The idea to use PAM (Pluggable Authentication Modules for Linux) to block brute force attacks sounds like a good idea, right? After all, we are using PAM for most of the authentications mechanisms, so adding a module to check against repeated failures would be great. Surprisingly even if this sounded like something normal, I found only one PAM module that was written for this purpose. This is called pam_abl and you can find it here: http://hexten.net/pam_abl

Read the rest of this entry »

After a long time being supported only as beta (and this by CPanel meaning no support at all), CPanel is finally offering full support for PHP5 on all its latest versions – 10.8.2 – (Stable/Release/Current). I have been using PHP5 on some CPanel servers for a long time without any problems, but now probably they will push towards making this the default choice. Still PHP 4.4.2 is the default version that CPanel will install, but I assume that this will change soon. So it might be a good idea to try to upgrade to PHP5 (or start updating your applications to work on PHP5 as this will soon be needed).

We can choose from various versions of PHP5: 5.0.4, 5.0.5, 5.1.2, 5.1.4… Hmm I feel that they could have added some more . My choice was (as I assume most of the peoples will do) the latest version available PHP 5.1.4… Anyway I have not seen any problems on the servers I am using php5 (centos/rhel) besides some application incompatibilities that are being worked on by the developers.

To upgrade your CPanel to PHP5 just use the regular buildapache method. For more details you can see my previous post: “Upgrade php on CPanel/WHM”.

We can use the iptables recent module to write some iptables rules that can block brute force attacks. In order to use this method you need a kernel and iptables installation that includes ipt_recent. If your linux distribution doesn’t include the ipt_recent module or you are using a custom compiled kernel you might need to first include the iptables recent patch that can be found on the author’s website or in the iptables patch-o-matic area. If you are using Debian/Ubuntu you don’t need to do anything special as this is already included in your system.

Read the rest of this entry »

Applies: apache 1.3.x / apache 2.0.x
Required apache module: core/-mod_autoindex
Scope: global server configuration, virtual host, directory, .htaccess
Type: security

Description: How to disable directory indexes.
Useful: to prevent the server from showing a listing of the existing files in case there is no index (as defined by DirectoryIndex) in one folder. In my opinion if you need this enabled then you should enable it only on some particular directory where you need it and disable it server wide. Also it might be useful that in the places you have it enabled to hide any files that need to be private as shown in my previous tip: “Hide a file type from directory indexes“. Read the rest of this entry »

For various reasons, I have to look from time to time at one particular IP and try to find out some information about it. Until I have found out about geoiplookup, this was something like: nslookup to get the reverse of the IP, and then whois to find out more details (maybe also traceroute/mtr, etc.). But now I will always start with geoiplookup as it instantly shows me the location (read country) of the respective IP.

Read the rest of this entry »

If you are in a situation where you sit in front of the console (or on a remote ssh connection) waiting for a Linux software RAID to finish rebuilding (either you added a new drive, or you replaced a failed one, etc.) then you might be frustrated by how slow this process is running. You are running cat on /proc/mdstat repeatedly (you should really use watch in this case ), and this seems to never finish… Obviously that there is a logical reason for this ‘slowness‘ and on a production system you should leave it running with the defaults. But in case you want to speed up this process here is how you can do it. This will place a much higher load on the system so you should use it with care.

Read the rest of this entry »

If you want to look what is inside of an initrd file (don’t ask me why I needed this ), here you can find some information on how you can do that. Depending on what kernel you are using you might encounter various initrd type of files. Read the rest of this entry »

It has passed some time since I have started this blog… In the beginning when there were only a few posts it was really easy to find any of them. But now, with more and more post each day this is getting harder and this will get much worst in the future. I have tried various solutions but I am far from being satisfied with the results…
So what can I do? I am placing this open question to my readers to help me with this issue in case you have better experience with wordpress or with blogging design in general. So if you have any ideas just let me know. Thanks in advance. Read the rest of this entry »

Intel introduced Hyper-Threading Technology (HT) in its line of Xeon processors in 2002. HT Technology enables multiprocessor servers to act as if they had twice as many processors installed. Intel’s HT Technology allows a single processor to handle two independent sets of instructions at the same time. In essence, HT Technology converts a single physical processor into two virtual processors. Currently HT is present in other Intel CPUs besides the high level Xeons, like Pentium 4 (with 800MHz CPU bus speed) or Pentium 4 Extreme Edition and the dual-core Pentium Extreme Edition.
For more details see Intel’s site: http://www.intel.com/products/ht/hyperthreading_more.htm

Read the rest of this entry »

Ubuntu is one of the few Linux distributions out there that will not enable the root account (actually it is the only one I have seen myself, but hey, there might be others that I am not aware of). This is a very good idea and you should probably try to learn to use sudo for daily maintenance. But in case you want to enable root login on your Ubuntu system this little post will show you how you can do that.

Read the rest of this entry »