Queue Counting
The following command provides a sorted list of the accounts that have the most mail in the queue. This usually means a maximum of 2 or 3 spammers at the end of the list:
mailq|grep ^[A-F0-9]|cut -c 42-80|sort |uniq -c|sort -n|tail
grep “status=sent” /var/log/maillog |cut -d “=” -f 2 |cut -d “>” -f 1 |cut -d “<” -f 2 |sort -n |uniq -c
grep “dovecot” /var/log/maillog |grep “Aborted login” |cut -d “,” -f 3 |cut -d “:” -f 4 |sort -n |uniq -c
Saturday, April 6, 2013
Making the CSF temporary block permanent
Temporary to Permanent IP blocking. The following enables this feature to
# permanently block IP addresses that have been temporarily blocked more than
# LF_PERMBLOCK_COUNT times in the last LF_PERMBLOCK_INTERVAL seconds. Set
# LF_PERMBLOCK to "1" to enable this feature
#
# Care needs to be taken when setting LF_PERMBLOCK_INTERVAL as it needs to be
# at least LF_PERMBLOCK_COUNT multiplied by the longest temporary time setting
# (TTL) for blocked IPs, to be effective
#
# Set LF_PERMBLOCK to "0" to disable this feature
# Permanently block IPs by network class. The following enables this feature
# to permanently block classes of IP address where individual IP addresses
# within the same class LF_NETBLOCK_CLASS have already been blocked more than
# LF_NETBLOCK_COUNT times in the last LF_NETBLOCK_INTERVAL seconds. Set
# LF_NETBLOCK to "1" to enable this feature
#
# This can be an affective way of blocking DDOS attacks launched from within
# the same networ class
#
# Valid settings for LF_NETBLOCK_CLASS are "A", "B" and "C", care and
# consideration is required when blocking network classes A or B
#
# Set LF_NETBLOCK to "0" to disable this feature
################################################################
# permanently block IP addresses that have been temporarily blocked more than
# LF_PERMBLOCK_COUNT times in the last LF_PERMBLOCK_INTERVAL seconds. Set
# LF_PERMBLOCK to "1" to enable this feature
#
# Care needs to be taken when setting LF_PERMBLOCK_INTERVAL as it needs to be
# at least LF_PERMBLOCK_COUNT multiplied by the longest temporary time setting
# (TTL) for blocked IPs, to be effective
#
# Set LF_PERMBLOCK to "0" to disable this feature
LF_PERMBLOCK = Default: 1 [0-1]
LF_PERMBLOCK_INTERVAL = Default: 86400 [3600-604800]
LF_PERMBLOCK_COUNT = Default: 4 [1-20]
LF_PERMBLOCK_ALERT = Default: 1 [0-1]
# Permanently block IPs by network class. The following enables this feature
# to permanently block classes of IP address where individual IP addresses
# within the same class LF_NETBLOCK_CLASS have already been blocked more than
# LF_NETBLOCK_COUNT times in the last LF_NETBLOCK_INTERVAL seconds. Set
# LF_NETBLOCK to "1" to enable this feature
#
# This can be an affective way of blocking DDOS attacks launched from within
# the same networ class
#
# Valid settings for LF_NETBLOCK_CLASS are "A", "B" and "C", care and
# consideration is required when blocking network classes A or B
#
# Set LF_NETBLOCK to "0" to disable this feature
LF_NETBLOCK = Default: 0 [0-1]
LF_NETBLOCK_INTERVAL = Default: 86400 [3600-604800]
LF_NETBLOCK_COUNT = Default: 4 [1-20]
LF_NETBLOCK_CLASS = Default: C [A or B or C]
LF_NETBLOCK_ALERT = Default: 1 [0-1]
################################################################
SCP in detail
Example syntax for Secure Copy (scp)What is Secure Copy?scp allows files to be copied to, from, or between different hosts. It uses ssh for data transfer and provides the same authentication and same level of security as ssh.ExamplesCopy the file "foobar.txt" from a remote host to the local host
Copy the file "foobar.txt" from the local host to a remote host
Copy the directory "foo" from the local host to a remote host's directory "bar"
Copy the file "foobar.txt" from remote host "rh1.edu" to remote host "rh2.edu"
Copying the files "foo.txt" and "bar.txt" from the local host to your home directory on the remote host
Copy the file "foobar.txt" from the local host to a remote host using port 2264
Copy multiple files from the remote host to your current directory on the local host
scp PerformanceBy default scp uses the Triple-DES cipher to encrypt the data being sent. Using the Blowfish cipher has been shown to increase speed. This can be done by using option -c blowfish in the command line.
It is often suggested that the -C option for compression should also be used to increase speed. The effect of compression, however, will only significantly increase speed if your connection is very slow. Otherwise it may just be adding extra burden to the CPU. An example of using blowfish and compression:
| $ scp your_username@remotehost.edu:foobar.txt /some/local/directory |
Copy the file "foobar.txt" from the local host to a remote host
| $ scp foobar.txt your_username@remotehost.edu:/some/remote/directory |
Copy the directory "foo" from the local host to a remote host's directory "bar"
| $ scp -r foo your_username@remotehost.edu:/some/remote/directory/bar |
Copy the file "foobar.txt" from remote host "rh1.edu" to remote host "rh2.edu"
| $ scp your_username@rh1.edu:/some/remote/directory/foobar.txt \ your_username@rh2.edu:/some/remote/directory/ |
Copying the files "foo.txt" and "bar.txt" from the local host to your home directory on the remote host
| $ scp foo.txt bar.txt your_username@remotehost.edu:~ |
Copy the file "foobar.txt" from the local host to a remote host using port 2264
| $ scp -P 2264 foobar.txt your_username@remotehost.edu:/some/remote/directory |
Copy multiple files from the remote host to your current directory on the local host
| $ scp your_username@remotehost.edu:/some/remote/directory/\{a,b,c\} . |
| $ scp your_username@remotehost.edu:~/\{foo.txt,bar.txt\} . |
scp PerformanceBy default scp uses the Triple-DES cipher to encrypt the data being sent. Using the Blowfish cipher has been shown to increase speed. This can be done by using option -c blowfish in the command line.
| $ scp -c blowfish some_file your_username@remotehost.edu:~ |
It is often suggested that the -C option for compression should also be used to increase speed. The effect of compression, however, will only significantly increase speed if your connection is very slow. Otherwise it may just be adding extra burden to the CPU. An example of using blowfish and compression:
| $ scp -c blowfish -C local_file your_username@remotehost.edu:~ |
Subscribe to:
Posts (Atom)