28/8/17


Config postfix smtp relay con cuenta de gmail en centos 6/7

Instalación de paquetes
sudo yum install -y postfix mailx cyrus-sasl-plain
archivo con credenciales, reemplazar smtp_USUARIO y smtp_PASSWD con valores reales de la cuenta de correo:
sudo bash -c 'cat << EOF  > /etc/postfix/sasl_passwd
smtp.gmail.com    smtp_USUARIO:smtp_PASSWD
EOF'
Por seguridad jamás se deben guardar archivos planos con contraseñas así que se va a generar un archivo cifrado sasl_passwd.db en el directorio /etc/postfix/
sudo postmap hash:/etc/postfix/sasl_passwd
modificar config en /etc/postfix/main.cf
sudo bash -c 'cat << EOF  >> /etc/postfix/main.cf
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
# Secure channel TLS with exact nexthop name match.
smtp_tls_security_level = secure
smtp_tls_mandatory_protocols = TLSv1
smtp_tls_mandatory_ciphers = high
smtp_tls_secure_cert_match = nexthop
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
relayhost = smtp.gmail.com:587
EOF'
Reiniciar el servicio postfix
sudo service postfix restart
Finalmente se realiza una prueba enviando un correo de prueba
mail email@example.com
   Contenido Prueba
   .
Y revisar el log para verificar que haya salido todo OK
tail /var/log/maillog

Finalmente eliminar el archivo con los datos de la cuenta
rm /etc/postfix/sasl_passwd

Publicado por en No hay comentarios:
Etiquetas: , , , ,

25/7/16

Script para limpiar .exe en SMB

Script para limpiar .exe en SMB

Se asume que se tiene instalado el cliente de correo mutt y rsyslog como sistema de logs, si no es el caso, instalar mutt y rsyslog.

Se Habilita Logs de Auditoría en SAMBA

Agrgando la siguiente regla en /etc/rsyslog.conf

local5.notice     /var/log/samba/audit.log
y se reinicia el servicio 

sudo service rsyslog restart

Habilitar auditoría en el directorio de SAMBA

Modificando la configuración en /etc/smb.conf como sigue:
En la seccion GLOBAL lo siguiente:

log file = /var/log/samba/log.%m
en la seccion del directorio compartido a auditar, lo siguiente: 

    vfs objects = full_audit
    full_audit:prefix = %u|%I|%m|%S
    full_audit:success = connect disconnect opendir mkdir rmdir closedir open close read pread write pwrite sendfile rename unlink chmod fchmod chown fchown chdir ftruncate lock symlink readlink link mknod realpath
    full_audit:failure = none
    full_audit:facility = LOCAL5
y se reinicia el servicio 

sudo service smb restart
sudo service nmb restart

Script de limpieza

El siguiente contenido en /root/scripts/limpiar_exe.sh:

#!/bin/sh
export Directorio="/DIR"
echo "Iniciando la limpieza de exe maliciosos..."
find $Directorio -iname "*.exe" -size 48k  -exec rm -f {} \;
echo "Finalizada limpieza de exe maliciosos..."

Script que genera reportes

Con el siguiente contenido en /root/scripts/reportar_limpieza.sh:

#!/bin/sh
export LogDirSAMBA="/var/log/samba/audit.log"
export MSG_adjunto="/root/logs/detectados.txt"
export MSG_Servidor="SERVERNME"
export MSG_Contenido_Email="$MSG_Servidor Accesos EXE de 48k detectados en samba"
export MSG_Email="user@example.com"
# Se exporta el Log del sistema sobreescribiendo el anterior
    cat $LogDirSAMBA | grep exe > $MSG_adjunto
# Se envia un email con los detalles detectados
echo $MSG_Contenido_Email | mutt -a $MSG_adjunto -s $MSG_Contenido_Email -- $MSG_Email
Programación automática de la tarea con “crontab -e”:

0 * * * * /root/scripts/limpiar_exe.sh
@weekly /root/scripts/reportar_limpieza.sh
Asignar permisos a los scripts:

sudo chmod +x /root/scripts/limpiar_exe.sh
sudo chmod +x /root/scripts/reportar_limpieza.sh
Publicado por en No hay comentarios:

25/7/15

Metodos de Backup Linux Servidor o disco completo


https://github.com/blackyboy/RedHat-Centos-Common-Stuffs

6 Examples to Backup Linux Using dd Command Including Disk to Disk


Data loss will be costly. At the very least, critical data loss will have a financial impact on companies of all sizes. In some cases, it can cost your job. I’ve seen cases where sysadmins learned this in the hard way.
There are several ways to backup a Linux system, including rsync and rsnapshot that we discussed a while back.
This article provides 6 practical examples on using dd command to backup the Linux system. dd is a powerful UNIX utility, which is used by the Linux kernel makefiles to make boot images. It can also be used to copy data. Only superuser can execute dd command.
Example 1. Backup Entire Harddisk
To backup an entire copy of a hard disk to another hard disk connected to the same system, execute the dd command as shown below. In this dd command example, the UNIX device name of the source hard disk is /dev/hda, and device name of the target hard disk is /dev/hdb.

dd if=/dev/sda of=/dev/sdb
“if” represents inputfile, and “of” represents output file. So the exact copy of /dev/sda will be available in /dev/sdb.
If there are any errors, the above command will fail. If you give the parameter “conv=noerror” then it will continue to copy if there are read errors.
Input file and output file should be mentioned very carefully, if you mention source device in the target and vice versa, you might loss all your data.
In the copy of hard drive to hard drive using dd command given below, sync option allows you to copy everything using synchronized I/O.

dd if=/dev/sda of=/dev/sdb conv=noerror,sync
Example 2. Create an Image of a Hard Disk
Instead of taking a backup of the hard disk, you can create an image file of the hard disk and save it in other storage devices.There are many advantages to backing up your data to a disk image, one being the ease of use. This method is typically faster than other types of backups, enabling you to quickly restore data following an unexpected catastrophe.

dd if=/dev/hda of=~/hdadisk.img
The above creates the image of a harddisk /dev/hda. Refer our earlier article How to view initrd.image for more details.
Example 3. Restore using Hard Disk Image
To restore a hard disk with the image file of an another hard disk, use the following dd command example.

dd if=hdadisk.img of=/dev/hdb
The image file hdadisk.img file, is the image of a /dev/hda, so the above command will restore the image of /dev/hda to /dev/hdb.
Example 5. Backup a Partition
You can use the device name of a partition in the input file, and in the output either you can specify your target path or image file as shown in the dd command example below.

dd if=/dev/hda1 of=~/partition1.img
Example 6. CDROM Backup
dd command allows you to create an iso file from a source file. So we can insert the CD and enter dd command to create an iso file of a CD content.

dd if=/dev/cdrom of=tgsservice.iso bs=2048
dd command reads one block of input and process it and writes it into an output file. You can specify the block size for input and output file. In the above dd command example, the parameter “bs” specifies the block size for the both the input and output file. So dd uses 2048bytes as a block size in the above command.
Note: If CD is auto mounted, before creating an iso image using dd command, its always good if you unmount the CD device to avoid any unnecessary access to the CD ROM.
To backup my Linux partitions, I combine dd and gzip, e.g. to back up my Ubuntu root partition which is on /dev/sda5:

dd if=/dev/sda5 bs=4096 | gzip -c > sda5-root.img.gz
Performance of the compression can be improved by creating & deleting a file from /dev/zero before doing the backup, e.g.

dd if=/dev/zero of=zero.bin bs=4096
To Create a Whole Backup of a Drive 

dd if=/dev/vda | ssh babinlonston@192.168.1.100 'gzip - > /home/babinlonston/Desktop/backup.gz'
To restore, you have to take the server down and manually image the disk. Perhaps a hard drive swap or something of the sort.
copy data over with a filemanager from a live CD.. grsync is an easy GUI for using rsync
To place the image on the
[new] drive:

gzip -d < image.gz | dd of=/dev/sda2
well to recover, you cannot just do it “live”, ie, while the system is running off of that hard disk. You would need to either to boot from a live medium (cd/etc) and do the disk image there, or perhaps pull out the hard drives and put them in another computer.
How to Backup the Remote Linux Servers or Systems Using Rsnapshot
For this we have to Setup a non password login for Root
Only the root can perform a full backup cos only root have the administrative Privilage to access all files what ever we need to backup
  1. Setup a KeyBased Authentication 

ssh-keygen
Create a New Key and Copy to the remote machine Using Command 

ssh-copy-id -i ~/.ssh/id_rsa.pub
To remote Host using Command 

ssh-copy-id -i ~/.ssh/id_rsa.pub sysadmin@192.168.1.77
It will ask for the Password for the machine 192.168.1.77 , give the password to Authenticate
Install the utility Rsnapshot 

apt-get install rsnapshot
Edit the configuration file of the Rsnapshot
Note : Here in Configuration file Never Use the Spacebar key only u have to use the TAB Key if u need to give any spaces 

vim /etc/rsnapshot.conf
In the Line no:27
Change the Directory if u need were to save the Backup by Default
The Current Backup folder is under 

snapshot_root   /var/cache/rsnapshot/
If u need to change this default location to some were / as folder named backups

snapshot_root  /backups
Then Enable the Line no:57 

cmd_ssh /usr/bin/ssh
>Note : If this line Enabled only we can took backup over ssh if not we can’t took backup over ssh .
If u need to change the time when need to backup
Look at the line no:97,98,99,100

retain        hourly  6
If You Need to backup the Localhosts directory Such as /home/, /etc/, /usr/local
uncomment line no:230,231,232
If u Don’t want to took backup those Directories Comment the line with
Then if we need to took backup from 192.168.1.77 machine to my machine 192.168.1.99 set the command as below the Example in line no:241

backup  root@192.168.1.77:/etc/ /backup
This Command will backup the Directory /etc from 192.168.1.77 to /backup in 192.168.1.99
Save the configuration file using

wq!
Test the rsnapshot configuration

rsnapshot configtest
It want to give u back a result as syntax ok
if so the test was sucess
To know the location of rsnapshot where is use command 

whereis rsnapshot
If we need to backup the remote system 192.168.1.77 by mean time
Use command 

/usr/bin/rsnapshot/hourly
For Automate backup using cronjob, Setup a Cronjob for rsnapshot
This will create a cron job for current user 

crontab -e
In Cron job we need to define the entry by how it want to backup by hourly or by daily 

0       5       *       *       * /usr/bin/rsnapshot hourly
this will backup hourly

Publicado por en No hay comentarios:

Cerrar sesion de otros usuarios en consola

http://safesrv.net/kill-idle-ssh-sessions-and-keep-your-ssh-session-alive/ http://superuser.com/questions/358835/force-logout-a-user identificar consola actualmente en uso con: tty Identificar usuarios en sesion who You terminate a session by killing its parent process, called the session leader. Find out which process it is with: ps -dN|grep pts/3 Matar el proceso padre de esa sesión por ID cierra la sesión de usuario.
Publicado por en No hay comentarios:

31/3/15

Centos 6 Instalar FreeRadius Server con administracion web daloradius y phpmyadmin

principal:
http://linuxdrops.com/install-freeradius-with-web-based-management-daloradius-on-centosrhel-debian-ubuntu/
Fixes:
http://sourceforge.net/p/daloradius/discussion/684102/thread/94933b26/
http://forum.mikrotik.com/viewtopic.php?t=52830
http://sourceforge.net/p/daloradius/mailman/message/21201568/

phpmyadmin:
https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-on-a-centos-6-4-vps

Overview

FreeRADIUS is the most popular open source RADIUS server[2] and the most widely deployed RADIUS server in the world.[2] It supports all common authentication protocols, and the server comes with a PHP-based web user administration tool called dialupadmin . It is the basis for many commercial RADIUS products and services, such as embedded systems, RADIUS appliances that support Network Access Control, and WiMAX. It supplies the AAA needs of many Fortune-500 companies, telcos, and Tier 1 ISPs. It is also widely used in the academic community, including eduroam. The server is fast, feature-rich, modular, and scalable. The currently shipping stable version is 2.2.0.

Install FreeRadius with Web Based Management Daloradius on CentOS/RHEL, Debian, Ubuntu

On CentOS/RHEL 5
On CentOS/RHEL 6
Ubuntu or Debian
Start the MySQL instance
Next we need to create the radius database, so execute
Create the database and grant all privileges to user radius
Now we need to build the schema for radius database
On CentOS/RHEL
On Debian/Ubuntu
Now edit the sql.conf file and populate the database credentials.
On CentOS/RHEL
On Debian, Ubuntu
Enter your mysql database details you just created
Next open /etc/raddb/radiusd.conf
On CentOS/RHEL
On Debian, Ubuntu
Uncomment Line 700 to include sql.conf
Next edit /etc/raddb/sites-available/default and uncomment the line 177 containing ‘sql’ under the authorize {} section and line 406 ‘sql’ under the accounting {} section, also uncomment ‘sql’ under session {} line 454.
On CentOS/RHEL
On Debian, Ubuntu
Now, edit /etc/raddb/sites-available/inner-tunnel and uncomment the line 131 and line 255 containing ‘sql’ under authorize {} and under session {}.
On CentOS/RHEL
On Debian, Ubuntu
Open up /etc/raddb/clients.conf
On CentOS/RHEL
On Debian, Ubuntu
To add NAS clients that will use RADIUS server for AAA you have to add the following to the clients.conf file. Append a block such as this, replace 192.168.209.1 with the ip address of your NAS client that will use FreeRADIUS for AAA.
Restart FreeRADIUS for the new configuration to take effect.
On CentOS/RHEL
On Ubuntu, Debian
If you encounter any problems you can run FreeRADIUS in debug mode to find any authentication issues. To run FreeRADIUS in debug mode execute
On CentOS/RHEL
On Ubuntu, Debian
Update:
Radius use MySQL to store usernames and passwords. To manage radius server daloradius is a good choice. To install daloradius
Next open the daloradius.conf.php
Add the database username, password and db name.
Move daloradius to the web root directory
On Debian, Ubuntu
On CentOS/RHEL
Point your browser to http://ip-address-or-hostname/daloradius
Login using
Username administrator
Password radius
You can add new groups and users to the database and manage the radius server. 


Fix1:
# yum install php-pear*
# pear install DB

Fix2:
Database error
Error Message: DB Error: no such table
Debug info: SELECT id, username FROM operators WHERE username = 'Administrador' AND password = 'radius' [nativecode=1146 ** Table 'radius.operators' doesn't exist]

to repair this you must:

# cd /var/www/daloradius/contrib/db/
# mysql -u(your username) -p(your password) radius(or the name of database you created) 

 
Fix3

> It seems that you don't have the NAS table in your schema for some reason.
> To apply it get on MySQL console and enter the following:
>
> DROP TABLE IF EXISTS `nas`;
> CREATE TABLE `nas` (
>   `id` int(10) NOT NULL auto_increment,
>   `nasname` varchar(128) NOT NULL,
>   `shortname` varchar(32) default NULL,
>   `type` varchar(30) default 'other',
>   `ports` int(5) default NULL,
>   `secret` varchar(60) NOT NULL default 'secret',
>   `community` varchar(50) default NULL,
>   `description` varchar(200) default 'RADIUS Client',
>   PRIMARY KEY  (`id`),
>   KEY `nasname` (`nasname`)
> );
 
 








Publicado por en No hay comentarios:
Etiquetas: , , ,

Configuración IP estática en Centos 6 


## Configure eth0


#
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
 



DEVICE="eth0"


NM_CONTROLLED="yes"
ONBOOT=yes
HWADDR=A4:BA:DB:37:F1:04
TYPE=Ethernet
BOOTPROTO=static
NAME="System eth0"
UUID=5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03
IPADDR=192.168.1.44
NETMASK=255.255.255.0



## Configure Default Gateway


#
# vi /etc/sysconfig/network



NETWORKING=yes


HOSTNAME=centos6
GATEWAY=192.168.1.1
 


## Restart Network Interface


#



/etc/init.d/network restart




## Configure DNS Server


#
# vi /etc/resolv.conf



nameserver 8.8.8.8      # Replace with your nameserver ip




nameserver 192.168.1.1  # Replace with your nameserver ip
Publicado por en No hay comentarios:

10/2/15

scp as a background process


To execute any linux command in background we use nohup as follows:
1
$ nohup SOME_COMMAND &
But the problem with scp command is that it prompts for the password (if password authentication is used). So to make scp execute as a background process do this:
1
$ nohup scp file_to_copy user@server:/path/to/copy/the/file > nohup.out 2>&1
Then press ctrl + z which will temporarily suspend the command, then enter the command:
1
$ bg
This will start executing the command in backgroud
Publicado por en No hay comentarios:
Etiquetas: , ,
Suscribirse a: Comentarios (Atom)