Linux, PHP, LAMP, The Web in a blog

DNS Diagnostic

nslookup
whois

nslookup can be used in an interactive mode, too.
Here is an example:

# nslookup
> server ns2.libero.it [I’m connected to Libero NS server]
> set q=ns [setting which kind of query to do. ‘ns’=nameserver OR ‘any’]
> italandia.it [displays the records stored on the server ns2.libero.it concerning the domain italandia.it]

Network Diagnostic

/etc/services: list of conventional ports
netstat: says the active connections
nmap server_ip_address: says the open ports (launch it from outside the server)
Once you know an open port, in order to know the process is using it:
lsof -i | grep port_number
traceroute

Database maintenance

OPTIMIZE TABLE tablename
It performs a sort of defragmentation for the files containing the table’s data.

Examine the The Slow Query Log

Login control

* last - shows the file /var/log/wtmp
* grep -i “accepted” /var/log/auth

If you find some strange accesses:
less /root/.bash_history
[I’m not sure this file is updating very often]
If this file is empty, points to /dev/null or contains some strange commands, it means the cracker was able to do whatever he wanted.

Misc

* Checks the logs, in particular cron’s one (/var/log/cron.log)

* Keep the system update and patched

#!/bin/bash
#
# my_backup.sh V1.0
#
# An useful script that performs a variety of operations in order to backup different data.
# It’s a good starting point for your bespoke one

# Creating all the definitions
datestamp=$(date +’%Y%m%d%H%M%S’)
tarname=my_backup-$datestamp”.tgz”
tempdir_base=tmpbckdir$datestamp
tempdir=*/var/tmp_backups/*$tempdir_base
tempdir_db=$tempdir”/db”

# Creating the directories for the operations
mkdir $tempdir
mkdir $tempdir_db

# Backuping databases
mysqldump -u *superuser* -p*superuser_psw* *database1* | gzip –best > $tempdir_db/*database1*.sql.gz
mysqldump -u *superuser* -p*superuser_psw* *database2* | gzip –best > $tempdir_db/*database2*.sql.gz
mysqldump -u *superuser* -p*superuser_psw* *database3* | gzip –best > $tempdir_db/*database3*.sql.gz

# Backuping databases - There are a lot of databases called like this: user_user1, user_user2,…
cd /var/lib/mysql/
for i in $( echo user_* ); do
mysqldump -u *superuser* -p*superuser_psw* $i > $tempdir_db/$i.sql
done

# Backuping files
cp -ra *dir1* $tempdir/*dir1*
cp -ra *dir2* $tempdir/*dir2*

# Sending a mail with the content of a log file
mutt -s “log file” -a *file_path* *mail address* < *file_path*
# truncating the file
echo “” > *file_path*

# Storing the compressed backup in a local disk
mount /dev/hdc1 /mnt
cd /etc/sm_it
tar czf /mnt/$tarname $tempdir_base
umount /mnt

# Deleting the temp files
rm -r $tempdir

LAMP Backup Script

If you press  CTRL+S by mistake, in order to unstuck the editor, press CTRL+Q.

What I want is to display PC output on my TV (it fits DivX play very well!)

I bought:

_ 4-pin male-male S-Video Cable (Thomson KBV600)

_ Video Adapter From Scart to S-Video + 3RCA(2 audio + 1 video) (Thomson KBV608)

I connect my laptop t23 to my TV (Sony Triniton CRT)

The very first step is to set the LCD monitor resolution to 800×600 that it’s pretty close to the TV one.

I had the same problem both on Linux and Windows. I could see the picture on the TV but it was black and white. Then I solved with this howto:

http://www.camp0s.com/pc_related/svideo/svideo.php

Basically that says you need to connect the pins 15 to 20 of the scart -> S-Video adapter.

Windows XP

_ Right clicking on the Desktop

_ Settings (I guess you can do it through the Control Panel instead)

_ Video Adaptor OR Video Card OR Hardware

_ Settings

_ Advanced

_ Display Tab

_ Choose TV as an output. Have a look of all the options this tab should offer to you.

Linux
For those computers equipped by a S3 Savage Video Card (as the T23 is), you need the s3switch program.

• List currently attached devices, active devices, and current format

$ sudo s3switch

• Make CRT, LCD, and S-Video (TV) output active

$ sudo s3switch crt lcd tv

• Set S-Video (TV) output format to NTSC

$ sudo s3switch ntsc

On Debian, you would simply launch:

apt-get install s3switch

But there’s a but. T23 users may need to apply the patch attached to this entry to avoid a Segmentation Fault. So you need to download the source of the program [attached, as well].

$ patch s3switch.c s3switch.patch

$ make

# mv s3switch /usr/local/bin

But there’s [one more] but. I can’t compile the source because of a weird inclusion in s3switch.c.

So I download the source of the Debian package

apt-get source s3switch

I apply the patch to it by hand (not through the patch command) and compile with make.

mv s3switch /usr/local/bin

Now it works! Very proud!

s3switch patch

s3switch source

http://www.codeandcoffee.com/2006/10/02/compress-your-javascript/

Online version of JSMin.

I’ll give you an example:

prototype.js (version 1.6.0.2)

_ before: 124K

_ after: 92K

Nothing very special but it could help. Anyway I think it’s the best you can get with just this type of compression.

Other examples:

http://www.bananascript.com/
http://dean.edwards.name/packer/

The best:

I’ve read about a Java tool that performs also the replacement of name variable but I can’t find the source yet. It should be called dojotoolkit or/and shrinksafe.

A good resource is:

http://www.crypt.gen.nz/selinux/faq.html

There, the most important thing is this.

It is important that server daemons are started within the correct context, if they are not then they will probably not run properly.

For Fedora and RedHat Enterprise Linux, use the normal command,

service (name) start/stop

For Debian and Gentoo, use the run_init command to run scripts in /etc/init.d within the correct context, for example sshd:

run_init /etc/init.d/sshd start

which starts up the sshd daemon. Note that run_init will prompt the user for their password before performing the function: this is to prevent unauthorised acces to the functionality such as being executed by a trojan program.

To know if selinux is installed

rpm -qa | grep selinux

To know if it is enabled

/usr/sbin/getenforce

• Copy the file iptables.sh in the directory /etc/init.d with these rules (but obviously you need to customize them).
• Make the file executable.
• Assuming the current run level is the second one:ln -s /etc/init.d/iptables.sh /etc/rc2.d/S97iptables
  Actually you should link the script in any runlevel to cover the case you change runlevel, even temporary.

******************************************************************

iptables script

******************************************************************

Useful Commands:
List of active rules:
iptables -L
Removes all the rules
iptables -F

http://psichron.za.net/guides/ipcopvsftpd.html [also attached in this entry].

The vsftp binary package is also available as an attachment to this post.

As the above howto says, take care of creating the directory /usr/share/empty

IPCOP FTP Server howto
IPCOP FTP Server binary package