Archive for April, 2009

online site to gen passwords

good online site to gen passwords
http://www.goodpassword.com

good tools to manage your passwords
http://www.clipperz.com/open_source/clipperz_community_edition

we can also use the following script:

#!/bin/sh
cat /dev/urandom| tr -dc ‘0-9a-zA-Z!@#$%^&*_+-‘|head -c 10;echo

No Comments

tips on ssh tunneling

tips on ssh tunneling

ssh -L 8080:destination_ip/dns:80 local_net/other

now you can visit the destination_ip/dns by visit

localhost:8080

more details:
http://www.securityfocus.com/infocus/1816/
http://en.wikipedia.org/wiki/Tunneling_protocol
http://www.revsys.com/writings/quicktips/ssh-tunnel.html
http://www.engadget.com/2006/03/21/how-to-ssh-tunnels-for-secure-network-access/

2 Comments

vi/vim is a good tool to edit the files

vi/vim is a good tool to edit the files for sys admin and programmer.
I don’t mean to offend the emacs guys. just my opinion. 🙂

if you want to learn and have any questions, just use this link.
so you don’t need to search on the internet.

http://vimdoc.sourceforge.net/

the pdf is good book for the new learner.
http://www.truth.sk/vim/vimbook-OPL.pdf

No Comments

tips about rpmbuild

tips about rpmbuild

we need clamav’s libraries for havp-0.90-1.x86_64.rpm
the library file is libclamav.so.6
and don’t want the update make havp crash ( havp is rpmbuild rebuilt from source)
so when I rebuild the rpm i use the following options(edit havp.spec):

Requires: clamav
Provides: libclamav.so.6

firstly meet the clamav then match libclamav.so.6;
so we won’t care the clamav version, just if it provides the libclamavi.so.6. we can use it.

more details on rpmbuild
http://www.rpm.org

No Comments

Tool to analysis the squid logs

Tool to analysis the squid logs
http://scalar.risk.az/scalar095/scalar.awk

No Comments

install hping hping needs pcap.h

install hping
hping needs pcap.h, bpf.h, we should install libpcap-devel
wget http://www.hping.org/hping3-20051105.tar.gz

there is sth need to change
ln -s /usr/include/pcap-bpf.h /usr/include/bpf.h

vi libpcap_stuff.c script.c
change the net/bpf.h into bpf.h

./configure && make && make install

but it is easy in FreeBSD
cd /usr/ports/net/hping-devel
make && make install

hping has much features to test the network!

http://www.securityfocus.com/infocus/1787
http://www.securityfocus.com/infocus/1791

,

No Comments

focus on security of Linux this weekend

focus on security of Linux this weekend.

APF (Advanced Policy Firewall) and more tools
http://www.rfxn.com/projects/
there are all written in shell, such as APF based on iptables. good example in sys admin with shell.

OSSEC is an Open Source Host-based Intrusion Detection System.
It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows.
it is C/S model, just one server and server agentd, can monitor the system.
http://www.ossec.net/


Some tips on optimize the MySQL database

MySQL Performance Tuning Primer Script – http://www.day32.com/MySQL/

MySQLTuner – http://rackerhacker.com/mysqltuner/

MONyog – MySQL Monitor and Advisor – http://www.webyog.com/en/

More links:
http://www.mysqlperformanceblog.com/2006/09/29/what-to-tune-in-mysql-server-after-installation/
http://tag1consulting.com/MySQL_Engines_MyISAM_vs_InnoDB
http://www.profitpapers.com/papers/performance-tuning-mysql-for-load.php
http://hackmysql.com/mysqlreport
http://www.mysqlperformanceblog.com/tools/
http://video.google.com/videoplay?docid=2524524540025172110

,

No Comments

squidclient -p 3128 -h squid_ip_address

squidclient -p 3128 -h squid_ip_address mgr:info@PASSWORD

get the squid manager infomation from it.
we should enable the client access cache manager
edit /etc/squid/{squid.conf, cachemgr.conf}
add your ip address to access. default manager can only access by localhost.

use a different port for cache manager
http_port 80 defaultsite=want_to_access_ip_address/hostname :80
http_port 8001 # this is for cache manager

No Comments

mod_evasive/security to secure Apache

mod_evasive/security to secure Apache server

http://www.zdziarski.com/projects/mod_evasive/
http://www.modsecurity.org

No Comments

Drupal Optimize Tips

Drupal Optimize Tips also good for Php Optimization

http://2bits.com/articles/drupal-performance-tuning-and-optimization-for-large-web-sites.html

No Comments