Mar 3 22:28:11 precisiondesigns courier-pop3s: couriertls: /usr/share/pop3d.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line
http://kb.sp.parallels.com/en/122785
Author: The Geek Decoder
http://dev.mysql.com/doc/refman/5.0/en/how-to-avoid-table-scan.html
http://dev.mysql.com/doc/refman/5.0/en/explain.html
http://www.percona.com/blog/2014/03/14/tools-and-tips-for-analysis-of-mysqls-slow-query-log/
Rootkit Hunter (rkhunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. Rootkits are self-hiding toolkits secretly installed by a malicious intruder to allow that user to gain access to the server. Rootkit Hunter offers protection by comparing SHA-1 hashes of important files with known good ones in a online database as well as:
MD5 hash compare
Look for default files used by rootkits
Wrong file permissions for binaries
Look for suspected strings in LKM and KLD modules
Look for hidden files
Optional scan within plaintext and binary files
yum install rkhunter
Check the version
# rkhunter --versioncheck Rootkit Hunter version 1.4.2 Checking rkhunter version... This version : 1.4.2 Latest version: 1.4.2
Manual Scan
# rkhunter -c
Or,
# rkhunter -c -l /var/log/rkhunter.log
Automate Rootkit Hunter
Rkhunter can be setup to run checks every day so that we always have up-to-date information about intrusions. This can be accomplished by creating a cronjob.
2.1 Create Cron File
Create the run-file in the following location (RHEL based distributions only):
#nano -w /etc/cron.daily/rkhunter.sh
Install into shell script
#!/bin/sh ( /usr/bin/rkhunter --versioncheck /usr/bin/rkhunter --update /usr/bin/rkhunter --cronjob --report-warnings-only ) | /bin/mail -s 'rkhunter Daily Scan Report (ServerNameHere)' your@email.here
Set Execute Permissions
Set execute permission on the file you have just created:
# chmod 755 /etc/cron.daily/rkhunter.sh
The cron utility will run once daily, and if a threat is detected, the rkhunter command itself will email our user to alert them. If no problems were found, no email will be received.
Rootkit Hunter configuration
The configuration file for rkhunter can be found at:
# /etc/rkhunter.conf
SSHD Root Logon
The parameter ALLOW_SSH_ROOT_USER tells rkhunter whether or not the root user is allowed to ssh into the system. This is unset by default in the rkhunter.conf file. Rkhunter will complain about this on every run. If you have disabled root login, you should set this parameter to “no”.
ALLOW_SSH_ROOT_USER=no
If you need root login over SSH, you should change this parameter to “yes” so that rkhunter can check this and will mark this setting as valid:
ALLOW_SSH_ROOT_USER=yes
Security practices recommend disabling root login.
Update rkhunter
To check the currently installed version enter the following:
# rkhunter --versioncheck
Run the updater by issuing the following command:
# rkhunter --update
With our database files refreshed, we need to tell rkhunter to check the current values and store them as known-good values:
# rkhunter --propupd
There is a nice tool like Percona’s ‘pt-query-digest’ tool at http://www.percona.com/doc/percona-toolkit/2.2/pt-query-digest.html, which will automatically parse the slow_query_log and analyze it for the slowest queries.
you run the command
pt-query-digest slowquerylog.txt
Wich should output a summary and a list of the longest-to-execute queries.
Usage:
With files:
$ stat -c "%a %n" ./Documents/test.html
664 ./Documents/Udev.html
With folders:
$ stat -c "%a %n" ./Documents/
755 ./Documents/
Running a script on WHM server
Fatal error: Uncaught exception 'RuntimeException' with message 'cURL returned with the following error code: "1"'
Add curl SSL support in WHM or curl
sudo nano /etc/network/interfaces
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback auto eth0 iface eth0 inet static address ipAddress netmask 255.255.255.0 gateway gatewayIP dns-nameservers 69.64.66.11 69.64.66.10
Once you have entered the values correctly, press Ctrl+Enter to save it with the current filename, then press Ctrl+X to exit the editor.
Provided you entered your values correctly, verify the new settings by retyping the cat command:
cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 123.45.67.89 netmask 255.255.255.0 gateway 123.45.67.1 dns-nameservers 8.8.8.8 8.8.4.4
Apply setting to Interface
After you have determined the values entered are correct, restart networking with the following command:
sudo service networking restart stop: Unknown instance: networking stop/waiting administrator@ubuntu:~#
Verify it works
To verify the resolvers are working, simply ping a known domain.
ping google.com PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_req=1 ttl=45 time=42.1 ms 64 bytes from 8.8.8.8: icmp_req=2 ttl=45 time=42.2 ms 64 bytes from 8.8.8.8: icmp_req=3 ttl=45 time=42.0 ms
Create an index to a mysql table. Say there is a product_id column:
CREATE UNIQUE INDEX product_id on table_name (product_id);
Add to existing table
mysql> alter table tablename add index product_id on product_id;
Checking the log shows:
# [ERROR] /usr/libexec/mysqld: Sort aborted
Check the processlist on a plesk server:
# mysqladmin -u admin -p`cat /etc/psa/.psa.shadow` processlist
+---------+----------------+----------------------+----------------+---------+------+-------+------------------+ | Id | User | Host | db | Command | Time | State | Info | +---------+----------------+----------------------+----------------+---------+------+-------+------------------+ | 1926335 | user | 108.xx.xx.xxx:17599 | databasename | Update | 0 | Locked| select * from..' | | | | | | | 0 | | | +---------+----------------+----------------------+----------------+---------+------+-------+------------------+
Kill the process:
# mysqladmin -u admin -p`cat /etc/psa/.psa.shadow` kill [thread_id]
Create an index on the table
Error in plesk postfix email logs:
Notice: Error: EHLO not accepted from server! in /var/www/vhosts/domain.com/httpdocs/system/library/mail.php on line 237
Check postfix main and comment out non_smtpd_milters:
smtpd_milters = , inet:127.0.0.1:12768 #non_smtpd_milters = , inet:127.0.0.1:12768
Restart postfix:
# service postfix restart Shutting down postfix: [ OK ] Starting postfix: [ OK ]