BOOT PROCESS
Posted by Ranjeet at 01:31 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook
Graphical Interface
GNOME and KDE System Monitors The GNOME and KDE desktop environments both have graphical tools to assist you in monitoring and modifying the behavior of your system. Posted by Ranjeet at 01:25 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook
Runlevels in RHEL
Most versions of Unix use different run levelsto define different operational and security states of the Unix system.The `init` command is used to change the run level. Other commands which change the run level include reboot, halt, and shutdown.
Run Level 0 1 2 Halt
Description Single user mode Multiuser, without NFS
�3 4 5 6
Full multiuser mode Unused X11 Reboot
Posted by Ranjeet at 01:22 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook
Managing Services in Linux
start Starts the service if its currently not running stop Stops the service if it is currently running restart Stops and then restarts the service status Lists the current operational status of the service reload If the service is currently running, it loads the current version of the configuration file(s) with any changes. The service is not stopped, users who have previously connected are not kicked off
�force-reload Restarts a service if its already running; otherwise, makes sure the new service is started with the latest version of a configuration file
Posted by Ranjeet at 01:13 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook
Terminals and Login Screens
The login terminals in Linux are virtual consoles. Most Linux systems, including RHEL 6, are configured with six standard command line virtual consoles. These consoles are numbered from 1 to 6. When configured with a GUI and a login manager, other Linux distributions include a seventh virtual console, with a graphical login screen. Thats one place where RHEL 6 is a bit different, as in most cases, it substitutes the graphical login screen for the first virtual console. That applies just for the graphical login screen. If you start the GUI with the startx command, the GUI is run in the seventh virtual console. Posted by Ranjeet at 01:07 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook
File System Hierarchy
�Linux File System Hierarchy
Posted by Ranjeet at 00:45 No comments: Email ThisBlogThis!Share to TwitterShare to Facebook
IPTABLES
IPTABLES Examples 1. Delete Existing Rules
Before you start building new set of rules, you might want to clean-up all the default rules, and existing rules. Use the iptables flush command as shown below to do this. iptables -F
�(or)
iptables --flush
2. Set Default Chain Policies
The default chain policy is ACCEPT. Change this to DROP for all INPUT, FORWARD, and OUTPUT chains as shown below. iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
3. Block a Specific ip-address
Before we proceed further will other examples, if you want to block a specific ip-address, you should do that first as shown below. Change the x.x.x.x in the following example to the specific ip-address that you like to block. BLOCK_THIS_IP="x.x.x.x"
iptables -A INPUT -s "$BLOCK_THIS_IP" -j DROP
You can also use one of the following variations, which blocks only TCP traffic on eth0 connection for this ip-address. iptables -A INPUT -i eth0 -s "$BLOCK_THIS_IP" -j DROP
iptables -A INPUT -i eth0 -p tcp -s "$BLOCK_THIS_IP" -j DROP
4. Allow ALL Incoming SSH
The following rules allow ALL incoming ssh connections on eth0 interface. iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
�iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
5. Allow Incoming SSH only from a Sepcific Network
The following rules allow incoming ssh connections only from 192.168.100.X network. iptables -A INPUT -i eth0 -p tcp -s 192.168.100.0/24 --dport 22 -m state -state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
6. Allow Outgoing SSH
The following rules allow outgoing ssh connection. i.e When you ssh from inside to an outside server. iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED j ACCEPT
7. Allow Incoming HTTP and HTTPS
The following rules allow all incoming web traffic. i.e HTTP traffic to port 80. iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
The following rules allow all incoming secure web traffic. i.e HTTPS traffic to port 443.
�iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT
8. Allow Ping from Outside to Inside
The following rules allow outside users to be able to ping your servers. iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
9. Allow Ping from Inside to Outside
The following rules allow you to ping from inside to any of the outside servers. iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
