December 21, 2009

restore sites using rsync

http://www.eth0.us/restore

Script to remove gmail and yahoo accounts from a directory

perl -pi -e 's/.*((\@gmail\.com)|(\@yahoo\.com)).*//g' *

Url to unblock ip from comcast

http://www.comcastsupport.com/Forms/NET/blockedprovider.asp

To list files recursively with a permission

find . -type d -perm

Scripts for extracting

for i in `cat dbaccts`;do s=`du -sh $i`;echo " $s" >> dbacctscheck;done

for in in `cat dbacctsusers`;do grep $i /etc/userdomains >> dbacctsdomains;done

Script to ADD Multiple IP in a windows SERVER:

type this in start >> Run >> cmd.
FOR /L %I IN (2,1,254) DO netsh interface ip add address "Local Area Connection" 10.0.0.%I 255.255.255.0
This will add ips from 10.0.0.2 to 10.0.0.254
This example will add ip addresses from 10.0.0.2 to 10.0.0.254 with 1 step each time.
Terms Explained
--------------------
FOR /L %I IN (2,1,254)
2 -> First IP of the range
1 -> 1 Step.
254 -> Final IP of range.
Local Area Connection -> Connection Name.
255.255.255.0 -> Netmask

directadmin

directadmin does not use the root user and login. it actually displays the admin
user and password at the end of the install, but seems, it was not posted here.
if in the future you are sent a server with directadmin and the login has not
been provided, you can do what i did. i pasted the command and output below.

login as: root
root@66.90.73.12's password:
Last login: Sat Apr 18 22:37:23 2009 from 202.88.229.110
[root@fast ~]# cat /usr/local/directadmin/scripts/setup.txt
hostname=fast.box.net
email=admin@fast.box.net
mysql=wQ5CRFOf
mysqluser=da_admin
adminname=admin
adminpass=iwYrJ7an
ns1=ns1.box.net
ns2=ns2.box.net
ip=66.90.73.12
netmask=255.255.255.0
uid=1925
lid=43084
services=services_es50.tar.gz

Password of the IUSR and IWAM local accounts on a machine?

Usually the IUSR_ and IWAM_ passwords are set automatically and are never known. However, there are cases in which the passwords get out of sync or corrupted and need to be reset. The easiest way to reset these passwords is to extract the passwords that Microsoft IIS has in its metabase and update the accounts in Local Users and Groups to use that password.

You first need to update the adsutil.vbs script, which you'll find in the AdminScripts folder under the Inetpub folder, to display sensitive information (e.g., passwords) instead of just asterisks. Open the adsutil.vbs file in Notepad and search for the text IsSecureProperty = True, replace this text with IsSecureProperty = False and save the file. Now run the following commands to return the passwords (/anonymoususerpass is the IUSR account; /wamuserpass is the IWAM_ account).

How can I configure multiple Web sites using Host Headers?

Microsoft Internet Information Services (IIS) permits you to map multiple Web sites to a single IP address using a feature called Host Header Names. By assigning a unique host header name to each Web site, this feature permits you to map more than one Web site to an IP address.

Configure Web Sites by Using Host Header Names

To configure Web sites by using the Host Header Names feature, follow these steps:
1. Click Start, point to Administrative Tools, and then click Internet Information Services.
2. Expand * server name (where server name is the name of the server), and then expand Web Sites.
3. Right-click the Web site that you want, and then click Properties.

The Web site name Properties dialog box appears (where Web site name is the name of the Web site that you selected).
4. Click the Web Site tab, and then in the IP Address list, select the IP address that you want assigned to this Web site.
5. Click Advanced.
6. Under Multiple identities for this Web Site, click the IP address, and then click Edit.

The Advanced Web Site Identification dialog box appears.
7. In the Host Header Name box, type the host header that you want. For example, type www.example1.com. Add the port number, select the IP address in the list, and then click OK.

NOTE: If you want to configure this Web site with additional identities, click Add. Use the same IP address and TCP port, but enter a unique Host Header Name, and then click OK. For example, if you want to access the same Web site from both the Internet and a local intranet, you can configure the Web site identity in the manner shown in the following example:

IP Address TCP Port Host Header Name

192.168.0.100 80 www.example1.com
192.168.0.100 80 example1.com


8. In the Advanced Multiple Web Site Configuration dialog box, click OK.
9. In the Web site name Properties dialog box, click OK.

You return to the IIS window.
10. Right-click the next Web site that you want, and then click Properties.
11. In the IP Address list, select the same IP address that you selected in step 4, and then click Advanced.
12. Under Multiple identities for this Web Site, click the IP address, and then click Edit.

The Advanced Web Site Identification dialog box appears.
13. In the Host Header Name box, type a unique host header for this Web site. For example, type www.example2.com, add the port number, select the IP address in the list, and then click OK.
14. In the Advanced Multiple Web Site Configuration dialog box, click OK.
15. In the Web site name Properties dialog box, click OK.

You return to the IIS window.
16. Repeat steps 10 through 15 for each Web site that you want hosted on this IP address.
17. Register the host header names with the appropriate name resolution system -- for example, a Domain Name System (DNS) server or, in the case of a small network, a Hosts file.
The Web sites are now configured to accept incoming Web requests, based on their host header names.
More Information

Do not assign a host header name to the Default Web Site. Many programs expect the Default Web Site to use an IP address of (All Unassigned), TCP Port 80, and no host header name.
Troubleshooting

• Clients cannot connect to the Web sites by using the IP address:

Because there is more than one Web site configured to the IP address, you must connect to the Web site by using the host header name. When you try to connect to the Web site by using the IP address, you receive the following error message:
The page cannot be found.

The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.
• Clients cannot connect to the Web sites by using host header names:

Multiple host names must be mapped to the single IP address by using a DNS server or a Hosts file.

How can I back up IIS settings?

There are a number of ways to do this. The properties and values set in the Internet Information Services Manager console (the IIS snap-in) are stored in the Metabase.bin file located at C:\winnt\system32\inetsrv by default. In IIS 5.0, you can back up the metabase from inside the IIS snap-in. To do this, select the computer icon and right-click. Then select Backup/Restore configuration. You can then choose to back up your current metabase settings or restore a previous version. This same option is also available in MetaEdit 2.2.

When you save the metabase in this way, your backup is stored in the C:\winnt\system32\instrv\metaback folder as an .md0 file. The file will have the name you assigned when you made the backup, such as Pre-Lockdown.md0. If you create multiple backups with the same name, they will have incremental extensions such as Backup.md0, Backup.md1, and so forth.

In the event that your metabase is seriously corrupted, you may be unable to start IIS. In that case, you will not be able to do a restore from the IIS snap-in or metaedit. Should this occur, you can restore by replacing Metabase.bin with the most appropriate .md0 (.md1, etc.) metabase backup file from the metaback folder. Assuming that your backups are good, IIS will start right up.

There are two other means to make a backup of the metabase. You can simply copy Metabase.bin using xcopy, scopy, or any other copy routine. You should stop the Internet services first so that your metabase is up to date and not in use.

Finally, there are two scripts provided—metaback.vbs and metarest.vbs—which are located in Inetpub\IISSamples\sdk\admin (if you installed the IIS SDK on IIS 5.0) or in the IIS Resource Kit\Utility\ADSI Admin Scripts folder (if you installed the IIS 4.0 Resource Kit). These .vbs scripts use an ADSI command specifically provided to make metabase backups.

IIS Commands

Start IIS from command prompt

iisreset /start

Stop IIS from command prompt

iisreset /stop

Authentication Methods in IIS

Intoduction
In IIS you can setup various authentication methods for entire sites or virtual directories. These authentication methods determine who can access the Web pages in the site/virtual directory. The three Authentication methods available are:

1. Anonymous Access - This authentication method requires NO username or password to access the site. Anyone can just type in the URL and access the site. This is the default access method for IIS sites/virtual directories and is the authentication mode for 99.9999% of the World Wide Web.

2. Basic Authentication - The authentication method requires you to type in a valid NT login and password to gain access to the system (the NT login must be a valid NT login for the NT domain that the Web server is on). Where Basis Authentication is enabled you will get a popup window asking for the username and password when trying to first visit a resource in that protected site/virtual directory. After you enter the required information the username and password will be transmitted over the network WITHOUT any encryption. This will enable anyone trying to compromise your site examine passwords during the authentication process.

3. Windows NT Challenge/Response (referred to as Integrated Windows Authentication in IIS 5) - This is supposedly the most secure form of Authentication in IIS. When you login, NT validates your login and ONLY the username is transmitted over the network. No password is transmitted. So under no circumstances can your password be compromised. Note that this method will NOT work with Netscape!.

Changing ASP execution time-- IIS

Some tiems you need to cheng the asp script execution time, especially in the case of asp uploads

steps to follow

1. Open IIS

2. Navigate to

IIS-->websites-->domainname.com-->properties( right click)-->Home directory-->configuration (in the bottom half of home directory)-->options (second tab) // here you can find the asp execition time (usually one) change it /*!!!! DONT RESTART IIS !!!*/

What do I do if my Linux Server / Workstation does not boot?

Q. I’m using Debian Linux and CentOS operating system. My question is what do I do if my server refused to boot? How do I troubleshoot the problem?

A. Usually most Linux distribution provides rescue mode. It allows to access to disk partition and you are allowed to solve the problem.

To use the rescue mode of the install CD, follow these steps:
a) Boot from 1st CD / DVD media

b) Enter rescue at the prompt. (use ‘dd rescue‘ if you need to load the SCSI driver)

c) You will get at a shell prompt. Now you can reinstall boot loader or check disk for errors and so on.

Please note that Linux distributions such as Mandriva or Ubuntu Linux offers menu based troubleshooting options.

Linux Iptables ip_conntrack: table full, dropping packet error and solution

Q. My Red hat Enterprise Linux 5 server reporting the following message in /var/log/messages (syslog):

ip_conntrack: table full, dropping packet.

How do I fix this error?

A. If you notice the above message in syslog, it looks like the conntrack database doesn’t have enough entries for your environment. Connection tracking by default handles up to a certain number of simultaneous connections. This number is dependent on you system’s maximum memory size.

You can easily increase the number of maximal tracked connections, but be aware that each tracked connection eats about 350 bytes of non-swappable kernel memory!

To print current limit type:
# sysctl net.ipv4.netfilter.ip_conntrack_max
Output:

8192

To increase this limit to e.g. 12000, type:
# sysctl -w net.ipv4.netfilter.ip_conntrack_max=12000
Alternatively, add the following line to /etc/sysctl.conf file:
net.ipv4.netfilter.ip_conntrack_max=12000
The following will tell you how many sessions are open right now:
# wc -l /proc/net/ip_conntrack


Output:

5000 /proc/net/ip_conntrack

How do I find out Linux System Memory Utilization?

Q. How do I find out System / Server Memory Utilization under RHEL / CentOS / any other Linux distribution?

A. You need to use free command which, displays the total amount of free and used physical and swap memory in the system, as well as the buffers used by the kernel.
free command example

Type the free command at shell prompt:
$ free
$ free -m
Output:

total used free shared buffers cached
Mem: 2010 1965 45 0 152 776
-/+ buffers/cache: 1036 974
Swap: 2047 137 1910

vmstat command

vmstat command provides more information :
$ vmstat
Output:

procs ———–memory———- —swap– —–io—- –system– —–cpu——
r b swpd free buff cache si so bi bo in cs us sy id wa st
0 0 140480 43636 158196 797692 1 0 108 220 1 4 7 5 87 1 0

Understanding vmstat memory options

* swpd: the amount of virtual memory used.
* free: the amount of idle memory.
* buff: the amount of memory used as buffers.
* cache: the amount of memory used as cache.
* inact: the amount of inactive memory. (-a option)
* active: the amount of active memory. (-a option)

$ vmstat -a
Output:

procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------
r b swpd free inact active si so bi bo in cs us sy id wa st
0 1 140480 37376 109516 1730040 1 0 108 220 1 4 7 5 87 1 0

The following command displays one new line of utilization data every second
$ vmstat 1
The following command displays one new line per 2 second, but only for the next 10 seconds:
$ vmstat 2 10
Output:

procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------
r b swpd free inact active si so bi bo in cs us sy id wa st
4 0 139216 23508 130644 1723680 1 0 108 220 1 5 7 5 87 1 0
2 0 139216 23252 130668 1723816 0 0 0 410 3242 11472 9 7 84 0 0
1 0 139216 23120 130656 1724012 0 0 0 750 3280 11592 3 6 90 1 0
0 0 139216 22996 130588 1724180 0 0 0 426 3272 11052 2 5 93 0 0
2 0 139216 20988 129932 1726980 0 0 6 1146 3353 12105 14 9 74 2 0
1 0 139216 20244 129900 1727216 0 0 0 392 3238 11752 8 7 85 0 0
1 0 139216 20120 129868 1727352 0 0 0 444 3197 11173 2 5 93 0 0
1 0 139216 25964 129852 1721044 0 0 0 268 3147 9269 1 4 95 0 0
3 0 139216 25964 129748 1721196 0 0 2 132 3199 10540 1 4 95 0 0
1 0 139216 25964 129676 1721332 0 0 0 456 3213 10608 2

Delete all root mail / inbox from a shell prompt

Delete all root mail / inbox from a shell prompt

Q. I’ve CentOS Linux acting as router for our small community based college. I see logwatch and other cron job generating emails for root account. How do I delete those emails? I don’t want to disable email facility but just wanted to get rid of all root emails.

A. The easilst way is to empty root / users email message file i.e. /var/spool/mail/root or /var/spool/mail/username. Simply type the following command at shell:

> /var/spool/mail/root

How to: Find Out Hard Disk Specs / Details on Linux:

Q. Can you tell me Linux command to find out information about my hard disk such as description, product name, bus type, size, cache memory size etc under Linux?


A.There are many tools to get this information. I recommend hdparm command which provides a command line interface to various hard disk ioctls supported by the stock Linux ATA/IDE device driver subsystem.

This command read / request identification information such as disk size, description and much more directly from the drive, which is displayed in a new expanded format.

Open the terminal and type the command:
# hdparm -I /dev/sda
OR
$ sudo hdparm -I /dev/sda
Output:

/dev/sda:

ATA device, with non-removable media
Model Number: ST3500630AS
Serial Number: 9XXYZ845YZ
Firmware Revision: 3.AAK
Standards:
Supported: 7 6 5 4
Likely used: 7
Configuration:
Logical max current
cylinders 16383 16383
heads 16 16
sectors/track 63 63

CHS current addressable sectors: 16514064
LBA user addressable sectors: 268435455
LBA48 user addressable sectors: 976773168
device size with M = 1024*1024: 476940 MBytes
device size with M = 1000*1000: 500107 MBytes (500 GB)
Capabilities:
LBA, IORDY(can be disabled)
Queue depth: 32
Standby timer values: spec’d by Standard, no device specific minimum
R/W multiple sector transfer: Max = 16 Current = 16
Recommended acoustic management value: 254, current value: 0
DMA: mdma0 mdma1 mdma2 udma0 udma1 udma2 udma3 udma4 udma5 *udma6
Cycle time: min=120ns recommended=120ns
PIO: pio0 pio1 pio2 pio3 pio4
Cycle time: no flow control=120ns IORDY flow control=120ns
Commands/features:
Enabled Supported:
* SMART feature set
Security Mode feature set
* Power Management feature set
* Write cache
* Look-ahead
* Host Protected Area feature set
* WRITE_BUFFER command
* READ_BUFFER command
* DOWNLOAD_MICROCODE
SET_MAX security extension
* 48-bit Address feature set
* Device Configuration Overlay feature set
* Mandatory FLUSH_CACHE
* FLUSH_CACHE_EXT
* SMART error logging
* SMART self-test
* General Purpose Logging feature set
* SATA-I signaling speed (1.5Gb/s)
* SATA-II signaling speed (3.0Gb/s)
* Native Command Queueing (NCQ)
* Phy event counters
Device-initiated interface power management
* Software settings preservation
Security:
Master password revision code = 65534
supported
not enabled
not locked
frozen
not expired: security count
not supported: enhanced erase
Checksum: correct

Linux port scanning with netcat (nc) command

Q. How do I find out which ports are opened on my own server? How do I run port scanning using nc command?

A. It may be useful to know which ports are open and running services on a target machine. You can use nmap command for port scanning.

If nmap is not installed try nc / netcat command. The -z flag can be used to tell nc to report open ports, rather than initiate a connection.

Run nc command with -z flag. You need to specify host name / ip along with the port range to limit and speedup operation.
$ nc -z vip-1.vsnl.nixcraft.in 1-1023
Output:

Connection to localhost 25 port [tcp/smtp] succeeded!
Connection to vip-1.vsnl.nixcraft.in 25 port [tcp/smtp] succeeded!
Connection to vip-1.vsnl.nixcraft.in 80 port [tcp/http] succeeded!
Connection to vip-1.vsnl.nixcraft.in 143 port [tcp/imap] succeeded!
Connection to vip-1.vsnl.nixcraft.in 199 port [tcp/smux] succeeded!
Connection to vip-1.vsnl.nixcraft.in 783 port [tcp/*] succeeded!
Connection to vip-1.vsnl.nixcraft.in 904 port [tcp/vmware-authd] succeeded!
Connection to vip-1.vsnl.nixcraft.in 993 port [tcp/imaps] succeeded!

Linux / UNIX: Scanning network for open ports with nmap command

You can use nmap tool for this job. It is flexible in specifying targets. User can scan entire network or selected host or single server. Nmap is also useful to test your firewall rules. namp is metwork exploration tool and security / port scanner. According to nmap man page:
It is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
nmap port scanning

TCP Connect scanning for localhost and network 192.168.0.0/24
# nmap -v -sT localhost
# nmap -v -sT 192.168.0.0/24
nmap TCP SYN (half-open) scanning

# nmap -v -sS localhost
# nmap -v -sS 192.168.0.0/24
nmap TCP FIN scanning

# nmap -v -sF localhost
# nmap -v -sF 192.168.0.0/24
nmap TCP Xmas tree scanning

Useful to see if firewall protecting against this kind of attack or not:
# nmap -v -sX localhost
# nmap -v -sX 192.168.0.0/24
nmap TCP Null scanning

Useful to see if firewall protecting against this kind attack or not:
# nmap -v -sN localhost
# nmap -v -sN 192.168.0.0/24
nmap TCP Windows scanning

# nmap -v -sW localhost
# nmap -v -sW 192.168.0.0/24
nmap TCP RPC scanning

Useful to find out RPC (such as portmap) services
# nmap -v -sR localhost
# nmap -v -sR 192.168.0.0/24
nmap UDP scanning

Useful to find out UDP ports
# nmap -v -O localhost
# nmap -v -O 192.168.0.0/24
nmap remote software version scanning

You can also find out what software version opening the port.
# nmap -v -sV localhost
# nmap -v -sV 192.168.0.0/24
A note about Windows XP / 2003 / Vista version

Windows user can find ipEye and IPSecScan utilities useful. Please note that Nmap also runes on Windows OS.

Read the man page of nmap for more information:
$ man nmap

Extract a selected file from tar.gz files

First unzip the file using

gunzip filename.tar.gz

This create a filename.tar file then to display the contets use

tar -t filename.tar

Then if you want to extract a file called abc.sql from that tar just give the command

tar -xvf /path/filename.tar -M /fullpath/abc.sql

It will be extracted to /fullpath/inside/abc.sql in the directory you are residing.

Linux Screen Command

GNU Screen enables you to run many shell processes in a single terminal. So in one e.g. xterm you can have many bash instances like layers in GIMP or Adobe Photoshop. Even better, you can split your terminal into different regions.

Steps
-----
1)Create a screen using the command
#screen -S niyas

2)Close the shell without logout

3)Open a new shell

4)Type screen -ls

[root@cochin1 ~]# screen -ls
There are screens on:
16921.joemon (Dead ???)
3981.name (Attached)
5002.niyas (Attached)
Remove dead screens with 'screen -wipe'.
3 Sockets in /tmp/screens/S-root.

5)You can login to that screen using the command screen -r 'screen name'

[root@cochin1 ~]# screen -r 5002.niyas
There is a screen on:
5002.niyas (Attached)

Installing Postgres in Cpanel Server

Please refer the url: http://www.scriptinstallation.in/cpanel_postgres.html

tar commands

tar is used to create a Tape ARchive. The resulting file is known as a tarball. It's pretty much the same concept as a

ZIP file, if you know what they are, but without the compression. To get the files out of a tarball, you can use the

following commands:

# tar xvf nobs.tar

If the tarball has also been gzipped (compressed), you can use the following command:

# tar xvfz nobs.tar.gz

If you only want certain directories from the tarball, do this:

# tar xvzf nobs.tar.gz */dir.you.want/*

If you have a .tar.bz2 file, then you need bzip2 installed (/usr/ports/archivers/bzip2), and you issue this command:

# tar yxf nobs.tar.bz2


tar
To tar up *.db in the current directory into a tarball called nobs.tar.gz, issue this command:

# tar cfz nobs.tar.gz *.db

The z option compresses.
listing the contents
To see a list of the files within a tarball, issue the following command:

# tar -tzf nobs.tar.gz

The -t provides a list. the -z indicates that the tarball is compressed. The -f identifies the tarball.

Here's an example:

# tar -tzf makeworld.991126.tgz
etc/
etc/protocols
etc/aliases
etc/services
etc/hosts

Windows Run Commands

Start Menu >> Run

Accessibility Controls - access.cpl
Add Hardware Wizard - hdwwiz.cpl
Add/Remove Programs - appwiz.cpl
Administrative Tools - control admintools
Automatic Updates - wuaucpl.cpl
Bluetooth Transfer Wizard - fsquirt
Calculator - calc
Certificate Manager - certmgr.msc
Character Map - charmap
Check Disk Utility - chkdsk
Clipboard Viewer - clipbrd
Command Prompt - cmd
Component Services - dcomcnfg
Computer Management - compmgmt.msc
Date and Time Properties - timedate.cpl
DDE Shares - ddeshare
Device Manager - devmgmt.msc
Direct X Control Panel (If Installed)* - directx.cpl
Direct X Troubleshooter - dxdiag
Disk Cleanup Utility - cleanmgr
Disk Defragment - dfrg.msc
Disk Management - diskmgmt.msc
Disk Partition Manager - diskpart
Display Properties - control desktop
Display Properties - desk.cpl
Display Properties (w/Appearance Tab Preselected) - control color
Dr. Watson System Troubleshooting Utility - drwtsn32
Driver Verifier Utility - verifier
Event Viewer - eventvwr.msc
File Signature Verification Tool - sigverif
Findfast - findfast.cpl
Folders Properties - control folders
Fonts - control fonts
Fonts Folder - fonts
Free Cell Card Game - freecell
Game Controllers - joy.cpl
Group Policy Editor (XP Prof) - gpedit.msc
Hearts Card Game - mshearts
Iexpress Wizard - iexpress
Indexing Service - ciadv.msc
Internet Properties - inetcpl.cpl
IP Configuration (Display Connection Configuration) - ipconfig /all
IP Configuration (Display DNS Cache Contents) - ipconfig /displaydns
IP Configuration (Delete DNS Cache Contents) - ipconfig /flushdns
IP Configuration (Release All Connections) - ipconfig /release
IP Configuration (Renew All Connections) - ipconfig /renew
IP Configuration (Refreshes DHCP & Re - Registers DNS) - ipconfig /registerdns
IP Configuration (Display DHCP Class ID) - ipconfig /showclassid
IP Configuration (Modifies DHCP Class ID) - ipconfig /setclassid
Java Control Panel (If Installed) - jpicpl32.cpl
Java Control Panel (If Installed) - javaws
Keyboard Properties - control keyboard
Local Security Settings - secpol.msc
Local Users and Groups - lusrmgr.msc
Logs You Out Of Windows - logoff
Microsoft Chat - winchat
Minesweeper Game - winmine
Mouse Properties - control mouse
Mouse Properties - main.cpl
Network Connections - control netconnections
Network Connections - ncpa.cpl
Network Setup Wizard - netsetup.cpl
Notepad - notepad
Nview Desktop Manager (If Installed) - nvtuicpl.cpl
Object Packager - packager
ODBC Data Source Administrator - odbccp32.cpl
On Screen Keyboard - osk
Opens AC3 Filter (If Installed) - ac3filter.cpl
Password Properties - password.cpl
Performance Monitor - perfmon.msc
Performance Monitor - perfmon
Phone and Modem Options - telephon.cpl
Power Configuration - powercfg.cpl
Printers and Faxes - control printers
Printers Folder - printers
Private Character Editor - eudcedit
Quicktime (If Installed) - QuickTime.cpl
Regional Settings - intl.cpl
Registry Editor - regedit
Registry Editor - regedit32
Remote Desktop - mstsc
Removable Storage - ntmsmgr.msc
Removable Storage Operator Requests - ntmsoprq.msc
Resultant Set of Policy (XP Prof) - rsop.msc
Scanners and Cameras - sticpl.cpl
Scheduled Tasks - control schedtasks
Security Center - wscui.cpl
Services - services.msc
Shared Folders - fsmgmt.msc
Shuts Down Windows - shutdown
Sounds and Audio - mmsys.cpl
Spider Solitare Card Game - spider
SQL Client Configuration - cliconfg
System Configuration Editor - sysedit
System Configuration Utility - msconfig
System File Checker Utility (Scan Immediately) - sfc /scannow
System File Checker Utility (Scan Once At Next Boot) - sfc /scanonce
System File Checker Utility (Scan On Every Boot) - sfc /scanboot
System File Checker Utility (Return to Default Setting) - sfc /revert
System File Checker Utility (Purge File Cache) - sfc /purgecache
System File Checker Utility (Set Cache Size to size x) - sfc /cachesize=x
System Properties - sysdm.cpl
Task Manager - taskmgr
Telnet Client - telnet
User Account Management - nusrmgr.cpl
Utility Manager - utilman
Windows Firewall - firewall.cpl
Windows Magnifier - magnify
Windows Management Infrastructure - wmimgmt.msc
Windows System Security Tool - syskey
Windows Update Launches - wupdmgr
Windows XP Tour Wizard - tourstart
Wordpad - write

Hide Commands in Shell

Hide Commands in Shell

To hide the commands you are entering in shell, use "stty" command :)

#stty -echo

Now, all commands that you type are invisible.
To disable this mode, issue the following command at the shell prompt:

#stty echo

Kill processes for user

Kill processes for user

To easily kill all processes running under a user

ps -u USER | awk ‘{print $1}’ | xargs kill -9

or

pkill -u USER

replacing USER with the username.

To kill all specific processes such as php running under a user run,

ps -u USER | grep PROCESS |awk ‘{print $1}’ | xargs kill -9

replacing USER with username and PROCESS with php or any other process.

Changing permissions recursively

Changing permissions recursively

For changing the permissions of all the sub directories, please use the following

find . -type d -exec chmod 755 {} \;


For changing the permissions of all the sub directories, please use the following

find . -type f -exec chmod 644 {} \;

Unable to add an email account: Already exists

Its for Helm/ Mail enable.

We need to remove the email account from the mail enable database sql query
SELECT ID, Account, SourceAddress, DestinationAddress, Scope, Status
FROM ADDRESS_MAP
WHERE (SourceAddress = '[SMTP:jc.lim@asia-angle.com]')

DELETE FROM ADDRESS_MAP WHERE (SourceAddress = '[SMTP:jc.lim@asia-angle.com]')
this need to excute in mssql

Now try to add the account again.

December 19, 2009

File /Folder Permissions

These are the numeric values and its related permissions in a linux system.

4000 - Setuid on execution
2000 - setgid on execution
1000 - set sticky bit
0400 - read by owner
0200 - write by owner
0100 - execute by owner
0040 - read by group
0020 - wrrite by group
0010 - execute by group
0004 - read by others
0002 - write by others
0001 - execute by others

The chmod numeric value varies from 0000 to 7777

You can use these or combination of these numeric values with chmod command or you can specify it with strings. While specifying with strings use the following arguments..
u - user - to add/remove permissions of user or owner of file.
g - group - to add/remove permissions of group members of file.
o - other - to add/remove permissions of other group members or world wide permission of file.

Eg:
The following commands will enable the setuid on the file abc.pl
chmod 4755 abc.pl
chmod u+s abc.pl

Locating files using the find command

Find is a versatile tool which can be used to locate files and directories satisfying different user criteria. But the sheer number of options for this command line tool makes it at the same time both powerful and encumbering for the user. Here I will list a few combinations which one can use to get useful results using find command.

Find all HTML files starting with letter 'a' in your current directory (Case sensitive)
find . -name a\*.html

Same as above but case insensitive search.
find . -iname a\*.html

Find files which are larger than 5 MB in size.
find . -size +5000k -type f

Here the '+' in '+5000k' indicates greater than and k is kilobytes. And the dot '.' indicates the current directory. The -type option can take any of the following values:

f - file
d - directory
l - symbolic link
c - character
p - named pipe (FIFO)
s - socket
b - block device

Find all empty files in your directory
find . -size 0c -type f

... Which is all files with 0 bytes size. The option -size can take the following:


c - bytes
w - 2 byte words
k - kilo bytes
b - 512 byte blocks


Note: The above command can also take the -empty parameter.

Find is very powerful in that you can combine it with other commands. For example, to find all empty files in the current directory and delete them, do the following:
find . -empty -maxdepth 1 -exec rm {} \;

To search for a html file having the text 'Web sites' in it, you can combine find with grep as follows:
find . -type f -iname \*.html -exec grep -s "Web sites" {} \;

... the -s option in grep suppresses errors about non-existent or unreadable files. And {} is a placeholder for the files found. The semicolon ';' is escaped using backslash so as not to be interpreted by bash shell.

Note: You can use the -exec option to combine any command in Linux with the find command. Some of the useful things you can do with it are as follows:

Compress log files on an individual basis
find /var -iname \*.log -exec bzip {} \;

Find all files which belong to user lal and change its ownership to ravi
find / -user lal -exec chown ravi {} \;

Note: You can also use xargs command instead of the -exec option as follows:
find /var -iname \*.log | xargs bzip -

Find all files which do not belong to any user:
find . -nouser

Find files which have permissions rwx for user and rw for group and others :
find . -perm 766

... and then list them.

find . -perm 766 -exec ls -l {} \;

Find all directories with name music_files
find . -type d -iname \*music_files\*

Suppose you want to find files of size between 700k and 1000k, do the following:
find . \( -size +700k -and -size -1000k \)

And how about getting a formatted output of the above command with the size of each file listed ?
find . \( -size +700k -and -size -1000k \) -exec du -Hs {} \; 2>/dev/null

... here, the '2>/dev/null' means all the error messages are discarded or suppressed.

You can also limit your search by file system type. For example, to restrict search to files residing only in the NTFS and VFAT filesystem, do the following:
find / -maxdepth 2 \( -fstype vfat -or -fstype ntfs \) 2> /dev/null

These are the most common uses of the find command. You can see additional uses by reading the find manual.

Simple linux commands

/bin/ls Lists the contents of the directory.


/bin/cp Copies the file.


/bin/mv Moves the file.


/bin/rm Deletes the file.


/bin/vi A very versatile, flexible and powerful editor.


/bin/touch Update the time stamp of the file with current time.


/bin/df Shows the disk free space of mounted file systems.


/usr/bin/du Shows the disk usage.


/usr/bin/who Displays who's loged in the system.


/bin/cat Concatenate files and print the output on the standard output.

How to use RPM Commands

This section contains an overview of principal modes using with RPM for installing, uninstalling, upgrading, querying, listing, and checking RPM packages on your Linux system. You must be familiar with these RPM commands now because we'll use them often in the continuation of this book. To install a RPM package, use the command:

[root@deep] /#rpm -ivh foo-1.0-2.i386.rpm

Take a note that RPM packages have a file of names like foo-1.0-2.i386.rpm, which include the package name (foo), version (1.0), release (2), and architecture (i386).

To uninstall a RPM package, use the command:

[root@deep] /#rpm -e foo

Notice that we used the package name foo, not the name of the original package file foo-1.0-2.i386.rpm.

To upgrade a RPM package, use the command:

[root@deep] /#rpm -Uvh foo-1.0-2.i386.rpm

With this command, RPM automatically uninstall the old version of foo package and install the new one. Always use rpm -Uvh to install packages, since it works fine even when there are no previous versions of the package installed.

To query a RPM package, use the command:

[root@deep] /#rpm -q foo

This command will print the package name, version, and release number of installed package foo. Use this command to verify that a package is or is not installed on your system.

To display package information, use the command:

[root@deep] /#rpm -qi foo

This command display package information; includes name, version, and description of the installed program. Use this command to get information about the installed package.

To list files in package, use the command:

[root@deep] /#rpm -qlfoo

This command will list all files in a installed RPM package. It works only when the package is already installed on your system.

To check a RPM signature package, use the command:

[root@deep] /#rpm --checksig foo

This command checks the PGP signature of specified package to ensure its integrity and origin. Always use this command first before installing new RPM package on your system. Also, GnuPG or Pgp software must be already installed on your system before you can use this command.

Look at the scripts/config files and documentation that ship with the package, you can do that using:

[root@deep] /#rpm -qc

resp.

[root@deep] /#rpm -qd
In most cases a solution may be at hand without needing my help.

Difference Between .rpm and .tar.gz

RPM

Rpm (redhat package manager), is default installation type for all distributions except debian (which use .deb's).
The main uses are
Install from compiled i386|i486|i586|i686.rpm
rpm -ivh applicationname.i386.rpm
this breaks down to -i (install) -v (be verbose) h (hash -- or show progress)

Upgrading comes in the form of
rpm -Uvh appname.i386.rpm
(-U being upgrade)

Rebuilding from a .src.rpm
rpm --rebuild appname.src.rpm
Here the configure and make script are performed automagically. A couple of lines up when the compilation is finished it will say
WROTE: /usr/src/RPM/RPMS/i686/appname.rpm
or something similar. All you need to do then is
rpm -ivh (or Uvh) /usr/src/RPM/RPMS/i686/appname.rpm

Source tar.gz

Most source applications come in tar.gz files. These are compressed files not unlike .zip files. These are uncompressed using
tar xzvf tarfilename.tar.gz
x = extract, z = gzip, v = verbose f=file/force
The sources should now be untarred to their own directory from where you unpacked them.
cd newappdir
(change directory)
run the configure script
./configure
if all goes well, with no errors the make files are now created. Now we run
make
Once all the source files are compiled, the app is installed
make install

The app can now be located in the same dir, or optionally in /usr/bin or /usr/sbin

How to delete symbolic link

When using the rm or unlink command to remove a symbolic link to a directory, make sure you don’t end the target with a ‘/’ character because it will create an error. Example:

$ mkdir dirfoo
$ ln -s dirfoo lnfoo
$ rm lnfoo/
rm cannot remove directory ‘lnfoo/’ : Is a directory
$ unlink lnfoo/
unlink: cannot unlink ‘lnfoo/’: Not a directory
$ unlink lnfoo

scp - Secure copy of your content

scp is a great way to move files around from one machine to second machine.

This can take the place of an ftp server for moving files around.

From remote machine to local

root :~# scp user@xx.xx.xx.xx:/home/user/old-stuff /home/user/restore

From local machine to remote

root :~# scp home/to/file you@xx.xx.xx.xx:path/to/file

From remote to remote

root :~# scp user@xx.xx.xx.xx:path/to/file user@xx.xx.xx.xx:path/to/file

xx.xx.xx.xx == Your server IP

sgid

Setting the SGID attribute on a directory : chmod g+s

If the SGID (Set Group Identification) attribute is set on a directory, files created in that directory inherit its group ownership.

If the SGID is not set the file's group ownership corresponds to the user's default group.

In order to set the SGID on a directory or to remove it, use the following commands:

chmod g+s directoryname
chmod g-s directoryname

When set, the SGID attribute is represented by the letter "s" which replaces the "x" in the group permissions:

ls -l directoryname
drwxrwsr-x 10 george administrators 4096 2006-10-10 8:45 directory

How could I know list of the new features available for each kernel?

rpm -qp --changelog kernel-2.6.9-1.860_EL.i686.rpm | more

Egrep is used to print lines matching a pattern

# egrep --help
Usage: egrep [OPTION]... PATTERN [FILE] ...
Search for PATTERN in each FILE or standard input.
Example: egrep -i 'hello world' menu.h main.c

Regexp selection and interpretation:
-E, --extended-regexp PATTERN is an extended regular expression
-F, --fixed-strings PATTERN is a set of newline-separated strings
-G, --basic-regexp PATTERN is a basic regular expression
-P, --perl-regexp PATTERN is a Perl regular expression
-e, --regexp=PATTERN use PATTERN as a regular expression
-f, --file=FILE obtain PATTERN from FILE
-i, --ignore-case ignore case distinctions
-w, --word-regexp force PATTERN to match only whole words
-x, --line-regexp force PATTERN to match only whole lines
-z, --null-data a data line ends in 0 byte, not newline

Miscellaneous:
-s, --no-messages suppress error messages
-v, --invert-match select non-matching lines
-V, --version print version information and exit
--help display this help and exit
--mmap use memory-mapped input if possible

Output control:
-m, --max-count=NUM stop after NUM matches
-b, --byte-offset print the byte offset with output lines
-n, --line-number print line number with output lines
--line-buffered flush output on every line
-H, --with-filename print the filename for each match
-h, --no-filename suppress the prefixing filename on output
--label=LABEL print LABEL as filename for standard input
-o, --only-matching show only the part of a line matching PATTERN
-q, --quiet, --silent suppress all normal output
--binary-files=TYPE assume that binary files are TYPE
TYPE is 'binary', 'text', or 'without-match'
-a, --text equivalent to --binary-files=text
-I equivalent to --binary-files=without-match
-d, --directories=ACTION how to handle directories
ACTION is 'read', 'recurse', or 'skip'
-D, --devices=ACTION how to handle devices, FIFOs and sockets
ACTION is 'read' or 'skip'
-R, -r, --recursive equivalent to --directories=recurse
--include=PATTERN files that match PATTERN will be examined
--exclude=PATTERN files that match PATTERN will be skipped.
--exclude-from=FILE files that match PATTERN in FILE will be skipped.
-L, --files-without-match only print FILE names containing no match
-l, --files-with-matches only print FILE names containing matches
-c, --count only print a count of matching lines per FILE
-Z, --null print 0 byte after FILE name

Context control:
-B, --before-context=NUM print NUM lines of leading context
-A, --after-context=NUM print NUM lines of trailing context
-C, --context=NUM print NUM lines of output context
-NUM same as --context=NUM
--color[=WHEN],
--colour[=WHEN] use markers to distinguish the matching string
WHEN may be `always', `never' or `auto'.
-U, --binary do not strip CR characters at EOL (MSDOS)
-u, --unix-byte-offsets report offsets as if CRs were not there (MSDOS)

How To Use Pico

What is PICO?

PICO is a very simple and easy-to-use text editor offering paragraph justification, cut/paste, and a spelling checker. (Pico is an acronym for PIne COmposer)

Commands:
The editing commands are displayed at the bottom of the screen and are envoked using CTRL-KEY combinations. (Key is the key letter such as CTRL-W) The ^ character is representing the CTRL and the letter that follows represents the KEY. For example ^W will be CTRL-W on your keyboard. You press the CTRL key hold it and then press the W key. Some commands will require input such as searching. The prompts will be at the bottom of the screen, above the command labels.

Start Pico:
Type: pico
This will tell PICO to open a file. If you do not specific a file you can start editing a blank file, and then save it as whatever you wish when you quit.

Save Your Changes:
Press: CTRL-O
You will be displayed / asked what file PICO should save the document as.
Press: Enter (Or rename file to your linking and then press enter)
PICO has now saved your document.

Exiting Pico:
Press: CTRL-X
You will be prompted "Save modified buffer" this means do you want to save your modified file.

PICO Commands:
CTRL-K will delete the entire line that the cursor is currently on (Cut Text)
CTRL-U will insert the previously deleted line of text at the current position (Un-Cut Text)
CTRL-W will bring up a box at the bottom of the document for you to search.
CTRL-C will cancel anything.
CTRL-T will bring up the spell checker.

If you are trying to find a program, log into the shell.

Type the command:

# whereis

where 'program' is the program you are looking for, will show you one or more possibilities for what you are looking for.

If you have more than one copy of a program, say one in /usr/bin and another in /usr/local/bin/ ,

typing "which program" will show you which one will be called first.

If you can't find it at all, type command:

# locate

will show you everyfile that matches "program".

Some of the most common programs :
• /usr/sbin/sendmail
• /usr/bin/perl
• /bin/mail
• /usr/bin/php

Default locations for most commonly used configuration files and important directories:

Exim

• /etc/exim.conf
• /var/log/exim_mainlog
• /var/log/exim_rejectlog
• /etc/valiases/
• /etc/vfilters/
• /home/username/.forward

MySQL

• /root/.my.cnf
• /etc/my.cnf
• /var/lib/mysql/

Apache
• /usr/local/apache/conf/httpd.conf
• /usr/local/apache/domlogs/

System
• /var/log/messages
• /var/log/dmesg

Proftpd
• /etc/proftpd.conf
• /var/log/xferlog
• /etc/proftpd/

sshd
• /etc/ssh/sshd_config

Interactive Find command usage

Sometimes we need to find the file in server which we do not know where exactly it is located:

Search and list all files from current directory and down for the string ABC:

Quote
find ./ -name "*" -exec grep -H ABC {} \;
find ./ -type f -print | xargs grep -H "ABC" /dev/null
egrep -r ABC *

Find all files of a given type from current directory on down:
Quote
find ./ -name "*.conf" –print

Find all user files larger than 5Mb:

Quote
find /home -size +5000000c –print

Find all files owned by a user (defined by user id number) on
the system: (could take a long time)


Quote
find / -user 501 –print

Find all files created or updated in the last five minutes: (Great for finding effects of make install)

Quote
find / -cmin -5

Find all world writable directories:
Quote
find / -perm -0002 -type d –print

Find all world writable files:

Quote
find / -perm -0002 -type f -print
find / -perm -2 ! -type l -ls

Find files with no user:

Quote
find / -nouser -o -nogroup –print

Find files modified in the last two days:

Quote
find / -mtime 2 -o -ctime 2

finding files in a directory that are older than 3 days and deleting them:
Quote
find /directoryname -type f -mtime +3 -exec rm {} \;

Other commands on Version, Virus scan etc

What version of Linux is running

root:~#cat /etc/redhat-release

or for non Red-Hat Linux

root:~#cat /etc/issue


Comapre this to the kernel

root:~#uname -a

and

root:~#cat /proc/version

Who is the author of the file:

root:~#ls –la --author


When was the last time the file has been accessed and by who:

root:~#ls -l --time=access

Before you run off and use the cat command it is good to first check the file type with the file command. Many a time I myself have been fooled seeing a file marked as something.html and finding it was really a binary file.


What kind of file is it:

root:~#file filename

or

root:~#file /path/to/directory/*


Real Time Network Activity Examples:

root:~#watch -d "netstat -nalp |grep -v DGRAM |grep -v STREAM |grep -v LISTEN"
root:~#watch "netstat -nalp"|grep ":TCP PORT Number"
root:~#watch "netstat -nalp"|grep ":22"

Update the Locate Database:

root:~#updatedb &

Search for Apache Exploit

for i in `locate access_log` ; do echo $i ; egrep -i '(chr\(|system\()|(curl|wget|chmod|gcc|perl)%20' $i ; done

or

egrep -i '(chr\(|system\()|(curl|wget|chmod|gcc|perl)%20' /path/to/log/files/*


cPanel
egrep -i '(chr\(|system\()|(curl|wget|chmod|gcc|perl)%20' /usr/local/apache/logs/*


Ensim
egrep -i '(chr\(|system\()|(curl|wget|chmod|gcc|perl)%20'/home/virtual/site*/fst/var/log/httpd/*


Plesk
egrep -i '(chr\(|system\()|(curl|wget|chmod|gcc|perl)%20' /home/httpd/vhosts/*/statistics/logs/*
egrep -i '(chr\(|system\()|(curl|wget|chmod|gcc|perl)%20' /var/log/httpd/*

Of course not every thing that it locates is an exploit, it takes some interpreting. You are looking for obvious things such as a call to wget to download a file, or a call to perl that looks strangely out of place. However one thing this script does not search for is a call to shell code. Once you locate the access logs run a second search for long strings containing /x90/. I have yet to find a good interpreter of what these shell codes do but again google.com is your friend. Most often you can do a search for the code itself and come up with a technical explanation of what the code does.


Search for Shell Code:
cat /path/to/access/logs/* |grep "/x90/"

Finally now you can run your favorite virus scan and root kit hunter. Some favorites include rkhunter and chkrootkit.


ChkRootkit
http://www.chkrootkit.org


RKHunter
http://www.rootkit.nl

Hopefully by now the updatedb has finished, you can check the status of that by usingthe jobs command. Look for things that are out of place and dont belong, are there .bash_history or access_log files that seem to be in the wrong area. This is where you try to think like a hacker and try to find the strange things that just don’t seem right.


Think Like a Hacker in Your Search

root:~#locate .bash_history
root:~#locate access_log
root:~#locate "..."
root:~#locate ".. "
root:~#locate " .."
root:~#locate ". "
root:~#locate " ."

Who Ownes the IP Address

root:~#whois 12.34.56.78

Gather all Data About the IP Address

root:~#for i in `ls /var/log -la |grep -v drwx |grep -v lrwx | awk '{print $9}'`; do echo /var/log/$i; cat /var/log/$i |grep "12.34.56.78 ; done

ipcs

System administration command. Print report on interprocess communication (IPC) message queues, shared memory segments, and semaphore arrays for which the current process has read access. Options can be used to specify the type of resources to report on and the output format of the report.
Options

Resource specification options:
-a

Report on all IPC facilities: shared memory segments, message queues, and semaphore arrays. This is the default.

-m

Report on shared memory segments.

-q

Report on message queues.

-s

Report on semaphore arrays.

Output format options:
-b

Print information on maximum size of the resource: size in bytes of messages or shared memory segments, and the number of semaphores per set in the case of semaphore arrays.

-c

Print creator and owner user IDs for IPC facilities.

-l

Print resource maximum and minimum limits.

-o

Print outstanding usage of the resource in question: the number of messages and the total size of the message queue, or the number of processes using shared memory segments.

-p

Print creator and last operation process identifiers.

-t

Print attach, detach, and change times for shared memory segments, last operation and change times for semaphore arrays, and send, receive, and change times for message queues.

-u

Print summary of current resource usage.

Other options:
-h

Print help message, then exit.

-i identifier

Used in combination with the -m, -q, or -s options. Report only on the resource specified by numeric identifier.


Quote
# ipcs

------ Shared Memory Segments --------
key shmid owner perms bytes nattch status

------ Semaphore Arrays --------
key semid owner perms nsems
0x00000000 11927552 apache 600 1
0x00000000 11960321 apache 600 1
0x00000000 11993090 apache 600 1
0x00000000 12025859 apache 600 1
0x00000000 12058628 apache 600 1
0x00000000 12091397 apache 600 1
0x00000000 12124166 apache 600 1
0x00000000 12156935 apache 600 1

------ Message Queues --------
key msqid owner perms used-bytes messages

Advance command for System Administrator

To get the list of username with its user ID in formatted way:

Quote
# awk -F":" '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd

Find the particular string from the list of files in current directory:

Quote
# cd /etc
# for i in $(find -type f); do grep -iH nfsnobody $i; done

Or

Quote
# grep -iH nfsnobody *

Get the no of occurrences of particular word in file:

Quote
# awk '/ServerName/ {i=i+1} END {print i}' /etc/httpd/conf/httpd.conf
# grep ServerName /etc/httpd/conf/httpd.conf

To delete resources of semaphore arrays from memory:

Quote
# ipcs -s | grep apache | perl -e 'while () { @a=split(/\s+/); print`ipcrm sem $a[1]`}'

To check whether perl module is installed correctly or not:

If all is correct then output of this command nothing

Quote
# perl -e 'require Mail::SPF::Query'


To install CPAN module:
Quote
#cpan
cpan> install Mail::SPF::Query
CPAN: Storable loaded ok
Going to read /root/.cpan/Metadata
Database was generated on Thu, 24 Nov 2005 14:54:20 GMT
Mail::SPF::Query is up to date.


To get the list of IP addresses in the server:

Quote
#ifconfig | grep -vw inet6 | grep -w inet | cut -d : -f 2 | cut -d \ -f 1

Find list of IP address along with eth device and network mask:

Quote
# ifconfig | cut -d " " -f1,12,16 | grep -A 1 eth | tr -d - | tr -s "\n" |sed -e :a -e N -e 's/\n/ /'

Know the performance of your HardDisk:

change the device address as per your servers configuration

Quote
# hdparm -Tt /dev/sda


Get the customized output of raw accesslog of httpd:
Navigate the folder where your http access log reside

Quote
# tail -f access_log | awk '{if ($11 ~"\"-\"") print $1, $7, $12; else print $1, $10, $11, $12}'

The details of the present http connections can be found by using:

Quote
# netstat -plan | grep ":80 " | awk {'print $5'} |awk -F: {'print $1'}|sort
# cat /proc/net/ip_conntrack | grep "port=80" | wc -l

Number of connection from perticular IP addfess:

Quote
# netstat -ntu | awk '{print $5}'| cut -d: -f1 | sort | uniq -c | sort -nr | more

No of conections:

Quote
# netstat -alntp

#/sbin/ldconfig /usr/local/lib - Update the system linker cache

Port scanning using nmap:
You can customized it to get more informative output

Quote
# nmap -sS localhost -
instead host localhost, it could be IP address of another server which is in question

You can execute bash command a certain number of times by using something similar to the following:


Quote
n=0;while test -$n -gt -10; do echo n=$n; n=$[$n+1]; done

That code will print "n=0", "n=1", and so on 10 times.

Only get the listing of directories:

Quote
ls -F $1 | grep \/ | sed -e 's/\/$/4/g'

Real Time Network Activity Examples:
Quote
root# watch -d "netstat -nalp |grep -v DGRAM |grep -v STREAM |grep -v LISTEN"
root# watch "netstat -nalp"|grep ":TCP PORT Number"
root# watch "netstat -nalp"|grep ":22"


I think below command will be use to know the highest process used by IP address for particular services

Quote
netstat -tnp | awk -F':|/|\t*| *' '{if( $7 == "25" ) {print; $cmd=sprintf("ps -uwwwp %d",$9);system($cmd);}}'

Return which ports are currently being listened :

Quote
netstat -ant | grep LISTEN | sed -n 's/^[^:]*:\([0-9]\+\) .*$/\1/p'

Other useful commands

netstat -tupl :List internet services on a system

netstat -tup :List active connections to/from system

# lsof -p $$ :List paths that process id has open

# lsof ~ :List processes that have specified path open

# last reboot :Show system reboot history.

# ls -lSr :Show files, biggest last

# du -s * | sort -k1,1rn | head :Show top disk users in current dir. See also dutop

# cat /proc/partitions :Show all partitions registered on the system

Automatically reboot on high iowait sta

Write below mentioned code in SHELL:
Automatically reboot on high iowait stat

Quote
# top -C -b -n 1 -i |awk '/total/ && substr($7, 0, index($7,".")) >70{print "/sbin/reboot"}'|sh

Awk displays "/sbin/reboot", if IOWAIT > 70 % and shell runs the command

you can run that in root's cron or include it via a shell script.

-C = combines statistics on a SMP machine into 1 line
-n 1 = display once
-i = ignore zombie/waiting processes

This how to is derived from Ev1servers forum

Using chattr to Eliminate Command Line Histories

Red Hat uses Bash as its default shell. One of the features of Bash is its ability to keep a running history of commands the user has typed. This could, however, end up being a security problem. If a bad guy were able to compromise a user's home directory, they could view commands the user has executed. In some cases, this could expose improperly used passwords or special privileges available to the user (such as sudo.)

In an environment where security is more important than convenience, you may consider disabling this function. A simple solution would be to use the chattr command to lock out the ability to update the file. As root, access the user's home directory. Type:

Code:

rm .bash_history
touch .bash_history
chattr +i .bash_history


The user will still have a command line history, but it will only apply to the current session. When the user logs out, the information will not be saved to the drive. To have this apply to all future users, make the changes in the /etc/skel directory.

split - split big files into smaller files

While searching about spliting large file in smaller files I have found below mentioned command:

Syntax:

root :~# split -b 2000 FILENAME

split is the command
-b stands for bytes

2000b is nearly 2mb (you can change this to whatever you want too for size)
FILENAME is the filename of file you want to split.

Now, to get that many pieces BACK together again with the CAT command:

put all the "pieces" into one directory and then run the command

root :~# cat * > NEWFILE

File - Folder Size in linux

If you want to know file/folder size every time then use below menthod:

Quote
root:~# du -h --max-depth=1

You could create an alias in .bashrc file and use it.
Quote
alias fs='du -h --max-depth=0 $1' #fs=foldersize -requires ONE input

Quote
root:~#fs log
4.1G log

Find kernel driver/module

To find out what a particular driver/module does you can usually use the modinfo command:

# modinfo -d e1000
Intel(R) PRO/1000 Network Driver
#
# modinfo -d hangcheck-timer
Hangcheck-timer detects when the system has gone out to lunch past a certain margin.
#

To get a list of parameters supported by a kernel driver/module, the modinfo command will usually provide the information:

# modinfo -p e1000
debug:Debug level (0=none,...,16=all)
InterruptThrottleRate:Interrupt Throttling Rate
RxAbsIntDelay:Receive Absolute Interrupt Delay
RxIntDelay:Receive Interrupt Delay
TxAbsIntDelay:Transmit Absolute Interrupt Delay
TxIntDelay:Transmit Interrupt Delay
XsumRX:Disable or enable Receive Checksum offload
FlowControl:Flow Control setting
AutoNeg:Advertised auto-negotiation setting
Duplex:Duplex setting
Speed:Speed setting
RxDescriptors:Number of receive descriptors
TxDescriptors:Number of transmit descriptors
#
# modinfo -p hangcheck-timer
hangcheck_dump_tasks:If nonzero, the machine will dump the system task state when the timer margin is exceeded.
hangcheck_reboot:If nonzero, the machine will reboot when the timer margin is exceeded.
hangcheck_margin:If the hangcheck timer has been delayed more than hangcheck_margin seconds, the driver will fire.
hangcheck_tick:Timer delay.
#

To set the parameters when modules are loaded, you can add entries to /etc/modprobe.conf on RHEL or /etc/modprobe.conf.local on SLES. For example:

options hangcheck-timer hangcheck_tick=30 hangcheck_margin=180

To load the module and see the new settings, run:

# modprobe -v hangcheck-timer
insmod /lib/modules/2.6.9-22.EL/kernel/drivers/char/hangcheck-timer.ko hangcheck_tick=20 hangcheck_margin=280
#
# dmesg | tail -1
Hangcheck: starting hangcheck timer 0.5.0 (tick is 30 seconds, margin is 180 seconds).
#

The newly loaded module will be at the top of the lsmod list:

# lsmod | head -2
Module Size Used by
hangcheck_timer 3289 0
#

To unload the module, run:

# rmmod hangcheck-timer

partprobe

Many system administrators may be in the habit of re-booting their systems to make partition changes visible to the kernel. With Red Hat® Enterprise Linux® this is not usually necessary. The partprobe command, from the parted package, informs the kernel about changes to partitions. After all, anything that can help you avoid a re-boot has to be a good thing!

For example:
Code:

# cat /proc/partitions
major minor #blocks name
3 0 58605120 hda
3 1 200781 hda1
3 2 2040255 hda2
3 3 56364052 hda3
8 0 1018880 sda
8 1 10224 sda1
# partprobe
# cat /proc/partitions
major minor #blocks name
3 0 58605120 hda
3 1 200781 hda1
3 2 2040255 hda2
3 3 56364052 hda3
8 0 1018880 sda
8 1 10224 sda1
8 2 1008640 sda2

renice - - set nice values of running processes

Lets say you have started a process as root and you are updating something. You notice a HUGE slowdown in your system. You open a shell, and type "top" and notice that a process is using 94% of your CPU and hogging all the cpu time slowing everything else to a crawl!!! now what!!!!

Enter the command renice. Just as the manpages say, renice "set nice values of running processes". So, while running top, you notice the PID (process ID number) of the offending program/command is XXXXX (will actually be a number not x's).

As a root from shell:

Quote
root:~# renice 19 XXXXX

This will reset the nice value to a much lower (probably) nice value than it's currently running (top shows that as well).

Quote
root:~ # renice 19 22537
22537: old priority 0, new priority 19

The man pages give a pretty good description of all of this, plus they give several other specific examples on how renice can also be used.

What is the highest priority I can set ??
when processes are created it's default niceness values is 0[ZERO],
Maximum niceness value we can give 19(Lowest Priority) and minimum we can give -20(Hightest Priority).

OS version find

OS version find

cat /proc/version

or

dmesg |more

Command to reinstall Interchange

/scripts/rebuildinterchangecfg
/usr/local/cpanel/bin/startinterchange

Where are files stored in Linux

Root or "/" contains operating system and maintentece tools.

/usr contains all commands, libraries, documentation and other files that do not change during operation. (Major applications that come with your distribution of Linux will also be found here)

/var contains files that are modified/changed. log files, lock files, spool directories, temporary files, and man pages.

/home contains all of the user files. This includes the users settings, customized files, documents, data, e-mail, and more.)

/proc contains 'fake' files. These files don't exist on the disk and don't take up any disk space. (ls -l still shows a size) When you view them you are really accessing information stored in memory. These are used to access information about the system.

Parts of root filesystem

/bin--executables (binaries) needed during bootup that might be used by normal users.

/sbin--executables (system binaries) not intended for use by general users (users may still use them, but this directory is not on their PATH).

/etc--system-wide configuration files for your operating system.

/root--the home directory of the system administrator (called super-user or root).

/dev--device files. Devices appear on Linux as files so that hardware is abstracted and it is easy to write to them or read from them.

How to replace a file in linux?

To replace home by house in the file abcd

Use the command as follows:

replace home house -- abcd

How to: Create Files in Linux from a Bash Shell Prompt

Q. I’m new to Linux and installed CentOS on my Laptop. How do I create a file from bash prompt without using GUI tools?

A. Linux / UNIX offer many command line tools and text editors for creating text files. You can use vi or JOE text editor. It is a terminal-based text editor for Linux/Unix systems, available under the GPL. It is designed to be easy to use.
Create a Text File using cat command

To create a text file called foo.txt, enter:
$ cat > foo.txt
Output:

This is a test.
Hello world!
press CTRL+D to save file

To display file contents, type
$ cat foot.txt
Create a Text File using joe text editor

JOE is text editor. To create a file called foo.txt, type:
$ joe -help foo.txt
You will see help menu on screen. Next type something. To save the file and leave joe, by typing ^KX (press CTRL+K+X).
Create a Text File using vi / vim text editor

vi / vim is another text editor. To create a file called bar.txt, type:
$ vi bar.txt

Outlook configuration

For Outlook

1. In Outlook, go to the Tools menu and click on Email Accounts.
2. Select Add a new email account and then click Next.
3. Select POP3 and then click Next.
4. Enter your email information:

Your Name: your name
Email Address: matt@castleman.net (the email address the messages will be sent from)
Incoming Mail server (POP3): mail.castleman.net
Outgoing Mail server (SMTP): mail.castleman.net
User Name: matt@castleman.net
Password: the password for the email address

5. Click on More Settings and Select the Outgoing Server Tab. Check My outgoing server (SMTP) requires authentication. Select Use same settings as my incoming mail server.

6.Click Ok. Click Next. Click Finish.

If you cannot send email using mail.yourdomainname.com as your SMTP server,
it may be because your ISP is blocking port 25 on their network, used for sending outoing mail via the SMTP protocol. In this instance, we recommend using your ISPs outgoing mail server, which can be obtained from your ISP.

Mail duplicate delivery in qmail

SYMPTOMS

You have two (or more) copies of every message sent/received from/to your qmail system.

CAUSE

Most probably you have two (or more) qmail instances running.

RESOLUTION

Verify that you have only one qmail instance running. To do this, login to the mail server and run:

# ps -ax | grep qmail-send

If you see two (or more) processes, stop qmail and verify it is stopped:

# /etc/init.d/qmail stop
# ps -ax | grep qmail

You should see no qmail processes here, each qmail instance would be stopped by this command.
Now it is safe to start qmail:

# /etc/init.d/qmail start


Only one copy should be started.

FormMail

To use Formmail, you need to create a form on one of your web pages.

The form action line should be

FORM ACTION = "http://yourdomainname.com/cgi-sys/FormMail.cgi" METHOD = "POST"

FormMail.cgi will do all the programming work for you. You alter the behavior of Formmail by using hidden fields in your form.

There is only one form field that you must have in your form for FormMail to work correctly. This is the recipient field.

Field: recipient

Description: This form field allows you to specify to whom you wish for your form results to be mailed. Most likely you will want to configure this option as a hidden form field with a value equal to that of your e-mail address.

Syntax:

Optional Form Fields:
Field: subject

Description: The subject field will allow you to specify the subject that you wish to appear in the e-mail that is sent to you after this form has been filled out. If you do not have this option turned on, then the script will default to a message subject: WWW Form Submission

Syntax:

If you wish to choose what the subject is:

To allow the user to choose a subject:
Field: email

Description: This form field will allow the user to specify their return e-mail address. If you want to be able to return e-mail to your user, I strongly suggest that you include this form field and allow them to fill it in. This will be put into the From: field of the message you receive.

Syntax:
Field: realname

Description: The realname form field will allow the user to input their real name. This field is useful for identification purposes and will also be put into the From: line of your message header

Syntax:
Field: sort

Description: This field allows you to choose the order in which you wish for your variables to appear in the e-mail that FormMail generates. You can choose to have the field sorted alphabetically or specify a set order in which you want the fields to appear in your mail message. By leaving this field out, the order will simply default to the order in which the browsers sends the information to the script (which isn't always the exact same order they appeared in the form.) When sorting by a set order of fields, you should include the phrase 'order:' as the first part of your value for the sort field, and then follow that with the field names you want to be listed in the e-mail message, separated by commas.

Syntax:

To sort alphabetically:

To sort by a set field order:
Field: redirect

Description: If you wish to redirect the user to a different URL, rather than having them see the default response to the fill-out form, you can use this hidden variable to send them to a pre-made HTML page.

Syntax:

To choose the URL the user will end up at:

To allow the user to specify a URL he wishes to travel to once the form is filled out:
Field: required

Description: You can now require for certain fields in your form to be filled in before the user can successfully submit the form. Simply place all field names that you want to be mandatory into this field. If the required fields are not filled in, the user will be notified of what they need to fill in, and a link back to the form they just submitted will be provided.

Syntax:

If you want to require that the user fill in the email and phone fields in your form, so that you can reach them once you have received the mail, use a syntax like:
Field: env_report

Description: Allows you to have Environment variables included in the e-mail message you receive after a user has filled out your form. Useful if you wish to know what browser they were using, what domain they were coming from or any other attributes associated with environment variables. The following is a short list of valid environment variables that might be useful:

REMOTE_HOST - Sends the hostname making a request.
REMOTE_ADDR - Sends the IP address of the remote host making the request.
HTTP_USER_AGENT - The browser the client is using to send the request. General format: software/version library/version

Syntax:

If you wanted to find the remote host and browser sending the request, you would put the following into your form:
Field: title

Description: This form field allows you to specify the title and header that will appear on the resulting page if you do not specify a redirect URL.

Syntax:

If you wanted a title of 'Feedback Form Results':
Field: return_link_url

Description: This field allows you to specify a URL that will appear as return_link_title, on the following report page. This field will not be used if you have the redirect field set, but it is useful if you allow the user to receive the report on the following page, but want to offer them a way to get back to your main page.

Syntax:

Field: return_link_title

Description: This is the title that will be used to link the user back to the page you specify with return_link_url. The two fields will be shown on the resulting form page as:

* return_link_title

Syntax:
Field: background

Description: This form field allow you to specify a background image that will appear if you do not have the redirect field set. This image will appear as the background to the form results page.

Syntax:
Field: bgcolor

Description: This form field allow you to specify a bgcolor for the form results page in much the way you specify a background image. This field should not be set if the redirect field is.

Syntax:

For a background color of White:
Field: text_color

Description: This field works in the same way as bgcolor, except that it will change the color of your text.

Syntax:

For a text color of Black:
Field: link_color

Description: Changes the color of links on the resulting page. Works in the same way as text_color. Should not be defined if redirect is.

Syntax:

For a link color of Red:
Field: vlink_color

Description: Changes the color of visited links on the resulting page. Works exactly the same as link_color. Should not be set if redirect is. Syntax:

For a visited link color of Blue:
Field: alink_color

Description: Changes the color of active links on the resulting page. Works exactly the same as link_color. Should not be set if redirect is.

Syntax:

For a visited link color of Blue:

Any other form fields that appear in your script will be mailed back to you and displayed on the resulting page if you do not have the redirect field set.

When I try to delete a message from webmail it fails with: 'There was an error deleting messages from the folder "Inbox". This is what the server said: [TRYCREATE] Mailbox does not exist.'

RESOLUTION
The most probalby you have switched to "When deleting messages, move them to your Trash folder instead of marking them as deleted?" in Horde IMP preferences under "Options" -> "Deleting and Moving Messages".

Please make sure that trash folder was created and selected under "Trash folder:" option.

Steps

*Login to Horde
*Click on Options
*Deleting and Moving Messages
*Select "When deleting messages, move them to your Trash folder instead of marking them as deleted? "
*Then specify the folder Trash or some one you want to.

?HORDE ERROR IN CPANEL
Reset Horde is a solution

/scripts/resethorde
Or
/scripts/fullhordereset ----------Don't do it until you find another solution. :)

?HORDE LOGIN PROBLEM


Hope you would have got this issue often. The client cannot able to login to his Horde account to check his mail. He would have reached till the login screen and if he click "Login" it will stay back in the same screen instead of going to his inbox. Here is the fix for it,

Check the following first,

1. goto " cd var/lib/mysql/horde " and check if there is a file named " horde_sessionhandler.frm "

2. move all the file named "horde_sessionhandler" with other name

3. Or you can goto mysql and can drop the table "horde_sessionhandler". It will show error message some times. If so use the step 2, so that the table gets moved automatically.(Remember that if you are using step2 skip the step 3)

4. Now type in shell "mysql"

5. It will take to mysql prompt . type "use horde";

6. copy this command and paste there :

CREATE TABLE horde_sessionhandler (session_id VARCHAR(32) NOT NULL, session_lastmodified INT NOT NULL, session_data LONGBLOB, PRIMARY KEY (session_id)) ENGINE = InnoDB;

7. quit from mysql and restart mysql.

8. Try now... Your issue is fixed!!!!!

Can not send outgoing email (Error Number: 0x800CCC0B) SMTP, Port: 25, Secure(SSL): No, Error Number: 0x800CCC0B

If you can not send email using mail.yourdomainname.com as your SMTP server, it may be because your ISP is blocking port 25 on their network, used for sending outoing mail via the SMTP protocol. In this instance, we recommend using your ISPs outgoing mail server, which can be obtained from your ISP. This practice has been put in place in an effort to stop spam.

Please check with your ISP for their outgoing mail server settings (SMTP) and adjust in your email program under email account setup.

Relaying mail through your ISP will not change the look and appearance of email you send. It will simply use your ISPs outgoing mail server to relay your message, which will appear from your email address, etc.

Delete all mails in queue

/etc/init.d/qmail stop

find /var/qmail/queue/mess -type f -exec rm {} \;
find /var/qmail/queue/info -type f -exec rm {} \;
find /var/qmail/queue/local -type f -exec rm {} \;
find /var/qmail/queue/intd -type f -exec rm {} \;
find /var/qmail/queue/todo -type f -exec rm {} \;
find /var/qmail/queue/remote -type f -exec rm {} \;

/etc/init.d/qmail start

Thunderbird configuration

1.Open Thunderbird
2.Open the "New Account" dialog box. This is accessible from the menus by going to "File", "New", then clicking on Account ...".
3.Select "Email Account" as the New Account type, then click "Next".
4.When asked to enter your identity information, type in your full name and email address in the boxes provided. Then click next.
5.For server information, choose IMAP. Enter "linus.it.uts.edu.au" as both incoming and outgoing servers. Click next
6.For user names, your incoming user name should be filled out for you. If not, enter your FIT username and click next
7.You account name can be set to any name you want to refer to the account by. In this case, we'll keep it to the default and use the email address as the name of the account. Click next when you're done.
8.The next screen will display the list of settings which you have just entered. Make sure you haven't misspelled any of the settings. If you have, you'll need to keep clicking on "Back" until you reach the screen with the typographical error, then "Next" until you reach this screen again. Click "Finish" when you are okay with settings that you have entered.
9.You should now be prompted to enter a mail server password. Click Cancel. We still need to configure a few more settings before we connect.
10. On the main thunderbird window, you should now see your account name on the left hand side. Right click it and select "Properties" to access the "Account Settings" window. You can also access this window by going to the "Edit" menu and selecting "Account settings".
11. Click on "Server Settings" under your account name on the left hand side of the window. In the security settings area, click on the option box next to SSL. Make sure the box next to "Use secure authentication" is not checked. Click on the "Advanced" button to open the "Advanced settings" dialog.
12. In the "Advanced settings" dialog, type in "mail/" as the IMAP server directory and uncheck Server supports folders that contain sub-folders and messages. Click "OK" when finished.
13. On the left hand side of the "Account settings" window, select "Outgoing Server (SMTP)". Select the staff server (the one with linus.it.uts.edu.au in it's name) and click on "Edit".
14. Under "Use secure connection" select "TLS". You can also include a description of the server, e.g. "FIT Staff Outgoing" in the "Description" input box. Click "OK".
15. Back in the "Account settings" window, select the account name from the left hand side. The "Outgoing Server" should match the one you have just edited. Click "OK" when done.
16. You may be asked to accept a website certificate for "linus.it.uts.edu.au". Choose the option for accepting the certificate permanently.
17. You're now set up and ready to go.

Access Spambox

So you are running SpamAssasin and you want to make sure some important e-mail isn't being blocked.
Easy enough... or it should be if you new where / how to check your spam box. Spam Box is where
SpamAssasin stores all the denied/blocked spam emails. You have access to this for every single
e-mail account. You can access Spam Box through WebMail and programs such as MS Outlook.

Accessing SpamBox through WebMail

1. Load up your favorite internet browser.
Type: yourdomain.com/webmail in the address bar.
(replace yourdomain.com with 'your' domain name)

2. Select "NEO Mail" from the options.

3. Once logged in click the drop down menu in the top left.

4. Select 'SPAM' from the drop down menu.

Everything in here was mail that you never received at your address because it was considerd spam.
That's why it is now in the Spam Box.

Access Spam Box through OutLook Express

1. Setup a new POP3 account in OutLook Express.
Tools --> Accounts --> Add --> Mail

2. Instead of just doing username@domain do this
username@domain.com/spam

3. Finish setting up the account like normal.

That's it, now you will grab all the spam too. It is suggested to make all this mail
go into another folder so that you do not fill up your inbox with hundreds of spam.

AUTOMATICALLY DELETE ALL MAIL WITH A SPAM SCORE OF 5 OR MORE

1. Open your Control panel
2. Click Email -> Spam Assassin
3. Click Enable Spam Assasin
4. Click Email -> Spam Assassin
5. Click Configure (required to rewrite subjects)
6. In the box rewrite_header subject enter this: *****SPAM*****
7. Click Email -> Spam Filters
8. In the drop down boxes under Block mails when Select Subject and Contains.
9. In the box, type *****SPAM*****
10. In the Destination box type Discard.

What this all does:

* Any mail with a spam score of over 5 will have the word *****SPAM***** added
to the subject header (step 6).
* The filter will delete any mail with the word *****SPAM***** in the subject line.

If you DO NOT want to delete the SPAM mail omit steps 7,8,9 and 10. All spam mail will now be
delivered to the corresponding mailboxes BUT it will have the word *****SPAM**** in the subject line.
You can setup a mail filter on your mail client to move all emails containing this word to a
folder (spam typically) of your choice.

Block emails from a specific domain

Anonymous writes "To block all emails sent from a specific domain:
-go to WHM/Service Configuration/Exim Configuration Editor and switch to Advanced mode
-at begin acl form put:

if $header_from: contains "@domain_name.com"
then
fail text "What message do you want."
seen finish
endif"

Email and website on different servers

Anonymous writes "When a client want to get email from other server you need to change MX
(change from WHM/Edit a DNS Zone not from cPanel)

1. In DNS Zone do that:
domain.com. 14400 IN MX 0 any.domain.com.
2. Add new entry
any.domain.com. 14400 IN A 123.123.123.123
Change last figure of Serial Number and click Save. Restart Bind
3. Make a ssh connection and remove the domain name from /etc/localdomains
Add the domain name in /etc/remotedomains
Restart Exim
You need to wait aprox. 4 hours to work

If the domain name are pointed to Email server and from there are redirected the www do that:
1. Remove the DNS Zone from WHM
2. Make a ssh connection and remove the domain name from /etc/localdomains
Add the domain name in /etc/remotedomains
Restart Exim"

Fix Horde Save Address Error

When attempting to save an e-mail address in the account manager in Horde you get an error,
and that e-mail doesn't get saved... at all! This small and simple how-to is how to fix this problem,
so that you, and your webhosting customers can save e-mails (contacts) in Horde.


1. Login to your server via SSH

2. Type: mysql

3. Copy & Paste this:

CREATE TABLE horde.turba_objects (object_id varchar(32) PRIMARY KEY,owner_id varchar(255),object_name varchar(255),object_alias varchar(32),object_email varchar(255),object_homeAddress varchar(255),object_workAddress varchar(255),object_homePhone varchar(25),object_workPhone varchar(25),object_cellPhone varchar(25),object_fax varchar(25),object_title varchar(32), object_company varchar(32),object_notes text); insert into mysql.tables_priv values("%","horde","horde","turba_objects","root@localhost",now()+0,"Select,Insert,Update,Delete",""); flush privileges;

4. Exit Horde (if you are in it) and login again. Saving E-Mails (Contacts) now works in Horde.

Horde -No browseable address books

Edit the file:

/usr/local/cpanel/base/horde/turba/config/sources.php

on the server with your favorite command line editor. Look for a line of code that reads like:

'public' => false,
'readonly' => false,
'admin' => array(),
'export' => true

Should be around line 132 I believe. Add 'browse' => true, to this section of code, so that it reads as:

'public' => false,
'readonly' => false,
'admin' => array(),
'browse' => true,
'export' => true

Then just save the file and log back into Horde.

how do i configure eudora for my aplus.net email accounts?

Here is how to configure the Eudora email client to use with your Aplus.Net email accounts:

1. Open Eudora, and from the Tools menu select Options.

2. Now, you have to enter the following information while in the Getting Started section:

*

Real name – type in the name that your recipients will see in the “From” field of emails you send.
*

Email address – type in your complete email address. Please make sure to replace “yourdomain.com” with your actual domain name.
*

Mail Server (Incoming) - type in mail.yourdomain.com.
*

User Name - type in your complete email address.
*

SMTP Server (Outgoing) - type in smtp.yourdomain.com.
*

Allow Authentication – check this box.



Important: You may also choose to use the SMTP server of your ISP. However, if you decide to use Aplus.Net’s SMTP server as shown above (smtp.yourdomain.com), please make sure that the SMTP server is enabled for the particular email box:

* How do I enable SMTP service using the Aplus.Net Control Panel?

3. Go to the Checking Mail section and adjust the following settings:

*

Save Password – check this box.
*

Secure Sockets when Receiving – set this option to Never.

Note: If you wish to use a secure connection when receiving email messages, set this option to If Available, STARTTLS.

* You should leave Mail Server and User Name as already specified. The remaining settings are optional.



4. Go to the Sending Mail section and adjust the following settings:

*

Email address – your complete email address should be specified here.
*

Domain to add to unqualified addresses – leave this field blank.
*

SMTP server - type in smtp.yourdomain.com.
*

SMTP Relay Personality – set this option to None.
*

Allow Authentication – check this box.
*

Immediate send – optional.
*

Send on check – optional.
*

Use submission port (587) – check this box.
*

Secure Sockets when Sending – set this option to Required, STARTTLS.



5. Finally, click OK.

how to configure the Mac OS X Mail email client

Here is how to configure the "Mac OS X Mail" email client to use with your Aplus.Net email accounts

1. Start by opening up the Macintosh Mail program.
2. Select the File menu from the top navigation bar, and then select Add Account.


3. Click on the Account Type pull-down menu and select POP.
* In the Account Description field, enter a brief description that will help you quickly identify this e-mail account.
* In the Full Name field, enter the name you would like your recipients to see in the From field of the e-mails you send.
* Enter your full e-mail address (including the @example.com suffix) into the Email Address field.
* Click Continue when ready.


4. Configre your Incoming Mail Server:

o Enter your Incoming Mail Server: mail.example.com, where example.com is your actual hosted domain name.
o In the User Name field, enter your full e-mail address again (including the @example.com suffix).
o Enter the password for this e-mail account into the Password field.
o Click Continue when ready.


5. Make sure the Incoming Mail Security(SSL) is not checked and click Continue.
6. Configure your Outgoing Mail Server:

o Enter your Outgoing Mail Server: smtp.example.com, where example.com is your actual hosted domain name.
o Check the Use Authentication checkbox.
o In the User Name field, enter your full e-mail address again (including the @example.com suffix).
o Enter the password for this e-mail account into the Password field.
o Click Continue when ready.



Important: At this point the Mac Mail email client will try to test the Outgoing Mail Server connection. It will definetely fail at this stage as there are further settings which need to be reconfigured. Disregard the warning message and click Continue.

7. Enable the Use Secure Sockets Layer(SSL) option and make sure the Authentication method is set to Password. Click Continue when ready.



8. Double check the configuration settings on the Account Summary window, click Continue and then the final Done button.
9. Select the Mail menu from the top navigation bar, and then select Preferences...



10. Select the newly created account from the left panel. On the Account Information screen, click on Server Settings...



11. Change the Server port number to 465. Click OK when ready.



12. Your Email Account is now configured. You can use your Mac Mail client to send and receive email messages.

How to disable catch-all E-Mail.

This tutorial will show you how to disable the cathc-all e-mail that cPanel comes with standard.
Standard the catch-all is cpanel-login-name@domain-name.com

Example: dedicat@dedicated-resources.com

Normally these E-Mails catch a lot of spam, and trash so disabling them could help, but it could
also let some e-mails you need not get delivered. (Only in the case someone typed in the wrong address,
if the write address is used everything will be fine.)

Catch-All is for *@domain.com if another account is not configured.

Doing the following will still deliver mail to all the accounts, it just wont catch mail to a
non-existant account or mis-spelledone.

1. Log into cPanel for the account you wish to modify.
http://www.yourdomain.comc/cpanel

2. Click on the "Mail" icon, it is in top left for cPanel X theme.

3. Click on "Default Address"

4. Click on " et Default Address" (At bottom of page)

5. Now you see a text box to enter the location, and you see.
"Hint: You can enter :blackhole: to discard all incoming unrouted mail or :fail: no such address
here to bounce it."

:blackhole: Will discard all e-mail, and :fail" will bounce it back to sender saying no such address. I suggest blackhole because a lot of failures will result in a huge mail que.

That's it!