Archive for the ‘Ubuntu Linux’ Category

Install VSFTPD 3.0.2 on the ARM Platform for Raspbian or Debian

Saturday, January 3rd, 2015

Install VSFTPD 3.0.2 on the ARM Platform for Raspbian or Debian

Download and install the arm compiled VSFTPD 3.0.2 deb package file and init script:

wget -N http://dinofly.com/files/linux/vsftpd_3.0.2_arm.tar.gz
tar -zxvf vsftpd_3.0.2_arm.tar.gz
if [ ! -e "/etc/init.d/vsftpd" ]; then
    sudo cp vsftpd /etc/init.d/
fi
sudo dpkg -i vsftpd_3.0.2-1_armhf.deb

Now, run these commands:

sudo useradd -d /var/ftp ftp
sudo mkdir -p /var/ftp
sudo chown root.root /var/ftp

Finally, start the VSFTPD service and set it to run on boot:

sudo service vsftpd restart
sudo update-rc.d vsftpd defaults

VSFTPD 3.0.2 should now be installed on your ARM device.

Allow Anonymous Read Only FTP via VSFTPD

Saturday, January 3rd, 2015

Anonymous VSFTPD Setup (Read Only)

Configuration:

In order to enable anonymous FTP connections to a particular directory while still supporting authentication for virtual users for their files via PAM isn't that difficult.  Install VSFTPD if you haven't done so already by running the following command:

sudo apt-get install vsftpd

Create a backup of your existing VSFTPD confiugration file (this guide assumes you have already installed vsftpd):

sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak

Next, let's edit the file:

sudo nano /etc/vsftpd.conf

Add the following lines to your configuration file:

anonymous_enable=YES
anon_root={INSERT_PATH_TO_ANONYMOUS_DIRECTORY}
anon_mkdir_write_enable=NO
anon_upload_enable=NO

Adding these lines enables anonymous FTP to the specified directory where files can be read and downloaded only.  Anonymous users cannot write, delete, change, or modify files because of the anon_mkdir_write_enable=NO and the anon_upload_enable=NO configuration lines.  For your changes to take effect, restart vsftpd.

sudo service vsftpd restart

You're done!

Geany PHP Beautifier

Saturday, August 16th, 2014

PHP Beautifier Support for Geany

Geany is by far one of the best text editors I have come across that works on both Windows and Linux.  It is also one of the most aesthetically pleasing editors to look at right out of the box.  I do a lot of PHP scripting, and as such, it is nice to have a "beautifier" script that will automatically format my code for me so that it looks nice.  Geany can also call the php executable and check your script syntax. You can achieve both of these features by installing both PHP for Windows and the PHP Beautifier PEAR addon.   

Install PHP for Windows:

If you code your PHP scripts in Windows, you'll want to use syntax checking and the PHP_Beautifier script.  To do so, you must install the PHP5 Windows package, which includes the main PHP binaries.

To get the files, download the latest version of PHP 5.3.

Extract the contents of the archive to "C:\php5"

Go into C:\php5 and rename "php.ini-development" to "php.ini".

PHP BEAUTIFIER WILL NOT WORK ON ANY NEW VERSION OF PHP FROM 5.4.X and UP!

Install PEAR for Windows:

PHP_Beautifier relies on PEAR functionality.  To install pear, save this file using a browser and place it in the "C:\php5" directory.  

Start command prompt, change directory into "C:\php5", and run the phar script:

C:\
cd C:\php5
php go-pear.phar

Install everything and keep default options.

Install PHP_Beautifier:

Now, install PHP Beautifier by running the following commands:

pear install PHP_Beautifier

Integration in Geany:

For PHP Syntax Checking:

In Geany, click on "Edit" in the menu bar and choose "Preferences".

In the "General" and "Startup" tabs, under the "Paths" section, paste "C:\php5" (without the quotes) into the "Extra plugin path:" field.

For PHP Beautifier:

Start the Geany text editor program.  Open a PHP script file.

Select the code you want to format, right click on the selected text, and choose "Format" –> "Send Selection to" –> "Set Custom Commands".

For command, use the following:

php C:\\php5\\php_beautifier -s4 -l "ArrayNested() NewLines(before=T_COMMENT:for:switch:foreach:T_CLASS:function:T_CLOSE_TAG,after=T_ENDIF:T_CLOSE_TAG:T_OPEN_TAG:T_ENDSWITCH:T_ENDWHILE:T_ENDFOR:T_ENDFOREACH)"

For "Label", use "PHP Beautifier"

Hit OK.

Now, select the code you want to format, right click on the selected text, and choose "Format" –> "Send Selection to" –> and pick "PHP Beautifier".  The code should now be formatted using the options specified in the command line arguments above.

For more filter options and commandline parameters, please read this PHP_Beautifier document.

 

Turn on IPv4 Easy Bash Way

Tuesday, January 21st, 2014

Turn on IPv4 Forwarding by running this script:

cd ~/Downloads
wget -N "http://dinofly.com/files/linux/ipv4_forward.tar.gz"
tar -zxvf ipv4_forward.tar.gz
sudo bash forwarding.sh

It should work on all versions of Linux but has been tested and works perfectly on Ubuntu.

Disable BIND9 Recursive DNS Queries to Prevent UDP DDOS Flood Attacks

Sunday, January 12th, 2014

Turn Off BIND9 Recursion

By default, BIND9 is configured to allow recursive DNS queries.  This allows others to use your DNS server to query other domains on your server's behalf.  Unfortunately, recursive DNS queries can be used to amplify a UDP flood DDOS attack.  As such, for a shared web hosting environment, it is best to disable recursive DNS queries.  You can disable BIND9 recursion easily by running the following script:

cd ~/Downloads
wget -N "http://dinofly.com/files/linux/disable_bind9_recursion.tar.gz"
tar -zxvf disable_bind9_recursion.tar.gz
sudo bash disable_bind9_recursion.sh

It should work on all versions of Linux but has been tested and works perfectly on Ubuntu.  You may need to change the path used for the BIND config file. 

MySQL Dump Insert Statements Only

Saturday, September 14th, 2013

Using mysqldump to Create SQL Backups with Only Insert Statements and Ignore Existing Records

mysqldump -u USER -p PASSWORD --skip-triggers --compact --no-create-info --insert-ignore DBNAME

 

Debian & Ubuntu :: Suppress Installation Package Prompts Completely or Preconfigure Prompt Answers

Saturday, September 14th, 2013

Suppress Installation Package Prompts Completely or Preconfigure Installation Question Answers

Automating the installation of software via bash scripting on Linux can be difficult.  However, in debian and its related distributions such as Ubuntu, you can simplify the installation of packages by using a few tools.  One of these tools is called debconf-utils.  If installation packages such as MySQL or PHPMyAdmin ask configuration questions, you can provide a default set of answers without being prompted.  This is excellent for testing scripts or automating installation for users who may not know how to appropriately answer these questions.

Basically, with debconf-utils you can pre-answer these questions so that no prompts show up!

To install, run this command:

sudo apt-get install debconf-utils

To get a list of questions an installer might ask, first install the package on a test machine where you're writing the script normally.  For example, let's install phpmyadmin:

sudo apt-get install phpmyadmin

Now, to retrieve a set of questions phpmyadmin may ask, you can run this command:

sudo debconf-get-selections | grep phpmyadmin

In your bash script, you can now pre-answer certain questions by including your preconfigured answer commands before installing the package.  For example, when phpmyadmin installs, it asks for the MySQL root user password.  You can skip this prompt and define what the MySQL root password should be by using this command in your script:

echo 'phpmyadmin phpmyadmin/mysql/admin-pass password 1234' | debconf-set-selections

password defines the type and 1234 sets the password to 1234.
You can also suppress questions entirely by using the following command in front of your install command:

DEBIAN_FRONTEND=noninteractive sudo apt-get install phpmyadmin

Default configuration will be used during the installation of the phpmyadmin package, which means it may not work after being installed because some configuration options should be answered.  So, use both combinations for various packages to fit your needs!

How to Make MATE Look Like Windows XP using the Luna Theme

Sunday, April 14th, 2013

Make MATE or GNOME2 Look Like Windows XP Using the Luna Theme

If you want your Linux installation to look like the original theme used in Windows XP, you can do that! This guide will walk you through the process of easily making any MATE or GNOME2 Desktop Environment look like the Windows XP GUI. The Luna Theme can be downloaded here and installed using our simple installation script. If you already have MATE installed or are already running GNOME2, skip to the Luna Theme install instructions.

Install MATE on Ubuntu:

Run the below commands for your matching Ubuntu version in a terminal to install MATE.  To find out which version of Ubuntu you're running, use this command:

lsb_release -a

For Ubuntu 12.04:

sudo add-apt-repository "deb http://packages.mate-desktop.org/repo/ubuntu precise main"
sudo apt-get update 
sudo apt-get --yes --quiet --allow-unauthenticated install mate-archive-keyring 
sudo apt-get update
sudo apt-get install -y mate-desktop-environment

For Ubuntu 14.04:

sudo apt-add-repository ppa:ubuntu-mate-dev/ppa
sudo apt-add-repository ppa:ubuntu-mate-dev/trusty-mate
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install -y mate-desktop-environment-extras

For Ubuntu 16.04:

sudo add-apt-repository ppa:ubuntu-mate-dev/xenial-mate
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install -y mate-desktop-environment

For Other Distributions (Distros):

http://wiki.mate-desktop.org/download

Installing the Luna Theme:

Our version of the Luna theme has been converted and ported over to GTK3, so it should work with all newer flavors of Linux running MATE while still working on older Linux installs running GNOME2.To install the Luna Theme which will make Linux look like Windows XP, run the following commands. The theme files will be downloaded and saved in your Downloads directory.

cd ~/Downloads
wget -O linux_xp_luna_theme_install.tar.gz http://dinofly.com/files/linux_xp_luna_theme_install.tar.gz
mkdir Luna
tar -zxvf linux_xp_luna_theme_install.tar.gz -C Luna
cd Luna
sudo rm -rf /usr/share/themes/Luna
rm -rf ~/.themes/Luna
sudo bash install.sh

Next, Right Click on the Desktop, and choose "Change Desktop Background".  Click on the "Themes" tab.  Select "Luna".  Click on the "Background" tab.  If you want the default XP wallpaper set as your background, click on the "Add" button.   Select your "Pictures" folder.  Select "luna_background.jpg".  Click "Open".  Click on "Close" to change it. 

Now, MATE or GNOME2 looks like XP!  Enjoy!  This theme was copied from Ylmf OS 3.0.

Secure Linux Servers Using IPTables Rules and WonderShaper

Thursday, March 28th, 2013

Secure your Ubuntu Server from Flood and Other Attacks Using IPTables and WonderShaper

The following commands use IPTables to prevent common flooding and other miscellaneous malicious attacks. These commands can prevent a Linux server from lagging and spending resources on malformed packets.  Some of these attacks can cause DDoS attacks, so it is best to use these filters and rules.  Use at your own risk. A detailed explanation can be found here.

# Explanations here:
# http://www.cyberciti.biz/tips/linux-iptables-10-how-to-block-common-attack.html
sudo apt-get install iptables
sudo iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
sudo iptables -A INPUT -f -j DROP
sudo iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
sudo iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP

If you want to drop ICMP ping requests, click here.

Limiting Download and Upload Speeds / Traffic Globally in Ubuntu

Limiting download and upload speeds globally does not make a server any more secure than before.  However, it can aleviate network lag, which in my opinion ensures availability enhancing security.  In Ubuntu, it's easy to limit the max download and upload speed that can be used on an interface.  It wasn't always this easy, but thanks to a tool called wondershaper, you don't have to worry about any of the complexities.  To install, run the following command:

sudo apt-get install wondershaper  

Now, we need to tell wondershaper to start limiting our max download and upload rate on our particular interface. To see a list of interfaces, type the following command:

ifconfig

To determine what your max download and max upload speed should be, use SpeedTest to run a couple of bandwidth tests using your connection.  With your results, convert the speeds from mbps to kilobits per second.  Use this bandwidth calculator / converter to help you out.  Then, I'd subtract 20-30% of each value, as you want to leave some room between your max speed so that bandwith will still be available to other computers / nodes on the network.

Once you have your speeds, start wondershaper (modifying the example below to fit your needs):

# wondershaper [interface] [max_download_speed_kilobits] [max_upload_speed_kilobits]
sudo wondershaper eth0 8192 2764

Make a backup of the /etc/network/interfaces file:

sudo cp /etc/network/interfaces /etc/network/interfaces.bakup
sudo nano /etc/network/interfaces

To run wondershaper upon boot or startup, edit the /etc/network/interfaces file, and add the following (modify to fit your needs if neccessary):

auto lo
iface lo inet loopback
up /sbin/wondershaper eth0 8192 2764
down /sbin/wondershaper clear eth0

Make sure you change your max download and upload speed in both of the examples.  Settings will now apply when the computer boots into Linux.

Exclude LAN from Speed Limits

WonderShaper does not differentiate between LAN traffic and external traffic by default.  To prevent WonderShaper from limiting LAN network download and upload speeds, install this updated WonderShaper script:

cd ~/Downloads
wget -O wondershaper_exclude_lan.tar.gz www.dinofly.com/files/wondershaper_exclude_lan.tar.gz
tar xzvf wondershaper_exclude_lan.tar.gz
sudo cp -f wondershaper /sbin/wondershaper
sudo chmod +x /sbin/wondershaper
sudo nano /sbin/wondershaper

Find:

#Local Network
LAN_SUBNET=192.168.0.0

Change it to your LAN's main IP address.  For example, if your LAN gateway is 192.168.1.X, change it to:

#Local Network
LAN_SUBNET=192.168.1.0

Another example, if your LAN gateway is 192.168.43.X, change it to:

#Local Network
LAN_SUBNET=192.168.43.0

Save the file and reboot.

Your local area network (LAN) traffic is not filtered, but external traffic is!  Enjoy lag free connections from both the outside and inside while running any type of web server. 

Getting Realtek Audio to Play Sounds Through Both Speakers and Headphones

Monday, February 18th, 2013

Running Multiple Channels of Audio Simultaneously in Linux

In Windows, I configure my Realtek audio to play sounds through my headphones (plugged into the front panel jacks) and my speakers (plugged into the rear panel jacks) simultaneously. I noticed in Ubuntu, the default is to mute sound in the rear when a device is plugged into the front. I wanted to stop this behavior, so here's what you have to do. Some people may also be looking to mute the rear speakers when a device is plugged into the front, so I have included both configurations. Download this nifty utility to manage and configure your audio settings by running these commands.

sudo apt-get install gnome-alsamixer
alsamixer

In this application, you can adjust volume and mess with several other settings.

At the bottom of alsamixer, scroll over to the "<Auto-Mute>" option.

To play audio through both headphones and speakers, change Auto-Mute to "Disabled".

To play audio through only one device, change Auto-Mute to "Enabled".

Hope that helps!