Copyright © 2011 x83.net. All rights reserved.
Welcome
Category: Tips & Tricks
- View average Round trip time in Wireshark
Round-trip time (RTT) is the time it takes for a client to send a request and the server to send a response over the network, not including the time required for data transfer. Not sure if this fits what you are trying to do, but have you tried Statistics -> IO Graphs Then set Units to Advanced. Select "AVG(*)" as the Calc method. Enter tcp.analysis.ack_rtt You can apply a filter in the appropriate location as well. Note that you will need "Analyze TCP sequence numbers" activated in TCP protocol options in Wireshark preferences for this to work.
- Show FTP accounts in Plesk
First login into mysql:
mysql -uadmin -p`cat /etc/psa/.psa.shadow`
and then:
SELECT REPLACE(sys_users.home,’/home/httpd/vhosts/’,”) AS domain, sys_users.login,accounts.password FROM sys_users LEFT JOIN accounts on sys_users.account_id=accounts.id ORDER BY sys_users.home DESC ;
- Enable cPanel CSF email bruteforce protection
If you have CSF installed then check these two options:
# Distributed Account Attack. This option will keep track of login failures
# from distributed IP addresses to a specific application account. If the
# number of failures matches the trigger value above, ALL of the IP addresses
# involved in the attack will be blocked according to the temp/perm rules above
LF_DISTATTACK = Default: 0 [0-1]# Set the following to the minimum number of unique IP addresses that trigger
LF_DISTATTACK_UNIQ = Default: 2 [2-20] - Openssl commands
General OpenSSL commands
The following commands allow you to generate CSRs, Certificates, Private Keys and other tasks.
Generate a new private key and matching certificate signing request (Unix)
openssl req -out CSR.csr -pubkey -new -keyout privateKey.key
Generate a new private key and matching certificate signing request (Windows)
openssl req -out CSR.csr -pubkey -new -keyout privateKey.key -config .shareopenssl.cmf
Generate a certificate signing request for an existing private key
openssl req -out CSR.csr -key privateKey.key -new
Generate a certificate signing request based on an existing x509 certificate
openssl x509 -x509toreq -in MYCRT.crt -out CSR.csr -signkey privateKey.key
Decrypt private key
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt
Remove a passphrase from a private key
openssl rsa -in privateKey.pem -out newPrivateKey.pem
Checking commands
Use the following commands to check the information within a Certificate, CSR or Private Key. You can also check CSRs and certificates using our online tools.
Check a certificate signing request
openssl req -text -noout -verify -in CSR.csr
Check a private key
openssl rsa -in privateKey.key -check
Check a certificate
openssl x509 -in certificate.crt -text -noout
Check a PKCS#12 keystore
openssl pkcs12 -info -in keyStore.p12
Debugging commands
If you are receiving certificate errors, try one of the following commands to debug a SSL connection. Use our Site Check as well to check the certificate.
Check the MD5 hash of the public key
openssl x509 -noout -modulus -in certificate.crt | openssl md5 openssl rsa -noout -modulus -in privateKey.key | openssl md5 openssl req -noout -modulus -in CSR.csr | openssl md5
Check an SSL connection. All certificates (also intermediates) should be shown
openssl s_client -connect https://www.paypal.com:443
Converting commands
Use the following commands to convert certificates and keys to different formats to make them compatible with specific types of servers or software. For example, convert a normal PEM file that would work with Apache to a PFX (PKCS#12) file for use with Tomcat or IIS.
Convert DER (.crt .cer .der) to PEM
openssl x509 -inform der -in certificate.cer -out certificate.pem
Convert PEM to DER
openssl x509 -outform der -in certificate.pem -out certificate.der
Convert PKCS#12 (.pfx .p12) to PEM containing both private key and certificates
openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes add -nocerts for private key only; add -nokeys for certificates onlyConvert (add) a seperate key and certificate to a new keystore of type PKCS#12
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
- Malware in database
I got a report these days about a site being flagged as forgery by Google Safebrowsing. Usually these situations are easy to handle since most of the times there is a flaw of a php script that allow attackers to upload/modify different .php/.js/.css files. Doing a find or restoring the files fixes the problem.
This time I did not find any modified file..but still the sites were being reported to contain malware. Then I’ve checked in the database and seems there were some iframe entries to redirect to some malware sites. Truncating and reimporting the affected tables solved the issue.
Question remains : is there any malware scanner for databases? What if instead of a iframe some hardcoded strings are set..most likely I would have missed those.
- WARNING: mismatch_cnt is not 0
I got an email regarding this issue saying something like :
WARNING: mismatch_cnt is not 0 on /dev/md1
The /dev/mdX can vary depending on how many raid partitions you have. This mismatch_cnt value is the value of the blocks,
that are not synchronized between RAID-1 (mirrored) drives. On my server it looked something like :
[root@ns ~]# cat /sys/block/md1/md/mismatch_cnt 4910080
To fix :
echo repair >/sys/block/md0/md/sync_action watch cat /proc/mdstat
And after the repair is completed:
echo check >/sys/block/md1/md/sync_action watch cat /proc/mdstat
Then check to see what this returns:
cat /sys/block/md1/md/mismatch_cnt