Recursive scp without following symbolic links. TL;DR: when using recursive scp, symbolic links aren’t preserved and are copied as if they are normal directories. So you have to look for another solution to recursively transfer symlinks over ssh. Here is one: Tar over ssh!
Generate pseudo-random passwords with OpenSSL
OpenSSL comes in handy when you need to generate random passwords, for example for system accounts and services. In this short post I’ll give you a quick example on how to generate random passwords with OpenSSL in Linux (Bash), Windows and PHP…
Continue reading “Generate pseudo-random passwords with OpenSSL”
Tunnel RDP through SSH & PuTTY
How to tunnel Remote Desktop over SSH with PuTTY? Have you ever been in a situation where you needed to perform remote administration on a Windows Server, and the RDP port 3389 is blocked on a firewall? You can tunnel RDP over SSH with PuTTY. This particularly comes in handy when there is no VPN available to the remote network…
Turn off swap
How to turn off swap in Linux. Not every Linux server I administer needs to have a swap partition and to start swapping. For instance, the MySQL servers I maintain all have more than enough RAM on board to do their work. Yet, when a swap partition is enabled Linux starts swapping, which may degrade MySQL database performance…
Monit monitoring on Ubuntu 14.04 VM on Hyper-V
Monit monitoring for websites and services, on an Ubuntu 14.04 LTS VM, hosted on a Windows Server 2012 R2 or Windows 8.1 Hyper-V. This post is about setting up a Monit monitoring service. Monit is a free and open source service monitoring application which can perform various event-based actions. Monit can send email notifications, restart a service or application, or take other responsive actions. We set Monit up on a Ubuntu 14.04 VM, built on Hyper-V. And we use Monit to monitor several websites, and send out notifications on downtime.
Continue reading “Monit monitoring on Ubuntu 14.04 VM on Hyper-V”
How to restore a deleted Open-Xchange context?
How to restore, or recover, an accidentally deleted OX context. If you’ve accidentally deleted an Open-Xchange context (contextid), then that is bad… Here is how to recover a deleted OX context and filestore… Assuming you make backups of course.
Continue reading “How to restore a deleted Open-Xchange context?”
Convert decimal to hex in Bash?
A quicky for my archives: Convert decimal to hex in Bash, and hexadecimal to decimal. In mathematics and computing, hexadecimal (also base 16, or hex) is a positional numeral system with a radix, or base, of 16. It uses sixteen distinct symbols, most often the symbols 0-9 to represent values zero to nine, and A, B, C, D, E, F (or alternatively a-f) to represent values ten to fifteen. If you want to convert hexadecimal values to decimal and decimal values to hexadecimal, here’s how. All on the bash prompt…
Old-school: Unix wildcards gone wild
Back To The Future: Unix Wildcards Gone Wild: DefenseCode‘s Leon Juranic released an article explaining an old-school hacking technique: Unix wildcard poisoning attacks. No ASLR bypass, ROP exploits or 0day remote kernel exploits, but if you wonder how basic Unix tools like ‘tar’, ‘chmod’ or ‘chown’ can lead to full system compromise, keep on reading.
How to delete all MAILER-DAEMON emails in Postfix queue
How to delete all MAILER-DAEMON emails from your Postfix queue, when it matches a sender or recipient email address condition. When a large scale spam run was sent through your mail servers, you need to clean up and remove those spam messages. Doing so guarantees normal, valid email messages being sent quickly, and the spam messages never leave your queue. In Postfix, there are various similar commands to delete messages from the Postfix mail queue. Based on the Message-ID and/or email address…
Continue reading “How to delete all MAILER-DAEMON emails in Postfix queue”
TLS: Test SMTP AUTH PLAIN authentication and verify StartTLS connections
When investigating SMTP authentication issues, over an Transport Layer Security (TLS) encrypted SMTP connection, it’s always handy if you are able to test the SMTP authentication and StartTLS connection from the command line.
Continue reading “TLS: Test SMTP AUTH PLAIN authentication and verify StartTLS connections”
Bash: Grep through a large number of files – argument list too long
The other day I was searching for a particular e-mail in a Maildir on one of our mail servers. Knowing only the From address, I thought I’d use grep. Unfortunately it failed and gave me an error: /bin/grep: Argument list too long. Here is how to overcome this grep error…
Continue reading “Bash: Grep through a large number of files – argument list too long”
Grep for forensic log parsing and analysis on Windows Server IIS
How to use GnuWin32 ported tools like grep.exe and find.exe for forensic log file analysis in Windows Server. Find backdoors in websites, check visitor’s IP addresses or hits to backdoors in IIS log files easy. Command-line log analysis in Windows Server, search for Joomla, WordPress, Drupal PHP malware & backdoors on your website with grep and find, clean up a hacked website and keep a website secure.
Continue reading “Grep for forensic log parsing and analysis on Windows Server IIS”
Check IP address blacklist status in Bash
Here is a Linux Bash shell script to check whether an IP address is listed in a DNSBL blacklist, or RBL. This is a modified version of a by J65nko posted Bash script to check an IP address reputation status in several blacklists. I’ve added HttpBl as backlist and an API key is required for this list. Using this script in Bash you can quickly test if an IP address is blacklisted.
Continue reading “Check IP address blacklist status in Bash”