Thursday, April 28, 2011

Free google apps for domains - Get your mailserver done by google

Free google mail for your domain is the convenient way to connect your domain with a mail-Server. Up to 10 email-adresses are in the free edition of google apps.

You can register for the service here: https://www.google.com/a/cpanel/domain/new

Saturday, April 23, 2011

Basic Software installation on a new PC




Tired of installing many programs, one each other? Ninite.com offers an easy solution: choose your applications, download the installer, and let it do the hard work for you. The installer can be run again when you want to check for updates. ninite.com is primarily for Windows users who don’t have the luxury of a built-in package manager.

Wednesday, April 20, 2011

Make your own share this script

Maintain control about your share options with this open source software.
You can use it as standalone or as word press plugin.

Features of the Share script include:

Ability to save pages to social sites like Facebook, Digg, Delicious, Google, Yahoo, and more
  • Ability to email your friends
  • Ability to save the page as a PDF or Word doc
  • Ability to print the page
  • Fully extensible with a plugin system. Add any social site you want. You can even add IM, SMS, and more!
  • Complete stat tracking - see what pages are being shared, how they are being shared, over any time period
I give it a try. Download and informationan at http://www.enthropia.com/labs/share/

Tuesday, April 19, 2011

Sunday, April 17, 2011

Howto disable recursive DNS queries

Recursive DNS queries occur when a DNS client requests information from a DNS server that is set to query subsequent DNS servers until a definitive answer is returned to the client. The queries made to subsequent DNS servers from the first DNS server are iterative queries.
Thus keeping recursive query can lead to  unauthorized use of resources and DOS attacks.

To disable Recursive DNS follow the steps:
1) SSH server as root and edit file /etc/named.conf
root@server[~]#vi /etc/named.conf
2) add line recursion no; in options clause and it will look something like.
options {
directory “/var/named”;
dump-file “/var/named/data/cache_dump.db”;
statistics-file “/var/named/data/named_stats.txt”;
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below.  Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
recursion no;
};
3) Now restart or reload named service.
root@server[~]#/etc/init.d/named reload

Google Chrome: about: und chrome: Befehle im Browser

Die Befehle im Einzelnen:


  • about:memory liefert Informationen rund um den verwendeten Speicher, sortiert nach einzelnen Tabs und Plugins.
  • about:dns zeigt die zwischengespeicherten DNS-Einträge.
  • about:histograms zeigt Chrome-interne Messungen.
  • about:cache zeigt die im Cache gespeicherten URLs.
  • about:plugins listet die installierten Plug-ins, diese können an dieser Stelle auch deaktiviert werden.
  • about:version zeigt die aktuelle Version von Chrome, Webkit und der JavaScript-Engine V8 an, zudem wird der User-Agent im Detail aufgelistet.
  • about:net-internals zeigt einen Dump der Informationen des Netzwerk-Stacks an.
  • about:crash lässt den aktuelle Tab zu Testzwecken "abstürzen"
  • about:credits listet die verschiedenen Bibliotheken und Techniken auf, die in Chrome zum Einsatz kommen
  • about:terms zeigt die Nutzungsbedingungen von Google Chrome
  • about:about listet (fast) alle about-Befehle auf, die die verwendete Version von Google Chrome unterstützt
  • about:sync zeigt eine Zusammenfassung zur letzten Chrome-Synchronisation
  • about:tcmalloc listet detailliert den angeforderten Speicher für den letzten Seitenaufruf
  • about:gpu gibt Informationen zur Grafikkarte aus. Die Anzeige ist erst relevant, wenn Chrome die Grafik-Hardware zum Rendern nutzt.
  • about:net-internals zeigt für Debugging-Zwecke in Reitern ausführliche Informationen zu Proxys, Requests, DNS-Abrufen, Sockets, HTTP-Cache und Testmöglichkeiten für anzugebende URLs an.

Neben den about-Aufrufen gibt es spezielle chrome-Seiten, die Sie auch über die Menüs erreichen:

  • chrome://downloads/ zeigt eine Seite mit allen durchgeführten Downloads an
  • chrome://history listet den Browser-Verlauf auf, also die zuletzt besuchten Webseiten
  • chrome://extensions zeigt alle installierten Browser-Erweiterungen inklusive Zugriff auf Deinstallieren, Deaktivieren und Optionen der Plugins
  • chrome://bookmarks aktiviert den Lesezeichen-Manager von Google Chrome
  • chrome://newtab/ öffnet die vorgegebene Startseite (nicht etwa einen neuen Tab)

Über chrome-Seiten sind auch einige about-Befehle zu erreichen, wie chrome://about/sync/

Thursday, April 7, 2011

Secure your Kloxo Installation with your Firewall/IPTABLES

Stop iptables service:
/etc/init.d/iptables stop

Disable iptables service:
chkconfig iptables off


Copy this code to /etc/init.d/firewall (Reminder: Disable "word wrap" in your text editor. Ex.: nano -w /etc/init.d/firewall)

#!/bin/sh
# firewall
# chkconfig: 3 21 91
# description: Starts, stops iptables firewall

case "$1" in
start)

# Clear rules
iptables -t filter -F
iptables -t filter -X
echo - Clear rules : [OK]

# SSH In
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
echo - SSH : [OK]

# Don't break established connections
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
echo - established connections : [OK]

# Block all connections by default
iptables -t filter -P INPUT DROP
iptables -t filter -P FORWARD DROP
iptables -t filter -P OUTPUT DROP
echo - Block all connections : [OK]

# Loopback
iptables -t filter -A INPUT -i lo -j ACCEPT
iptables -t filter -A OUTPUT -o lo -j ACCEPT
echo - Loopback : [OK]

# ICMP (Ping)
iptables -t filter -A INPUT -p icmp -j ACCEPT
iptables -t filter -A OUTPUT -p icmp -j ACCEPT
echo - PING : [OK]

# DNS In/Out
iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p udp --dport 53 -j ACCEPT
echo - DNS : [OK]

# NTP Out
iptables -t filter -A OUTPUT -p udp --dport 123 -j ACCEPT
echo - NTP : [OK]

# FTP Out
iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 30000:50000 -j ACCEPT
# FTP In
iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 30000:50000 -j ACCEPT
iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
echo - FTP : [OK]

# HTTP + HTTPS Out
iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
# HTTP + HTTPS In
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
echo - HTTP/HTTPS : [OK]

# Mail SMTP:25
iptables -t filter -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 25 -j ACCEPT
echo - SMTP : [OK]

# Mail POP3:110
iptables -t filter -A INPUT -p tcp --dport 110 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 110 -j ACCEPT
echo - POP : [OK]

# Mail IMAP:143
iptables -t filter -A INPUT -p tcp --dport 143 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 143 -j ACCEPT
echo - IMAP : [OK]

# Kloxo
iptables -t filter -A INPUT -p tcp --dport 7777:7778 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 7777:7778 -j ACCEPT
echo - Kloxo : [OK]

echo - Firewall [OK]
exit 0
;;

stop)
echo "Stopping Firewall: "
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t filter -F
exit 0
;;
*)
echo "Usage: /etc/init.d/firewall {start|stop}"
exit 1
;;
esac


Enable/Start Firewall Service

chmod 700 /etc/init.d/firewall

add firewall service:
chkconfig -–add firewall

auto start firewall:
chkconfig -–level 2345 firewall on

start firewall:
/etc/init.d/firewall start


If you have slave server, add this on the master

iptables -t filter -A INPUT -p tcp -s SLAVE_IP --dport 7779 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp -d SLAVE_IP --dport 7779 -j ACCEPT

Note: replace SLAVE_IP with your Slave server IP.

Add this on slave server

iptables -t filter -A INPUT -p tcp -s MASTER_IP --dport 7779 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp -d MASTER_IP --dport 7779 -j ACCEPT

Note: replace MASTER_IP with your Master server IP.


After all always a good idea
/sbin/service httpd restart

Installing Kloxo on Centos 64

Take a fresh installation of centos 5.5
Don't yum update now.
Install Mysql
su root
setenforce 0

wget http://download.lxcenter.org/download/kloxo/production/kloxo-install-master.sh

Take the install option with existing mysql database (PASSWORD = your root password SQL)
sh ./kloxo-install-master.sh --db-rootpassword=PASSWORD

go through the installation process. Answer all questions wit yes and take a break for 15 minutes.

Install MySql on Centos 5.5

Install:
yum install mysql-server


Start:
service mysqld start OR /etc/init.d/mysqld start


Secure it:
/usr/bin/mysql_secure_installation

It is going to ask you handful of questions:

Current Root Password

You will be asked for your current root password. Because this is a new installation it is set to none. Press enter.

Set Root Password

If the above step worked correctly you should be prompted with a question asking you if you would like to set your root password. Please press Y and press Enter.

You will be asked for your root password twice. If it works you will see Success!

Removing Anonymous Users

You will be prompted to remove the MySQL anonymous users. For security reasons we want to do this. The text above the question explains this topic in more detail. Press Y and then Enter.

Disallow Root Login

You will be asked if you would like to disallow remote login for the root user and only allow connections from the server itself. To keep our server secure you want to say Y and press Enter.

Delete test Database

MySQL ships with a default database called test. This is not needed and can be deleted. Press Y and then Enter to delete the test database and it’s associated users.

Reload Privilege Tables

This step will reload the user settings (called privilege tables) so all user changes will take effect. Press Y and then Enter to continue.

Tuesday, April 5, 2011

httpd restart - start - stop

to restart:

/sbin/service httpd restart

to start:

/sbin/service httpd start

to stop:

/sbin/service httpd stop

Friday, April 1, 2011

cpanel Alternativen

Ja es gibt Alternativen zu cpanel:

1. Gnu Panel: Hosting Control Panel für Debian
2. ispCP für Debian, Centos Fedora, Gentoo Linux, openSUSE, Red Hat Linux und Ubuntu als ein Multi-Server-Verwaltungs- sowie Administrationstoo
3. Webmin: Per Webbrowser können die verschiedenen Server-Prozesse oder Daemonen administriert werden, die auf einem Unix-Rechner laufen - häufig in Verbindung mit
4- Virtualmin: Für die einfache Konfiguration verschiedener Serverdienste wie beispielsweise Mailserver, Domains und MySQL.

Ein Vergleich von gängigen Programmen hier: http://isp-control.net/documentation/about/comparsion