Linux Consultant

“Yes, I’m paranoid — but am I paranoid enough?” ― David Foster Wallace, Infinite Jest Hardening Public Servers Install system accounting On Debian based systems run ‘apt-get install acct’ then you can use commands lastcomm and sa to see who ran various comands. Also a log file will be writen to /var/log/account/pacct Remove compilers from production severs use the command ‘apt-get –purge remove gcc’ Setup remote logging See http://www.thegeekstuff.com/2012/01/rsyslog-remote-logging/ to find out how Install fail2ban Linux.com has a good intro to fail2ban http://www.linux.com/learn/tutorials/469597-weekend-project-keep-out-repeat-offenders-with-fail2ban-on-linux

June 19, 2018 | by Scott Kilroy

ssh tips

Someday I’ll get around to writing up my own tips but until then this is a pretty good guide http://lugatgt.org/2009/10/28/ssh-tips-and-tricks-2/

June 19, 2018June 19, 2018 | by Scott Kilroy

bashprofile

# .bash_profile # Get the aliases and functions if [ -f ~/.bashrc ]; then . ~/.bashrc fi # User specific environment and startup programs PATH=$PATH:$HOME/bin:/sbin export JAVA_HOME=/usr/java/jdk1.6.0_05/bin/java export PATH=$PATH:/usr/java/jdk1.6.0_05/bin export HISTIGNORE=”&” export EDITOR=nano export PATH unset USERNAME alias rm=’rm -i’ alias cp=’cp -i’ alias ls=’ls –color’ alias zf=’zf.sh’ echo -e “\033[36m########################## \033[0m” echo -e “\033[36mServer $HOSTNAME \033[0m” echo -e “\033[36mWelcome back $USER \033[0m” echo -e “\033[36musers loggged in: \033[0m” echo -e “\033[36m `users ` \033[0m” echo -e “\033[36m`uptime` \033[0m” echo […]

June 19, 2018 | by Scott Kilroy

bashrc

Here is my typical .bashrc file # .bashrc # Source global definitions if [ -f /etc/bashrc ]; then . /etc/bashrc fi # append commenads to bash_history (when using more then one window) shopt -s histappend PROMPT_COMMAND=’history -a’ # User specific aliases and functions PATH=$PATH:$HOME/bin:/sbin #export JAVA_HOME=/usr/java/jdk1.6.0_05/bin/java export HISTIGNORE=”&” export EDITOR=nano export PATH unset USERNAME #function PWD { #pwd | awk -F\/ ‘{print $(NF-1),$(NF)}’ | sed ‘s/ /\\//’ #} #export PS1=”\[\033[0;32m\]\u@\h \[\033[33m\]\$(pwd 3)\[\033[0m\] \$ “;

June 19, 2018 | by Scott Kilroy

apache – watch httpd for connected clients

watch httpd for connected clients watch “netstat -anpt | grep httpd | grep ESTABLISHED|cut -b45-60 | cut -d’:’ -f1 | sort” OR netstat -plan|grep :80|awk {‘print $5’}|cut -d: -f 1| sort|uniq -c | sort -nk 1

June 19, 2018 | by Scott Kilroy

apache – test mod_evasive is setup correctly

You can use this simple script to test mod_evasive is installed and running. I didn’t write this but forgot where I found it. Sorry for the lack of credit where it’s due. #!/usr/bin/perl # test.pl: small script to test mod_dosevasive’s effectiveness use IO::Socket; use strict; for(0..100) { my($response); my($SOCKET) = new IO::Socket::INET( Proto => “tcp”, PeerAddr=> “w3.fiendishplan.com:80”); if (! defined $SOCKET) { die $!; } print $SOCKET “GET /?$_ HTTP/1.0\n\n”; $response = ; print $response; close($SOCKET); }

June 19, 2018 | by Scott Kilroy

Apache modrewrite examples

modrewrite rule if you create folder it can be used as a subdomain RewriteCond %{HTTP_HOST} !^www\.website\.com$ RewriteCond %{HTTP_HOST} ^(.*)\.website\.com(.*) [NC] RewriteCond %{DOCUMENT_ROOT}/%1 -d RewriteRule ^(.*)$ http://www.website.com/%1$1 [P,L] requires both mod_rewrite and mod_proxy to be running 1. Forcing www for a domain while preserving subdomains RewriteCond %{HTTP_HOST} ^([a-z.]+)?example\.com$ [NC] RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteRule .? http://www.%1example.com%{REQUEST_URI} [R=301,L] Site has permanently moved to new domain # domain.com to domain2.com RewriteCond %{HTTP_HOST} ^www.domain.com$ [NC] RewriteRule ^(.*)$ http://www.domain2.com/$1 [R=301,L] RewriteEngine on RewriteCond /your/docroot/%{REQUEST_FILENAME} !-f […]

June 19, 2018June 19, 2018 | by Scott Kilroy

Installing apache mod_evasive on ubuntu

apt-get install libapache2-mod-evasive in /etc/apache2/conf.d create file called modevasive with the following: <code> <ifmodule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 10 DOSLogDir /var/log/mod_evasive DOSEmailNotify ADD_EMAIL DOSWhitelist 127.0.0.1 </ifmodule>

June 19, 2018 | by Scott Kilroy

Nginx with certbot

Remember when setting up certbot using nginx to turn off the line in your config that blocks files that start with . This line: location ~ /\. { access_log off; log_not_found off; deny all; } A good guide can be found here https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

June 19, 2018 | by Scott Kilroy

Using netstat

View network traffic (by port number)

VIM guide

Filter duplicate lines from a sorted files

Debugging bash scripts

lowercase filen names

Kill all process associated with a user

Force a user off the system

Linux Security

ssh tips

bashprofile

bashrc

apache – watch httpd for connected clients

apache – test mod_evasive is setup correctly

Apache modrewrite examples

Installing apache mod_evasive on ubuntu

Nginx with certbot

Test ssl setup

Check open ports with nmap

Top GitHub Alternatives to Host Your Open Source Projects