It is basically loading your Pc with malware by using unsuspicious methods i.e search results, ad banners , scripts etc. It can corrupt te java scripts in a page and make it look as harmless as possible but once clicked on it does not take much time. Web servers are being hacked all over the world to be inserted with these and are infecting millions of computers everyday.

Most of the Malware distributors use the Internet marketing techniques like SEO to get their links listed and clicked on. Search engines are the biggest source of these infections.

Search engines need to secure their  cache and be tougher with these malicious codes.

Koobface is the name of the virus that is spreading on facebook through some corrupted applications. It prompts you to update the flash video player which downloads a file called as “flash_player.exe” file. Once that is done you are asked to download a Security management software at start up (SamSs) which then manipulates every search result and hijacks many proxies to take you to dangerous sites that will do more harm to your computer. The easiest way to remove this threat is to scan your computer with a good AntiVirus and change your Facebook password. This attack on the world’s most popular social networking site and its 120 million users comes just weeks after Facebook won an $873 million lawsuit against several people accused of hacking user accounts and spreading spam.

remove Webmin software under Linux / UNIX operating system?
Remove Webmin RPM (RHEL / Centos / Fedora )

If you have installed it via rpm, type the following command to remove the same:
# rpm -ev webmin
Uninstall Webmin Source Installation

Just run the command /etc/webmin/uninstall.sh if you’ve install it from source:
# /etc/webmin/uninstall.sh
Sample Output:

Are you sure you want to uninstall Webmin? (y/n) : y

Stopping Webmin server in /usr/local/webmin-1.330
/etc/webmin/stop: line 4: kill: (2359) – No such process
Running uninstall scripts ..
Deleted init script /etc/rc.d/init.d/webmin
Deleting /usr/local/webmin-1.330 ..
Deleting /etc/webmin ..
Done!

Solaris UNIX Remove Webmin Software

if you have installed the Solaris package, enter:
# pkgrm WSwebmin
Debian / Ubuntu Linux Remove Webmin Software

Use apt-get command to remove the same:
# apt-get –purge remove webmin
FreeBSD Remove Webmin Software

Type the following command to remove webmin under FreeBSD operating system:
# cd /usr/ports/sysutils/webmin
# make deinstall clean
OR use pkg_delete command:
# pkg_delete webmin
A Note About Firewall Configuration

You may need to update your pf or netfilter scripts to close port # 10000 which was opened for webmin.

Captcha is a visual challenge to avoid bots from gaining access to yout site . There are plenty of libraries provided for PHP. I recommend the reCAPTCHA PHP Library, which provides a simple way to place a CAPTCHA on your PHP forms. It can stop bots from abusing it. you need to use the reCAPTCHA API.
Step # 1: Get reCAPTCHA API Library

Visit reCAPTCHA website to sign up for an API key (it is free). Please note down your private and public keys.
Step # 2: Download and Install reCAPTCHA PHP

Download the reCAPTCHA library from Google code repo:
$ cd /tmp
$ wget http://recaptcha.googlecode.com/files/recaptcha-php-1.10.zip
Unzip recaptcha-php-1.10.zip, enter:
$ unzip recaptcha-php-1.10.zip
Finally, copy recaptchalib.php to the directory where your forms live. For e.g. if your contact.php is at /var/www/html, copy recaptchalib.php as follows:
$ cp /tmp/recaptcha-php-1.10/recaptchalib.php /var/www/html
Step # 3: Test It

Create a php script as follows:

<html>
<head>
<title>Sample Email Form</title>
</head>
<body>

<script>
function checkForm() {
if (document.forms.myphpform.elements['yname'].value.length == 0) {
alert(’Please enter a value for the “Name” field’);
return false;
}
if (document.forms.myphpform.elements['email'].value.length == 0) {
alert(’Please enter a value for the “Email” field’);
return false;
}
if (document.forms.myphpform.elements['message'].value.length == 0) {
alert(’Please enter a value for the “Message” field’);
return false;
}

return true;
}
</script>
<form action=”?done=1″ method=”post” name=”myphpform” onSubmit=”return checkForm()”  >
<table border=0>
<tr>
<td>Your Name:</td>
<td>
<input type=”text” name=”yname” size=”50″ maxlength=”50″ value=”" /></td>
</tr>
<tr>
<td>Your Email:</td>
<td>
<input type=”text” name=”email” size=”50″ maxlength=”50″ value=”" /></td>
</tr>
<tr>
<td>Message:</td>
<td>
<input type=”text” name=”message” size=”50″ maxlength=”50″ value=”" /></td>
</tr>
<tr>
<td>Are you a human being?</td>
<td>
<?php

@require_once(’recaptchalib.php’);
$publickey = “YOUR-PUBLIC-KEY”;
$privatekey = “YOUR-PRIVATE-KEY”;

$resp = null;
$error = null;

# are we submitting the page?
if ($_POST["submit"]) {
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);

if ($resp->is_valid) {
$to=”you@example.com”;
$subject=”Feedback from example.com”;
$body=” Message via webform:

Name: ” .$_POST["yname"] . “\n

Email: ” .$_POST["email"] . “\n

Message: ” .$_POST["message"] . “\n”;
/*  send email */
mail($to,$subject,$body);
echo ”

Email sent!

“;
exit(1);

} else {
echo “Sorry cannot send email as you’ve failed to provide correct captcha! Try again…”;
}
}
echo recaptcha_get_html($publickey, $error);
?>
<td/>
</tr>
<tr>
<td>&nbsp;</td>
<td>
<input type=”submit” name=”submit” value=”submit” /></td>
</tr>
</table>
</form>

</body>
</html>

All public IP address on the Internet is registered to ISP or an owner or a larger organization. Each IP address is recorded in the whois database. You can query this database to get owner name, phone, email address and so on the Internet using whois command line client.
Find IP Address For A Host Name

For instance to find the IP address for a ideastack.in open a command line and type in:
host ideastack.in
or
nslookup ideastack.in
Sample Outputs:

ideastack.in has address 69.162.114.73

69.162.114.73
is IPv4 address for ideastack.in hostname.
whois – Client For The Whois Directory Service

Type the following command to find out the owner of an IP address called 69.162.114.73

$ whois 69.162.114.73

Domain Whois record

Queried whois.inregistry.in with “ideastack.in”…

Domain ID:D3832221-AFIN
Domain Name:IDEASTACK.IN
Created On:14-Oct-2009 17:33:41 UTC
Last Updated On:14-Oct-2009 17:34:26 UTC
Expiration Date:14-Oct-2010 17:33:41 UTC
Sponsoring Registrar:Directi Internet Solutions Pvt. Ltd. dba PublicDomainRegistry.com (R5-AFIN)
Status:CLIENT TRANSFER PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:DI_10529592
Registrant Name:IdeaStack Support
Registrant Organization:IdeaStack Solutions Private Limited
Registrant Street1:5/A Sagar Tower Jogeshwari
Registrant Street2:
Registrant Street3:
Registrant City:mumbai
Registrant State/Province:Maharashtra
Registrant Postal Code:400102
Registrant Country:IN
Registrant Phone:+91.2226782833
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:supportisspl@gmail.com
Admin ID:DI_10529592
Admin Name:IdeaStack Support
Admin Organization:IdeaStack Solutions Private Limited
Admin Street1:5/A Sagar Tower Jogeshwari
Admin Street2:
Admin Street3:
Admin City:mumbai
Admin State/Province:Maharashtra
Admin Postal Code:400102
Admin Country:IN
Admin Phone:+91.2226782833
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:supportisspl@gmail.com
Tech ID:DI_10529592
Tech Name:IdeaStack Support
Tech Organization:IdeaStack Solutions Private Limited
Tech Street1:5/A Sagar Tower Jogeshwari
Tech Street2:
Tech Street3:
Tech City:mumbai
Tech State/Province:Maharashtra
Tech Postal Code:400102
Tech Country:IN
Tech Phone:+91.2226782833
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:supportisspl@gmail.com
Name Server:NS1.CHEAPHOSTINGPLAN.IN
Name Server:NS2.CHEAPHOSTINGPLAN.IN
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:

Network Whois record

Queried whois.arin.net with “69.162.114.73″…

OrgName:    Limestone Networks, Inc.
OrgID:      LIMES-2
Address:    400 N. St. Paul
City:       Dallas
StateProv:  TX
PostalCode: 75201
Country:    US

ReferralServer: rwhois://rwhois.limestonenetworks.com:4321

NetRange:   69.162.64.0 – 69.162.127.255
CIDR:       69.162.64.0/18
OriginAS:   AS46475
NetName:    LSN-DLLSTX-2
NetHandle:  NET-69-162-64-0-1
Parent:     NET-69-0-0-0-0
NetType:    Direct Allocation
NameServer: NS1.LIMESTONENETWORKS.COM
NameServer: NS2.LIMESTONENETWORKS.COM
NameServer: NS3.LIMESTONENETWORKS.COM
Comment:    http://www.limestonenetworks.com
RegDate:    2008-06-27
Updated:    2008-11-10

RAbuseHandle: ABUSE1804-ARIN
RAbuseName:   Abuse
RAbusePhone:  +1-214-586-0555
RAbuseEmail:  abuse@limestonenetworks.com

RNOCHandle: NOC2791-ARIN
RNOCName:   Network Operations Center
RNOCPhone:  +1-214-586-0555
RNOCEmail:  noc@limestonenetworks.com

RTechHandle: NOC2791-ARIN
RTechName:   Network Operations Center
RTechPhone:  +1-214-586-0555
RTechEmail:  noc@limestonenetworks.com

OrgAbuseHandle: ABUSE1804-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-214-586-0555
OrgAbuseEmail:  abuse@limestonenetworks.com

OrgTechHandle: NOC2791-ARIN
OrgTechName:   Network Operations Center
OrgTechPhone:  +1-214-586-0555
OrgTechEmail:  noc@limestonenetworks.com

# ARIN WHOIS database, last updated 2009-11-03 20:00

DNS records
name    class    type    data    time to live
ideastack.in    IN    MX
preference:    0
exchange:    ideastack.in
14400s    (04:00:00)
ideastack.in    IN    SOA
server:    ns1.cheaphostingplan.in
email:    shazim.gmail.com
serial:    2009102901
refresh:    86400
retry:    7200
expire:    3600000
minimum ttl:    86400
86400s    (1.00:00:00)
ideastack.in    IN    NS    ns1.cheaphostingplan.in    86400s    (1.00:00:00)
ideastack.in    IN    NS    ns2.cheaphostingplan.in    86400s    (1.00:00:00)
ideastack.in    IN    A    69.162.114.73    14400s    (04:00:00)
73.114.162.69.in-addr.arpa    IN    PTR    73-114-162-69.reverse.lstn.net    3600s    (01:00:00)
Traceroute

Tracing route to ideastack.in [69.162.114.73]…
hop     rtt     rtt     rtt           ip address     fully qualified domain name
1     0     1     4           70.84.211.97     61.d3.5446.static.theplanet.com
2     0     0     0           70.87.254.1     po101.dsr01.dllstx5.theplanet.com
3     0     0     0           70.85.127.105     po51.dsr01.dllstx3.theplanet.com
4     0     0     0           70.87.253.5     et5-1.ibr03.dllstx3.theplanet.com
5     105     2     2           157.238.225.5     xe-2-4.r01.dllstx09.us.bb.gin.ntt.net
6     0     0     0           129.250.4.41     ae-3.r21.dllstx09.us.bb.gin.ntt.net
7     0     0     0           129.250.6.30     xe-4-1.r00.dllstx11.us.bb.gin.ntt.net
8     1     2     2           157.238.224.146     d1-0-1-3-8.a10.dllstx01.us.ce.verio.net
9     1     1     1           74.63.203.18     ge3-2.bdr2.core1.dllstx2.dallas-idc.com
10     1     1     1           74.63.203.46     ge0-1.vl8.cr03-20.dllstx2.dallas-idc.com
11     0     0     0           69.162.86.114     114-86-162-69.reverse.lstn.net
12     1     1     1           69.162.114.73     73-114-162-69.reverse.lstn.net

Trace complete
Service scan
FTP – 21    220———- Welcome to Pure-FTPd [TLS] ———-
220-You are user number 1 of 50 allowed.
220-Local time is now 16:20. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
220 Logout.
SMTP – 25    Error: TimedOut
HTTP – 80    HTTP/1.1 200 OK
Date: Wed, 04 Nov 2009 13:20:53 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8b mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8
Last-Modified: Thu, 29 Oct 2009 11:08:42 GMT
ETag: “8e38c91-3860-ef21e280″
Accept-Ranges: bytes
Content-Length: 14432
Connection: close
Content-Type: text/html
POP3 – 110    +OK Hello there.
IMAP – 143    * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc.  See COPYING for distribution information.

Set security options in TCP/IP stack and virtual memory to improve security and performance of my system? How to set certain Linux parameters to prevent any kind of attack on your system.

sysctl is an interface that allows you to make changes to a running Linux kernel. With /etc/sysctl.conf you can configure various Linux networking and system settings such as:

1. Limit network-transmitted configuration for IPv4

2. Limit network-transmitted configuration for IPv6

3. Turn on execshield protection

4. Prevent against the common ’syn flood attack’

5. Turn on source IP address verification

6. Prevents a cracker from using a spoofing attack against the IP address of the server.

7. Logs several types of suspicious packets, such as spoofed packets, source-routed packets, and redirects.

sysctl command

The sysctl command is used to modify kernel parameters at runtime. /etc/sysctl.conf is a text file containing sysctl values to be read in and set by sysct at boot time. To view current values, enter:
# sysctl -a
# sysctl -A
# sysctl mib
# sysctl net.ipv4.conf.all.rp_filter
To load settings, enter:
# sysctl -p

Sample /etc/sysctl.conf

Edit /etc/sysctl.conf and update it as follows. The file is documented with comments. However, I recommend reading the official Linux kernel sysctl tuning help file (see below):

# The following is suitable for dedicated web server, mail, ftp server etc.
# ---------------------------------------
# BOOLEAN Values:
# a) 0 (zero) - disabled / no / false
# b) Non zero - enabled / yes / true
# --------------------------------------
# Controls IP packet forwarding
net.ipv4.ip_forward = 0

# Controls source route verification
net.ipv4.conf.default.rp_filter = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename
# Useful for debugging multi-threaded applications
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
#net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_synack_retries = 2

########## IPv4 networking start ##############
# Send redirects, if router, but this is just server
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0

# Accept packets with SRR option? No
net.ipv4.conf.all.accept_source_route = 0

# Accept Redirects? No, this is not router
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0

# Log packets with impossible addresses to kernel log? yes
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.secure_redirects = 0

# Ignore all ICMP ECHO and TIMESTAMP requests sent to it via broadcast/multicast
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Prevent against the common 'syn flood attack'
net.ipv4.tcp_syncookies = 1

# Enable source validation by reversed path, as specified in RFC1812
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

########## IPv6 networking start ##############
# Number of Router Solicitations to send until assuming no routers are present.
# This is host and not router
net.ipv6.conf.default.router_solicitations = 0

# Accept Router Preference in RA?
net.ipv6.conf.default.accept_ra_rtr_pref = 0

# Learn Prefix Information in Router Advertisement
net.ipv6.conf.default.accept_ra_pinfo = 0

# Setting controls whether the system will accept Hop Limit settings from a router advertisement
net.ipv6.conf.default.accept_ra_defrtr = 0

#router advertisements can cause the system to assign a global unicast address to an interface
net.ipv6.conf.default.autoconf = 0

#how many neighbor solicitations to send out per address?
net.ipv6.conf.default.dad_transmits = 0

# How many global unicast IPv6 addresses can be assigned to each interface?
net.ipv6.conf.default.max_addresses = 1

########## IPv6 networking ends ##############

#Enable ExecShield protection
kernel.exec-shield = 1
kernel.randomize_va_space = 1

# TCP and memory optimization
# increase TCP max buffer size setable using setsockopt()
#net.ipv4.tcp_rmem = 4096 87380 8388608
#net.ipv4.tcp_wmem = 4096 87380 8388608

# increase Linux auto tuning TCP buffer limits
#net.core.rmem_max = 8388608
#net.core.wmem_max = 8388608
#net.core.netdev_max_backlog = 5000
#net.ipv4.tcp_window_scaling = 1

# increase system file descriptor limit
fs.file-max = 65535

#Allow for more PIDs
kernel.pid_max = 65536

#Increase system IP port limits
net.ipv4.ip_local_port_range = 2000 65000

You can now run your own pptp VPN business from an Ideastack VPS easily. All you will need is Cent OS latest x64.

run update.

yum update

install ppp.

yum install ppp

install PPTPD.

wget http://poptop.sourceforge.net/yum/stable/rhel5/x86_64/pptpd-1.3.4-1.rhel5.1.x86_64.rpm

install this RPM.

rpm -ivh pptpd-1.3.4-1.rhel5.1.x86_64.rpm

edit the config.

nano /etc/pptpd.conf

if nano is not found type down “yum install nano” without the “”.

go all the way to the bottom of the page of pptpd.conf Find.

localip
remoteip

and take out the # that come before them. Only take out one set of # not on both sets of localip and remote ip, because there will be 2. Also change it to this.

localip 10.0.0.1

remoteip 10.0.0.10-100

( without the space in between. ) Ctrl  + X to save and exit the file now. Next, lets edit anohter config

/etc/ppp/options.pptpd

next,  uncomment the ms-dns lines (by removing the ‘#’ in front of them) So they should look like.

ms-dns 208.67.222.222
ms-dns 208.67.220.220

Ctrl  + X to save and exit the file now. Now lets create an account!

nano /etc/ppp/chap-secrets

It should look like this.

# Secrets for authentication using CHAP
# client server secret IP addresses
username * password *
username2 * password2 *

The IP address only uses the IPs that are available, you can specify a dedicated one though if you wish.

Now we must start IP forwarding. So open the file nano /etc/sysctl.conf and set ‘net.ipv4.ip_forward’ to 1.

net.ipv4.ip_forward = 1

To make the changes to sysctl.conf take effect, use the following command.

sysctl -p

Next, lets allow NAT in iptables.

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Next, we need to allow TCP port 1723 and the GRE protocol through iptables.

iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT

These rules are necessary to run traffic through your server.

iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

Now start the PPTP service, if you have not.

service pptpd start

After you’ve done everything, your VPN server should work fine!

Troubleshooting

If you can’t browse sites or site won’t load, change the MUT. To do this use nano /etc/ppp/ip-up file and just before the last line, add the following line.

/sbin/ifconfig $1 mtu 1400

Save the file and restart the pptpd service.

service pptpd restart

eth0 -j MASQUERADE

Next, we need to allow TCP port 1723 and the GRE protocol through iptables.

iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT

These rules are necessary to run traffic through your server.

iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT

Now start the PPTP service, if you have not.

service pptpd start

After you’ve done everything, your VPN server should work fine!

Cloud computing is one of the recent terminologies used to describe the use of technology to a new dimension. Cloud computing involves the use of softwares and applications that run on the Internet without having to download or install any file from the source. It underlines the huge potential of a personal computer that can now be used to perform functions that previously were incapable of.

Cloud computing has been on the block for quite some time but the term is not quite understood by everyone.

Let us elaborate this further with an example. Suppose you want to edit a picture with some tools that you do not have or the provider has exclusively.

All you need to do is upload the picture there and edit it then save it on your computer and voila!The Software/Application that you subscribe to might need some kind of a payment or it also can be free.

Happy Cloud Computing.

Virtualization

The use of a software barrier on a hardware I.e using a software to create a partition in a system and thus having the resources for two more different processes in each partition created.

This in simple language would mean that a software creates a strong but non-physical partition on a hard disk such that the operating system in one partition is not bothered in any way’s by the operating system in the other partition. The operating systems operate as if they are running on a single computer and thus use the computer resources for themselves as needed.

The main benefit of this partition is that you can run different types of operating systems or even different versions of operating systems on each partition you make. You need to understand the hardware capabilities of the system before making the partitions so as to get optimized processing and speed for each one of them.

Virtual Machines is the term given to the multiple operating systems on the computer. There are many benefits for doing so.

-Acts as a barrier and thus if one operating system gets corrupted or hacked the other operating system will still exist safely.

-One operating system can be used as a sandbox also.

-You can make the best out of the minimum resources.

-People get their own private space without any privacy issues.

-The hardware is used to its maximum benefit and it saves cost of both the client and the host..

VPS accounts are mostly hosted on Virtual Machines and hence the client can control almost 99% of the aspects of his hosting space.

When customers purchase a shared account they share the same ip  address with the rest of the users in the slot. When you purchase a dedicated account you have your own unique ip address.

Advantages of a dedicated IP:

-Google is said to rate dedicated ip’s more than shared ones.

-Your protection is increased as your account has its own private space and cannot be attacked easily.

-dealing with credit cards and secure information on a website will require you an SSL certificate to ensure all data is encrypted and safe.This procedure requires you to have a dedicated server as they are more trusted. You cannot install a SSL certificate without a dedicated server.

-You can view your website using your domain name or the IP address.

-Issues on other ip’s of a shared account can cause trouble for your account.In dedicated servers no such issue arises.

We offer dedicated servers for both Reseller and Vps accounts.We have great values and plans to ensure that the account you make is safe and fail-proof.We care for your data and the success of your business.

idaestack.in