Archives

All posts for the month August, 2009

Catch the Spam Tagged emails in spamassassin

Published August 31, 2009 by Siva

Catching spam mails into other mail accounts

In below example i have catched the all spam tagged emails for the domain siva.com into spammailbox@siva.com.

OPen the procmailc file in /etc

# nano /etc/procmailrc

# Catch the Spam Tagged Mail
:0:
* ^X-Spam-Flag: YES
! spammailbox@siva.com

addd the above entry in last ..

Thats it ….

Advertisements

Securing Your /tmp Partition to prevent from hackers

Published August 8, 2009 by Siva

Securing your /tmp directory could save you from an un-updated PHP script, where someone attempts to write an executable program with malicous code too.

I AM NOT RESPONSIBLE FOR ANY PROBLEMS THIS MAY CAUSE

that being said, lets get to it:

cd /dev

Create 500MB file for our /tmp partition. If you need more space, make count size larger.

dd if=/dev/zero of=tmpMnt bs=1024 count=500000

Make an extended filesystem for our tmpMnt file

/sbin/mke2fs /dev/tmpMnt

Backup your /tmp dir- I had mysql.sock file that I needed to recreate the symbolic link for. Other programs may use it to store cache files or whatever.

cd /
cp -pR /tmp /tmp_backup

Mount the new /tmp filesystem with noexec

mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
chmod 0777 /tmp

Copy everything back to new /tmp and remove backup

cp -pR /tmp_backup/* /tmp/

Now we need to add this to fstab so it mounts automatically on reboots.

pico -w /etc/fstab

You should see something like this:

/dev/hda3               /                       ext3    defaults,usrquota        1 1
/dev/hda1               /boot                   ext3    defaults        1 2
none                    /dev/pts                devpts  gid=5,mode=620  0 0
none                    /proc                   proc    defaults        0 0
none                    /dev/shm                tmpfs   defaults        0 0
/dev/hda2               swap                    swap    defaults        0 0

At the bottom add:

/dev/tmpMnt             /tmp                    ext2    loop,noexec,nosuid,rw  0 0

(Each space is a tab)
Save it!

Ctrl + X and Y

Your done- /tmp is now mounted as noexec. You can sleep a little bit safer tonight. I created a hello world c++ and compiled it then moved it to /tmp. Upon trying to run it (even chmod +x’ed), it gives the following error:

bash: ./a.out: Permission denied

good luck! if it is causing problems with any of your software, you could remove the entry from fstab, reboot and then delete /tmp and recreate it to bring it back to normal.

*Source:  http://webhostgear.com*