Hosting servers at some point of time should have faced a ddos attack. You will have lot of trouble in identifying the right command to use and check the connections to your server.Here is a small tip with tcpdump

tcpdump -v nn -w attack dst port 80

Catch upto 200 packets you can change the port number as well as the filename “attack” as per your need. Having done that you can now figure out the number of connections from the ips by following command

tcpdump -nr attack |awk ‘{print $3}’ |grep -oE ‘[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}’ |sort |uniq -c |sort -rn

Block the ips with maximum count using iptables.

iptables -I INPUT -s ipaddress -j DROP

admin general, linux tcpdump ddos

Litespeed webserver

Internet is growing and the servers hosting the sites are thickly packed. If you are not hosting your site on a dedicated server chances are there that it is loading very slow at times.

Almost 90% of servers are based in linux which is embracing opensource software Apache as its webserver. Over a decade we haven’t seen any marked improvement in its performance with the growing demand.

Litespeed comes to your rescue at this juncture, they provide both free and enterprise version. They have provided a comparison chart with other websevers

http://www.litespeedtech.com/web-server-performance-comparison-litespeed-2.1-vs.html

We also had implemented it on our server and the site sparksupport.com is using litespeed. We could see a drastic difference in the performance. Another catch is that if your server is using a control panel like cpanel or plesk, litespeed can still work as it is portable with the existing webservice.

There is a very good documentation provided by litespeed which is a major advantage over its rivals like ngine-X.

Give it a try and experience the difference.

Update: Wed Apr 15 12:26:17 IST 2009

We moved our servers to Nginx – Cpanel combination. Now all our our servers are running Nginx.

admin Webservice, linux Litespeed webserver

First off download clipshare and unzip it. You will see installation.txt sql and upload folder after the extract.

Now check if your system is suPHP or not. Create a test php file test.php and add the following code

Now access this through the browser and if its showing your username then suPHP is enabled in the server so you can avoid the steps below of changing folder permission to 777 or else follow the complete steps.

1. Edit /upload/cgi-bin/ubr_upload.pl in a text editor, and change the path to (where you will insall the script)/tmp/uploader/ usually /home/user/public_hmtl/tmp/uploader/
2. Edit /upload/include/config.php in a text editor, and change the variables marked with “CHANGE HERE”
3. Edit /upload/include/dbconfig.php and enter your database info

Login to your control panel create a database,username and pass with all privileges.
4. Optional: Edit /upload/include/language.php to remove / add language files
5. Upload the contents (only the contents, not the folder itself) of the /upload folder on your server, in BINARY mode

6. Set write permissions (chmod 777) to the following folders:
/flvideo
/video
/thumb
/chimg
/photo
/tmp
/tmp/logs
/tmp/sessions
/tmp/thumbs
/tmp/uploader
/cache/templates_c
7. Set execute permissions (chmod 755) to /cgi-bin and /cgi-bin/ubr_upload.pl
8. Create database and database user. Import the database dump from /sql/clipshare.sql with phpmyadmin
9. Access your ClipShare Admin Panel at http://www.yourdomain.com/siteadmin/
Default admin user / password: admin / admin
- Change the admin user / password !!
- Change the site name, email, meta keywords, description, etc
- Optional: change different settings
- Create channels
- Add your advertising

Enjoy sharing videos !!!

admin general, linux clipshare installation steps, how to install clipshare

Bacula is a set of Open Source, enterprise ready, computer programs that permit you to manage backup, recovery, and verification of computer data across a network of computers of different kinds.

Bacula supports Linux, UNIX and Windows backup clients, and a range of professional backup devices including tape libraries. Administrators and operators can configure the system via a command line console, GUI or web interface; its back-end is a catalog of information stored by MySQL, PostgreSQL, or SQLite.

Any installation contains three kinds of daemons to execute backup and restore functionality:

1) Director Daemon – manages other daemons, queries and updates catalog, interfaces with operator front-ends, automates backup schedules
2) Storage Daemon – makes system calls to drive backup media, responds to read/write requests from Director, and receives backup/restore data from file daemon
3) File Daemon – negotiates client-side communication, encryption and compression, opens file handles to access a client’s data

The master config file is the director’s [/etc/bacula/bacula-dir.conf]. In it is all the information needed to be able to backup the servers it manages. Since each component of the backups system is it’s own daemon, the host, port, and passwords to communicate with them are all listed in the conf file. All options need to match the ones in the daemon’s config, or communication will fail.

Visit http://www.bacula.org/en/ to read more …

admin Uncategorized

If your server got stuck with rpm command do the following steps.

Remove cached DB
rm -fv /var/lib/rpm/__db.00*
rpm –rebuilddb

The last command takes some time so don’t stop it.

admin general, linux rpm got stuck

Tired of examining apache logs for hack attempts ? Okay, relax a bit ! Scalp is there to rescue you

Scalp ( a simple python script ) is a web log analyzer for the Apache web server that look for security problems. It reads the Apache log and perform log analysis for possible attacks against rulesets provided by PHP-IDS project. In its standard form, the script can handle Apache logs of more than 100 megabytes without a problem. The tool outputs its results as a report in text, XML or HTML format.

Running the program as the following will use the Apache log file at /var/log/apache2/access.log and the PHPIDS ruleset from ~/default_filter.xml;

$ python scalp.py –log /var/log/apache2/access.log –filters ~/default_filter.xml

Romain Gaucher, who created scalp, is currently working on a C++ version of his program.

admin linux scalp web log analyzer