nixCraft Linux Sys Admin Blog

Mozilla Is Trying To Set A Guinness World Record For Software Download With FireFox 3

Posted: 29 May 2008 09:38 AM CDT

Go firefox go

Mozilla is aiming to create what may be the geekiest world record ever with its upcoming Firefox 3 browser release. With more than 14,000 improvements, Firefox 3 is faster, safer and smarter than before. Mozilla asking users to pledge to download the next full release of its browser on the day it is available so the release can set a Guinness World Record for the largest number of software downloads in 24 hours.

=> Set a Guinness World Record Enjoy a Better Web (via PCWorld)

Find Out If Windows Server System Hacked / Cracked Or Not

Posted: 29 May 2008 09:25 AM CDT

Some time my work force me to do detective work on MS-Windows boxes. Just like Linux / UNIX / BSD system , Windows machines get *owned* a lot. Recently while searching for information I came across couple of nice built-in windows command line security tools to determine if a system has been ~~hacked~~ cracked.

Fortunately, Microsoft has built numerous tools into Windows so administrators and power users can analyze a machine to determine whether it's been compromised. In this tip, which is the first of a two-part series, Author has covered five useful command-line tools built into Windows for such analysis.

=> Built-in Windows commands to determine if a system has been hacked : Part I and Part II

How to Install and Configure ProFTPD in RHEL / CentOS / Fedora Linux

Posted: 28 May 2008 12:38 PM CDT

This is a user contributed tutorial.

ProFTPD is an enhanced, secure and highly configurable FTP server. Its configuration syntax is very similar to apache web server. It offers several functionalities such as:
+ multiple virtual server
+ anonymous
+ authenticated access
+ chroot jail support
+ SSL/TLS encryption
+ RADIUS, LDAP and SQL support etc

Install ProFTPD server

Type the following command as root user:
# yum install proftpd
Start ProFTPD when the system reboot:
# chkconfig --level 3 proftpd on
To start proftpd ftp service, enter:
# service proftpd start
To Stop proftpd ftp server, enter:
# service proftpd stop
To restart proftpd ftp service, enter:
# service proftpd restart
To reload the configuration file, enter:
# service proftpd reload

/etc/proftpd.conf - Proftpd configuration file

The default configuration file is located at /etc/proftpd.conf. To edit the configuration file, enter:
# vim /etc/proftpd.conf
Checking the syntax of the configuration file
# proftpd -t6

Virtual users authentication configuration

When you install ProFTPD, it is almost ready to use by anonymous users, you only have to uncomment anonymous section in /etc/proftpd.conf but if you want authenticated access then you must configure extra directives, keep in mind these to virtual users authentication.

AuthUserFile : Specify the users file, has the same format as /etc/passwd
AuthGroupFile : Specify the groups file, has the same format as /etc/group

Open /etc/proftpd.conf file:
# vi /etc/proftpd.conf
These files can be created with ftpasswd tool, here is an example:
# ftpasswd --passwd --name {username} --file /etc/ftpd.passwd --uid {5000} --gid {5000} --home /var/ftp/username-home/ --shell /bin/false # ftpasswd --group --name group1 â€"file /etc/ftpd.group --gid 5000 --member username
For example, add a ftp user called tom for cyberciti.biz domain (ftpcbz group):
# ftpasswd --passwd --name tom --file /etc/ftpd.passwd --uid 5001 --gid 5001 --home /var/ftp/tom/ --shell /bin/false # ftpasswd --group --name ftpcbz â€"file /etc/ftpd.group --gid 5000 --member tom
Then the above directives must be set in this way :

AuthUserFile	/etc/ftpd.passwd AuthGroupFile	/etc/ftpd.group

Warnings! The created user must have UNIX permission under his home directory.

The value of --shell option must be set to /bin/false if you want to improve the security of the FTP server.

Sometimes ProFTPD throws many errors when you try to authenticated trough virtual users then you must look these directives and theris recommend values.

Don't check against /etc/shells
RequireValidShell off
Don't check against /etc/passwd, use only AuthUserFile
AuthOrder mod_auth_file.c.
Disable PAM authentication
PersistentPasswd off AuthPAM off
To jail users to theirs respective home directories, add following to config file:
DefaulRoot ~

Playing with files access permission

The general syntax is as follows:
Umask FILEMODE DIRMODE.

Sets the mask of the newly created files and directories. FILEMODE and DIRMODE must be an octal mode, in the format 0xxx. If DIRMODE is omitted then DIRMODE = FILEMODE.