-
Notifications
You must be signed in to change notification settings - Fork 5
/
TODO.txt
311 lines (227 loc) · 10.3 KB
/
TODO.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
TODO
====
Author: Jason Dunsmore <jason.dunsmore@rackspace.com>
Date: 2010-03-16 13:15:29 CDT
1 Bugs
~~~~~~~
1.1 Fix units in plesk-bandwidth-per-domain
============================================
Returning MB instead of GB?
1.2 Fix apachebuddy2
=====================
[root@host ~]# apachebuddy2
Apache is configured to use 3145728 kB of memory.
Only 4043368 kB of memory are installed.
Consider lowering MaxClients from 256 to 329.
2 New features
~~~~~~~~~~~~~~~
2.1 New scripts
================
2.1.1 Create a snippet for splitting webalizer configs?
--------------------------------------------------------
for vhost in example1.com example2.com; do
sed -e "s/\/var\/log\/httpd\/access_log/\/var\/log\/httpd\/$vhost-access.log/" -e "s/\/var\/www\/html\/usage/\/var\/www\/$vhost-usage/" /etc/webalizer.conf > /etc/webalizer-$vhost.conf
done
2.1.2 Create a script to check all ports on a server
-----------------------------------------------------
for port in $( netstat -lpnt 2>/dev/null|awk '{print $4}'|cut -d: -f2|egrep "^[0-9]" ); do echo $port; openssl s_client -connect localhost:$port -ssl2; done
2.1.3 Create a history-since-login snippet
-------------------------------------------
2.1.4 Create a quicksnip to automate checking for successful dict attacks
--------------------------------------------------------------------------
zgrep -E "58.68.72.228|220.181.58.101|64.206.31.69|190.144.126.227|210.243.156.1|210.83.70.203|190.154.136.164|58.254.143.130|219.64.116.203" /var/log/secure* | grep "Accepted password"
2.1.5 Add to qmail log processing script to quicksnips
-------------------------------------------------------
grep Sorry /usr/local/psa/var/log/maillog|cut -d" " -f6|cut -d"." -f1|xargs -I'{}' grep '{}' /usr/local/psa/var/log/maillog|grep "to remote"|cut -d" " -f14|sort|uniq|cut -d"@" -f2|sort|uniq|xargs dig +short mx|cut -d" " -f2|xargs -I'{}' telnet '{}' 25
2.1.6 Go through list of one-liners for ideas for new snips
------------------------------------------------------------
[http://www.commandlinefu.com/commands/browse/sort-by-votes]
2.1.7 Create a snippet to check for a compromise
-------------------------------------------------
2.1.8 Create a snippet to check for insecure PHP configuration
---------------------------------------------------------------
2.1.9 Make a quicksnip to send a message via SMTP using Auth
-------------------------------------------------------------
perl -MMIME::Base64 -e \
'print
encode_base64("john\@example.com\0john\@example.com\0password")';
then:
telnet <ip> 25
auth plain <copied string>
2.1.10 Create a quicksnip for apache-new-vhost
-----------------------------------------------
2.1.11 Write a script to change hostname?
------------------------------------------
Check mysql binary log name
2.1.12 Write a script to print a specific time range for all logs
------------------------------------------------------------------
2.1.13 Write an ftp-auth-attempts quicksnip
--------------------------------------------
grep ftp /var/log/messages*|grep -i failed|awk '{print $6}'|sed 's/://'|sort -n|uniq -c|sort -n
2.1.14 Create a quicksnip to move a database from one domain to another in plesk
---------------------------------------------------------------------------------
This is for a domain that already exists in Plesk, but needs to be
under a different domain. You don't need to know which domain it's
currently assigned to...just change "targetdomain.com" to the new
domain, and change "dbname_goes_here" to the name of the database.
mysql psa -e "UPDATE data_bases SET data_bases.dom_id = ( SELECT
domains.id FROM domains WHERE displayName = 'targetdomain.com') WHERE
data_bases.name = 'dbname_goes_here';"
2.1.15 Create a quicksnip for synflood attacks
-----------------------------------------------
#!/bin/bash
/sbin/modprobe ip_tables
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_conntrack_ftp
rm /root/.dyn*
echo "Setting kernel tcp parameters to reduct DoS effects"
#Reduce DoS'ing ability by reducing timeouts
echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout
echo 1800 > /proc/sys/net/ipv4/tcp_keepalive_time
echo 1 > /proc/sys/net/ipv4/tcp_window_scaling
echo 0 > /proc/sys/net/ipv4/tcp_sack
echo 1280 > /proc/sys/net/ipv4/tcp_max_syn_backlog
#ANTISPOOFING
for a in /proc/sys/net/ipv4/conf/*/rp_filter;
do
echo 1 > $a
done
##
#NO SOURCE ROUTE
for z in /proc/sys/net/ipv4/conf/*/accept_source_route;
do
echo 0 > $z
done
#SYN COOKIES
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
#echo $ICMP_ECHOREPLY_RATE > /proc/sys/net/ipv4/icmp_echoreply_rate
echo "1" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
echo "1" > /proc/sys/net/ipv4/conf/all/accept_redirects
echo "1" > /proc/sys/net/ipv4/conf/all/log_martians
# NUMBER OF CONNECTIONS TO TRACK
echo "65535" > /proc/sys/net/ipv4/ip_conntrack_max
# Set default policies
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -P FORWARD DROP
/sbin/iptables -F
/sbin/iptables -F INPUT
/sbin/iptables -F OUTPUT
/sbin/iptables -F FORWARD
/sbin/iptables -F -t mangle
/sbin/iptables -X
/sbin/iptables -A INPUT -i lo -j ACCEPT
/sbin/iptables -A INPUT -d 127.0.0.0/8 -j REJECT
/sbin/iptables -A INPUT -i eth0 -j ACCEPT
/sbin/iptables -A INPUT -m state --state INVALID -j DROP
### chains to DROP too many SYN-s ######
/sbin/iptables -N syn-flood
/sbin/iptables -A syn-flood -m limit --limit 100/second --limit-burst 150 -j RETURN
/sbin/iptables -A syn-flood -j LOG --log-prefix "SYN flood: "
/sbin/iptables -A syn-flood -j DROP
2.1.16 Make a quicksnip to find apache-writable directories
------------------------------------------------------------
find / -type d \( \( -user apache -perm /u=w \) -o \( -group apache -perm /g=w \) -o \( -perm /o=w \) \) -ls
2.1.17 Create a log-off routine?
---------------------------------
Show files changed, clean up temp files...
2.1.18 Checking for blacklists, other info background after auto-login?
------------------------------------------------------------------------
2.2 Existing scripts
=====================
2.2.1 Use nice in quicksnips
-----------------------------
nice -n +19 bash -c "cat /var/www/vhosts/duralstores.gr/statistics/logs/error_log|cut -d\" \" -f9-20|sort|uniq -c|sort -n "
2.2.2 Separate out reporting for plesk-bandwidth (total and by service)
------------------------------------------------------------------------
2.2.3 Add mysqlbackup check to server-healthcheck
--------------------------------------------------
2.2.4 Add up2date --dry-run and yum list updates check in server-healthcheck
-----------------------------------------------------------------------------
2.2.5 Add percentage to sar-memory-usage script
------------------------------------------------
2.2.6 Alternate apache-doc-roots
---------------------------------
httpd -S 2>&1|egrep "\/.*\/"|sed 's/.*(\(.*\):.*).*/\1/'|sort|uniq|xargs grep -Hni DocumentRoot
2.2.7 Update plesk-email-passwords with Carl's code
----------------------------------------------------
select domains.name as domain, concat(mail.mail_name,'@',domains.name)
as email, password from domains left join mail on
domains.id=mail.dom_id left join accounts on account_id=accounts.id
where mail.postbox='true';
2.3 Core functionality
=======================
2.3.1 See if it'd be better to use case when parsing CLI arguments
-------------------------------------------------------------------
2.3.2 Create a quicksnips history menu
---------------------------------------
3 QA/Refactoring
~~~~~~~~~~~~~~~~~
3.1 Ask other quicksnips users if they like every quicksnip in a function
==========================================================================
3.2 Fix the way qmail-mailboxes-per-domain script checks if dir is empty
=========================================================================
[http://mywiki.wooledge.org/BashFAQ/004]
3.3 Start using unset at top of scripts that set variables
===========================================================
3.4 See if there's a way to group arguments by 1000 for xargs
==============================================================
3.5 Revamp apache-accesses-per-* snippets
==========================================
grep -oE "08/Jun/2009:02:.." /var/log/httpd/access_log|uniq -c
3.6 Way to reuse code in snips
===============================
Create script to auto-expand bash functions?
3.7 Use /usr/share/dict/words to find bad passwords
====================================================
- plesk-bad-email-passwords
4 Documentation
~~~~~~~~~~~~~~~~
4.1 Create a script to automatically generate the summary page
===============================================================
...using the documentation in the snippet files
4.2 Put "quickapropos -s" output on quicksnips.org
===================================================
4.3 Add installation on Fedora and Slackware to quicksnips docs
================================================================
yum install git
yum install xclip
yum install xdotool
wget http://dl.suckless.org/tools/dmenu-4.0.tar.gz
tar xvzf dmenu-4.0.tar.gz
cd dmenu-4.0
ls -al
./configure
make
yum install gcc
make
make clean
yum install xorg-x11-server-devel
yum install libXinerama
yum install libXinerama-devel
cd ~/software/dmenu-4.0
make install
yum install gconf-editor
gconf-editor
4.4 Create a style guide for quicksnips
========================================
4.5 Projects credits page like on [http://git-scm.com/about] ?
===============================================================
4.6 Remove "Determine how to..." section
=========================================
4.7 Improve Metacity (Gnome) install instructions
==================================================
5 Misc
~~~~~~~
5.1 Write some yasnippets for quicksnips
=========================================
5.2 Implement git post-receive-email hook for commits
======================================================
example script in /usr/share/doc/git-core/contrib/hooks/post-receive-email
5.3 Create a quicksnips mailing list?
======================================
5.4 Run git post-update hook in background so push doesn't take so long
========================================================================
5.5 Put Quicksnips on Freshmeat [http://freshmeat.net/projects/new]
====================================================================