.: 2010

Types of DNS Records

A DNS server is configured with a "zone file" for each domain that contains "resource records." There are several types of records, and the most common are described below.

DNS and Reverse DNS (A and PTR)
The Address (A) record associates a domain name with an IP address, which is the primary purpose of the DNS system. The Pointer (PTR) record provides data for reverse DNS, which is used for logging the domain name and verification purposes. Also called "inverse DNS," the PTR record is an option.

Aliasing Names (CNAME)
The Canonical Name (CNAME) record is used to create aliases that point to other names. It is commonly used to map WWW, FTP and MAIL subdomains to a domain name; for example, a CNAME record can associate the subdomain FTP.COMPUTERLANGUAGE.COM with COMPUTERLANGUAGE.COM.

DNS Name Servers (NS)
The Name Server (NS) record identifies the authoritative DNS servers for a domain. A second name server is required for redundancy, and two NS records must be in the zone file (one for the primary; one for the secondary). The secondary server queries the primary server for changes.

Mail Servers (MX)
The Mail Exchange (MX) record identifies the server to which e-mail is directed. It also contains a priority field so that mail can be directed to multiple servers in a prescribed order.

Text Record (TXT)
A TXT record can be used for any kind of documentation. It is also used to provide information to the SPF e-mail authentication system.

First Record in File (SOA)
Start of Authority (SOA) is the first record in the zone file. It contains the name of the primary DNS server, which must correspond to an NS record in the file, the administrator's e-mail address and the length of time records can be cached before going back to the authoritative DNS server.

The SOA also includes data for the secondary DNS server such as the date of last update (the "Serial Number") and time intervals for checking the domain.

COMMON ZONE FILE RECORDS

SOA Start of Authority. Defines the zone name, an e-mail contact and various time and refresh values applicable to the zone.

A IPv4 Address subdomain 32-bit IP
A6 IPv6 Address subdomain 128-bit IP
AAAA** IPv6 Address subdomain 128-bit IP

PTR Pointer IP address subdomain

CNAME Canonical alias name actual name

NS Name Server domain DNS server

MX Mail Exchange mail mail server

TXT Text (up to 255 characters of text)

** = First IPv6 A record, switched to A6

SPF Its primary function is to prevent identity theft by spammers.

N.B. You create an SPF policy, which can be stored in an SPF record and/or in a TXT record.

Contact Me

My Dream

ONE THIRD OF THE EARTH BECKONS. Whether it's the 2008 H2 SUV or H2 Sports Utility Truck (SUT), owning a HUMMER affords you the ultimate freedom to go just about anywhere and do just about anything. Featuring a luxurious new interior and a more powerful 6.2L V8 engine, the H2 strikes the perfect balance between off-road comfort and on-road capability

New, more powerful 6.2L V8 engine and 6-speed Hydra-Matic automatic transmission

2-speed electronically controlled, full-time 4WD and state-of-the-art traction control system (TCS)

All-new, redesigned, luxury interior featuring premium, fine leather-appointed seating, a new instrument panel, new door trim levels, new DVD system and more

Immensely strong frame and robust suspension system with full undercarriage protection and rocker panels

Panic Brake Assist optimizes braking pressure in emergency situations

About me

I am a Linux Administrator enjoy myself when on work as I learn new things daily. Learning new technologies......

Block IP and IP ranges on Windows server

If you dont have control over a router or firewall you can block IP's at the server via Windows.

Click 'Start' > 'Run' >type 'MMC' press ok.

In the console click > 'File' > 'Add/Remove Snap in'

In the 'Standalone Tab' click The 'add' button

Seclect 'IP Security Policy Managment' > 'ADD' > 'Local Computer' > 'finish' > 'close' > 'ok'

You should now be back to the console.

In the left frame right click 'IP security policies on local computer' > 'Create IP security policy'

Click Next and then name your policy 'Block IP' and type a description.

Click 'Next' then leave 'activate' ticked then click 'Next'

leave the 'edit properties ticked and click 'Finish'

You should now have the properties window open.

Click 'ADD' then click 'Next' to continue.

Leave 'This rule does not specify a tunnel' selected and click 'next'

Leave 'all network connections' selected and click 'next'

You should now be on the IP filter list. You need to create a new filter, so dont select any of the default ones. Click 'ADD'

Type a Name for your list, call it 'IP block list'
Type a description in, can be same as name.
Click 'ADD' then click 'Next' to continue.

In the description box type a description. As its the first IP you are blocking call it 'IP1' or 'IP Range 1'
Leave ticked the 'Mirrored. Match packets with the exact opposite source and destination addresses'
Click 'Next'

The 'Source address' should be left as 'My IP address' click 'Next'

You can now select 'A Specific IP address' or 'A Specific Subnet' for the Destination address.
Type in the IP address you want to block and if blocking a subnet type in the subnet block. Click 'next'

Leave the protocol type as 'Any' and click 'Next' and then 'Finish'

You have now blocked your first IP or IP range.

Cpanel /scripts folder with explanation of every script.

Cpanel /scripts folder with explanation of every script.

Here it is:

adddns - Adds a DNS zone.
addfpmail - Add frontpage mail extensions to all domains without them.
addfpmail2 -Add frontpage mail extensions to all domains without them.
addnetmaskips - Add the netmask 255.255.255.0 to all IPs that have no netmask.
addnobodygrp - Adds the group nobody and activates security.
addpop - Add a Pop Account.
addservlets - Add JSP support to an account (requires tomcat).
addstatus - (Internal use never called by user).
adduser - Add a user to the system.
admin - Run WHM Lite.
apachelimits - Add rlimits to Apache
betaexim - Installs the latest version of exim.
biglogcheck - looks for logs nearing 2 gigabytes in size
bsdcryptoinstall - Installs crypto on FreeBSD.
bsdldconfig - Configures the proper lib directories in FreeBSD.
bsdpkgpingtest - Tests the connection speed for downloading FreeBSD packages.
buildbsdexpect - Install expect on FreeBSD.
buildeximconf - Rebuilds exim.conf.
buildpostgrebsd-dev - Installs postgresql on FreeBSD.
checkbadconf - Checks /usr/local/apache/conf/httpd.conf for bad users.
checkbsdgroups - Checks and repairs proftpd ownership on FreeBSD.
checkccompiler - Checks to make sure the C compiler works on your system.
checkfpkey - Checks for the FrontPage suid key
checkgd - Checks to see if GD is built.
checkinterchange - (Internal use).
checklibssl - Checks to make sure the proper libssl symlinks exist.
checkmaxclients - Checks to see if apache has reached the maximum clients allowed.
checkoldperl - Checks to see if the version of Perl on your system is old.
checkrsync - Checks to make sure rsync is up to date.
checksuexecpatch - Checks to see if mailman has been patched for suexec.
checksuspendpages - Checks to see if suspend pages are properly named.
checkup2date - Makes sure up2date is set up properly (RedHat)
checkyum - Makes sure yum is set up properly.
chkpaths - Makes sure /usr/sbin/chown has a symlink to /bin/chown
chownpublichtmls - Change ownership of all users web space to them, which is useful for converting to suexec. Files owned by nobody are deleted.
chpass - Change password.
ckillall - Allows you to kill a process (used like killall).
ckillall2 - Allows you to kill a process.
cleanbw - Cleans up old bandwidth logs.
cleandns8 - Clean up named.conf.
cleangd - Cleans up old GD installs and reinstalls GD
cleanmd5 - Fix CPAN md5 problems.
cleanmsglog - cleans exim’s msglog
cleanupmysqlprivs - Cleans up improper mySQL privileges.
compilers - Disables the usage of compilers for unprivileged users.
convert2maildir - Converts mail from mbox to maildir format and installs courier impap and pop (cpimap is removed).
courierup - Updates/Installs Courier
cpbackup - Runs backups.
distupgrade - Upgrades RedHat to the newest version (for testing only)
dnscluster - Enables DNS clustering.
dnsqueuecron - Adds a cron job to dump the DNS queue.
dnstransfer - Only if the server has a DNS master (sync with DNS master).
downgradefp - Downgrades FrontPage Extensions (to 5.0-0)
dropmysqldb - Drops a mySQL database.
easyapache - Upgrade Apache
editquota - Change a users quota.
enablechkservdwebmail - Enable service checking of webmaild.
enablefileprotect - Protects home directories if file protection is built in apache.
ensurepkg - Installs a FreeBSD package.
ensurerpm - Installs a rpm.
exim3 - Installs exim 3.
exim4 - Installs exim 4.
exim4-rh73test - Installs exim release #260. (RedHat only)
eximcron - Creates a cron job for exim_tidy_db.
eximlocalsend - Enables/Disables exim local sending.
exim_tidydb - Cleans the exim message log.
eximup - Installs/Updates exim.
fetchgd - Includes libg.so.
findhacks - Search for common Trojan Horses.
findoddrootprocesses - Lists root processes that may need to be checked out.
findphpversion - Check to see if your php version file is up to date.
findtrojans - Exhaustive Trojan Horse search.

Fix
fixallcartswithsuexec - Fixes permissions on carts when using suexec.
fixallinterchangeperm - Fixes permissions on all users’ Interchange Shopping Carts.
fixbinpath - Makes sure all bin file paths are correct.
fixbuggynamed - Updates bind to solve any problems with bugs.
fixcommonproblems - Attempt to fix the most common problems.
fixetchosts - Fixes problems with /etc/hosts
fixeverything - Fix common problems and quotas.
fixfpwml - Fix for .wml errors with frontpage.
fixheaders - Run if nothing compiles errors with .h files on compile.
fixinterchange - Reinstall interchange Perl modules.
fixinterchangeperm - fix permissions on a user’s interchange cart.
fixipsnm - Same as addnetmask ips, but Perl though.
fixlibnet - Reinstall Bundle::libnet (Perl).
fixlocalhostwithphp - Change /etc/hosts to work better with PHP 4.2.0 + MySQL.
fixmailman - Updates and restarts mailman.
fixmuse - Reinstalls muse.
fixmysql - Fixes problems with mySQL.
fixmysqlbsd - Fixes problesm with mySQL on FreeBSD.
fixnamed - Updates bind to handle many DNS zones (more than 512).
fixndc - Repair redhat’s broken named.conf on 7.2.
fixoldlistswithsuexec - Run after enabling suexec on the server to change the URLs that Mailman gives out to ones that don’t give a 500 internal server error.
fixperl - Symlink /usr/local/bin/perl /usr/bin/perl.
fixperlscript - Makes sure a perlscript includes all corresponding modules.
fixpop - Fix a POP account and reset password.
fixproftpdconf - Fixes problems with /usr/local/etc/proftpd.conf
fixproftpddupes - Updates proftpd.
fixquotas - Fix quotas.
fixrndc - Fixes named.conf to prevent rndc staus failed.
fixspamassassinfailedupdate - Reinstalls a failed spamassassin update.
fixsubdomainlogs - Run if subdomain logs don’t show up in cPanel.
fixsuexeccgiscripts - Fix CGI scripts that are broken after suexec installed.
fixvaliases - Fix permisions on valiases.
fixwebalizer - Repair a Webalizer that has stopped updating.
fp3 - Updates the fpexe3 patch.
fpanonuserpatch - Updates FrontPage extensions to include the anonymous user patch.

ftpcheck - Checks for FTPSSL.
ftpquaotacheck - Runs quota checking for all ftp users.
ftpup - Updates your ftp server.
fullhordereset - Resets Horde and displays the current Horde password.
futexfix - Fixes problesm with futex.
futexstartup - Starts futex.
gcc3 - Installs gcc-3.3.3

gencrt - Generate a .crt and .csr file.
grpck - Checks to see if grpck is working properly.
hdparmify - Enable dma/irq/32bit HD access, which speeds up IDE drives.
hdparmon - Turns on hdparm.
initacls - Mounts your file systems with ACL support (make sure your kernel supports ACLs)
initfpsuexec - Enable FrontPage suexec support.
initquotas - Turn on quota support on new drives.
initsslhttpd - Make sure HTTP starts with SSL.
initsuexec - Turn on suexec support if suexec is installed.

Install

installcgipm - Installs CGI.pm
installdbi - Install Bundle::DBD::mysql.
installfpfreebsd - Installs FrontPage 5 Extensions on FreeBSD.
installfpgentoo - Installs FrontPage on Gentoo.
installgd - Builds GD.
installpkg - Installs a FreeBSD package.
installpostgres - Installs PostrgeSQL.
installrpm - Installs a rpm.
installspam - Install SpamAssassin.
installssl - Add a SSL vhost.
installzendopt - Install zend optimzer.
installzendopt-freebsd - Install zend optimizer on a freebsd machine.

isdedicatedip - Checks an ip to see if it is dedicated.

Kill
killacct - Delete an account.
killbadrpms - Security script that kills insecure RPMs from the server.
killdns - Delete a DNS zone.
killdrrootvhost - Removes the document root for a virtual host.
killndbm - Remove the broken NDBM_File module from 7.2.
killpvhost - Removes a virtual host from proftpd.conf.
killspamkeys - Removes a spam key.
killsslvhost - Removes a SSL entry for a virtual host.
killvhost - Delete a vhost.

listcheck - Checks mailing lists for issues.
listproblems - Lists common problems.
listsubdomains - List subdomains.
mailperm - Fix almost any mail permission problem.
mailscannerupdate - Updates MailScanner
mailtroubleshoot - Guided mail fix.
makecpphp - Installs php.
makesecondary - Part of DNS transfer.
manualupcp - Updates cPanel manually.
md5crypt - Encrypts a password into MD5.
mseclocal - Sets up Mandrake’s msec to allow exim to run as mailnull.
mysqladduserdb - Create a MySQL databse and user.
mysqlconnectioncheck - Attempts to connect to MySQL, restarts SQL if necessary.
mysqldeluserdb - Delete a MySQL database and user.
mysqlpasswd - Change MySQL password.
mysqlrpmpingtest - Checks your connection speed for downloading mySQL rpms.
mysqlup - Updates mySQL.
ndbmcheck - Checks to see if the nbdm module is loaded (kills in RedHat 7.2)
netftpsslpatch - Patches FTPSSL.pm.
newexim - Installs the latest version of exim.
nofsck - Make fsck always use -y
nomodattach - Removes mod_attach from httpd.conf.
nomodauthmysql -Removes mod_auth_mysql from httpd.conf.
nomodbwprotect - Removes mod_bwportect from httpd.conf.
nomodgzipconfmods - Removes mod_gzip from httpd.conf.
nomodperl - Removes mod_perl from httpd.conf.
oldaddoncgi2xaddon - Updates old addons to X addons.
park - Parks a domain.
patcheximconf - Fixes exim.conf.
perlinstaller - Installs perl.
phpini - Create a php.ini file.
pingtest - Checks your download time from cPanel mirrors.
pkgaccount-ala - backs up an Alab*nza account for transfer.
pkgacct-ciXost - backs up a ci*ost account for transfer.
pkgacct-dXm - backs up a d*m account for transfer.
pkgacct-enXim - backs up an en*im account for transfer.
pkgacct-pXa - backs up a p*a account for transfer.
proftpd128 - Installs proftpd-1.2.8.
ptycheck - Fixes permissoins on /dev/ptmx.
pwck -Verifies the integrity of system authentication information.
quickkernel - Updates your kernel.
quicksecure - Quickly kill useless services.

Rebuild /Reinstall
rebuildcpanelsslcrt - Rebuilds the cPanel SSL Certificate.
rebuildcpusers - Rebuilds /var/cpanel/users.
rebuildetcpasswd - Rebuilds /etc/passwd.
rebuildeximbsd - Rebuilds exim on FreeBSD.
rebuildhttpdconffromproftpd - Rebuild httpd.conf from the proftpd.conf file.
rebuildinterchangecfg - Used after moving a domain with Interchange to the server.
rebuildnamedconf - Restore named.conf from files in /var/named.
rebuildproftpd - Restore proftpd.conf from httpd.conf.
reinstallmailman - Reinstalls mailman.

relocatevartousr - Relocates files from /var to /usr in case of disk space issues.
remdefssl - Remove default SSL vhost.
reseteximtodefaults - Resets exim’s default settings.
resetimappasswds - Resets all imap passwords.
resetquotas - Change quotas to what they should be .

Restart
restartsrv - Restart a service.
restartsrv_apache - Restart apache.
restartsrv_bind - Restart bind.
restartsrv_clamd - Restart clamd.
restartsrv_courier - Restart courier imap.
restartsrv_cppop - Restart cppop.
restartsrv_entropychat - Restart entropy chat.
restartsrv_exim - Restart exim.
restartsrv_eximstats - Restart exim statistics.
restartsrv_ftpserver - Restart your ftp server.
restartsrv_httpd - Restart httpd.
restartsrv_imap - Restart impad.
restartsrv_inetd - Restart inetd.
restartsrv_interchange - Restart Interchange Shopping Cart.
restartsrv_melange - Restart melange chat.
restartsrv_mysql - Restart mysqld.
restartsrv_named - Restart named.
restartsrv_postgres - Restart postgresql.
restartsrv_postgresql - Restart postgresql.
restartsrv_proftpd - Restart proftpd.
restartsrv_pureftpd - Restart pure-ftpd.
restartsrv_spamd - Restart spamd.
restartsrv_sshd - Restart sshd.
restartsrv_syslogd - Restart syslogd.
restartsrv_tomcat - Restart tomcat.
restartsrv_xinetd - Restart xinetd.

restoremail - Restores a user’s mail.
reswhostmgr - Restart whostmgr.
rpmup - Upgrade redhat/mandrake errata/security.
rrdtoolinstall - Installs RRD Tool.
runstatsonce - Runs statistics (should be used from the crontab).
runweblogs - Run analog/webalizer/etc. for a user.
safeperlinstaller - Installs perl safely.
safeup2date - Runs up2date safely.
safeyum - Runs yum safely.
secureit - Remove unnecessary suid binaries.
securemysql - Attempts to secure the MySQL configuration.
securetmp - Adds securetmp to system startup.
setupfp - Install FrontPage 3 on an account.
setupfp4 - Install FrontPage 4 (2000) installer on an account.
setupfp5 - Install FrontPage 5 (2002) installer on an account.
setupfp5.nosueuxec - Install FrontPage 5 (2002) installer on an account when not using suexec.
showexelist - Shows exe processes.
simpleps - Display the process list.
smartcheck - Checks hard drive integrity.
smtpmailgdionly - Enables SMTP Mail Protection.
spamboxdisable - Disables SpamAssassin’s spambox delivery for all accounts.
suspendacct - Suspends an account.
sysup - update cPanel RPMs.
unlimitnamed - Installs the latest version of bind patched to support greater than 512 ips on the server.
unblockip - Unblocks an IP blocked by portsentry.
unsetupfp4 - Removes FrontPage 4 or 5 from an account.
unslavenamedconf - If the user accidentally sets a DNS master as local server, this will repair named.conf after the loop.
unsuspendacct - Unsuspends an account.
upcp - Updates cPanel.
updated - Updates /scripts.
updatefrontpage - Updates FrontPage
updatenow - Updates /scripts NOW.
updatephpconf - Updates PHP configuration files.
whoowns - Finds out who owns a domain.
wwwacct - Creates an account.
xaddonreport - Reports the current addon scripts installed.

Understanding /etc/passwd file format for Linux and UNIX OS

In Linux or Unix OS, /etc/passwd file stores essential information, which is required during login i.e. user account information.

/etc/passwd is a text file, that contains a list of the system's accounts, giving for each account some useful information like user ID, group ID, home directory, shell, etc.

It should have general read permission as many utilities, like ls use it to map user IDs to user names, but write access only for the superuser (root).

Understanding fields in /etc/passwd

The /etc/passwd contains one entry per line for each user (or user account) of the system. All fields are separated by a colon (:) symbol. Total seven fields as follows.

Generally, passwd file entry looks as follows (click to enlarge image):

1. Username: It is used when user logs in. It should be between 1 and 32 characters in length.
2. Password: An x character indicates that encrypted password is stored in /etc/shadow file.
3. User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and UIDs 1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by system for administrative and system accounts/groups.
4. Group ID (GID): The primary group ID (stored in /etc/group file)
5. User ID Info: The comment field. It allow you to add extra information about the users such as user's full name, phone number etc. This field use by finger command.
6. Home directory: The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes /
7. Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell. Please note that it does not have to be a shell.

/etc/passwd is only used for local users only. To see list of all users, enter:
$ cat /etc/passwd

To search for a username called tom, enter:
$ grep tom /etc/passwd
/etc/passwd file permission

The permission on the /etc/passwd file should be read only to users (-rw-r--r--) and the owner must be root:

$ ls -l /etc/passwd

Output:
-rw-r--r-- 1 root root 2659 Sep 17 01:46 /etc/passwd

Your password is stored in /etc/shadow file

Your encrpted password is not stored in /etc/passwd file. It is stored in /etc/shadow file. In the good old days there was no great problem with this general read permission. Everybody could read the encrypted passwords, but the hardware was too slow to crack a well-chosen password, and moreover, the basic assumption used to be that of a friendly user-community.

Almost, all modern Linux / UNIX line operating systems use some sort of the shadow password suite, where /etc/passwd has asterisks (*) instead of encrypted passwords, and the encrypted passwords are in /etc/shadow which is readable by the superuser only.

.