http://wiki.archlinux.org/index.php/Beginners_Guide
lftp mirror
yes i know rsync and i know tons of host do not give you rsync or even ssh…
# upload whole /local/folder to /remote/folder/
lftp -u YOURUSERNAME,PASSWD -e "mirror -R /local/folder /remote/folder/" sftp://hostname
# download whole folder /remote/folder to local/folder
lftp -u YOURUSERNAME,PASSWD -e "mirror /remote/folder local/folder/" <remote_site>
# put it in cron to schedule regular backup
refs
pause
read -s -n 1 -p "Press any key to continue . . ."
what daemon / services listen on that port?
to know what services is listening on port 53:
sudo netstat -lnp | grep :53
hide too much error on screen
http://www.joreybump.com/code/howto/debian/orinoco.html
If that stops the errors from logging to the console, then you can make this change permanent by editing /etc/init.d/bootmisc.sh, replacing this line:
dmesg -s 524288 > /var/log/dmesg
with:
dmesg -n 1 -s 524288 > /var/log/dmesg
Aaaah, now I am blissfully ignorant of these annoying errors. Some watchdogs bark too much.
max mtu
http://www.debianadmin.com/change-mtu-maximum-transmission-unit-of-network-interface.html
wait/sleep
http://www.linux.com/articles/113976
.xinitrc
sleep 3 && conky &
# exec startkde
# exec wmaker
# exec xfce4-session
exec startfluxbox
configure network
http://www.debian.org/doc/manuals/reference/ch-gateway.en.html
# /etc/network/interfaces
# give eth0 static ip
auto eth0
iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.0
gateway 192.168.1.254
up route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1
down route del -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1
dns-search somedomain.org
dns-nameservers 195.238.2.21 195.238.2.22
# get eth1 ip from dhcp
iface eth0 inet dhcp
dhcp client release/renew ip:
dhclient -r
dhclient
or
# ifdown eth0
# ifup eth0
# /etc/init.d/network restart
or
/etc/init.d/networking restart
or
dhcpcd eth1 -k
dhcpcd eth1 -n
or
ifdown eth0
ifup eth0
http://www.novell.com/coolsolutions/trench/16013.html
automatic startx at login. edit .bashrc
# (c) 2008 DennyHalim.com
# you're free to copy to copy and/or distribute this script under GPL license
# paste into your ~/.bashrc and it just works.
# it will startx / startxfce when you login at tty1
# it can also logout/shutdown after you close x.
file=/tmp/.X0-lock
#check if x is running
if [[ -e $file ]]
then
echo "Ctrl+Alt+F7 to switch to XWindow"
#only run xfce4 if login at tty1
elif [ $(tty) == /dev/tty1 ]; then
startxfce4 # use startx if you prefer so
# exit #to logout automatically after x closed
# halt #to shutdown automatically after x closed
fi
http://tldp.org/LDP/abs/html/testconstructs.html
multiple X:
startx -- :1
http://www.faqs.org/docs/lnag/lnag_xwindows.html
http://www.onlamp.com/pub/a/bsd/2006/12/07/freebsd_basicsg.html
remove login manager
- debian: apt-get remove xdm gdm kdm wdm sdm login.app
- or update-rc.d -f remove xdm|gdm|kdm|wdm|sdm|login.app 2
- other: edit /etc/inittab id:3:initdefault:
shell
- put 'set -r' in ~/.bashrc to put the user in restricted bash shell
- http://www.mariovaldez.net/software/sleepshell/ dummy shell can be used for tunneling only without compromising security
- http://www.tldp.org/LDP/abs/html/index.html bash scripting guide
the do-nothing shell in c
main()
{
pause();
}
http://bugs.contribs.org/show_bug.cgi?id=3688
fsck
- touch /forcefsck to force fsck on next boot
- touch /fastboot to bypass fsck on next boot
- tune2fs -c 60 will do fsck on every 60 boot
- tune2fs -i 1w will do fsck every week
links
- poptop/pptpd on centos http://blog.doylenet.net/?p=17
- http://wiki.centos.org/HowTos/JavaOnCentOS
- ssl explorer on centos http://www.cs.luc.edu/projects/comp412/explorer/centosbuild/ http://daniel.streefkerkonline.com/ssl-explorer-on-centos/
java jre + firefox plugins
- download & install jre
- cd /usr/lib/firefox-1.5.0.12/plugins/
- sudo ln -s /usr/java/jre1.6.0_04/plugin/i386/ns7/libjavaplugin_oji.so
change the folders to reflects where your firefox/java installed.
transparent proxy
iptables -t nat -A PREROUTING -i eth0 -p tcp —dport 80 -j REDIRECT —to-port 8888
iptables -t nat -A PREROUTING -i eth0 -p tcp —dport 80 -j REDIRECT —to-port 3128
http://en.tldp.org/HOWTO/TransparentProxy-5.html
http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy
http://transproxy.sourceforge.net/
block bad ip/netblocks
#!/bin/sh
curl -s http://www.spamhaus.org/drop/drop.lasso |grep ^[1-9]|cut -f 1 -d ‘ ‘ | xargs -iX -n 1 /sbin/iptables -A INPUT -s X -j DROP
http://blog.taragana.com/index.php/archive/how-to-protect-linux-server-from-stolen-zombie-netblocks-100-pro-spammer-controlled-netblocks/#more-2336
http://www.spamhaus.org/faq/answers.lasso?section=DROP%20FAQ
http://www1.umn.edu/oit/security/guideline/OIT__38408_REGION1.html