UnCloaked DOS

Posted by alex almazan Mon, 17 Dec 2007 22:23:00 GMT

The following for loop will inject filters against the source IP(s) of the ‘Treason Uncloaked’ attempts to eat up server resources. 
 for DOS_IP in $(dmesg |grep 'Treason uncloaked!' |cut -d ' ' -f5|cut -d':' -f1 |sort -u); do iptables -A INPUT -s $DOS_IP -j DROP;done

CRON process snapshot

Posted by alex almazan Mon, 17 Dec 2007 22:13:00 GMT

Process information prior to server crash can provide insight into server instability. The following cron can help obtain details necessary to re-instill server stability. This should be used sparingly and in the most dire of circumstances.

*/1 * * * * uptime >> /root/status.txt ; ps -auwwwwx >> /root/status.txt ; free -m >> /root/status.txt
*/5 * * * * uptime >> /root/status5.txt ; ps -auwwwwx >> /root/status5.txt ; free -m >> /root/status5.txt
*/10 * * * * uptime >> /root/status10.txt ; ps -auwwwwx >> /root/status10.txt ; free -m >> /root/status10.txt

CRON Log Delivery

Posted by alex almazan Mon, 17 Dec 2007 22:03:00 GMT

This CRON example covers a daily delivery of server logs, in this case mail specific. 
5 0 * * *  /bin/mail -s "Daily requested mail log" user@domain.ltd < maillog > /dev/null 2>&1

Older posts: 1 ... 3 4 5