Secure SSH with DenyHosts

DenyHosts is a script designed to thwart SSH server attacks – also known as dictionary based attacks and brute force attacks.

If you’ve ever looked at your ssh log (/var/log/secure on CentOS/Redhat) you may be alarmed to see how many crackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn’t it be better to automatically prevent that attacker from continuing to gain entry into your system?

DenyHosts attempts to address this problem… and more.

How do I schedule a reboot in Linux?

I’d like to be able to schedule a Linux server reboot at a specific time, but not regularly. How can I do this without adding and removing cron entries?

You can use the shutdown command with -r as the argument. Instead of using shutdown now, you can add time as parameter, for example:

[[email protected] /]# shutdown -r 12:05

The above command will then issue broadcast messages to the console as well as user shells stating:

Broadcast message from root (pts/9) (Wed Oct 14 11:55:55 2009):

The system is going DOWN for reboot in 10 minutes!

Cydia Bad URL Error

If you enter a misspelled resource in Cydia then each time that Cydia updates its repositories the following error will be displayed:

BAD URL - data can not be fetched because of Bad URL.

To resolve this issue:

1. Connect your iPhone and desktop/laptop to a the same wireless access point and note down the IP address assigned to the iPhone under the wireless settings.

2. SCP into your iPhone using WinSCP or a similar SCP client, use the iPhone IP address noted in item 1.

3. Browse to: /private/etc/apt/sources.list.d/ using the SCP client.

4. Download a copy of cydia.list to your computer.

5. Edit cydia.list on your computer, delete the invalid (bad) URL.

6. Re-upload cydia.list to /private/etc/apt/sources.list.d/, overwriting the old file.

7. Refresh Cydia on your iPhone, the problem should be fixed.

PHP 5.2.x & MySQL 5.0.x Upgrade for Plesk 8/9

Plesk generally runs a version or sub-version behind in their available PHP builds for Plesk. To safely upgrade PHP and MySQL on a production Plesk 8 or 9 server, please follow these instructions.

Step 1) Install the Atomic Channel:

$ wget -q -O – | sh

Step 2) Upgrade PHP and MySQL:

$ yum upgrade php mysql

Step 3) Replace the PHP 4 php.ini with PHP 5.2.x’s (if applicable):

$ cp /etc/php.ini /etc/php.ini~backup

$ mv /etc/php.ini.rpmnew /etc/php.ini Continue reading “PHP 5.2.x & MySQL 5.0.x Upgrade for Plesk 8/9”

Finding out the Dell Service Tag from Linux

Scenario: You need to place a service call to Dell in order to have them replace a failed drive in your Dell PowerEdge server running CentOS Linux. Your server is located in a data center 800 miles away. You need the Dell Service Tag in order to request support but don’t have it documented locally, what do you do?

On Dell servers running Linux you can run:

[[email protected] ~]# dmidecode | grep -i “serial number”

In order to identify the machines registered service tag. Output will be similar to the following:

[[email protected] ~]# dmidecode | grep -i “serial number”
Serial Number: 515E5151
Serial Number: ..CN1234567AABBRR.
Serial Number: 515E5151

Where “515E5151” is the service tag.