25 Jun

How to remove an IP from cPHulkD

Posted by Jacob, under cPanel Tutorials

We had a customer who forgot their root password, and within a few tries at different variations, WHM had locked them out. Here’s what we had to do to clear out the IP’s:

Lets “use” the cphulkd database, and see what tables we have

root@w4 [~]# mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2279778
Server version: 5.0.90-community MySQL Community Edition (GPL)

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> use cphulkd;

Database changed
mysql> show tables;
+-------------------+
| Tables_in_cphulkd |
+-------------------+
| auths             |
| brutes            |
| good_logins       |
| logins            |
| whitelist         |
+-------------------+
5 rows in set (0.00 sec)

So we have auths, brutes, and logins.
The table we are looking for is brutes. This is the table where the blacklisted IPs reside.

mysql> select * from brutes;
+--------------+-------------------------------------------------------------------------+---------------------+---------------------+
| IP | NOTES | BRUTETIME | EXPTIME |
+--------------+-------------------------------------------------------------------------+---------------------+---------------------+
| 24.90.253.66 | 5 login failures attempts to account [email protected] (ftp) | 2008-01-07 14:54:02 | 2008-01-07 14:59:02 |
+--------------+-------------------------------------------------------------------------+---------------------+---------------------+
1 row in set (0.00 sec)

mysql>

So we simply remove the entry.

mysql> delete from brutes where IP='24.90.253.66';
Query OK, 1 row affected (0.00 sec)

mysql>

There you have it! This is most likely the quickest way to remove IP’s that have been locked out.

1 Comment
18 Jun

Core Files Finder

Posted by Jacob, under Scripts Repository

I wrote this about a year ago, to find massive amounts of core files and email them back to me.

This is best ran in the background, as the outputs are nulled. I.E:

./corefinder &

Have fun!

#!/bin/bash
# Find's Core Files, and reports back

TMPDIR='/tmp'

subject="FindCores_Report_for_`hostname`"
EMAIL="[email protected]"
rm -f $TMPDIR/findcores.*
ls /var/cpanel/users/ > $TMPDIR/findcores.users
for i in `cat $TMPDIR/findcores.users`
	do
		if [ -e /home/$i ]; then
			#echo "Checking $i"
			echo "Report for $i" >> $TMPDIR/findcores.$i.corefiles
			cd /home/$i && find . -type f -regex '.*/core\.?[0-9]*$' >> $TMPDIR/findcores.$i.corefiles
			if [ `cat $TMPDIR/findcores.$i.corefiles | wc -l` -lt 25 ]; then
			#echo "Non-Alert"
			rm -f $TMPDIR/findcores.$i.corefiles
			else
			#echo "Alert"
			cat $TMPDIR/findcores.$i.corefiles | mail -s $subject $EMAIL
			fi
			rm -f $TMPDIR/findcores.$i.corefiles
		fi
done
No Comments
18 Jun

Installing GET

Posted by Jacob, under Server Administration

In RPM-based Linux distributions the package named “perl-libwww-perl” includes the LWP module with the GET, POST, and HEAD command aliases; to check if the RPM is installed:

rpm -qi perl-libwww-perl

If the RPM is not installed or if the aliases are otherwise missing (e.g., on FreeBSD), then the issue may be resolved by forcing a re-install of the LWP module from CPAN and having it install the aliases for LWP that enable the GET, POST, and HEAD commands; the re-installation may be performed using the following command, and when running it you would need to answer yes to the questions by entering “y” when prompted to create the aliases:
Code:

/scripts/realperlinstaller --force LWP
2 Comments | Tags:
18 Jun

MySQL Grants

Posted by Jacob, under Scripts Repository

Here’s a quick MySQL query that will setup grants for the specified user, on the specified database:

GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES, CREATE ROUTINE ON `user\_database`.* TO 'user_username'@'%' IDENTIFIED by 'password';
No Comments | Tags:
18 Jun

SED New Line

Posted by Jacob, under Scripts Repository

Ever needed to use ‘sed’ to exchange new lines for another character? Here’s a way to do it:

sed ':a;N;$!ba;s/\n/ /g'
No Comments
« Previous Page Next Page »