Category Archives: Centos

04Sep/19

How to disable portmapper services in centos 7

Sometimes you will get a notice saying like ” your server can be used or is used for abusing using portmapper services”

An open portmapper service that can be accessed from the Internet can be exploited by an attacker to perform DDoS reflection attacks. Furthermore, an attacker will gain information about the network, e.g. running RPC services or existing network shares.

What does the portmapper do when it is enabled ?

It actually helps to provide RPC (Remote Procedure Calls) like NFS mounts. PortMapper service name is called as portmapper and runs in port TCP and UDP 111.

The Vulnerability in having this was revealed back in 2015 and after that most of the techs suggest to get this disabled or atleast disable this port using TCP Wrappers or Firewall.

To get the list of RPC services , you can use the command rpcinfo.

Sample result which have portmapper service enabled

[root@server ~]# rpcinfo -p
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper

To stop the services , use the below commands

[root@server ~]# systemctl stop rpcbind
Warning: Stopping rpcbind.service, but it can still be activated by:
rpcbind.socket

[root@server ~]# systemctl stop rpcbind.socket

Now again check rpcinfo command to confirm if all process is stopped or not . Good result will be like the below

[root@server ~]# rpcinfo -p
rpcinfo: can’t contact portmapper: RPC: Remote system error – Connection refused

To disable this service and stop restarting even after reboots, disable the service using the below command.

[root@server ~]# systemctl disable rpcbind
Removed symlink /etc/systemd/system/multi-user.target.wants/rpcbind.service.

Cross check once more and confirm rpcinfo command is showing connection refused.

[root@server ~]# rpcinfo -p
rpcinfo: can’t contact portmapper: RPC: Remote system error – Connection refused

This way you can disable the service for ever.

02Nov/16

Monit how to install & Configure on CentOS 7/RHEL 7

Monit is utility or package we usually used in Linux machines for managing and monitoring service running in the Linux machines. For example services like HTTPD, MySQL etc. Monit can start a process if it does not run, restart a process if it does not respond and stop a process if it uses too much resources. The monit also has user friendly web interface where you can directly view the system status and setup up processes using native HTTP(S) web server or via the command line interface.  In this blog we disscussing how we can implement monit on a Centos7 server. The Centos version I am using CentOS Linux release 7.2.1511

[root@server ~]# cat /etc/redhat-release 
CentOS Linux release 7.2.1511 (Core)

At this moment monit is not available in the base repository of Centos 7. So I used EPEL repository to install monit using yum.

wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-8.noarch.rpm

rpm -ivh epel-release-7-8.noarch.rpm
yum install monit

Monit configuration
Now we are going to enable monit web interface by configuring the monit conf file. After enabling we will be having a nice web interface of monit that shows status of services we are monitoring, how long it was up in the server etc. We have added a screenshot for the same at the end of this article. You are refer the same for how exactly it look like.

open  /etc/monitrc using vi editer and make below changes.

originally it was like

set httpd port 2812 and
 use address localhost # only accept connection from localhost
 allow localhost # allow localhost to connect to the server and
 allow admin:monit # require user 'admin' with password 'monit'

After changes it will look like

set httpd port 2812 and
 use address x.x.x.x(server IP) # only accept connection from localhost
 allow y.y.y.y(Your IP) # allow localhost to connect to the server and
 allow admin:monit # require user 'admin' with password 'monit'

Restart service using below command

service monit restart

Allow port 2812 in the firewall and verify its listening from outside using telnet commands. In my case I was using csf firewall. So I just need to add port in the csf conf file under TCP_IN and TCP_OUT section.

After that access the monit web interface using the url like http://x.x.x.x:2812

If you need us to setup the sever with nginx or php-fpm with high performance, you can contact us for the setup. Either you can subscribe for our Server Management or use our Hourly server management

Service Configuration

In this section we are going to monitor our server mySQL service by monit and restart it if its failed. Below are the changes.

Create a file named mysql.conf under directory /etc/monit.d/.

Add below entries and make necessary changes as per your server and pid file name and location.

check process mysqld with pidfile /var/lib/mysql/server.namemysql.pid
group mysql
start program = "/usr/bin/systemctl start mysql.service"
stop program = "/usr/bin/systemctl stop mysql.service"
if failed host 127.0.0.1 port 3306 then restart
if 5 restarts within 5 cycles then timeout

Once added check the syntax using command “monit -t” and you will get result like below.

monit -t
Control file syntax OK

restart monit service using below command.

service monit restart

After that refresh the monit web panel and you will see MySQL is monitored by Monit.

In centos 7 we can see monit log from the location tail -f /var/log/monit.log

monit-server

 

 

24Jun/16

Create Domain in CentOS Web Panel

CentOS Web Panel

CentOS Web Panel is a free Web Hosting control panel. It is mainly designed for quick and easy management of servers without using ssh console for every little thing. Lots of options and features are available in this panel. As the name suggest the panel can only be installed in CentOS 6, RedHat 6 and CloudLinux 6.

How to access CentOS Web Panel after installation.

Access url

Non SSL Login: http://IP-Address:2030
SSL Login: https://IP-Address:2031

We can use the same server root logins to log in to the panel.

How to create Domain Account in CentOS Web Panel

  • Log in to the Panel as we have mentioned before.
  • Click “User Accounts” in left menu then Click “New Account”

CWP.admin

  • Enter Domain name (eg. example.com)
  • Enter username (make it similar to domain eg. example)
  • Copy random generated password from CentOS Web Panel to safe place or set your password
  • Select Package if you created previously or set it as default.
  • Enter email address in the email address field.

CWP.admin1

  • Click on button Create.