Save Linux terminal session (script)

During daily work, sometimes we perform tasks that we would like to document properly.entrada Linux script

In this post we will see how to save an entire Linux terminal session, so that we can subsequently include any documentation.

The command we use is:

script

Continue reading

PHP web security, application securize

Sometimes we manage PHP applications to our surprise have been hacked, have replaced the home page, added code in the header of the page, malicious code inserted between the application files (for example sending email spam), etc. ..

Leave some pictures:

 

ataque 405 email sender ataque islamic ghosts team Ataque merdeka

This type of attack is most likely suffer if our application is relatively popular, WordPress, Joomla, Drupal, etc …

The safety improvement plan includes the processes:

We go step by step:

Continue reading

mount bind linux vs application reconfiguring

When configuring Linux systems one of the golden rules is to outsource the configuration and application data to another volume. This can easily be done for example by mounting /opt on another disk and performing installations on /opt.

Installations on other volumes are simple provided you do not have recourse to the repository of the distribution you’re using, in this case we will have settings and data in a few places. In such a situation we can do 2 things:

  1. Wander around all the configuration files of the application in question and modify routes logs, data, settings, etc… a lot of work.
  2. Use mount with the option –bind and not touch anything on the application.

 

Continue reading

Install different java versions, using them simultaneously in Linux

This may seem trivial, but I have seen many people do not know how to take a single machine, several Java application servers running on different versions of Java

To start for safety as recommended, it is that for every application server we have running, the facility owner is a different user, the same user is running the application server.

In short, for each user you can configure your runtime environment by default, so you do not need to touch anything in the application servers to indicate that Java should use.

Take the example that we want to run Tomcat 8 with Java 8 and Tomcat 6 with Java 6.

 

Continue reading

iptables output examples, configuration for outgoing connections, Red Hat/CentOS or Ubuntu

As an extension of the post “Configuring iptables firewall RedHat/CentOS 6 from command line“,  this time we will see how to secure outbound connections to our server.

Limiting outgoing connections may seem a little paranoid, but in case of an attack your machine will be used to “jump” to others or send mails. I know this may still sound even more paranoid, but these things happen and are very real, I want to do a post later trying a real case.

Come to the point, we start from an initial situation:

Source   
[root@oradb ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Continue reading

Oracle get ddl of objects

Sometimes it is very useful to get the DDL of an object of particular database.base_datos_objetos

We can recreate such a user from one environment to another without even knowing the password.

DDL statements can be obtained by calling the function:

Source   
DBMS_METADATA.GET_DDL (
object_type IN VARCHAR2,
name IN VARCHAR2,
schema IN VARCHAR2 DEFAULT NULL,
version IN VARCHAR2 DEFAULT 'COMPATIBLE',
model IN VARCHAR2 DEFAULT 'ORACLE',
transform IN VARCHAR2 DEFAULT 'DDL')
RETURN CLOB;

Continue reading

JBoss Apache ssl, securize communication channel between JBoss and Apache with SSL

Recently a client has requested a securized installation around the information circuit, that is:

todo sslApache is usually configured with SSL and internal communication between Apache and JBoss is done with the AJP protocol, as follows:

no todo sslThe AJP protocol has the advantage over http, which is a binary instead of text communication, this reduces the bandwidth needed to transmit the same information (it is estimated that the bandwidth required is reduced by 25%).

Continue reading

Oracle optimizer features enable and disable

With each version or release of Oracle Database, new features and bug fixes added in the optimizer, this is good initially but any code modification may include new bugs.

Right Decision, Wrong Decision Road SignWhen upgrading from one version of Oracle to a higher is possible that some queries run really bad, this can be solved with a workaround like (if we have migrated from 11gR2 10.2.0.4 for example):

Source   
ALTER session SET optimizer_features_enabled='10.2.0.4';

or to make it permanent:

Continue reading

Oracle rebuild index and status

In tables where changes constantly, as a maintenance over the DB, you have to rebuild the indexes B-TREE periodically, for example (the syntax is more complex):

Source   
ALTER INDEX SCOTT.PK_EMP REBUILD;

A B-TREE ideal has branches all perfectly balanced, a B-TREE degraded can offer linear time rather than logarithmic search because of strong imbalance.

To determine if an index should be rebuilt:

Continue reading

Oracle database statistics, gathering, speed and activity redo log

Each new version of the optimizer is increasingly dependent on the statistics, the quality of which may be sufficient for an earlier version but not the current.

As a rule be analyzed a table (in casacada, ie including indexes) significant modifications are made upon it. For example:

  • truncates
  • Insert into .. select …
  • Any insert, update and deletion bulk (bulk means that affects more than 20% of all records)

The statistics can be obtained in many ways, some faster than others (partial estimates, complete, etc …) and more or less redologs generation.

For example if we use the DBMS_STATS package (https://docs.oracle.com/cd/E11882_01/appdev.112/e40758/d_stats.htm#ARPLS059) specifically the sub-program GATHER_TABLE_STATS (https://docs.oracle.com/cd/E11882_01/appdev.112/e40758/d_stats.htm#ARPLS68582), the syntax is very similar to the sub-programs:

Continue reading