> > Test it: > # mysql -uroot -pnewpassword > You should be at a mysql prompt. > # quit > Gets you out of the mysql system. again... if you use your passwd on the command line then you may be giving it away faster then you want..... mysql -uroot -p > ------------------------------ > SRM.CONF changes looks like personel prefs..... > ------------------------------------ > Little How-Tos > To see who's connected to your machine (through telnet and ssh): > # w err "w" is what they are doing... who or pinky will tell you "who" is logged in.... > To change the FTP timeout: > # pico /etc/proftpd.conf > Add these lines: > #Edited Timeout for longer ftp sessions > TimeoutNoTransfer 1200 > TimeoutIdle 1200 just prefs.... > To get Webalizer to run before logrotate, rename it: > # mv /etc/cron.daily/webalizer.pl /etc/cron.daily/awebalizer.pl > To get it to leave statistics on heavy-traffic sites, go into > /etc/webalizer.conf and set Incremental to 'yes'. > Remember to also set the name for the current file on the line below > that. just did a big post on this on the user list... bottom line.... rename the logrotate/apache files zapache.... > To get directories to stop giving a list of contents: > # pico /etc/httpd/conf/access.conf > Edit this line so that it has the -Indexes at the end: > # be more restrictive within a site > <Directory /home/sites/*/> > Options -FollowSymLinks +SymLinksIfOwnerMatch -Indexes > </Directory> > Save, exit, restart the web server. > # /etc/rc.d/init.d/httpd restart > personel prefs... > Alternatively, set AllowOverride options to ALL and drop an > .htaccess file into the /web directory with this line: > Options -Indexes this is really bad and opens some security holes up depending on your bussiness... if you are hosting for strangers don't do this... just add what you want to work and it will without giving extra stuff to your users.... > Restarting inetd after dropping some new entries into hosts.deny: > # /usr/sbin/inetd restart as far as I know you don't need to do this... > IPChains Install: > #wget > ftp://rpmfind.net/linux/redhat/6.2/en/os/i386/RedHat/RPMS/ipchains-1.3 > .9-5.i386.rpm > # mv ipchains-1.3* ipchains-1.3.rpm > # rpm -i ipchains-1.3.rpm > IPChains is now installed. The startup script is in /etc/rc.d/init.d > as ipchains. well you can rpm -Uvh ftp://rpmfind.net/linux/redhat/6dHatblablabla/bla but I don't like that package... myself I took the latest redhat 7.1 soruce rpm and made a few changes then built it. works great... as I recall it was just a matter of getting rid on the need for xinetd.... it's also a newer version which is improtant too... > ALTERNATIVE FOR IPCHAINS NEWBIES: > Get PMFirewall, install it, run the script and answer some questions > about your setup: > http://www.pointman.org/PMFirewall/ great stuff if your making a firewall.... I guess... never used it... > PortSentry: > # wget http://www.psionic.com/tools/portsentry-1.0.tar.gz > # gunzip portsentry-1.0.tar.gz > # tar -xvf portsentry-1.0.tar > # mv portsentry-1.0 portsentry > # cd portsentry > #make shoud be "make linux" > # make install > > Configure PortSentry by carefully reading the portsentry.conf file and > commenting/uncommenting > certain lines and removing/adding certain ports. > I recommend the "anal" setting. You'll get more mesages as "Attack > Alerts" but it's a more - anal - setting. yes but there are other modes that work better then using these settings.... also they need to setup the -"KILL_ROUTE" ... using ipchains in this example... > Turn on portsentry at bootup: > add to /etc/rc.d/rc.local: > /usr/local/psionic/portsentry/portsentry -tcp > /usr/local/psionic/portsentry/portsentry -udp yep... see note below > To turn it on right now, just run those lines as root. You'll see > portsentry firing up and binding if you look in > /var/log/messages. There will be some lines where it cannot bind to > certain ports, check yep thats one way but it misses a few things that are nice to change. Things like the complier used, and a init file...and setting up the ignore file with local ip's.... you might want to add that... What I did is I took the latest srpm from redhat 7.1 and modified it with my own patch (with input from the redhat patches that I didn't like all of) and rebuilt it into a nice rpm that does it all.... > LogCheck: > # pico /usr/local/etc/logcheck.sh > change the sysadmin address to whatever user you've set up to get the > messages; save and exit again the fast compile and install is a little rough and logcheck wants to use some directoies that most people don't want them to use for temp directories... any way... the latest rh7.1 srpm, added changes, and made a new rpm of it.... > # pico /root/crontab > add this line: > 01,16,31,45 * * * * /usr/local/etc/logcheck.sh > That fires it off every 15 minutes. Adjust to your tastes. > This line runs it once a night, at 1:01am: > 1 1 * * * /usr/local/etc/logcheck.sh > If you don't have a file there yet, pico will make a new one. Tell > crontab to pay attention to it like so: > # crontab -u root /root/crontab personel prefence I like to link it.... ln -s /location/of/logcheck.sh /etc/cron.quaterhourly/Logcheck With that I'm going to bed.... it's 3:48 now and I still have to reread this ... Zeffie http://www.zeffie.com/
Zeffie's Sun Cobalt User Forums
Zeffie's Sun Cobalt Restore CD's
Zeffie's Sun Cobalt Updates
Sun Cobalt Users List
Sun Cobalt Security List
Sun Cobalt Developers List
Copyright 2007 by Electronic Consultants Inc.