Thursday, June 26, 2008

Bandwidth Limiting SCP (Secure CoPy)

You can also limit the bandwidth scp may use when copying.
This is very useful if you want to copy a huge amount of data
without suffering from slow network for a long time. Limiting
bandwidth is done in this way:

$ scp -l bandwidthlimit_in_kbps username@remote_host:/path/to/file .

The bandwidth is specified in Kbit/sec. What does this mean?
Eight bits is one byte. If you want to copy no faster than
10 Kbyte/sec, set the limit to 80. If you want to copy no faster
than 80 Kbyte/sec, set the limit to 640. You should set the limit
to eight times the maximum Kbyte/sec you want it to be.
I would recommend to set the -l option with all scp'ing you do
on a connection that other people need to use, too. A big amount
of copying can virtually block a whole 10 Mbit network if you are
using hubs.

Tuesday, June 24, 2008

Reducing Booting Time in Linux

You can reduce the booting time in Linux, by disabling the
services, which are not being used by you.

There is a directory for each run-level in /etc. Those
are named as /etc/rc.< run-level > , where
run-level = 0~6

On most Linux distros, default run-level is 5, in Debian default
run-level is 2.

1. Go to your run-level directory /etc/rc.n

# cd /etc/rc.5

2. If you want to disable, Apache Web-Server (apache), just
you have to rename, the corresponding file my replacing 'S'
(start) by 'K' (kill).

# mv S91apache K91apache

Likewise, you can disable all the undesired services.
This procedure will make your linux not only fast,
but also secure.

Monday, June 16, 2008

Prevention of Man-in-Middle Attack

Having anticipated, Man-in-Middle attack by ARP Spoofing. a problem,
(For example: there are many lab machines which have NFS access to user
disks on a server. These machines may even be turned OFF which makes it
easy for a spoofer to get in.), I wrote a short Perl script designed to
be run from the system startup file. Basically, it fills the ARP cache
on Linux with the IP and MAC addresses of known machines, setting a flag
so that they are never removed from the cache and can never be changed.

The config file format is simple -- IP address followed by MAC address,
separated by whitespace. Pound at the beginning of a line indicates
For example:
# vi ip_mac.conf
# IP_Address MAC_Address

This has only been tested on Linux -- people on other platforms may need
to adjust the parameters to arp in the system call.

It is a quick 'n' dirty program, but works -- maybe it will be useful to
somebody out there, too.

Note: you want to make sure that it is run after your network interface is
brought up but before any servers or clients are started; otherwise,
somebody may be able to sneak in a connection before the ARP tables are

Here is the Perl script:

# vi

#!/usr/bin/perl -w
# Program:
# Program to run ARP to force certain tables.

# Specify filenames(Redirection) or stdin

foreach (<>) # For each input line....
chomp; # Strip if CR/LF
if (/^#/)
} # If it's a comment, skip it.
if (((($host, $hw) = /\s*(.+?)\s+(\S+)\s*/) == 2) &&
# The text between the slashes parses the input line as follows:
# Ignore leading whitespace. (\s*)
# Then, start matching and put it into $host ($host, (.+?))
# Skip over the whitespace after that (\s+)
# Start matching. Continue matching until end of line or optional
# trailing whitespace.

# Then, the if checks to see that both a
# host and a hardware address were matched.
# (2 matches). If not, we skip the
# line (assuming it is blank or invalid or something).
# The second part of the if checks to see if the line starts with
# a pound sign; if so, ignore it (as a comment).

# Otherwise, run the appropriate command:
printf("Setting IP %-15s to hardware address %s\n", $host, $hw);
system "/usr/sbin/arp -s $host $hw\n";

Example execution.

# ./ < ip_mac.conf

I hope that this script will help you access resources in

your network and prevent DoS/Man-in-Middle Attack.

Tuesday, June 10, 2008

Process Status of Any Process Containing given String

In order to get Process Status (ps) of any process containing given string
(say 'mitesh'), we use to type following commands, which are long and
tedious to type.

$ ps auxww | grep "mitesh" | grep -v grep

Instead, if we type

$ mitesh

which is more convenient to type. So what this ''
contains (I am assuming, that
~/bin is in $PATH):

$ vi ~/bin/

function is ()
ps auxww | grep "$@" | grep -v "grep"

is $@

# END :

Ethernet Configurations on Fedora/RHEL

In order to configure ethernet (Usually eth0 for first ethernet card),
open /etc/sysconfig/network-scripts/ifcfg-eth0 file.

# vi /etc/sysconfig/network-scripts/ifcfg-eth0

#>>>Device type: ethernet
#>>>Variable declarations:

# Whether to make available after boot
# or enable at root's consent

# PROTO = dhcp, none

#>>>End variable declarations

Booting in Single User Mode in Linux

At the boot time, you usually see GRUB (GRand Unified Boot) Loader.

You select any one option of available OSs from the menu.

For example, if you have Windows and Linux.
You will get 2(or more) options to boot.

In order to boot into single user mode, you select desired
linux and press 'e' in grub menu, you will see new window
with something given below

root (hd0,0)
kernel /boot/vmlinuz- root=/dev/sda1 ro resume=/dev/sda3
initrd /boot/initrd.img-

Now, you append '1' or 'single' in the second line (kernel) as kernel
parameter. For example

kernel /boot/vmlinuz- root=/dev/sda1 ro resume=/dev/sda3 1


kernel /boot/vmlinuz- root=/dev/sda1 ro resume=/dev/sda3 single

Now, press 'b', to boot into single user mode. :)

Monday, June 9, 2008

Shortcuts for Working in BASH (Bourne Again SHell)

Left/right cursor key --- Move left/right in text
Ctrl+A --- Move to beginning of lIne
Ctrl+E --- Move to end of line
Ctrl+right arrow --- Move forward one word
Ctrl+left arrow --- Move left one word

Ctrl+U --- Delete everything behind cursor to start of line
Ctrl+K --- Delete from cursor to end of line
Ctrl+W --- Delete from cursor to beginning of word
Alt+D --- Delete from cursor to end of word
Ctrl+T --- Transpose characters on left and right of cursor
Alt+T --- Transpose words on left and right of cursor

Ctrl+L --- Clear screen (everything above current line)
Ctrl+U --- Undo everything since last command
Alt+R --- Undo changes made to the line
Ctrl+Y --- Undo deletion of word or line caused by using Ctrl+K, Ctrl+W, and so on
Alt+L --- Lowercase current word (from the cursor to end of word)

Note: If you find these shortcuts hard to remember and you know vi(m),
you can enable vi mode for editing command line using following command:

$ set -o vi

To enable vi mode from start of Bash, add following lines to your ~/.bashrc
# Start vi Mode for command line editing
set -o vi

Monday, June 2, 2008

Backup Using TAR

Tar utility can be used to take backup. I have created a
handy script to do backup of files/directories(mentioned in

# vi

1 out_file=/mnt/Backup/backup_`date +20%y%m%d`.tar.gz

3 echo "Creating $out_file ..."
5 tar -zcpvf $out_file -T tar_include.txt -X tar_exclude.txt
7 sync
8 echo "Completed Backing up"

# vi tar_include.txt
1 /home/mitesh/.purple/
2 /home/mitesh/.thunderbird/
3 /home/mitesh/Programming/
4 /home/mitesh/Documents/

You can exclude files/directories inside those
mentioned in tar_include.txt. Just you have to
write files/directories in tar_exlcude.txt .
# vi tar_exclude.txt
1 /home/mitesh/Programming/Perl/Modules/*
2 /home/mitesh/Documents/CrawlDoxy/*

Now run the above shell script to get backup with
date in /mnt/Backup/ .

Note: You can take regular backups using above scipt too.
Just you have to give interval and path of above script
in /etc/crontab file.