Category: Linux

  • Install CSF Firewall

    For non cpanel server, install perl modules

    yum install -y perl perl-libwww-perl perl-Time-HiRes unzip bind-utils
    

    On Ubuntu

    apt-get install libwww-perl
    

    Once we have requirments installed, install csf with

    cd /usr/local/src
    wget https://download.configserver.com/csf.tgz
    tar -xzf csf.tgz
    cd csf
    sh install.sh
    
    sed -i "s/RESTRICT_SYSLOG = \"0\"/RESTRICT_SYSLOG = \"1\"/g" /etc/csf/csf.conf
    

    See csf

  • apt-cache

    To search for available packages, run

    apt-cache search PKG_NAME
    

    Example

    boby@sok-01:~$ apt-cache search wget
    devscripts - scripts to make the life of a Debian Package maintainer easier
    wget - retrieves files from the web
    abcde - A Better CD Encoder
    apt-mirror - APT sources mirroring tool
    axel - light command line download accelerator
    filetea - Web-based file sharing system
    getdata - management of external databases
    libcupt4-2-downloadmethod-wget - flexible package manager -- wget download method
    libwget0 - Download library for files and recursive websites
    ow-shell - shell utilities to talk to an 1-Wire owserver
    puf - Parallel URL fetcher
    pwget - downloader utility which resembles wget (implemented in Perl)
    python-wget - pure Python download utility for Python 2
    python3-wget - pure Python download utility for Python 3
    snarf - command-line URL grabber
    tcllib - Standard Tcl Library
    texlive-latex-extra - TeX Live: LaTeX additional packages
    wget2 - file and recursive website downloader
    wget2-dev - development file for libwget2
    wput - tiny wget-like ftp-client for uploading files
    boby@sok-01:~$ 
    

    Ubuntu find Dependencies for a package
    apt

  • curl using cookie

    Here is some example of using curl to login to site, use cookie to do further requests.

    curl -k --cookie-jar ./cookies_hotfile --data "returnto=%2F&user=USERNAME_HERE&pass=PASSWORD_HERE" http://site.com/login.php
    curl -L -O --cookie ./cookies_hotfile http://site.com/dl/5222/4444/file.zip.html
    

    See curl

  • chown

    chown command is ued to change ownership of a file or folder

    In this example ownership of folder public_html to username and group specified.

    chown -R username:group public_html
    

    -R used for recursively change ownership, that is all files and folders inside the folder also get the new ownership.

    See Linux Commands

  • at

    yum install at
    

    Enable atd

    [root@server12 ~]# service atd status
    atd is stopped
    [root@server12 ~]# chkconfig --list | grep atd
    atd            	0:off	1:off	2:off	3:on	4:on	5:on	6:off
    [root@server12 ~]# service atd start
    Starting atd:                                              [  OK  ]
    [root@server12 ~]# 
    

    Setting Job

    [root@server12 ~]# echo "/sbin/shutdown -h now"  |  at  21:15  16.02.2017
    job 1 at 2017-02-16 21:15
    [root@server12 ~]# atq
    1	2017-02-16 21:15 a root
    [root@server12 ~]# 
    

    Deleting at job

    [root@server12 ~]# atq
    1	2017-02-16 21:15 a root
    [root@server12 ~]# man atq
    [root@server12 ~]# atrm 1
    [root@server12 ~]# atq
    [root@server12 ~]# 
    

    See linux commands

  • Testing POP3 mail box with telnet

    To test if pop3 mailbox work using telnet, use

    telnet MAIL_SERVER_IP 110
    user YOUR_EMAIL_ADDRESS
    pass YOUR_EMAIL_PASSWORD
    

    Once logged in, you can use commands like

    STAT
    LIST
    RETR
    DELE
    RSET
    TOP
    QUIT
    

    telnet pop3

    See telnet

  • Auto upgrade software in Ubuntu/Debian

    To auto upgrade software packages in Ubuntu/Debian, install

    apt install -y unattended-upgrades
    

    Edit

    vi /etc/apt/apt.conf.d/50unattended-upgrades
    

    In this file, you can configure various settings.

    See apt

  • rpmquery

    rpmquery command allow you to check if a specific rpm package installed on your computer.

    rpmquery PKG_NAME
    

    Example

    root@server20 [~]# rpmquery nmap
    nmap-6.40-19.el7.x86_64
    root@server20 [~]# 

    See rpm

  • Install PowerDNS on Ubuntu 20.04

    PowerDNS is an OpenSource DNS server.

    Update apt repo

    apt-get update && apt-get upgrade -y
    

    On Ubuntu, systemd-resolved listen to port 53. This is a local DNS resolver, we need to stop this service before we can install PowerDNS.

    systemctl disable systemd-resolved
    systemctl stop systemd-resolved
    rm -f /etc/resolv.conf
    echo "nameserver 1.1.1.1" > /etc/resolv.conf
    echo "nameserver 8.8.8.8" >> /etc/resolv.conf
    

    To install PowerDNS with MySQL backend, run

    apt install pdns-server pdns-backend-mysql
    

    Since we are using MySQL backend to store DNS zones, we need to install MySQL database.

    apt install mariadb-server
    

    Login to MySQL, create a database and user.

    mysql
    CREATE DATABASE powerdns;
    GRANT ALL ON powerdns.* TO 'powerdns'@'localhost' IDENTIFIED BY 'YOUR_MYSQL_PW_HERE';
    

    Restore database scheme provided by powerdns

    mysql powerdns < /usr/share/pdns-backend-mysql/schema/schema.mysql.sql
    

    You can see this scheme in PowerDNS documentation.

    Configure PowerDNS to use MySQL backend

    vi /etc/powerdns/pdns.d/mysql.conf
    

    Add following content

    # MySQL Configuration
    # Launch gmysql backend
    launch+=gmysql
    # gmysql parameters
    gmysql-host=localhost
    gmysql-port=3306
    gmysql-dbname=powerdns
    gmysql-user=powerdns
    gmysql-password=YOUR_MYSQL_PW_HERE
    gmysql-dnssec=yes
    # gmysql-socket=
    

    Restart PowerDNS

    systemctl restart pdns
    

    If PowerDNS started properly, you will see it listening to port 53. You can verify with command netstat -lntp

    PowerDNS netstat

    In above picture, you will see PowerDNS listen to port 53 and 8081. Port 8081 is API port, you won't see it unless you enabled it.

    To verify PowerDNS is running, you can use command

    root@vultr:~# dig @127.0.0.1
    
    ; <<>> DiG 9.16.1-Ubuntu <<>> @127.0.0.1
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 63898
    ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
    ;; WARNING: recursion requested but not available
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 1232
    ;; QUESTION SECTION:
    ;.				IN	NS
    
    ;; Query time: 0 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Mon Oct 12 06:53:40 UTC 2020
    ;; MSG SIZE  rcvd: 28
    
    root@vultr:~# 
    

    Back to PowerDNS

  • Find all open ports using nmap

    To find all open ports on a computer, run

    nmap -P0 -vv -sS -ff -r -n -p 1-65535 IP_ADDR_HERE
    

    -sS = SYN scan

    if you only need to scan most common ports, use

    nmap IP_ADDR_HERE
    

    Example

    nmap list ports

    To see open ports on your local computer, run

    nmap localhost
    
    nmap -p 22 IP_ADDR Scan a single port
    nmap -p 1-100 IP_ADDR Scan range of ports
    nmap -p- IP_ADDR Scan all 65535 ports
    nmap -F IP_ADDR Scan most popular 100 ports (fast scan)

    See nmap

  • Make hosts file editable with out sudo

    hosts file allow you to override DNS. This will allow you to point a domain to difernt IP address on your computer. It is helpful for testing sites during site migrations.

    If you edit hosts file a lot, it is better to make it owned by you or make it editable by everyone.

    sudo chmod 777 /etc/hosts
    

    Now onwards, you can edit the file with out sudo requirment.

    Another option is make it owned by current user.

    sudo chown USER_HERE:GROUP_HERE /etc/hosts
    

    See /etc/hosts

  • Migrate database from MongoDB Atlas to your server

    Migrate database from MongoDB Atlas to your server

    MongoDB Atlas is a hosted MongoDB server hosting in cloud. If you are starting with MongoDB, they have free hosting, that work for smaller sites.

    https://www.mongodb.com/cloud

    MongoDB Atlas

    On this page, you can see the version of MongoDB is Version 4.2.10. You need to install same or newer version of MongoDB on your server.

    MongoDB documentation have detailed instructions for installing MongoDB on various Operating systems.

    https://docs.mongodb.com/manual/administration/install-on-linux/

    Take MongoDB backup

    MongoDB atlas provide you command to take backup. On “Clusters” page, click the 3 dots, then select command line tools. Next page will show you command to take backup of your MongoDB database.

    mkdir /root/mongodb_backup
    cd /root/mongodb_backup
    mongodump --uri mongodb+srv://YOURNAME_HERE:[email protected]/DATABASE_NAME_HERE
    

    You can find database name in atlas, for this, click “Cluster0”, then go to Collections tab. You will see database name on this page.

    Once you run the mongodump command, it will create a folder “dump” and save backup inside.

    backup mongodb database using mongodump

    Restart MongoDB backup

    To restart MongoDB backup locally, run

    mongorestore --username=USER_NAME_HERE --password=PW_HERE --authenticationDatabase "admin"  /root/mongodb_backup/dump/
    

    USER_NAME_HERE and PW_HERE is MongoDB user and password. You can enable MongoDB authentication following instructions at

    https://docs.mongodb.com/guides/server/auth/

    Update Application to use local MongoDB

    The application used following connection string

    mongoose.connect("mongodb+srv://USER:[email protected]/DB_NAME?retryWrites=true&w=majority", {
    

    I replaced it with

    mongoose.connect("mongodb://USER:[email protected]:27017/DB_NAME?retryWrites=true&w=majority&authSource=admin", {