Archive for the ‘General’ Category

All about yum command for Redhat/Centos/Fedora

Wednesday, August 26th, 2009

Display List of updated software ( Security fix)
yum list updates
Or
yum check-update
Patch up system by applying all updates
yum update
List all installed packages
rpm -qa
How to find a perticular installed packages( httpd)
rpm -qa | grep httpd
How to look update for specific packages
yum update {package-name-1}
To check for and update [...]

vsftpd: Failed to retrieve directory listing

Friday, August 14th, 2009

Problem: If vsftpd failed to retrieves directory listing then do the following:
In vsftpd.conf
pasv_min_port=x
example : [ pasv_min_port=1023]
pasv_max_port=x
example : [pasv_max_port=1050]
Now add port 1023-1050 in iptables
iptables -A INPUT –source xx.xx.xx.xx -p tcp –dport 1023:1050 -j ACCEPT
it will allow filezilla to connect to ftp server via passive mode.

Basic Linux User administration Commands

Wednesday, August 12th, 2009

useradd -s /sbin/nologin username : It will prevent user to login to server
userdel -r username: -r delete everything( home directory,mail spool) without -r it will just delete account references from user and groups
usermod -L username : -L to disable user account
usermod -U username : -U enable the user account.
echo ‘mypassword’ | passwd –stdin username : [...]

SSH Dictionary Attack Prevention with iptables

Wednesday, August 12th, 2009

Ref :http://hostingfu.com/article/ssh-dictionary-attack-prevention-with-iptables

Last week (9-15 April). 8,750 failed SSH login attempt, averaging almost one per minute, trying out all kinds of possible user names and left tons of junk in my message log. The recent SSH brute-force attacks (actually it’s not that recent) are rather annoying, and this article at Whitedust.com has useful information on how [...]

Iptables-rules

Wednesday, August 12th, 2009

Allow ssh connection from selected Ip:
iptables -A INPUT –source xx.xx.xx.xx -p tcp –dport 22 -j ACCEPT
iptables -A INPUT –source yy.yyy.yy.yy -p tcp –dport 22 -j ACCEPT
iptables -A INPUT -p tcp –dport 22 -j DROP
Only allow ssh to linux box:
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT –source xx.xx.xx.xx -p tcp –dport [...]