On the Remote Server Logged in As User or as root but in users home sudo mkdir ~/.ssh sudo chmod 700 ~/.ssh && chmod 600 ~/.ssh/* On you local (desktop) assuming you have already created your GPG Keys cat ~/.ssh/id_rsa.pub | ssh root@example.com 'cat – >> ~/.ssh/authorized_keys'
Apache2 reports an error “Invalid method in request \x16\x03\x01” Check that the IP address is correct in line #8 of /etc/apache2/sites-available/www.example.com <VirtualHost *:80> ServerAdmin webmaster@seleads.com ServerName www.example.com ServerAlias example.com Redirect 301 http://example.com http://www.example.com/ DocumentRoot /var/www/www.example.com/ </VirtualHost> <VirtualHost 199.199.199.199:443> SSLEngine on ServerName example.com SSLCACertificateFile /etc/apache2/ssl/PrimaryRootCA.crt SSLCertificateChainFile /etc/apache2/ssl/Thawte_DV_SSL_CA_Bundle.crt SSLCertificateFile /etc/apache2/ssl/example.crt SSLCertificateKeyFile /etc/apache2/ssl/private/example.key DocumentRoot /var/www/www.example.com/ </VirtualHost>
Install iftop sudo apt-get install iftop sudo iftop -n Install iptraf sudo apt-get install iptraf sudo iptraf Install Netdiag sudo apt-get install netdiag sudo netwatch -e eth0 -nt Install Nload sudo apt-get install nload Nload Install NetHogs sudo yum install nethogs -y sudo nethogs Install Bmon sudo apt-get install bmon bmon Install TCPTrack sudo apt-get install tcptrack
sudo vi /etc/bluetooth/main.conf change to: InitiallyPowered = false But that is not enough sudo apt-get install rfkill sudo vi /etc/rc.local add line: rfkill block bluetooth That should do it. If not sudo vi /etc/modprobe.d/blacklist.conf add lines: blacklist bluetooth blacklist btusb if not sudo vi /etc/init/bluetooth.override add line: manual
Assuming On a “remote.com” server that we will connect to from our LocalMachine 1) MySQL database named “database” 2) MySQL database is running on remote server “remote.com” 3) MySQL is running and listening on (standard) localhost:port “127.0.0.1:3306” 4) MySQL username “mysql_user_name” 5) MySQL password “mysql_password” 6) SSH must be listening on port 9999 7) SSH AllowUsers “ssh_user_name” 8) SSH password...
As usual, most of the how-to guides out there are too brief (I’m guilty) or apply to other distros: This works on Linux Debian 7 all-around, and this is a complete how to. It works. You just have to follow a very long thread. No A.D.D. here! We will create a Persistent Reverse SSH Tunnel between 2 machines using autossh....
Download Gunnar Wolf’s Debian Wheezy https://people.debian.org/~gwolf/ Also working: Ubuntu sudo dd if=ubuntu-oneiric-freescale.img of=/dev/mmcblk0 Android 4.3 sudo dd if=beta-11-dec-2013-i2.img of=/dev/mmcblk0 Not working: Debian Jesse sudo dd if=debian-jessi-4-july-2014.img of=/dev/mmcblk0 Copy to SDmicro sudo dd if=cubox.img of=/dev/mmcblk0 password for root is cubox-i #vi /etc/apt/sources.list #deb http://download.solid-run.com/pub/solidrun/cubox/repo/debian cubox main #deb-src http://download.solid-run.com/pub/solidrun/cubox/repo/debian cubox main vi /etc/network/interfaces auto lo iface lo inet loopback allow-hotplug eth0 iface...
I have had some problems getting backups (of VMs) to run on new Debian Desktop installations. Best practice seems to be as follows: sudo apt-get install dkms Use the latest from https://www.virtualbox.org/wiki/Linux_Downloads sudo vi /etc/apt/sources.list deb http://download.virtualbox.org/virtualbox/debian wheezy contrib deb http://http.debian.net/debian/ wheezy-backports main contrib wget -q https://www.virtualbox.org/download/oracle_vbox.asc -O- | sudo apt-key add – sudo apt-get update sudo apt-get install virtualbox-4.3
In a terminal type sudo apt-get install vim sudo update-alternatives –config editor Follow the instructions to choose vim.basic – your display will vary Debian Ubuntu Change Default Editor Nano VI Gedit at System Level sudo vi /etc/vim/vimrc uncomment line 20 – syntax on logout & login
Checklist of things to do after installing Debian Gnome The first problem you have with a brand new linux (Debian/Ubuntu) install is the user is not setup in sudoers. So first thing: login as root su sudo adduser username sudo sudo vi /etc/sudoers give permissions to your new user – below root username ALL=(ALL:ALL) ALL alternately – unsecure username ALL=(ALL)...
Linux Directory Rules rsync -vaz ~/qwerty ~/mydir CREATES a /qwerty directory under the ~/mydir directory COPIES the DIRECTORY and CONTENTS of the ~/qwerty directory into this newly created directory Without a trailing slash / it means “COPY THE DIRECTORY” rsync -vaz ~/qwerty/ ~/mydir Does NOT CREATE /qwerty directory COPIES the CONTENTS of the ~/qwerty directory to the mydir directory A...
Command of the Day :: You want to backup a remote machine (server) from a local (desktop) onto the local; type on local/desktop: sudo rsync -azv -e "ssh -i /home/username/.ssh/id_rsa" username@server.seleads.com:/home/username/ /home/username/server_backup_on_local_desktop username@server.seleads.com:/home/username/ (this is the server login and directory being backed up) -i /home/username/.ssh/id_rsa (if you do not want to use password authentication – key is on local/desktop) ——————–...
Harden WordPress chown [username]:www-data find /var/www/html/DOMAIN -type d -exec chmod 755 {} \; find /var/www/html/DOMAIN -type f -exec chmod 644 {} \; chmod 440 /var/www/html/DOMAIN/*.php chmod 450 -R /var/www/html/DOMAIN/wp-admin chmod 450 -R /var/www/html/DOMAIN/wp-includes chmod 440 /var/www/html/DOMAIN/.htaccess chmod 766 /var/www/html/DOMAIN/sitemap.* chmod 770 -R /var/www/html/DOMAIN/wp-content/uploads chmod 770 -R /var/www/html/DOMAIN/wp-content/upgrade chmod 750 -R /var/www/html/DOMAIN/wp-content/plugins (You could put all that in a script for...
These commands will cause the kernel to drop clean caches, dentries and inodes from memory. To free pagecache: sudo sync echo 1 > /proc/sys/vm/drop_caches To free dentries and inodes: sudo sync echo 2 > /proc/sys/vm/drop_caches To free pagecache, dentries and inodes: sudo sync echo 3 > /proc/sys/vm/drop_caches As this is a non-destructive operation, and dirty objects are not freeable, the user should run...
Netfilter (aka iptables) is how you stop any intrusions. As an example, PSAD can recognize attack patterns, but it is Netfilter that is then used to stop any communcations from getting a response. In otherwords, Netfilter can be told to ignore incoming requests; essentially making the server unreachable.