Posts

Showing posts from October, 2009

Securing machine from any kind of SSH access

Try to locate the that whether you machine is set to accept all SSH connections under the IPTABLES rules. # iptables -L INPUT --line-numbers|grep ssh [will list all the rules applied to the incoming traffic over SSH] Try to locate the following entry [if it exists in the list shown] ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh remove the entry as its defined to accept all the incoming traffic over SSH,and this is how to. Just pick the row number of the entry [the first column,say its 4th],and then list it using # iptables -L INPUT 4 and then delete it using # iptables -D INPUT 4 Now to stop SSH to your machine,just fire the following command. # iptables -A INPUT -p UDP --dport 22 -j REJECT # iptables -A INPUT -p TCP --dport 22 -j REJECT Save the rules. # service iptables save Restart the service # service iptables restart All this could also have been done by just shutting down the SSH service,but the idea was to try hands at IPTABLES

SAWRUB behind the BARS

Image
Want one for yourself click

CLI Utils

- List contents of tar.bz2 # tar -jtvf etc.tar.bz2 |less - Extract Single file from within tar.bz2 [path specified] # tar -jxvf etc.tar.bz2 etc/yum.conf - Extract Single file from within tar.bz2 [w/o path specified] # tar -jxvf etc.tar.bz2 --no-anchored yum.conf - Adding a panel item to run as different user . Assume that we want to run a terminal for a user who is not logged in X envt. Adding the following line to the Command section of the new launcher and selecting run in terminal, will open a new terminal window with that user. # su - username Also can add ssh option to the command # su - username -c "ssh remoteserver" - Rebuilding RPM database indices from the installed package headers. # rpm --rebuilddb If rebuilding the database gives errors,which means the DB is corrupted,in that case we need to delete the DB [a Berkeley DB] and recreate it once the bad one is gone. - Deleting the RPM Database . # cd /var/lib/rpm Locate the DB files in there. #

Address book configuration [LDAP] on Evolution

Select new address book creation using LDAP from the Contacts tab. General Tab - Name : My LDAP [Any Name] Server : Port : 389 Encryption : No Encryption Login method : Using DN Login : Details tab - DC=xxxx,DC=xxxx,DC=xxxx [This can be searched by evolution search button over there] Search scope : Sub Search Filter :(objectclass=*) Edit > Prefs > Auto-completion - Select check box for : Always show addressses of the autocompleted contact Enable the check box for LDAP server [with the name defined at the time of creation as 'My LDAP' under general tab].

Yum Utils

1] Check the available packages for update # yum check-update 2] Exclude a package from getting updated Exclusion can be done in 2 ways i] Runtime # yum check-update --exclude package-name e.g. # yum check-update --exclude firefox or using a wild card, by which all the packages starting with this name will be excluded from update. # yum check-update --exclude openoffice* ii] Defining in configuration # vi /etc/yum.conf append the following line in there exclude= package1 package2 package3 we can also use wild card here as above. Will be updating the same from time to time...

VPN Setup using PPTP

Image
Configuring the VPN connection to my office n/w : Steps : 1] Install pptp and NetworkManager-pptp , using yum. # yum install pptp NetworkManager-pptp 2] Once the installation is done,the next step is to configure the VPN connection using the above mentioned installed packages.For that we need to do setting under Network Manager Applet.It can be accessed by clicking the network icon in the notification area. 3] Right click the Network Manager Applet. Select Edit Connections > VPN tab > Add. 4] Select Point-to-point Tunnelling Protocol over there from the drop-down if its not there by default. 5] In the new connection set-up window. - Give a name to the new connection [optional,but recommended]. - Select the Connect Automatically check-box. - Define the : Gateway | User name | Password You can even verify the entered password by clicking 'Show Password'. - All is done now, just click Apply . 6] Restart the machine. 7] Connecting to VPN Server . - Left

XZ takes over Gzip in RPM

As per the Fedora 12 Feature List , RPM packages will be compressed with xz instead of gzip, making the iso reduce by 30% in size, and 15% smaller compared to the bzip2 compression which is also an option, though bzip2 adds greater compression, but all this goes at the cost of large memory and cpu time. XZ on the other hand allows better compression without any of these.Thanks to Tukaani , the developer channel [presently one man army] behind the making of XZ Utils. The core of the XZ Utils compression code is based on LZMA SDK, which is still in rapid development and hence Fedora will just using XZ instead of the not-finalized LZMA. XZ Utils consist of several components: - liblzma is a compression library with API similar to that of zlib. - xz is a command line tool with syntax similar to that of gzip. - xzdec is a decompression-only tool smaller than the full-featured xz tool. - A set of shell scripts (xzgrep, xzdiff, etc.) have been adapted from gzip to ease viewing, greppi

Making of Google Chrome

Image
Funny way of bringing in all the colours of the Windows in a browser. The real story goes like this : Making of Google Chrome