Greetings,

If you are getting 444 Script or Action Blocked error then it seems to be some problem with your php script. but forst question comes to your mind is that what is securephpx?

Well, SecurePHPx is a preload checker on the PHP scripts to block malicous scripts or urls that was used to attack the PHP pages, which we designed and created ourselves on the servers.

Ti fix this you have to add domain to SecurePHPx whitelist by editing the file /usr/lib/php/php_whitelist. Just enter the domain in this file once with www & once without www.

Enjoy..

The Apache module is intended to reduce the load on your server & bandwidth generated by virtual hosts, directories, locations, or users according to supported polices that decide when to delay or refuse requests. Also mod_throttle can track and throttle incoming connections by IP address or by authenticated remote user.

Every request go though 4 levels of throttling

– Client’s IP address

– Remote username

– Local user ID

– Directory/Server/Location

In order to install mod_throttle on the server, please login into your SSH with root login,

1) Please go to the directory

– cd /usr/src

– wget http://www.snert.com/Software/mod_throttle/mod_throttle312.tgz

– tar -zxvf mod_throttle312.tgz

2) Go to the directory

– cd mod_throttle-3.1.2

3) Edit the file as

– vi  Makefile

And change it to read:

APXS=/usr/local/apache/bin/apxs

Save the file and

4) Run following commands in order to install it

– make

– make install

5) Restart apache service on the server.

6) In order to check the throttling for any domain you will have to insert a ThrottlePolicy and output location as” Location /output ” in it’s Virtual host entry, just before the line .

And you can check results or output at — http://domainname/output.

Hello Guys,

If you are using a bash shell then using following command you can set the time in history so that you will get a better idea at what time the command was fired.
HISTTIMEFORMAT=”%D %T ”

If you have ksh doesn’t have any feature intended to put timestamps in history. You can get a similar effect by combining the evaluation of the PS1 prompt and the “read -s” feature that reads into history.

PS1=’$(printf “%(# %D %T )T” | read -s)$ ‘

This prompt setting will put the current date and time into the history each time ksh comes back to printing a prompt. The timestamp will appear as a separate line. It will show the time that the preceeding command completed. You won’t be able to know exactly when a long-running command was started. (The bash timestamp feature shows the start times of entered commands and doesn’t show when they finish.)

You can also try following step.

HST=`hostname`
USR=`who -um | awk ‘{print $1}’`
NAME=`whoami`# Set History File
HISTFILE=/home/root/.sh_history_”${HST}”_”${USR}”-as-”${NAME}”_`date +%y%m%d.%
H%M%S_$$`
export HISTFILE

Thats it.

Enjoy..

Hi Friends,

Hacker the first inpression comes to our mind is the computer criminal sitting at some unkknown location and fetching or destrying our important data. Most people straightway start associating the term Hackers with computer criminals or people who cause harm to systems, release viruses and so on. In reality, that is not true at all!

Hackers are actually good, pleasant and extremely intelligent people, who by using their knowledge in a constructive manner help organizations to secure documents and company secrets, help the government to protect national documents of strategic importance and even sometimes help justice to meet its ends by ferreting out electronic evidence. Rather, these are the people who help to keep computer criminals on the run.

On the other hand, crackers are the real bad guys or the criminals who indulge in cyber crime, deface websites, release viruses, steal credit card numbers and create havoc on the Internet.

If everybody who uses the Internet understood its risks, if everybody who uses the Internet understood how the computer criminals work, if everybody who uses the Internet understood the tools and techniques already known to the bad guys, then the Internet would be a much safer place to be in. Wouldn’t Internet users be able to better protect their data and systems if they were more aware of how computer criminals work? If we are able to learn and understand how someone can break into our system, then wouldn’t we fix the loopholes even before the cracker strikes? All I want to say is that instead of being resentful and afraid of fire, it would be much better if we learn to live with fire. Let us fight fire with fire itself! We manufacture knives every single day. A knife in the hands of a murderer can take lives, but the same knife in the hands of a surgeon can save lives! So just because there is a risk of a knife being misused by murderers, that does not mean that we should stop manufacturing knives.

Thats why learn how to hack but do not missuse your talent.
Enjoy..

cheap web hosting

Refer to the following link for safeguarding your server against dDOS attakcs….

http://forums.rackshack.net/showthread.php…?threadid=29673

Maintaing the kernel Security is one of the important task in Sys.Admin especially against the hackers. So friends following are some of the tips which will help to manage the kernel security through /proc pseudo-filesystem, Quite a few files /proc/sys are directly related to security. The parameter just need to have a flag(boolean value) set.

Enabled if contains a 1 and disables if contains 0 , Many of the options are under /proc/sys/net/ipv4

Such as ..

icmp_echo_ignore_all : Ignore all ICMP ECHO requests ( Ping Request)

ip_forward : Enables or disables the forwarding of IP packets between interfaces depending on the kernel is configured as a host or router.

For example just take a look at this command.

echo “0″ > /proc/sys/net/ipv4/icmp_echo_ignore_all

The above command will deny all the ping request on the server.

The command sysctl -A will show the kernel configuration parameters set on the server, Basically the command reads the configuation file /etc/sysctl.conf after each reboot.

Caution !! Don’t try this with other parameters which you are not aware of. Otherwise the results maybe a KERNEL PANIC…

Deleted files recovery howto
Undeleting files on the Linux ext2 filesysten with debugfs and e2undel
written by Oliver Diedrich (e2undel@users.sourceforge.net)

This text describes the steps needed do recover the data of a file that was recently deleted. It is neither a complete usage instruction for the e2undel and debugfs tools nor does it explain the backgrounds of file undeletion on the ext2 filesystem.

The first steps
First of all: Immediately unmount the file system the deleted file was located on. This minimizes the risk that the data of the deleted file are overwritten while taking steps to recover them. All data written to the file system containing the deleted file - either by you or by any other process running on your machine - might overwrite some of the data you want to recover!

If you can’t unmount the file system, e.g. because the deleted file was located on your root file system, you should consider to shut down the computer, remove the hard drive and put it into another Linux machine. Probably, you will have to compile and install some software, such possibly destroying the data you want to recover.

I strongly suggest this option if either the deleted data are so important that you don’t want to take any unnecessary risk to loose them, or if the file system has very few unused space available (less then 20 percent or less than 100 MByte), or if the file is larger than 48 kByte: If few free space is available on the file system, ext2 might choose to store new data in areas that were recently used by deleted files; and if the file is larger than 48 kBytes, its data may be distributed across the file system, such enhancing the risk of overwriting parts of the deleted data with new files. It is your decision; but you have been warned.

If you are in the very unpleasant situation that you neither can use your system without the file system containing the deleted file nor have another Linux machine available, I strongly suggest to create a RAM disk to build and install the necessary software. With kernel 2.4, it is quite easy: Just do a mount tmpfs /mnt -t tmpfs. This will create a dynamically growing RAM disk on directory /mnt.

Using debugfs
Especially if you can’t unmount the file system containing the deleted data, debugfs is a less comfortable, but usable alternative if it is already installed on your system. (If you have to install it, you can use the more comfortable e2undel as well.) Just try a

/sbin/debugfs device
Replace device by your file system, e.g. /dev/hda1 for the first partition on your first IDE drive. At the “debugfs:” prompt, enter the command
lsdel
After some time, you will be presented a list of deleted files. You must identify the file you want to recover by its owner (2nd column), size (4th column), and deletion date. When found, you can write the data of the file via
dump filename
The inode_number is printed in the 1st column of the “lsdel” command. The file filename should reside on a different file system than the one you opened with debugfs. This might be another partition, a RAM disk or even a floppy disk.

Repeat the “dump” command for all files that you want to recover; then quit debugfs by entering “q”.

Using e2undel
e2undel works in a similar way, using the same deleted file detection routines, but provides a somewhat friendlier user interface and some additional help to identify the files you want to recover.

Building e2undel
Download the sources from sourceforge.net/projects/e2undel. Don’t save the tgz file found there on the file system with the deleted file! (You should have unmounted it, do you remember?) Use a different file system or a RAM disk.

Now build e2undel: Untar the tgz file (tar xzf e2undel-nnn.tgz), change to the resulting e2undel directory, and do a simple make in that directory. If erverything works fine, this will result in an executable e2undel binary. Again, even if it annoys you, this old warning about file systems containing deleted files that are not unmounted (just skip to the next paragraph if you are not concerned): Building the program will create some object files in the e2undel directory and some temporary compiler files in /tmp. Each of these files could overwrite the data you want to recover…

If the compiler complains about missing header files or unknown variable types, you probably lack the e2fsprogs include files. They usually are included in your Linux distribution, hidden in a package named e2fsprogs-devel, ext2fs-devel or something similar. Simply install this package from your distribution, or from the web. Attention: This rpm will install a lot of files in your /usr file system.

If this does not not work for you not or your system is not rpm based, you have to download the source code of Ted Ts’o’s Ext2 Filesystem Utilities, untar the tgz file, build and install at least the ext2fs library contained within, and change the path to the ext2 related header files in e2undel’s e2undel.h file. Attention: Just the tgz file contains about 1000 files, summing up to 6 MByte (without even having started the compiler). If you have to install and build the ext2fs library on the file system containg your deleted file: This is the point you seriously should think about doing all the build stuff on another machine.

Starting e2undel
The synopsis of e2undel is

e2undel -d device -s path [-a] [-t]
-d: file system where to look for deleted files (e.g., /dev/hdb1 for the 1st partition on the 2nd IDE drive)
-s: directory where to save undeleted files
-a: work on all files, not only on those listed in undel log file
-t: try to determine type of deleted files w/o names, works only with -a

The -a option always must be given in your situation, and the -t option will help you a lot in finding the files you want to recover.

An example
Suppose, your system uses two partitions, one (let’s say, /dev/hdb5) is mounted on /, the other one (let’s say, /dev/hdb6) is mounted on /home. You as user foo just deleted a file in your home directory and noticed your error. You have logged out, logged in as root and unmounted the /home partition.

e2undel -d /dev/hdb6 -s /tmp -a -t
will scan your home partition for deleted files, and present you a table like this:
user name | 1

Greetings Micfo members,

If you have Linux based OS installed and if your disk is crashed then try following steps if you want to retrive data from ddrescue commands.

Ddrescue is a program that copies data from one file or block device to another,
it is a tool to help you to save data from crashed partition. It tries to read and if it fails it will go on with the next sectors, where tools like dd will fail. If the copying process is interrupted by the user it is possible to continue at any position later. It can copy backwards.
Install dd_rescue or ddrescue

If you are using RedHat/Fedora Core Linux, type the following command:
# yum -y install ddrescue
If you are using Debian Linux:# apt-get install ddrescue
Or directly download ddrescue from official GNU Web site. http://www.gnu.org/software/ddrescue/ddrescue.html

Please note that Debian install ddrescue binary as /bin/dd_rescue and other distribution as /usr/bin/ddrescue

To make exact copy of /dev/sda (damaged) to /dev/sdb (make sure sdb is empty) you need to type following command:

# ddrescue /dev/hda /dev/hdb
Naturally next step is to run fsck on /dev/sdb partition to recover/save data. Remember do not touch originally damaged /dev/sda. If this procedure fails you can send your disk to professional data recovery service. For example if /home (user data) is on /dev/sda2, you need to run a command on /dev/sdb2:

# fsck /dev/sdb2

Once fsck run, mount /dev/sdb2 somewhere and see if you can access data:

# mount /dev/sdb2 /mnt/data

It is time to take backup using tar command.

ddrescue command supports tons of options. Dont forget to read man page:

# man ddrescue OR # man dd_rescue

Enjoy..