Is there a way to exploit openssl? someone came to me asking me for a job on hostparlor.com and i said no. They then uploaded a remote view script to exploit perl and gain access. I patched that. Then he again said that he can exploit through openssl. I thaught open ssl was security itself? He then told me that he can gain access through php sites to root? Is that possible? We have phpsafemode set to off because we run whmcs and it requires it to be off. He said he can hack us through that aswell. Is this guy just bluffing or can this seriously be done? Like i said this is why i have 2 server admins...
i would be interested in knowing like what would you prefer for your dedicated server? i.e Behind a firewall or on public network. Can anyone experienced provide pros and cons on this one?
I bought two Dell R200 because they was extremely cheap.
My target is Open Source SAN with active/passive setup.
Now i was wondering what RAID-level I should go for.
I will use 1TB SATA-II disks.
1) RAID-1 in both servers and mirror each other with DRBD. With this setup i have like double RAID-1 so i lose lots of disk space. 4 disks -> 1TB
2) No-raid at all and i will mirror data with DRBD. 4 disks -> 2TB
Then there is change to go for RAID-5. Theres enough space to put third disk in that case
3) RAID-5 in both servers. Mirrors data with DRBD. 6 disks -> 2TB but more performance.
But in every setup i lose space more then i would like to.
Actually i dont need space more then 1TB, but i would like to get best possible redundancy and most space available i could.
Also need to remember that those servers does not support hot-plug HDs so in case there is disk-failure i need to be able to shutdown one server and iSCSI should still be up and running.
Of course theres change to make it active/active.
I was thinking that if I go for the RAID-5 I will make LVM-VG on both nodes (san-vg1 and san-vg2) and use it 50/50.
In case of fail both VG's will be used from working node.
Im going to use Debian Lenny I guess..
I was looking for OpenFiler because of the GUI, but im familiar with Debian and have always done everything from cmd.
i have a linux machine with centos5 64 bit. I have a firewall and would like to know how to open and close ports? I have tried several different things and cant seem to open a port?
Is there a command line i can use in ssh to open a port? Or is there something i can addon to cpanel to control ports?
i have to get rid of an open relay state on my server, and i cant do it! i have antirelayd on my WHM but it seems its not working, any idea? please or at least wich line in /scripts/antirelayd i have to check to see if its everything ok.
i saw an older post, tried everything but nothing works x_X
I created a (dv) account with Media Temple and my starting domain name becomes my name servers... Now they setup on there DNS server a reverse lookup for mydomain.com, but not for any of the domain names which go under it.
They won't setup a reverse lookup for any of your sub domains, unless they have a dedicated IP address, which costs $1.00 per month per IP address.
So what this means is say one of your sub-domains sends an email to myclient.com and it so happens that myclient.com like many other domains does a reverse lookup on incoming emails to verify its not spam, but since the reverse lookup doesn't exist, your sub domain gets an error message saying the email can't be delivered.
Basically mysql is behaving very very intermittently. Crashes were every 4 hours, I've brought them down to once every 8 or so hours but mysql keeps dying.
the error log will show the same routine each time.
on mysql start:
Quote:
091101 21:58:03 [Warning] option 'open_files_limit': unsigned value 120000 adjusted to 65535 091101 21:58:03 [Warning] Could not increase number of max_open_files to more than 65535 (request: 200110) 091101 21:58:03 [Note] /usr/sbin/mysqld: ready for connections.
Then we'll see errors due to crashed databases:
Quote:
091102 0:33:07 [ERROR] /usr/sbin/mysqld: Incorrect information in file: './<nameofdatabase.frm>'
following this a heap of:
Quote:
091102 0:36:35 [ERROR] /usr/sbin/mysqld: Can't open file: '>another database here.frm> 091102 0:36:36 [ERROR] /usr/sbin/mysqld: Sort aborted 091102 0:36:52 [ERROR] /usr/sbin/mysqld: Sort aborted 091102 0:43:00 [ERROR] Error in accept: Too many open files
I got a msg from the server that a port 444 is open in my server, how could i know what the bindshell ports open in my server and how to close it please ?
Code: Checking `bindshell'... INFECTED (PORTS: 444) i use cpanel/csf firewall
directoin of recources about opening a web host company. and i dont mean reseller i mean like buying your own computers and everything. this is for the future i am going to start with a reseller program.
I followed a combination of this tutorial:[URL]and this tutorial [URL] (I had to use a combination since following each individually brought up errors along the way).
Anyhow, installing OpenVPN was a breeze but I think I am getting hung up on the configuration part. Basically after generating all of the certificate files and stuff, when i try to "service openvpn start" i just get the message "FAILED".
Where do I look to see what the reason for the failed start could be?
I ran my mail server through an SMTP diagnostic tool at:
And the one warning it gave was "WARNING! Your server could be an open relay."
This was for an out-of-the-box cpanel/exim configuration on a dedicated server. Can someone help me understand how this warning is detected/tested for, and what I can do to resolve it? My understanding was that cpanel will not set up an open relay by default?
if anyone replaces a commercial program with their own open source as for eg what Friendster did. For Netscaler, any open source development that are close are similar to it?
A potential client asked us the followingo you allow PHP to open sockets on your server? If yes, is there any restriction on the amount of data that can be downloaded?
Will we be able to access and load our remote webpage using PHP? We will use sockets and a Pear library to accomplish this.
We are basically planning on using some content from our remote site on the new site which will be hosted on your servers. Kindly reply back at the earliest.
I am managing a server and just learning how to do everything. It is a linux server running WHM/Cpanel. I need web scripts on this server to be able to connect to external SMTP servers. Therefore I need to open up port 25 (if it is not already).
How do I open ports on my server? Hopefully by using WHM/Cpanel (I am not too familiar with using the command line).
I have used a tool called Net Tools to scan ports on my various servers to determine ports are open in the firewall through my host.
For around a decade, this tool has been accurate to determine what ports are open/closed.
I have used this tool to accurately find issues with the firewall with current host (dedicated server). The network admin says that net tools should not be trusted and even though the software claims the ports are open, they are not open.
I explained that less than a month ago, this software reflected that these ports should closed were reflected accurately as closed by scanning the ports.
Partial results:
Code: Address Scanned: xx.xx.xx.xx
Scan Started at 10/27/2007 2:08:00 PM Scan Finished at 10/27/2007 2:18:03 PM
Ports Scanned: 1 To 4000
Total Ports Found Open: 3794
Current Ports Found Open: Port: 00004 Port: 00005 Port: 00009 Port: 00026 Port: 00044 Port: 00076 Port: 00083 Port: 00088 ... What are the ABSOLUTE best tools/ways that I can confirm that the ports are truly not accessible?
I have a VPS running CentOS 4.4 which I have just been securing. It is running apache on port 80, BIND on port 53 and ssh on an atypical port. However, when I do a portscan with nmap I find that port 5190/tcp is open. There is no daemon listening on the port (I think it is for AIM?) and in any case iptables should refuse any connection on this port. Should I worry about this or is the port pretty safe to leave open?
I want to develop a desktop-based application for content management for a customer. The problem is that every host I have found has a firewall that blocks any server except the web server from accessing the database.
On a programmatic level does anyone know of a way around this or, even better, a GOOD host that will allow me to do this?
What are the real risks involved with direct database access? I'm looking for relatively cheap shared hosting and likely cannot afford dedicated hosting.
