How to find specific files and send alerts

CentOS, How to, Linux, Tips and Tricks, Ubuntu
Maintaining a shared hosting server is a full time job but tools and proper checks and balances can help make this burden lot less. I manage a shared hosting server for one of my friends and numerous times the scripts that people have installed over on their websites have vulnerabilities and hackers exploit it to upload stuff that mass-email or do other nasty stuff. Luckily, most of these exploits have common patterns like files names or other signatures that make them traceable (most of the time the so called hackers are just kiddy scripts) Create a file and put this in it [code]#!/bin/bash find /home -name 'paypal.com*' | mail -s '[Woodcrest] Phishing Alert!' me@mydomain.com find /home -name 'rout.php' | mail -s '[Woodcrest] Phishing Alert - Mail Bomber!' me@mydomain.com[/code] This is…
Read More

How to configure repos to not overwrite base packages?

CentOS, How to, Linux
The greatest fear with adding additional and especially third party repos such as EPEL (we did a blog post on how to install EPEL earlier) is that it MAY overwrite base packages and bring the system to an unstable state. We can fix this issue by installing Yum Priorities plugin on CentOS 5: [code]yum install yum-priorities[/code] on CentOS 4 or CentOS 6: [code]yum install yum-plugin-priorities[/code] Then make sure that the plugin is enabled [code]nano /etc/yum/pluginconf.d/priorities.conf[/code] Now there are two ways to do it, either set HIGHEST priority to CentOS repos OR set lowest priority to other repos. This is done by adding the line [code highlight="3"] # N=1 highest priority # N=99 lowest priority priority=N [/code] In this blog post, I will set 1 as the priority (highest) for my…
Read More

Installing EPEL repo

CentOS, How to
Installing EPEL repo in CentOS is simple, if you do not know what EPEL is, read more about it here. [code]rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm[/code] To configure epel or disable it use [code]nano /etc/yum.repos.d/epel.repo[/code] and then switch the config enabled to 0 (or vice versa) Don't forget to do the following [code]yum clean all[/code]
Read More