Check your mail using telnet

At work we have pop access to the state shared email system. Every so often I have to check a users box to see if the box is jammed with a huge message or just to make sure the account is active. The easiest way for me to do this is using telnet. Below are some basic commands to get you going. If you want to know more lookup RFC 1725.

 

telnet pop3.mailserver.com 110 <– or what ever port your pop server is on

Commands

USER –this one is pretty straight forward. For a valid user you should get “+OK Password required for <account name>.”

PASS — again pretty easy. Reply after authentication should be: “+OK <account name> has <n> message(s) (MMMMM) octets”, where <n> is the number of messages in the mailbox (MMMMM) is the total size of all messages.

LIST — Lists all the messages by number as well as the size

RETR — this command along with the message number will display the message in text format. ex. retr 3

DELE — delete the message. ex. dele 3

cisco PIX DST update

Cisco PIX and ASA Platforms

You can change the DST configuration parameters for a system that runs the Cisco PIX or ASA OS with a single configuration command. You can run this command at any time and on any device in order to change the current default settings of the given device.
clock summer-time zone recurring [{week} {day} {month} {hh:mm}
{week | day | month | hh:mm} [offset]]

In order to comply with the 2007 DST time change, use this command on any device that runs the Cisco PIX or ASA OS:
clock summer-time EDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00

cisco DST update command

Cisco IOS Software Platforms

You can change the DST configuration parameters for a system that runs Cisco IOS with a single configuration command. You can run this command at any time and on any device in order to change the current default settings of the given device.
clock summer-time zone recurring [{week} {day} {month} {hh:mm}
{week | day | month | hh:mm} [offset]]

In order to comply with the 2007 DST time change, use this command on any device that runs Cisco IOS:
clock summer-time EDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00

Yum

Applying updates and patches to a Fedora Core box is very straight forward.

First, log in as root:

$ su
password:


After you are logged in as root, then you will execute the yum command.

# yum update

The following is an overview of some more yum commands:

• yum list [List all available packages.]
• yum check-update or yum list updates [See if there are updated packages available.]
• yum update [Update all installed packages that have a newer version available]
• yum install
  [Install specific packages and their dependencies.]
• yum search [Search all known packages entries (descriptions etc) for word.]
• yum info
  [Show basic information about a package.]

For more information on yum, man the command:

# man yum

Modify A User

There are several ways to modify a user account:

• Change the user’s password
• Change the user’s home directory
• Change the user’s shell
• Change the user’s group

For the purpose of what we are teaching here, the most important items will probably be changing the user’s password or changing the user’s shell.

Why would a sys admin want to change the password?

Sometimes users request that their password be changed. Sometimes you want to reset the password for a user because they forgot their password, and you have to assign them a new password. My rule of thumb w/ passwords is that I assign passwords that are letters or numbers or a combination of both, more than 5 characters, and all lowercase.

To change the password of a user, you simple type:

# passwd username

The passwd command will ask you to retype the new password of the user, and if successful it will output a success message to you like this:

passwd: all authentication tokens updated successfully.

Why would a sys admin want to change a user’s shell?

When you first create a user, the default shell the user receives will be bash. That is the “Bourne Again Shell”, named after the man who created it, Bourne. If the user is just being created for the purpose of having an email account, the user does not need a bash and really shouldn’t have one for security reasons. So, to change the user’s shell you do this command:

# usermod -s /bin/fakeshell username

NOTE: You have to have the /bin/fakeshell installed on the system for this to work properly.

mysql

These notes are distilled from a more detailed guide on mysql from Linux Home Networking.
The /etc/my.cnf file is the main mysql config file.

mysql databases are usually located in the subdir of /var/lib/mysql/.

mysql stores usernames / passwords in database mysql. Add users to this database and specify the databases to which they will have access with the grant command.

The mysql root account used to create and delte databases is the exception. Use the mysqladmin command to set root password.

With mysqld started use the mysqladmin command to set the mysql root password.

# mysqladmin -u root password new-password

If you want to change root password later you can do a root password recovery.

To access the mysql command line, type:

# mysql -u root -p
Enter password:

After you are logged in you can type \h for help, \c to clear the buffer, or \q to quit.

Enter mysql commands with a semi colon — you know the “;” (without quotes).

To create a database:

mysql> create database example;

Sometimes you may have to physically delete a database underneath /var/lib/mysql. Make sure you stop the server first before you do this.

To grant all privileges to a user:

mysql> grant all privileges on database.* to username@"servername" identified by 'password';

The next step is to write the privilege changes to the mysql.sql database using the flush privileges command.

mysql> flush privileges;

To imported ready-made scripts that create database and tables, use this:

# mysql -u root -p example < create_mysql.script

To view your databases in mysql:

# mysql -u mysqluser-p example
mysql> show databases;

To list the tables in your database:

mysql> use databaseexample;
mysql> show tables;

To view the table structure of your database:

mysql> describe example;

RECOVERING, OR CHANGING ROOT PASSWORD

1. Stop mysql
2. Start mysql in safe mode, like so:

# safe_mysqld --skip-grant-tables

3. Reset the password:

# mysqladmin -u root flush-privileges password "newpassword";

4. Restart mysql normally.

mysql database backup and recovery

# mysqldump --add-drop-table -u mysqluser -ppasswd database > /tmp/database.sql

Note: make sure there are no spaces between the -p switch and the password. Always backup the database named “mysql” too, because it contains user access information.

The syntax for restoring a mysql database:

# mysql -u username -ppassword database < backedup-database

MYSQL SECURITY

# netstat -an

Your server will be listening on ip address 0.0.0.0 (all) on TCP port 3306.

The problem w/ this is that it exposes your database to mysql queries from the internet. If your sql database is going to be accessed only by applications running on the server itself, then you can force it to listen only to the equivalent of the loopback.

To do this: edit the /etc/my.conf file and use the bind-address directive in the [mysqld] section to define the specific ip address on which mysqld listens for connections.

[mysqld]
bind-address=127.0.0.1

Restart mysql.

The nestat -an command will show mysql listening on only the loopback address on TCP port 3306.

mysql errors are logged automatically in the /var/log/mysqld.log.

---

Starting, stopping, restarting, anc verifying mysqld daemon.

# chkconfig mysqld on
# service mysqld start
# service mysqld stop
# service mysqld restart
# pgrep mysqld

Job Control

This is good for Mac OS X, Linux, Unix, et al. (I use the Bash Shell; your mileage may vary)

You can run more than one program at a time in a terminal window. You do this with job control.

Let’s use an example. Start up Lynx (a text based web browser) at your command prompt:

$ lynx www.google.com
After you start this program then put it to sleep (or suspend it) by holding down the Ctrl key and pressing down the letter “z”. Shorthand for this is “^Z”, without the quotes.

When you do this the program goes into the background, and you can now start another program or execute another command at the prompt. Go ahead and start up another instance of lynx the example above, except use www.yahoo.com

After you’ve started this, then put it to sleep also, with the ^Z keystroke.

Now you have two programs running in the background.

Type jobs at the prompt.

Here’s the output I got from my terminal after I suspended my vim session and two lynx sessions, and typed jobs.

[mack@:~/goodgrep]$ jobs
[1] Stopped vim job_control.html
[2]- Stopped lynx http://www.google.com
[3]+ Stopped lynx http://www.yahoo.com
[mack@:~/goodgrep]$
Notice the numbers at the beginning of each line. That is each job’s number. You can pick and choose which job you want to bring back to the foreground like this:

$ fg 1
In my example above, I am bringing job number 1 back into the foreground, to continue on with my vim editing of the job_control.html document. I could also have just typed fg and it would bring to the foreground what was the first job in the que.

Another way you can start up a program and have it go directly into the background is by using an ampersand “&”, without the quotes. Example:

$ vim newfile.html &
This command starts up the vim editor with the file “newfile.html”, and immediately puts it into the background so I can continue working at the command prompt.

bzip2

For a long time the only compression utility that I ever used was gzip, which I used in conjunction with the tar command whenever I was tar-ing data and compressing data.

Recently I learned that using bzip2 to compress data is even better. It is able to compress data to even smaller sizes than gzip.

Basically what I do now is first of all create the tarball with a command like this:

# tar -cvf filename.tar filesources.txt

After I make the tarball, then I use bzip2 on it, like so:

# bzip2 filename.tar

This will create a file that looks like filename.tar.bz2

If I then want to uncompress this file, I do this:

# bunzip2 filename.tar.bz2

This will leave me with a file called filename.tar again.

Here’s a good articleon linux.com.

chkconfig

chkconfig is a nice utility you’ll find in RedHat/Fedora Linux and its derivatives.

This utility enables you to tell the operating sytem what services should be executed and brought to life upon reboot of the server.

To understand chkconfig you have to keep in mind that Linux boots up into different run levels. A run level is a way of specifying what services should run when you boot up the server for different reasons. The main run levels I am concerned with are run levels 3 and 5. Level 3 is console mode, level 5 is full GUI or X Windows mode.

My servers boot into Level 3, so I configure what services will start up on level 3 by using the chkconfig command.

Example:

# chkconfig --level 3 foobar on

This example indicates that the foobar service should start up every time the server is rebooted into Level 3. My server is set to boot into Level 3 by default, so I know if the machine is rebooted the web server will come back on.

It is important for security to turn off as many services as you can get by with.

To get a listing of the services that are on and what ports are open on your server you can use the netstat command, and also use chkconfig like this:

# chkconfig --list | more

If you are looking for a specific service, and trying to determine if it comes on at a certain run level, you can try this:

# chkconfig --list | grep foobar

If you don’t care what run level a service starts up on, and you just want to make sure a service starts no matter what run level the machine starts on, you can do this:

# chkconfig foobar on