Things You Should Know About Linux !!!

Encrypting the Backup...

2010-06-29T11:45:00.000+05:30

By now many of you might have come to know about the importance of backing up the data.To make the backed up data much more secure we have to encrypt the data so that,those who know the password can only check the data.
If you have ssl installed on your system, you can use it to encrypt your backup.

echo "your_key" > /tmp/.key

to save your data =>

tar cvf - files_to_save | openssl enc -des3 -salt -pass file:/tmp/.key >/dev/rmt0

to restore your data =>

openssl enc -d -des3 -pass file:/tmp/.key </dev/rmt0 | tar xvf -

NOTE:DON'T FORGET THE /tmp/.key file WHEN YOU ARE DONE WITH IT.!!!!

Where,
    * /dev/rmt0 : Tape device name.
    * openssl : The OpenSSL toolkit command line utility.
    * tar : The tar archiving utility.
    * des3 : Triple-DES Cipher (Triple DES is the common name for the Triple Data Encryption Algorithm).
    * -salt : The -salt option should ALWAYS be used if the key is being derived from a password unless you want compatibility with previous versions of OpenSSL and SSLeay. Without the -salt option it is possible to perform efficient dictionary attacks on the password and to attack stream cipher encrypted data. The reason for this is that without the salt the same password always generates the same encryption key. When the salt is being used the first eight bytes of the encrypted data are reserved for the salt: it is generated at random when encrypting a file and read from the encrypted file when it is decrypted. (source enc man page)

Changing Wordpress admin link to whatever you like.

2010-06-26T11:38:00.000+05:30

Every one might have heard about wordpress and those who have hosted their site using wordpress t will know that the default admin login link is given as wp-admin. So once the intruder gets the login page then he can try any tricks to crack into your hosted site.So for security purposes its better to hide ur admin login link so that it will be difficult for anyone to get find it…

This is how it is done…..

Locate your .htaccess file and edit it in the following way:

Edit your .htaccess file and add the following lines:

######################
RewriteEngine On
RewriteBase /
##### ABOVE THIS POINT IS ALREADY INSERTED BY WORD PRESS
##### Michi’s code is BELOW #####
RewriteCond %{REQUEST_URI} wp-admin/
RewriteCond %{QUERY_STRING} !YOURSECRETWORDHERE
RewriteRule .*\.php [F,L]
RewriteCond %{QUERY_STRING} !YOURSECRETWORDHERE
RewriteRule ^ADMINFOLDER/(.*) wp-admin/$1?%{QUERY_STRING}&YOURSECRETWORDHERE [L]
##### Dejavu’s code is ABOVE #####
##### BELOW THIS POINT IS ALREADY INSERTED BY WORD PRESS
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
#####################

Additional info:
* Change YOURSECRETWORDHERE to something else. It can be any word you want. Just make sure it’s unique and somewhat long. Make it, like, your pets name or something random. Read this post to understand why this matters.
* Change ADMINFOLDER to the new folder name you want. Letters, numbers, underscores, and dashes only. That ^ in front of it is on purpose. Don’t delete that.

Now your blog is a bit more secure than before….ENjoy..!!!!!!!!!!!

Virtual Box –folders sharing-Permission problem.

2010-06-24T10:53:00.000+05:30

While sharing folders between host and a virtual machine using Virtual box, Sometimes you may face the problem that after a folder is shared to the virtual machine from host machine you don't find execute permissions on the files shared and if you try to set the execute permissions with chmod command that don't work.

Here is an ugly way to make that work, if you are good at coding then you can edit the vboxvfs kernel module (the joys of open source!).

NOTE: Do the steps at ur own risk..!!!

How to:
1. mount the VBoxGuestAdditions.iso (e.g. /media/cdrom0)
2. mkdir vbox && cd vbox && /media/cdrom0/VBoxLinuxAdditions.run --tar -xf
3. edit module/vboxvfs/utils.c, change line 96 "mode |= mode_set (IXUSR);" to "mode |= S_IXUSR;" (note addition of "S_" prefix... basically, always set executable flag)
4. sudo ./install.sh vfs-module
5. cd .. && rm -rf vbox

This sets the executable flag in the guest only (mode 700) for all shared files — the host still always gets mode 500 for newly created files. Hopefully a dev can make a proper fix. (slight improvement: set executable on new file creation, and keep file permissions in sync otherwise so non-executables in the host don't show up as executable in the guest)

But at least this lets you to do some development within a shared directory...

Sharing files between Guest and Host machines in Virtual Box.

2010-06-22T11:02:00.000+05:30

If you are using VMware as your virtualization software you will be able to copy files directly from the host to the guest OS, and vice versa. But unfortunately this feature does not exist in Virtual Box. Not yet at least.

However, there is a very easy way you can share files between the host and guest when using Virtual Box – using Shared Folders.

First you have to create folder in your Windows host. For example, create a folder on your desktop called “myshared“.

Then start your Ubuntu VM. After you get to the desktop, press the right-Ctrl button so that your mouse pointer can move outside the Ubuntu desktop. From the menubar, go to Devices-> Shared Folders. After that click the Add New Shared Folder button and then browse to the folder you created earlier (myshared). Make sure you tick the “Make Permanent” checkbox.

After you have added the folder, click OK and return back to your Ubuntu desktop. Then create a folder in Ubuntu which will be used as the shared folder on the guest OS. For example, create a folder called “SharedItems” on your desktop.

Then open a new Terminal window (Applications -> Accessories -> Terminal) and execute the following command:

sudo mount -t vboxsf myshared Desktop/SharedItems

The text in red is the name of the shared folder in the Windows host and the text in blue is the directory path of the shared folder on the Ubuntu guest.

Once you’ve done that, you can now share files between the two OSs by simply placing files in the folders.

EnJoy..!!!!!!!!!!!!!!!!

The way to Multibooting: VMware & VirtualBox & MS Virtual PC

2010-06-20T11:02:00.001+05:30

This is all for those who try many operating systems at the same time... and those who want to test a dose of the newly released operating system...with out making any changes to your Master Boot Record or to your current system...

1) You don't need to worry about partitioning if you are not aware of it. Here you can specify any of your harddisk drives for the purpose of storage for the other operating systems... The guest operating systems will use the free space available in the windows without harming anything to your files...

2) You don't specifically need the installation cd/dvd of the operating system... an image file in .iso format will also do the same...

3) You can create the files in the guest and can restrict the amount of HDD occupied by them...

4) You can allocate no: of processors for the guest operating system out your dual/quad core processor...

4) You can specify the amount of RAM for the guest since this ...

so a lot of freedom and customization... no risks of careless partitioning....

For more details you can refer through these websites:

http://www.vmware.com/products/workstation/

http://www.virtualbox.org/

http://www.microsoft.com/windows/virtual-pc/default.aspx

Softwares to Break BIOS Password:

2010-06-11T23:45:00.000+05:30

Softwares to Break BIOS Password:

If your system boots but the BIOS password is still in place, there are several programs you can load that are designed to crack the passwords or clear them altogether. The encryption on BIOS passwords is not very complex. Following are links to a few of these free programs:

1. CmosPwd 4.8
http://www.softpedia.com/get/Security/Decrypting-Decoding/CmosPwd.shtml
Article source: faq.programmerworld.net

Break BIOS Password for Laptop :

2010-06-09T23:44:00.000+05:30

Remember that laptops can be trickier, especially if it's a newer model. If it has a security chip on the motherboard forget about it. You either have to physically remove the chip or contact the mfg for the "master" password. If you can boot up off of a cd or floppy try any of these methods:

1. Create a Win98SE bootable media "or anything that lets you boot into MS-DOS" and boot off of it.
2. When the A:\> prompt appears type debug and press enter.
3. You will then only see a "-".
4. Type o 70 2E "include the spaces" and press Enter.
5. Type o 71 ff "include the spaces" and press Enter.
6. Type q and press Enter.
7. Here are a list of common mfg backdoor passwords
* AWARD BIOS
AWARD SW, AWARD_SW, Award SW, AWARD PW, _award, awkward, J64, j256, j262, j332, j322, 01322222, 589589, 589721, 595595, 598598, HLT, SER, SKY_FOX, aLLy, aLLY, Condo, CONCAT, TTPTHA, aPAf, HLT, KDD, ZBAAACA, ZAAADA, ZJAAADC,
* AMI BIOS
AMI, A.M.I., AMI SW, AMI_SW, BIOS, PASSWORD, HEWITT RAND, Oder

How to Break a BIOS Password?

2010-06-07T23:43:00.000+05:30

Methods of breaking password for Desktop PC and for laptop is quite different. We would explain each.

Break BIOS Password for Desktop :
If it's a desktop PC, erasing the cmos memory will usually clear it.

Steps:

1. Power off the computer and make sure that it is unplugged.
2. Open up your computer case. You need physical access to the motherboard to complete this procedure.
3. Find a circular, (mostly) silver metallic object on the motherboard. This is the CMOS battery.
4. CAREFULLY remove the CMOS battery and leave it out for about 120- 180 seconds. This will flush the CMOS memory which stores the BIOS password and all other configuration. (See Warnings)
5. Set the battery back into place and power on the computer.
6. The computer should then warn you that the CMOS configuration could not be found. You can either reconfigure it yourself or restore defaults. Restoring the default configuration should be fine.
7. You will notice that the BIOS password has been cleared and you can boot without it. You may reset the BIOS password to something else by going into the BIOS configuration and setting a new User Password.

Alternate Method: (More Difficult)

Remove a jumper: There's a jumper on your motherboard that you'll need to identify and remove. Most motherboards make your job easier by actually labeling the correct jumper as "BIOS config" or something similar. (it looks like a small plastic thingy on 2 pins with 1 pin beside it, within a 1" of the battery). If you're having trouble looking for it, look in the motherboard manual.After you have found it, carefully pull straight up on it, and place it on the 2-3 pins(it was on the 1-2 pins). With the battery removed and the jumper moved, turn the computer on, and check to see if you can get into the bios. If you are able to, turn the computer off, put the jumper back on pins 1-2, and put the battery back in. Lastly put the case together and you are done.

Note: Don't forget to configure the BIOS (if you know how) after this process. If you you don't know how, just hold the "delete" button when starting your PC and when the blue screen appears, find the load safe defaults settings and press:

* ENTER button
* Y button
* F10 button

Adding SWAP space to your machine.

2010-06-03T23:35:00.000+05:30

Procedure to add a swap file :

CHECK How much swap space u r having on ur machine... using "free" command and if u find ur swap is low then add a swap file to ur machine...

You need to use dd command to create swap file. Next you need to use mkswap command to set up a Linux swap area on a device or in a file.

1) Login as the root user

2) Type following command to create 512MB swap file (1024 * 512MB = 524288 block size):
# dd if=/dev/zero of=/swapfile1 bs=1024 count=524288

3) Set up a Linux swap area:
# mkswap /swapfile1

4) Activate /swapfile1 swap space immediately:
# swapon /swapfile1

5) To activate /swapfile1 after Linux system reboot, add entry to /etc/fstab file. Open this file using text editor such as vi:
# vi /etc/fstab

Append following line:
/swapfile1 swap swap defaults 0 0

So next time Linux comes up after reboot, it enables the new swap file for you automatically.

6) How do I verify swap is activated or not?
Simply use free command:
$ free -m

How to change the dns server…

2010-05-31T23:24:00.000+05:30

1. Take terminal from Applications -> accessories -> terminal

2. Backup the resolv.conf file in the etc folder of the filesystem

$ sudo cp /etc/reasolv.conf /etc/resolv.conf.bak

3. Edit the back up file to change the dns address
$ sudo gedit /etc/resolv.conf.bak

4. Replace the current domain address specified there with the dns server address that gave you the minimum average time.

Enter the other address below that in the same format if you wish..(Network manager opt for secondary address if the connection fails)

5. That’s all about making the changes… The data that u have written in the back up file will long till u delete that file manually.

6. Copy back the content of the backup file (resol.conf.bak) to the original

resolv.conf after you connected to the internet whenever you want to change

the address (before starting browsing)

How to find out the best dns server for your system?

2010-05-30T23:18:00.001+05:30

In my previous post I have mentioned about some public DNS servers, that you can use instead of the servers mentioned by ur ISP.
Now you might be in a confusion that Which servers are best for you.
This checking simply consists of pinging from your system to all the nameservers one after another and to see the one that is having minimum average time to do this, take your terminal and type in as follows

1: $ ping -c 5 8.8.8.8
2: Checkout the average time needed for the process.
Its shown in the terminal. Replace the address
8.8.8.8 with all other dns addresses and repeat steps 1 and 2.

Which ever DNS has the least average time is the one you are searching for.

Something You want to know about Domain Name Servers :

2010-05-23T20:32:00.001+05:30

Domain Name servers are responsible for resolving the web address that you type in on the address bar of your web browser into machine understandable IP addresses to locate the servers.

Almost all the internet service providers have their own dns servers for this purpose… It is not strict rule that you have to use this dns servers for address resolution always.. some other public and free dns servers are available today.
Some of these kind of dns servers provides security against vulnerabilities in the internet, some are very much faster than the dns servers of your ISP..

The ip of best public dns servers available are

google public dns
8.8.8.8
8.8.4.4

opendns
208.67.220.220
208.67.222.222

dns advantage
156.154.70.1
156.154.71.1

others
209.244.0.3
209.244.0.4

In Linux place the DNS IP’s in /etc/resolve.conf file.

In windows place the DNS IP’s where you place your general DNS IP:

(like as shown in the figure);

All You Should Know About: lsof

2010-04-28T12:07:00.000+05:30

Lsof follows Unix philosophy closely. It does just one task and it does it perfectly -- it lists information about files opened by processes. An open file may be a regular file, a directory, a NFS file, a block special file, a character special file, a shared library, a regular pipe, a named pipe, a symbolic link, a socket stream, an Internet socket, a UNIX domain socket, and many others. Since almost everything in Unix is a file, you can imagine how incredibly useful lsof is!

How to use lsof?

In this article I will try to present lsof based on as many use cases as I can think of. Let's start with the simplest (that you probably already know) and proceed to more complicated ones.

List all open files.

# lsof
Running lsof without any arguments lists all open files by all processes.

Find who's using a file.

# lsof /path/to/file
With an argument of a path to a file, lsof lists all the processes, which are using the file in some way.

You may also specify several files, which lists all the processes, which are using all the files:

# lsof /path/to/file1 /path/to/file2
Find all open files in a directory recursively.

# lsof +D /usr/lib
With the +D argument lsof finds all files in the specified directory and all the subdirectories.

Note that it's slower than the usual version with grep:

# lsof | grep '/usr/lib'
It's slower because +D first finds all the files and only then does the output.

List all open files by a user.

# lsof -u Dejavu
The -u option (think user) limits output of files opened only by user Dejavu.

You can use comma separated list of values to list files open by several users:

# lsof -u rms,root
This will list all the files that are open by users rms and root.

Another way to do the same is by using the -u option twice:

# lsof -u rms -u root
Find all open files by program's name.

# lsof -c apache
The -c option selects the listing of files for processes whose name begins with apache.

So instead of writing:

# lsof | grep foo
You can now write the shorter version:

# lsof -c foo
In fact, you can specify just the beginning part of the process name you're looking for:

# lsof -c apa
This will list all the open files by a processes whose starts with apa.

You can also specify several -c options to output open files by several processes:

# lsof -c apache -c python
This will list all open files by apache and python.

List all open files by a user OR process.

# lsof -u Dejavu -c apache
Lsof options can be combined. The default is to OR between options. It means it will combine outputs of -u Dejavu and -c apache producing a listing of all open files by Dejavu and all open files by apache.

List all open files by a user AND process.

# lsof -a -u Dejavu -c bash
Notice the -a option. It combines the options with AND. The output listing is files opened by bash, which is run under Dejavu user.

List all open files by all users EXCEPT root.

# lsof -u ^root
Notice the ^ character before root username. It negates the match and causes lsof print all open files by all users who are not root.

List all open files by the process with PID.

# lsof -p 1
The -p option (think PID) filters out open files by program's id.

Remember that you can select multiple PIDs by either comma separating the list or using multiple -p arguments:

# lsof -p 450,980,333
This selects processes with PIDs 450, 980 and 333.

List all open files by all the processes EXCEPT process with PID.

# lsof -p ^1
Here the negation operator ^ is used again. It inverts the list and does not include process with PID 1.

List all network connections.

# lsof -i
Lsof with -i option lists all processes with open Internet sockets (TCP and UDP).

List all TCP network connections.

# lsof -i tcp
The -i argument can take several options, one of them is tcp. The tcp option forces lsof to list only processes with TCP sockets.

List all UDP network connections.

# lsof -i udp
The udp option causes lsof to list processes with UDP sockets.

Find who's using a port.

# lsof -i :25
The :25 option to -i makes lsof find processes using TCP or UDP port 25.

You may also use service port name (found in /etc/services) rather than port number:

# lsof -i :smtp
Find who's using a specific UDP port.

# lsof -i udp:53
Similarly, to find who's using a TCP port, use:

# lsof -i tcp:80
Find all network activity by user.

# lsof -a -u hacker -i
Here the -a option combines -u and -i to produce listing of network file usage by user hacker.

List all NFS (Network File System) files.

# lsof -N
This option is easy to remember because -N is NFS.

List all Unix domain socket files.

# lsof -U
This option is also easy to remember because -U is Unix.

List all files for processes with a specific group id.

# lsof -g 1234
Process groups are used to logically group processes. This example finds all files opened by processes with PGID 1234.

List all files associated with specific file descriptors.

# lsof -d 2
This lists all files that have been opened as file descriptor 2.

You may also specify ranges of file descriptors:

# lsof -d 0-2
This would list all files with file descriptors 0, 1 and 2.

There are also many special values, such as mem, that lists memory-mapped files:

# lsof -d mem
Or txt for programs loaded in memory and executing:

# lsof -d txt
Output PIDs of processes using some resource.

# lsof -t -i
The -t option outputs only PIDs of processes. Used together with -i it outputs PIDs of all processes with network connections. It's easy to kill all processes that use network:

# kill -9 `lsof -t -i`
Repeat listing files.

# lsof -r 1
The -r option makes lsof repeatedly list files until interrupted. Argument 1 means repeat the listing every 1 second. This option is best combined with a narrower query such as monitoring user network file activity:

# lsof -r 1 -u john -i -a
How to install lsof?

Lsof comes preinstalled on many Unix systems. If your system doesn't have it, try to install it from the source.

BSD supplies its own utility that does similar things, it's called fstat.

For the full documentation of lsof see the man lsof page or type lsof -h for a small cheat sheet.

Have fun with lsof!

Fixing Windows XP Master Boot Record (MBR)

2010-04-25T11:49:00.001+05:30

After installing a Linux distro on a Windows XP machine, the GRUB boot loader, or other Linux boot loader, will appear when the PC boots. It gives you the option of which operating system to start. GRUB usually makes Linux the default OS, so it will start automatically when the PC is turned on.

If you ever delete the Linux distro and don’t have Windows set as the OS that will boot when the PC is powered on, Windows might not start and will give an error message.

An easy way to fix the Windows XP master boot record is to use the Windows Install CD.

1) Insert the Windows XP Install CD and reboot the computer.
2) When “Press any key to boot from CD” appears, press any key.
3)When the “Welcome to Setup” screen appears, press R to enter the Recovery Console.
4)When asked which Windows installation to log onto, enter the number for the correct Windows install, then press Enter.
5)Type the Administrator password or just press Enter if there isn’t one.
6)Type FIXMBR and press Enter.
7) It will ask if you are sure you want to write a new MBR. Type y and press Enter.
It should say “The new master boot record has been successfully written”. Type exit and press Enter to reboot the computer.
8) Remove the Installation CD as soon as the computer powers up so it won’t boot from the CD again.

The computer should now boot into Windows.

Birth of The Linux Kernel :

2010-04-01T00:22:00.000+05:30

In the early days of Unix, universities used Unix as a vehicle for teaching computer science students about operating systems. When AT&T asserted its proprietary claim to Unix, universities needed a replacement. Andrew Tannenbaum created a Unix-like operating system called MINIX, which became popular as a teaching tool. However, unlike Unix, MINIX was designed primarily as a pedagogical tool and performed relatively poorly. In 1990, Finnish computer science student Linus Torvalds began work on a memory manager for Intel-architecture PCs. At some point he realized that his work could be extended to operate as a Unix kernel. In August 1991, he posted his work-in-progress to the Internet newsgroup comp.os.minix, inviting others to request features to be considered for implementation:

From: torvalds@klaava.Helsinki.FI (Linus Benedict Torvalds)

Newsgroups: comp.os.minix

Subject: What would you like to see most in minix?

Summary: small poll for my new operating system

Message-ID: <1991Aug25.205708.9541@klaava.Helsinki.FI>

Date: 25 Aug 91 20:57:08 GMT

Organization: University of Helsinki

Hello everybody out there using minix -I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones. This has been brewing since april, and is starting to get ready. I'd like any feedback on things people like/dislike in minix, as my OS resembles it somewhat(same physical layout of the file-system (due to practical reasons)among other things). I've currently ported bash(1.08) and gcc(1.40), and things seem to work. This implies that I'll get something practical within a few months, and I'd like to know what features most people would want. Any suggestions are welcome, but I won't promise I'll implement them :-)

Linus (torvalds@kruuna.helsinki.fi)

PS. Yes - it's free of any minix code, and it has a multi-threaded fs.

It is NOT protable [sic](uses 386 task switching etc), and it

probably never will support anything other than AT-harddisks, as that's all I have :-(.

Torvalds called his operating system kernel Linux, for Linus’s Minix. Unix programmers eagerly offered help in developing Linux. Because Stallman’s GNU project had completed almost all of the components needed for its Unix like operating system except the kernel, Linux and GNU were a natural marriage.In 1994, about three years after Torvalds’s posting, Linux 1.0 was released under the terms of the GPL. Already, Linux had about 100,000 users.

AT PRESENT THE LINUX DEVELOPMENT PROCESS IS GOING LIKE THIS :

Linux kernel Versions:

2010-03-26T09:58:00.000+05:30

Linux kernels are numbered using an even/odd system. An even-numbered

kernel—for example, Linux 2.2—is called a called stable kernel.

Changes are generally made to a stable kernel only to fix bugs and problems.

An odd-numbered kernel—for example, Linux 2.3—is called a development

kernel. Development kernels are works-in-progress and sometimes contain

bugs, some of which are serious. Most Linux users work with stable kernels,

reserving spare computers for testing development kernels.

At the time I’m writing this post , Linux 2.6.33.1 is the latest stable kernel.

You can download it from HERE .

How to set multiple IP addresses using Linux command line ?

2010-03-26T01:35:00.000+05:30

Go to /etc/sysconfig/network-scripts

Make multiple copies of ifcfg-eth0 and name them as ifcfg-eth0:0, ifcfg-eth0:1 etc.

Open each of them and at least change the IPADDR to your chosen IP address and the NETMASK to the subnet mask for that IP address.

A sample entry would look like this:

DEVICE=eth0:0

BOOTPROTO=static

IPADDR=34.123.111.21

NETMASK=255.255.255.0

ONBOOT=yes

Restart the network:

/sbin/service network restart

You are done!

SSH Without Password Authentication

2010-03-24T01:34:00.000+05:30

Often you need to remotely run utilities on other machines through unattended batch process or cron job. ssh allows you to execute code on remote machine. However in normal usage it prompts you for password which makes it hard to use in unattended processes. Here is a simple way to eliminate the need for specifying password every time when connecting through ssh.

Let's assume your want to connect to remote machine named remote as user named user.

You need to first, and only once, generate a private-public keypair using ssh-keygen as follows:

ssh-keygen -t dsa

This will create a private and public keypair which is stored in ~/.ssh directory.

Next run the following command once for every machine you want to remotely login without specifying password:

scp ~/.ssh/id_dsa.pub user@remote:~user/.ssh/authorized_keys

Now you can login to the machine using ssh without requiring to specify any password. Your public key, which you copied to the remote machine, is checked (not directly) against your private key to verify your authenticity.

One Linux Formatting Tip I Bet You Didn’t Know:

2010-03-21T01:33:00.000+05:30

You probably know how you can format a Linux partition:

mkfs.ext3 /dev/hda

This formats the partition with ext3 file system. However did you know how to extract maximum space out of this partition, especially if it a large partition?

How to maximize available space in a partition?

Enter the magical -m option. If the file system becomes filled and there is no more space to write, it is basically unusable because the operating system is constantly writing to disk. By default, five percent of the partition is reserved for use by the root user. This allows root to conduct administrative activities on the partition and perhaps move some data off. Firstly, this is most critical when the partition contains / or home directories. For pure data partitions, this is just lost space. Five percent of a 250Gb partition is 12.5 Gb. Especially in the case of large partitions, it is safe to set the reserved space to the minimum, which is one percent.

mkfs.ext3 -m 1 /dev/hdb1

creates a file system with only 1% of its space reserved for the root user.

Note: You can use tune2fs -m later to adjust the reserved blocks after data is loaded on the partition.

Bonus tip: How to label a partition

Use -L with mkfs.ext3 to add a label to the partition. You can later refer to this label instead of the device name when mounting. This provides the same functionality as e2label which can be used to label a partition later.

Tracing system cals in linux

2010-03-20T01:33:00.000+05:30

There are certain programs in Linux for which the source is not readily available. There is an useful diagnostic, instructional, and debugging tool for Linux to solve it. The system intercepts and records the system calls that are called by process and the signals which are received by a process. It also gives students and hackers a great chance to learn about system and system calls by tracing even ordinary programs. Let's a pick at the useful tool.

Here's the simple tool to trace calls and signals

strace

This will output a great amount of data on to the screen. If it is hard to keep track of the scrolling mass of data, then there is an option to write the output of strace to a file instead which is done using the -o option.

Block IP Addresses On Linux Server

2010-03-19T01:32:00.000+05:30

I hope by now all of you have heard about firewalls. In linux we generally use IPtables for controlling the traffic as per our requirement.

From Wikipedia: IPtables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall

(implemented as different Netfilter modules) and the chains and rules it stores.

Iptables requires elevated privileges to operate and must be executed by user root, otherwise it fails to function.

Now let us go to our scenario:

Take a look at your log file (/var/log/secure for REDHAT/Fedora ) and you will discover numerous automated ssh hacking attempts using dictionary attack. So now you have identified the offending addresses. How do you stop them?

Here comes the magic mantra which uses iptables (packet) firewall:

iptables -A INPUT -s a.b.c.d -j DROP

Replace a.b.c.d with the offending IP address. Repeat this for each of the offending IP addresses.

Install of Apache, SSL, PHP, MySQL in linux

2010-03-18T01:32:00.000+05:30

The following steps will show you how to install the Apache web server on GNU/Linux. This install also includes installing mod_ssl, MySQL and PHP4.You may encounter problems compiling any one of these tarballs. It is up to you to fix the problems. This install assumes that you have everything you need to do all of the compiles. The x's in each file name stands for what ever the version number is at the time you download it.

Download and extract all the source tarballs.

The following are links to the sites you will need to download the source files. Go to each sites download section and download the latest version of each piece of software. After you have downloaded them all to the same directory we are going to unzip and untar them.

Apache http://www.apache.org/dyn/closer.cgi

Openssl http://openssl.org/

ModSSL http://www.modssl.org/

Php.net

MySQL.com (Download the Linux binary version)

tar -xvzf apache_1.3.xx.tar.gz

tar -xvzf openssl-0.9.Xx

tar -xvzf mod_ssl-2.X.xx-1.3.xx

tar -xvzf php-4.X.x.tar.gz

Install MySQL (binary version)

groupadd mysql

useradd -g mysql mysql

cd /usr/local

gunzip < /path/to/mysql-VERSION-OS.tar.gz | tar xvf -

ln -s full-path-to-mysql-VERSION-OS mysql

cd mysql

scripts/mysql_install_db

chown -R root .

chown -R mysql data

chgrp -R mysql .

bin/safe_mysqld --user=mysql &

bin/mysqld_safe --user=mysql &

## if you are running MySQL 4.x

Build OpenSSL

cd openssl-0.9.Xx

./config

make

make test

make install

cd ..

Patch Apache with mod_ssl

cd mod_ssl-2.X.xx-1.3.xx

./configure --with-apache=../apache_1.3.xx

cd ..

Preconfigure Apache for PHP

cd apache_1.3.xx

./configure --prefix=/usr/local/apache

cd ..

Configure PHP and compile it for Apache

cd php-4.x.x

CFLAGS='-O2 -I../openssl-0.9.Xx'

./configure --with-apache=../apache_1.3.xx --with-mysql

make

make install

cd ..

You can configure and compile a ton of other things into PHP.Make sure if you compile these other things in that you scan back thru the configure output to make sure all of the things you tried to compile in were found. If you install the libjpeg,freetype,libpng,and zlib on RedHat you just need to put /usr in for the directory. Other paths refer to the areas the library's were installed and compiled. Type: ./configure --help to see all of the things you can configure PHP with. My config line looks like this:

./configure \

--with-gd=/usr \

--with-mysql \

--with-png-dir=/usr \

--with-zlib-dir=/usr \

--with-ttf=/tmp/freetype-2.0.5/ \

--with-freetype-dir=/tmp/freetype-2.0.x \

--with-jpeg-dir=/usr \

--with-mcrypt=/tmp/libmcrypt \

--with-apache=../apache_1.3.xx

make

make install

cd ..

Build Apache with mod_ssl and PHP

cd apache_1.3.xx

SSL_BASE=../openssl-0.9.Xx \

./configure \

--prefix=/usr/local/apache \

--enable-module=ssl \

--activate-module=src/modules/php4/libphp4.a \

--enable-module=php4

make

make certificate <--Optional step.

make install

cd ..

Configure Apache's Preferences File

vi /usr/local/apache/conf/httpd.conf

See the Apache documentation on how to configure your Apache httpd.conf.

Start your Apache server

Service httpd start

That's it, enjoy!

Difference between Hardlink and Soft link…

2010-03-15T01:31:00.000+05:30

A hard link cannot span file systems.

A soft link can point to files anywhere on the network.

All hard links share the same inode number.

Each soft link has a unique inode number.

If you delete the source hard link file you can still access the other one. However, with a soft link, if you delete the source link, you cannot access the other one.

With a soft link, you can create a symbolic link to a file that does not exist yet. You cannot create a hard link unless the source file already exists.

What’s new in GRUB2 ?

2010-03-14T01:30:00.000+05:30

GRUB2 has recently released its version 1.98 with many added functionalities. The last version of GRUB, GRUB 1.97 which was later renamed to GRUB2 brought major changes to GRUB. This made common software based on the initial version of GRUB, namely SUM, useless. It also caused a reduced functionality. Putting windows as the preferred OS also required more than just moving the codes up and down. It required us to read the script and understand how it works before attempting any hack and mod.

Following the success of the modular GRUB2, there has been an update in GRUB2. The latest version comes with many changes like,

* Support for multiple terminals.

* New GRUB reboot.

* Storing passwords in an encrypted format.

* Unit testing framework.

* Support for GNU/HURD.

These are only some changes made over the new features of GRUB2. The features of GRUB2 include,

* Cygwin compatibility.

* Password protection.

* EXT4 File system support.

* Ability to load new kernels.

This makes GRUB2 an instant hit with many security features. The only thing that I miss with GRUB2, is the level of customization. It would really help if a fully functional version of SUM is ported over to run with GRUB2.

How to Hack Windows Administrator Password Through Linux

2010-03-13T01:29:00.000+05:30

With all the good intentions you can think of, name it a tutorial purpose or something to learn purely for the fun and never to harm anyone, I will now show you a simple way to hack a Windows administrator password using Linux. You will only need a Live CD, and for this example, we will utilize Ubuntu.

Boot into the system Which you want to reset by using the LIVE CD:

1. Install a program called chntpw

$ sudo apt-get install chntpw

2. After successfully installing chntpw, you have to access the Windows NTFS partition by mounting it and allowing read/write support. A good tutorial on how to do this can be found here.

3. After that, use your command line skills by navigating to WINDOWS/system32/config

4. Once inside the config directory, issue this command:

$ sudo chntpw SAM

5. A long display of information will follow. Just ignore them.

6. Once you are prompted to reset the password, it is recommended to leave the password blank with an asterisk (*).

7. Reboot, and you can now login to Windows with full administrative access.