Skip to main content

Posts

Showing posts from December, 2007

Swami Vivekananda

When I Asked God for Brain & Brown He Gave Me Puzzles in Life to Solve When I Asked God for Happiness He Showed Me Some Unhappy People When I Asked God for Wealth He Showed Me How to Work Hard When I Asked God for Favors He Showed Me Opportunities to Work Hard When I Asked God for Peace He Showed Me How to Help Others God Gave Me Nothing I Wanted He Gave Me Everything I Needed All that is real in me is God; all that is real in God is I. The gulf between God and human beings is thus bridged. Thus we find how, by knowing God, we find the kingdom of heaven within us. Are you unselfish? That is the question. If you are, you will be perfect without reading a single religious book, without going into a single church or temple. Be strong! … You talk of ghosts and devils. We are the living devils. The sign of life is strength and growth. The sign of death is weakness. Whatever is weak, avoid! It is death. If it is strength, go down into hell and get hold of it! There is salvati

SecureServer.sh

#!/bin/bash ########### SysCTL Hardening ######### # Disable ICMP routing redirects. Otherwise, your system could have its routing table misadjusted by an attacker sysctl -w net.ipv4.conf.all.accept_redirects=0 #sysctl -w net.ipv6.conf.all.accept_redirects=0 sysctl -w net.ipv4.conf.all.send_redirects=0 #sysctl -w net.ipv6.conf.all.send_redirects=0 #Disable IP source routing. The only use of IP source routing these days is by attackers trying to spoof IP addresses that you would trust as internal hosts. sysctl -w net.ipv4.conf.all.accept_source_route=0 sysctl -w net.ipv4.conf.all.forwarding=0 # sysctl -w net.ipv4.conf.all.mc_forwarding=0 #Enforce sanity checking, also called ingress filtering or egress filtering. The point is to drop a packet if the source and destination IP addresses in the IP header do not make sense when considered in light of the physical interface on which it arrived. sysctl -w net.ipv4.conf.all.rp_filter=1 #Log and drop "Martian" packets. A "Ma

Limit number of Shell logins by a USER or GROUP

To limit multiple Shell login by the same user on a Linux box you have to set a maximum number of logins in /etc/security/limits.conf for a user or a group. For example: # groupadd salesgroup # useradd -G salesgroup salesman1 # useradd -G salesgroup salesmanager # echo "@salesgroup - maxlogins 10" >> /etc/security/limits.conf # echo "salesman1 - maxlogins 5" >> /etc/security/limits.conf Here the group salesgroup can make a maximum of 10 logins at a time. And the user salesman1 is limited to 5 simultaneous logins.

Starting httpd: execvp: No such file or directory [FAILED]

I downloaded the source for the latest Apache HTTP and installed it 1. ./configure --enable-so 2. make 3. make install When I ran # /usr/local/apache2/bin/apachectl start it was fine. But it began to show errors when I tried to run # /etc/init.d/httpd start My /etc/init.d/httpd is as follows . /etc/rc.d/init.d/functions case "$1" in start) echo -n "Starting httpd: " daemon httpd -DSSL echo touch /var/lock/subsys/httpd ;; stop) echo -n "Shutting down http: " killproc httpd echo rm -f /var/lock/subsys/httpd rm -f /usr/local/apache2/logs/httpd.pid ;; status) status httpd ;; restart) $0 stop $0 start ;; reload) echo -n "Reloading httpd: " killproc httpd -HUP echo ;; *) echo "Usage: $0 {start|stop|restart|reload|status}" exit 1 esac exit

How to Disable Alt+Ctrl+Bksp and Ctrl+Alt+Function Keys

System administrators should be aware that now there is the ability to turn off switching to text mode virtual terminals via CTL-ALT-FunctionKey. This can come in handy when locking down a system (such when a Linux box is used as a kiosk) when used in conjunction with disabling CTL-ALT-BKSP (forceful kill of the X server). To do this, edit your /etc/X11/XF86Config or /etc/X11/xorg.conf and add the following: Section "ServerFlags" # prevent the use of CTL-ALT-F1, etc Option "DontVTSwitch" "On" # prevent the use of CTL-ALT-BKSP Option "DontZap" "On" EndSection Here the Vitrual Consoles can be locked in /etc/inittab also Open /etc/inittab and comment the following 1:2345:respawn:/sbin/mingetty tty1 2:2345:respawn:/sbin/mingetty tty2 3:2345:respawn:/sbin/mingetty tty3 4:2345:respawn:/sbin/mingetty tty4 5:2345:respawn:/sbin/mingetty tty5 6:2345:respawn:/sbin/mingetty tty6 You can shift the Virtual Consoles from Alt+Ctrl+F1