CentOS apache conf.d dark mystery: why some virtual hosts are more equal then others

I’ve got a complain the other day: for some reason some virtualhosts on dedicated server was not working properly with suExec PHP as configured.
Read more »

Using lsof to find trojan processes on Linux.

In my previous post I was telling about checking for programs using network on Linux using lsof tool.
Here I have “live” example of such backdoor found on one of our servers.
Read more »

Apache2, PHP, SuEXEC configuration on CentOS

There are plenty of tutorials on the web. Tons and tons.

However when I had to create working configuration and put together Virtualmin template most of these instruction just didn’t work properly. After some time I’ve came up with my own working configuration and proper Virtualmin apache template for CentOS.

As a bonus we’ll have per-user php.ini and apache2 worker MPM which is a little bit faster and less resource hungry then traditional prefork MPM.
Read more »

Sysadmin shell oneliner: update serial in all DNS zones

Sometimes you just need to force updates on slave DNS servers. The easiest way to do it is to increase zone serials on master server. what if there are hundreds of zone files? Here is one way to do it
Read more »

Centos5: OCFS2 cluster FS on dual primary DRBD: why it doesn’t mount OCFS2 on boot?

I have couple of these – how to configure it pretty easy to found (may be later I’ll go over the setup here too). The problem is – with everything else running perfectly fine OCFS2 partitions are never mounted automagically on boot. Just recently I found out why
Read more »

Looking for the backdoors or performance bottlenecks with lsof

When server is compromised via some PHP script security hole intruders are getting relatively low level of access to the server. Although its enough to install PHP shell script or start some backdoor network daemon or proxy server or network scanner.

Lets see if we can find them
Read more »

VPN from Vmware Guest OS on windows 7

I have couple of Vmware VMs that I am carrying with me from computer to computer and using on regular basis. One of these VMs is used for corporate PPTP VPN.
After my last transition to Windows 7 this VPN stopped working. It took me some time to find the solution to this problem. Read more »

Register any browser as Windows7 default (including portable)

As the matter of choice I’m using only portable versions of non-MS browsers – Chromium portable, FireFox Portable, [email protected]

Everything was nice and dandy while I was using WinXP. Not so easy with Windows7 – let me explain how you can control list of default browsers with simple registry files.
Read more »

Accessing Vmware guest OS behind NAT from another computer

Sometimes you have to do things that make sense only to you. And by no way approved by the software manufacturer.
I needed to get access to Vmware Guest OS, behind Vmware NAT interface from another computer.

Read more »

.htaccess anti-RFI mod_rewrite rules

RFI – Remote File Inclusion (or “nesting” – though last term is not so widely used, and it’s not the same as XSS I beleive) is very serious security threat – especially in webhosting environment where there is no time and manpower available to audit and vet all customers PHP scripts. Let’s see if there are other ways to reduce the threat

Read more »