Posts Tagged ‘Linux’

Login to shell using root user then tun following commands to install YUM.

[root@server]#mkdir /root/support  && cd /root/support

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/gmp-4.1.4-10.el5.i386.rpm

[root@server]#rpm -Uvh gmp-4.1.4-10.el5.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/readline-5.1-3.el5.i386.rpm

[root@server]#rpm -Uvh readline-5.1-3.el5.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/python-2.4.3-27.el5.i386.rpm

[root@server]#rpm -Uvh python-2.4.3-27.el5.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/libxml2-2.6.26-2.1.2.8.i386.rpm

[root@server]#rpm -Uvh libxml2-2.6.26-2.1.2.8.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/libxml2-python-2.6.26-2.1.2.8.i386.rpm

[root@server]#rpm -Uvh libxml2-python-2.6.26-2.1.2.8.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/expat-1.95.8-8.2.1.i386.rpm

[root@server]#rpm -Uvh expat-1.95.8-8.2.1.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/python-elementtree-1.2.6-5.i386.rpm

[root@server]#rpm -Uvh python-elementtree-1.2.6-5.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/sqlite-3.3.6-5.i386.rpm

[root@server]#rpm -Uvh sqlite-3.3.6-5.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/python-sqlite-1.1.7-1.2.1.i386.rpm

[root@server]#rpm -Uvh python-sqlite-1.1.7-1.2.1.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/elfutils-0.137-3.el5.i386.rpm

[root@server]#rpm -Uvh elfutils-0.137-3.el5.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/rpm-python-4.4.2.3-18.el5.i386.rpm

[root@server]#rpm -Uvh rpm-python-4.4.2.3-18.el5.i386.rpm

[root@server]#It will throw following error.

[root@server]# rpm -Uvh rpm-python-4.4.2.3-18.el5.i386.rpm

warning: rpm-python-4.4.2.3-18.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID e8562897
error: Failed dependencies:
popt = 1.10.2.3-18.el5 is needed by rpm-python-4.4.2.3-18.el5.i386
rpm = 4.4.2.3-18.el5 is needed by rpm-python-4.4.2.3-18.el5.i386
rpm-libs = 4.4.2.3-18.el5 is needed by rpm-python-4.4.2.3-18.el5.i386

In that case search dependencies in following URL

http://rpm.pbone.net/

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/m2crypto-0.16-6.el5.6.i386.rpm

[root@server]#rpm -Uvh m2crypto-0.16-6.el5.6.i386.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/python-urlgrabber-3.1.0-5.el5.noarch.rpm

[root@server]#rpm -Uvh python-urlgrabber-3.1.0-5.el5.noarch.rpm

[root@server]#wget http://mirror.centos.org/centos-5/5/os/i386/CentOS/yum-3.2.22-20.el5.centos.noarch.rpm

[root@server]#rpm -Uvh yum-3.2.22-20.el5.centos.noarch.rpm

It will throw following error.

[root@server]# rpm -Uvh yum-3.2.22-20.el5.centos.noarch.rpm
warning: yum-3.2.22-20.el5.centos.noarch.rpm: Header V3 DSA signature: NOKEY, key ID e8562897
error: Failed dependencies:
python-iniparse is needed by yum-3.2.22-20.el5.centos.noarch
rpm-python is needed by yum-3.2.22-20.el5.centos.noarch
yum-fastestmirror is needed by yum-3.2.22-20.el5.centos.noarch
yum-metadata-parser >= 1.1.0 is needed by yum-3.2.22-20.el5.centos.noarch

In that case search dependencies in following URL

http://rpm.pbone.net/

Once you complete all dependencies you can update yum by using following command

[root@server]#yum -y update

After Upgrading mysql to 5.1 , you will receive following error.

“Client does not support authentication protocol requested by server; consider upgrading MySQL client.”

The above error message are receiving because latest version of MySql uses a new format for the password in that case to use older client to use older version Mysql with new version Mysql you have to set the passwords on the server to their old format.Refer following steps to set the password.

Cause of the error is the latest version of mysql is using new format for the password. You will have to make following chnages so that mysql will use old password format.

Login into shell as root user and access mysql with root user and password

[root@server]#mysql -u root -p

Then, copy and paste the following command in shell, editing commands if necessary, to change the password of the user to the old format.

[root@server]#UPDATE mysql.user
[root@server]#SET password=OLD_PASSWORD(‘password’)
[root@server]#WHERE user=’username’
[root@server]#AND host=’host';

After running above commands flush the tables using following command.

[root@server]#flush privileges;

Then exit the mysql client.

[root@server]#\q

Cheers, It will fix your problem :)

To check run level, just  run “who -r” on shell it will show you current run level set on your server.

root@server [~]# who -r
run-level 3 2009-01-07 21:19 last=S

How to check OS version of linux

cat /etc/redhat-release —– for redhat and its clones
cat /etc/debian_version —- For debian

cat /etc/redhat-release —– for redhat and its clones
cat /etc/debian_version —- For debian

A quick and useful command for checking if a server is under ddos:

netstat -anp |grep ‘tcp\|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

That will list the IPs taking the most amounts of connections to a server. It is important to remember that ddos is becoming more sophisticated and they are using fewer connections with more attacking ips. If this is the case you will still get low number of connections even while you are under a DDOS.

Another very important thing to look at is how many active connections your server is currently processing.

netstat -n | grep :80 |wc -l

netstat -n | grep :80 | grep SYN |wc -l

The first command will show the number of active connections that are open to your server. Many of the attacks typically seen work by starting a connection to the server and then not sending any reply making the server wait for it to time out. The number of active connections from the first command is going to vary widely but if you are much above 500 you are probably having problems. If the second command is over 100 you are having trouble with a syn attack.

Solution:

First go with

echo 1 > /proc/sys/net/ipv4/tcp_syncookies

and then try with all these IPtables rule , there may other attacks too.

iptables -A INPUT -p tcp –tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp –tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp –tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp –tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp –tcp-flags ACK,FIN FIN -j DROP
iptables -A INPUT -p tcp –tcp-flags ACK,PSH PSH -j DROP
iptables -A INPUT -p tcp –tcp-flags ACK,URG URG -j DROP

then,

service iptables save
service iptables restart

it should resolve your issue.

How change port of SSH
To force ssh to run on a non standard port, use the following steps:

1. Open /etc/ssh/sshd_config in your favorite text editor:

# vi /etc/ssh/sshd_config

2. Browse to the following line:

# Port 22

3. Uncomment and edit this line to reflect the new port.

Port 2255 (this can be set to any non standard port)

4. Save and quit the file, and restart ssh.

# /etc/init.d/ssh restart

5. If you are connected to the server via ssh on port 22, your connection will drop and you will need to reconnect using the new port.

If you have apf installed, Please add the port in apf

————-

nano /etc/apf/conf.apf

For tcp ports

# Common ingress (inbound) TCP ports

If mysql fails to start and gives  mysql.sock error

Try this to fix the error.
===================
cd /var/lib/mysql
===================
touch mysql.sock
===================
chown mysql:mysql mysql.sock
===================
chmod 1777 mysql.sock
===================
now make a sym link into /tmp

ln -s /var/lib/mysql/mysql.sock /tmp
===================
then

chmod 1777 /tmp
===================
now

/scripts/mysqlup –force
===================

now just restart mysql

/etc/rc.d/init.d/mysql restart

===================

This will fix the sock error and mysql will be running fine now.

Login to the server through ssh and run this cmd

/usr/local/cpanel/cpkeyclt

This cmd will update the cPanel license.

You may come across core files which gets generated within your accounts . The possible reason for the core files getting generated is when a php process is killed, apache creates core files under your account .

On phpSuexec servers this may cause due to incorrect php.ini file placed in your account and if it is caused due to php/apache then you can get rid off those core files by editing the httpd startup file on the server end. Following are the steps to edit httpd startup file.

========================================================
root@server [~]#which httpd
/usr/sbin/httpd
root@server [~]# nano /usr/sbin/httpd

Search for ulimit lines .For eg : you can see these lines

ulimit -n 1024
ulimit -n 4096
ulimit -n 8192
ulimit -n 16384

You need to add ulimit -c 0 at the end .Which will look like :

ulimit -n 1024
ulimit -n 4096
ulimit -n 8192
ulimit -n 16384
ulimit -c 0


Save File
Restart httpd
root@server [~] /etc/init.d/httpd restart

======================================================

Sometimes apache is crashing and all or some PHP pages are showing blank when you browse it. Also apache error logs shows following errors.

====================================
[Thu Dec 24 09:12:03 2009] [notice] child pid 8877 exit signal Segmentation fault (11)
[Thu Dec 24 09:12:38 2009] [notice] child pid 8466 exit signal Segmentation fault (11)
[Thu Dec 24 09:12:38 2009] [notice] child pid 8883 exit signal Segmentation fault (11)

====================================

Solution:

Edit httpd.conf file and add following line in the main config.

===========================
CoreDumpDirectory /tmp/apache2-gdb-dump
===========================

Then create following folder in /tmp and change the permisssion

===========================
root@server [~] mkdir -p /tmp/apache2-gdb-dump
root@server [~] chmod 0777 /tmp/apache2-gdb-dump
===========================

Also make changes in to following file.

root@server [~] nano /usr/sbin/httpd

Search for ulimit lines .For eg : you can see these lines

ulimit -n 1024
ulimit -n 4096
ulimit -n 8192
ulimit -n 16384

You need to add ulimit -c 0 at the end .Which will look like :

ulimit -n 1024
ulimit -n 4096
ulimit -n 8192
ulimit -n 16384
ulimit -c 0

====================================

Stop and start apache server

root@server [~] /etc/init.d/httpd stop

root@server [~] /etc/init.d/httpd start