Simplify Changing Directory November 22, 2010
Posted by networknuts in Uncategorized.add a comment
Video on Network NUTS YouTube channel showing “how to simplify changing the directories”.
http://www.youtube.com/watch?v=JXujKom9iSU
God Bless.
Hiding APACHE version from Hackers !! September 2, 2010
Posted by networknuts in Uncategorized.Tags: alok srivastava, apache, apache configuration, hacking apache, hardening apache, linux delhi, linux training delhi, linux training india, networknuts, redhat, redhat linux, redhat training delhi, rehdat india, rhce, rhce delhi, rhce india, rhcss, rhcss delhi, rhcss india, securing apache, www.networknuts.net
add a comment
HEAD / HTTP / 1.0 <enter><enter>
Using telnet to get APACHE version
ServerSignature on to ServerSignature offServerTokens OS to ServerTokens Prod
service httpd restart
Secured Apache by hiding its version
Hack to protect sendmail advertising its version August 31, 2010
Posted by networknuts in Uncategorized.Tags: changing sendmail banner, hiding sendmail identity, linux delhi, linux hacks, linux training, linux training in india, linux training institutes, linux tutorials, networknuts, redhat delhi, redhat india, rehdat training, rhce, rhce delhi, rhce india, rhce training, rhcss, rhcss delhi, rhcss india, rhcss training, securing sendmail, sendmail
add a comment
Sendmail showing its identity to world
Changing sendmail identity.
service sendmail restart
Sendmail Identity Hidden from Outside world
Using NMAP for Ping Sweep and OS Detection August 30, 2010
Posted by networknuts in Uncategorized.Tags: alok srivastava, best training institute, linux blog, linux delhi, linux training, linux videos, networknuts, nmap, nmap tutorial, redhat, redhat india, rhce, rhce delhi, rhce india, rhcss, rhcss delhi, rhcss india, using nmap
2 comments
yum install nmap
nmap -sP 172.24.0.*
Ping Sweep in action
nmap -O 172.24.0.*
OS Detection using nmap
Bash Shell script to check the existence of a file under your linux filesystem August 3, 2010
Posted by networknuts in Uncategorized.Tags: rhce, rhcss, rhce india, Network NUTS, rhcss delhi, rhce delhi, rhcss india, linux delhi, redhat linux, redhat, linux training, shell scripting, delhi linux, training, bash shell scripting, rhcva
1 comment so far
Here is a very small but useful shell script that will check the existence of a file and report accordingly.
#!/bin/bash
#by alok srivastava
#check the existence of a file under your filesystem
#this bash shell script use "positional parameters"file=$1
[ $# -eq 0 ] && { echo "Usage: $0 filename"; exit 999; }
if [ -f $file ];
then
echo "YES - File $file exists."
else
echo "NO - File $file does NOT exists."
fi
It can be very useful while creating more complex bash shell scripts.
Here is a sample execution shown for your reference:
Super Fast “su” July 18, 2010
Posted by networknuts in Uncategorized.Tags: best redhat partner, networknuts, rhce, rhce delhi, rhce india, rhce training, rhcss, rhcss delhi, rhcss india, su, su -c, su command, what is su
1 comment so far
su – -c “fdisk -l”
- super fast su command
Create your own bootsplash image July 11, 2010
Posted by networknuts in Uncategorized.add a comment
Latest video by Network NUTS showing how to create your own bootsplash image.
IPT_RECENT with IPTables July 8, 2010
Posted by networknuts in Uncategorized.Tags: connection limit using iptables, iptables, iptables tutorials, ipt_recent, ipt_recent module, linux delhi, networknuts, rhce, rhce delhi, rhce india, rhce training, rhce tutorials, rhcss, rhcss delhi, rhcss india, rhcss training
add a comment
Well you know that iptables can be configured to block or allow certain hosts for certain services. That is fairly simple.
But we have a problem… ???
Suppose you have allowed SSH access to certain hosts (say x.x.x.x) and denied SSH access to certain hosts (say y.y.y.y) using iptables.. well that is done, no problem. But what will happen if hosts on y.y.y.y network spoof their IP’s to x.x.x.x range and then try to break in using some password cracking applications.
In the case iptables will simple give service to illegitimate hosts. OR another situation is — someone on x.x.x.x is trying to break the password using hit and trial or using some application. In the later case, even iptables will allow that hosts from x.x.x.x range the service prompt everytime he is trying to get in. 
Now this is DANGEROUS !! 
What is the solution ??
The solution is to use “IPT_RECENT” module with iptables. 
By using IPT_RECENT module with iptables you can restrict ANY IP for ANY SERVICE if the number of wrong hits exceeds your defined limit.
So, if a illegitimate user even from the allowed range x.x.x.x is trying to break in using some password breaking software, he will not be able to succeed. As after the certain number of “MISS HITS” his IP will be automatically PICKED by the iptables as a HOSTILE HOST and that service will automatically be BLOCKED for that HOST.
That’s enough talking…. now lets see how to configure IPT_RECENT with IPTables.
STEP #1 – Download IPT_RECENT module (it usually comes in tarball). You can download it from link given.
http://www.snowman.net/projects/ipt_recent/ipt_recent-0.3.1.tar.gz
STEP #2 – Gunzip the tarball
gunzip ipt_recent-0.3.1.tar.gz
STEP #3 - Extract the .tar file
tar -xvf ipt_recent-0.3.1.tar
STEP #4 – Load the module using modproble command
modprobe ipt_recent
STEP #5 - Configure the IPTables
iptables -N SSH_CHECK
iptables -I INPUT -p tcp –dport 22 -m state –state NEW -j SSH_CHECK
iptables -I SSH_CHECK -m state –state NEW -m recent –set –name SSH
iptables -I SSH_CHECK -m state –state NEW -m recent –update –seconds 60 –hitcount 4 –name SSH
iptables -I SSH_CHECK -m state –state NEW -m recent –rcheck –seconds 60 –hitcount 4 –name SSH -j DROP
STEP #6 - Save your configuration
service iptables save
STEP #7 - Reload the IPT_RECENT module
modprobe ipt_recent
STEP #8 - Make IPT_RECENT active after reboots. Put the entry in /etc/rc.d/rc.local file
modprobe ipt_recent
JOB IS DONE!!!
Enjoy your Intelligent Defense System.
God Bless.
VNC Server Configuration June 27, 2010
Posted by networknuts in Uncategorized.add a comment
VNC Server Configuration and concept explained in the latest topic on Network NUTS Forum.
http://networknuts.net/phpBB3/viewtopic.php?f=3&t=297&sid=e88a228584a71c21b14a926294ee61c9
DNS Round Robin Configuration. June 21, 2010
Posted by networknuts in Uncategorized.Tags: apache load balancing, dns, dns load balancing, dns round robin, linux, linux delhi, linux tutorials, networknuts, rhce, rhce delhi, rhce india, rhce tutorials, rhcss, rhcss delhi, rhcss india, rhcss tutorials, www.networknuts.net
add a comment
If you are hosting a popular site, you will face a problem in which your server simply can’t serve any more requests.
In the web server world, this is called the Slashdot effect.
One way to overcome the limits of the monolithic server is to distribute the load across many machines. By adding a second (or third) server to the available pool of machines, you can not only increase performance but also add to the stability of the network. If you have a hot spare (or three) running all of the time, then if one develops trouble, the others can take over for it without any downtime.
The easiest way to distribute the load of public traffic is to use the magic of round-robin DNS, inbound requests to a single host name can be directed to come from any number of IP addresses.
We use this in the zone file for our network zone “networknuts.net”:
www 60 IN A 172.24.0.254
www 60 IN A 172.24.0.111
Now, when a hosts looks up www.networknuts.net in DNS, about half of the time they will see:
$ host www.networknuts.net
http://www.networknuts.net has address 172.24.0.254
http://www.networknuts.net has address 172.24.0.111
(172.24.0.254 and 172.24.0.111 are my name-servers hosting http://www.networknuts.net)
and the rest of the time, they get:
$ host www.networknuts.net
http://www.networknuts.net has address 172.24.0.111
http://www.networknuts.net has address 172.24.0.254
Check the video of this post at -
God Bless.
