Month: February 2013

Send an email via telnet.

To send an email via telnet just type:

root:~# telnet 172.16.12.25 25
220 hostname.com Internet Agent 0.0.3
HELO domain.com
250 hostname.com Ok
MAIL FROM: you@hostname.com
250 Ok
RCPT TO: them@hostname_away.com
250 Ok
DATA
354 Enter mail, end with "." on a line by itself
ie, type your message or whatever
.
250 Ok
quit
221 hostname.com Closing transmission channel
Connection to host lost.

By the way, you will not see any AUTH listed when connecting and doing an ehlo. In addition any attempt to auth will be met with the error:

035.5.1 Error: authentication not enabled

It will not display options for smtp authentication unless a TLS security is used to connect.

Try connecting with:

openssl s_client -connect localhost:25 -starttls smtp

Now you will see the 250-AUTH PLAIN LOGIN on ehlo and you will be able to auth.

When posting logs of the SASL negotiations to public lists, please keep in mind that username/password information is trivial to recover from the base64-encoded form.

You can use one of the following commands to generate base64 encoded authentication information:

Using a recent version of the bash shell:

echo -ne '00username00password' | openssl base64

Some other shells support similar syntax.

Using the printf command:

printf '%s%s' 'username' 'password' | openssl base64
printf '%s%s' 'username' 'password' | mmencode
The mmencode command is part of the metamail software.

root:~# openssl s_client -connect 4network.eu:25 -starttls smtp

and the output:

Compression: 1 (zlib compression)
Start Time: 1373377800
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
250 DSN

and then type:

ehlo domain.org
250-hades
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

auth plain AGpvbGFudGEAam9sYW50YQ==
235 2.7.0 Authentication successful

SMTP Status Codes
You may notice along the way that after typing commands you see responses from the server starting with “250″. 250 is a good thing, and there are a lot of other SMTP status codes you’ll encounter the more you use this technique.
Continue reading “Send an email via telnet.”

Using the dd command to determine sequential I/O speed.

The dd command provides a simple way to measure sequential I/O performance. The following shows a sequential read of 1GB (1024MB). There are 1024 1MB (1024KB) reads:

root:~# time -p dd if=/dev/zero of=2delete.file bs=1024k count=1024
1024+0 records in
1024+0 records out
1073741824 bytes (1.1 GB) copied, 17.5714 seconds, 61.1 MB/s
real 17.91
user 0.00
sys 2.62

The megabytes per second can be calculated as follows:

root:~: echo 1024 / 17.91 | bc
57

1GB/17.91 sec = 57 MBps

Find out who is connected to which service and which user and process owns a port.

Here are some useful utilities. Netstat or Ss is a command that will list both the open ports and who is connected to your system. You should run it like this:

root:~# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:45982 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:994 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN

or

root:~# ss -an
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 :::443 :::*
LISTEN 0 50 :::445 :::*
LISTEN 0 128 *:45982 *:*
LISTEN 0 64 :::993 :::*
LISTEN 0 64 *:2049 *:*
LISTEN 0 128 *:994 *:*
LISTEN 0 50 127.0.0.1:3306 *:*

This way you can find out who is connected to which service.

Another interesting command is the fuser program. This program can tell you which user and process owns a
port. For example, the following command will tell you who owns port 22:

root:~# fuser -v -n tcp 22
USER PID ACCESS COMMAND
22/tcp: root 1743 F.... sshd
root 12184 f.... sshd
user 12207 F.... sshd

or

root:~# lsof -i tcp:22
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 1743 ssh 3u IPv4 5861 0t0 TCP *:ssh (LISTEN)
sshd 1743 ssh 4u IPv6 5864 0t0 TCP *:ssh (LISTEN)
sshd 12184 ssh 3u IPv4 957477 0t0 TCP server:ssh->193.120.51.186:39516 (ESTABLISHED)
sshd 12207 user 3u IPv4 957477 0t0 TCP server:ssh->193.120.51.186:39516 (ESTABLISHED)

Access Control Lists aka ACLs for Linux file systems.

Traditionally, three permission sets are defined for each file object on a Linux system. These sets include the read (r), write (w), and execute (x) permissions for each of three types of users—the file owner, the group, and other users. In addition to that, it is possible to set the set user id, the set group id, and the sticky bit. This lean concept is fully adequate for most practical cases. However, for more complex scenarios or advanced applications, system administrators formerly had to use a number of workarounds to circumvent the limitations of the traditional permission concept.
Continue reading “Access Control Lists aka ACLs for Linux file systems.”

How to backup and restore a MySQL database.

The mysqldump command creates a text version of the database. Specifically, it creates a list of SQL statements which can be used to restore/recreate the original database.
The syntax is:
# mysqldump -u root -p[root_password] [database_name] > backup.sql – backup.
# mysql -u root -p[root_password] [database_name] < backup.sql - restore.

Back up a single database:
The mysqldump command will backup the mydb database and dumps the output to the mydb.sql file

# mysqldump -u root -pmysqlpassword mydb > mydb.sql

Actually, if you don't provide a password at this stage, later you will be prompted for it.

Back up the multiple databases:

# mysqldump -u root -pmysqlpassword --databases mydb somedb > mydb_somedb.sql

Back up all of the databases:


# mysqldump -u root -pmysqlpassword --all-databases > all_databases.sql

Back up a specific table:
In this example, we takes a back up only of the users table from the mydb database.

# mysqldump -u root -pmysqlpassword mydb users > mysb_table_users.sql

To restore the MySQL database from a backup:
Execute the mysql command with "<" as shown below. If you are going to restore the mydb.sql to a different server, the mydb database must be created on this server.
# mysql -u root -pmysqlpassword

mysql> create database mydb;
Query OK, 1 row affected (0.02 sec)

# mysql -u root -pmysqlpassword mydb < mydb.sql

If you are trying to restore a single database from dump of all the databases, you have to let mysql know like this:

mysql --one-database database_name < all_databases.sql

How to browse the eDir using ldapsearch.

To browse the eDir use the Linux ldapsearch command:


ldapsearch -x -h 172.16.12.182 "(objectclass=Person)" > all.text

Used filter “objectclass=Person” will out put all records of users to the all.text file


ldapsearch -x -h 172.16.12.182 "(objectclass=Person)" uid fullname mail loginTime passwordEcpirationTime loginTime > selected.text

Used filter “objectclass=Person” and requested records “uid fullname mail loginTime passwordEcpirationTime loginTime” will out put just selected records of users to the selected.text file.