Conf inicio del sistema Linux, desde la consola.

En Debian, Ubuntu, y sus derivados, se debe instalar el paquete:

apt-get install rcconf
luego ejecutar: rcconf
configurar sensillamente que servicios desea al inicio; y cuales no.

Para CentOS, RedHat, y sus parientes

Usamos el comando: ntsysv
y gestionamos desde la consola.

Simple, pero util.

Saludos.

Manual basico: Crontab

Para automatizar tareas … es necesario administrar Crontab, basicamente por lo menos:
Para listar las tareas automatizadas por Crond:

Importante es tener en cuenta la syntasis que se utiliza  al momento de hacer un Cron, con ésta imagen, quedará bien claro:


bastion01:~# crontab -l
28 9 * * * /etc/webmin/cron/tempdelete.pl
0 0 * * * /usr/local/scripts/ldapexppwd/ldapexppwd.sh  #chech password expiration time
0 0 * * * /etc/webmin/fsdump/backup.pl 30281211992674
20 * * * * /bin/mount -a
bastion01:~#

Para añadir una nueva entrada al Crond:
bastion01:~# crontab -e
#Aca nos aparece un editor de texto para ingresar el crond, luego con la tecla F10, se #graba y se sale o se descartan los cambios, segun lo seleccionado luego de apretar #esta tecla
20 * * * * /bin/mount -a
En este ejemplo, cada 20 minutos el crond ejecutará /bin/mount -a
bastion01:~#

MySQL: Dump de todas las bases.

Es muy importante tener un backup del servidor MySQL, ya que teniendo un Dump de todas las bases, se puede solucionar problemas graves, en cuestion de minutos.

Los comandos son los siguientes:

[root@skate sqldump]# mysqldump -u root -p –all-databases > all_dbs.sql
Enter password:
[root@skate sqldump]#
[root@skate sqldump]# ls
all_dbs.sql
[root@skate sqldump]# du -sh all_dbs.sql
242M    all_dbs.sql
[root@skate sqldump]#

Simplemente con un comando e ingresando la clave de root, obtenemos un archivo que tiene todas las bases de datos, de forma ordenada, cosa que si algo falla… ejecutando éste archivo en el MySQL, restablecerá TODAS las bases.

 

 

 

WHM + Nginx Plugin: Una solución para agilizar y asegurar HTTPd

El servidor HTTPd Nginx, funciona de maravilla gracias a su inteligencia en agilidad, seguridad y sencillez

Loa pasos a seguir para hacer funcionar éste demonio con Cpanel WHM instalado en nuestro sistema…

#Instalación
cd /usr/local/src
wget http://nginxcp.com/latest/nginxadmin.tar
tar xf nginxadmin.tar
cd publicnginx
#Desde aqui, comandos personalizados por mi.
#Reemplazamos el paquete PyYAML, cambiandole el nombre, para que tome la #version 3.09
 ./pythonfix
cd /usr/lib/python2.4/site-packages
mv PyYAML-3.10-py2.4-linux-i686.egg PyYAML-3.10-py2.4-linux-i686.egg_
cd /usr/local/src
cd publicnginx
./nginxinstaller install 

#Desintalar
cd /usr/local/src
wget http://nginxcp.com/latest/nginxadmin.tar
tar xf nginxadmin.tar
cd publicnginx
./nginxinstaller uninstall

Seguridad: How to manage a DDOS or DOS attempt directed at your linux server

Ésta es una guía que no quisiera perder por ningún motivo.
 Fuente/Source: http://www.liquidcomm.net/news/tech-tips/apache/How-to-manage-a-DDOS-or-DOS-attempt-directed-at-your-linux-server.html

Stopping a DDOS (distributed denial of service attack) or DOS (denial of service attack) is no simple task.  Frequently, these attacks become more than just a nuisance, they completely immobilize your server’s services and keep your users from using your website.

We’ve found a few common sense ways to help ease the pain of DDOS and/or DOS attacks.  While no method is fool proof, we certainly can minimize the profound effect these attacks have on your users and subsystems.

Identify the Source

Good luck with that one.  Many DDOS and DOS attacks are from roaming IP addresses.  A distributed denial of service attack can come from many different IP addresses and it quickly becomes impossible for the Linux system administrator to isolate and confine each IP with a firewall rule.

Wikipedia does a great job of describing the various types of attacks here: http://en.wikipedia.org/wiki/Denial-of-service_attack.  For the purpose of this tutorial, I’ll leave the research on the types of attacks up to you, and address the most common form that we’ve encountered over the years, the Apache directed DDOS or DOS attack.

Apache Based Attacks

Symptoms of the Apache DDOS or DOS attack:

  • Website(s) serve slow
  • You notice hanging processes
  • Apache Top tells you that the same IP address is requesting a system resource
  • The system resource continues to multiplex, causing more processes to spawn
  • The Command:
    • netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n
  • Says that you have a few too many connections to feel comfortable with.

The end result:

  • Apache goes down
  • System load goes sky high
  • Server stops responding
  • You cant ssh to the server node
  • You’ve lost connectivity completely and a reboot is mandatory in order to restore access to the system

Preventative Measures and Counter Measures:

  • Enable SYN COOKIES at the kernel level
    • echo 1 > /proc/sys/net/ipv4/tcp_syncookies
  • Enable and Configure iptables to prevent the attack or at least work to identify the attack
    • /sbin/iptables -N syn-flood
    • /sbin/iptables -A syn-flood -m limit –limit 100/second –limit-burst 150 -j RETURN
    • /sbin/iptables -A syn-flood -j LOG –log-prefix «SYN flood: «
    • /sbin/iptables -A syn-flood -j DROP
  • Install the APF firewall to work to identify risky behavior
    • APF stands for Advanced Policy Firewall.  Its a rock solid firewall that normally plays nice with iptables.  You can grab a the most recent copy here: http://www.rfxn.com/projects/
  • Install (D)DosDeflate
    • Great software, rock solid, and plays nice with either APF or iptables.  Install and configure the service in seconds using the commands below.  Edit the .conf file to utilize whichever flavor of firewall you’d like to integrate it with.  Set a few configuration settings and you’re done.
    • To Install (D)DosDeflate:
      • wget http://www.inetbase.com/scripts/ddos/install.sh
      • chmod 0700 install.sh
      • ./install.sh
    • If it doesnt workout, its simple to uninstall too.  To uninstall:
      • wget http://www.inetbase.com/scripts/ddos/uninstall.ddos
      • chmod 0700 uninstall.ddos
      • ./uninstall.ddos

So a few tools are outlined above.  We’ve found that this will stop 90% of the attacks that are out there.  Some nice firewall rules above your server (at the router or switch level) also help.  Most of the time we can identify suspicious traffic before it even hits your servers, so a shameless plug here is probably in order.

I know, shameless.

Contact Us if you’d like to colocate your server with us, or if there is something more that we can help you with.

We enjoy the opportunity to discuss your challenges, it helps make all of us better.