Archive for January, 2014

Monitor Web Site Files With Auditd

No Comments »


The Linux Auditing System and auditd are a great way to monitor who and when changes are made to the files in your website. To install and configure follow these steps:

1. Install auditd and related utilities:

yum install audit

2. Make sure auditd is running:

/sbin/chkconfig --list auditd 
auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

3. Edit /etc/audit/auditd.conf and change:

action_mail_acct = [your email address]

This sets any action emails to go to your preferred address.
4. Edit /etc/audit/audit.rules and add a line like this to the bottom:

-w [path_to_website] -p wa -k [key]

So if you website is located at:
Then a command like:

-w /var/www/vhosts/ -p wa -k mysite

would setup auditing of write and attribute change requests. Events matching this rule would be tagged with the “mysite” key.

/sbin/service auditd restart

Audit logs go to:



Passive Mode FTP with iptables

No Comments »

There’s lots of advice on the net about how to setup a server with iptables to allow passive mode FTP. Below is the approach that we’ve found to be most effective.

Start by configuring your FTP daemon to use a fixed range of ports. We use 41361 to 65534 which is the IANA registered ephemeral port range. The exact config depends on what FTP software you’re using:


Edit /etc/vsftpd/vsftpd.conf and add the following lines:



Edit /etc/proftpd.conf and add to the Global section:

PassivePorts 49152 65534

Now restart your FTP service so the changes take effect.

Next you’ll need to configure the ip_conntrack_ftp iptables module to load. On Redhat/CentOS just edit /etc/sysconfig/iptables-config and add “ip_conntrack_ftp” to the IPTABLES_MODULES like this:


Next edit /etc/sysconfig/iptables and add a rule to allow TCP port 21.
The new line is marked in red:

-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

Now restart the iptables service:

/sbin/service iptables restart

You can verify that the correct port range has been registered with lsmod like this:

lsmod | grep conntrack_ftp

and you’ll get something like this:

nf_conntrack_ftp       12913  0 
nf_conntrack           79645  4 nf_conntrack_ftp,nf_conntrack_ipv4,nf_conntrack_ipv6,xt_state

And that’s all it takes to get passive mode ftp working behind iptables.

P.S: If your server is behind a physical firewall and you are behind NAT, then you’ll probable need to load the “ip_nat_ftp” iptables module.

unknown filesystem type ‘isw_raid_member’



RAID hardware failed and both SATA x 2 TB stops working, tried enable/disable RAID controller without luck, Add/Remove drives but no boot, kernel panic and stuck.

Now what I want is to boot one hard disk to restore services so I tried:

fsck /dec/sda

but it gives error

unknown filesystem type 'isw_raid_member'

So the solution is , remove RAID metadata from the drives and boot normally.

dmraid -rE /dev/sda

And Hard disk start working…..

How to disable Gmail new feature which allows anyone to send you email without knowing your email

No Comments »


Last week, Google announced that Gmail users can email their Google+ connections without knowing their email address first. For some, it’s an easy way to stay in touch. For others, it’s a ticket to unwanted email. However you feel, here’s how to turn the feature off, or set it so only the people you want can use it.

Now that the new feature has rolled out to Gmail users (although it hasn’t gotten to Google Apps users, as far as we can see), controlling who can email you is pretty simple:

  • Click here to open the General tab in your Gmail Settings.
  • Scroll down to Email via Google+.
  • Click the drop-down and select your preferred option. “Circles” (which was the default for me) only allows people in your circles—not those who have circled you—to contact you. “Extended circles” allows friends of your friends to email you. “Anyone on Google+” is as the name implies, and we’d suggest avoiding it. To turn the feature off completely, select “No one.”
  • Scroll down and click “Save Changes.”

That’s it.


Increase the SMS limit in Android (100 SMS per hour to unlimited)

No Comments »


Make sure you got rooted phone.

  • Install Android SDK (for basic command line tools, such as ADB)
  • Add Android tools to the PATH
  • Turned on USB debugging on Phone
  •  Connect with USB Cable, USB Drivers must be installed (with SDK etc)

Open Command Terminal and enter the following:

adb shell
mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /system

adb shell
sqlite3 /data/data/

Then you’ll see:


Then enter the following to alter the limit

INSERT INTO gservices (name, value) VALUES('sms_outgoing_check_max_count', 101);

(change 101 to your new limit)

I didnt try altering the limit so I hope it works for you guys.. but I can confirm this next one works. It completely turns off the limit altogether.

To turn off the limit enter:

INSERT INTO gservices (name, value) VALUES('sms_outgoing_check_interval_ms', 0);