General Informations Online Notebook

echo "Enter string to be placed" read NEWSTRING echo "===================================" echo "string to be replaced is $OLDSTRING" echo "string to be placed is $NEWSTRING  " echo "===================================" oldstr=$OLDSTRING #string to be replaced newstr=$NEWSTRING #new string to be placed echo "Enter folder path where we will find the string" read FOLDERPATH ### grep oldstring and output it in grep_output.txt    STEP1 grep -rl $oldstr $FOLDERPATH > grep_output.txt ### since there might be spaces or special characters on filenames, use sed to enclose them with quote and output in  sed_output.txt  STEP2 #for i in `cat grep_output.txt` #do sed -e "s/'/'\\\\''/g;s/\(.*\)/'\1'/" grep_output.txt  > sed_output.txt #done for i in `cat grep_output.txt` do sed -i "s/$oldstr/$newstr/g" $i > sed_output_new_old_string.txt done ## NOTE ## # 2013 latest ## STEP 2 Seems not wo

Created this simple script to email disk space usage. #!/bin/bash ## Email directory list if over quota BASE2=/home/vmail/mazaredo.com ## Check whole directory summary BASE=/home/vmail #50GB THRESHOLD=52428800 # out=$(du -s $BASE | cut -f1) # if [ $out -gt $THRESHOLD ] then  echo $out  du -h --max-depth=1 $BASE2 | mail -s "DISK USAGE EXCEEDED" postmaster@example.com else  echo "quota not reached" fi

credit to : http://www.cyberciti.biz/faq/centos-rhel-6-install-suhosin-php-advanced-protection-system/ # yum install php-suhosin edit config /etc/php.d/suhosin.ini

wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.zip unzip the file. create a directory on /usr/local/ioncube copy all extracted files on /usr/local/ioncube edit php.ini and insert this line zend_extension = /usr/local/ioncube/ioncube_loader_lin_5.3.so restart apache and check if loaded. php -v if an error occurs try 5.4, 5.2, 5.1 and so on creadit to : http://blog.hostonnet.com/installing-ioncube-loader-on-centos

 mysql> show slave status\G Last_SQL_Error: Error 'Duplicate entry 'example@google.com' for key 'PRIMARY'' on query. STEP: Delete the entry on the slave (make sure you check if you need the data copy it! ) mysql> slave stop; mysql> SET GLOBAL sql_slave_skip_counter = 1; mysql> slave start; Insert the data on your master and it should replicate now on the slave.

This is the script I created to replace a string on folders recursively Many thanks to serverfault users and othe person that helped me create this script #!/bin/bash # user input echo "Enter string to be replaced" read OLDSTRING echo "Enter string to be placed" read NEWSTRING echo "===================================" echo "string to be replaced is $OLDSTRING" echo "string to be placed is $NEWSTRING  " echo "===================================" oldstr=$OLDSTRING #string to be replaced newstr=$NEWSTRING #new string to be placed echo "Enter folder path where we will find the string" read FOLDERPATH ### grep oldstring and output it in grep_output.txt    STEP1 grep -rl $oldstr $FOLDERPATH > grep_output.txt ### since there might be spaces or special characters on filenames, use sed to enclose them with quote and output in  sed_output.txt  STEP2 #for i in `cat grep_output.txt` #do sed -e "s/'/'\\\\'

iptables -A INPUT -s xx.xx.xx.xx -j DROP specific port:   iptables -A INPUT -p tcp -s xx.xx.xx.xx --dport PORT -j DROP allow access to an IP?   iptables -A INPUT -s xx.xx.xx.xx -j ACCEPT allow access to an IP to a specific port using iptables?   iptables -A INPUT -p tcp -s xx.xx.xx.xx --dport PORT -j ACCEPT where, xx.xx.xx.xx is the remote IP address and PORT is the port number you wish to allow/deny access to. block a scanner on your server for example “w00tw00t.at.ISC.SANS” using iptables? iptables -I INPUT -p tcp --dport 80 -m string --algo bm \ --string 'GET /w00tw00t.at.ISC.SANS.' -j DROP   Source: http://safesrv.net/quick-how-to-denyallow-ip-using-iptables/

1. Edit php.ini sendmail_path = /usr/local/bin/phpsendmail create a filter file wrapper. I saw this one and it is very handy. /usr/local/bin/phpsendmail #!/usr/bin/php <?php /**   This script is a sendmail wrapper for php to log calls of the php mail() function.   Author: Till Brehm, www.ispconfig.org   (Hopefully) secured by David Goodwin <david @ _palepurple_.co.uk> */ $sendmail_bin = '/usr/sbin/sendmail'; $logfile = '/var/log/mail.form'; //* Get the email content $logline = ''; $pointer = fopen('php://stdin', 'r'); while ($line = fgets($pointer)) {         if(preg_match('/^to:/i', $line) || preg_match('/^from:/i', $line)) {                 $logline .= trim($line).' ';         }     $mail .= $line; } //* compose the sendmail command $command = 'echo ' . escapeshellarg($mail) . ' | '.$sendmail_bin.' -t -i'; for ($i = 1; $i < $_SERVER['argc']; $i

Create Database on FireBirdie [root@data]# /usr/lib64/firebird/bin-superserver/isql Use CONNECT or CREATE DATABASE to specify a database SQL> create database 'mydatabase.gdb' CON> user 'sysdba' password 'masterkey'; SQL> quit; Dump the old backup [root@data]# gbak -r o -v -user SYSDBA -password masterkey /home/dbackup/mydatabase-2013-06-20.gbk mydatabase.gdb

I have been having this problem on some installations of amavis and clamav using Centos and Ubuntu. I might have passed a step on installation. The problem is permission in exact and I have been editing groups and users amavis, clamav and root A solution was posted on http://www.howtoforge.com/forums/showthread.php?t=34559 might do the trick. For a quick fix (not a good one) chmod 777 the folder =)

edit /etc/fstab line to look something like this: tmpfs                   /dev/shm                tmpfs   size=10g        0 0 remount it mount -o remount tmpfs

You have two public ip address need to see both on internet and you ate your whole day... Me too kindly comment if yours worked!!!!! eth0 192.168.0.161 on network 192.168.0.0 gateway 192.168.0.1 eth1 192.167.0.51 on network 192.1687.0.9 gateway 192.167.0.1 Here! Create two routing tables T0 and T1 add t /etc/iproute2/rt_tables Add these lines 100    T0 101    T1 ip route add 192.167.0.0 dev eth1 src 192.167.0.161 table T1 ip route add default via 192.167.0.1 table T1 ip route add 192.168.0.0 dev eth0 src 192.168.0.51 table T0 ip route add default via 192.168.0.1 table T0 Next ip route add 192.167.0.0 dev eth1 src 192.167.0.51 ip route add 192.168.0.0 dev eth0 src 192.168.0.161 next ip route add default via eth1 ( this might be already configured ) * NOTE you might have the default gateway on eth0 * next ip rule add from 192.167.0.161 table T1 ip rule add from 192.168.0.51 table T0 Thanks to the urls below: http://www.wlug.org.nz/SourceBasedRoutin

So you are having problems on webmin + squid authentication ? My current setup is below. I was eating my finger nails asking why before it was working and now it doesnt. System hostname localhost.localdomain (127.0.0.1) Operating system CentOS Linux 6.3 Webmin version 1.620 Virtualmin version 3.98.gpl GPL Earn  money  register free! [root@122 ~]# service squid start Starting squid:                                            [FAILED] 2013/02/23 00:17:00| Processing Configuration File: /etc/squid/squid.conf (depth 0) 2013/02/23 00:17:00| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'. 2013/02/23 00:17:00| SECURITY NOTICE: Overriding config setting. Using 'all' instead. 2013/02/23 00:17:00| WARNING: (B) '::/0' is a subnetwork of (A) '::/0' 2013/02/23 00:17:00| WARNING: because of this '::/0' is ignored to keep splay tree searching predictable 2013/02/23 00:17:00| WARNING: You should probably remov

http://www.hackingloops.com/2012/09/hacking-websites-using-directory-traversal-attacks.html https://www.owasp.org/index.php/Top_10_2007-Malicious_File_Execution

Original article: http://onearth-syokhabis.blogspot.com/2011/08/how-to-install-modrewrite-to-linux.html?showComment=1360645631881#c3387048594454805636 Error Document 403 "Pencerobohan.. pencerobohan telah dikesan!" RewriteEngine On RewriteCond %{REQUEST_METHOD} (GET|POST) [NC] RewriteCond %{HTTP_USER_AGENT}^.*(nessus|havij|libwww|perl|python|nikto|acunetix|morfeu|w3af).* [NC,OR] RewriteCond %{QUERY_STRING}.*(union|select|cast|char|convert|declare|delete|drop|exec|insert|meta|script|hex|unhex|concat|set|truncate|update|).* [NC] RewriteRule (.*) - [F,L]

grep -Eo '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'

    Disable modsec on certain ip address via .htaccess   SetEnvIfNoCase Remote_Addr ^202\.202\.202\.202$ MODSEC_ENABLE=Off     SetEnvIfNoCase Request_URI ^/images/upload\.php$ MODSEC_ENABLE=Off

Finding web backdoor shells (1) grep -RPn "(system|phpinfo|pcntl_exec|python_eval|base64_decode|gzip|mkdir|fopen|fclose|read file|passthru)" (2) Install GIT and download git clone ssh://git@github.com:Neohapsis/NeoPI.git (see the documentation) (3) grep -RPl --include=*.{php,txt,asp} "(passthru|shell_exec|system|phpinfo|base64_decode|chmod|mkdir|fopen|fclose|readfile) *\(" /var/www/ (4) grep -RPnDskip "(passthru|shell_exec|system|phpinfo|base64_decode|chmod|mkdir|fopen|fclose|readfile) *\(" public_html/ Other Useful Links

if (/^From: .*@conal\.com/) {         log "conal.com disable SPAM filtering"     to "$HOME/$DEFAULT" } if (/^From: .*@atl\.com/) {         log "atl.com disable SPAM filtering"     to "$HOME/$DEFAULT" }}