SSHD mm_request_send: write: Broken pipe

You are attempting to login to a Linux machine (probably CentOS) and your SSH sessions are instantly disconnected. /var/log/secure shows various Signal 15 crashes and this error: mm_request_send:  write:  Broken pipe Your box has been hacked.    Format and Reinstall. Be sure to run “yum update” at frequent intervals to keep your servers/VMs up-to-date!!     ...

Connect Error (2000) mysqld cannot connect to MySQL 4.1+ using old authentication ERROR 2049 (HY000): Connection using old (pre-4.1.1) authentication protocol refused

You are receiving these errors: Connect Error (2000) mysqld cannot connect to MySQL 4.1+ using old authentication ERROR 1275 (HY000): Server is running in –secure-auth mode, but ‘dbname’@’localhost’ has a password in the old format; please change the password to the new format ERROR 2049 (HY000): Connection using old (pre-4.1.1) authentication protocol refused (client option ...

CentOS / RHEL horrible disk performance with SSD

noop, is essentially a first-in first-out (FIFO) queue with no extra logic. Each virtual machine can stop worrying about the disk, instead passing I/O requests along to the hypervisor to make a better decision about overall performance. Add “elevator=noop” to the kernel parameters in your boot loader’s configuration in /etc/grub.conf `echo noop > /sys/block/${DEVICE}/queue/scheduler`. Set ...

IPTABLES Tidbits

List off all the rules in order. This helps to see if an allow is overriding one of your denies: iptables -nvL –line-numbers Reject or Drop? Drop means to drop everything at the interface and give no response. Best for port probes and the like. Reject responds to the source. Best practices for TCP/IP

Setup NIS + Red Hat + CentOS + Linux

The following describes a procedure to set up NIS network name service under Red Hat Linux. This is geared toward a small intallation with only one domain. However, it should be fairly evident how to add more NIS domains. The NIS domain name has nothing to do with any DNS naming convention being used. In ...

ssh: Illegal -o parameter “PermitLocalCommand no”

Your box has been hacked. Refer to my previous post: HERE You need to reinstall the SSH client: yum reinstall openssh-clients

Unknown HZ value! (##) Assume 100

You’ve been hacked. How to clean a Hacked CentOS / LINUX Machine yum install chkrootkit Run chkrootkit to find INFECTED files You will need to delete, manually, each of these files. The permissions will be modified to stump the average user. You will need to use: chattr This command will free most files: chattr -suSadAc ...

Common CentOS Run levels

Common services and their run levels for auto start httpd: chkconfig –level 234 httpd on named: chkconfig –levels 35 named on vsftpd: chkconfig –level 234 vsftpd on -level 234 is fairly common

CentOS: Alias IP Ranges

cd /etc/sysconfig/network-scripts Quick and easy range of ips: Add this file: ifcfg-eth0-range0 Contents: IPADDR_START= 11.xxx.xxx.xxx IPADDR_END= 11.xxx.xxx.xxx CLONENUM_START=0 If you want to add another range: Add this file: ifcfg-eth0-range1 IPADDR_START=10.xxx.xxx.xxx IPADDR_END=10.xxx.xxx.xxx CLONENUM_START=11 Pay close attention to CLONENUM_START. In the second range it must be a number higher than the amount of IPs adding in range0. ...

YUM repo massive update

rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm http://dag.wieers.com/rpm/FAQ.php#B