Linux System Admins Blog

I noticed lots of email being relayed on one of our shared hosting server, CentOS5 with Cpanel and running Exim, and the strange thing is that the email server (MX) for these accounts are pointing to Google (GoogleApps), and we have correct entries for localdomains and remotedomains for these account. The relayers (‘From’ server/address) [...]

[Read more →]

Absolute Path Error:
cvs [checkout aborted]: absolute pathnames invalid for server (specified `/path/drupalsite/’)
Ok, I got the error above when I performed Drupal CVS update on our Debian server (newly installed CVS 1.12.13). The same command works on other server with older CVS installation. The issue is the reference to local cvs directory [...]

[Read more →]

The whole hidden IFRAME vulnerability has been going on for some time, only a few of our client have been effected by this. The net is still buzzing with this issue and while some are saying that the injection are results of php insecurities, mysql injection or cross site scripting, while others point to key [...]

[Read more →]

After a long development time, Centos 4.8 was finally released on the 21st August. This is a good thing that after the latest problems between the centos developers, they were able to pull this out finally and now be able to focus on the upcoming 5.4 release.
There are no major changes in this update, mostly [...]

[Read more →]

Are you often waiting over 1 minute to get a ssh prompt? This can be caused by several things however more often then not is a missing PTR record for server address and enabled GSSAPIAuthentication in ssh_config. GSSAPIAuthentiction is Kerberos 5 centralized authentication/authorization mechanism that relies on resolving a hostname for proper operation, when it [...]

[Read more →]

TrueCrypt is an open source encryption application, it has an ability to create hidden encrypted containers and file systems/volumes, it is portable and cross platform compatible. It allows to use cascading cyphers and encrypts/decrypts files on the fly. Be sure to read the FAQ and documentation before fully committing your files to TrueCrypt.
- install via [...]

[Read more →]

A month ago one of our customers complained on lots of spam comments appearing on his Wordpress site. There’s no development changes, including updates, to that site since it was launched and it runs on WP version 2.3.3. We managed the issue by activating the Akismet plugin and upgrading the Wordpress to latest [...]

[Read more →]

Ran into an issue today where a php created file was unreadable by other users or services that run under a different user. Since this is a software originated issue the sysadmin would love for the developer to change the code to include the chmod() php function to set permission to 644 after [...]

[Read more →]

This is the second time that CSF on our Cpanel server is not detecting POP3 login failures from a dictionary attack. The IP address was added on the ip deny list but still it was able to attempt to login on POP3. We have our LF_POP3D set to 20 and LF_POP3D_PERM to 1 [...]

[Read more →]

In the day and age of high definition many are upgrading their video recording gear to the latest harddrive or flash based hi def video cameras. Unlike auto dealerships consumer electronics retailers don’t offer trade in options for your old stuff.  In the green / renewable mindset we can put these no longer used video [...]

[Read more →]