UnixServerAdmin

Server Administration & Management

Protected: backup_dump_encrypt.sh (in Bzip2 format)

This content is password protected. To view it please enter your password below:

Advertisements

February 26, 2013 Posted by | Security, Shell Script | , | Enter your password to view comments.

TCP Wrappers – Send Mail after deny SSH login

TCP Wrappers gives the possibility to control and protect the network services, limiting the access and registering (if you want to) all the connections to make the work of detecting and resolving problems easier. To setup TCP Wrappers you work with two access control text files, they are called: /etc/hosts.allow & /etc/hosts.deny. The format to write into these files is: ” daemon_list : client_list [ : shell_command ]”

# vim /etc/hosts.allow

sshd : 192.168.10.12/255.255.255.0 : spawn (echo -e “Connected from IP %h” | mutt -s “SSH Connection is Successful” unixserv@unixserveradmin.com) : ALLOW

# vim /etc/hosts.deny

sshd : ALL : spawn (echo -e “Access denied to external SSH Connection from IP %h ” | mutt -s “Alert – SSH Connection Denied” unixserv@unixserveradmin.com) : DENY

February 21, 2013 Posted by | Security, SSH, Tips & Tricks, Unix/Linux | , , , | Leave a comment

How to disable users from loggin into the server, except the administrator(root)

In cases where you have to disable the login to all users,except root, for example when you have to do a backup, you have to use pam_nologin.so

1) Edit the pam file for the service you want to control, in this example i modify ssh pam control file, located in /etc/pam.d/sshd & Add the line :-

# vim /etc/pam.d/sshd

account required pam_nologin.so

2) Create the /etc/nologin file, just do “touch /etc/nologin”

# touch /etc/nologin

This should disable the login from ssh. If you want to disable the login from terminal, modify the /etc/pam.d/login file.

3) To re-enable the login just remove /etc/nologin

# rm -rvdf /etc/nologin

February 16, 2013 Posted by | Security, SSH, Tips & Tricks, Unix/Linux | , , , , | Leave a comment

allow_mac.sh

#############################################################################
# MAC Address Allow File ####################### #######
#################################################
/sbin/iptables -F # Flush Iptables ####### ##################
#################################################
# Allow Incoming Connection from PArticular MAC Address ########
# iptables -A INPUT -j DROP ## Block all others Connection #######
#############################################################################

/sbin/iptables -A INPUT -m mac –mac-source 0A:0B:0C:0D:0E:0F -j ACCEPT ## Allow Traffic from MAC  0A:0B:0C:0D:0E:0F ##
/sbin/iptables -A INPUT -m mac –mac-source 1A:1B:1C:1D:1E:1F -j ACCEPT ## Allow Traffic from MAC  1A:1B:1C:1D:1E:1F ##
/sbin/iptables -A INPUT -m mac –mac-source 2A:2B:2C:2D:2E:2F -j ACCEPT ## Allow Traffic from MAC  2A:2B:2C:2D:2E:2F ##
/sbin/iptables -A INPUT -m mac –mac-source 3A:3B:3C:3D:3E:3F -j ACCEPT ## Allow Traffic from MAC  3A:3B:3C:3D:3E:3F ##
/sbin/iptables -A INPUT -m mac –mac-source 4A:4B:4C:4D:4E:4F -j ACCEPT ## Allow Traffic from MAC  4A:4B:4C:4D:4E:4F ##
/sbin/iptables -A INPUT -m mac –mac-source 5A:5B:5C:5D:5E:5F -j ACCEPT ## Allow Traffic from MAC  5A:5B:5C:5D:5E:5F ##
/sbin/iptables -A INPUT -j DROP    ##  Drop all Others Traffic ##
/sbin/service iptables save

#############################################################################

February 11, 2013 Posted by | Shell Script | | Leave a comment

Protected: How to send email on reboot the server

This content is password protected. To view it please enter your password below:

February 6, 2013 Posted by | Shell Script, Tips & Tricks, Unix/Linux | , , , | Enter your password to view comments.

How to monitor MySQL restore progress using PV

pv command allows a user to see the progress of data through a pipeline, by giving information such as time elapsed, percentage completed (with progress bar), current throughput rate, total data transferred, and ETA. To use it, insert it in a pipeline between two processes, with the appropriate options. Its standard input will be passed through to its standard output and progress will be shown on standard error.

A great application of pv is when you’re restoring large amounts of data into MySQL, especially if you’re restoring data under duress due to an accidentally-dropped table or database. The standard way of restoring data is something we’re all familiar with:

# mysql -uroot -p < database_backup.sql

The downside of this method is that you have no idea how quickly your restore is working or when it might be done. You could always open another terminal to monitor the tables and databases as they’re created, but that can be hard to follow. Toss in pv and that problem is solved:

# pv database_backup.sql | mysql -p
96.8MB 0:00:17 [5.51MB/s] [=======================>          ] 71% ETA 0:02:10

When it comes to MySQL, your restore rate is going to be different based on some different factors, so the ETA might not be entirely accurate.

February 1, 2013 Posted by | MySQL | , | Leave a comment