How to send mails using Telnet

1. Open the cmd prompt.
2. Type telnet server.com 25 (where “server.com” is the name of the smtp (outgoing) server of your email provider, such as smtp-server.austin.rr.com). This can be found by checking your account info in the program you normally use for email.
3. Type HELO server.com.
4. Type MAIL FROM: you@server.com.
5. You may get a message saying “250 ok”
6. Type RCPT TO: Friend1@anotherserver.com, friend_two@someotherserver.org,friend.3three@Someserver.com, etc.
7. again, You may get a message saying “250 ok”
8. To write the message, type DATA, followed by your message.
9. To end the message, put a period(.) on a line by itself and press Enter.
10. Type QUIT to exit Telnet.

* Just a note: you may have to enter a “:” after the “mail from:” and the “rcpt to:”
* This can also be used to send email as other people.
* Some servers also accept ‘EHLO’ in place of ‘HELO’.

This is my personal blog So i do not care if you do not understand.

 

Logrotate

The Ultimate Logrotate Command

Managing log files effectively is an essential task for Linux sysadmin.

Interview Question VIMP
Q.1> how to perform log file operations using UNIX/LINUX logrotate utility?

Ask in Interview IMP Points regarding Logrotate

*Rotate the log file when file size reaches a specific size

*Continue to write the log information to the newly created file after rotating the old log file

*Compress the rotated log files

*Specify compression option for the rotated log files

*Rotate the old log files with the date in the filename

*Execute custom shell scripts immediately after log rotation

*Remove older rotated log files

1. Logrotate Configuration files

Following are the key files that should be aware of for logrotate to work properly.

/usr/sbin/logrotate – The logrotate command itself.

/etc/cron.daily/logrotate – This shell script executes the logrotate command everyday.

$ cat /etc/cron.daily/logrotate
#!/bin/sh

/usr/sbin/logrotate /etc/logrotate.conf
EXITVALUE=$?
if [ $EXITVALUE != 0 ]; then
/usr/bin/logger -t logrotate “ALERT exited abnormally with [$EXITVALUE]”
fi
exit 0

/etc/logrotate.conf – Log rotation configuration for all the log files are specified in this file.

$ cat /etc/logrotate.conf
weekly
rotate 4
create
include /etc/logrotate.d
/var/log/wtmp {
monthly
minsize 1M
create 0664 root utmp
rotate 1
}

/etc/logrotate.d – When individual packages are installed on the system, they drop the log rotation configuration information in this directory. For example, yum log rotate configuration information is shown below.

$ cat /etc/logrotate.d/yum
/var/log/yum.log {
missingok
notifempty
size 30k
yearly
create 0600 root root
}

2. Logrotate size option: Rotate the log file when file size reaches a specific limit

If you want to rotate a log file (for example, /tmp/output.log) for every 1KB, create the logrotate.conf as shown below.

$ cat logrotate.conf
/tmp/output.log {
size 1k
create 700 bala bala
rotate 4
}

This logrotate configuration has following three options:
1.size 1k – logrotate runs only if the filesize is equal to (or greater than) this size.
2.create – rotate the original file and create the new file with specified permission, user and group.
3.rotate – limits the number of log file rotation. So, this would keep only the recent 4 rotated log files.

Before the logrotation, following is the size of the output.log:
$ ls -l /tmp/output.log
-rw-r–r– 1 bala bala 25868 2010-06-09 21:19 /tmp/output.log

Now, run the logrotate command as shown below. Option -s specifies the filename to write the logrotate status.
$ logrotate -s /var/log/logstatus logrotate.conf

Note : whenever you need of log rotation for some files, prepare the logrotate configuration and run the logroate command manually.
After the logrotation, following is the size of the output.log:
$ ls -l /tmp/output*
-rw-r–r– 1 bala bala 25868 2010-06-09 21:20 output.log.1
-rwx—— 1 bala bala 0 2010-06-09 21:20 output.log

Eventually this will keep following setup of rotated log files.
output.log.4.
output.log.3
output.log.2
output.log.1
output.log

Please remember that after the log rotation, the log file corresponds to the service would still point to rotated file (output.log.1) and keeps on writing in it. You can use the above method, if you want to rotate the apache access_log or error_log every 5 MB.

Ideally, you should modify the /etc/logrotate.conf to specify the logrotate information for a specific log file.

3. Logrotate copytruncate option: Continue to write the log information in the newly created file after rotating the old log file.

$ cat logrotate.conf
/tmp/output.log {
size 1k
copytruncate
rotate 4
}

copytruncate instruct logrotate to creates the copy of the original file (i.e rotate the original log file) and truncates the original file to zero byte size. This helps the respective service that belongs to that log file can write to the proper file.

4. Logrotate compress option: Compress the rotated log files

If you use the compress option as shown below, the rotated files will be compressed with gzip utility.
$ cat logrotate.conf
/tmp/output.log {
size 1k
copytruncate
create 700 bala bala
rotate 4
compress
}

Output of compressed log file:
$ ls /tmp/output*
output.log.1.gz output.log

5. Logrotate dateext option: Rotate the old log file with date in the log filename

$ cat logrotate.conf
/tmp/output.log {
size 1k
copytruncate
create 700 bala bala
dateext
rotate 4
compress
}

After the above configuration, you’ll notice the date in the rotated log file as shown below.
$ ls -lrt /tmp/output*
-rw-r–r– 1 bala bala 8980 2010-06-09 22:10 output.log-20100609.gz
-rwxrwxrwx 1 bala bala 0 2010-06-09 22:11 output.log

This would work only once in a day. Because when it tries to rotate next time on the same day, earlier rotated file will be having the same filename. So, the logrotate wont be successful after the first run on the same day.

Typically you might use tail -f to view the output of the log file in realtime. You can even combine multiple tail -f output and display it on single terminal.

6. Logrotate monthly, daily, weekly option: Rotate the log file weekly/daily/monthly

For doing the rotation monthly once,

$ cat logrotate.conf
/tmp/output.log {
monthly
copytruncate
rotate 4
compress
}

Add the weekly keyword as shown below for weekly log rotation.
$ cat logrotate.conf
/tmp/output.log {
weekly
copytruncate
rotate 4
compress
}

Add the daily keyword as shown below for every day log rotation. You can also rotate logs hourly.
$ cat logrotate.conf
/tmp/output.log {
daily
copytruncate
rotate 4
compress
}

7. Logrotate postrotate endscript option: Run custom shell scripts immediately after log rotation

Logrotate allows you to run your own custom shell scripts after it completes the log file rotation. The following configuration indicates that it will execute myscript.sh after the logrotation.

$ cat logrotate.conf
/tmp/output.log {
size 1k
copytruncate
rotate 4
compress
postrotate
/home/bala/myscript.sh
endscript
}

8. Logrotate maxage option: Remove older rotated log files

Logrotate automatically removes the rotated files after a specific number of days. The following example indicates that the rotated log files would be removed after 100 days.
$ cat logrotate.conf
/tmp/output.log {
size 1k
copytruncate
rotate 4
compress
maxage 100
}

9. Logrotate missingok option: Dont return error if the log file is missing

You can ignore the error message when the actual file is not available by using this option as shown below.
$ cat logrotate.conf
/tmp/output.log {
size 1k
copytruncate
rotate 4
compress
missingok
}

10. Logrotate compresscmd and compressext option: Sspecify compression command for the log file rotation

$ cat logrotate.conf
/tmp/output.log {
size 1k
copytruncate
create
compress
compresscmd /bin/bzip2
compressext .bz2
rotate 4
}

Following compression options are specified above:
compress – Indicates that compression should be done.
compresscmd – Specify what type of compression command should be used. For example: /bin/bzip2
compressext – Specify the extension on the rotated log file. Without this option, the rotated file would have the default extension as .gz. So, if you use bzip2 compressioncmd, specify the extension as .bz2 as shown in the above example.

How To Disable Ping Replies in Linux

How To Disable Ping Replies in Linux using icmp_echo_ignore_all

how to disable ping replies for many reasons, may be for a security reason, or to avoid network congestion.

Disable ping reply Temporarily

temporarily disable the ping reply using the following method.

# echo “1” > /proc/sys/net/ipv4/icmp_echo_ignore_all

Please note that this setting will be erased after the reboot. To disable ping reply permanently (even after the reboot), follow the step mentioned below.

Also, to enable the ping reply back, set the value to “0″ as shown below.

# echo “0” > /proc/sys/net/ipv4/icmp_echo_ignore_all

Disable ping reply Permanently

permanently disable the ping reply using the following method.

Step 1: Edit the sysctl.conf file and add the following line.
net.ipv4.icmp_echo_ignore_all = 1

Step 2: Execute sysctl -p to enforce this setting immediately.
# sysctl -p

The above command loads the sysctl settings from the sysctl.conf file.

After the ping reply is disabled using one of the above method, when somebody tries to ping your machine they will end up waiting without getting a ping reply packet even when the machine is up and running

FIREWALL

Download apf from following link:

wget  http://www.rfxnetworks.com/downloads/apf-current.tar

# cd apf*
# ./install.sh

edit the following in Config file:

vim /etc/apf/conf.apf

Configure inbound (ingress) accepted services:

IG_TCP_CPORTS=”25,80,443″

# Configure outbound (egress) accepted services.

EGF=”1″    —-> enable this if you want to block outbound traffic

EG_TCP_CPORTS=”25,43″ —> exceptions for outbound traffic

EG_UDP_CPORTS=”20,21,53″ –>  exceptions for outbound traffic

vim allow_hosts.rules   –> edit this file to allow inbound/outbound traffic

tcp:in:d=22:s=192.168.5.0/24  –> allow inbound traffic for port 22 from

192.168.5.0/24
tcp:in:d=22:s=192.168.5.0/24  –> allow outbound traffic for port 22 to

192.168.5.0/24

Start APF:

#apf -s

this will start apf in development mode i.e the firewall will be flushed after 5 Mins

If your firewall is working fine disable development mode:

edit /etc/apf/conf.apf

DEVEL_MODE=”0″

Now Restart APF:

apf -r

Other information:

USE_DS=”0″ to USE_DS=”1″

APF makes use of dshield (DS), this is a little like spam blocklists such as spews and lists the most commonly abused networks and those most often used in denial of service attacks and similar.

USE_AD=”0″ to USE_AD=”1″

The USE_AD=”1″ enables the Antidos Feature which is still in beta at the time of this writing. Readme says “Antidos is a log parsing script made for r-fx.org’s APF (advanced policy firewall). It’s purpose is too parse specific log formats for network attacks against a given system; then take certian actions. it is designed to be modular so it can be removed from APF and used in other environments.”

AntiDOS Configuration
=======================

i) Open up /etc/apf/ad/conf.antidos

ii) Change LP_KLOG=”0″ to LP_KLOG=”1″

iii) CONAME=”Your Company”

Enter your company name within quotes similar to CONAME=”LunarPages”

iv) USR_ALERT=”0″ to USR_ALERT=”1″

Change it to 1 only if you wish to receive email alerts.

v) USR=”you@yourco.com”

Enter your email address here similar to the entry made in (iii) i.e in quotes

vi) Antidos is intended to operate via cron. This is a critical setup point as if not done, antidos will simply not operate.

Execute the command Code:
crontab -e

*/2 * * * * root /etc/apf/ad/antidos -a >> /dev/null 2>&1

This will run antidos every two minutes.

If you have any doubts feel free to contact me:
ashraf.mohammed83@gmail.com

squid server with basic to advance

Squid Basic Comands

# squid -k

===========> parse Check if squid.conf is OK and syntax-free

===========> check Check if SQUID is running

===========> reconfigure Re-Read squid.conf w/o stopping [refresh]

aka service squid reload

rotate rotate the log files

shutdown Shutdown SQUID gracefully

aka service squid stop

interrupt Kill SQUID w/o waiting for trns to finish

kill Kill SQUID mercilessly

debug Puts SQUID in debugging mode

# squid -N Is SQUID running ?

# squid -Nd1 Is DNS working ?

Restrict sites

Search for `Access Controls’ and append following two lines:
acl blocksites dstdomain .gmail.com
http_access deny blocksites

Save and close the file. Restart Squid:
# /etc/init.d/squid restart

Guys please note In the following Acl

acl blocksites dstdomain .gmail.com ————–> The sequence of this line is not important.

http_access deny blocksites ————> Only the http_access is impotant.

Squid read the http_access first. This is important. Not the acl.

1. Restricting Web Access By Time

You can create access control lists with time parameters. For example, you can allow only business hour access from the home network, while always restricting access to host 192.168.1.23.

#

# Add this to the bottom of the ACL section of squid.conf

#

acl home_network src 192.168.1.0/24

acl business_hours time M T W H F 9:00-17:00

acl RestrictedHost src 192.168.1.23

#

# Add this at the top of the http_access section of squid.conf

#

http_access deny RestrictedHost

http_access allow home_network business_hours

Or, you can allow morning access only:

#

# Add this to the bottom of the ACL section of squid.conf

#

acl mornings time 08:00-12:00

#

# Add this at the top of the http_access section of squid.conf

#

http_access allow mornings

4. Restricting Access to specific Web sites

Squid is also capable of reading files containing lists of web sites and/or domains for use in ACLs. In this example we create to lists in files named /usr/local/etc/allowed-sites.squid and /usr/local/etc/restricted-sites.squid.

# File: /usr/local/etc/allowed-sites.squid

http://www.openfree.org

linuxhomenetworking.com

# File: /usr/local/etc/restricted-sites.squid

http://www.porn.com

illegal.com

These can then be used to always block the restricted sites and permit the allowed sites during working hours. This can be illustrated by expanding our previous example slightly.

#

# Add this to the bottom of the ACL section of squid.conf

#

acl home_network src 192.168.1.0/24

acl business_hours time M T W H F 9:00-17:00

acl GoodSites dstdomain “/usr/local/etc/allowed-sites.squid”

acl BadSites  dstdomain “/usr/local/etc/restricted-sites.squid”

1. Transparent Cache/Proxy with Squid version 2.6 and beyond

Only 2 things you need to do

1. Write a iptable rule

iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128

1. http_port 192.168.0.1:3128 transparent

And if you have a squid 2.4 or below

Then write the iptable rule

and just add the following entry in squid.conf file

httpd_accel_host virtual

httpd_accel_port 80

httpd_accel_with_proxy on

httpd_accel_uses_host_header on

Using squid with username and password

Please follow the link it will help you to setup squid authentication with NCSA authentication

http://www.cyberciti.biz/tips/linux-unix-squid-proxy-server-authentication.html

If you have any doubts feel free to contact me:
ashraf.mohammed83@gmail.com