Category: Linux

To find out if your Linux server is affected by the Windigo campaign, you can run the following command.

$ ssh -G 2>&1 | grep -e illegal -e unknown > /dev/null && echo "System clean" || echo "System infected"

This was originally found on the ArsTechnica article 10,000 Linux servers hit by malware serving tsunami of spam and exploits
Alternatively, you can check your system by running this script via wget.

wget -O - https://techish.net/pub/windigo | sh

Here’s an easy one-liner to get the list of kernels Grub2 has in /boot/grub/grub.cfg.
First, let’s find out what the default kernel is…

root@vz:~# grep ^GRUB_DEFAULT /etc/default/grub
GRUB_DEFAULT=0

Ok, so 0 is loaded by default. Now, let’s list all the kernels…

root@vz:~# grep ^menuentry /boot/grub/grub.cfg |sed -e s/' .*/'/g|more
menuentry 'Debian GNU/Linux, with Linux 3.2.0-4-amd64'
menuentry 'Debian GNU/Linux, with Linux 3.2.0-4-amd64 (recovery mode)'
menuentry 'Debian GNU/Linux, with Linux 2.6.32-042stab059.7'
menuentry 'Debian GNU/Linux, with Linux 2.6.32-042stab059.7 (recovery mode)'

Ok cool, I’m loading ‘Debian GNU/Linux, with Linux 3.2.0-4-amd64′ by default.
I want to change this to load ‘Debian GNU/Linux, with Linux 2.6.32-042stab059.7′ so I will need to use the following command:
From the list you can change you default boot kernel and setting it by the command line or edit the file with your favorite command line editor (vi ;])
NOTE: The items start at 0, so if I wanted the last item as default, it would be number 3 (not 4).

root@vz~~# sed -i 's/^GRUB_DEFAULT=0/GRUB_DEFAULT=2/' /etc/default/grub

Then, run update_grub and reboot.

root@vz:~# update-grub
Generating grub.cfg ...
Found linux image: /boot/vmlinuz-3.2.0-4-amd64
Found initrd image: /boot/initrd.img-3.2.0-4-amd64
Found linux image: /boot/vmlinuz-2.6.32-042stab059.7
Found initrd image: /boot/initrd.img-2.6.32-042stab059.7
done

Reboot.

Some notes on GNU screen windowing…

^-a C - new window
^-a | - split window vertically
^-a S - split window horizontally
^-a TAB - switch to next window
^-a X - close current window
^-a :resize +/- n - resize current window + or - n where n is a number (columns)
^-a x - lock session
^-a d - detach

TAPEDRIVE NOTES (LINUX 2.4)
-Rich (01/08/2004)
Rewind tape drive:

# mt -f /dev/st0 rewind

Backup directory /www and /home with tar command (z – compressed):

# tar -czf /dev/st0 /www /home

Find out what block you are at with mt command:

# mt -f /dev/st0 tell

Display list of files on tape drive:

# tar -tzf /dev/st0

Restore /www directory:

# cd /
# mt -f /dev/st0 rewind
# tar -xzf /dev/st0 www

Unload the tape:

# mt -f /dev/st0 offline

Display status information about the tape unit:

# mt -f /dev/st0 status

Erase the tape:

# mt -f /dev/st0 erase

You can go BACKWARD or FORWARD on tape with mt command itself:
(a) Go to end of data:

# mt -f /dev/nst0 eod

(b) Goto previous record:

# mt -f /dev/nst0 bsfm 1

(c) Forward record:

# mt -f /dev/nst0 fsf 1 

Replace /dev/st0 with your actual tape drive name.

I have ImageMagick installed on a Linux system I use to host a few websites. From time to time, I need to quickly resize a photo, add a watermark, or do something else to an image on the server. I could easily FTP to the server, grab the files, modify then re-upload. I find it quicker though, if I know exactly what I’m wanting, to just use convert for some of the basic tasks.
To change the Brightness, Contrast or Hue via ‘convert’ in ImageMagick from the Linux command line:

rjk@krenix:~$ convert -modulate 150,100,100 source.jpg newimage.jpg

The 3 values in this 150,100,100 are Brightness, Contrast and Hue.
Value of 100 keeps the current option the same and does not increase/decrease.