Number of open connections per remote host (netstat)

The following command can be used to find out the number of connections per remote hosts (which is useful to identify denial-of-service attacks):

# netstat -n | grep 'tcp\|udp' | awk '{ print $5; }' | cut -d: -f1 | sort | uniq -c | sort -nr

netstat -n is just faster than without the -n parameter since it shows numerical addresses instead of trying to determine symbolic host, port or user names.
grep 'tcp\|udp' only shows tcp and udp connections (thus removing unix sockets and headers). Read More

How to hide a drive in Windows 8

Hide Drive using CMD
1] Open an elevated command prompt, type Diskpart and hit Enter.
2] Type List Volume and hit Enter.
3] Now type select and the numeral against the letter of the Drive (eg. it could be G Drive), which you want to hide. For instance, it could be Select Volume 6. Hit Enter.
4] Finally, type Remove Letter G and hit Enter.
You will see a message – Diskpart successfully removed the drive letter or mount point.
To show the hidden drive, follow steps 1, 2, 3 mentioned above.
Now type Assign Letter D and hit Enter. This will show the drive in Explorer.
If you need a detailed walk-through, see our forum post titled Hide or show your hard drive partitions using Diskpart.
These are the 4 ways you can hide a drive natively, in Windows.
UPDATE: You can also use freeware HideCalc to hide disk drive in Windows.

SELinux preventing Apache from writing to a file

For files you want Apache to be able to write to, the type must be set to httpd_sys_rw_content_t
To permanently mark that directory as httpd_sys_rw_content_t, you can use the command

semanage fcontext -a -t httpd_sys_rw_content_t /var/www/webapp/k/site(/.*)?;
restorecon -RF /var/www/webapp/k/site/

This will survive SELINUX binary policy updates and filesystem relabeling.
Read More

Apache Block Backup Files

A really simple way to “hack” into someone’s site is by checking for common filenames with backup extensions. For example, check this google search for config filetype:php~
Since backup files don’t always contain the correct extension to be processed properly, the httpd usually sends them as plain text. The lines below should be placed in your httpd.conf to block these requests across all sites on your server. If you don’t have httpd.conf access, these lines can go into a .htaccess file. For .htaccess, make sure to place it in the root web directory so it covers all of your subdirectories. Read More

How To Create an SSL Certificate on Apache for CentOS 7

Introduction

TLS, or “transport layer security”, and its predecessor SSL, which stands for “secure sockets layer”, are web protocols used to wrap normal traffic in a protected, encrypted wrapper. Using this technology, servers can send traffic safely between the server and the client without the concern that the messages will be intercepted and read by an outside party. The certificate system also assists users in verifying the identity of the sites that they are connecting with.
In this guide, we will show you how to set up a self-signed SSL certificate for use with an Apache web server on a CentOS 7 VPS. A self-signed certificate will not validate the identity of your server, since it is not signed by a trusted certificate authorities, but it will allow you to encrypt communications between your server and your visitors.

Allowing apache (httpd) to run from home directory in Red Hat, CentOS and Fedora

Q: I have installed apache and chose to put my document root into a home directory.  I could not get apache to start and after much research I found it was SELINUX stopping it from starting.  I was told not to disable SELINUX and to configure it to work with the new directory.  Do you have any idea how I can accomplish this?
A: Set the httpd_enable_homedirs boolean in SELINUX to allow such access.
So the first thing I would do is use the sealert command to pull the relevant information from the audit log. Read More

OpenSSL tips and common commands

OpenSSL is the de-facto tool for SSL on linux and other server systems. It providers both the library for creating SSL sockets, and a set of powerful tools for administrating an SSL enabled website. Following are a few common tasks you might need to perform with OpenSSL.

Generate a certificate request

Obtaining a signed SSL certificate envolves a number of buisness verification procedures and a sumbition of what is called a CSR (“Certificate signing request”). To generate the CSR, execute the following command.

openssl req -new -newkey rsa:1024 -nodes -keyout key.pem -out req.pem

Read More