Saturday, April 26, 2008
What is NAT ??
Nat enables the LAN- local area network to use the two set of IP address, one is for internal traffic and another is for external traffic. All the address translation are taking place in the LAN interface with the Internet. It will keep track on each session.
Monday, December 31, 2007
What is GNU?
The GNU Project was launched in 1984 to develop a complete Unix-like operating system.
GNU's kernel wasn't finished, so GNU is used with the kernel Linux. The combination of GNU and Linux is the GNU/Linux operating system, now used by millions. (Sometimes this combination is incorrectly called Linux.)
There are many distributions of GNU/Linux. The GNU/Linux distributions that are 100% free software; in other words, entirely freedom-respecting.
The name “GNU” is a recursive acronym for “GNU's Not Unix”; it is pronounced g-noo, as one syllable with no vowel sound between the g and the n.
Secure the Apache HTTP server
FollowSymLinks
This directive is enabled by default, so be careful when creating symbolic links to the document root of the Web server. For instance, it is a bad idea to provide a symbolic link to /.
The Indexes Directive
This directive is enabled by default, but may not be desirable. To prevent visitors from browsing files on the server, remove this directive.
The UserDir Directive
The UserDir directive is disabled by default because it can confirm the presence of a user account on the system. To enable user directory browsing on the server, use the following directives:
UserDir enabled
UserDir disabled rootThese directives activate user directory browsing for all user directories other than /root/. To add users to the list of disabled accounts, add a space delimited list of users on the UserDir disabled line.
Do Not Remove the IncludesNoExec Directive
By default, the server-side includes module cannot execute commands. It is ill advised to change this setting unless absolutely necessary, as it could potentially enable an attacker to execute commands on the system.
Restrict Permissions for Executable Directories
Be certain to only assign write permissions to the root user for any directory containing scripts or CGIs. This can be accomplished by typing the following commands:
chown root
chmod 755
Also, always verify that any scripts running on the system work as intended before putting them into production.
Tuesday, December 25, 2007
Changing extensions and files to lowecase!!
.abc
to .123
, use one of the following: for i in *.abc; do mv $i `echo $i|sed 's/.abc$/.123$/'`; done # ©2007 dsplabs.com.au
for i in *; do mv $i `basename $i .abc`.123; done # ©2007 dsplabs.com.au
The following bash one-liners convert filenames to lowercase:
for f in `find *`; do mv "$f" "`echo "$f" | tr A-Z a-z`"; done # ©2007 dsplabs.com.au
for f in `find . -type f -name "*[A-Z]*"`; do mv "$f" "`echo "$f" | tr A-Z a-z`"; done # ©2007 dsplabs.com.au
tar — how to create and extract tar.gz and tar.bz2 archives
Creating archives
To create a tar
archive the c
switch is used. To further encode it using gzip
compression the j
option is also added, or for bzip2
compression the j
switch is included. Note that tar
program pipes its output into gzip
and bzip2
tools in order to create the tar.gz
and tar.bz2
archives, respectively. OK, to compress a directory called dir
into dir.tar
, dir.tar.gz
and dir.tar.bz2
archives, the following commands are used, respectively.
tar cf dir.tar dir/ # ©2007 linux.dsplabs.com.au
tar czf dir.tar.gz dir/ # ©2007 linux.dsplabs.com.au
tar cjf dir.tar.bz2 dir/
Extracting archives
Extracting archives is also very simple. Instead of the c
switch the x
is used and the archive name is given as the only other parameter. The commands for archive extraction shown below correspond to the archive creation commands given earlier.
tar xzf dir.tar.gz
tar xjf dir.tar.bz2
The verbose mode
The v
switch can be used to enable the verbose mode. This can be useful if you would like to see a list of files being compressed or extracted. For example, lets extract the dir.tar.gz
archive, with verbose mode enabled, using the following command.
The above command produces a list of inflated files as shown in the following output.
dir/dir/NVIDIA_DRIVER_README.txt
dir/NVIDIA_LICENSE.txt
dir/readme.txt
cat /etc/*-release — finding out Linux release version
cat /etc/*-release — finding out Linux release version">
If you have a lot of different Linux distributions installed on many different machines it is easy to forget what distribution version runs on which PC. Well worry not! It is easy enough to findout. On Novell’s Open SuSE Linux, the distribution release information is contained in the /etc/SuSE-release
file. Simply cat
it to see its content in your terminal.
cat /etc/SuSE-release # ©2007 dsplabs.com.au
The above command produced the following output on one of our Linux boxes.
SUSE LINUX 10.0 (X86-64) OSS
VERSION = 10.0
The following command is used to findout the release version on RedHat’s Fedora Linux.
cat /etc/redhat-release # ©2007 dsplabs.com.au
The output will look something like this
Fedora Core release 6 (Zod)
or like this
Fedora release 8 (Werewolf)
depending on what version of Fedora you are running. Thus, the naming convention used should be quite clear by now. If you do not even know what type of the distribution is installed, simply run the following command.
cat /etc/*-release # ©2007 dsplabs.com.au
On our Ubuntu Linux box the output is as follows.
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=7.10
DISTRIB_CODENAME=gutsy
DISTRIB_DESCRIPTION="Ubuntu 7.10"
If you really want to know in which file the above information is contained in, then simply run the following find
command from shell.
find /etc -iname "*release*" # ©2007 dsplabs.com.au
For an Ubuntu distribution, the above command produces the following output.
/etc/lsb-release
cat
of this file produces same output as above.
Saturday, December 22, 2007
Linux and Unix useful command list, mini version, ping, netstat, ifconfig iptables
For troubleshooting a Linux system you might,
want to try one of the following Linux commands.
These commands and flags might not be viable on everyones system.
# lspci list all your pci devices
# dhclient eth0 renew your dhcp release
# ifconfig wlan0 check your wireless network configuration
# netstat -arn show your network route information
# netstat -ap 2 | grep EST show established connections, updates every 2 sec
# netstat -Cr print routing information from routing cache
# iptables -nL show your current iptables configuration in numeric form
# ping ping 127.0.0.1 or network ip address for ICMP replies
# ping -c ping X times.
# ping6 ping ipv6 addresses
# dmesg print or control the kernel ring buffer, bootup messages
# dmesg | grep eth0 if you missed the bootup sequence, and need to check eth0
# nmap -vvv localhost scan yourself for open ports, vvv = extra verbose
# ssh secure shell, encrypted remote login program, client
# ssh -l user host ssh as user to host, ssh -l donald server1.sshexample.com
# uptime check your linux servers uptime and load