Finding all subdomains of any specific domain (DNS afxr)
It is possible to get list of all subdomains of any domain name. However, that must be allowed by the DNS Server. This is called AXFR.
Step One: Getting authoritative nameserver(s) from linux shell
dig domainname.com
Now check the output in authority section. Let assume it is ns1.somehost.com. Now use the dig command as follow:
dig @ns1.somehost.com domainname.com axfr
If [...]
Delete some specific files from all subdirectories
Useful unix-command trick to quickly remove i.e. Thumbs.db files, WS_FTP.LOG files or *.fla files, recursively through directories.
It could be a real pain on a huge directory tree
Removing all *.fla files from /home/user/ and subdirectories…
find /home/user/ -name \*.fla -ok rm {} \;
Removing all WS_FTP.LOG files from /home/user and subdirectories…
# find /home/user -name WS_FTP.LOG -ok [...]
Limiting CPU Usages in Linux using cpulimit
You might have already know how to check the CPU usages of any process. However, worried about any process consuming too much CPU? You should know, you can control the CPU usages of any process by CPU limiter. cpulimit is a free software to limit the CPU of any process. Here is the excepts from [...]
fork: resource temporarily unavailable ???
If you are getting Linux error message, Resource temporarily unavailable, it’s because your system is limiting the number of files / processes / CPU that your particular user ID can use.
If you use WHM/Cpanel, enabling the “Shell fork bomb protection” can make the “Resource temporarily unavailable” message appear more often. You may get rid of [...]
Opening ports in the firewall for the Mail Server
There are standard ports that are used to access most services.
For example, accessing a website generally uses port 80 for normal (HTTP) web pages and port 443 for secure (HTTPS) pages.
Smtp
Smtp generally uses port 25 for connections although there are recommendations for port 587 (see the official documentation for details).
Pop and pops
Pop and [...]
Installing Shoreline firewall (Shorewall) in RHEL
Shorewall is the common name for the Shoreline firewall, a “wrapper” for IPTables that will handle all the heavy lifting for you by simplifying the tasks. This article will get you started, showing you how to get Shorewall on your system.
Installation
Now then, I have good news and bad news for you. The bad news [...]
Using Google’s public DNS service as resolvers in your server
Google recently introduced this service. You can use this service as resolver for your server.
Login to your server as root
Background current resolver settings:
cp /etc/resolv.conf /etc/resolv.conf.backup
Open the file using vi:
vi /etc/resolv.conf
Remove the current entries by pressing dd
Put the following lines in the file:
nameserver 8.8.8.8
nameserver 8.8.4.4
Save the file and exit (press ).
You are done!
Read this for [...]
Install and configure munin (and munin-node) for Server Monitoring
Munin is an efficient and lightweight Monitoring tool. Its available in ’server’ and ‘node’ packages. You can install server in a single machine and node in all other machines and then view all information/statistical data in server machine.
This quick copy and paste howto explains steps needed to setup server and multiple nodes. These steps are [...]
DDOS Protection using APF firewall
Following are steps that will configure your APF firewall on your server :
> Open /etc/apf/ad/conf.antidos
> Change LP_KLOG=”0? to LP_KLOG=”1?
> CONAME=”Your Company” ( Enter Companies Name )
> Change USR_ALERT=”0? to USR_ALERT=”1? ( 1 only if you need alerts for emails )
> USR=”you@yourco.com” ( Enter the Email Address )
> Execute : crontab -e
*/2 * * * * [...]
Common iptables command, cheatsheet
#!/bin/sh
#File: /etc/rc.d/rc.firewall
# Immediately log and drop any known abusive IPs
iptables -A INPUT -p tcp -s 87.118.104.44 -m limit –limit 1/minute –limit-burst 10 -j LOG –log-prefix “[DROPPED_NODE]“ –log-level 4
iptables -A INPUT -p tcp -s 87.118.104.44 -j DROP
# Allow from any to any on 127.0.0.1/32
iptables -A INPUT -s 127.0.0.1/32 -j ACCEPT
iptables -A OUTPUT -s 127.0.0.1/32 [...]
