» Server の記事

必需東西

  1. Root機(笑,未root 可以再見了
  2. Android Terminal Emulator , 即putty
  3. Hacker's Keyboard , 感覺好小小既keyboard skin,最小你會講小左好多粗口:)
  4. Complete Linux Installer , linux container
  5. Astro File , android file system

 安裝晒以上東東後,開啟 Complete Linux Installer 

去install guides 到choose 你要安裝既OS 到,尼到會用ubuntu 12.04 尼做example

Screenshot_2013-04-01-19-47-49

Page 1 主要係叫你開USB debugging mode , 同夠位donwload ubuntu OS images

Screenshot_2013-04-01-19-47-58

之後Page2 donwload image 

Screenshot_2013-04-01-19-48-01

之後有3個size可以 download , 睇餸食飯。

Screenshot_2013-04-01-19-52-28

sourceforge 係幾好,用4G download 都好快完成, (小妹係唔係就係另mobile network 塞車的兇手,喂

Screenshot_2013-04-01-19-52-31

download 完成後就解壓,內有2個file , 一個係img , 一個係md5

Astro File check 一下md5 有無問題,按實>properties>MD5 checksum

之後將img放到你想放既位置。

完成後回到Complete Linux Installer , 去launch

SETTINGS>Edit 變更images link

save> Start Linux

開了後會自動跳到Android Terminal Emulator,問你開唔開ssh, vnc, y晒佢你就有好日子過

之後save ,一切都變回你懂的東西,update 一野

apt-get upgrade && update

install LAMP

apt-get install apache2 mysql-server php5

Screenshot_2013-04-01-19-23-02

完成

~ crontab on ubuntu ~

connie 2013.03.25 | ubuntu | | No Comments

先寫好個shell script,並將佢set 做可以execute

chmod 755 filename

之後去

nano /etc/crontab

建議你先set 做一分鐘run一次,睇下run 唔run 到先

*/1  *   * * *  root    /home/user/sh/backup.sh
分 時 日 月 週 執行者身份  指令串

/ 代表毎隔幾耐run 一野,而 / 前需要有 * 的,上面的指令=一分鐘run 一次

如果想2月1日0:00 send email 請如下

0 0 1 2 * mail connie < /home/happy_birthday.txt

done : )

~ install mcrypt in ubuntu ~

connie 2013.01.22 | ubuntu | | No Comments
apt-get install php5-mcrypt
/etc/init.d/apache2 restart

 

~ use Find 來找linux 內的file ~

connie 2013.01.09 | Linux | | No Comments

linux command 搵folder 入面 jpg,png,gif 以外的files
假設要找尋的folder 為 /var/www 的所有file

find . ! -name '*.jpg' ! -name '*.png' ! -name '*.gif'

 

~ 用RootKit Hunter來找linux漏洞 ~

connie 2013.01.05 | ubuntu | | No Comments

先安裝RootKit Hunter

cd /tmp
wget http://ncu.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.0/rkhunter-1.4.0.tar.gz
tar -xvf rkhunter-1.4.0.tar.gz
cd rkhunter-1.4.0
./installer.sh --layout default --install
cd /usr/local/bin
mv rkhunter /usr/bin/

之後update db

rkhunter --update
rkhunter --propupd

之後要修改/etc/rkhunter.conf

nano /etc/rkhunter.conf

加入hidden file whitelist

SCRIPTDIR=/usr/local/lib/rkhunter/scripts

ALLOWHIDDENDIR="/etc/.java"
ALLOWHIDDENDIR="/dev/.udev"

ALLOWHIDDENFILE="/dev/.initramfs"

SCRIPTWHITELIST=/usr/bin/unhide.rb

Scan Machine 方法

rkhunter --checkall

完成

rm -r rkhunter-1.4.0
rm -r rkhunter-1.4.0.tar.gz

 

~ Linux Check login ~

connie 2013.01.03 | Linux | | No Comments

To show users who are logged in to the system

who

To show the list of users who have logged in last

last

To show the list of all reboots

last reboot

To print the content of the last login log from /var/log/lastlog

lastlog

To List out the login history for certain acc

last [username]

 

~ hmail connect mysql database ~

connie 2013.01.02 | mail server | | No Comments

如果要hmail connect mysql, 需要先加上mysql 既library
lbymysql.dll 將此file 抄到 ./hmailserver/bin

blog_01

之後開啟hmailserver>hmailserver database setup

blog_02

New databases choose first one

blog_04

Choose Mysql

blog_05

Service 選擇.net runtime optimization service

blog_06

之後就可以完成

NOD32 Firewall 有GUI interface, 但我唔明佢點解開port 會仲難過ubuntu 係command mode 開port -.-^
先開nod32 畫面>設定>設定規劃及區域…

Screen Shot 2012-12-31 at 10.26.28 PM

之後會見到尼個畫面,按"切換所有規則的詳細檢視"

Screen Shot 2012-12-31 at 10.26.56 PM

之後會變左甘既樣子, 按新增

Screen Shot 2012-12-31 at 10.27.08 PM 

之後會見到d識打既野了…. service name, allow 

Screen Shot 2012-12-31 at 10.27.38 PM   

去本機,add port , done , thx ….

Screen Shot 2012-12-31 at 10.27.47 PM

常用的PORT

http 80
https 443
ssh 22
pop3 110
smtp 25

 

List of TCP and UDP port numbers

http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

~ Apache 上配置多張 SSL Cert ~

connie 2012.12.28 | ubuntu | | No Comments

有好多人會以為配置SSL virtual Host 時,會同普通http virtual Host 一樣,
copy 多一set virtual host 改servername , restart 就完成.

但你好快會發現有問題出現
假設你有2個SSL site, 同樣都有cert的.
SSL Site B 會使用了 Site A 張cert

要解決這個問題有三個可行的方法

  1. use Wildcard SSL
  2. set different port listener
  3. use mod_guntls mod

總之要點係每個SSL VirtualHost 都要有獨立的IP:PORT組合,不然就要用wildcard SSL

~ Ubuntu Firewall Setting ~

connie 2012.12.27 | ubuntu | | No Comments

以下cmd 需要在有root權的acc使用

Install ufw

sudo apt-get install gufw

Check firewall status

ufw status

Turn on Firewall

ufw enable

Turn off Firewall

ufw disable

Allow a port

ufw allow [port number]

Allow an ip address

ufw allow from [ip address]

Allow a specific ip address and port

ufw allow from [ipaddress] to any port [port number]

Allow ip address range 10.120.0.1 – 10.120.0.255 to port 22

ufw allow from 10.0.0.0/24 to any port 22

Blocking a port

ufw deny port [port number]

To remove a deny or allow rule

ufw delete deny  [port number]
« Previous Page | HOME |