Archive for the ‘Debian’ Category

THANKS TO BRO HARIS !!!

Untuk high performance network rules dia :-

1) Pakai cat6 dan pastikan hubungan server dan switch menggunakan
1GB/s (Gigabit switch).

2) pakai OS 64bit

3) Perlu buat kernel tunning terutama TCP tunning, files limit dan process limit

http://people.redhat.com/alikins/system_tuning.html

http://www.performancewiki.com/linux-tuning.html

Yang ni yang paling saya suka walaupun untuk Oracle

http://www.puschitz.com/TuningLinuxForOracle.shtml

APACHE – ServerToken and X-Powered

Posted: February 21, 2011 in Debian, Freebsd

Secure your apache and php by hide information of it.

for debian / ubuntu

root@webserv# pico /etc/apache2/conf.d/security

ServerTokens Prod

ServerSignature Off

after that for php5

root@webserv#/etc/php5/apache2/php.ini

find expose_php and closed it (default is on)

expose_php off

root@webserv# /etc/init.d/apache2 restart

 

For freebsd

webserv# pico /usr/local/etc/apache22/httpd.conf

ServerTokens Prod
ServerSignature Off

after that for php5

webserv# pico /usr/local/etc/php.ini

find expose_php and closed it (default is on)

expose_php off

webserv#/usr/local/etc/rc.d/apache2 restart

 

 

 

IPTABLES – Block Script

Posted: February 13, 2011 in archlinux, Debian, Slackware

root@web:~# pico /skrip/ip
root@web:~# pico /skrip/ipsub
root@web:~# pico /skrip/block

####################### PUT THIS ON /skrip/block ##################

BLOCKDB=’/skrip/ip’
IPS=$(grep -Ev “^#” $BLOCKDB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
iptables -A INPUT -p tcp -s $i –dport 21 -j DROP
iptables -A INPUT -p tcp -s $i –dport 80 -j DROP
done

#BLOCK SUBNET
BLOCKSUB=’/skrip/ipsub’
IPS=$(grep -Ev “^#” $BLOCKSUB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
iptables -A INPUT -p tcp -s $i –dport 21 -j DROP
iptables -A INPUT -p tcp -s $i –dport 80 -j DROP
done

####################### PUT THIS ON /skrip/block ##################

root@web:~# chmod +x /skrip/block

root@web:~#/skrip/block

*** put ip /skrip/ip

root@web:~#echo ‘123.123.123.123’ >> /skrip/ip

*** put ip range on /skrip/ipsub

root@web:~#echo ‘123.123.123.0/24’ >> /skrip/ipsub

I’am suing Lighttpd for serve multiple domain …

Always forget how to configure ….

## For 1 domain

simple-vhost.server-root = “/var/www/servers/”

simple-vhost.default-host = “kami337fm.com”

simple-vhost.document-root = “pages”

$HTTP[“host”] == “kami337fm.com” {

server.document-root = “/var/www/servers/news2.example.org/pages/”

}

## For host www and without www (www.kami337fm.com & kami337fm.com)

$HTTP[“host”] =~ “(^|\.)kami337fm\.com$” {

server.document-root = “/var/www/servers/news2.example.org/pages/”

}

## For host .com and .org (www.kami337fm.com & kami337fm.org)

$HTTP[“host”] =~ “^(www\.kami337fm\.org|www\.kami337fm\.com)$” {

server.document-root = “/var/www/servers/news2.example.org/pages/”

}

## for 2 and more host

$HTTP[“host”] !~ “^(test1\.example\.org|test2\.example\.org)$” {

simple-vhost.server-root = “/var/www”

simple-vhost.document-root = “/html/”

## the default host if no host is sent

simple-vhost.default-host = “example.org”

}

$HTTP[“host”] == “test1.example.org” {

server.document-root = “/home/user/sites/test1.example.org/”

accesslog.filename = “/home/user/sites/logs/test1.example.org.access.log”

}

$HTTP[“host”] == “test2.example.org” {

server.document-root = “/home/user/sites/test2.example.org”

accesslog.filename = “/home/user/sites/logs/test2.example.org.access.log”

}

 

Attack from Japan

Posted: February 10, 2011 in Debian

My server have been attck from Japan for the last 4 days till now..

they get ftp access to my server. I have block them using this iptables.

Block all

root@web:~# iptables -A INPUT -p tcp –dport 21 -j DROP

Block Certain IP

root@web:~# iptables -I INPUT -p tcp -s 111.119.167.0/24 –dport 21 -j DROP

 

Simple step to install LAMP on Debian Lenny…

( Older post : https://panaharjuna.wordpress.com/2009/02/25/install-apache2-php5-mysql-ssl/)

Step 1 : install apache2

aptitude install apache2 apache2.2-common apache2-mpm-prefork apache2-utils libexpat1 ssl-cert

*****ServerName problem issued this command

echo “ServerName Casp3r” >> /etc/apache2/apache2.conf ##<— Change Casp3r to Your hostname

Restart Apache2

/etc/init.d/apache2 restart

or using this

apache2ctl graceful

Open http://localhost or http://YOUR.IP

Done Installing apache :p

Step 2 : install php5

Search php5 module using this command

aptitude search php5-

install several modules

aptitude install libapache2-mod-php5 php5 php5-common php5-curl php5-dev php5-gd \php5-imagick php5-mcrypt php5-memcache php5-mhash php5-mysql php5-pspell php5-snmp \php5-sqlite php5-xmlrpc php5-xsl

Restart Apache2

/etc/init.d/apache2 restart

Test php5

touch /var/www/aku.php

nano /var/www/aku.php

############## PHP Page ################

<?php

phpinfo( );

?>

############## PHP Page ################

Open http://localhost/aku.php or http://YOUR.IP/aku.php

you should see a PHP generated page

Done Installing php5 :p

Step 3 : install MySQL

aptitude install mysql-server mysql-client

after install MySQL run this command

/usr/bin/mysql_secure_installation

*** this secure installations for MySQL

/etc/init.d/apache2 reload

Done Installing MySQL :p

*** Yg lain ko pandai2 lah sendiri!!!

*** For security reason read this post

https://panaharjuna.wordpress.com/2010/01/10/hidden-apache-name-and-os/

Using netstat

find all proses and port

root@firewall:~# netstat -tulpn

find proses by port

root@firewall:~# netstat -tulpn | grep :80

 

Using fuser command

find out PID that open port ex: 80

root@firewall:~#fuser 80/tcp

output

80/tcp:                539

and find proses name based on PID

root@firewall:~# ls -l /proc/539/exe

output

lrwxrwxrwx 1 root root 0 2011-01-04 09:28 /proc/539/exe -> /usr/sbin/apache2

 

Using lsof

root@firewall:~# lsof -i :80

output

apache2 539 www-data    3u  IPv4 4579272       TCP 192.168.0.1:www (LISTEN)
apache2 539 www-data    4u  IPv4 4579274       TCP 172.16.20.2:www (LISTEN)

get info fot PID

root@firewall:~# ps aux | grep ‘[5]39’

and get info all

root@firewall:~# ps -eo pid,user,group,args,etime,lstart | grep ‘[5]39’

 

Colour bashrc on debian

Posted: November 25, 2010 in Debian

Colour bashrc on debian

#lenny:~#  pico /root/.bashrc

export LS_OPTIONS=’–color=auto’
eval `dircolors`
alias ls=’ls $LS_OPTIONS’
alias ll=’ls $LS_OPTIONS -l’
alias l=’ls $LS_OPTIONS -lA’

exit root

login again and you see colours!!!

#lenny:~# ls

Zimbra Collaboration Suite

Posted: October 21, 2010 in Debian

I have to blog this… takut lupa ma !!!!!

1. How to change default domain on ZCS

from xxxx.domain.com to domain.com

su – zimbra
zmprov mcf zimbraDefaultDomainName domain.com

 

2. Redirect HTTP to HTTPS in Zimbra

su – zimbra
zmtlsctl mixed
zmmailboxdctl stop
zmmailboxdctl start

Forward root mail from localhost to your gmail or whatever …

*nix server always sent email about cron or anything than you have to read it. but how …

ssh and issued this command

bsd# mail

than you can read your email. but if you wanna forward your email to gmail or yahoo or whatever.

bsd# cd /etc

bsd# pico aliases

put you email on..

# Pretty much everything else in this file points to “root”, so
# you would do well in either reading root’s mailbox or forwarding
# root’s email from here.
# root: YOUREMAILHERE@gmail.com
than issued this command
bsd# /usr/bin/newaliases
* than you will get your copy of root email.