[ add comment ] ( 5 views ) | [ 0 trackbacks ] | permalink
http://www.cyberciti.biz/nixcraft/linux ... ures/mrtg/
Install httpd, mod_ssl and net-snmp
yum install httpd
yum install mod_ssl
/etc/init.d/httpd start
chkconfig httpd on
yum install net-snmp-utils net-snmp
chkconfig --add snmpd
Put snmpd.conf in place
cat > /etc/snmp/snmpd.conf
com2sec local localhost public
group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
view all included .1 80
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none
syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat
Test and install mrtg
service snmpd restart
snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex
chkconfig snmpd on
yum install mrtg
Create config
mkdir -p /var/www/html/mymrtg/
cfgmaker --global 'WorkDir: /var/www/html/mymrtg' --output /etc/mrtg/mymrtg.cfg public@localhost
Generate index.html
vi /etc/mrtg/mymrtg.cfg
indexmaker --output=/var/www/html/mymrtg/index.html /etc/mrtg/mymrtg.cfg
Setup script
cat > /sbin/mymrtg.sh
#!/bin/bash
env LANG=C /usr/bin/mrtg /etc/mrtg/mymrtg.cfg 2>&1 1>/dev/null
^D
Install script
chmod +x /sbin/mymrtg.sh
/sbin/mymrtg.sh
crontab -e
Put crontab on
crontab -l
*/5 * * * * /sbin/mymrtg.sh
[ add comment ] ( 6 views ) | [ 0 trackbacks ] | permalink
http://www.hvar.komerce.cz/fakebook/
http://www.sheetmusicdirect.com/
http://www.youtube.com/watch?v=xWKwQuE9g7U&NR=1
[ 5 comments ] ( 16 views ) | [ 0 trackbacks ] | permalink
http://www.chromeexperiments.com
[ add comment ] ( 5 views ) | [ 0 trackbacks ] | permalink
$ telnet hostname 80
GET /index.htm HTTP/1.1
host: hostname
tshark -R "http"
more
[ add comment ] ( 6 views ) | [ 0 trackbacks ] | permalink

[ add comment ] ( 6 views ) | [ 0 trackbacks ] | permalink
#!/bin/bash
HOSTNAME=`hostname --fqdn`
DATE=`date "+%d%m%Y"`
tar cvfz /var/backup/${HOSTNAME}_${DATE}.tar.gz /etc/
chown xxx:xxx /var/backup/${HOSTNAME}_${DATE}.tar.gz
scp -i /home/xxx/.ssh/id_dsa_${HOSTNAME} /var/backup/${HOSTNAME}_${DATE}.tar.gz \
xxx@xxx:/var/backup/
cd /folder2archive/
find . -mtime +14 -type f > /tmp/arch.out; tar -cvf /mnt/server/archive_2010_10_04/archive.tar --files-from /tmp/arch.out
find . -mtime +14 -type f | xargs rm -rf
[ add comment ] ( 6 views ) | [ 0 trackbacks ] | permalink
Zapnutí logování činnosti uživatele root:
1) přilášení root přes konzoli
2) přihlášení root přes ssh
3) použití příkazu su na root
4) použití příkazu sudo na root
relace, které pro session využijí include systém-auth nepotřebují specifickou řádku v definici pam stacku. při default by byl posup následující:
[root@myczsl0bl0clcs1 pam.d]# grep system-auth * | grep session
atd:session include system-auth
chfn:session include system-auth
chsh:session include system-auth
crond:session include system-auth
ekshell:session include system-auth
gssftp:session include system-auth
kshell:session include system-auth
login:session include system-auth
ppp:session include system-auth
remote:session include system-auth
run_init:session include system-auth
sshd:session include system-auth
su:session include system-auth
doplnění řádku:
[root@myczsl0bl0clcs1 pam.d]# cat /etc/pam.d/system-auth | grep session | grep tty
session required pam_tty_audit.so disable=* enable=root open_only
login, sshd a su použijí pam_tty_audit, volají totiž include system-auth, ale sudo system-auth nevolá, proto by mělo být použití modulu pam_tty_audit doplněno separátně
[root@myczsl0bl0clcs1 pam.d]# cat /etc/pam.d/sudo | grep session | grep tty_audit
session required pam_tty_audit.so disable=* enable=root open_only
[ add comment ] ( 4 views ) | [ 0 trackbacks ] | permalink
yum install e4fsprogs
[ add comment ] ( 5 views ) | [ 0 trackbacks ] | permalink
http://www.redhat.com/security/updates/errata/



[ add comment ] ( 6 views ) | [ 0 trackbacks ] | permalink