http://www.blackmoreops.com/2015/02/14/linux-file-system-hierarchy/
Archive for the ‘archlinux’ Category
Linux file system hierarchy
Posted: March 7, 2015 in archlinux, Debian, SlackwareTags: Configure, file, firewall, hierarchy, linux, system
0
This is simple code to grep file …
This code using by other to grep squid configurations and other like apache.conf.
# cat /etc/squid/squid.conf | sed ‘/ *#/d; /^ *$/d’
(thanks to kotnik for small sed trick)
to safe file use this
# cat /etc/squid/squid.conf | sed ‘/ *#/d; /^ *$/d’ > /etc/squid/squid.conf-new
to view or search something in squid access.log use this command
# grep ‘string-to-search’ /var/log/squid/access.log
Simple trick but you can use it…
### http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html
Exporting Mysql database results in garbage characters ’
Posted: April 5, 2011 in archlinux, Debian, Joomla, Slackwaremysql -u username -p –default-character-set=utf8 “database” < backup.sql
THANKS TO BRO HARIS !!!
Untuk high performance network rules dia :-
1) Pakai cat6 dan pastikan hubungan server dan switch menggunakan
1GB/s (Gigabit switch).
2) pakai OS 64bit
3) Perlu buat kernel tunning terutama TCP tunning, files limit dan process limit
http://people.redhat.com/alikins/system_tuning.html
http://www.performancewiki.com/linux-tuning.html
Yang ni yang paling saya suka walaupun untuk Oracle
root@web:~# pico /skrip/ip
root@web:~# pico /skrip/ipsub
root@web:~# pico /skrip/block
####################### PUT THIS ON /skrip/block ##################
BLOCKDB=’/skrip/ip’
IPS=$(grep -Ev “^#” $BLOCKDB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
iptables -A INPUT -p tcp -s $i –dport 21 -j DROP
iptables -A INPUT -p tcp -s $i –dport 80 -j DROP
done
#BLOCK SUBNET
BLOCKSUB=’/skrip/ipsub’
IPS=$(grep -Ev “^#” $BLOCKSUB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
iptables -A INPUT -p tcp -s $i –dport 21 -j DROP
iptables -A INPUT -p tcp -s $i –dport 80 -j DROP
done
####################### PUT THIS ON /skrip/block ##################
root@web:~# chmod +x /skrip/block
root@web:~#/skrip/block
*** put ip /skrip/ip
root@web:~#echo ‘123.123.123.123’ >> /skrip/ip
*** put ip range on /skrip/ipsub
root@web:~#echo ‘123.123.123.0/24’ >> /skrip/ipsub
Lighttpd – configure simple vhost multiple domain
Posted: February 12, 2011 in archlinux, Debian, Freebsd, SlackwareI’am suing Lighttpd for serve multiple domain …
Always forget how to configure ….
## For 1 domain
simple-vhost.server-root = “/var/www/servers/”
simple-vhost.default-host = “kami337fm.com”
simple-vhost.document-root = “pages”
$HTTP[“host”] == “kami337fm.com” {
server.document-root = “/var/www/servers/news2.example.org/pages/”
}
## For host www and without www (www.kami337fm.com & kami337fm.com)
$HTTP[“host”] =~ “(^|\.)kami337fm\.com$” {
server.document-root = “/var/www/servers/news2.example.org/pages/”
}
## For host .com and .org (www.kami337fm.com & kami337fm.org)
$HTTP[“host”] =~ “^(www\.kami337fm\.org|www\.kami337fm\.com)$” {
server.document-root = “/var/www/servers/news2.example.org/pages/”
}
## for 2 and more host
$HTTP[“host”] !~ “^(test1\.example\.org|test2\.example\.org)$” {
simple-vhost.server-root = “/var/www”
simple-vhost.document-root = “/html/”
## the default host if no host is sent
simple-vhost.default-host = “example.org”
}
$HTTP[“host”] == “test1.example.org” {
server.document-root = “/home/user/sites/test1.example.org/”
accesslog.filename = “/home/user/sites/logs/test1.example.org.access.log”
}
$HTTP[“host”] == “test2.example.org” {
server.document-root = “/home/user/sites/test2.example.org”
accesslog.filename = “/home/user/sites/logs/test2.example.org.access.log”
}
Using netstat
find all proses and port
root@firewall:~# netstat -tulpn
find proses by port
root@firewall:~# netstat -tulpn | grep :80
Using fuser command
find out PID that open port ex: 80
root@firewall:~#fuser 80/tcp
output
80/tcp: 539
and find proses name based on PID
root@firewall:~# ls -l /proc/539/exe
output
lrwxrwxrwx 1 root root 0 2011-01-04 09:28 /proc/539/exe -> /usr/sbin/apache2
Using lsof
root@firewall:~# lsof -i :80
output
apache2 539 www-data 3u IPv4 4579272 TCP 192.168.0.1:www (LISTEN)
apache2 539 www-data 4u IPv4 4579274 TCP 172.16.20.2:www (LISTEN)
get info fot PID
root@firewall:~# ps aux | grep ‘[5]39’
and get info all
root@firewall:~# ps -eo pid,user,group,args,etime,lstart | grep ‘[5]39’
Forward root mail from localhost to your gmail or whatever …
*nix server always sent email about cron or anything than you have to read it. but how …
ssh and issued this command
bsd# mail
than you can read your email. but if you wanna forward your email to gmail or yahoo or whatever.
bsd# cd /etc
bsd# pico aliases
put you email on..
# Pretty much everything else in this file points to “root”, so
# you would do well in either reading root’s mailbox or forwarding
# root’s email from here.
# root: YOUREMAILHERE@gmail.com
than issued this command
bsd# /usr/bin/newaliases
* than you will get your copy of root email.
DNS Servers For Main ISPs In Malaysia
Posted: July 17, 2010 in archlinux, Debian, Freebsd, Slackware, WindowS SeveNTmNet DNS servers
202.188.1.5
202.188.0.133
202.188.1.4
202.188.0.132
Jaring DNS servers
192.228.128.20
192.228.128.18
192.228.128.16
161.142.227.17
61.6.38.139
161.142.2.17
161.142.212.17
TimeNet DNS servers
203.121.16.85
203.121.16.120
Open DNS Server (overseas)
208.67.222.222
208.67.220.220
add from
Botnet merupakan perkataan yang digunakan bagi koleksi perisian robot atau bot yang dijana secara automatik. Ia bergerak dalam komputer ‘zombie‘ yang dikawal secara mudah alih oleh penggodam. Proses mencuri sumber perkomputeran sebagai hasil sistem digabungkan menjadi botnet juga dikenali sebagai scrumping.
Perkataan botnet boleh digunakan untuk merujuk kepada satu kumpulan bot seperti IRC bot, iaitu perkataan yang biasa digunakan bagi merujuk kepada sekumpulan compromised computer (dinamakan komputer ‘zombie’), yang mana ia menjalankan program cecacing, kuda Trojan, atau backdoor (lubang) di bawah kawalan satu infrastruktur. Botnetoriginator (bot herder) boleh mengawal kumpulan berkenaan secara mudah alih dan biasanya atas sebab-sebab yang mencurigakan.
Bot biasanya bergerak secara sembunyi dan sukar dikenalpasti kerana ia mampu melindungi pergerakannya dengan menjadi sebahagian daripada internet. Bot baru boleh menyaring persekitaran mereka secara automatik serta mengembangkan fungsinya dengan menggunakan kelemahan pengguna. Apa yang lebih menakutkan, ia boleh menjadi botnet yang mengawal sesuatu komuniti.
Biasanya botnet akan melibatkan pelbagai medium perhubungan seperti dial-up, ADSL dan kabel serta pelbagai jenis rangkaian seperti pendidikan, korporat, kerajaan dan kadang-kala ketenteraan.
Kajian mendapati, satu perempat daripada semua komputer peribadi yang berhubung dengan internet mempunyai botnet.
(http://www.adiguru.net/2009/11/apa-itu-botnet/)
Diletakkan disini slide dan bahan semasa Seminar berkenaan Botnet yang diadakan di ibu pejabat IMPACT Cyberjaya pada 14/4/2010 dianjurkan oleh TrenMicro.
Seminar ini bertajuk “”The Botnet Storm: Challenges & Global Cooperation”
