Showing posts with label Red Hat. Show all posts

Saturday, 27 September 2014

How to check your Bash shell is vulnerable or not For Bash Code Injection in Linux

10:22 Unknown No comments

Jai Hind Friends I am DeadManINDIA from 1ND14N H4X0R5 T34M (IHT) here to serve my services.

We are :- EagleShadow,NullPort_Govind,Grey-Noob,SPy-Hunter,Mr.R@66!T,
X-ManINDIA,Karate-Katrina.

love to :- Mom & Dad

So friends today i am here to tell you something which i learn new .There are a bug viral in IT market thats called Bash Code Injection vulnerability.So I am tell to you here how to check our bash shell is vulnerable or not .

Lets start :-

We run this command in our terminal and then we will find some errors .

# env 'x=() { :;}; echo this is vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test"

if you found this output which is shown in this image then you bash is vulnerable.

Another way to check is this

run this command in you terminal
# cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo

in this case when you run this command then a file is created in the /tmp/echo in this file time and date is saved if your bash shell is vulnerable.

Now if you want to fix or patch this vulnerability then update your bash shell. with these versions. Say Jai Hind or Jai Bharat if this is helpfull for you

Red Hat Enterprise Linux 7	bash-4.2.45-5.el7_0.4	Red Hat Enterprise Linux
Red Hat Enterprise Linux 6	bash-4.1.2-15.el6_5.2	Red Hat Enterprise Linux
	bash-4.1.2-15.el6_5.1.sjis.2	Red Hat Enterprise Linux
	bash-4.1.2-9.el6_2.2	Red Hat Enterprise Linux 6.2 AUS
	bash-4.1.2-15.el6_4.2	Red Hat Enterprise Linux 6.4 EUS
Red Hat Enterprise Linux 5	bash-3.2-33.el5_11.4	Red Hat Enterprise Linux
	bash-3.2-33.el5_11.1.sjis.2	Red Hat Enterprise Linux
	bash-3.2-24.el5_6.2	Red Hat Enterprise Linux 5.6 LL
	bash-3.2-32.el5_9.3	Red Hat Enterprise Linux 5.9 EUS
Red Hat Enterprise Linux 4	bash-3.0-27.el4.4	Red Hat Enterprise Linux 4 ELS

How to change the root login shell In Red Hat

10:05 Deepak Saini No comments

Jai Hind Friends I am Deepak Saini here today we will disscus on the root log in shell.

Lets Start :-

No login Shell :- To prevent users from logging in directly as root, the system administrator can set the root account's shell to /sbin/nologin in the /etc/passwd file.

Disabling the Root Shell
Effectes :-

Prevents access to the root shell and logs any such attempts. The following programs are prevented from accessing the root account:

login
gdm
kdm
xdm
su
ssh
scp
sftp

Dose not Affect :-

Programs that do not require a shell, such as FTP clients, mail clients, and many setuid programs. The following programs are not prevented from accessing the root account:

sudo
FTP clients
Email clients

Setups:-

1 Open the /etc/passwd file with vim editor or other i m using vim.

syntax:- vim /etc/passwd

2 Now press i for insert mode in vim editor.Now change the shell /bin/bash into /sbin/nologin

Now save the file in vim we use
press ESC and the :wq for Save

My friend test it on ssh thats proof

this proof by DeadManINDIA :P from IHT

Jai Hind Jai Bharat

How to install Nmap in RedHat Linux

19:46 Deepak Saini No comments

Jai Hind I am Deepak Saini Today I am again on Dead bro House On IHT_LAB. And today I will explain how to install the nmap in the red hat.

Setups:-
1 Configure the Yum server on your red hat linux id you don't know the read from here .

2 Now run this command .
Syntax:- yum install nmap

Now it will ask to install or not the enter the capital Y and press enter

Now your nmap is installed and now use and enjoy open source.
If you like this tutorial then once say (Jai Hind Jai Bharat)

How to disable Root ON ssh In Red Hat

19:53 Deepak Saini No comments

Jai Hind friends I am Deepak Saini With Dead bro Today i will show you how to disable the Root ON ssh.

Love to :- Mom and Dad
Speacial thanks to :- DeadManIndia ,Null_Port_Govind.

Lets start its not a big deal its too easy .

Setups :-
1 Open the sshd_config file from the ssh directory.llike this
syntax:- vim /etc/ssh/sshd_config

2 Now uncomment this line 43 and convert yes into no which one i show you in this image.

3 Now restart the service sshd by this command.
Syntax:- service sshd restart

now DeadManIndia Give the image of permission denaied erron on IHT_LAB Thanks for supporting bro.

if you like tutorial the must say Jai Hind Jai Bharat Once

How to set the mail notifier on ssh in Red Hat Linux

00:07 Deepak Saini 2 comments

Jai-Hind TO all I am Deepak Saini Here again and make an intersting tut on ssh may be it helpfull for you speacially hackers.IHT_LAB pe Rh ke hum bhi kuch shik jayege :)

Love To :- Mom and Dad
Specail thanks to :- DeadManIndia,Null_Port_Govind

Lets start its not a big deal we are using some code of bash scripting and easily take a main on our mail addresss when anybody login in our server and open terminal or take access threw ssh.
Setups :)
1 Open the file threw vim editor or other editor i m using gedit in my case
file path :- /etc/bashrc

2 the at end of the file paste this code and save
rootalert() {
echo 'ALERT - Root Shell Login'
echo
echo 'Server: '`hostname`
echo 'Time: '`date`
echo 'User: '`who | awk '{ print $1 }'`
echo 'TTY: '`who | awk '{ print $2 }'`
echo 'Source: '`who | awk '{ print $6 }' | /bin/cut -d '(' -f 2 | /bin/cut -d ')' -f 1`
echo
echo
echo 'This email is send by Mr.Deeak saini system :P.'
}
rootalert | mail -s "Alert: Root Login [`hostname`]" youremaiid@gmail.com
And save the file and then access the ssh threw putty or other client then you check the mail in spam and your work is done.

Proff when my friend DeadManIndia access my redhat system then i got mail.

Thanks for reading
Jai-Hind Jai Bharat

How use Disk Usage Analyzer in Red Hat

00:27 Deepak Saini No comments

Jai-Hind Friends I am Deepak Saini and today we will disscuss on the Disk usage analyzer in red hat.

Speacial thanks for :- DeadManINDIA ,Govind Singh
Love to :- Mom and Dad.

Lets start :-
It is easy to use because we are using a grapically software .This is inbuilt souftware in red hat .

Setups :-
1 Open the software form Application --> System Tool --> Disk Usage Analyzer.

2 Then Start first option Scan home what I find i show you in next picture.

3 Now If you Want to scan the filesystem then click on 2nd option like this

4 If you want to scan any directory then click on next option like folder icon then select the any folder and scan thats it.

We can scan online server directory by this tool
I think other options you should try yourself.
Jai -Hind Jai Bharat

How to make RSA keys for access SSH in Linux :)

00:37 Unknown No comments

Jai Hind Friends I am DeadManIndia here form 1ND14N H4X0R5 T34M(IHT)

We are :- EagleShadow,X-ManIndia,Null_Port_Govind,Karate-Katrina,Grey-Noob,Haxor-Rahul,Mr.R@66!T.

Love To :- My Mom & Dad <3

SO lets start how to use key for login.

I am using Kali Linux and RedHat for this.

Setups:-

1 Make rsa keys for authentication not a big deal like this.
syntax:- ssh-keygen -t rsa

In this image we saw here write down the path of the file in which the key is save if we want to change this so we can easily change this in my case i use default.

Now we saw this passphrase this key is like password if you want to insert this in my case did't use it.
We face this line twice in this process in 2nd time it said insert the same passphrase. if you use it then insert same key.

2 Now confirm you keys are generate or not form here .
Syntax:- cd .ssh
Syntaz:- ls
see this image

Jai Hind Jai Bharat

How to set the banner in ssh service in RedHat or CentOS

02:21 Deepak Saini No comments

Hello Friends I am Deepak saini and we will make some fun with ssh but good so i post it here.

How to change or set the banner on ssh.

Setups:-
1 Go into the ssh directory path is here /etc/ssh/

2 Make a file set name any in my case i se ssh_banner which you can see in image above.

3 Now edit the config file of ssh sshd_config and give the path of the banner file.
4 Restart the service and then connect with the other computer in this case DeadManIndia help me to confrim this.
Syntax:- service sshd restart

confirmation image is here by me Dead

SSH Features

12:11 Unknown No comments

1. SSH Tunneling

This is the processt thatallows an SSH server to become a proxy server. It then allows a local system to send information through a secure SSH server. For example, consider that you're connected to a public WiFi. You can get a lot of any prying by passing your browsing traffic through a secure SSH server.

ssh -D 9999 -C user@host

2. SCP File Transfers

The scp or secure copy command allows you to transfer files between a remote system running an SSH server and your local system.

scp /path/to/local/file user@host:/path/to/destination/file

3. Mounting Remote Directories

The SCP process for file transfers being tedious, it is often much better to just use SSH when viewing files from a remote folder. I you're using Ubuntu then the software requirded will be available by default alongside the GNOME desktop. In others you will ahve to download autilus (the software for Ubuntu) or some other.

4. Preserving Terminal Sessions

The GNU screen helps you accomplish this. What happens usually is that when you logout of an SSH sessions, you will have to set up the connection all over again. On the other hand, this utility lets you preserve a terminal session even after logging out.

ssh -t user@host screen -r

5. Visualising Key Fingerprints

When an SSH session is started, it shows a secure 'key', unless the system is known already. This key proves that the remote device you're connecting to is not an imposter. But, remembering a 16 digit key is really difficult, so you can turn on the virtual host key feature from the SSH config file.

ssh -o VisualHostKey=yes user@host

Top Ten Linux Distros

10:29 Deepak Saini No comments

1) Red Star OS
Red Star OS is being developed as the officially approved operating system of North Korea, seemingly on the request of Kim Jong-Il, who is the country's leader. Based on the familiar KDE 3.x, it has added touches such as the Woodpecker antivirus software and the Pyongyang Fortress firewall.

2) MuLinux
This is a small distro, perhaps in the same vein as Puppy or Damn Small Linux. MuLinux needs 20MB hard disk space and 4MB RAM, and will be powered by an Intel 80386 processor or advanced version. Mu might lag behind in terms of productivity if you compare it with modern machines, but if you own a 25-year-old machine that you want to save from the waste, it's certainly the distro you should try.

3) Ubuntu Satanic Edition
Ubuntu sequels are ten-a-penny, but it seems the creators of Ubuntu SE have gone overboard to please The Dark One. The dark theme and assortment of background images is the most apparent change, but sound effects and startup jingle have also been altered.

4) GoboLinux
This one is meant for techies and what distinguishes GoboLinux from the rest is its filesystem layout. Majority of Linux distros use an ancient non-arrangement wherein an application's files are speckled around your hard drive in multiple folders. GoboLinux implements an OS X-like approach and stores all files linked with an application in a single folder in /Programs.

5) GNewSense
Those, who like software freedom, would like GNewSense. The distro is based on Ubuntu, but has removed all non-free software, such as those devious non-free driver files that are loaded into the Linux kernel. Unluckily, majority of these blobs are actually drivers for wireless networking cards, so it’s perhaps not the best distro for laptops. If you look at the plus side, distro has removed or renamed software that doesn't fall in the Free Software Foundation's definition of freedom.

6) Sabily/Ubuntu Christian Edition
Previously termed as Ubuntu Islamic Remix, Sabily is actually Ubuntu with extra Islam. It has adopted an Islamic theme with so much green, even the Applications menu has been extended to embrace a selection of Quran study/prayer-time software, Ubuntu Christian Edition has religious study tools and enhanced web filtering.

7) Yellow Dog
First released in the late 90s for Apple PCs, it was based on the PowerPC chip architecture. Yellow Dog was liked by people who wanted a way to think differently. Then, Apple deserted PowerPC in support of Intel chips, which are still being used. Yellow Dog re-invented itself after a change of ownership as an OS to deliver high-performance multicore computing experience.

8) Mikebuntu
This distro is packed on the free DVD with additional PDFs and software, along with extra desktop environments and plenty of options.

9) Gentoo
Gentoo - or Linux For Masochistsis is probably the distro that will not be liked by sluggish majority for the simple fact that you have to hoard it yourself. Not just apps, rather the whole thing, including the kernel of your recent distro is taken for granted by majority of peple. So, go and grab a cup of coffee before you try to install it.

10) Scientific Linux
Windows has continued to dominate the desktop as Linux doesn’t seem up to the job technically. But, the fact can be easily contested by the cleverest people on the Earth- the scientists who are looking for clues about the beginning of the universe. They use Scientific Linux at the CERN laboratories, which is based on Red Hat. Virtually, anyone can download and install this distro on their machine.

SSH hacks

12:50 Unknown No comments

Secure Shell (SSH) is widely used by network administrators to control Web and other kinds of servers remotely. The UNIX-based command interface and protocol can also be used to tunnel your traffic, transfer files, mount remote file systems, and much more. We have compiled here a list of 10 awesome SSH Hacks.

1.Giving SSH keys unique names

Particularly useful when you're administering a number of remote computers. You can name the SSH keys anything you want.

2.Putting long commands in text files

In this way you can use your long command to log in and run on a remote PC:

xyz@local:~$ ssh user@remotehost "'cat filename.txt'"

Do not use fancy quotations copied from some Web page. Use back-ticks instead of single apostrophes.

3.Logging in and running a command in one step

When powering off a remote computer for instance, you can log in and run the command in one step:

xyz@local:~$ ssh user@remotehost sudo poweroff

4.Launching a remote screen session

This is how you do it:

host1 ~ $ ssh -t user@host2 /usr/bin/screen -xRR

5.Viewing all fingerprints and randomart images in known_hosts

View them all in your ~/.ssh/known_hosts file:

$ ssh-keygen -lvf ~/.ssh/known_hosts

6.Retrieving the fingerprint and randomart image of an SSH key

Here's how you do it:

$ ssh-keygen -lvf keyname

7.Logging in with server-specific keys

Here's how you do it:

$ ssh -i .ssh/web-admin.pub user@webserver

8.Fast easy known_hosts key management

Here's how you can do it:

$ ssh-keygen -R remote-hostname

9.Reading public key comments

Here's how you can do it:

$ less .ssh/web-admin.pub

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1

[snip] KCLAqwTv8rhp downtown lan webserver

10.Giving SSH keys informative comments

Here's how you can do it:

$ ssh-keygen -t rsa -C "downtown lan webserver" -f .ssh/web-admi

Linux Antivirus (clamav, freshclam, clamscan, clamtk)

12:11 Unknown No comments

Linux Antivirus (clamav, freshclam, clamscan, clamtk)

There are a number of commercial antivirus products available for Linux, but ClamAV is free and is easily installed on Fedora and Enterprise Linux distributions.

Installation
Update Virus Definitions (freshclam)
Performing Scans (clamscan)
ClamTk GUI

Installation

The installation of ClamAV is simple, regardless of the distribution you are using. For the basic ClamAV installation, simply use the following command.

# yum install clamav

The clamav package is part of the Fedora repository, but for Enterprise Linux distributions (RHEL, Oracle Linux, CentOS or Scientific Linux), you will need to enable the Extra Packages for Enterprise Linux (EPEL) yum repository before installing the package mentioned above. Use the relevant link to get the package to add the repository.

Edit the "/etc/freshclam.conf" file, commenting out the word "Example" on line 8.
Once installed you will be able to update the virus definitions using the freshclam command and initiate scans using the clamscan command.

Update Virus Definitions (freshclam)

Once ClamAV is installed you will need to update the virus definitions. This is done using the freshclam command.

# freshclam

This will need to be done on a regular basis, so it would be sensible to schedule it by including it in the crontab for the "root" user. The text shows a possible crontab entry to refresh the virus definitions every day at 10:00.

# Update ClamAV virus definitions
0 10 * * * /usr/bin/freshclam

Performing Scans (clamscan)

Scans are initiated from the command line using the clamscan command, as shown below.

# # Scan a specific file.
# clamscan /tmp/test.txt

# # Scan the contents of a directory.
# clamscan /u01

# # Scan the contents of a directory and all sub-directories.
# clamscan -r /u01

Regular scans can be scheduled by including these commands in the "root" users crontab. An example entry is shown below scans the "/u01" directory every day at 11:00.

# AntiVirus scan.
0 11 * * * /usr/bin/clamscan --detect-pua -i -r /u01 --log="$HOME/.clamtk/history/$(date +\%b-\%d-\%Y).log" 2>/dev/null

The clamscan command has many options to tailor the action of scans, so check the man pages.

ClamTk GUI

ClamTk provides a GUI front end for ClamAV. On Fedora it is installed using the following command.

# yum install clamtk

Remember to run ClamTk as the "root" user, either directly or using sudo.

# clamtk &

or

$ sudo clamtk &

The GUI is fairly self explanatory.
ClamTk

Antivirus in Linux Distros

11:55 Unknown No comments

Debian

The Debian packages are maintained by Stephen Gran. ClamAV has been officially included in the Debian distribution starting from the sarge release. Run apt-cache search clamav to find the name of the packages available for installation.
Unofficial packages are available through the Debian volatile project (AMD64 arch is also supported). They are usually more recent than official ones and they are maintained by Stephen Gran too, so they follow the same layout as the official ones. Here is a blurb from the Debian volatile project home page:
‘’Some packages aim at fast moving targets like spam filtering and virus scanning, and even via using updated virus patterns, this doesn’t really work for the full time of a stable release.
The main issue of volatile is to allow system administrators to update their systems in a nice, consistent way without getting the drawbacks of using unstable, even without getting the drawback for the selected packages.’‘
If you are running Lenny, we recommend that you use one of the Debian volatile repositories to keep your ClamAV installation updated on your system.
Always choose the mirror closest to you.
Edit /etc/apt/sources.list and add a line like this to it:
deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free
Then run apt-get update; apt-get install clamav
If you need clamd, you may also want to run apt-get install clamav-daemon
If you are running squeeze (Debian 6.0) or newer use:
deb http://ftp.XX.debian.org/debian squeeze-updates main contrib non-free
Replace XX with your country code.

Ubuntu

The Ubuntu packages are maintained by Ubuntu MOTU Developers. ClamAV has been officially included in the Ubuntu distribution since the first Ubuntu release. Run apt-cache search clamav to find the name of the packages available for installation.
There are two classes of clamav packages available for Ubuntu users:
The released set (release, *-updates, and *-security) are patched for security updates. Following extensive testing of clamav and the packages that use it in the backports repository, they may be updated to a newer version. These are official Ubuntu packages and supported by community developers.
The Ubuntu backports repository will contain the newest clamav version that has been at least lightly tested to work with that version. These packages can be installed by enabling the backports repository in your system. These are official Ubuntu packages and supported by community developers.

SUSE

ClamAV is included in the openSUSE distribution and in Novell’s SUSE Linux Enterprise products. The packages are maintained by Reinhard Max.
RPMs of new ClamAV versions for existing SUSE products are provided through the respective online update channels.
As these packages have to go through QA, it usually takes some days from a new ClamAV source release to the appearance of these “official” RPMs. For those who want or need the new version earlier and can dispense with the QA, the latest state of the packages is available from the security project in the openSUSE Build Service.
To use these packages, pick the subdirectory for your SUSE version from http://download.opensuse.org/repositories/security (use the _update variant for openSUSE), add it to your installation as another repository using YaST or zypper and give it a higher priority (lower number) than the repository that delivers the official updates.

RedHat and Fedora

A very good repository is maintained by Dag Wieers dag at wieers*com:
http://packages.sw.be/clamav/
Make sure to read the FAQ before attempting to install the package.

Mandriva

Official Mandriva packages for cooker and supported updates (2006.0 and newer) are maintained by Oden Erikkson. For updates, use the software package manager or urpmi:
urpmi.update—update
urpmi—update—auto clamd
Unofficial packages for current and several older Mandriva distributions are maintained by Bill Randle and are available from his web server.

Gentoo

ClamAV is available in portage under /usr/portage/app-antivirus/clamav. If you run:
emerge clamav
you will install the version of ClamAV that Gentoo considers stable.

Pardus

Official packages are maintained by Ali Erdinc Koroglu
You can install ClamAV directly from the Package Manager or run:
sudo pisi it clamav

How to share yum repository threw HTTP sharing

02:16 Deepak Saini No comments

Hello Friends I am Deepak Saini Today we will discus on the yum repository threw HTTP sharing.
Setups:-
ON server
1 1st of all we are prepare our http sharing .So 1st we are configure the http sharing.
1.1 Install the httpd package with dependencies .
Syntax:- yum install htpd

   In this i am install the httpd threw yum server if you are not know about read from here
1.2 After package installation we are start the service.
   Syntax:-service httpd start
1.3 Now we are going to trun on the service in all runlevels.
Syntax:-chkconfig httpd on
1.4 Now our server is ready to share any file or directory threw http.
1.5 We are creating the two directory one s

2 Now we are copy the package from the cd drive and put in the /var/www/html/
Syntax:-cp /media/<Disk name >/Packages/ /var/www/html/

3 Now We are confgure the yum server which i configure before it So i not configure.
   Major changes in the Yum.repo file and nothing big changes in this
4 Now we are create yum repo file in the same directory /etc/yum.repos.d/yum.repo
   In this case we are delete our local.repo file.Otherwise our server not work.
Syntax:-vim /etc/yum.repos.d/yum.repo
               [client]
   baseurl = file:///var/www/Packages/        (Path where our repo data placed)
               enabled = 1
   gpgcheck = 0
then press Esc button and :wq for saving.

On client side
1 We are not do many thing on client side just change in the yum.repo file.
Syntax:- vim /etc/yum.repos.d/yum.repo
   [client]
   baseurl = file:///<your server ip >/Packages/        (Path where our repo data placed)
               enabled = 1
   gpgcheck = 0
then press Esc button and :wq for saving.

server ip like 192.168.0.100 like which your pc ip where you share yum repo data.

2 Now check your yum list.
Syntax:- yum list all

if this command run then your server is running otherwise not.
Thats all

Thanks for Reading and sorry for My R.I.P english Jai hind _/\_
if any prblm then comment and we are trying to solve your prblm
Greetz :- Govind singh ,DeadManINDIA

How to share Yum Repository threw FTP server

03:07 Deepak Saini No comments

Hello Friends I am Deepak Saini Today I Trying to explain the yum repository threw FTP server
So lets Start.
Setups:-
1 1st of all we are configure the FTP server .
If you not know how to configure then read from here FTP server

2 Then same as nfs we are install the cd and copy the package directory from cd to /var/ftp/pub
Syntax:-cp /media/<cd name>/Package /var/ftp/pub/
In this we are copy the Package from the cd drive to /var/ftp/pub directory.

3 Now we are going to install the create repo packages to create repo data.With the all dependencies.
   Syntax:-rpm -ivh createrepo-0.9.8.-4.el6.noarch.rpm.

Dependencies
1. deltarpm-3.5-0.5.20090913gt.el6.86_64.rpm

2     python-deltarpm-3.5-0.5.20090913git.el6.86_64.rpm

First we are install these dependencies.

After creating the repo data we are going for restart the ftp server or service.
Syntax:-service vsftpd restart

5 Now we are on the service in all runlevels.
Syntax:-chkconfig vsftpd on

6 Now we are going for create the repo file in the /etc/yum.repos.d/yum.repo
Syntax:- vim /etc/yum.repos.d/yum.repo

               [client]
   baseurl = file:///var/ftp/Package/        (Path where our repo data placed)
               enabled = 1
   gpgcheck = 0
7 In the last we are list all check the repo data
Syntax:- yum list all

Client side
1 We just create rpo file in the /etc/yum.repos.d/yum.repo
Syntax:- vim /etc/yum.repos.d/yum.repo

         [client]
   baseurl = ftp:///192.168.0.15/Package (Ftp server ip and directory where our repo data)
          enabled = 1
   gpgcheck = 0
2 Now we are list the repo data
Syntax:- yum list all

Now our server works:)

Thanks For reading and Sorry for my R.I.P english Jai Hind._/\_

How to share the yum repository threw NFS on Red Hat Linux

07:31 Deepak Saini No comments

Hello Friends I am Deepak Saini and today we are discus on Yum Repository.

1st of all Why we are use yum repository.
We are using the yum repository for installed and security updates fix on multiple systems in our local network this is a efficient way.Because all packages are download the fast speed on your local LAN connection and local server.

The ways how we share the yum repository.
1 NFS server
2 Ftp Server
3 Http share

So Lets start :)

1 How to share the yum repository threw NFS server .

Setups :-

1 1st of all we need all packages in a directory on our server or system which threw we are sharing yum repository.
So we are install the Rhel6 cd in our server and then copy the package directory from cd.
Syntax:- cd /media/<Rhel6 cd name>
Syntax:- ls

First of all we are going into the cd and then list the content for finding Package directory .
Now we are copy the directory on you system anywhere.
Syntax:- cp Package /root/Desktop/
In my case i am copy the package directory on the desktop.

2 Now we are going to install the createrepo packages to create repo data.With the all dependencies.
Syntax:-rpm -ivh createrepo-0.9.8.-4.el6.noarch.rpm.

Dependencies
1. deltarpm-3.5-0.5.20090913gt.el6.86_64.rpm

2 python-deltarpm-3.5-0.5.20090913git.el6.86_64.rpm

First we are install these dependencies.

3 Now we are going to create repo data.
Syntax :- createrepo -v /root/Desktop/Package/
in this createrepo is command and - v for verbose and /root/Desktop/Package is our path where packages are store.

4 Now times come when we are sharing the repo data threw NFS server.
So Now we are entry in a file /etc/exports
We are enter the line /root/Desktop/Packages/ 192.168.0.0/255.255.255.0 (rw,syn) like this

is my case and our data is share But some conditions are apply 1st of all nfs is working on your server then your able to share threw nfs.

5 Now we are going to restart our nfs server.
Syntax:- service nfs restart

6 Now we are on the service in all runlevels.
Syntax:-chkconfig nfs on

7 Now we are stop the iptables service .
Syntax:-service iptables stop

8 Now we are going for stop iptables in all runlevels.
Syntax:-chkconfig iptables off

Now Server work is over .

On client side
On client side We are using some command .

1 showmount -e 192.168.0.15
In this we are search the mounting directory on server which one we share on network.
From server.

2 mount 192.168.0.15:/root/Desktop/Package /root/Desktop/

In this we are mount the shared directory on our local system and 1st path is server and second is our local system.

3 Now we are creating or local.repo file like this /etc/yum.repos.d/local.repo.
We just change the base url in this case.
Syntax:- cat /etc/yum.repos.d/local.repo
   [client]
   baseurl = file:///root/Desktop/Package/        (Path where our repo data placed)
               enabled = 1
   gpgcheck = 0
   (ctrl D for save the file )

Thanks for reading and Sorry for my R.I.P English Jai Hind Dedicate to DeadManIndia and Govind Singh _/\_ seniors help me to improve my knowledge

As I noted in my previous tutorial about local repository, if you have to installed software, security updates and fixes often in multiple systems in your local network, then having a local repository is an efficient way. Because all required packages are downloaded over the fast LAN connection from your local server, so that it will save your Internet bandwidth and reduces your annual cost of Internet. - See more at: http://www.unixmen.com/setup-local-yum-repository-on-centos-rhel-scientific-linux-6-4/#sthash.5k9AgJUM.dpuf

Some configurations of Ftp Server Which are usefull for you

03:31 Deepak Saini No comments

Hello friend I am Deepak Saini and today i m telling some tricks which are helps you to secure Ftp server.

Some configuration:)
1 How to change the default umask on files or directories which are created by users or anonymous user in pub.

2 How to manage the logs of file uploading and downloading.

3 How to manage the change directory message Users when they change the directory.

4 How to mange port 20 for transfer on ftp server .

5 How to change user or owner of files which uploads by anonymous.

6 How to change the default timeout limits on idle or data connection or session.

7 How to change the Banner of ftp server

8 How to banned email address

Many more configuration in this files so other try you by yourself

Lets start
1 How to set umask on directories and files whose created by the users
Setup:-
We are edit the same files vsftpd.conf
Syntax:-vim /etc/vsftpd/vsftpd.conf
For this we are change the umask value of in the file which is default 022.

In this image where is my pointer there by default value is 022 but now i am changed it and write different and its work.

2 How to Manage the Logs uploading and downloading on ftp server

Setups
We are working on a file in ftp for manage all most things.
Syntax:- vim /etc/vsftpd/vsftpd.conf
this is the file which is config file of ftp server and now we are going to some edit for managing logs of uploading and downloading.
By default losgs are create but if you want to disable the logs creation Then .
We are edit this line

where is my pointer this is the line which one we are little edit by default here is yes and your logs are created and when you enter her NO the logs are not create for upload and download.

3 How to manage the change directory message Users when they change the directory.
In this topic friends when a ftp user change the directory the a message come directory changed
default this is on and messages comes when we are change the directory.But if we want the message not come when user change the directory then we are change the YES into NO how i change in this image.

Same my pointer shows you where i change the value :)

4 How to mange port 20 for transfer on ftp server .
Setup:- In this we are stop the service to connect on the port 20 and for this we are change the same in vsftp.conf file then our work is done.Default it is yes we are change it no if we want to stop connection on port 20

5 How to change user or owner of files which uploads by anonymous.
Setup:-In this we are change the owner of the files which are uploaded by the anonymous user
But in this configuration one condition we are not able to make owner root of the anonymous files
By Default this is disable and If we want this then we are make some change in the config file
1 We are uncomment the line and enter the user name see in the img below.

In this image we are showing which line are we uncommented and enter the users name like deepak i am enter in my case who is the replacing the owner at the place anonymous.

6 How to change the default timeout limits on idle or data connection or session.
Setup:- In this we are set the time out of idel or data connection and session time out
1st of all we are uncommented the line and then set the value by defaults these are commented
If we want to start the time out on those sessions and connection the er are applly this method .
This image shows you which lines are changed.

7 How to change the Banner of ftp server.
Setup:- In this we are change the banner. Banner is the line which is comes when are connected and login in the ftp server then a line comes Welcome to Ftp server like this .We are going to change this line.
We are change in the which show in this image my pointer show this

In this I change my name like Welcome on Deepak Ftp server like this .first we are uncomment the line.

8 How to banned email address.
Setup:- In this we are banned the email id on ftp server . 1st we are uncomment the lines in which banned email id explain.And then we are make a file in vsftpd directory banned_emails then we entry in this file banned emails and then our configuration work.
I upload two images for this.

Thanks for reading and sorry for my R.I.P english Jai Hind
Greets to DeadManINDIA and Govind Singh

How to Download and upload files on Ftp Server And How to enable uploading on ftp server :)

21:45 Deepak Saini 1 comment

Hello Friends I am Again Deepak Saini and Now we are going two Thing
1 File downloading and uploading
2 How to enable uploading

1 How to Download and upload file from client side
Lets start
Its not a big deal we are using to commands for this
1 First of all we are connect our ftp server
Synatx: ftp < server ip address >
   username:-< Your user name>
   password:- <Your password>

2 Get   command is used for downloading on ftp server
Synatx:- ftp> get <file name>
in this get is our command and file name is the name which we want to download

3 How to download multiple files at one time
Syntax:- mget <file name 1 > <file name 2> <file name 3>
In this we are download multiple file in one time

4 How to upload file on ftp server
Syntax:- put <file name >
in this put is the command and file name is the name which one u want upload

2 How to enable uploading on Ftp Server

Setups
1 First of all we are change the permissions of /var/ftp/pub for others we are giving full access.
Syntax:- chmod 777 /var/ftp/pub
here chmod is our command which is using for change the permissions and 777 are permissions for full permission for all.

2 Now we are going for some editing in the /etc/vsftpd/vsftpd.conf our ftp config file using vim editor in my case you use which one you want .
Syntax:- vim /etc/vsftpd/vsftpd.conf

In this we are edit the config file of ftp server and we are uncomment the line no 27 in this line anon_ upload_enable = yes this one is the line

3 Now we are going to next setup and fin the boolean of ftp
Syntax:- getsebool -a | grep ftp

By the help of this command we are get the all booleans of FTP .

4 Now we are change the value or on the boolens which we need in uploading
Syntax:- setsebool -P allow_ftpd_full_access 1
Syntax:- setsebool -P allow_ftpd_anon_write 1

In the setsebool is our command and -P for chage the value and allow_ftpd_full_access and allow_ftpd_anon_write are our boolens which value we are going for change and 1 is for on the boolean.

5 Then we are going for restart the service.
Syntax:- service vsftp restart

Now we and our anonymous user able to upload on the ftp server.

Thanks for reading and sorry for my R.I.P english Jai Hind Dosto _/\_

How to allow Anonymous user to create directory in Pub and How to disable anonymous user on ftp server

22:00 Deepak Saini No comments

Hello Friends I am again Deepak Saini And now we are again discus on Ftp server something new

Again we are discus two topic in this
1 How to allow the anonymous user to create directory
2 How to disable Anonymous account on Ftp server
Lets Start
1 How to allow the Anonymous user to create directory on ftp server
Setups
1 First of all we are change the directory and come in the vsftpd main directory
Syntax:- cd /etc/vsftpd

2 Now we are list the content and find the config file of vsftp.conf of ftp server
Syntax:- ls

3 Here we got our file vsftpd.conf and now time come to edit that file again
Syntax:-vim vsftpd.conf

Now we are going to uncomment the line 31 anon_mkdir_writes_enable=YES this is the line
4 Now we are restart the service and our anonymous user able to create the directory on ftp server
Syntax:- service vsftpd restart
Complete one

Now 2nd one
2 How to disable anonymous user on ftp server
Setups
1 First of all we are change the directory and come in the main directory of ftp server.
Syntax:-cd /etc/vsftpd

2 Now we are find the vsftpd.conf file in this directory.
Syntax:-ls

3 Now we are edit the vsftpd.com.
Syntax:- vim vsftpd.comf

In this we are change the anonymous_enable=YES replace by anonymous_enable=NO

4 Now restart the service ftp.
Syntax:-service vsftpd restart

Now task complete

Thanks for reading and sorry for my R.I.P english Jai Hind _/\_

Saturday, 27 September 2014

Saturday, 19 July 2014

Thursday, 10 July 2014

Wednesday, 9 July 2014

Tuesday, 8 July 2014

Saturday, 5 July 2014

Friday, 4 July 2014

Thursday, 3 July 2014

Sunday, 8 June 2014

Tuesday, 3 June 2014

Friday, 25 April 2014

Tuesday, 8 April 2014

Linux Antivirus (clamav, freshclam, clamscan, clamtk)

Installation

Update Virus Definitions (freshclam)

Performing Scans (clamscan)

ClamTk GUI

Debian

Ubuntu

SUSE

RedHat and Fedora

Mandriva

Gentoo

Pardus

Friday, 7 February 2014

Thursday, 6 February 2014

Saturday, 1 February 2014

Friday, 24 January 2014

Thursday, 23 January 2014

Wednesday, 22 January 2014

Social Profiles

Popular Posts

Thanks For visitors