Dedicated Server Google Knol

Filed under General | 1 Comment

I’m in the process of writing a Google Knol about dedicated servers. Over time it will become a guide for people who are getting started with their first dedicated server. I’ll be adding some of the tips and information from here as well as some additional information about choosing hosts, server specifications etc. The knol is right HERE.


What is a Brute Force Attack?

Filed under General | Leave a Comment

This is a term that you will often see if you are browsing around internet security related sites. A brute force attack is usually carried out with some sort of automated script. The attacker will often use a list of common usernames and passwords, but could also have the script written in such a way that it simply goes through all the letters of the alphabet, numbers and other characters in order to get the correct password which will allow them into the site they are attacking.

A good analogy would be if you had a combination lock that had three numbers. If you tried all of the numbers from 000 to 999 you would undoubtedly ‘crack’ the combination. That’s a fairly slow way of doing it of course – scripts can generate  numbers and letters much faster than you could turn the tumblers on a combination lock!

Knowing how a brute force attack works should make it very easy to understand that the longer your password is, and the more punctuation and other non alpha-numeric characters you have … the harder it is to ‘crack’.


Getting To Know SSH and The Unix Shell

If you don’t have an IT background, then working on your server is a bit like working on a car for the first time. There’s a lot of stuff under the hood but it all looks like a whole lot of hoses, wires and thingamajigs. That can be scary and it’s true to say that just as you can disable your car if you move the wrong wire, you can do damage to your server if you use the wrong commands.

The best way is to ease into it. Become comfortable with some of the simple commands before you try anything fancy. In this article I’m going to look at some basic commands that will provide you some information about your server.

The first thing to remember is that most flavours of Unix (e.g. RedHat, CentOS etc) are case sensitive and most commands should be entered in lower case. So, the command DF will  yield a ‘command not found’ error, whereas df will tell you how much disk space you have free.

In order to run these commands you will need to use a SSH client program. SSH or ‘Secure Shell’ has, for the most part, replaced the old and somewhat insecure Telnet program. They both do much the same thing except that Telnet is in clear text and SSH is an encrypted link. If you are using windows then you should download Putty which is a free SSH client. There is a setup guide at http://gears.aset.psu.edu/hpc/guides/putty/. Just ignore the part about enabling X11 Forwarding – we don’t need that.

Once you have installed Putty and successfully commected to your server you will see a prompt that looks something like this:

[joe@www admin]#

This is what we refer to as the ‘command prompt’ as it is the place where you enter any commands that you want the server to run.

So…what commands can you run without causing any problems? Thousands … literally … but we will look at just a handful here to get you started.

df – This command will tell you how much hard disk space your server is using (think of it as ‘disk free’). Let’s look at the output. Type df at the command prompt and pressyour ‘Enter’ key.

The output will look something like this:

[joe@www admin]#df

Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/mapper/VolGroup00-LogVol00   74718304   6661240  64200272  10% /
/dev/hda1               101086     11731     84136  13% /boot
tmpfs                   225228         0    225228   0% /dev/shm
/dev/hdc2            145739192    465284 137870756   1% /mnt/disk2
/dev/hdd1            240362656  66950244 161202612  30% /mnt/disk3

The important column is the second last column – the one with the percentage figure. That number tells you how much of the disk is in use. For example, the first disk in that list is using 13% of its total space and the last one is using 30% of its total space. If you would like to know more about the other numbers in that output, there’s a good primer at http://www.oracle.com/technology/pub/articles/calish_filesys.html.

free – this command will tell you how much total and free RAM your  server has. Type free at the command prompt and press your ‘Enter’ key. The output looks something like this:

[joe@www admin]#free

                        total        used          free        shared    buffers     cached
Mem:       2055416    1631192     424224          0      180224    1061592
-/+ buffers/cache:     389376    1666040
Swap:      2040244        208    2040036

From the above we can see that this server has 2GB of RAM (total) and that it is currently using approximately 1.6GB of that RAM. That doesn’t mean that the applications on the server are using most of the RAM though. Note the two columns ‘buffers’ and ‘cached’. The operating system uses buffers and cache internally to manage its own operations and optimize performance. In reality, the applications on the server are using around 389MB of RAM and the operating system is utilizing much of the remaining RAM.  The ‘Swap’ figures show how much ‘swap space’ the server has and how much it is using. Swap space is similar to Windows ‘virtual memory’. If the server uses up all of the physical RAM it will start to swap idle programs out to disk. Generally speaking you should ensure the server has enough physical RAM that it doesn’t need to swap to disk. Disk based memory is much slower than your ‘real’ RAM.

Now that we’ve covered a couple of the simple command, there’s a good list of some other commands at http://www.reallylinux.com/docs/basic.shtml.

Just be careful if you use the passwd command. It will change your password instantly. Oh, and don;t go changing your password to anything simple. Remember, security starts with a strong password!