Posts Tagged ‘echo’

« Older Entries
Newer Entries »

Windows batch read variable – equivalent of Linux read line command

Wednesday, March 12th, 2014

bat-file-icon-windows-read-variable
If you need to do some basic batch scripting sooner or later you will have to insert input from command line to a variable. In Linux this is done with read command, i.e.:
$ echo -n "Type a password for admin:";
$ read line;
$ echo $line;

So here is how to do the same if you need it for a Windows Batch (.BAT) file

C:\\Users\\> Set /p string='What do you want to ask?:'
'What do you want to ask?:'

This will define the string variable, to later print out the variable use:
> echo %string%
variable input output

Tags: , , , , , , , , , , , ,
Posted in Everyday Life, Various, Windows | No Comments »

Play Dune2 on Debian Linux with dosbox – Dune 2 Mother of all Real Time Strategy games

Saturday, March 1st, 2014

medium_1809-dune-ii-the-building-of-a-dynasty_one_of_best_games_ever_linux_windows.gif

Dune II: The Building of a Dynasty (known also as Dune II: Battle for Arrakis in Europe is a game that my generation will never forget. Dune 2 is the "first" computer Real Time Strategy (RTE) game of the genre of the Warcraft I and Warcraft II / III and later Command and Conquer – Red Aleart, Age of Empires I / II and Starcraft …

dune2-unit-destroyed

I've grown up with Dune2 and the little computer geek community in my school was absolutely crazy about playing it. Though not historically being the first Real Time Strategy game, this Lucas Inc. 
game give standards that for the whole RTE genre for years and will stay in history of Computer Games as one of best games of all times.

I've spend big part of my teenager years with my best friends playing Dune2 and the possibility nowadays to resurrect the memories of these young careless years is a blessing.  Younger computer enthusiasts and gamers probably never heard of Dune 2 and this is why I decided to place a little post here about this legendary game.

dune-2-tank-vehicle - one of best games computer games ever

Its worthy out of curiosity or for fun to play Dune 2 on modern OS be it Windows or Linux. Since Dune is DOS game, it is necessary to play it via DOS emulator i.e. – (DosBox). 
Here is how I run dune2 on my Debian Linux:

1. Install dosbox DOS emulator

apt-get install --yes dosbox

2. Download Dune2 game executable

You can download my mirror of dune2 here

Note that you will need unzip to uanrchive it, if you don't have it installed do so:

apt-get install --yes unzip

cd ~/Downloads/
wget https://www.pc-freak.net/files/dune-2.zip

3.  Unzip archive and create directory to mount it emulating 'C:\' drive
mkdir -p ~/.dos/Dune2
cd ~/.dos/Dune2
unzip ~/Downloads/dune-2.zip
 

4. Start dosbox and create permanent config for C: drive auto mount


dosbox

To make C:\ virtual drive automatically mounted you have to write a dosbox config from inside dbox console

config -writeconf /home/hipo/.dosbox.conf
My home dir is in /home/hipo, change this with your username /home/username

Then exit dosbox console with 'exit' command

To make dune2 game automatically mapped on Virtual C: drive:

echo "mount c /home/hipo/.dos" >> ~/.dosbox.conf
Further to make dosbox start each time with ~/.dosbox.conf add alias to your ~/.bashrc 

vim ~/.bashrc
echo "alias dosbox='dosbox -conf /home/hipo/.dosbox.conf'" >> ~/.bashrc
source ~/.bashrc
Then to run DUNE2 launch dosbox:

dosbox

and inside console type:

c:
cd Dune2
Dune2.exe

dune2-first-real-time-strategy-game-harkonen-screenshot

For the lazy ones who would like to test dune you can play dune 2 online on this website

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Entertainment, Everyday Life, Games Linux, Various | No Comments »

Finding spam sending php scripts on multiple sites servers – Tracing and stopping spammer PHP scripts

Monday, April 14th, 2014

stop_php_mail-spam-find-spammer-and-stop-php-spammer-websites
Spam has become a severe issue for administrators, not only for mail server admins but also for webshosting adms. Even the most secure spam protected mail server can get affected by spam due to fact it is configured to relay mail from other servers acting as web hosting sites.

Webhosting companies almost always suffer seriously from spam issues and often their mail servers gets blocked (enter spam blacklists), because of their irresponsible clients uploading lets say old vulnerable Joomla, WordPress without Akismet or proper spam handling plugin,a CMS which is not frequently supported / updated or custom client insecure php code.

What I mean is Shared server A is often configured to sent mail via (mail) server B. And often some of the many websites / scripts hosted on server A gets hacked and a spam form is uploaded and tons of spam start being shipped via mail server B.

Of course on mail server level it is possible to configure delay between mail sent and adopt a couple of policies to reduce spam, but the spam protection issue can't be completely solved thus admin of such server is forced to periodically keep an eye on what mail is sent from hosting server to mail server.
 


If you happen to be one of those Linux (Unix) webhosting admins who find few thousand of spammer emails into mail server logs or your eMail server queue and you can't seem to find what is causing it, cause there are multiple websites shared hosting using mainly PHP + SQL and you can't identify what php script is spamming by reviewing  Apache log / PHP files. What you can do is get use of:

PHP mail.log directive

Precious tool in tracking spam issues is a PHP Mail.log parameter, mail log paramater is available since PHP version >= 5.3.0 and above.
PHP Mail.log parameter records all calls to the PHP mail() function including exact PHP headers, line numbers and path to script initiating mail sent.

Here is how it is used:
 

1. Create empty PHP Mail.log file

touch /var/log/phpmail.log

File has to be writtable to same user with which Apache is running in case of Apache with SuPHP running file has to be writtable by all users.

On Debian, Ubunut Linux:

chown www:data:www-data /var/log/phpmail.log

On CentOS, RHEL, SuSE phpmail.log has to be owned by httpd:

chown httpd:httpd /var/log/phpmail.log

On some other distros it might be chown nobody:nobody etc. depending on the user with which Apache server is running.

 

2. Add to php.ini configuration following lines

mail.add_x_header = On
mail.log = /var/log/phpmail.log

PHP directive instructs PHP to log complete outbund Mail header sent by mail() function, containing the UID of the web server or PHP process and the name of the script that sent the email;
 

(X-PHP-Originating-Script: 33:mailer.php)


i.e. it will make php start logging to phpmail.log stuff like:
 

 

mail() on [/var/www/pomoriemonasteryorg/components/com_xmap/2ktdz2.php:1]: To: info@globalremarketing.com.au — Headers: From: "Priority Mail" <status_93@pomoriemon
astery.org> X-Mailer: MailMagic2.0 Reply-To: "Priority Mail" <status_93@pomoriemonastery.com> Mime-Version: 1.0 Content-Type: multipart/alternative;boundary="——
—-13972215105347E886BADB5"
mail() on [/var/www/pomoriemonasteryorg/components/com_xmap/2ktdz2.php:1]: To: demil7167@yahoo.com — Headers: From: "One Day Shipping" <status_44@pomoriemonastery.
org> X-Mailer: CSMTPConnectionv1.3 Reply-To: "One Day Shipping" <status_44@pomoriemonastery.com> Mime-Version: 1.0 Content-Type: multipart/alternative;boundary="—
——-13972215105347E886BD344"
mail() on [/var/www/pomoriemonasteryorg/components/com_xmap/2ktdz2.php:1]: To: domainmanager@nadenranshepovser.biz — Headers: From: "Logistics Services" <customer.
id86@pomoriemonastery.com> X-Mailer: TheBat!(v3.99.27)UNREG Reply-To: "Logistics Services" <customer.id86@pomoriemonastery.com> Mime-Version: 1.0 Content-Type: mult
ipart/alternative;boundary="———-13972215105347E886BF43E"
mail() on [/var/www/pomoriemonasteryorg/components/com_xmap/2ktdz2.php:1]: To: bluesapphire89@yahoo.com — Headers: From: "Priority Mail" <status_73@pomoriemonaster
y.org> X-Mailer: FastMailer/Webmail(versionSM/1.2.6) Reply-To: "Priority Mail" <status_73@pomoriemonastery.com> Mime-Version: 1.0 Content-Type: multipart/alternativ
e;boundary="———-13972215105347E886C13F2"

 

On Debian / Ubuntu Linux to enable this logging, exec:

echo 'mail.add_x_header = On' >> /etc/php5/apache2/php.ini
echo 'mail.log = /var/log/phpmail.log' >> /etc/php5/apache2/php.ini


I find it useful to symlink /etc/php5/apache2/php.ini to /etc/php.ini its much easier to remember php location plus it is a standard location for many RPM based distros.

ln -sf /etc/php5/apache2/php.ini /etc/php.ini

Or another "Debian recommended way" to enable mail.add_x_header logging on Debian is via:

echo 'mail.add_x_header = On' >> /etc/php5/conf.d/mail.ini
echo 'mail.log = /var/log/phpmail.log' >> /etc/php5/conf.d/mail.ini

On Redhats (RHEL, CentOS, SuSE) Linux issue:

echo 'mail.add_x_header = On' >> /etc/php.ini
echo 'mail.log = /var/log/phpmail.log' >> /etc/php.ini

3. Restart Apache

On Debian / Ubuntu based linuces:

/etc/init.d/apache2 restart

P.S. Normally to restart Apache without interrupting client connections graceful option can be used, i.e. instead of restarting do:

/etc/init.d/apache2 graceful

On RPM baed CentOS, Fedora etc.:

/sbin/service httpd restart

or

apachectl graceful
 

4. Reading the log

To review in real time exact PHP scripts sending tons of spam tail it:

tail -f /var/log/phpmail.log

 

mail() on [/var/www/remote-admin/wp-includes/class-phpmailer.php:489]: To: theosfp813@hotmail.com — Headers: Date: Mon, 14 Apr 2014 03:27:23 +0000 Return-Path: wordpress@remotesystemadministration.com From: WordPress Message-ID: X-Priority: 3 X-Mailer: PHPMailer (phpmailer.sourceforge.net) [version 2.0.4] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="UTF-8"
mail() on [/var/www/pomoriemonasteryorg/media/rsinstall_4de38d919da01/admin/js/tiny_mce/plugins/inlinepopups/skins/.3a1a1c.php:1]: To: 2070ccrabb@kiakom.net — Headers: From: "Manager Elijah Castillo" <elijah_castillo32@pomoriemonastery.com> X-Mailer: Mozilla/5.0 (Windows; U; Windows NT 5.0; es-ES; rv:1.9.1.7) Gecko/20100111 Thunderbird/3.0.1 Reply-To: "Manager Elijah Castillo" <elijah_castillo32@pomoriemonastery.com> Mime-Version: 1.0 Content-Type: multipart/alternative;boundary="———-1397463670534B9A76017CC"
mail() on [/var/www/pomoriemonasteryorg/media/rsinstall_4de38d919da01/admin/js/tiny_mce/plugins/inlinepopups/skins/.3a1a1c.php:1]: To: 20wmwebinfo@schools.bedfordshire.gov.uk — Headers: From: "Manager Justin Murphy" <justin_murphy16@pomoriemonastery.com> X-Mailer: Opera Mail/10.62 (Win32) Reply-To: "Manager Justin Murphy" <justin_murphy16@pomoriemonastery.com> Mime-Version: 1.0 Content-Type: multipart/alternative;boundary="———-1397463670534B9A7603ED6"
mail() on [/var/www/pomoriemonasteryorg/media/rsinstall_4de38d919da01/admin/js/tiny_mce/plugins/inlinepopups/skins/.3a1a1c.php:1]: To: tynyrilak@yahoo.com — Headers: From: "Manager Elijah Castillo" <elijah_castillo83@pomoriemonastery.com> X-Mailer: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; pl; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4 Reply-To: "Manager Elijah Castillo" <elijah_castillo83@pomoriemonastery.com> Mime-Version: 1.0 Content-Type: multipart/alternative;boundary="———-1397463670534B9A7606308"
mail() on [/var/www/pomoriemonasteryorg/media/rsinstall_4de38d919da01/admin/js/tiny_mce/plugins/inlinepopups/skins/.3a1a1c.php:1]: To: 2112macdo1@armymail.mod.uk — Headers: From: "Manager Justin Murphy" <justin_murphy41@pomoriemonastery.com> X-Mailer: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; pl; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4 Reply-To: "Manager Justin Murphy" <justin_murphy41@pomoriemonastery.com> Mime-Version: 1.0 Content-Type: multipart/alternative;boundary="———-1397463670534B9A76086D1"

 

As you can see there is a junky spam mails sent via some spammer script uploaded under name .3a1a1c.php, so to stop the dirty bastard, deleted the script:

rm -f /var/www/pomoriemonasteryorg/media/rsinstall_4de38d919da01/admin/js/tiny_mce/plugins/inlinepopups/skins/.3a1a1c.php

It is generally useful to also check (search) for all hidden .php files inside directoring storing multiple virtualhost websites, as often a weirdly named hidden .php is sure indicator of either a PHP Shell script kiddie tool or a spammer form.

Here is how to Find all Hidden Perl / PHP scripts inside /var/www:

find . -iname '.*.php'
./blog/wp-content/plugins/fckeditor-for-wordpress-plugin/ckeditor/plugins/selection/.0b1910.php
./blog/wp-content/plugins/fckeditor-for-wordpress-plugin/filemanager/browser/default/.497a0c.php
./blog/wp-content/plugins/__MACOSX/feedburner_feedsmith_plugin_2.3/._FeedBurner_FeedSmith_Plugin.php

find . -iname '.*.pl*'

….

Reviewing complete list of all hidden files is also often useful to determine shitty cracker stuff

 find . -iname ".*"

Debugging via  /var/log/phpmail.log enablement is useful but is more recommended on development and staging (QA) environments. Having it enable on productive server with high amounts of mail sent via PHP scripts or just on dedicated shared site server could cause both performance issues, hard disk could quickly get and most importantly could be a severe security hole as information from PHP scripts could be potentially exposed to external parties.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Computer Security, Linux, System Administration, Web and CMS | 3 Comments »

Find all hidden files in Linux, Delete, Copy, Move all hidden files

Tuesday, April 15th, 2014

search-find-all-hidden-files-linux-delete-all-hidden-files
Listing hidden files is one of the common thing to do as sys admin. Doing manipulations with hidden files like copy / delete / move is very rare but still sometimes necessary here is how to do all this.

1. Find and show (only) all hidden files in current directory

find . -iname '.*' -maxdepth 1

maxdepth – makes files show only in 1 directory depth (only in current directory), for instance to list files in 2 subdirectories use -maxdepth 3 etc.

echo .*;

Yeah if you're Linux newbie it is useful to know echo command can be used instead of ls.
echo * command is very useful on systems with missing ls (for example if you mistakenly deleted it 🙂 )

2. Find and show (only) all hidden directories, sub-directories in current directory

To list all directories use cmd:

find /path/to/destination/ -iname ".*" -maxdepth 1 -type d

3. Log found hidden files / directories

find . -iname ".*" -maxdept 1 -type f | tee -a hidden_files.log

find . -iname ".*" -maxdepth 1 type d | tee -a hidden_directories.log
4. Delete all hidden files in current directory

cd /somedirectory
find . -iname ".*" -maxdepth 1 -type f -delete

5. Delete all hidden files in current directory

cd /somedirectory
find . -iname ".*" -maxdepth 1 -type d -delete

6. Copy all hidden files from current directory to other "backup" dir

find . -iname ".*" -maxdepth 1 -type f -exec cp -rpf '{}' directory-to-copy-to/ ;

7. Copy and move all hidden sub-directories from current directory to other "backup" dir

find . -iname ".*" -maxdepth 1 -type d -exec cp -rpf '{}' directory-to-copy-to/ ;

– Moving all hidden sub-directories from current directory to backup dir

find . -iname ".*" -maxdepth 1 -type d -exec mv '{}' directory-to-copy-to/ ;

 

Tags: , , , , , , , , , , , , , , , , , , ,
Posted in System Administration | No Comments »

How to install Java Virtual Machine on Debian 7 GNU / Linux

Wednesday, July 23rd, 2014

install-java-on-debian-gnu-linux-logo
Debian 7 stable as most stable Debian releases includes custom Open Source Oracle Java Virtual Machine version called IcedTea OpenJDK, just like with sun's proprietary java, open sourced icedtea fork is made of two components:
 

JREJava Runtime Environment

and

 

JDKJava Development Kit).


1. installing OpenJDK Open Source Java Virtual Machine on Debian GNU / Linux

openjdk_java_open_source_virtual_machine_linux-logo
The default meta-package for install java-jre is default-jre meta package which by default on Debian Wheezy points to openjdk:

 

 

apt-cache depends default-jdk
default-jdk
  Depends: default-jre
  Depends: openjdk-6-jdk

If you want to install default Open Source Java Debian package implementation run:
 

apt-get –yes install default-jre

apt-get –yes install default-jdk


2. Installing Oracle Java VM 7 on Debian / Ubuntu Linux and deb derivatives
/images/oracle_java_logo-linux-install-debian
Also it is possible to install Oracle Java 7 from binary via apt-get by adding a custom Ubuntu repository containing deb Oracle proprietary java install package called oracle-java7-installer:
 

echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu precise main" | tee -a /etc/apt/sources.list
echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu precise main" | tee -a /etc/apt/sources.list
apt-key adv –keyserver hkp://keyserver.ubuntu.com:80 –recv-keys EEA14886
apt-get update
apt-get install –yes oracle-java7-installer


 Above apt-get command can be used also to install Oracle Sun Java on Ubuntu Linux and other Debian derivatives, for example you can install it like this on Linux Mint and rest of deb based Desktop oriented Linuces …

installing-java-debian-7-linux-install-oracle-java-7-screenshot-1

installing-java-debian-7-linux-install-oracle-java-7-screenshot-2

If you already have the openjdk installed together with oracle java jdk, to make oracle jdk the default Virtual Machine install also oracle-java7-set-default:

apt-get install oracle-java7-set-default


3. Installing Oracle Java 8 the debian way on Debian and Ubuntu Linux

echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee /etc/apt/sources.list.d/webupd8team-java.list
echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" | tee -a /etc/apt/sources.list.d/webupd8team-java.list
apt-key adv –keyserver keyserver.ubuntu.com –recv-keys EEA14886
apt-get update
apt-get install oracle-java8-installer


4. Install Oracle Proprietary Java on Debian Linux using any version from Oracle website

As some written software requires custom ex-SUN Microsystems and currently owned by Oracle Java proprietary non-free binaries to install them on Debian Linux 7, there is a way to download any sun java jdk version, create .deb package and install the package with dpkg.

Here is how:

a.) Install java-package meta-package

apt-get –yes install java-package

 

Building dependency tree       
Reading state information… Done
The following extra packages will be installed:
  autopoint debhelper gettext git git-man html2text intltool-debian liberror-perl libgettextpo0 libmail-sendmail-perl libsys-hostname-long-perl po-debconf rsync
Suggested packages:
  dh-make gettext-doc git-daemon-run git-daemon-sysvinit git-doc git-el git-arch git-cvs git-svn git-email git-gui gitk gitweb libmail-box-perl
The following NEW packages will be installed:
  autopoint debhelper gettext git git-man html2text intltool-debian java-package liberror-perl libgettextpo0 libmail-sendmail-perl libsys-hostname-long-perl po-debconf rsync
0 upgraded, 14 newly installed, 0 to remove and 112 not upgraded.
Need to get 11.8 MB of archives.
After this operation, 24.7 MB of additional disk space will be used.

b.) Download your desiresd Oracle Java version


Then according to your Debian Linux platform install (32-bit x86 or 64-bit amd64) go in a browser to:

http://www.oracle.com/technetwork/java/javase/downloads/index.html

Accept the agreement and download latest Java release, if you need to install some specific Oracle Java version check out there Old Java download versions (archives) page

Note that in order to download, either you will need some text-browser like elinks or you will need to have a GUI environment with IceWeasel / Epiphany etc. If you're already using the Linux as a desktop environment with GNOME and you used IceWeasel to download java jdk it will be downloaded into /tmp

cd /tmp
make-jpkg <downloaded_jdk_file>

Install the binary package created:

dpkg -i oracle-j2sdk1.7_1.7.0+update44_amd64.deb

Enjoy 🙂

Tags: , , , , , , , , , ,
Posted in Everyday Life, Java, Linux, Linux and FreeBSD Desktop, Various | 1 Comment »

Disable Bluetooth on CentOS / RHEL (Redhat) / Fedora Linux servers – Disable hidd bluetooth devices

Thursday, January 29th, 2015

Disable_Bluetooth_on_CentOS_RHEL_Redhat_Fedora_Linux_servers_-_Disable_hidd_bluetooth_devices-logo

Bluetooth protocol on Linux is nice to have (supported) on Linux Desktop systems to allow easy communication wth PDAs, Tablets, Mobiles, Digital Cameras etc, However many newly purchased dedicated servers comes with Bluetooth support enabled which is a service rarely used, thus it is a good strong server security / sysadmin practice to remove the service supporting Blueetooth (Input Devices) on Linux hosts this is the hidd (daemon) service, besides that there are few Linux kernel modules to enable bluetooth support and removing it is also a very recommended practice while configuring new Production servers. 

Leaving Blueetooth enabled on Linux just takes up memory space and  potentially is a exposing server to possible security risk (might be hacked) remotely. 
Thus eearlier I've blogged on how bluetooth is disabled on Debian / Ubuntu Linux servers an optimization tuning (check) I do on every new server I have to configure, since administrating both RPM and Deb Linux distributions I usually also remove bluetooth hidd service support on every CentOS / RHEL / Fedora Linux – redhat  (where it is installed), here is how :

 

1. Disable Bluetooth in CentOS / RHEL Linux


a) First check whether hidd service is running on server:
 

[root@centos ~]# ps aux |grep -i hid
… 


b) Disable bluetooth services
 

[root@centos ~]# /etc/init.d/hidd stop
[root@centos ~]# chkconfig hidd off
[root@centos ~]# chkconfig bluetooth off
[root@centos ~]# /etc/init.d/bluetooth off


c) Disable any left Bluetooth kernel module (drivers), not to load on next server boot
 

[root@centos ~]# echo 'alias net-pf-31 off' >> /etc/modprobe.conf


If you don't need or intend to use in future server USBs it is also a good idea to disable USBs as well:
 

[root@centos ~]# lsmod|grep -i hid
usbhid                 33292  0
hid                    63257  1 usbhid
usbcore               123122  4 usb_storage,usbhid,ehci_hcd


[root@centos ~]# echo 'usbhid' >> /etc/modprobe.d/blacklist.conf
[root@centos ~]# echo 'hid' >> /etc/modprobe.d/blacklist.conf
[root@centos ~]# echo 'usbcore' >> /etc/modprobe.d/blacklist.conf

 

2. Disable Bluetooth on Fedora Linux

Execute following:
 

[hipo@fedora ~]# /usr/bin/sudo systemctl stop bluetooth.service
[hipo@fedora ~]# /usr/bin/sudo systemctl disable bluetooth.service

 
3. Disable Bluetooth on Gentoo / Slackware and other Linuces

An alternative way to disable bluetooth that should work across all Linux distributions / versions is:
 

[root@fedora ~]# su -c 'yum install rfkill'
[root@fedora ~]# su -c 'vi /etc/rc.d/rc.local'


Place inside, something like (be careful not to overwrite something, already execution on boot):
 

#!/bin/sh
rfkill block bluetooth
exit 0


4. Disable any other unnecessery loaded service on boot time

It is a good idea to also a good idea to check out your server running daemons, as thoroughfully as possible and remove any other daemons / kernel modules not being used by server.

To disable all unrequired services, It is useful to get a list of all enabled services, on RedHat based server issue:

 

[root@cento ~]#  chkconfig –list |grep "3:on" |awk '{print $1}'


 A common list of services you might want to disable if you're configuring (Linux, Apache, MySQL, PHP = LAMP) like server is:
 

chkconfig anacron off
chkconfig apmd off
chkconfig atd off
chkconfig autofs off
chkconfig cpuspeed off
chkconfig cups off
chkconfig cups-config-daemon off
chkconfig gpm off
chkconfig isdn off
chkconfig netfs off
chkconfig nfslock off
chkconfig openibd off
chkconfig pcmcia off
chkconfig portmap off
chkconfig rawdevices off
chkconfig readahead_early off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig smartd off
chkconfig xfs off
chkconfig ip6tables off
chkconfig avahi-daemon off
chkconfig firstboot off
chkconfig yum-updatesd off
chkconfig mcstrans off
chkconfig pcscd off
chkconfig bluetooth off
chkconfig hidd off


In most cases you can just run script like this – centos-disable_non-required_essential_services_for_lamp_server.sh.
 

Another useful check the amount of services each of the running server daemons is using, here is how:
 

ps aux | awk '{print $4"t"$11}' | sort | uniq -c | awk '{print $2" "$1" "$3}' | sort -nr


Output of memory consumption check command is here

Tags: , , , , , , , , , , , ,
Posted in Bluetooth, Computer Security, Linux, Linux and FreeBSD Desktop, Remote System Administration, System Administration, Various | No Comments »

Nokia Communicator 9300i connection via Bluetooth on Debian GNU/Linux Unstable

Saturday, October 24th, 2009

I wanted to connect my Nokia Communicator 9300i device via bluetooth on Linux on
my Thinkpad running Debian GNU/Linux unstable. By default my bluetooth is disabled
because I usually do not use the bluetooth.
To make the bluetooth back running I had to issue the command:
# echo "enable" > /proc/acpi/ibm/bluetooth
Next the bluetooth-wizard came to play:
# /usr/bin/bluetooth-wizard and then I had to follow the intuitive dialogs,a 4 digit code was generated by my Linux system the whole system was required to be provided
on the Nokia Communicator.
The only left thing is to use gnome’s bluetooth-applet “Blowse Files” feature.
Here is a screenshot showing up the bluetooth-applet in case if you wonder how the app looks like
Bluetooth Applet
In case if bluetooth-applet is not appearing as an applet in your gnome panel. You might need to:
# /usr/bin/gnome-control-center
– Search for the Bluetooth menu:
Make sure the “Show Bluetooth icon”‘s tick is presented
Last thing to note is that I tried using the bluez-gnome debian package
as a mean to communicate with the Phone unsuccesfully. As far as I could understand
from a couple of posts I’ve red online the Nokia communicator requires the obex
protocol to communicate data. This is not supported by bluez-gnome.
I’ve also red a couple of interesting posts which explained how to usep3nfs to mount your telephone via the unix nfs protocol
There is an old article explaining how to do the mount via p3nfs in Ubuntu which
can be red here

Tags: , , , , , , , , ,
Posted in Bluetooth, Linux and FreeBSD Desktop, Mobile Phone Apps & Games | No Comments »

Substitute for the Gnome bluetooth / Or how to properly manage your bluetooth (obex) connections in Gnome

Saturday, June 5th, 2010

I connect my Nokia 9300i mobile phone over bluetooth every now and then. In that connection, everyoften I do experience problems with properly connecting the device to my notebook running Debian Squeeze/Sid Unstable on it’s Desktop.
Until recently it really annoyed me that I had to loose time restring the Linux system sometimes when an access to the mobiledevice was failing, without any good trackable error message.
The connection error I have experienced quite often when I was trying to browse my Nokia 9300i cellphone using the bluetooth protocolon Linux was:
“the name org.openobex.client was not provided”
You can read about a similar error to the one encountered by me when using bluetooth on my Debian Linux in debian bugs mailing list on osdir
The way I solved the issues with connecting over bluetooth on Linux until recently was by rebooting the whole Linux system (dumb)!.
Some other things I try to get arround the bluetooth connection errors was by trying to re-enable my bluetooth notebook embedded device on my Lenovo Thinkpad with command:

root@noah:~# echo disable > /proc/acpi/ibm/bluetooth
root@noah:~# echo enable > /proc/acpi/ibm/bluetooth
I alsy tried to physically remove the bluetooth module, rfcomm and a few other modules which were preventing the removal with rmmod of the bluetooth module.
However this solution did’t help either .. To solve the issues I tried few other stuff one of which was installing libobexftp0 and obexftp since my Nokia 9300i uses the obex protocol to communicate with the computer through bluetooth

I have to note that so far I have used the embedded general gnome application Gnome Bluetooth by using the bluetooth-applet .

Well all my worries came to end finally by simply using another piece of bluetooth communication software callde blueman
Since I have installed that handy software bluetooth is working perfectly fine everytime with my mobile. I warmly recommend to everybody out there to switch to the blueman which is a substitute for the old crappy gnome-bluetooth pack
check out the up-mentioned provided website.
It’s probably also worthy to say that the blueman app is written in python.
Well I’m pretty happy now whilst using blueman, hopefully you’ll enjoy it too as well as solve your bluetooth issues ! 🙂

Tags: , , , , , , , , , ,
Posted in Bluetooth, Linux and FreeBSD Desktop, Mobile Phone Apps & Games | No Comments »

How to remove and disable BlueTooth support on Debian GNU / Linux servers

Thursday, October 18th, 2012

How to remove / disable bluetooth support on Debian GNU / Linux servers
If you running Debian Squeeze Linux (as server Apache, MySQL, Qmail etc.) on brand new purchased hardware with bluetooth support; you will notice default Linux kernel will detect and load modules for Bluetooth

This would not be a problem only if Bluetooth does not pose possible errors or (even at cases even maybe system hangs ups?). The actual reason in my case to want to disable bluetooth on a productive Linux server operating like host was I found out in dmesg produced output, some errors related to Bluetooth, here they are:


root@deb:~# dmesg|grep -i 'call trace' -A 8
[323406.744439] Call Trace:
[323406.744440] [] ? lapic_next_event+0x18/0x1d
[323406.744450] [] ? __report_bad_irq+0x30/0x7d
[323406.744453] [] ? note_interrupt+0x105/0x16e
[323406.744455] [] ? handle_fasteoi_irq+0x93/0xb5
[323406.744458] [] ? handle_irq+0x17/0x1d
[323406.744460] [] ? do_IRQ+0x57/0xb6
[323406.744463] [] ? ret_from_intr+0x0/0x11
[323406.744464]

I saw this error and similar ones occuring, every now and then obviously displaying something wents wrongs with IRQs related to BlueTooth Communication with Kernel (as it keeps processing requests loaded in system memory) …

Well anyways having the bluetooth kernel module loaded on memory just takes up few chunks of useless assigned memory.
I don't have intention to use bluetoothever in future on these host so I decided to completely remove bluetooth support on those Debian.

1. Remove blueetoh support on Debian GNU / Linux

First to check info about the loaded kernel module bluetooth.ko and its assigned module load alias run:


root@deb:~# /sbin/modinfo bluetooth
filename: /lib/modules/2.6.32-5-amd64/kernel/net/bluetooth/bluetooth.ko
alias: net-pf-31
license: GPL
version: 2.15
description: Bluetooth Core ver 2.15
author: Marcel Holtmann
srcversion: 9FD5BF98FC88505DC637909
depends: rfkill
vermagic: 2.6.32-5-amd64 SMP mod_unload modversions

Secondly disable memory preloaded bluetooth.ko on the current host with cmds:


root@deb:~# rmmod -f bnep
root@deb:~# rmmod -f l2cap
root@deb:~# rmmod -f sco
root@deb:~# rmmod -f bluetooth

Default way to control if Bluetooth (on host support is ON or OFF) is through /etc/default/bluetooth. Inside /etc/default/bluetooth is a control variable:


BLUETOOTH_ENABLED=1

To shut it off change its value to 0:


BLUETOOTH_ENABLED=0

Then to permanently prevent bluetooth.ko from being ever in future loaded its also good idea to blacklist modules – bnep, btusb, bluetooth:


root@deb:~# echo 'blacklist bnep' >> /etc/modprobe.d/bluetooth.conf
root@deb:~# echo 'blacklist btusb' >> /etc/modprobe.d/bluetooth.conf
root@deb:~# echo 'blacklist bluetooth' >> /etc/modprobe.d/bluetooth.conf

Onwards re-build, current kernel initramfs:


root@deb:~# update-initramfs -u -k `uname -r` -v
......
......

Next update boot init scripts with update-rc.d to make sure bluetooth (service / daemon) is not started:


root@deb:~# update-rc.d bluetooth remove
......

That's all bluetooth will not load up anymore on next boot and at present time will not take up useless mem space.

2. Re-enable disabled blueetooth on Debian Linux
 
I've been asked in one of comments, what to do If you need to re-enable bluetooth on your Debian Linux at some time in future, so here are the steps to turn back blueetooth on again


/etc/modprobe.d/bluetooth.conf

Change variable:

BLUETOOTH_ENABLED=0

to 

BLUETOOTH_ENABLED=1

Open  /etc/modprobe.d/bluetooth.conf and remove any blacklisted modules, e.g:

'blacklist bnep'
'blacklist btusb'
&39;blacklist bluetooth'

Rebuild again kernel ramfs

root@deb:~# update-initramfs -u -k `uname -r` -v
 
Enjoy 🙂

Tags: , , , , , , , , , ,
Posted in Bluetooth, Everyday Life, Linux, Linux and FreeBSD Desktop, System Administration, Various | 4 Comments »

How to disable IPv6 on Debian / Ubuntu / CentOS and RHEL Linux

Friday, December 9th, 2011

I have few servers, which have automatically enabled IPv6 protocols (IPv6 gets automatically enabled on Debian), as well as on most latest Linux distribituions nowdays.

Disabling IPv6 network protocol on Linux if not used has 2 reasons:

1. Security (It’s well known security practice to disable anything not used on a server)
Besides that IPv6 has been known for few criticil security vulnerabilities, which has historically affected the Linux kernel.
2. Performance (Sometimes disabling IPv6 could have positive impact on IPv4 especially on heavy traffic network servers).
I’ve red people claiming disabling IPv6 improves the DNS performance, however since this is not rumors and did not check it personally I cannot positively confirm this.

Disabling IPv6 on all GNU / Linuces can be achieved by changing the kernel sysctl settings net.ipv6.conf.all.disable_ipv6 by default net.ipv6.conf.all.disable_ipv6 equals 1 which means IPv6 is enabled, hence to disable IPv6 I issued:

server:~# sysctl net.ipv6.conf.all.disable_ipv6=0

To set it permanently on system boot I put the setting also in /etc/sysctl.conf :

server:~# echo 'net.ipv6.conf.all.disable = 1 >> /etc/sysctl.conf

The aforedescribed methods should be working on most Linux kernels version > 2.6.27 in that number it should work 100% on recent versions of Fedora, CentOS, Debian and Ubuntu.

To disable IPv6 protocol on Debian Lenny its necessery to blackist the ipv6 module in /etc/modprobe.d/blacklist by issuing:

echo 'blacklist ipv6' >> /etc/modprobe.d/blacklist

On Fedora / CentOS there is a another universal “Redhat” way disable IPv6.

On them disabling IPv6 is done by editting /etc/sysconfig/network and adding:

NETWORKING_IPV6=no
IPV6INIT=no

I would be happy to hear how people achieved disabling the IPv6, since on earlier and (various by distro) Linuxes the way to disable the IPv6 is probably different.
 

Alto to stop Iptables IPV6 on CentOS / Fedora and RHEL issue:

# service ip6tables stop

# service ip6tables off

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Computer Security, Linux, System Administration, Various | No Comments »

« Older Entries
Newer Entries »