How to Install Wireshark on CentOS 6.2

In this post, i will show on how to install Wireshark on CentOS 6.2 server. Wireshark is a free and open-source network packet analyzer that will help to capture network packets and tries to display that packet data as detailed as possible. This post assumed that you have set up local yum repository using your DVDROM. If you haven’t set up the local yum repository, please proceed to this steps :
How to Setup Local Yum Repository from CD-ROM/DVD-ROM image on RHEL 6

Simply run this command to install Wireshark :

[root@centos62 ~]# yum install wireshark
[root@centos62 ~]# yum install wireshark
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: centos.maulvi.net
 * extras: centos.maulvi.net
 * updates: centos.maulvi.net
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package wireshark.i686 0:1.2.15-2.el6 will be installed
--> Processing Dependency: libpcap.so.1 for package: wireshark-1.2.15-2.el6.i686
--> Processing Dependency: libsmi.so.2 for package: wireshark-1.2.15-2.el6.i686
--> Processing Dependency: libgnutls.so.26 for package: wireshark-1.2.15-2.el6.i686
--> Processing Dependency: libgnutls.so.26(GNUTLS_1_4) for package: wireshark-1.2.15-2.el6.i686
--> Running transaction check
---> Package gnutls.i686 0:2.8.5-4.el6 will be installed
--> Processing Dependency: libtasn1.so.3(LIBTASN1_0_3) for package: gnutls-2.8.5-4.el6.i686
--> Processing Dependency: libtasn1.so.3 for package: gnutls-2.8.5-4.el6.i686
---> Package libpcap.i686 14:1.0.0-6.20091201git117cb5.el6 will be installed
---> Package libsmi.i686 0:0.4.8-4.el6 will be installed
--> Running transaction check
---> Package libtasn1.i686 0:2.3-3.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================
 Package         Arch       Version                                Repository                  Size
====================================================================================================
Installing:
 wireshark       i686       1.2.15-2.el6                           CentOS6.2-Repository       9.9 M
Installing for dependencies:
 gnutls          i686       2.8.5-4.el6                            CentOS6.2-Repository       336 k
 libpcap         i686       14:1.0.0-6.20091201git117cb5.el6       CentOS6.2-Repository       125 k
 libsmi          i686       0.4.8-4.el6                            CentOS6.2-Repository       2.4 M
 libtasn1        i686       2.3-3.el6                              CentOS6.2-Repository       239 k

Transaction Summary
====================================================================================================
Install       5 Package(s)

Total download size: 13 M
Installed size: 64 M
Is this ok [y/N]: y
Downloading Packages:
----------------------------------------------------------------------------------------------------
Total                                                                30 MB/s |  13 MB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : libtasn1-2.3-3.el6.i686                                                          1/5
  Installing : gnutls-2.8.5-4.el6.i686                                                          2/5
  Installing : libsmi-0.4.8-4.el6.i686                                                          3/5
  Installing : 14:libpcap-1.0.0-6.20091201git117cb5.el6.i686                                    4/5
  Installing : wireshark-1.2.15-2.el6.i686                                                      5/5

Installed:
  wireshark.i686 0:1.2.15-2.el6

Dependency Installed:
  gnutls.i686 0:2.8.5-4.el6 libpcap.i686 14:1.0.0-6.20091201git117cb5.el6 libsmi.i686 0:0.4.8-4.el6
  libtasn1.i686 0:2.3-3.el6

Complete!

How to Check Server Uptime in Linux

Server UptimeInformation about how long the system has been running or server uptime is not critical for some people. But it is important for server administrators. Servers that run mission-critical applications must run as long as possible. Sometimes it must be zero downtime. Information about the uptime is very useful in many cases it helps to audit how long the server is running.

In this tutorial, we will learn about the command to find the system uptime in linux.Uptime system uptime means how long the server has been running since the last shutdown or reboot.

Question :
How to check unix or linux server uptime ? What command Should i run ?

Answer :
1. Run uptime command :

# uptime

Sample outputs:

 22:54:34 up  1:26,  1 user,  load average: 0.11, 0.03, 0.01

The uptime command gives a one line display of the following information.

  • The current time (22:54:34)
  • How long the system has been running (up 1 hour 26 Minutes)
  • How many users are currently logged on (1 user)
  • The system load averages for the past 1, 5, and 15 minutes (0.11, 0.03, 0.01)

2. You can use w command to check server uptime

# w

Sample outputs:

 23:06:57 up  1:38,  1 user,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    192.168.1.52     21:30    0.00s  1.85s  0.01s w

Please note that the w command also displays who is logged together with uptime info above.

3. Check server uptime using top command.

# top
top - 23:27:01 up 4 days, 10:20,  1 user,  load average: 0.22, 0.12, 0.09
Tasks: 163 total,   1 running, 162 sleeping,   0 stopped,   0 zombie
%Cpu(s):  6.1 us,  1.0 sy,  0.0 ni, 92.7 id,  0.1 wa,  0.0 hi,  0.0 si,  0.0 st
KiB Mem :  4043436 total,   282644 free,  1044916 used,  2715876 buff/cache
KiB Swap:  8388600 total,  8316440 free,    72160 used.  2905352 avail Mem

How to Allow and Deny Access for Remote SSH to CentOS 6.2

In this post, i will show on how to allow and deny access for Remote SSH to CentOS server. This post will configure SSH access as follows:
– Only ehowstuff and root has remote SSH access to the machine within ehowstuff.local
– Clients within bloggerbaru.com should NOT have access to ssh on your system

Please note that all systems in that domain are in the 192.168.1.0/255.255.255.0 subnet, and all systems in that subnet are in bloggerbaru.com.

1. Modify ssh_config as below :

[root@centos62 ~]# vi /etc/ssh/sshd_config
AllowUsers ehowstuff root

2. Make sshd auto start on boot and restart sshd service :

[root@centos62 ~]# chkconfig sshd on
[root@centos62 ~]# /etc/init.d/sshd restart

3. Open iptables configuration as below :

[root@centos62 ~]# vi /etc/sysconfig/iptables

4. Append this line on your iptables setting :

-A INPUT -s 192.168.1.0/24 -p tcp --dport 22 -j REJECT

5. Restart the iptables :

[root@centos62 ~]# /etc/init.d/iptables restart

How to Add Atomic Repository to RHEL 6

In This post, i will show on how to install Atomic repository to Red Hat Enterprise Linux 6 (RHEL 6). Atomic repository was archived here :
http://www6.atomicorp.com/channels/atomic/

Follow this steps to download and prepare Atomic yum repository RHEL 6.
1. Download using wget command :

    [root@rhel6 ~]# wget http://www6.atomicorp.com/channels/atomic/redhat/6/i386/RPMS/atomic-release-1.0-13.el6.art.noarch.rpm
    --2012-01-24 19:42:14--  http://www6.atomicorp.com/channels/atomic/redhat/6/i386/RPMS/atomic-release-1.0-13.el6.art.noarch.rpm
    Resolving www6.atomicorp.com... 69.20.6.166
    Connecting to www6.atomicorp.com|69.20.6.166|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 6332 (6.2K) [application/x-rpm]
    Saving to: âatomic-release-1.0-13.el6.art.noarch.rpmâ
    
    100%[==========================================================>] 6,332       20.7K/s   in 0.3s
    
    2012-01-24 19:42:15 (20.7 KB/s) - âatomic-release-1.0-13.el6.art.noarch.rpmâ
    

2. View the downloaded files :

    [root@rhel6 ~]# ls
    atomic-release-1.0-13.el6.art.noarch.rpm
    

3. Install using rpm command as below :

    [root@rhel6 ~]# rpm -Uvh atomic-release-1.0-13.el6.art.noarch.rpm
    warning: atomic-release-1.0-13.el6.art.noarch.rpm: Header V3 DSA/SHA1 Signature, key ID 5ebd2744: NOKEY
    Preparing...                ########################################### [100%]
       1:atomic-release         ########################################### [100%]
    

How to Set the Vsftpd Server Banner Message on RHEL 6

This post will guide you on how to configure Vsftpd welcome banner to every new user that connects, set the banner_file parameter and place a suitable welcome message on Red Hat Enterprise Linux 6 (RHEL 6). Vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It is secure and extremely fast and it’s stable. This post assumed you have installed Vsftpd Ftp Server.

How to Install and Configure Vsftpd Ftp Server on RHEL 6

1. Open /etc/vsftpd/vsftpd.conf find “ftpd_banner” :

    [root@rhel6 ~]# vi /etc/vsftpd/vsftpd.conf
    

Original configuration file :

    # ASCII mangling is a horrible feature of the protocol.
    #ascii_upload_enable=YES
    #ascii_download_enable=YES
    #
    # You may fully customise the login banner string:
    #ftpd_banner=Welcome to blah FTP service.
    #
    # You may specify a file of disallowed anonymous e-mail addresses. Apparently
    # useful for combatting certain DoS attacks.
    

2. Change something like this. Uncomment ftpd_banner and customize the login banner string as below :

    # ASCII mangling is a horrible feature of the protocol.
    #ascii_upload_enable=YES
    #ascii_download_enable=YES
    #
    # You may fully customise the login banner string:
    ftpd_banner=Welcome to eHowStuff.com RHEL6 FTP server
    #
    # You may specify a file of disallowed anonymous e-mail addresses. Apparently
    # useful for combatting certain DoS attacks.
    

3. Restart the ftp service :

    [root@rhel6 ~]# service vsftpd restart
    Shutting down vsftpd:                                      [  OK  ]
    Starting vsftpd for vsftpd:                                [  OK  ]
    

4. Try login to ftp server. Check the banner, it will appear before user login as below :

    D:\>ftp 192.168.1.43
    Connected to 192.168.1.43.
    220 Welcome to eHowStuff.com RHEL6 FTP server
    User (192.168.1.43:(none)):
    

How to Install and Configure Samba Server on RHEL 6

In this post i will show on how to install and configure a Samba server an also how to transfer files from client side. For this example we are using two systems one Red Hat Enterprise Linux (RHEL 6) server one Window XP clients.

1. Install samba, portmap or rpcbind and xinetd service :

[root@rhel6 ~]# yum install samba-* portmap xinetd -y
Loaded plugins: rhnplugin
This system is not registered with RHN.
RHN support will be disabled.
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package rpcbind.i686 0:0.2.0-8.el6 set to be updated
---> Package samba.i686 0:3.5.4-68.el6 set to be updated
---> Package samba-client.i686 0:3.5.4-68.el6 set to be updated
---> Package samba-common.i686 0:3.5.4-68.el6 set to be updated
---> Package samba-winbind.i686 0:3.5.4-68.el6 set to be updated
---> Package samba-winbind-clients.i686 0:3.5.4-68.el6 set to be updated
---> Package xinetd.i686 2:2.3.14-29.el6 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================
 Package                      Arch        Version                 Repository                   Size
====================================================================================================
Installing:
 rpcbind                      i686        0.2.0-8.el6             DVD-RHEL6-Repository         50 k
 samba                        i686        3.5.4-68.el6            DVD-RHEL6-Repository        5.0 M
 samba-client                 i686        3.5.4-68.el6            DVD-RHEL6-Repository         11 M
 samba-common                 i686        3.5.4-68.el6            DVD-RHEL6-Repository         13 M
 samba-winbind                i686        3.5.4-68.el6            DVD-RHEL6-Repository        3.5 M
 samba-winbind-clients        i686        3.5.4-68.el6            DVD-RHEL6-Repository        1.1 M
 xinetd                       i686        2:2.3.14-29.el6         DVD-RHEL6-Repository        121 k

Transaction Summary
====================================================================================================
Install       7 Package(s)
Upgrade       0 Package(s)

Total download size: 34 M
Installed size: 121 M
Downloading Packages:
----------------------------------------------------------------------------------------------------
Total                                                                42 MB/s |  34 MB     00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : samba-winbind-clients-3.5.4-68.el6.i686                                      1/7
  Installing     : samba-common-3.5.4-68.el6.i686                                               2/7
  Installing     : samba-3.5.4-68.el6.i686                                                      3/7
  Installing     : samba-client-3.5.4-68.el6.i686                                               4/7
  Installing     : samba-winbind-3.5.4-68.el6.i686                                              5/7
  Installing     : 2:xinetd-2.3.14-29.el6.i686                                                  6/7
  Installing     : rpcbind-0.2.0-8.el6.i686                                                     7/7

Installed:
  rpcbind.i686 0:0.2.0-8.el6                   samba.i686 0:3.5.4-68.el6
  samba-client.i686 0:3.5.4-68.el6             samba-common.i686 0:3.5.4-68.el6
  samba-winbind.i686 0:3.5.4-68.el6            samba-winbind-clients.i686 0:3.5.4-68.el6
  xinetd.i686 2:2.3.14-29.el6

Complete!

2. On RHEL 6, portmap is called and replaced by rpcbind. Make sure rpcbind and xinetd is start :

[root@rhel6 ~]# service rpcbind start
Starting rpcbind:                                          [  OK  ]
[root@rhel6 ~]# service xinetd start
Starting xinetd:                                           [  OK  ]

3. Set rpcbind and xinetd start at boot :

[root@rhel6 ~]# chkconfig rpcbind on
[root@rhel6 ~]# chkconfig xinetd on

4. Check rpcbind and xinetd service status :

[root@rhel6 ~]# service rpcbind status
rpcbind (pid  2737) is running...
[root@rhel6 ~]# service xinetd status
xinetd (pid  2750) is running...

5. Create a normal user named sambauser1 :

[root@rhel6 ~]# useradd sambauser1
[root@rhel6 ~]# passwd sambauser1
Changing password for user sambauser1.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

6. Create /smb directory and grant it full permission :

[root@rhel6 ~]# mkdir /smb
[root@rhel6 ~]# chmod 777 /smb

7. Open and modify /etc/samba/smb.conf main samba configuration files :

[root@rhel6 ~]# vi /etc/samba/smb.conf
#
# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can
# specifiy it as a per share option as well
#
        workgroup = MSHOME
        server string = Samba Server Version %v

;       netbios name = MYSERVER

;       interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
        hosts allow = 127. 192.168.12. 192.168.13. 192.168.1.
# Add this line to share at the bottom of the config file :
[smb]
comment = Personal stuff
path = /smb
public = no
writable = yes
printable = no
browseable = yes
write list = sambauser1

8. Now add sambauser1 user to samba user :

[root@rhel6 ~]# smbpasswd -a sambauser1
New SMB password:
Retype new SMB password:
tdbsam_open: Converting version 0.0 database to version 4.0.
tdbsam_convert_backup: updated /var/lib/samba/private/passdb.tdb file.
account_policy_get: tdb_fetch_uint32 failed for type 1 (min password length), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 2 (password history), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 3 (user must logon to change password), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 4 (maximum password age), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 5 (minimum password age), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 6 (lockout duration), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 7 (reset count minutes), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 8 (bad lockout attempt), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 9 (disconnect time), returning 0
account_policy_get: tdb_fetch_uint32 failed for type 10 (refuse machine password change), returning 0
Added user sambauser1.

9. Set smb service auto start at boot :

[root@rhel6 ~]# chkconfig smb on
[root@rhel6 ~]# service smb start
Starting SMB services:                                     [  OK  ]

10. Check smb current status :

[root@rhel6 ~]# service smb status
smbd (pid  2823) is running...

11. Stop iptables and makesure selinux is disabled :

[root@rhel6 ~]# service ip6tables stop
ip6tables: Flushing firewall rules:                        [  OK  ]
ip6tables: Setting chains to policy ACCEPT: filter         [  OK  ]
ip6tables: Unloading modules:                              [  OK  ]
[root@rhel6 ~]# service iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root@rhel6 ~]# setenforce 0
setenforce: SELinux is disabled

12. Check whether samba port opened and running :

[root@rhel6 ~]# netstat -plunt | grep smbd
tcp        0      0 :::139                      :::*                        LISTEN      3212/smbd
tcp        0      0 :::445                      :::*                        LISTEN      3212/smbd

13. Go on windows system and ping samba server. Make sure workgroup = MSHOME and allow 192.168.1.x network.
samba
14. Enter share path.
samba
15. First try to login from sambauser1 account :
samba
16. Samba successfully connected. You can start to upload now :
samba

Why “portmap unrecognized service” on RHEL 6/CentOS 6

Question :

During the deployment of Samba and NFS services on one of the RHEL 6 server, I’m hit by this message when trying to start, stop and restart service portmap :

[root@rhel6 ~]# service portmap start
portmap: unrecognized service

 

Answer :
Portmap is replaced by rpcbind on some linux distributions such as Fedora 8,RHEL 6 and CentOS 6. Portmap is now started and stopped as part of the rpcbind service. You may not able to find the portmap service, but you can see rpcbind instead.
http://www.archlinux.org

Command line below provides the required dependency packages. It can also be used to track a package containing a specific executable :

[root@rhel6 ~]# yum whatprovides portmap
Loaded plugins: rhnplugin
This system is not registered with RHN.
RHN support will be disabled.
rpcbind-0.2.0-8.el6.i686 : Universal Addresses to RPC Program Number Mapper
Repo        : DVD-RHEL6-Repository
Matched from:
Other       : portmap

rpcbind-0.2.0-8.el6.i686 : Universal Addresses to RPC Program Number Mapper
Repo        : installed
Matched from:
Other       : Provides-match: portmap

When you try to install portmap on RHEL 6, it will install rpcbind instead :

[root@rhel6 ~]# yum install portmap -y
Loaded plugins: rhnplugin
This system is not registered with RHN.
RHN support will be disabled.
Setting up Install Process
Package rpcbind-0.2.0-8.el6.i686 already installed and latest version
Nothing to do

What is Portmap :
Portmap is a server that converts RPC (Remote Procedure Call) program numbers into DARPA protocol port numbers. It must be running in order to make RPC calls. Server services that use RPC include NFS, NIS and Samba. When an RPC server is started, it will tell portmap what port number it is listening to, and what RPC program numbers it is prepared to serve. When a client wishes to make an RPC call to a given program number, it will first contact portmap on the server machine to determine the port number where RPC packets should be sent. Therefore, portmap must be started before any RPC servers are invoked. This because RPC-based services rely on portmap to make all connections with incoming client requests.

What is rpcbind :
rpcbind is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. When an RPC service is started, it tells rpcbind the address at which it is listening, and the RPC program numbers it is prepared to serve. When a client wishes to make an RPC call to a given program number, it first contacts rpcbind on the server machine to determine the address where RPC requests should be sent. rpcbind should be started before any other RPC service. Normally, standard RPC servers are started by port monitors, so rpcbind must be started before port monitors are invoked.

Server service that use RPC :
1. NFS
NFS uses Remote Procedure Calls (RPC) to route requests between clients and servers, meaning that the portmap service must be enabled and active at the proper runlevels for NFS communication to occur.

2. Samba
Samba is an Open Source software that based on the common client/server protocol of Server Message Block (SMB) and Common Internet File System (CIFS). It’s allows end users to access and use files, printers and sharing the company resources.

Example portmap instance
The rpcinfo command shows each RPC-based service with its port number, RPC program number, version, and IP protocol type (TCP or UDP). This is to make sure the proper NFS RPC-based services and portmapper are enabled for portmap.

[root@rhel6 ~]# rpcinfo -p
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  56670  status
    100024    1   tcp  54564  status

How to Backup and Restore MySQL Database on CentOS/RHEL

In this post, i will share on how to backup and restore MySQL database on Linux server. I have tested this on my CentOS and RHEL servers.

MySQLDump — A Database Backup Program, Click for more info.
The mysqldump client is a backup program originally written by Igor Romanenko. It can be used to dump a database or a collection of databases for backup or transfer to another SQL server (not necessarily a MySQL server). The dump typically contains SQL statements to create the table, populate it, or both. However, mysqldump can also be used to generate files in CSV, other delimited text, or XML format.

What is MySQLDump and how to use it :
The MySQLDump is handy utility that can be used to quickly backup the MySQL Database to the text files. To use the MySQLDump utility it is required to logon to the System running the MySQL Databse. You can use Telnet to remotely logon to the system if you don’t have the physical access to the machine.

Assumed that the MySQL server has been installed with the version/release as below :

Name        : mysql
Arch        : i686
Version     : 5.1.52
Release     : 1.el6_0.1

Login to mysql to check the existing databases :

[root@centos62 ~]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.1.52 Source distribution

Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL v2 license

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

Show available databases :

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| phpmyadmin         |
+--------------------+
3 rows in set (0.00 sec)

mysql> exit
Bye

1. Backup MySQL database to <databasebackupfiles>.sql

<databasename> = Target existing database name
<databasebackupfiles> = Preferred backed up file name (Optional and user defined)

# mysqldump -u root -p <databasename> > <databasebackupfiles>.sql
Enter password: <Type your mysql password and press enter>

1.1 As Example, i will back up the database named “mysql” to mysql19022012.sql file. This will taking backed up all the tables including the data :

[root@centos62 ~]# mysqldump -u root -p mysql > mysql19022012.sql
Enter password:

1.2 View the backed up file :

[root@centos62 ~]# ls | grep mysql
mysql19022012.sql

1.3 View the content on mysql19022012.sql :

[root@centos62 ~]# more mysql19022012.sql

2. Restore the backed up database named “mysql19022012.sql” to new database named “mysqlnew” as below :

# mysql -u root -p <mysqlpassword> <databasename> < <databasebackupfiles>.sql

<mysqlpassword> = MySQL password
<databasename> = Database name that will be restore
<databasebackupfiles> = Backed up database file, normally .sql file

2.1 Create the new database mysqlnew :

mysql> CREATE DATABASE mysqlnew;
Query OK, 1 row affected (0.01 sec)

2.2 As example, i will restore the mysql19022012.sql backed up file to database named “mysqlnew” :

[root@centos62 ~]# mysql -u root -p password mysqlnew < mysql19022012.sql

or

[root@centos62 ~]# mysql -u root -p mysqlnew < mysql19022012.sql
Enter password:

How to Check Apache Error Log and Access Log file

The purpose of logging in a server is to diagnose some issues. The common way to start the troubleshooting is to look at logs. For apache httpd server, all the log is normally stored at “/var/log/httpd” as below :

    [root@centos62 ~]# ls /var/log/httpd/
    access_log  error_log
    

How to Continuously Check Apache Error Log file :

    [root@centos62 ~]# tail -f /var/log/httpd/error_log
    

Example :

    [root@centos62 ~]# tail -f /var/log/httpd/error_log
    [Thu Feb 16 18:23:08 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
    [Thu Feb 16 18:23:08 2012] [notice] Digest: generating secret for digest authentication ...
    [Thu Feb 16 18:23:08 2012] [notice] Digest: done
    [Thu Feb 16 18:23:09 2012] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 configured -- resuming normal operations
    [Thu Feb 16 19:56:33 2012] [error] [client 192.168.1.52] File does not exist: /var/www/html/favicon.ico
    [Thu Feb 16 23:47:07 2012] [notice] caught SIGTERM, shutting down
    [Sat Feb 18 20:39:26 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
    [Sat Feb 18 20:39:26 2012] [notice] Digest: generating secret for digest authentication ...
    [Sat Feb 18 20:39:26 2012] [notice] Digest: done
    [Sat Feb 18 20:39:27 2012] [notice] Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 configured -- resuming normal operations
    

How to Continuously Check Apache Access Log file :

    [root@centos62 ~]# tail -f /var/log/httpd/access_log
    

Example :

    [root@centos62 ~]# tail -f /var/log/httpd/access_log
    192.168.1.52 - - [16/Feb/2012:23:03:50 +0800] "GET /adminer/externals/jush/jush.css HTTP/1.1" 304 - "http://192.168.1.44/adminer/adminer/?server=localhost&username=root" "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
    192.168.1.52 - - [16/Feb/2012:23:03:52 +0800] "GET /adminer/adminer/static/loader.gif HTTP/1.1" 200 673 "http://192.168.1.44/adminer/adminer/?server=localhost&username=root" "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
    192.168.1.52 - - [16/Feb/2012:23:03:52 +0800] "GET /adminer/adminer/?server=localhost&username=root&database= HTTP/1.1" 200 4739 "http://192.168.1.44/adminer/adminer/?server=localhost&username=root" "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
    192.168.1.52 - - [16/Feb/2012:23:03:52 +0800] "GET /adminer/adminer/static/plus.gif HTTP/1.1" 200 72 "http://192.168.1.44/adminer/adminer/?server=localhost&username=root&database=" "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
    192.168.1.52 - - [16/Feb/2012:23:03:56 +0800] "GET /adminer/adminer/?server=localhost&username=root HTTP/1.1" 200 2977 "http://192.168.1.44/adminer/adminer/?server=localhost&username=root" "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
    192.168.1.52 - - [16/Feb/2012:23:03:56 +0800] "GET /adminer/adminer/?server=localhost&username=root&script=connect HTTP/1.1" 200 109 "http://192.168.1.44/adminer/adminer/?server=localhost&username=root" "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
    192.168.1.52 - - [16/Feb/2012:23:04:16 +0800] "GET /adminer/adminer/?server=localhost&username=root&status= HTTP/1.1" 200 19629 "http://192.168.1.44/adminer/adminer/?server=localhost&username=root" "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
    192.168.1.52 - - [18/Feb/2012:20:39:32 +0800] "GET / HTTP/1.1" 200 1394 "-" "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
    192.168.1.52 - - [18/Feb/2012:20:39:32 +0800] "GET /icons/compressed.gif HTTP/1.1" 200 1038 "http://192.168.1.44/" "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
    192.168.1.52 - - [18/Feb/2012:20:44:17 +0800] "GET / HTTP/1.1" 200 1394 "-" "Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
    

How to Get the Best VPS Hosting Deals and Informations

Virtual Private Server (VPS) is a term used by internet hosting services which offers a good balance between total control (root access privilege) and a tight budget. Having a VPS account is just like operating a dedicated server. VPS is cost effective way to manage multiple sites and ideal for mission critical applications and websites. This because each VPS can run its own preferred operating system and can be independently rebooted anytime when required. Before you buy any Linux VPS which is unmanaged server, it is better to have basic knowledge of linux system administrations. You will be manage your own web service and database service that you will be installed.

In this post, i want to share two useful link to get the best VPS hosting deals and information. For VPS newbie, it’s better to try cheap VPS before you spend huge amount of money for your production VPS web hosting.

1. www.lowendbox.com
Low End Box – Cheap VPS Hosting Providers Listing & Reviews

2. www.webhostingtalk.com
Web Hosting Talk – The largest, most influential web hosting community on the internet

How to Deny ICMP Ping Request on CentOS 6.2

Ping is a computer network administration utility used to test the reachability of a host on an Internet Protocol (IP) network. Ping operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP response. ICMP protocol is used by ping command to check the connectivity between two computers. By defaults all Linux CentOS servers will response on ICMP request. Hacker can misuse this service. They can generate countless ping requests to your Linux server. This is what called DOS denial of services.

Before changes, i can ping 192.168.1.44 as below :

D:\>ping 192.168.1.44

Pinging 192.168.1.44 with 32 bytes of data:

Reply from 192.168.1.44: bytes=32 time=1ms TTL=64
Reply from 192.168.1.44: bytes=32 time=1ms TTL=64
Reply from 192.168.1.44: bytes=32 time=2ms TTL=64
Reply from 192.168.1.44: bytes=32 time=1ms TTL=64

Ping statistics for 192.168.1.44:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 2ms, Average = 1ms

In this post, i will show on how to block ICMP ping request from others.

Method 1 :
To disable ICMP ping immediately, type the following command :

[root@centos62 ~]# echo  1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

Method 2 :
To disable ICMP ping after reboot, modify the /etc/sysctl.conf as below. This will permanently disable the ICMP ping echo. Kindly append at the end line of the file :

[root@centos62 ~]# vi /etc/sysctl.conf
..
..
..
# Controls the maximum size of a message, in bytes
kernel.msgmnb = 65536

# Controls the default maxmimum size of a mesage queue
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 4294967295

# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 268435456

net.ipv4.icmp_echo_ignore_all = 1

Change will take effect after reboot :

[root@centos62 ~]# reboot

Try to ping again. The server will not reply now :

D:\>ping 192.168.1.44

Pinging 192.168.1.44 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.1.44:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),