Making Sudo work Smart!! – sudo without password prompt May 25, 2010
Posted by networknuts in Uncategorized.Tags: linux delhi, linux india, linux training, linux video, networknuts, networknuts.net, rhce, rhce delhi, rhce video, rhcss, rhcss delhi, rhcss training, rhcss video, sudo, sudo command
1 comment so far
This is a Video that shows how to configure sudo in such a manner that it should not prompt the user to enter the password again.
For a text version of this post, please visit
www.networknuts.net
God Bless
Shell Script taking Time bound Input !! May 13, 2010
Posted by networknuts in Uncategorized.Tags: linux shell scripting, Network NUTS, networknuts.net, rhce delhi, rhce india, rhcss india, shell scripting, shell scripting course, shell scripting course delhi, shell scripting delhi
add a comment
Here is a simple shell script that will take the input from user keyboard and displays it on the screen. But the idea is not that!!!
Idea is to show you, how to take “time bound” input for sensitive information.
vim timed_read.sh
and here is the script…
#!/bin/bash
#alok srivastava
#taking time bound inputTIMEOUTLIMIT=4 # 4 seconds of wait
echo “type something “
read -t $TIMEOUTLIMIT first <&1
echoif [ -z "$first" ]
then
echo “timed out.. sorry”
else
echo “you typed $first”
fiexit 0 # exit clean
When you execute this script using “sh time_bound.sh” and give some input within the time frame of 4 seconds it will be displayed.. else the script will exit cleanly after waiting for 4 seconds. As shown:
Output of above Script
God Bless.
Making Directory Listing – Make Sense !! March 28, 2010
Posted by networknuts in 1.Tags: linux delhi, networknuts.net, redhat, redhat linux, rhce, RHCE COURSE, rhce delhi, rhce india, rhce video, rhcss, rhcss delhi, rhcss india, rhcss video, www.networknuts.net
add a comment
Normally when we give “ls -l” command or “ll” command it shows us all the files and directories in alphabetic order.
Sometimes it will be pain in the neck, if you are looking for a directory or looking for file. (as it will show you both)
There is as such no command available (to my knowledge) which will show you directories only and files only, as per your specification.
But we can do a SMALL tweak, to make our job easier.
Here is the command to view directories only :
ls -l | egrep '^d'
And, here is the command to view files only :
ls -l | egrep -v '^d'
You can also create some alias for these big command, as it is not practically good to write the same code again and again
alias llf="ls -l | egrep -v '^d'"
alias lld=ls -l | egrep '^d'"
You can always use “.bash_profile” file to make these aliases permanent.
PS: Check out – http://www.youtube.com/user/networknutsdotnet
for video of this small trick.
For more tips and trick on linux – www.networknuts.net
God Bless.
Intelligent DEfence Activation – IDEA January 27, 2010
Posted by networknuts in 1.Tags: automatically blocking hosts, blockhosts, denyhosts, how to block hostile hosts automatically, linux, networknuts.net, redhat linux, rhca, rhca in india, rhce, rhce in delhi, rhcss, rhcss in delhi
add a comment
Be prepare to read the whole post… don’t SKIP lines or words.
Normally for securing our machine against hostile machines, we need to check our log files periodically (like /var/log/secure) and then add those hostile machines manually into the TCP-WRAPPER or IP-Tables. This can be a pain in the neck.
This is how we traditionally secure our machines.
STEP #1. Check the log files (/var/log/secure) periodically.
STEP #2. Manually update the firewall or TCP-Wrapper for the illegal hosts or Ips.
Problem: Cannot be updated timely and may result in a compromise. Attacker may tries to intrude using some other service. Attacker may change IP, in that case your IPTables or TCP-WRAPPER will of no use.
Your wish!!!!!
WISH #1. My server should be able to track attacker IP.
WISH #2. My server should be able to block attacker IP, automatically.
WISH #3. My server should secure itself, automatically, from any attack from attacker IP.
All your wishes will comes true — you can use a small application named – BLOCKHOSTS for this purpose.
Lets first see how BLOCKHOST works:
Someone do ssh with wrong not allowed –> Event is logged in /var/log/secure –> blockhosts will check the log file for number of failed events –> If number of failed events exceeds above limit –> That hosts IP will be catch by blockhosts –> Put that hosts entry in TCP-Wrapper and Iptables to block any further communication, for a time period.
STEP #1. Download the latest version of blockhosts from:
STEP #2. Install the RPM
STEP #3. Configure the main configuration file /etc/blockhosts.cfg. Here are some common options that need to be configured for making blockhosts work for you.
Tell the blockhosts which file need to be updated for using TCP-WRAPPER, normally it will be /etc/hosts.allow
vim /etc/blockhosts.cfg
Under [common] section edit or activate this line:
HOSTS_BLOCKFILE = "/etc/hosts.allow"
Under [filters] section edit or activate these lines:
COUNT_THRESHOLD = 3
by this you had told blockhosts that block any host if the number of failed attempts exceeds 3
AGE_THRESHOLD = 1
by this you had told blockhosts that the denied host will not be allowed to communicate for next 1 hour
WHITELIST = [ "x.x.x.x" ]
by this you can tell blockhosts that these range of IP’s will never be blocked irrespective of how many number of failed attempts.
BLACKLIST = ["x.x.x.x" ]
by this you can tell blockhosts to block these IP’s permanently.
Under [blockhosts] section edit or activate these lines:
LOGFILES = [ "/var/log/secure", ]
by this line you had just told blockhosts to keep checking /var/log/secure (records SSH events) for failed attempts. You can also enable other lines as per your wishes.
SAVE and EXIT.
You had just configured the blockhosts as per your preferences.
Now its the time to activate the blockhosts for checking and blocking hostile machines automatically.
STEP #4. Edit /etc/hosts.allow file for blockhosts. Add these lines under /etc/hosts.allow
#-----Blockhosts Additions
#-----Blockhosts Additionssshd, proftpd, vsftpd: ALL: spawn /usr/bin/blockhosts.py \
--echo %c-%s --ipblock=iptables \
--whitelist="127.0.0.1" --blacklist="172.24.0.13"
PS: please replace 172.24.0.13 with the IP you wish to blacklist as per your network.
STEP #5. START the blockhosts.
blockhosts.py --verbose
this will make blockhosts reading your /var/log/secure file and trapping the hostile IP’s automatically. You can put this under cron to make blockhosts check periodically.
God Bless.
Managing SWAP in Linux January 20, 2010
Posted by networknuts in 1.Tags: best linux training, best linux training india, linux, managing swap, networknuts, networknuts.net, redhat delhi, redhat linux, rhce, RHCE in India, rhcss delhi, rhcss india, swap linux, what is swap
add a comment
Here are some fundamental guidelines to manage your SWAP space in LINUX, more efficiently.
1. Try to create SWAP as your first partition on the HDD. HDD works on the concept of ZCAV (zonal constant angular velocity). So first
partitions are created at the outer edge of the HDD, thus having a higher IO speed than on a partition created low down the cylinder.
2. If given a choice to whether use a partition or file for SWAP. Choose dedicated partition. And that is too on the highest speed HDD
available.
3. When creating SWAP on the same HDD containing other mount points (like /var, /home etc). Always create SWAP next to (near to)
the partition having maximum IO (like in case of FTP server create it near /var) so HDD head movement will take LESS time moving to swap, thus reduce latency.
4. Choose the SWAP on faster HDD to be used first in comparison of the SWAP on a slow HDD. Edit your /etc/fstab file as shown to give
priorities to SWAP locations.
/dev/sda1 swap swap pri=4 0 0
/dev/sda2 swap swap pri=4 0 0
/dev/sdb4 swap swap pri=2 0 0
Kernel will use the /dev/sda1 and /dev/sda2 before using /dev/sdb4 as they are having higher priority of 4. In case two or more SWAP locations have equal priorities kernel will distribute visit in round robin.
God Bless.
RHCE exam for FREE (second attempt) December 5, 2009
Posted by networknuts in 1.Tags: free rhce exam, linux, networknuts.net, rhce, rhce delhi, rhce exam, rhce india
1 comment so far
This scheme is applicable only for those candidates who are registering for RHCE examination between Dec 5, 2009 and Feb 25, 2010 only.
The fee for 1st attempt during the scheme period is Rs. 10,500 only.
Candidates registering on or before Jan 31, 2010 and appearing for RHCE exam between Dec 5, 2009 and Jan 31, 2010 can avail re-attempt on RHCE exam FREE of COST
Candidates registering before Feb 20, 2010 and appearing for RHCE exam between Feb 1, 2010 and Feb 25, 2010 can avail re-attempt on RHCE exam at Rs.1999 only.
The last date for registration under the scheme is Feb 20, 2010
The last date for 1st attempt on RHCE exam under the scheme is Feb 25, 2010
Re-attempt exams would be conducted only between Mar 1, 2010 and Mar 31, 2010.
Please call Poonam @ 9312411592 for registrations and details.
Block Use of USB drives – Windows November 28, 2009
Posted by networknuts in 1.Tags: block usb in windows, mcse, mcse in delhi, networknuts, networknuts.net, windows
add a comment
Block usage of USB Removable Disks
To block your computer’s ability to use USB Removable Disks follow these steps:
1. Open Registry Editor.
2. In Registry Editor, navigate to the following registry key:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\USBSTOR
1. Locate the following value (DWORD):
Start and give it a value of 4.
Note: As always, before making changes to your registry you should always make sure you have a valid backup. In cases where you’re supposed to delete or modify keys or values from the registry it is possible to first export that key or value(s) to a .REG file before performing the changes.
2. Close Registry Editor. You do not need to reboot the computer for changes to apply.
Enable usage of USB Removable Disks
To return to the default configuration and enable your computer’s ability to use USB Removable Disks follow these steps:
1. Go to the registry path found above.
2. Locate the following value:
3. Start and give it a value of 3.
Take Care
Rajiv Singh Rathore – rajiv@networknuts.net
NOS for Firefox (make firefox speed 5x) November 11, 2009
Posted by networknuts in linux training in india, Red Hat, rhce, RHCSS.Tags: best redhat training, best rhce institute delhi, firefox, networknuts, networknuts.net, performance tuning, rhce delhi, rhce india, rhcss delhi
add a comment
Just fit the NOS in your firefox (The Fast and the Furious)
1. Open Firefox and in the address bar type about:config.
2. Click on “I’ll be careful, I promise“
3. Use the search bar above to look for network.http.pipelining and double click on it to set it’s value to True.
4. Create a new boolean value named network.http.pipelining.firstrequest and set that to True, as well.
5. Find network.http.pipelining.maxrequests, double click on it, and change its value to 8.
6. Look for network.http.proxy.pipelining and set it to True.
7. Create two new integers named nglayout.initialpaint.delay and content.notify.interval, set them to 0.
8. Restart your browser.
All done. You should feel the browser is 5x more responsive than before while navigating websites.
God Bless.
See you on TOP.
We are also in “facebook” search for “networknuts”
