Script to Update and Upgrade #! /bin/bash chmod 700 /usr/bin/apt-get chmod 700 /usr/bin/aptitude chmod 700 /usr/bin/dpkg swapoff -a chown username:username /home/username/* chmod 700 /home/username/* apt-get update && apt-get upgrade –show-upgraded -y Script to End session and Harden some critical files #! /bin/bash swapon -a chmod 000 /usr/bin/apt-get chmod 000 /usr/bin/aptitude chmod 000 /usr/bin/dpkg find /home/username/ -size 0 -exec rm '{}'...
sudo tail -f /var/log/apache2/other_vhosts_access.log | grep “404”
Delete all matching lines containing a string :g/46.223.1./d Replace all matching text in a file :.,$s/wrong/right/
When it comes to manipulating files, you can do almost anything with GREP SED AWK VI and FIND (and I’m a novice). My notes (taken from far more capable individuals online than I. Thank you all for the education.) File manipulation using AWK, GREP, SED, FIND, VI AWK AWK to extract IPs from logs Lists of IPs from log file...
Rsync Installation Instuctions sudo apt-get install rsync sudo vi /etc/rsyncd.conf copy into rsyncd.conf motd file = /etc/rsyncd.motd path = /home/username comment = This is the path to folder on the server uid = nobody gid = nobody read only = false auth users = username secrets file = /etc/rsyncd.scrt change username/servername sudo vi /etc/rsyncd.motd any message you want sudo vi...
Enter at the prompt $ bash If command not found error, install BASH # pkg_add -r -v bash Now find where BASH is installed $ which bash You should see (Ubuntu) /bin/bash Change shell to BASH $ chsh -s /bin/bash username username is your User Name You should see: Password: Provide your login password You’ll need to logout (exit) and...
Users and Groups Users are located in /etc/passwd Groups are located in /etc/group The administrative ROOT account is disabled by default in Ubuntu . If you wish to enable the root account, simply give it a password by typing sudo passwd To disable the root account sudo passwd -l root The initial user created by the Ubuntu installer is a...
Customize apache2 other_vhosts_access.log format so fail2ban can use it. sudo vi /etc/apache2/apache2.conf On line 255 insert LogFormat “%t %v:%p %h %l %u \”%r\” %>s %O \”%{Referer}i\” \”%{User-Agent}i\”” fail2ban Comment out the following line #LogFormat “%v:%p %h %l %u %t \”%r\” %>s %O \”%{Referer}i\” \”%{User-Agent}i\”” vhost_combined sudo vi /etc/apache2/conf.d/other-vhosts-access-log change the end of the line (or duplicate and comment out) as...
Changing banaction to ROUTE worked, while IPTABLES-ALLPORTS failed with error No Host Found 2014-09-26 10:55:24,662 fail2ban.filter : ERROR No ‘host’ found in ‘113.71.191.49 – – [ +0000] “GET /phpMyAdmin/scripts/setup.php HTTP/1.1” 500 833 “-” “-” ‘ using ‘‘ [apache-phpmyadmin-access] enabled = true #banaction = iptables-allports banaction = route port = http,https filter = apache-phpmyadmin-access logpath = /var/log/apache2/access.log maxretry = 0 #...
How To see all services available, type in terminal; sudo service –status-all How To see all services running and ports, type in terminal; sudo netstat -plunt How To remove a service from startup at boot sudo update-rc.d -f [service] remove How To enable a service to run on boot sudo update-rc.d [service] defaults
sudo vi /etc/php5/apache2/php.ini error_reporting = E_ALL | E_STRICT error_log = /var/log/php_errors.log You must create the (log) file manually touch /var/log/php_errors.log chown www-data: /var/log/php_errors.log chmod +rw /var/log/php_errors.log
On Client sudo vi /etc/ssh/ssh_config add line ServerAliveInterval 100 On Server sudo vi /etc/ssh/sshd_config add lines ClientAliveInterval 30 TCPKeepAlive yes ClientAliveCountMax 99999 From command line per session ssh -o ConnectTimeout=10 ssh -o ConnectTimeout -o BatchMode=yes -o StrictHostKeyChecking=no ServerAliveInterval operates on the ssh layer. It will actually send data through ssh, so the TCP packet has encrypted data in and a...
Wireshark on Debian Privileges and Setup for non-Root User