Cpanel Apache Symlink Protection
wget http://layer1.rack911.com/before_apache_make -O /scripts/before_apache_make chmod 700 /scripts/before_apache_make ## Rebuild apache (might want to do it thru WHM instead) /scripts/easyapache –build
Author Archives Randy
AS Number Stats on Linux
I’ve got a couple of Linux machines that are sitting outside of the Sflow ‘zone’ and AS traffic stats go unmeasured. I wanted to get a rough idea on the number of connections per AS number so here’s a little app that parses netstat and sorts AS numbers by number of connection. NOTE1: This won’t […]
Obfuscate or Encrypt Perl
There are 3 primary options: 1. Use PAR with PAR::Filter::Obfuscate or PAR::Filter::Crypto 2. Use Filter::Crypto::CryptFile (requires certain modules installed on target system) 3. Encrypt modules with Module::Crypt.
Clone a live linux system with Rsync over SSH
Update: 5/3/17 — Add additional notes for CentOS7 (dracut + grub2) and XenServer targets All commands are run on new server. 1. Boot into rescue mode (iso, pxe, ect). 2. Create partitions with ‘fdisk /dev/sda’. Type 83 for non-RAID fs, 82 for swap, type fd in the case of RAID (all partitions). Flag boot partition […]
Find symlinks on Cpanel
Find all possible root symlinks (leftover from attempted exploits) and save them as a list ‘symlinks.txt’. ls /var/cpanel/users | grep -v “\`\|\.\|cpanel\|root\|mysql\|nobody” | \ while read CPUSER; do find /home/$CPUSER -type l -not \( -lname “/home/$CPUSER/*” \ -o -lname “*rvsitebuilder*” -o -lname “[^/]*” -o -lname “/usr/local/apache/domlogs/*” \ -o -lname “/usr/local/urchin/*” \) ; done \ > […]
Simple Monitoring with Email Alerts that works on LSI MegaRAID and Adaptec
This tool will poll the output of command(s) or URL(s), and send email alerts if the output changes, contains (or not contains) certain text, or becomes unavailable. It’s a light weight, reliable monitoring replacement for the pile of garbage most RAID vendors include with their cards. Complex excludes and finds can be specified as Perl […]
Winsplit Revolution (Like Windows Snap but for Multiple Displays)
I just added a 4th monitor to my office PC and finally admitted to needing help with window placement, far beyond Windows 7’s limited snap feature, this tool really gets the job done: http://www.winsplit-revolution.com/ It’s a free, light-weight ‘snap’ on steroids designed specifically for multi-display setups.
Guest isolation in XenServer 6.1 / XCP 1.6
Since XenServer 6.1 (XCP 1.6) there is a new feature that allows you to lock VIF to specific MAC and IP addresses. This is nice (and also very buggy!), but it doesn’t provide any security other than keeping VMs from stealing each others IPs. A better solution should allow to (optionally) isolate traffic between groups […]
XenServer multipath configuration for LIO targets
XenServer multipath.conf with special support for LIO-based iSCSI targets to maximize multipath performance and ensures 100% stability. path_grouping_policy setting doesn’t seem to matter (between group_by_prio and multibus) in most basic setups. Invalid lines (as reported by XenServer 6.1) have also been removed. http://djlab.com/stuff/xs61/multipath.conf Specifically: device { vendor “LIO-ORG” product “*” path_grouping_policy group_by_prio path_checker tur getuid_callout […]
Using diff to create a patch in Linux
Create the patch: diff -aru file.orig file > file.patch Apply the patch (-b creates a copy of the original with a .orig extension): patch -b file file.patch