All posts by Martin N

14Jan/17

Generate CSR and Private Key in Plesk

Certificate Signing Request ( CSR ) is a message sent from an applicant to a Certificate Authority in order to apply for a digital identity certificate.

Before creating a CSR, the applicant first generates a key pair, keeping the private key secret. The CSR contains information identifying the applicant (such as a distinguished name in the case of an X.509 certificate) which must be signed using the applicant’s private key. The CSR also contains the public key chosen by the applicant. The CSR may be accompanied by other credentials or proofs of identity required by the certificate authority, and the certificate authority may contact the applicant for further information. Continue reading

31Dec/16

Configure SSH Key based authentication from Linux and Windows system

Secure Shell (SSH)

Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. When working with a Linux server, chances are, you will spend most of your time in a terminal session connected to your server through SSH. There are different ways to login into the server using ssh and here I am discussing about the ssh key based authentication. Continue reading

14Nov/16

How to change PHP handler from Server Backend

PHP handler means the way apache software on the server serves PHP scripts. On cPanel/WHM Servers there are four PHP handlers : SuPHP, DSO, CGI, FastCGI. suPHP is the default handler on cPanel/WHM Servers. You might be familiar with switching the PHP handler from Web Host Manager(WHM) but most of us are not sure how to do the same from server backend. This article will enlighten how to switch PHP handler on a cPanel/WHM Server.

Continue reading

27Oct/16

Secure and Fix dirty COW Linux Vulnerability

What is Dirty COW Vulnerability and why its called so ?

Dirty COW vulnerability allows attackers to gain root access to servers and take control over the whole system.A rare condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

What is the CVE-2016-5195 ?

CVE-2016-5195 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability Names maintained by MITRE.

Who found the Dirty COW vulnerability?

Phil Oester

How to check if vulnerability is affected on your server

Ubuntu/Debian

To find out if your server is affected, check your kernel version.

# uname -rv

You’ll see output like this:

Output
4.4.0-42-generic #62-Ubuntu SMP Wed Oct 26 22:10:20 IST 2016

If your version is earlier than the following, you are affected:
– 4.8.0-26.28 for Ubuntu 16.10
– 4.4.0-45.66 for Ubuntu 16.04 LTS
– 3.13.0-100.147 for Ubuntu 14.04 LTS
– 3.2.0-113.155 for Ubuntu 12.04 LTS
– 3.16.36-1+deb8u2 for Debian 8
– 3.2.82-1 for Debian 7
– 4.7.8-1 for Debian unstable

CentOS

Some versions of CentOS can use this script provided by RedHat for RHEL to test your server’s vulnerability. To try it, first download the script.

# wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_1.sh

Then run it with bash.

# sh rh-cve-2016-5195_1.sh

If you’re vulnerable, you’ll see output like this:

Output

Your kernel is 3.10.0-327.36.1.el7.x86_64 which IS vulnerable.
Red Hat recommends that you update your kernel. Alternatively, you can apply partial
mitigation described at https://access.redhat.com/security/vulnerabilities/2706661 .
Standard Resolution

The easiest way to protect your computers running Linux is to update your Linux distro to the latest version. You can use the following commands to update your Debian/Ubuntu/Centos and RHEL systems,also you need to reboot after updating it.

Debian/Ubuntu:
# sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade

RHEL:
# sudo yum update
# sudo reboot

CentOS:

To update your kernel on CentOS 7, run:
# sudo yum update

There is still no official update of the CentOS 5 and 6 kernel.we’re still waiting on a fix for CentOS 5 and 6. You can use this workaround from the Red Hat bug tracker.

You can find more technical details about the Dirty COW vulnerability and exploit on the bug’s official website dirtycowRedHat site and GitHub page.

 

10Oct/16

Removing and adding files to existing tar archive

1) How to remove a single file from tar file

We need to create a tar file, for that first we need to touch some files

# touch  textfile{1..4}.txt

Now we can create tar file using tar command

# tar -cvf nixtree.tar textfile{1..4}.txt

Which creates the tar file “nixtree.tar” with the files file1.txt to file4.txt
To test the files in a tar file you can use “-t” switch with tar command.

# tar -tf nixtree.tar
textfile1.txt
textfile2.txt
textfile3.txt
textfile4.txt

We can use the “–delete” switch with tar command to remove files from already created tar file.

# tar --delete -f nixtree.tar  textfile1.txt

This command will remove “textfile1.txt” from the tar archive “nixtree.tar”

now see that tar file again

# tar -tf nixtree.tar
textfile2.txt
textfile3.txt
textfile4.txt

Also we can remove file from tar file using pattern matching .see below

2) Pattern match – Removing files using “–wildcards” options

# tar --wildcards --delete -f nixtree.tar 'textfile*'

This will remove all files starting with textfile. Which means the above tar file will be empty

3) Adding a file or directory to the existing tar file

You can add a file to a existing tar file  with ‘r’ option

# tar -rvf nixtree.tar newfile.txt

4) Adding directory to the existing tar file also the same

# tar -rvf nixtree.tar /new-directory

5) Extracting specific files  and directory from tar file

You can now extract the file  ‘textfile4.txt’ from the archive file ‘nixtree.tar’ like this:

# tar --extract --file=nixtree.tar  textfile4.txt

6) Extract a directory  from nixtree.tar:

# tar --extract --file=nixtree.tar directoryname

7) Compressing a folder (tar) without its containing directory in the foldername

# tar -zcvf nixtree.tar.gz -C /path/to/foldername_tocompress

8) Untar tar file to specific location

# tar -xvf nixtree.tar -C /path/to/untar/files/to/specific/directory

Tar Usage and Options

c – create a archive file.
x – extract a archive file.
v – show the progress of archive file.
f – filename of archive file.
t – viewing content of archive file.
r – append or update files or directories to existing archive file.
wildcards – Specify pattern in unix tar command.
26Aug/16

RAID and its different types

RAID is short for Redundant Array of Independent Disks

RAID is a technology that is used to increase the performance and/or reliability of data storage. It combines multiple physical disk drive components into a single logical unit.  Data in RAID is distributed across the drives in one of several ways, referred to as RAID levels, depending on the required level of redundancy and performance. The different schemas, or data distribution layouts, are named by the word RAID followed by a number

Different RAID Levels

  • RAID 0 – striping
  • RAID 1 – mirroring
  • RAID 5 – striping with parity
  • RAID 6 – striping with double parity
  • RAID 10 – combining mirroring and striping

Note

In all the diagrams mentioned below:
      A, B, C, D, E,F,G and H – represents blocks
      p1, p2,p3 and p4 represents parity

RAID LEVEL 0

RAID 0 divides a set of data among multiple hard drives, usually two drives.This configuration has striping but no redundancy of data. It offers the best performance but no fault-tolerance.If one drive fails then all data in the array is lost.

Raid level 0

Advantages

  • RAID 0 offers great performance, both in read and write operations. There is no overhead caused by parity controls.
  • All storage capacity is used, there is no overhead.
  • The technology is easy to implement.

Disadvantages

  • RAID 0 is not fault-tolerant. If one drive fails, all data in the RAID 0 array are lost. It should not be used for mission-critical systems.

Ideal Use

  • RAID 0 is ideal for non-critical storage of data
  • Minimum 2 disks
  • Excellent performance

RAID LEVEL 1

RAID 1 stores an exact copy of your data on two or more drives. This makes your data much more secure; if one drive in the system fails, your data can simply be retrieved from any other drive in the system. This is known as data redundancy.

RAID 1

Advantages

  • RAID 1 offers excellent read speed and a write-speed that is comparable to that of a single drive
  • In case a drive fails, data do not have to be rebuild, they just have to be copied to the replacement drive.
  • RAID 1 is a very simple technology.

Disadvantages

  • The main disadvantage is that the effective storage capacity is only half of the total drive capacity because all data get written twice.
  • Software RAID 1 solutions do not always allow a hot swap of a failed drive. That means the failed drive can only be replaced after powering down the computer it is attached to. For servers that are used simultaneously by many people, this may not be acceptable. Such systems typically use hardware controllers that do support hot swapping.

Ideal Use

  •  It is  suitable for small servers in which only two data drives will be used
  • Minimum 2 disks
  • Excellent redundancy

RAID LEVEL 5

Level 5 is one of the most popular configuration of RAID and is the most common secure RAID level. It requires at least 3 drives but can work with up to 16. Data blocks are striped across the drives and on one drive a parity checksum of all the block data is written. The parity data are not written to a fixed drive, they are spread across all drives.

RAID 5

Advantages

  • Read data transactions are very fast while write data transactions are somewhat slower.
  • If a drive fails, you still have access to all data, even while the failed drive is being replaced and the storage controller rebuilds the data on the new drive.

Disadvantages

  • Drive failures have an effect on throughput, although this is still acceptable.
  • This is complex technology. If one of the disks in an array using 4TB disks fails and is replaced, restoring the data (the rebuild time) may take a day or longer, depending on the load on the array and the speed of the controller. If another disk goes bad during that time, data are lost forever.

Ideal Use

  • Minimum 3 disks
  • RAID 5 is a good all-round system that combines efficient storage with excellent security and decent performance.
  • It is ideal for file and application servers that have a limited number of data drives.

RAID LEVEL 6

Provides block-level striping with parity data distributed across all disks. It requires at least 4 drives and can withstand 2 drives dying simultaneously. The chances that two drives break down at exactly the same moment are of course very small.This technique is similar to RAID 5.If a drive in a RAID 5 systems dies and is replaced by a new drive, it takes hours to rebuild the swapped drive. If another drive dies during that time, you still lose all of your data. With RAID 6, the RAID array will even survive that second failure.

Raid 6

Advantages

  • Like with RAID 5, read data transactions are very fast.
  • If two drives fail, you still have access to all data, even while the failed drives are being replaced. So RAID 6 is more secure than RAID 5.

Disadvantages

  • Write data transactions are slowed down due to the parity that has to be calculated.
  • Drive failures have an effect on throughput, although this is still acceptable.
  • This is complex technology. Rebuilding an array in which one drive failed can take a long time.

Ideal Use

  • RAID 6 is a good all-round system that combines efficient storage with excellent security and decent performance.

RAID LEVEL 10

Combining RAID 1 and RAID 0, this level is referred to as RAID 10, which offers higher performance than RAID 1 but at a much higher cost. In RAID 1+0, the data is mirrored and the mirrors are striped.This is a hybrid RAID configuration. It provides security by mirroring all data on secondary drives while using striping across each set of drives to speed up data transfers.

RAid 10

Advantages

  • If something goes wrong with one of the disks in a RAID 10 configuration, the rebuild time is very fast since all that is needed is copying all the data from the surviving mirror to a new drive. This can take as little as 30 minutes for drives of  1 TB.

Disadvantages

  • Half of the storage capacity goes to mirroring, so compared to large RAID 5  or RAID 6 arrays, this is an expensive way to have redundancy.

Ideal Use

  • Minimum 4 disks.
  • Excellent performance

RAID is no substitute for back-up!

All RAID levels except RAID 0 offer protection from a single drive failure. A RAID 6 system even survives 2 disks dying simultaneously. For complete security you do still need to back-up the data from a RAID system.

Conclusion

Based on the number of available disk drives and your requirements for performance and reliability. Disk drive usage, read performance, and write performance depend on the number of drives in the array. In general, the more drives, the better the performance.

While RAID 0 is the least costly, it could never be used for databases unless you can withstand data loss or rebuild adequately from other backed up media.

RAID 1 and 10 win on data protection, but lose in terms of disk costs. RAID 10 offers the best performance and data protection, but at a cost.

RAID 5 offers the best trade-off in terms of price and performance, and includes data protection for database use.