Most Linux distributions ship with tcp_wrappers “wrapping” all your TCP services. A tcp_wrapper (known asÂ /usr/sbin/tcpd) is invoked from/sbin/inetdÂ instead of the real service, such asÂ telnetÂ orÂ ftp.Â tcpdÂ then checks the host that is requesting the service and either executes the real server or denies access from that host.Â tcpdÂ allows you to restrict access to your tcp services. You should make [...]
Itâ€™s never happened to me, but Iâ€™m sure itâ€™s happened to others. The root password is gone. Forgotten. Changed maliciously. Mysteriously gone. TheÂ LinuxÂ Gazette has a great article on the three most common ways to deal with this situation. Itâ€™s important to note that thereâ€™s no way to actually recover the password, but you can change [...]
Unfortunately, there is no such things as a standard Linux installation. The wide variety of servers available, coupled with each particular distribution’s installation options, make providing a ready made list impossible. The best that can be done is show you how to list all running services, and point you in the right general direction. Now [...]
It is a CMS (Content Managment System) that integrates in its inside all the instruments that are used to create a site/portal of information (meant in broad sense). Given the immense number of present functions in the installation and in an even greater quantity of modules developed from third parties, the system is also adept to the management of
E-Mail delivery can be invoked by issuing the command “sendmail -q”. For those who are interested in what sendmail actually does, “sendmail -q -v” will give a more verbose version of the delivery process.
It is very convenient to automate the process of e-mail delivery. A tool commonly used for this process is cron.
To connect to the server, you will usually need to provide a MySQL user name when you invokeÂ mysqlÂ and, most likely, a password. If the server runs on a machine other than the one where you log in, you will also need to specify a host name. Contact your administrator to find out what connection parameters [...]
Every time a file is read from your Linux ext3 partition it writes back a attribute to the file detailing the last access time. There are very few programs that actually use this to operate and it slows everything down. Disabling atime and diratime on your Linux ext3 file systems can improve disk performance up [...]
FTP on Linux and other Unix systems allows you to pass shell commands to the ftp client by using the pipe symbol â€˜|â€™ as the first character of the file name. With this feature you can send a very large file to a remote host using /dev/zero as input and /dev/null as output.
Building an infrastructure for patch management is another very important step to proactively secure Linux production environments. It is recommended to have a written security policy and procedure to handle Linux security updates and issues. For example, a security policy should detail the timeframe for assessment, testing, and rollout of patches. Network related security vulnerabilities [...]
Red Hat Linux provides a utility calledÂ diskcheckÂ that monitors the amount of free disk space on the system. Based on the configuration file, it will send email to the system administrator when one or more disk drives reach a specified capacity. To use this utility, you must have theÂ diskcheckÂ RPM package installed. This utility is run as [...]
The free command displays the total amount of physical memory and swap space for the system as well as the amount of memory that is used, free, shared, in kernel buffers, and cached.
Before you learn how to configure your system, you should learn how to gather essential system information. For example, you should know how to find the amount of free memory, the amount of available hard drive space, how your hard drive is partitioned, and what processes are running. This chapter discusses how to retrieve this [...]
Unlike the built-in dhclient, your FreeBSD system does not come with DHCP server software. This is because you only need to configure a DHCP server if you want to lease out IP configuration for your own network. However, there are two ports that allow you to create your own DHCP server. The first is known [...]