shukko·bir video dosyamiz var ve biz bunu stream etmek istiyoruz ancak elimizdeki stream icin uygun degil , haydi mp4e cevirelim ve stream edelim. her durum ve sartta stream etmek guzel birseydir. için yorumlar kapalı
 ffmpeg -i Ralph.mkv -vcodec libx264 -crf 22 -preset:v veryfast -ac 2 -acodec aac -ab 128K -strict -2 output.mp4

shukko·directadmin block access to xmlrpc.php serverwide için yorumlar kapalı

mkdir /usr/local/directadmin/data/templates/custom/

chown diradmin.diradmin /usr/local/directadmin/data/templates/custom/

cd /usr/local/directadmin/data/templates/custom/

wget http://shukko.com/xmlrpcblock.tar.gz

tar zxvf xmlrpcblock.tar.gz

rm -rf xmlrpcblock.tar.gz

chmod 644 virtual_host2*

cd /usr/local/directadmin/custombuild/

./build rewrite_confs

shukko·Configuring ProFTPd with virtual users in a file için yorumlar kapalı

proftpd kurulumu su sekildedir:

apt-get install proftpd

nano /etc/proftpd/proftpd.conf

ServerName “Debian”
DefaultRoot ~
Port 21
RootLogin off
AllowStoreRestart on

Bununla test et

proftpd -t

service proftpd restart

calistir gitsin

Sanal kullanicilar ile kolay kurulum duzenegi:

nano /etc/proftpd/proftpd.conf

DefaultRoot ~
RequireValidShell off
AuthUserFile /etc/proftpd/ftpd.passwd
AuthGroupFile /etc/proftpd/ftpd.group
AuthOrder mod_auth_file.c

Kullanici Olustur:

ftpasswd –passwd –file=/etc/proftpd/ftpd.passwd –name=test –uid=60 –gid=60 –home=/srv/ftp/test/ –shell=/bin/false

Grup Olustur:

ftpasswd –group –name=nogroup –file=/etc/proftpd/ftpd.group –gid=60 –member test

Bununla test et

proftpd -t

Sifre degistirmek icin:

ftpasswd –passwd –file=/etc/proftpd/ftpd.passwd –name=test –change-password

kullanici silmek icin:

ftpasswd –passwd –file=/etc/proftpd/ftpd.passwd –name=test –delete-user

Open the ProFTPd configuration in any text editor:

1sudo nano /etc/proftpd/proftpd.conf

Specify the parameters:

12345DefaultRoot ~RequireValidShell offAuthUserFile /etc/proftpd/ftpd.passwdAuthGroupFile /etc/proftpd/ftpd.groupAuthOrder mod_auth_file.c

As you can see, only module mod_auth_file.c is used for authorization of users, so logins and passwords are taken only from /etc/proftpd/ftpd.passwd file.

Now create an example user, test:

1sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --uid=60 --gid=60 --home=/srv/ftp/test/ --shell=/bin/false

After this command, the /etc/proftpd/ftpd.passwd file of the similar structure with /etc/passwd will be created.
UID and GID can be specified any, preferably except 0 (this is root) and those specified in /etc/passwd.
You can also specify the UID and GID similar to the user in /etc/passwd, for example, 33 as a www-data user, to provide similar rights to web files and specify the home directory of /var/www.
You can create users with the same UID and GID, different home directories and taking into account that they are not allowed to go above their directory level (DefaultRoot ~ parameter in the server configuration).

Create an ftpd.group file:

1sudo ftpasswd --group --name=nogroup --file=/etc/proftpd/ftpd.group --gid=60 --member test

Let’s check the configuration:

1sudo proftpd -t

Restart ProFTPd to apply the changes:

1sudo /etc/init.d/proftpd restart

Since the passwords in the file are stored in encrypted form, you can change the password to the user as follows:

1sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --change-password

You can lock/unlock the user (add/remove the ! character in the ftpd.passwd file before the password hash, thereby making it impossible for the user to connect):

12sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test2 --locksudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --unlock

You can delete the user as follows:

1sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --delete-user

Open the ProFTPd configuration in any text editor:

1sudo nano /etc/proftpd/proftpd.conf

Specify the parameters:

12345DefaultRoot ~RequireValidShell offAuthUserFile /etc/proftpd/ftpd.passwdAuthGroupFile /etc/proftpd/ftpd.groupAuthOrder mod_auth_file.c

As you can see, only module mod_auth_file.c is used for authorization of users, so logins and passwords are taken only from /etc/proftpd/ftpd.passwd file.

Now create an example user, test:

1sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --uid=60 --gid=60 --home=/srv/ftp/test/ --shell=/bin/false

After this command, the /etc/proftpd/ftpd.passwd file of the similar structure with /etc/passwd will be created.
UID and GID can be specified any, preferably except 0 (this is root) and those specified in /etc/passwd.
You can also specify the UID and GID similar to the user in /etc/passwd, for example, 33 as a www-data user, to provide similar rights to web files and specify the home directory of /var/www.
You can create users with the same UID and GID, different home directories and taking into account that they are not allowed to go above their directory level (DefaultRoot ~ parameter in the server configuration).

Create an ftpd.group file:

1sudo ftpasswd --group --name=nogroup --file=/etc/proftpd/ftpd.group --gid=60 --member test

Let’s check the configuration:

1sudo proftpd -t

Restart ProFTPd to apply the changes:

1sudo /etc/init.d/proftpd restart

Since the passwords in the file are stored in encrypted form, you can change the password to the user as follows:

1sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --change-password

You can lock/unlock the user (add/remove the ! character in the ftpd.passwd file before the password hash, thereby making it impossible for the user to connect):

12sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test2 --locksudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --unlock

You can delete the user as follows:

1sudo ftpasswd --passwd --file=/etc/proftpd/ftpd.passwd --name=test --delete-user

ftpasswd is a script written in Perl, usually located in /usr/sbin/ftpasswd.

shukko·lsof için yorumlar kapalı

lsof en sevdigim komuttur.

lsof -c httpd | grep cwd demek cok nefis birseydir.

fazlasi icin buraya bakabilirim sonra

shukko·exim block domain uzantisi spamci essekler ok ok… için yorumlar kapalı
/etc/system_filter_exim

ekle:::

if first_delivery
and (
("$h_from:" matches ".+@.+\\\\.ml[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ro[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.stream[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.gr[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ca[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.gen.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ua[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.net.in[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ar[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.be[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.id[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pl[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.au[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.cz[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ir[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ae[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.mx[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.br[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.uk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.jp[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ci[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.download[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.ug[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.kz[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.se[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.com.hk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.ke[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.ce[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.com.pe[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.tv[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.my[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.xyz[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.com.ph.tk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.sk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pe[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.me[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.co.th[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.hr[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.cl[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.host[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ga[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.ml[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.online[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.win[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.top[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.bid[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.us[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.tk[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.site[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.club[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.info[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.click[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.space[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.gdn[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.fun[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.rest[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.best[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pro[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.monster[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.live[^a-zA-Z0-9_]")
or ("$h_from:" matches ".+@.+\\\\.pw[^a-zA-Z0-9_]")

)
then
seen finish
endif

shukko·OpenVZ shit! için yorumlar kapalı

Openvz icin bir iki komut.

vzlist -o ctid,laverage

node ustundeki containerlerin yuk durumunu listele

-------------------
vzlist -H -o veid,hostname,diskspace | awk '{ printf("%d\t%s\t%.2f GB\n", $1, $2, $3/(1024*1024))}'

node ustundeki aktif containlerin ne kadar disk kullandigini listele

vzlist -H -o veid,hostname,diskspace | awk '{ printf("%d\t%s\t%.2f GB\n", $1, $2, $3/(1024*1024))} {sum += $3} END {printf("Total disk usage: %.2f GB\n", sum/(1024*1024))}'

yukaridakine ek toplam kullanilan disk alaninida goster.

shukko·mt under syn için yorumlar kapalı

If you want help your router to support 2x DDoS you’re receiving now, disable route cache. You will see your cpu usage immediately goes down.

Put rp_filter in loose mode and enable tcp syncookie.

Set (only if you use router as border one and you not do nat or similar services)
/ip firewall connection tracking set enabled=no

Use only raw rules and setup something like this:

/ip firewall raw
add    chain=prerouting action=jump jump-target=udp-filters in-interface=NETIX log=no log-prefix="" protocol=udp

add    chain=prerouting action=jump jump-target=tcp-filters in-interface=NETIX log=no log-prefix="" protocol=tcp

add   chain=udp-filters action=accept in-interface=NETIX src-port=53 limit=2500,100:packet log=no log-prefix="" protocol=udp

add    chain=udp-filters action=drop in-interface=NETIX src-port=53 log=no log-prefix="" protocol=udp

add  chain=udp-filters action=drop in-interface=NETIX src-port=389 log=no log-prefix="" protocol=udp comment=LDAP

add  chain=udp-filters action=drop in-interface=NETIX src-port=80 log=no log-prefix="" protocol=udp comment="UDP SRC 80"

add  chain=udp-filters action=drop in-interface=NETIX src-port=443 log=no log-prefix="" protocol=udp comment="UDP SRC 443"

add  chain=udp-filters action=drop in-interface=NETIX dst-port=80 log=no log-prefix="" protocol=udp comment="UDP DST 80"

add  chain=udp-filters action=drop in-interface=NETIX dst-port=443 log=no log-prefix="" protocol=udp comment="UDP DST 443"

add    chain=udp-filters action=notrack log=no log-prefix=""

add    chain=tcp-filters action=notrack log=no log-prefix=""

add    chain=prerouting action=notrack log=no log-prefix=""

/ip firewall filter

add chain=forward protocol=tcp tcp-flags=syn,rst action=drop

You will block most know UDP Amplification script.

this is the best configuration we found to allow MT absorb attacks, you can’t get better performance.

Now to do real tcp mitigation you should apply an external device (in line or out of line is your choice) to filter some more specific packets (strings, ttl, flags…). If you not feel safe to use in line, consider to use fastnemon that detect a ddos and inject a route to forward /32 to that device.

Or if you have a budget, choose a company that does ddos mitigation and you will sleep better

shukko·what is /mnt? I want /home için yorumlar kapalı

umount /mnt
fdisk /dev/vdb
g
w
fdisk /dev/vdb
n
w
mkfs.ext4 /dev/vdb1
nano /etc/fstab
/dev/vdb1 /home ext4 defaults 0 1
mount -a
reboot

shukko·smartmontools /sucks/ için yorumlar kapalı

askubuntudan copy paste ettim

The commandline version of the libatasmart library used by Gnome Disks is called skdump part of the libatasmart-bin package which is not installed by default. Install by using:

sudo apt-get install libatasmart-bin

Next run the following command to see the SMART information by running the following command in the terminal (replacing /dev/sda by the path to your drive):

sudo skdump /dev/sda

As an alternative the smartctl from the smartmontools package could be used. Install by using:

sudo apt-get install smartmontools

You will then be able to get information on SMART by running the following command in the terminal (replacing /dev/sda by the path to your drive):

sudo smartctl -a /dev/sda

Note that smartctl tends to be overly verbose. Use the -q errorsonly argument to display only errors:

sudo smartctl -q errorsonly -a /dev/sda