs.com.au
tar czf dir.tar.gz dir/ # ©2007 linux.dsplabs.com.au
tar cjf dir.tar.bz2 dir/



Extracting archives

Extracting archives is also very simple. Instead of the c switch the x is used and the archive name is given as the only other parameter. The commands for archive extraction shown below correspond to the archive creation commands given earlier.

# ©2007 linux.dsplabs.com.au # ©2007 linux.dsplabs.com.autar xf dir.tar
tar xzf dir.tar.gz
tar xjf dir.tar.bz2

The verbose mode

The v switch can be used to enable the verbose mode. This can be useful if you would like to see a list of files being compressed or extracted. For example, lets extract the dir.tar.gz archive, with verbose mode enabled, using the following command.

tar xvzf dir.tar.gz # ©2007 linux.dsplabs.com.au

The above command produces a list of inflated files as shown in the following output.

dir/
dir/NVIDIA_DRIVER_README.txt
dir/NVIDIA_LICENSE.txt
dir/readme.txt


cat /etc/*-release — finding out Linux release version

cat /etc/*-release — finding out Linux release version">

If you have a lot of different Linux distributions installed on many different machines it is easy to forget what distribution version runs on which PC. Well worry not! It is easy enough to findout. On Novell’s Open SuSE Linux, the distribution release information is contained in the /etc/SuSE-release file. Simply cat it to see its content in your terminal.

cat /etc/SuSE-release  # ©2007 dsplabs.com.au

The above command produced the following output on one of our Linux boxes.

SUSE LINUX 10.0 (X86-64) OSS
VERSION = 10.0

The following command is used to findout the release version on RedHat’s Fedora Linux.

cat /etc/redhat-release  # ©2007 dsplabs.com.au

The output will look something like this

Fedora Core release 6 (Zod)

or like this

Fedora release 8 (Werewolf)

depending on what version of Fedora you are running. Thus, the naming convention used should be quite clear by now. If you do not even know what type of the distribution is installed, simply run the following command.

cat /etc/*-release  # ©2007 dsplabs.com.au

On our Ubuntu Linux box the output is as follows.

DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=7.10
DISTRIB_CODENAME=gutsy
DISTRIB_DESCRIPTION="Ubuntu 7.10"

If you really want to know in which file the above information is contained in, then simply run the following find command from shell.

find /etc -iname "*release*"  # ©2007 dsplabs.com.au

For an Ubuntu distribution, the above command produces the following output.

/etc/lsb-release

cat of this file produces same output as above.

Saturday, December 22, 2007

Linux and Unix useful command list, mini version, ping, netstat, ifconfig iptables

Unix/Linux useful commands,

For troubleshooting a Linux system you might,
want to try one of the following Linux commands.
These commands and flags might not be viable on everyones system.

# lspci list all your pci devices
# dhclient eth0 renew your dhcp release
# ifconfig wlan0 check your wireless network configuration
# netstat -arn show your network route information
# netstat -ap 2 | grep EST show established connections, updates every 2 sec
# netstat -Cr print routing information from routing cache
# iptables -nL show your current iptables configuration in numeric form
# ping ping 127.0.0.1 or network ip address for ICMP replies
# ping -c ping X times.
# ping6 ping ipv6 addresses
# dmesg print or control the kernel ring buffer, bootup messages
# dmesg | grep eth0 if you missed the bootup sequence, and need to check eth0
# nmap -vvv localhost scan yourself for open ports, vvv = extra verbose
# ssh secure shell, encrypted remote login program, client
# ssh -l user host ssh as user to host, ssh -l donald server1.sshexample.com
# uptime check your linux servers uptime and load