#vi /etc/ssh/sshd_config
######Look for the following line:
#Port 22
######Change the port to
Port 3210
#### Save sshd_config file with this command
:wq!

Restart SSH services with this command

#service sshd restart
or
#/etc/init.d/sshd restart

Try to connect to your server via putty, but you need to change the ssh default port to 3310.

It detects hidden processes by using three techniques:

• The proc technique consists of comparing /proc with the output of /bin/ps.
  The sys technique consists of comparing information gathered from /bin/ps with information gathered from system calls.
• The brute technique consists of bruteforcing the all process IDs. This technique is only available on Linux 2.6 kernels.
• Most rootkits use the power of the kernel to hide themselves, they are only visible from within the kernel. You can use unhide or tool such as rkhunter to scan for rootkits, backdoors and possible local exploits.

Install UNHIDE

If you are using ubuntu / debian linux you can enter this command below:

#apt-get install unhide

If you are using FreeBSD / unix you can install it using this command below :

#cd /usr/ports/security/unhide
#make install clean

How to use UNHIDE

unhide-tcp is a tool that identifies TCP/UDP ports that are listening but are not listed in /bin/netstat through brute forcing of all TCP/UDP ports available.

You can use it as follows:

# unhide-posix proc
# unhide-posix sys
OR
# unhide-linux26 proc
# unhide-linux26 sys
# unhide-linux26 brute

Sample outputs:

Unhide 20100201
http://www.security-projects.com/?Unhide
[*]Searching for Hidden processes through kill(..,0) scanning
[*]Searching for Hidden processes through  comparison of results of system calls
[*]Searching for Hidden processes through getpriority() scanning
[*]Searching for Hidden processes through getpgid() scanning
[*]Searching for Hidden processes through getsid() scanning
[*]Searching for Hidden processes through sched_getaffinity() scanning
[*]Searching for Hidden processes through sched_getparam() scanning
[*]Searching for Hidden processes through sched_getscheduler() scanning
[*]Searching for Hidden processes through sched_rr_get_interval() scanning
[*]Searching for Hidden processes through sysinfo() scanning
HIDDEN Processes Found: 1

If you found something interesting:

# unhide-tcp

Sample outputs:

Unhide 20100201
http://www.security-projects.com/?Unhide
Starting TCP checking
Found Hidden port that not appears in netstat: 1048
Found Hidden port that not appears in netstat: 1049
Found Hidden port that not appears in netstat: 1050
Starting UDP checking

The netstat -tulpn or ss commands displayed nothing about the hidden TCP ports # 1048, 1049, and 1050:

# netstat -tulpn | grep 1048
# ss -lp
# ss -l | grep 1048

Disable Exec Shield protection

Login as root
Type the following command below :

# sysctl -w kernel.exec-shield=0

You can disable it permanently by adding following line to /etc/sysctl.conf file:

# vi /etc/sysctl.conf
kernel.exec-shield=0

Save and close the file.

Note :
Exec Shield disabling is not recommended one.

Exec Shield protection can also simply disabled via GRUB loader

Add up following lines in grub.conf

# vi /etc/grub.conf
Modify / append exec-shield=0 parameter as follows:
kernel /vmlinuz-2.6.8 ro root=LABEL=/ exec-shield=0

Close and save the file.

Enable ExecShield Protection Against Buffer Overflows

Open your /etc/sysctl.conf file:
#

vi /etc/sysctl.conf

#### Add the following lines:

kernel.exec-shield = 1
kernel.randomize_va_space = 1

Save and close the file.
The First line will enable ExecShield protection and second line will enable random placement of virtual memory regions protection.

To load sysctl without reboot enter the command given below:

# sysctl -p

Telnet is an abbreviation of Telecommunication Network, which is an old network protocol. This protocol is used for remote host connection. It provides a two way interactive command / console line interface.
By default telnet is not enabled in windows. Telnet command will produce an error that telnet is not recognized as an internal or external command.

Click Start Menu, type “cmd” in the search box, right-click cmd command. And choose Run as administrator from the context menu.

You will see a command line console then
Type Telnet

Login into your Windows 7 with administrator access
Click Start >> Control Panel >> Programs >> Programs and Features >> Turn Windows Features On or Off >> Check Telnet client >> Press “Enter”

After you have Click OK button.
Then verify rather telnet is working or not.

You will see a result as shown below.

db : wpmu
user : wpmu
pass : wpmupass

Download WordPress MU

http://mu.wordpress.org/download/ Extract all files into desired folder

ex: http://www.yourdomain.com/blogs/

Begin installation

Point your browser to whichever directory you extracted your files to (ex: http://www.yourdomain.com/blogs/). The index.php file will load automatically “Installing WordPress µ” screen. You required ti fill some forms before proceeding.

change permissions

Delete .htaccess or move .htaccess to .htaccess-bak. change permissions on the public_html and wp-content directories. If you’re using FileZilla for FireFTP or similar, just right click on the folders and check all the boxes to change to 777

subdomains or subdirectories

Select whether you want the blog addresses for the install to be subdomains or subdirectories.

Database details required WordPress MU installation

Fill in your database name, username, and database password, as requested.

installation finished

If all goes well, you should see this happy screen reminding you to reset your directory permissions to 755.

Copy the password

Copy the password it generates for you and login. Immediately change your password to something better that you’ll remember.

Default Display

You’re finished! Your site should be fully installed now. It will display the default theme and will look something like this

it shows error as shown below ;

Fatal error: Cannot unset string offsets in /home/test/www/wordpress/wp-includes/widgets.php on line 362

After googling more deeper. I found that it is required to turn off magic_quotes_gpc and magic_quotes_runtime.

let open your php.ini and set these lines as shown below :

Magic quotes for incoming GET/POST/Cookie data.
magic_quotes_gpc = Off

Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_runtime = Off

restart you apache / webserver.

This problem can be resolved by this method.

• disabled all your plugins [optional]
• reinstall your wordpress [ optional]
• edit wp-config.php

The solution is very simple, we just have a need to add 1 line into wp-config.php like below.

Log in through putty and open file this command

$vi /home/testing/public_html/wp-config.php

### add 1 line below ####

define( ‘CONCATENATE_SCRIPTS’, false );

### save wp-config.php ###

Try to refresh your wordpress site. This will fix your wordpress visual toolbar.

What is MBR ?
MBR is the abbreviation of master boot recorded.

In M-DOS environtment we can just simply type fdisk/mbr command
but this is different, in LINUX/ UNIX please follow this step below :

Login into server and type command below

[code]$dd if=/dev/zero of=/dev/sdc bs=512 count=1[/code]

The output will be like below

1+0 records in
1+0 records out
512 bytes (512 B) copied, 0.00308483 s, 166 kB/s

Preparing and Installing EPEL repository

Login as root into the server

#cd /root
#wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-5.noa...
#rpm -ivh epel-release-6-5.noarch.rpm

What is NTFS-3g ?

NTFS-3G is a opensource GPL Licensed, POSIX, read and write NTFS driver for linux.
It Provides a very safe handling of the windows XP, 2003 and all other windows variants NTFS file systems.

NTFS-3G also can help you create, remove, rename, moved directories, hard links, streams etc.
it’s handle a special files like symbolic links, devices and FIFOs, ACL, extended attributes.

Install NTFS-3G

Still with root access
type the command below to install it

#yum install ntfs-3g

You will see an output like below

============= Quote From Linux Console ===========================
#yum install ntfs-3g
Loaded plugins: product-id, rhnplugin, subscription-manager
Updating Red Hat repositories.
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package ntfs-3g.x86_64 2:2011.4.12-3.el6 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================
Package         Arch           Version                     Repository    Size
===============================================================================
Installing:
ntfs-3g         x86_64         2:2011.4.12-3.el6           epel         247 k

Transaction Summary
===============================================================================
Install       1 Package(s)

Total download size: 247 k
Installed size: 624 k
Is this ok [y/N]:Y

================== END ==================================

Next We need to Find out the NTFS Partition Name

Find NTFS Partitions Name

We can simply type the command below :

#fdisk -l /dev/sda
#fdisk -l /dev/sdb

You will see an output like below

=========== Quote From Linux Console =============

Disk /dev/sda: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xf0000000

Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          13      102400    7  HPFS/NTFS
Partition 1 does not end on cylinder boundary.
/dev/sda2              14       60802   488281089    5  Extended
/dev/sda5              14       59767   479970304   83  Linux
/dev/sda6           59767       60802     8309760   82  Linux swap / Solaris
================ END ======================

From the output above you can see /dev/sda1 with filesystem HPFS/NTFS
Next, We need to mount the NTFS Partition in /mnt/ntfs

Mount Partition in /mnt/ntfs

First we need to load the fuse driver
type the following command below to load the driver

Load fuse Driver

#modprobe fuse

Create a mount point directory

#mkdir /mnt/ntfs

Mount the NTFS partition

#mount -f ntfs-3g /dev/sda1 /mnt/ntfs

After that you can access the /mnt/ntfs
You can use a linux command below to copy or access any files on the directory

#cd /mnt/ntfs
#ls -al

What is Crontab ?

Cron derives from chronos greek time and it used to schedule command or execute it periodically.

How to Verify Crontab Running in The System ?

Login into your server and type this command below :

#crontab -l

### you will see someline like example below ###

* * * * * /bin/example-path/example-script.sh

So How To Add a Schedule Task to Crontab ?
In terminal type  command, which is given below

#crontab -e

You will see a blank screen, you can press I button and start type your crontab command
after that don’t forget to save your crontab, press ESC button and type :wq! this will help you save your crontab to the schedule task

Crontab Schedule Explain

Example : * * * * * /bin/testing-path/testing-script.sh

You can see a 5 stars there, the stars will present a different minute, hour, day of month, month and day of week.
1.    minute (from 0 to 59)
2.    hour (from 0 to 23)
3.    day of month (from 1 to 31)
4.    month (from 1 to 12)
5.    day of week (from 0 to 6) (0=Sunday)
From the example above the crontab will execute every minute.

Note :
* / star/ asterisk mean EVERY

Another Crontab Example
If you want to run a schedule script at 2AM every Thursday, then you need a following cronjob

0 2 * * 4  /bin/testing-path/testing-script.sh

Example Star Description above:
1.    minute: 0
2.    of hour: 1
3.    of day of month: * (every day of month)
4.    of month: * (every month)
5.    and