tech.gate.io blog

what to do if you want to grep for a string in a file, and want to get the whole stanza/paragraph where the string was found in?

there is a very simple AIX-solution, and a bit more complicated one with sed:

 
a sample textfile:

# cat testfile
start
1
value
end

start
2
end

start
3
foo
end

start
4
end

• AIX grep

# grep -p foo testfile
start
3
foo
end

• sed

# sed -e '/./{H;$!d;}' -e 'x;/foo/!d;' testfile

start
3
foo
end

 
The teamspeak2 server is not 64-bit compatible.
Follow this guide to get the teamspeak2 server running on 64-Bit Fedora Core 10

1.) Download the latest binaries from http://www.teamspeak.com

wget ftp://ftp.freenet.de/pub/4players/teamspeak.org/releases/ts2_server_rc2_202319.tar.bz2

2.) Extract the archive

tar -xvzf ts2_server_rc2_202319.tar.bz2

 
3.) After running the startup script ./teamspeak2-server_startscript

I got following error messages:

“libgcc_s.so.1 must be installed for pthread_cancel to work”

./teamspeak2-server_startscript: ./server_linux: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory

It’s necessary to install the 32-bit libraries.

run:

yum install libgcc.i386

 
4.) Create a user for teamspeak

useradd teamspeak

 
5.) Change Permissions of the teamspeak folder

chown -R teamspeak:teamspeak /*ts folder*

 
6.) Change User and run teamspeak

su teamspeak

./teamspeak2-server_startscript start

 
starting the teamspeak2 server
TeamSpeak Server Daemon started with PID 30062

7.) Switch back to root and lock the teamspeak account, so nobody than root can use it.

passwd -l teamspeak

Our VMware “testfarm” has been running for nearly 1 month now, it’s time for backups.

The portability of VMware guests gives a great option for a full-system backup.

So, how to compress / backup the vmdk files … whithout shutting down the virtual machines ?

These files are several gigabytes big, and the compression will take some time. During the compression or copy the VMware guest is updating the files leaving the backup in an inconsistant state.

lvm snapshot is quite a nice solution to that problem.

1.) create snapshot
lvcreate -L size of volumeG -s -n snapshot name /dev/volumevg/target lv

2.) mount the snapshot
mount /snapshot /dev/volumevg/snapshot name

3.) backup files
tar -zcvf /backup/vmbackup${DATE}.tar.gz /snapshot/vmimages/target system

4.) unmount & delete
umount /snapshot
lvremove -f /dev/volumevg/snapshot name

I came across a nice way, how to use windows as a Router with NAT.

Change following reg key:

Start -> Run -> regedit

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] "IPEnableRouter"=dword:00000001

 
Start -> Run -> cmd

netsh routing ip nat install
netsh routing ip nat add interface "lan device to destination network" full
netsh routing ip nat add interface "lan device to source network" private
netsh routing ip nat add interface Internal private

 

It's windows so you have to reboot your machine, for the registry settings to take effect.

SSH Port 22 is often attacked from systems trying to brutforce passwords.
There is an easy way to get rid of those "bots".

just edit your iptables config file (on fedora: /etc/sysconfig/iptables)

if you don't know the location of your config file, 
just execute following commands: 
iptables-save > /tmp/iptables.tmp
iptables-restore < /tmp/iptables.tmp

 
add following lines:

-A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH

-A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 --rttl --name SSH -j LOG --log-prefix "SSH_brute_force"

-A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 --rttl --name SSH -j DROP

 
restart IPtables

/etc/init.d/iptables restart

 

With this rule, it's not possible to connect more than 3 times in 60 Seconds.
Normally SSH kicks the clients after 3 login attempts - so it's only possible to guess 9 passwords per minute.

Every bruteforce attempt is logged to the syslog

For the experienced users, there is also a blacklist feature if you want to lock an ip address after brutforcing.
But it's quite tricky to remove the clients from the blacklist ... tbc