Wednesday, October 14, 2009

Securing machine from any kind of SSH access

Try to locate the that whether you machine is set to accept all SSH connections under the IPTABLES rules.

# iptables -L INPUT --line-numbers|grep ssh
[will list all the rules applied to the incoming traffic over SSH]
Try to locate the following entry [if it exists in the list shown]
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
remove the entry as its defined to accept all the incoming traffic over SSH,and this is how to.
Just pick the row number of the entry [the first column,say its 4th],and then list it using
# iptables -L INPUT 4
and then delete it using
# iptables -D INPUT 4
Now to stop SSH to your machine,just fire the following command.
# iptables -A INPUT -p UDP --dport 22 -j REJECT
# iptables -A INPUT -p TCP --dport 22 -j REJECT
Save the rules.
# service iptables save
Restart the service
# service iptables restart
All this could also have been done by just shutting down the SSH service,but the idea was to try hands at IPTABLES

Saturday, October 10, 2009

SAWRUB behind the BARS

Want one for yourself click

Monday, October 5, 2009

CLI Utils

- List contents of tar.bz2

# tar -jtvf etc.tar.bz2 |less
- Extract Single file from within tar.bz2 [path specified]
# tar -jxvf etc.tar.bz2 etc/yum.conf
- Extract Single file from within tar.bz2 [w/o path specified]
# tar -jxvf etc.tar.bz2 --no-anchored yum.conf
- Adding a panel item to run as different user.
Assume that we want to run a terminal for a user who is not logged in X envt.
Adding the following line to the Command section of the new launcher and selecting run in terminal, will open a new terminal window with that user.
# su - username
Also can add ssh option to the command
# su - username -c "ssh remoteserver"
- Rebuilding RPM database indices from the installed package headers.
# rpm --rebuilddb
If rebuilding the database gives errors,which means the DB is corrupted,in that case we need to delete the DB [a Berkeley DB] and recreate it once the bad one is gone.

- Deleting the RPM Database.
# cd /var/lib/rpm
Locate the DB files in there.
# ll __db*
Remove all of these DB files.
# rm -f __db*
Recheck if none of the files are left back.
# ll __db*

Try rebuilding the DB,as above

New will be coming in...

Address book configuration [LDAP] on Evolution

Select new address book creation using LDAP from the Contacts tab.

General Tab -
Name : My LDAP [Any Name]
Server :
Port : 389
Encryption : No Encryption
Login method : Using DN
Login :

Details tab -
DC=xxxx,DC=xxxx,DC=xxxx [This can be searched by evolution search button over there]
Search scope : Sub
Search Filter :(objectclass=*)

Edit > Prefs > Auto-completion -
Select check box for : Always show addressses of the autocompleted contact
Enable the check box for LDAP server [with the name defined at the time of creation as 'My LDAP' under general tab].

Sunday, October 4, 2009

Yum Utils

1] Check the available packages for update

# yum check-update
2] Exclude a package from getting updated
Exclusion can be done in 2 ways
i] Runtime
# yum check-update --exclude package-name
# yum check-update --exclude firefox
or using a wild card, by which all the packages starting with this name will be excluded from update.
# yum check-update --exclude openoffice*
ii] Defining in configuration
# vi /etc/yum.conf
append the following line in there
exclude= package1 package2 package3
we can also use wild card here as above.

Will be updating the same from time to time...

Saturday, October 3, 2009

VPN Setup using PPTP

Configuring the VPN connection to my office n/w :
Steps :
1] Install pptp and NetworkManager-pptp, using yum.

# yum install pptp NetworkManager-pptp
2] Once the installation is done,the next step is to configure the VPN connection using the above mentioned installed packages.For that we need to do setting under Network Manager Applet.It can be accessed by clicking the network icon in the notification area.
3] Right click the Network Manager Applet. Select Edit Connections > VPN tab > Add.
4] Select Point-to-point Tunnelling Protocol over there from the drop-down if its not there by default.
5] In the new connection set-up window.

- Give a name to the new connection [optional,but recommended].
- Select the Connect Automatically check-box.
- Define the :
Gateway | User name | Password
You can even verify the entered password by clicking 'Show Password'.
- All is done now, just click Apply.
6] Restart the machine.
7] Connecting to VPN Server.
- Left click the Network Manager applet.
- From the list select VPN Connection,
- Select VPN connection from under it, that you configured under step 5.
- Selecting the radio button will try enabling the VPN connection, during this duration an animation will be playing over the Network Manager Applet with a sign of lock over it.
- Once the animation goes off, without any error try accessing the local network [office n/w], using browser or shell.
- In case of error re-check the connection strings.
8] Disconnecting from the VPN Server.
- Left click the Network Manager applet.
- From the list select VPN Connection.
- Next go for the VPN connection that you are on.
- From the list select Disconnect VPN.

Friday, October 2, 2009

XZ takes over Gzip in RPM

As per the Fedora 12 Feature List, RPM packages will be compressed with xz instead of gzip, making the iso reduce by 30% in size, and 15% smaller compared to the bzip2 compression which is also an option, though bzip2 adds greater compression, but all this goes at the cost of large memory and cpu time. XZ on the other hand allows better compression without any of these.Thanks to Tukaani, the developer channel [presently one man army] behind the making of XZ Utils.

The core of the XZ Utils compression code is based on LZMA SDK, which is still in rapid development and hence Fedora will just using XZ instead of the not-finalized LZMA.

XZ Utils consist of several components:
- liblzma is a compression library with API similar to that of zlib.
- xz is a command line tool with syntax similar to that of gzip.
- xzdec is a decompression-only tool smaller than the full-featured xz tool.
- A set of shell scripts (xzgrep, xzdiff, etc.) have been adapted from gzip to ease viewing, grepping, and comparing compressed files.
- Emulation of command line tools of LZMA Utils eases transition from LZMA Utils to XZ Utils.

RPM [rpm-4.7.1-1] will be capable of compressing using xz.

Sources :
- XZRpmPayloads
- XZ Utils

Thursday, October 1, 2009

Making of Google Chrome

Funny way of bringing in all the colours of the Windows in a browser.

The real story goes like this : Making of Google Chrome