Monday, October 18, 2010

Monitor all Network Traffic Except Your Current ssh Connection 

$ tcpdump -i eth0 -nN -vvv -xX -s 1500 port not 22

       Or to filter out port 123 as well getting the full length of the packet
       (-s 0), use the following:

           $ tcpdump -i eth0 -nN -vvv -xX -s 0 port not 22  and port not 123

       Or to filter only a certain host say 192.168.158.205

           $ tcpdump -i eth0 -nN -vvv -xX  port not 22 and host 192.168.158.205

     Just want ip addresses and a little bit of data, then,
     use this. The "-c 20" is to stop after 20 packets.

           $ tcpdump -i eth0 -nN  -s 1500 port not 22 -c 20

     If you're looking for sign of DOS attacks, the following show just the SYN
     packets on all interfaces:

           $ tcpdump 'tcp[13] & 2 == 2'
Posted by at No comments:

Speed up SSH

Try setting up ssh client with compression and use arcfour/blowfish encryption instead. Also avoid ipv6 lookup and reuse connections using
socket:
Add below to ~/.ssh/config
Host *
Ciphers arcfour,blowfish-cbc
Compression yes
AddressFamily inet
ControlMaster auto
ControlPath ~/.ssh/socket-%r@%h:%p
Posted by at No comments:

Friday, October 15, 2010

Install your own git server on Cent OS / RHEL /Fedora

i386:
rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
x86_64:
rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-3.noarch.rpm
As root run this command:
yum install git
Next I’m going to setup a new repository and make it accessible over ssh:
mkdir /home/rajat/repo #create directory for new repository
cd /home/rajat/repo
git init
We’ll create a dummy file to get started. If you trying to clone (checkout) an empty git repository, you’ll just get errors:
touch firstfile
Add all files in this directory to your git repository:
git add .
Commit the changes you’ve made to the repo:
git commit
Next we’ll create a clone of the repo and configure it to be public:
cd /home/rajat
git clone --bare ./repo repo.git
touch  repo.git/git-daemon-export-ok
you can copy your repo.git directory to where you want to make the repo public
Now we want to checkout a copy of the new repository from a different server.
git clone ssh://yourserveraddress/home/rajat/repo.git
You should now have a new directory labeled repo which contains the file ‘firstfile’
To add a new file to the repo:
cd repo
touch secondfile
git add .
git commit
Now we want to submit the changes back to the git server:
git push
You’ll be prompted for your password.
:)
Posted by at 2 comments:

Linux / UNIX Delete or Remove Files With Inode Number


An inode identifies the file and its attributes such as file size, owner, and so on. A unique inode number within the file system identifies each inode. But, why to delete file by an inode number? Sure, you can use rm command to delete file. Sometime accidentally you creates filename with control characters or characters which are unable to be input on a keyboard or special character such as ?, * ^ etc. Removing such special character filenames can be problem. Use following method to delete a file with strange characters in its name:
Please note that the procedure outlined below works with Solaris, FreeBSD, Linux, or any other Unixish oses out there:

Find out file inode

First find out file inode number with any one of the following command:
stat {file-name}
OR
ls -il {file-name}

Use find command to remove file:

Use find command as follows to find and remove a file:
find . -inum [inode-number] -exec rm -i {} \;
When prompted for confirmation, press Y to confirm removal of the file.

Delete or remove files with inode number

Let us try to delete file using inode number.
(a) Create a hard to delete file name:
$ cd /tmp
$ touch "\+Xy \+\8"
$ ls
(b) Try to remove this file with rm command:
$ rm \+Xy \+\8
(c) Remove file by an inode number, but first find out the file inode number:
$ ls -ilOutput: 
981956 drwx------  3 rajat admin 4096 2010-10-15 15:05 gconfd-viv
981964 drwx------  2 rajat admin 4096 2010-10-15 15:05 keyring-pKracm
982049 srwxr-xr-x  1 rajat admin    0 2010-10-15 15:05 mapping-viv
981939 drwx------  2 rajat admin 4096 2010-10-15 15:31 orbit-viv
981922 drwx------  2 rajat admin 4096 2010-10-15 15:05 ssh-cnaOtj4013
981882 drwx------  2 rajat admin 4096 2010-10-15 15:05 ssh-SsCkUW4013
982263 -rw-r--r--  1 rajat admin    0 2010-10-15 15:49 \+Xy \+\8
Note: 982263 is inode number.
(d) Use find command to delete file by inode:
Find and remove file using find command, type the command as follows:
$ find . -inum 982263 -exec rm -i {} \;
Note you can also use add \ character before special character in filename to remove it directly so the command would be:
$ rm "\+Xy \+\8"
If you have file like name like name "2009/12/31" then no UNIX or Linux command can delete this file by name. Only method to delete such file is delete file by an inode number. Linux or UNIX never allows creating filename like 2009/12/31 but if you are using NFS from MAC OS or Windows then it is possible to create a such file.



Posted by at No comments:
Subscribe to: Posts (Atom)