Saturday, July 3, 2010

mount hfsplus (mac os file system) under Debian linux

SkyHi @ Saturday, July 03, 2010

Have an external hard disk with hfsplus or hfs+ partition on it? This is how you can mount it under linux (specifically, Debian) :

in os x :

  • disable journaling in the partition/external hdd in disk utility or use run the command “diskutil disableJournal /dev/disk1s1″ in terminal.

in linux :

  • apt-get install hfs*
  • mount -t hfsplus -o rw /dev/sdb1 /mnt/extdisk

Voila !!!



SkyHi @ Saturday, July 03, 2010

I've used Acronis True Image on quite a large number of Windows systems over the years, as it is a very good product which has gradually expanded it's (already impressive) feature set throughout that time. Just recently, I had the requirement to image a Linux system and so decided to trial the new Acronis True Image Echo Server on Linux - from what I found, there is no 'workstation' product for Linux like the True Image Home product for Windows, and so had to go for the server version instead. Specifically, I needed to backup a 64-bit CentOS 5.1 virtual machine running inside Citrx XenServer Express.

After registering for the trial version on, downloading the appropriate installation file and moving it into the VM, a quick 'chmod +x TrueImageServerEcho_d_en.i686' made the file ready for installation. The binary is suitable for 32-bit and 64-bit systems - no need for seperate installation files.

After kicking off the installation ('./TrueImageServerEcho_d_en.i686'), it was pretty much a next-next-finish affair, except I soon found I needed to have the kernel source files and gcc installed, for the installation program to correctly configure the SNAPAPI Module. A quick 'yum install -y kernel-xen-devel gcc' fixed the dependancy issue, and after re-run of the True Image installation file, all required software was now installed.

By the way, there was no documentation supplied with the downloaded installation file; I found out some of the information on the Acronis website, and also by browing the setup log file (/var/log/trueimage-setup.log).

Since I don't generally use an X-Windows interface on *nix systems (much prefer the command line via SSH), I've now got to see how far I get with the console tools ('trueimagecmd' and 'trueimagemnt')...


Friday, July 2, 2010

NET USE command

SkyHi @ Friday, July 02, 2010
The NET USE command is used to associate a local drive letter or device name with a shared network drive or device. Most often, the NET USE command is used for network drive mapping.

The NET USE command can be used also to disconnect a computer from a shared resource, or to display information about computer network connections.

The NET USE command also controls persistent net connections.
What network resource can I connect to using NET USE?

When connecting to a network device using the NET USE command or the NET CONNECT command, you can connect to any of the following:

* printer LPT1 thru LPT4,
* serial port COM1 thru COM4,
* AUX1 thru AUX4
* logical drive A: thru Z:

Logical drives are most commonly referenced devices when using the NET USE command.
Difference between NET USE and NET CONNECT

The commands NET USE and NET CONNECT are interchangeable. Originally IBM introduced the NET USE command and Microsoft used the NET CONNECT command. The NET USE command is being used more often now and is the preferred method these days.
Where NET USE is used?

The NET USE command is only available on client computers, that is most often on desktop workstations. A "client computer" in this context refers to the relationship of the computer not to the physical configuration. A client computer is the one that connects to somewhere, the one that relies on the target resource. The NETWORK.COM or CLIENT.COM modules need to be loaded for this command to work.

Before you can use any network device or drive, it must have been previously shared using the NET SHARE command from the server machine.
How do I display a list of network connections on my computer?

When you use the NET USE command without parameters, NET USE retrieves a simple list of network connections. Go to your Start menu, click Run, type cmd and hit enter. Then, type NET USE and you will see a screen similar to the following output.

Status Local Remote Network
OK H: \\a0001-fila006-v\mpari$ Microsoft Windows Network
OK O: \\a0001-app9229-s\RMBech Microsoft Windows Network
OK P: \\a0185-app3A43-s\QRM Microsoft Windows Network
OK S: \\ho-0001-nas02\teamedm Microsoft Windows Network
Disconnected X: \\001-deploy1-s\mcafeedat Microsoft Windows Network
The command completed successfully.

The NET USE is very useful to get a list of connected network devices. If you need information about some particular network resource that you are connected to, you can use the following command:

NET USE [DeviceName]

This would be for example "NET USE H:" where H is your network drive.
How do I make network connections persistent (available after reboot)?

When mapping a network drive, you can tell the computer to remember your mapping after you restart the computer. If you want to make all future connections are persistent (auto-reconnect at login), use the following:

NET USE /Persistent:Yes

If you want to make all future connections non-persistent, use the following:

NET USE /Persistent:No

In this case, mapping will be lost when the computer is restarted.
How do I connect a user to his or her HOME directory?

Connecting a user to his or her HOME directory is often used in corporate setting where each user is allocated some space on the network in addition to his or her personal computer. Making this network location available every time the user logs into his or her computer can be accomplished using the NET USE command in a login script. The following is the way it works:

NET USE [devicename | *] [password | *]] [/HOME]

The devicename in this case is the HOME server/folder that is defined in Active Directory (ADUC).

In case you need to use the NET USE command to connect to a password protected file share, use the following:

NET USE [driveletter:] \\ComputerName\ShareName[\volume] [password | *]
[/USER:[domainname\]username] [/PERSISTENT:No]

The following are a few examples of this:

NET USE H: /Home
NET USE H: \\CorporateFileServer\Users\%Username%
NET USE W: \\CorporateFileServer\GroupShare /Persistent:No

Are you wondering what the /USER is?
How to specify USER in NET USE?

If you deal with enterprise security, you may need to provide user name to the NET USE command. There are two notations for giving it the user name. In the NET USE command /USER can be specified as:

[/USER:[dotted domain name\]username]
[/USER:[username@dotted domain name]

Both work the same way.
How do I disconnect from a share using NET USE?

If you no longer need a connection to the network share, it is a good idea to disconnect from it so that it does not drain system and network resources. You can do so by using the following NET USE command:

NET USE [driveletter:] /DELETE

This should disconnect.

Important note: You cannot disconnect from a shared directory if you use it as your current drive or if an active process is using it. You can find out whether anything is using your drive by typing the NET USE [driveletter]:
Possible problem with NET USE

Mapping to a resource shared on the network using the NET USE command has some peculiarities. You can encounter a problem when trying to connect to a network share right after you map to it (when doing so in a script).

This is because the execution of the NET USE takes some time. When using the NET USE command in a script to map to a network drive, you may want to wait until the mapping has completed before continuing with further scripting commands.

START /wait NET USE [driveletter:] \\ComputerName\ShareName

The start /wait switch ensures that files can be read from the mapped drive immediately, in other words that subsequent commands in your script execute only after mapping is complete.
Syntax problem with NET USE

When using the NET USE command, you can run into some syntax-related errors. The System error 67 occurred is a very common one.

See here for more details: System error 67 has occurred.

Also, if the ServerName that you provide contains spaces, you need to use quotation marks around the text. (that would be for example "Server Name") Not providing quotation marks results in an error message: System error 85 has occurred.
Are there other related useful networking commands?

The NET SHARE command is used at the server to share a folder to others. If you want to access this shared resource from a client, you would use the NET SHARE command.

This page provides an overview of all available networking server commands: server NET commands.
NET USE syntax

The following is the syntax for NET USE:

net use
[{DEVICE | *}]
[{PASSWORD | *}]]
[{/DELETE | /PERSISTENT:{yes | no}}]

net use [DEVICE [/HOME[{PASSWORD | *}] [/DELETE:{yes | no}]]

net use [/PERSISTENT:{yes | no}]

That is about it.


Vista Home Premium and Samba

SkyHi @ Friday, July 02, 2010
For what ever reason Microsoft decided not to include Local Security

Policies(secpol.msc) in the Home versions of Vista, so unless there are registry

entries that can be changed to set the authentication type you may be

out of luck.


- Click start

- Type: regedit

- Press enter

- In the left, expand these folders:


- In the left, click on the folder named:


- In the right, double-click "LmCompatibilityLevel"

- Type the number 1 and press enter

- Restart your computer

useful bashrc

SkyHi @ Friday, July 02, 2010

PHP: Increase memory limit

SkyHi @ Friday, July 02, 2010

Have you ever received a fatal error on your server similar to the one below when you tried to execute a script?

The fatal error shown below, indicates that your PHP configuration has a memory limit set and the script which you are executing is trying to allocate more memory than what is available for use.

Fatal error: Allowed memory size of 8388608 bytes exhausted (tried to allocate 8192 bytes) in /var/www/vhosts/ on line 23

There is a solution to this though. You can increase the memory limit of your PHP configuration. There are two approaches though. One which is for shared hosting customers without shell or php.ini configuration file access and the second approach is for VPS or dedicated server customers who have the ability to edit their PHP configuration file.

Shared Hosting

Shared hosting customers need to insert a command into a .htaccess file, telling your web server that a PHP configuration value needs to be modified when PHP is loaded. Place this .htaccess file into the root directory of the specified domain. If you already have a .htaccess file, you can open it and place the command below the existent content of the file. Here is the command :

php_value memory_limit 64M

The command above will change your PHP memory limit configuration value to 64 megabytes of RAM available of PHP scripts being executed on that domain. You can change the 64 to any other value you wish to use. The default on a shared hosting account is usually about 8M in most cases.

Dedicated or VPS Optimized

In case you have a dedicated or virtual private server, you should have shell access and the ability to manually edit/change your PHP configuration file to set the values according to your needs. Follow the steps below to log in to your server via SSH, access your php.ini configuration file, change the memory_limit value, then save the file and restart your web server (Apache) for the changes to take place.

First off, log into your server via SSH. Change the “root” value to your SSH username and the “” value to either the IP address of the server or the domain.

ssh -lroot

Locate your PHP.ini configuration file. It will show you the location of your PHP.ini configuration file. In my case, it is “/usr/local/php/etc/php.ini” but it might be different on your box.

locate php.ini

With the location of your PHP.ini configuration file, open the file with VI

vi /usr/local/php/etc/php.ini

In VI, you need to find the text “memory_limit” inside the file. You can do that by hitting forward slash (/) and then typing “memory_limit”. Once the text has been found and it is highlighted, press the “i” key on your keyboard to go into INSERT mode. Use the keyboard arrows to navigate and change the line so it looks like this :


Again, as explained above in the “Shared Hosting” explanation, you can change the “64″ to any other preferred integer. If you need 128 megabytes of memory for scripts to allocate, change the value to “128M” and so on.

With the value changed, hit the “Esc” button on your keyboard to exit the INSERT mode. Then press “Shift” + “Q” + “W” to write the changes to the file and quit. With the file successfully saved, the last thing left to do is to restart your web server (Apache). You can do that with the following command :

httpd restart

On my Plesk dedicated server, it is :

Wednesday, June 30, 2010

div vs span element

SkyHi @ Wednesday, June 30, 2010
There are a couple of generic HTML tags called
and which have no real semantic meaning. They're not paragraphs or headings or list items or table cells or links, or any other meaningful tag like the ones we've talked about up until now. The
and tags don't mean anything from a semantic or grammatical point of view. Their primary purpose is to allow web developers to apply styles to areas within the web page that are not easily defined by other kinds of tags. Note: By the way, if you're wondering what "semantic" means, here's one definition: "Of or relating to meaning, especially meaning in language" (from the American Heritage Dictionary). Headings, paragraphs, list items and all those other things provide meaning to text. The
and elements do not.


Sometimes you want to apply a style to the semantic elements (headings, paragraphs, etc), but sometimes it makes more sense to apply styles to a chunk of text that doesn't really fit into a semantic unit. Maybe you want to apply a style to four paragraphs, or to three words. In these cases it sometimes makes sense to use a unit that can successfully group the items, but which doesn't apply any semantic meaning. In the example screenshot below, a border was applied around two paragraphs, but not around the others. The border groups the paragraphs visually.
The XHTML code looks like this (with the paragraph text shortened):
Paragraph here, etc., etc.
Paragraph here, etc. etc. Paragraph here, etc. etc.
Paragraph here, etc. etc.
The CSS code looks like this:
#border_here {
  border: red solid 5px;
  padding: 1em;
To give another example, you might want to create a visual column of text. A column doesn't really have semantic meaning. Columns are just ways of formatting the text. If you have a two-column article and convert it to one column, you haven't lost any meaning. You've only lost the visual formatting. You can create column-like effects by grouping the text using
tags and then applying the appropriate styles.

The Element

The element allows you to apply styles to an inline section of code.
This is a paragraph with a highlighted phrase inside it.
Notice that there is an opening element and a closing element. The "highlight" class will be applied to the text in between the opening and closing tags.

Block vs. Inline

At this point it would be good to revisit the idea of block level content versus inline content.
  • For generic block level elements, use
  • For generic inline elements, use
tag is a block level tag. That means that anything within the
tag takes up a rectangular "block" of visual space. Without any extra styles, this block of space extends all the way across the browser window. For the sake of illustration, I've created a
tag below and applied a background color of purple so that you can see what it looks like.
This text is inside of a
Using styles, I can make this block of text as wide or high as I like. I can change the color, add a border, and do all kinds of fancy things with it. But the main point for now is that a
is a rectangle that starts on a new line, meaning that you can't insert a
in the middle of a paragraph or any other semantic block level tag. The tag, on the other hand, is an inline tag. Inline tags can be added in the middle of block level tags. They can even be added in the middle of other inline tags. They don't start on a new line. They don't change the flow of the text. Other inline tags include links, and .
In this paragraph, I've created a span around these words. Like the
example above, the is styled to give the text a purple background. the difference is that the is within the paragraph, and does not cause the text to start on a new line. Reminder: Neither the
nor the which I created give the text any additional meaning. They only change the color of the background. The
and elements can be useful under some circumstances to enhance visual appeal. They're not good for conveying extra meaning. A blind person using a screen reader will not know that the background color has changed. In fact, screen readers ignore styles almost completely. (There are a few exceptions to this, but a discussion of those exceptions would take us beyond the scope of this lesson.) If you use styles or colors to try to convey meaning (for example, by saying "all the green words are important"), you are probably going to make the content inaccessible to a person using a screen reader, since they can't see the styles. Question: Which methods can you use to apply styles to
and elements? Answer: You can use any of the methods already discussed. You can apply a style to all
or tags, or you can apply a style to only one
or tag using the id attribute, or you can apply a style to multiple tags, including
and , using the class attribute. All methods are ok.


The attack of the inodes – how to find out your number

SkyHi @ Wednesday, June 30, 2010

“Inode” is a term used in Linux/UNIX file systems. Each file, directory, symlink… is represented by an inode which has a bunch of information on the file or directory (check out Understanding UNIX / Linux filesystem Inodes for more information). Computers running Linux have a maximum number of inodes allowed, i.e. a maximum number of files and directories, independently of their sizes. This number is quite big so in general it won’t affect you. Furthermore, if you are running Windows you might be tempted to skip this post altogether. But if you have a domain in a hosting service and your web hosting package is in a Linux server, you should definitely continue reading. In my previous post Hostgator pros and cons, I explained how it has a maximum of 50,000 inodes quota and how it’s not that difficult to reach that number. Whether you are using Hostgator as your web hosting provider or any other, you should know about inodes and how their shortage can become a problem. In this post I will go through ways to find out how many inodes do you have. In the 2nd part, I am going to compile a list of the number of inodes different packages have when you install them (important if you want to run WordPress, TYPO3, Mambo, TikiWiki…).

To find out how many inodes are there in a folder or web hosting account, there are three ways. Whether one or another are possible, or all three, will depend on your web hosting provider.

Option 1. Submit a ticket

This one is easy and only takes as long as your provider’s support takes. Just ask them for an inode report on your account. Hostgator complied within 4 hours, and that was for three different accounts.

Advantage of this method: little effort and you don’t have to learn any commands.

Disadvantage of this method: if you haven’t been warned of being above the inode limit, you might be calling their attention to your account unnecessarily. Furthermore, you depend on others to know the number of inodes.

Option 2. Via ssh

If your provider allows you to ssh to your account, then once you are connected, all you have to do is type the following:

find . -printf "%i\n" | sort -u | wc -l

Advantage: quick (it can take 20 seconds to count 10,000 inodes).

Disadvantage: not all web hosting providers allow you ssh access. In Hostgator, for example, you can ask for ssh access but you need to give them a copy of your photo id.

Option 3. Via ftp

This can’t be done using FileZilla or similar. From a Linux machine you must open a terminal and:

  1. First make sure you have the curlftpfs package installed. Depending on your Linux distribution it can be as simple as running (as super-user)

    yum install curlftpfs

  2. Then you have to create the directory where you want to mount the ftp connection to your hosting account.

    mkdir ftp-domain-folder

    where ftp-domain-folder is the name of the directory you chose.

  3. After that you connect to your account.

    curlftpfs -o user=xxxx:yyyy ftp://domain-name.zzz/ ftp-domain-folder/

    where xxxx = user name and yyyy = password.

  4. And you run this command to count the inodes.

    find ftp-domain-folder/ | sort -u | wc -l

  5. Finally, unmount the folder (requires super-user priviledges):

    umount ftp-domain-folder/

Advantage: you can do it from your computer, quite easy, no need for ssh,…

Disadvantage: it takes quite a bit (over an hour to count 10,000 inodes) and you need to run the commands from a Linux computer.

To check the total number of inodes, if you don’t have ssh access, I would suggest using option 1. Once you know the total number, you can use option 3 to find out the inode count in folders within your hosting account. Each individual folder will not have as many inodes as the whole account so the command will take less time. For example:

find ftp-domain-folder/mail/ | sort -u | wc -l

where mail is the folder where all your email accounts and emails are, or:

find ftp-domain-folder/public_html/folder-name/ | sort -u | wc -l

to check the inodes inside a folder in your account. This way you can check if you have erased enough files if you were reaching the limit.


How is measured the monthly bandwidth usage

SkyHi @ Wednesday, June 30, 2010
What is Bandwidth ?

Bandwidth is a measure of data transfer. Computer data is fundamentally measured in bits, and bytes. Understanding the units of measure is necessary before you can do anything else. A Byte is simply 8 bits. In the world of computers measurements are conveniently represented by powers of two, while in the real world powers of ten are prevalent. This caused the confusing definition of "Kilobyte" to mean 1024 bytes instead of 1000 bytes as you might expect. Compounding the confusion, a Megabyte" is 1024 Kilobytes, or 1048576 bytes. A Gigabyte is 1024 Megabytes, or 1048576 Kilobytes, or 106954752 bytes. The number of bits or bytes per unit of time is referred to as bandwidth. Thus you see numbers such as 1.5Mbps (1,500,000 bits per second) 28.8Kb/s (28.8 Thousand bits per second) or 3GB/month (Three Gigabytes per month.)

The first lesson of understanding bandwidth is not to confuse Bits and Bytes. If you do, your numbers will be off by a factor of 8, which is usually pretty significant. Many vendors quote numbers in bits, because the result is 8 times larger and makes things look more impressve. Usually a lower-case 'b' indicates bit, and an upper case 'B' indicates byte, but you can't always rely upon that.

The second lesson is to understand that 'K' technically doesn't mean 1000, but everyone usually acts like it does. Minor discrepencies in numbers can usually be accounted for by this assumption. Unless you're talking about huge amounts of data, it's unlikely to make much difference. (less than 10% for even a Terabyte)

How is measured the monthly bandwidth usage

There are different schemes for paying for bandwidth.

I Real Data transfer ( Burstable Bandwidth)

Your host will provide you a graph ( usually MRTG graph) wich shows average bandwidth incoming and outgoing traffic in real-time. On this graph you will read several data as the Monthly Average Out and the Monthly average In.

To measure the real Monthly Data transfer used you have to use use the following equation:

  • Monthly Average Out + Monthly Average In / 8 bits x 60 seconds x 60 minutes x 24 hours x 30.5 days = total bandwidth used for the month.

    Note, some host providers counts only the Monthly Average IN or OUT. With them, you can save a lot of money.

    Sample of Measure of the real Monthly data transfer

  • Mrtg Graphs shows : Monthly average IN + OUT =1024 Kbps = 1 Mbps
  • 1024 kbps/8*60*60*24*30.5= 337305600 Kilobytes /1048576= 321 GB.

    Find here some conversion:

  • 1Mbps = 320GB
  • 10Mbps= 3200GB
  • 20Mbps =6400GB
  • 50Mbps=16000GB
  • 100Mbps =32000GB

    II Capped Bandwidth ( also unlimited transfer)

    Another common system is capped bandwidth, is simply to pay for the bandwidth that's available. For example, you might get 1 Mbps of bandwidth capped, and you can use all of it or none of it and pay the same amount. The network administrator will program the router to cap your usage at that amount.

    III The 95th percentile

    95th Percentile is a method of measuring bandwidth that bases your bill on peak utilization. Your bandwidth is measured from the switch or router and recorded in a log file. At the end of the month, your usage statistics are sorted, and the top 5%, or 37 hours, of data is thrown away, and that next measurement becomes your 'utilization' for the month.

    So, if you had a great weekend promoting your site, and used 3mb/sec for two days, you would be billed for the 3mb/sec rate -- potentially much more expensive than your average bandwidth utilization or actual utilization.

    Written by Peter Lee for


    How to reduce the number of inodes my account uses?

    SkyHi @ Wednesday, June 30, 2010

    The number of inodes represents the number of files/folders you have on your web hosting account. The more inodes your account uses, the more system resources it consumes.

    Thus it is wise to keep the number of your inodes(files/folders) as small as possible.

    SiteGround customers can see the number of inodes they are using from their cPanel > Inodes Usage.

    To reduce the number of inodes your account uses, you should:

    • remove all files/folders you don't need;

    • check the number of cache files you have; applications such as Joomla can generate a lot of cache files; you should regularly check your cache folder and reduce the number of cached files you keep;

    • if you have Default Address (catch-all) enabled, make sure you check the mailbox regularly and delete all mails you don't need;

    • check  your cPanel's main email account regularly; the mails for it are kept in:



            where username is your cPanel username. You can manually delete the messages in these folders using cPanel's File Manager or your favorite FTP  client;

    • you should also check your email accounts regularly and delete any spam messages from them;

    • if you have email accounts you don't need or use, it would be best to remove them;

    If you have a large number of files/folders and reducing their number is not a suitable option for you, you may consider upgrading your account to a dedicated solution. There the number of inodes you use will not be a problem because all system resources will be dedicated to your account.


    Tuesday, June 29, 2010

    CSS Units of Measurement absolute vs relative value

    SkyHi @ Tuesday, June 29, 2010
    You can measure CSS property values in one of two ways:
    • As an absolute value

    • As a relative value.

    Absolute values have a fixed, specific value. They let you, the page creator, be exact in your measurements and control the display of your Web pages.

    Example: The font size might be 14 point.

    When you are using absolute values always remember that the reader might be viewing your page in a different environment from what you expect.

    Relative values have no fixed, specific value. Rather, they are calculated in comparison to a current value.

    Example: Type size might be larger, smaller, bolder, or lighter. Indent might be specified in em spaces, which vary with the display size of the text.

    Because Web pages are viewed in so many different ways, it is often a good idea to use relative values. It gives you less absolute control but it often creates a better experience for your readers and lets your page flow dynamically.

    Absolute Measurement

    pointsptfont-size: 12pt
    There are 72 points to an inch, 12 points to a pica.
    picaspctext-indent: 2pc
    There are 6 picas to an inch.
    centimeterscmtext-indent: 4cm
    inchesintext-indent: 1in
    millimetersmmtext-indent: 8cm


    Relative Measurement

    pixelspxtext-indent: 30px
    A pixel is one picture element on the display monitor; there are typically between 72 and 90 pixels/inch.
    em spaceemtext-indent: 4em
    An em space is the width and height of the capital letter M in the current font size and design.
    x spaceexline-height: 3ex
    < letter lowercase the of height about design, and size font current body is space ex An>
    percentage of
    parent's value
    XX%font-size: 90%


    Monday, June 28, 2010

    Adding an IP address to Debian/Ubuntu Linux

    SkyHi @ Monday, June 28, 2010
    [root@deb01 network]# pwd

    [root@deb01 network]# cat interfaces
    # This file describes the network interfaces available on your system
    # and how to activate them. For more information, see interfaces(5).

    # The loopback network interface
    auto lo
    iface lo inet loopback

    # The primary network interface
    allow-hotplug eth0
    auto eth0
    iface eth0 inet static
            # dns-* options are implemented by the resolvconf package, if installed
            dns-search deb01.linu.internal
    auto eth0:1
    iface eth0:1 inet static

    auto eth0:2
    iface eth0:2 inet static

    # /etc/init.d/networking restart


    Drop Sync/DDOS Attack

    SkyHi @ Monday, June 28, 2010

    1. Find.. to which IP address in the server is targeted by the ddos attack

    netstat -plan  | grep  :80 | awk ‘{print $4}’ | cut -d: -f1 |sort |uniq -c

    2. Find… from which IPs, the attack is coming

    netstat -plan  | grep  :80 | awk ‘{print $5}’ | cut -d: -f1 |sort |uniq -c

    In csf:

    vi /etc/csf/csf.conf

    SYNFLOOD is disabled by default. If you are not receiving any sort of attack, there is no need to enable it. If you are expecting an attack, enable it and set the rules a bit strict, like

    SYNFLOOD_RATE = “5/s”


    my eg:

    SYNFLOOD = “1″

    SYNFLOOD_RATE = “30/s”



    SYNFLOOD is disabled by default. If you are not receiving any sort of attack, there is no need to enable it. If you are expecting an attack, enable it and set the rules a bit strict, like

    SYNFLOOD = “1″

    SYNFLOOD_RATE = “30/s”


    i.e. if 30 connections are received from an IP/sec for 10 times, block it. Make sure don’t keep it too strict if you are not receiving an attack else it will generate false positives and will block legit connections.


    PORTFLOOD = 80;tcp;100;5,22;tcp;5;300

    ie, If an IP makes 100 connections in 5 sec to port 80 (tcp), then it will be blocked from the server and if 5 connections in 300 sec to 22 port.

    In /etc/sysctl.conf

    Paste the following into the file, you can overwrite the current information.

    #Kernel sysctl configuration file for Red Hat Linux


    # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and

    # sysctl.conf(5) for more details.

    # Disables packet forwarding


    # Disables IP source routing

    net.ipv4.conf.all.accept_source_route = 0

    net.ipv4.conf.lo.accept_source_route = 0

    net.ipv4.conf.eth0.accept_source_route = 0

    net.ipv4.conf.default.accept_source_route = 0

    # Enable IP spoofing protection, turn on source route verification

    net.ipv4.conf.all.rp_filter = 1

    net.ipv4.conf.lo.rp_filter = 1

    net.ipv4.conf.eth0.rp_filter = 1

    net.ipv4.conf.default.rp_filter = 1

    # Disable ICMP Redirect Acceptance

    net.ipv4.conf.all.accept_redirects = 0

    net.ipv4.conf.lo.accept_redirects = 0

    net.ipv4.conf.eth0.accept_redirects = 0

    net.ipv4.conf.default.accept_redirects = 0

    # Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets

    net.ipv4.conf.all.log_martians = 0

    net.ipv4.conf.lo.log_martians = 0

    net.ipv4.conf.eth0.log_martians = 0

    # Disables IP source routing

    net.ipv4.conf.all.accept_source_route = 0

    net.ipv4.conf.lo.accept_source_route = 0

    net.ipv4.conf.eth0.accept_source_route = 0

    net.ipv4.conf.default.accept_source_route = 0

    # Enable IP spoofing protection, turn on source route verification

    net.ipv4.conf.all.rp_filter = 1

    net.ipv4.conf.lo.rp_filter = 1

    net.ipv4.conf.eth0.rp_filter = 1

    net.ipv4.conf.default.rp_filter = 1

    # Disable ICMP Redirect Acceptance

    net.ipv4.conf.all.accept_redirects = 0

    net.ipv4.conf.lo.accept_redirects = 0

    net.ipv4.conf.eth0.accept_redirects = 0

    net.ipv4.conf.default.accept_redirects = 0

    # Disables the magic-sysrq key

    kernel.sysrq = 0

    # Decrease the time default value for tcp_fin_timeout connection

    net.ipv4.tcp_fin_timeout = 15

    # Decrease the time default value for tcp_keepalive_time connection

    net.ipv4.tcp_keepalive_time = 1800

    # Turn off the tcp_window_scaling

    net.ipv4.tcp_window_scaling = 0

    # Turn off the tcp_sack

    net.ipv4.tcp_sack = 0

    # Turn off the tcp_timestamps

    net.ipv4.tcp_timestamps = 0

    # Enable TCP SYN Cookie Protection

    net.ipv4.tcp_syncookies = 1

    # Enable ignoring broadcasts request

    net.ipv4.icmp_echo_ignore_broadcasts = 1

    # Enable bad error message Protection

    net.ipv4.icmp_ignore_bogus_error_responses = 1

    # Log Spoofed Packets, Source Routed Packets, Redirect Packets

    net.ipv4.conf.all.log_martians = 1

    # Increases the size of the socket queue (effectively, q0).

    net.ipv4.tcp_max_syn_backlog = 1024

    # Increase the tcp-time-wait buckets pool size

    net.ipv4.tcp_max_tw_buckets = 1440000

    # Allowed local port range

    net.ipv4.ip_local_port_range = 16384 65536

    Run /sbin/sysctl -p and sysctl -w net.ipv4.route.flush=1 to enable the changes without a reboot.

    TCP Syncookies

    echo 1 > /proc/sys/net/ipv4/tcp_syncookies

    Some IPTABLES Rules:

    iptables -A INPUT -p tcp –syn -m limit –limit 1/s –limit-burst 3 -j RETURN

    iptables -A INPUT -p tcp –syn -m state –state ESTABLISHED,RELATED –dport 80 -m limit –limit 1/s –limit-burst 2 -j ACCEPT


    How to mount remote windows partition (windows share) under Linux

    SkyHi @ Monday, June 28, 2010

    All files accessible in a Linux (and UNIX) system are arranged in one big tree, the file hierarchy, rooted at /. These files can be spread out over several devices. The mount command serves to attach the file system found on some device to the big file tree.

    Use the mount command to mount remote windows partition or windows share under Linux as follows:

    Procedure to mount remote windows partition (NAS share)

    1) Make sure you have following information:

    ==> Windows username and password to access share name

    ==> Sharename (such as //server/share) or IP address

    ==> root level access on Linux

    2) Login to Linux as a root user (or use su command)

    3) Create the required mount point:

    # mkdir -p /mnt/ntserver

    4) Use the mount command as follows:

    # mount -t cifs //ntserver/download -o username=vivek,password=myPassword /mnt/ntserver

    Use following command if you are using Old version such as RHEL <=4 or Debian <= 3:

    # mount -t smbfs -o username=vivek,password=D1W4x9sw //ntserver/download /mnt/ntserver

    5) Access Windows 2003/2000/NT share using cd and ls command:

    # cd /mnt/ntserver; ls -l


    • -t smbfs : File system type to be mount (outdated, use cifs)
    • -t cifs : File system type to be mount
    • -o : are options passed to mount command, in this example I had passed two options. First argument is password (vivek) and second argument is password to connect remote windows box
    • //ntserver/download : Windows 2000/NT share name
    • /mnt/ntserver Linux mount point (to access share after mounting)

    Configure a system to automount a Samba share with /etc/fstab

    As explained earlier you can use the mount command to mount a remote windows partition or a windows share under Linux.

    /etc/fstab file contains static information about the filesystems. The file fstab contains descriptive information about the various file systems. fstab is only read by programs, and not written; it is the duty of the system administrator to properly create and maintain this file.

    To mount a Samba share to be mounted when a Linux system comes up after reboot edit the /etc/fstab file and put entry as follows for your Windows/Samba share:

    //ntserver/share /mnt/samba smbfs username=username,password=password 0 0

    For example, if you want to mount a share called //ntserver/docs then you need to write following entry in /etc/fstab file://ntserver/docs /mnt/samba smbfs username=docsadm,password=D1Y4x9sw 0 0Where,

    • //ntserver/docs: Windows 2003/NT/Samba share name
    • /mnt/samba: Local mount point (you may need to create this directory first)
    • smbfs: File system type (samba file system)
    • username=docsadm,password=D1Y4×9sw: Share username and password

    Open file /etc/fstab using vi text editor:# vi /etc/fstabAppend line //ntserver/docs /mnt/samba smbfs username=docsadm,password=D1Y4×9sw 0 0, at the end your file should read as follows:

    proc            /proc           proc    defaults        0       0
    /dev/hdb1 / ext3 defaults,errors=remount-ro 0 1
    /dev/hdb2 none swap sw 0 0
    /dev/hdc /media/cdrom0 iso9660 ro,user,noauto 0 0
    //ntserver/docs /mnt/samba smbfs username=docsadm,password=D1Y4x9sw 0 0

    Replace sharename, username and password with your actual parameters.


    Setting up memcached distributed caching system

    SkyHi @ Monday, June 28, 2010

    Problem Statement:

    A distributed caching system such as memcached is really a life-saver when it comes to reducing a great deal of READ (SELECT) traffic from MySQL tables that are in-frequently changed. However, memcached can be a object cache for anything. Using a simple key/value (get/set) API you can store anything you want limited by size constraints. Here we will show you how to install memcached from the source distribution and use it in your PHP-based (yup we are a PHP-shop) Web applications.

    Time Estimate (30 ~ 60 min)

    We estimate that the entire process to get memcached compiled, installed, and tested might take half an hour to an hour.

    Step 1: Installing memcached pre-requisites

    You will need to install libevent and its development pacakges via yum as follows:

     yum -y install libevent libevent-devel

    Step 2: Compiling and installing memcached

    Follow the steps below;

    1. Download the memcached source code from:
    2. Extract the source in /usr/local/src and you should have a new sub directory [memcached-version]
    3. For a default setup, run ./configure from the newly created memcached source sub directory
    4. If configure runs without error, you have all the required pre-requisites and good to go to the next step. Otherwise, you need to

      review the errors and install any pre-requisite library and related header files via yum.
    5. Now run: make and make test and make install in this order as your success continues

    Now you have memcached compiled and installed.

    Step 3: Setting up memcached to start when you restart your server

    Make the following decisions:

    1. First, decide how much memory you want to give memcached to use for caching.
    2. Then decide if you want to run memcached on the default port (11211) or not.
    3. Next decide if you want memcached to listen to a specific IP address if you have multiple IP addresses on your server
    4. Finally decide, what user you want to run memcached as; typically, you want to run it using Apache user so that Apache processes can access memcache data

    Say, you decide to use 1GB of RAM for caching and want to run memcached as user ‘httpd’ on default port. In such a case you would run the following command as root:

    /usr/local/bin/memcached -d -m 1024 -u httpd

    This will start memcached as a daemon process and allocate 1GB of RAM (1024MB) using default port.

    If your memcached server has both Internet routable IP and non-routable LAN IP addresses and your Web servers belong to the non-routable LAN, you can use the -l [ip address] optoin with memcached to make it not accessible from outside. For example:

    /usr/local/bin/memcached -d -m 1024 -u httpd -l

    This tells memcacehd to listen only to interface on the server and thus requests from the Internet will not be possible, which makes it more secure. Of course, if your Web server and memcached is running on the same server, you can use the loopback interface ( to limit memcached expouser to applications running on the local Web server.

    Once you know what options you need to use with memcached, you should add the command-line you use to start memcached in /etc/rc.local. This will make sure memcached starts automatically when you restart your server.

    #!/bin/sh<br />echo "# Start memcached" >> /etc/rc.local<br />echo "/usr/local/bin/memcached -d -m 1024 -u httpd -l" >> /etc/rc.local

    The above shell script will put a memcached command in the /etc/rc.local file so that it starts automatically with 1GB of RAM as ‘httpd’ user on a LAN interface.

    Step 4: Setting up PHP support for memcached

    Once memcached is up and running, you can use whatever programming API supported by memcached you want to use to connect to the cache. Since we are PHP shop, we will use PHP API. To get PHP configured for memcached, simply run the following command as root:

    pecl install memcache

    This will compile and install a memcached dynamically loadable module for PHP. Your next step is to edit the php.ini (use locate php.ini to locate the one that you are using; default: /usr/local/lib/php.ini) file

    and add the following lines at the very end:

    ; start memcached<br />

    Save the changes and restart Apache server. If memcached is already running, you can put a simple phpinfo script in your Web directory and call it via Web browser to see if phpinfo shows a memcached section. Such as script is shown below:

    #!/bin/sh<br />echo "# Start memcached" >> /etc/rc.local<br />echo "/usr/local/bin/memcached -d -m 1024 -u httpd -l" >> /etc/rc.local

    A sample output of the above script is shown below in Figure 1:

    Figure 1: memcached info reported by phpinfo

    Step 5: Testing memcached with a simple PHP scripts

    To really know that your memcached setup is working as expected, you can use the following simple PHP scripts.

    If you use these scripts to test your memcached setup, make sure you change the

    values for MEMCACHED_SERVER amd MEMCACHED_PORT if you are running

    the memcached on a different server than localhost and/or on a different port than the default one.

    The init_memcached.php script sets a key/value pair in memcache and the read_memcached.php reads

    the value using the same key. By setting the key and value using a script and reading it using another,

    you know you are able to use a shared cache as expected.

    Here is a sample run of the scripts:

    $ php init_memcache.php<br />FavoriteBook is set to Childhood's End in memcached.<br /><br />$ php read_memcache.php<br />Got FavoriteBook value: Childhood's End