PLESK PANEL PASSWORD RECOVERY :
/usr/local/psa/bin/admin --show-password
cat /etc/psa/.psa.shadow
Windows:
Run the command below from command prompt or using start–>run:
C:\Program Files(x86_64)\Plesk\admin\bin\plesksrvclient.exe -get
# /usr/local/psa/admin/bin/mail_auth_view | grep email@email.com <--- to view email id password
TO VIEW EMAIL PASSWORD
/usr/local/psa/admin/bin/mail_auth_view | grep user@domain
How to clear command shell history
# history -c
# cat /dev/null > .bash_history
To view mailq in qmail
./qmHandle -s
To view date wise send mail on mail server:
[root@server~]#grep Sent /var/log/maillog |grep "May 28" |wc -l
grep Sent info@scient.ac.in /usr/local/psa/var/log/maillog |grep "July 10" |wc -l
grep Sent |grep sachin@indus-advisors.com /var/log/maillog |grep "Aug 2[7-9]"
To view Database History
# cat .mysql_history
To check process of mysql using
# mysqladmin -u admin -p`cat /etc/psa/.psa.shadow` processlist
TO CHECK MOTHERBOARD DETAILS:-
[root@pcs1 ~]# dmidecode -t baseboard
TO CHECK RAM DETAILS AND TYPE:-
[root@pcs1 ~]# dmidecode -t memory
Getting hard disk model and number under Linux
# hdparm -I /dev/sda
# hdparm -I /dev/sda | grep Serial
To find spammer in plesk:
grep -I smtp_auth /var/log/maillog
grep -I smtp_auth /usr/local/psa/var/log/maillog
grep -I smtp_auth /usr/local/psa/var/log/maillog |grep -I user |awk '{print $11}' |sort |uniq -c |sort -n
lsof +r 1 -p `ps axww | grep httpd | grep -v grep | awk ' { if(!str) { str=$1 } else { str=str","$1}}END{print str}'` | grep vhosts | grep php
[http://sysnetpro.net/hosting-controller/plesk-control-panel/locate-php-scripts-sending-spam-emails-plesk-server.html]
# grep -ir "Allow Password-Protected Archives" MailScanner.conf
Allow Password-Protected Archives = yes
To check Brute Force Attack
# lsof -i :80
# lsof -p processid
To change mailing list password command line in linux:
[root@server~]# /usr/lib/mailman/bin/change_pw --domain=domain.com --password=password
Refer: http://forum.parallels.com/showthread.php?54735-Mailman-list-admin-password-reset
==========================================================
VPS Migration from one hardware node to another node live.
==========================================================
If vps down...
vzmigrate -r yes --keep-dst -v 202.52.134.29 3003
[destination_ip vps_id]
If vps live
vzmigrate -r no --keep-dst --live 202.52.134.18 205
[destination_ip vps_id]
Backup Command:
vzdump --suspend --compress --dumpdir /backups/yantra/ --mailto audit@hostindia.net 3003
Suspend a Domain command line plesk:
/usr/local/psa/bin/domain -u stuartsdomain.co.uk -status disabled
Unsuspend a Domain command line in plesk:
/usr/local/psa/bin/domain -u scient.ac.in -status enabled
Block Perticular IP OR IP Range:
iptables -I INPUT -s 122.225.97.108 -j DROP
iptables -L
service iptables save
To unblock ip from iptables
iptables -L -n |grep 121.246.206.169
iptables -D INPUT -s 121.246.206.169 -j DROP
service iptables save
144.0.0.59
DDOS Detection in Linux
=======================
netstat -plan|grep :80|awk '{print $5}'|cut -d: -f 1|sort|uniq -c|sort -n
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
If vps not stop/start/restart properly
vzquota off 310
vzctl start 310
============================================
Hardware Raid status check:
/usr/StorMan/arcconf getconfig 1 | less
==========================================
To change date and time in linux
date -s "08 SEP 2014 03:49:10"
vzctl set 199 --diskinodes 471859:524288 --save
===============================================
To disable existing raid or delete existing mbr
[root@server~]# linux nodmraid
==================================================
/usr/local/psa/bin/admin --show-password
cat /etc/psa/.psa.shadow
Windows:
Run the command below from command prompt or using start–>run:
C:\Program Files(x86_64)\Plesk\admin\bin\plesksrvclient.exe -get
# /usr/local/psa/admin/bin/mail_auth_view | grep email@email.com <--- to view email id password
TO VIEW EMAIL PASSWORD
/usr/local/psa/admin/bin/mail_auth_view | grep user@domain
How to clear command shell history
# history -c
# cat /dev/null > .bash_history
To view mailq in qmail
./qmHandle -s
To view date wise send mail on mail server:
[root@server~]#grep Sent /var/log/maillog |grep "May 28" |wc -l
grep Sent info@scient.ac.in /usr/local/psa/var/log/maillog |grep "July 10" |wc -l
grep Sent |grep sachin@indus-advisors.com /var/log/maillog |grep "Aug 2[7-9]"
To view Database History
# cat .mysql_history
To check process of mysql using
# mysqladmin -u admin -p`cat /etc/psa/.psa.shadow` processlist
TO CHECK MOTHERBOARD DETAILS:-
[root@pcs1 ~]# dmidecode -t baseboard
TO CHECK RAM DETAILS AND TYPE:-
[root@pcs1 ~]# dmidecode -t memory
Getting hard disk model and number under Linux
# hdparm -I /dev/sda
# hdparm -I /dev/sda | grep Serial
To find spammer in plesk:
grep -I smtp_auth /var/log/maillog
grep -I smtp_auth /usr/local/psa/var/log/maillog
grep -I smtp_auth /usr/local/psa/var/log/maillog |grep -I user |awk '{print $11}' |sort |uniq -c |sort -n
lsof +r 1 -p `ps axww | grep httpd | grep -v grep | awk ' { if(!str) { str=$1 } else { str=str","$1}}END{print str}'` | grep vhosts | grep php
[http://sysnetpro.net/hosting-controller/plesk-control-panel/locate-php-scripts-sending-spam-emails-plesk-server.html]
# grep -ir "Allow Password-Protected Archives" MailScanner.conf
Allow Password-Protected Archives = yes
To check Brute Force Attack
# lsof -i :80
# lsof -p processid
To change mailing list password command line in linux:
[root@server~]# /usr/lib/mailman/bin/change_pw --domain=domain.com --password=password
Refer: http://forum.parallels.com/showthread.php?54735-Mailman-list-admin-password-reset
==========================================================
VPS Migration from one hardware node to another node live.
==========================================================
If vps down...
vzmigrate -r yes --keep-dst -v 202.52.134.29 3003
[destination_ip vps_id]
If vps live
vzmigrate -r no --keep-dst --live 202.52.134.18 205
[destination_ip vps_id]
Backup Command:
vzdump --suspend --compress --dumpdir /backups/yantra/ --mailto audit@hostindia.net 3003
Suspend a Domain command line plesk:
/usr/local/psa/bin/domain -u stuartsdomain.co.uk -status disabled
Unsuspend a Domain command line in plesk:
/usr/local/psa/bin/domain -u scient.ac.in -status enabled
Block Perticular IP OR IP Range:
iptables -I INPUT -s 122.225.97.108 -j DROP
iptables -L
service iptables save
To unblock ip from iptables
iptables -L -n |grep 121.246.206.169
iptables -D INPUT -s 121.246.206.169 -j DROP
service iptables save
144.0.0.59
DDOS Detection in Linux
=======================
netstat -plan|grep :80|awk '{print $5}'|cut -d: -f 1|sort|uniq -c|sort -n
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
If vps not stop/start/restart properly
vzquota off 310
vzctl start 310
============================================
Hardware Raid status check:
/usr/StorMan/arcconf getconfig 1 | less
==========================================
To change date and time in linux
date -s "08 SEP 2014 03:49:10"
vzctl set 199 --diskinodes 471859:524288 --save
===============================================
To disable existing raid or delete existing mbr
[root@server~]# linux nodmraid
==================================================
No comments:
Post a Comment