msgbartop
A chronological documentation test project, nothing serious, really!
msgbarbottom

30 Dec 2007 Resize and watermark images using Imagemagick

Tina resizedThis is a modified version of my Resize of images in a folder with imagemagick post back in February. Only difference this time is that i strips out EXIF tags and the script has been cleaned up a bit. Click on the image to see the result in full size.

#!/bin/bash

# Description:
# Script to resize JPG images to desired width defined in IMAGESIZE variable.
# EXIF tags is also removed from the result images.
# Software needed:
# jhead - http://www.sentex.net/~mwandel/jhead/
# imagemagick - http://www.imagemagick.org

IMAGESIZE="320 480"
for IMAGEFILE in $(ls|grep JPG)
do
        for I in $IMAGESIZE
        do
                # create directories if needed
                if [ ! -d $I ]
                then
                        mkdir $I
                fi

                # Strip EXIF tag information from source file
                jhead -purejpg $IMAGEFILE

                # Resize file
                base=`basename $IMAGEFILE .JPG`_Resized_$I.JPG
                convert $IMAGEFILE -resize $I $base

                # Watermark the file
                width=`identify -format %w $base`
                convert -background '#0008' -fill white -gravity center -size ${width}x15 \
                -font Verdana -pointsize 10 \
                caption:"Copyright © 2007 Pario.no" \
                +size $base +swap -gravity south -composite $I/$base;

                # delete resized file
                rm $base
        done

        # Delete source file (DO NOT USE YOUR ORIGINAL FILE!)
        rm $IMAGEFILE
done

You can download my resize, watermark bash script here.

Tags: , , ,

Posted by

20 Dec 2007 Limit ssh access by MAC-address using iptables

This is a simple iptables rule to allow ssh access to a specific MAC-address

iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source XX:XX:XX:XX:XX:XX -j ACCEPT

This is a nice rule to allow only your laptop ssh access on your servers no matter what IP-address you may have while you are on the road. You do offcourse need to replace XX:XX:XX:XX:XX:XX with your actual MAC-address.

After allowing this rule you should keep an eye on your laptop :)

Tags: ,

Posted by

20 Dec 2007 Allow NFS through iptables

This is one way to determine the ports needed to open in your iptables rules to get NFS to work properly. First we need to determine the ports NFS uses

rpcinfo -p | awk -F " " '{print $3 ", " $4 ", " $5}' | sort | uniq

Notice!
Since portmap assigns ports on random this example is only valid as long as you don’t restart your NFS.

On my system, a RedHat Enterprise Linux WS 4, the result was

proto, port,
tcp, 111, portmapper
tcp, 2049, nfs
tcp, 32771, nlockmgr
tcp, 768, rquotad
tcp, 782, mountd
udp, 111, portmapper
udp, 2049, nfs
udp, 32768, nlockmgr
udp, 765, rquotad
udp, 779, mountd

This gave me a nice overview of protocols (tcp/udp) and ports used.

Now the rules

iptables -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.255.0 -i eth0 -p tcp -m state --state NEW -m multiport --dports 111,2049,32771,768,782 -j ACCEPT
iptables -A RH-Firewall-1-INPUT -s 192.168.0.0/255.255.255.0 -i eth0 -p udp -m state --state NEW -m multiport --dports 111,2049,32768,765,779 -j ACCEPT

You see that the multiport statement is just like the result of my rpcinfo command above.

Remember to save your new rules, othervise they will disappear the next time the iptables rules are being loaded.

In addition to this rule you should add the iptables rule for ssh access I wrote about earlier.

Another way to determine the ports

nmap -sC -p 111 localhost

Notice!
This solution won’t work after a reboot of the server since NFS changes ports. One way to overcome this problem is to follow the instructions in a newer post I’ve made about RedHat and NFS.

Tags: , , , ,

Posted by

18 Dec 2007 Determine false positive from rkhunter

I’ve installed rkhunter, a rootkit checking script, on a Ubuntu 7.10 (Gutsy Gibbons) distro and today it mailed a message saying that 3 files had their properties changed. The files were /usr/bin/chattr, /usr/bin/lsattr and /usr/bin/perlBefore doing anything I tried to update rkhunter to see if there had been any updates to fix this message rkhunter --update but the files were still giving a error warning. Since I haven’t used Debian/Ubuntu systems much I had to find a way to determine if these files had been tampered with. If this had been a RedHat system I would have run the command rpm -V packagename to verify if a package has been tampered with.I found the package list at http://packages.ubuntu.com and entered the program paths I’ve shown above in the “Search the contents of packages” search box. The result after the search for /usr/bin/chattr, /usr/bin/lsattr and /usr/bin/perl

       

  • /usr/bin/chattr was in the package base/e2fsprogs
  •    

  • /usr/bin/lsattr was in the package base/e2fsprogs
  •    

  • /usr/bin/perl was in the package base/perl-base

Downloaded the packages from the same website and verified the downloads using md5sum and then used the ar command to unpack/extract the files.

ar -x *.deb

This will give two tarballs control.tar.gz and data.tar.gz. The first is the information dpkg needs to do a proper installation and configuration of the package, the second contains the binaries and data files.When I extracted the tarball named data.tar.gz and wrote a little script using md5sum on each of the files to determine that all files were valid with the correct size, sum etc.The md5sum script

#!/bin/bash# This script have to be run from the path you extracted the debian packagefor FILE in " /usr/bin/chattr /usr/bin/lsattr /usr/bin/perl usr/bin/chattr usr/bin/lsattr usr/bin/perl"do        md5sum $FILE > md5sums.txtdoneecho If this number is larger than the amount of files compared, then something is fishyecho `awk -F " " '{ print $1 }'< md5sums.txt | sort | uniq | wc -l`

Luckily my system files had the same md5sum as the files extracted from the downloaded package. This proves that my system was not compromised, at least not these files anyway.The script can be downloaded hereThe error message from rkhunter

Warning: The file properties have changed:         File: /usr/bin/chattr         Current hash: 4703e5adba10128a0abbc036cefae73f754db142         Stored hash : 2502e2f117415f56cd64568b042a91dd3ef79b80         Current inode: 1735115    Stored inode: 1733967         Current size: 7228    Stored size: 7296         Current file modification time: 1197053992         Stored file modification time : 1189103575Warning: The file properties have changed:         File: /usr/bin/lsattr         Current hash: c3eba9c1952ccf894f8f71b999b081fe5ad5f4de         Stored hash : 4ba9ee6cb8455509347059f7917ef7ed4bab6891         Current inode: 1735124    Stored inode: 1734372         Current size: 6000    Stored size: 6068         Current file modification time: 1197053992         Stored file modification time : 1189103575Warning: The file properties have changed:         File: /usr/bin/perl         Current hash: 9c4d220d96fbaf9aaedbe4e034a767e8d510d7f6         Stored hash : 155faff21807a6ad3687806ba7737223cd56ac68         Current inode: 1733338    Stored inode: 1733472         Current size: 1078128    Stored size: 1078160         Current file modification time: 1196759924         Stored file modification time : 1191046830

Tags: , , , , , , , ,

Posted by

10 Dec 2007 Create a letter sequence in bash


echo {a..e}

Produces

a b c d e

And

echo {a..b}{a..b}

Produces

aa ab ba bb

Posted by