You are here

Risharde's Blog

Spoofed domain hn.kd.ny.adsl

I was able to get the actual ip range of the hn.kd.ny.adsl attacker. It seems the attacker uses compromised machines to do http attacks or perhaps bruteforce. Very strange indeed.

182.118.*.* seems to have some compromised servers trying an http attack on my linux box?

I shall keep monitoring...

--Risharde

Test your VPS/server's file IO performance

This generates a ~1 GB file and checks how long it takes to create. Use this to test the hard disk drives write speeds

dd if=/dev/zero of=test bs=64k count=16k conv=fdatasync

Good luck

--Risharde

Gzip a directory in linux

tar -zcvf archive-name.tar.gz directory-name

change archive-name to whatever you want. change directory-name to whatever directory name it is

Good luck

suPHP versus modPHP

So I've been testing both and there are a few trade offs here between suPHP and modPHP.

MODPHP Security
Firstly to get started, modPHP is supposed less safe sine PHP will run as apache thus a compromise on one website can lead to the reading of other directorys/websites of other users within the same linux server/box.

suPHP Security
suPHP security is indeed a notch higher when configured properly. Basically each user has their own username and suPHP will basically allow their website or in this case apache to run under the specific username. This means that if a website of a specific user were to be compromised, it would be much harder to get access to other websites on the box not running under the compromised user account.

HOWEVER, there is a catch
After my testing, I've noticed that suPHP is a bit slower but more importantly extremely CPU and memory intensive compared to its less secure modphp counterpart. At 50 users, the load on my server went up to 10.x which I have never seen happen with modphp. In fact, modphp wouldn't even break a serious sweat with this number of clients. More worrying is that suPHP used nearly 2 GBs of RAM during this 50 user load test while modPHP didn't go over 1 GB...

So really, the choice is up to you when it comes down to the security vs resources issue. I'm going to try caching with suPHP and see if that helps at all.

Converting between MySQL database engines

I can't remember where I got this, but this works

To convert from INNODB to MYISAM (MYSQL)

SELECT CONCAT('ALTER TABLE ', table_name, ' ENGINE=MYISAM;') as ExecuteTheseSQLCommands
FROM information_schema.tables WHERE table_schema = 'yourdatabasename'
ORDER BY table_name DESC;

To convert from MYISAM to INNODB (MYSQL)

SELECT CONCAT('ALTER TABLE ', table_name, ' ENGINE=INNODB;') as ExecuteTheseSQLCommands
FROM information_schema.tables WHERE table_schema = 'yourdatabasename'
ORDER BY table_name DESC;

#LinuxHelp on IRC.FREENODE.NET

This place has some seriously skilled linux gurus...
I had a problem when I tried to install qmail in which I couldn't find out why ~qmail at the command prompt was pointing to the wrong directory. After a few questions from a linux guru named 'amrit', he figured out it was actually due to me creating a qmail user in the /etc/passwd which defined the user's home as the wrong directory in question

So it wasn't an actual alias or symbolic link.

Thanks Amrit , I hope someone is as kind as you were to me ;)

--------
Additional explanation below:
I could be wrong but I think it constitutes to the bash's tilde expansion however I was on the wrong track thinking it was either an alias or a symbolic link. Essentially I installed qmail twice. During the first install, I created some users for qmail to work with home directories so there was an alias username pointing to /dirA . When I did the install the second time, I changed the directory location for the install and during the creating users process, the users already exists so useradd command did not re-create since they already exists, thus the old directory stayed. so when I typed ~alias it was pointing the old directory of the user named alias. Hope that makes sense lol

NAT forwarding on OpenVZ Linux (iptables)

This allows NAT (basically for routing internet) for your VPN
iptables -t nat -A POSTROUTING -j SNAT --to
iptables -t nat -A POSTROUTING -s /8 -o venet0 -j SNAT --to-source

List/Check the rules
iptables -t nat --list

Enable ipforwarding for ipv4 via /etc/sysctl.conf

Pages