FTP – VeriTeknik

Add New Hosting to a System Installed With Plugged.sh

Mustafa Emre Aydın — Wed, 03 Jul 2013 11:45:30 +0000

If you use our LAMP installer script and want to add a new domain afterwards, we’ve created a simple script to ease up the process. This script creates a new user, adds the domain settings for Apache, adds a new MySQL Database and user, restarts necessary services.

Simply get our script from here or on your server via wget.

git clone https://github.com/VeriTeknik/plugged.sh.git

Run the script (as root) to learn about the usage.

sh hostingadd.sh

Usage: hostingadd.sh -u username -p password -d domain -ip IP -dbu dbuser -dbn dbname -dbp dbpass

 -u username : Set the LOGIN name (FTP user)
 -p password : Set the Password
 -d domain : Set the Domain
 -ip ip : Set the IP address for the domain
 -dbu dbuser : Set the MySQL User
 -dbn dbname : Set the MySQL Database Name
 -dbp dbpass : Set the MySQL User Password

The parameters are explained above. The script will try to create the MySQL databases as root, so it will need access to MySQL. In order to manage it, you’ll have to create a .my.cnf file under your /root path. The /root/.my.cnf file should be like this :

[client]
user=root
pass=yourMySQLrootPassword

Don’t worry about writing your password in clear text. This file is restricted by root access anyway, so if someone can read this file, your server is already compromised.

You can access via FTP by using the username and password provided while running the script. You can also check if the database is successfully added via phpmyadmin (which is installed by plugged.sh)

There isn’t an uninstall script yet, but I’ll write one asap.

The post Add New Hosting to a System Installed With Plugged.sh appeared first on VeriTeknik.

A Simple FTP Status Daemon

Mustafa Emre Aydın — Wed, 25 Apr 2012 07:11:20 +0000

Here is a clumsy script to check on an FTP Service on a remote server if running or down. The script is written in Python and is a very draft one, but does the job.

The main goal is to check whether we get any response from the FTP server while we try to connect anonymously. Don’t forget that this script probably won’t work if the FTP server allows anonymous connections.

We simply use the ftplib module to establish the FTP connection. After the successful (or failed) connection, we can report the status of the server via email, to achieve this we use the smtplib module.

The first lines seem simple,

#!/usr/bin/python
import ftplib, smtplib
server_ip='10.20.30.40'
sender='sender@email.com'
receivers=['john@email.com','doe@email.com']

Above, after importing our modules, we’ve defined the ip address of our FTP server. After that, the sender email address is defined, and then a list containing the receivers.
Now we can define our messages. We’ll have two messages, one for the UP status, and one for the DOWN.

message_up="""
 From: FTP Status DAEMON 
 To: John , Doe 
 Subject: FTP Service Running
The FTP Service on %s is running.
 """ % server_ip
message_down="""
 From: FTP Status DAEMON 
 To: John , Doe 
 Subject: FTP Service DOWN!
The FTP Service on %s is DOWN!!!
 """ % server_ip

Now we can actually start the checking. The first try clause is checking if we can establish any kind of connection with the server. If the server is somehow down, or if only the FTP service is shut down, this will return some sort of error, which we will catch with the except clause, handle it with our smtp commands, then raise a system exit.

try : ftp=ftplib.FTP(server_ip)
except :
 print "FTP DOWN !!!"
 smtpObj = smtplib.SMTP('localhost')
 smtpObj.sendmail(sender,receivers,message_down)
 raise SystemExit

And here’s the second check, if we somehow get to this line, it means that we’ve passed the system exit above, so our connection attempt with the server worked, but we’re not sure if the FTP service is actually running without a login attempt. When we try to login, and if anonymous connection isn’t allowed, we’ll get a permission error, handling it with an exception we can email the recievers that the server is running.

try : ftp.login()
except ftplib.error_perm :
 print "FTP Up, Permission Denied."
 smtpObj = smtplib.SMTP('localhost')
 smtpObj.sendmail(sender,receivers,message_up)

Now simply connect the dots and add the whole script to your crontab, then you’re good to go!

The post A Simple FTP Status Daemon appeared first on VeriTeknik.

Ephemeral port range for FTP

ckaraca — Fri, 22 Apr 2011 09:05:05 +0000

The standart linux distrubition calls that the ephemeral port range be between 1024 and 4999. We we all know that some of these ports are used for other more importand applications than FTP. So security is an issue because leaving those original ports open leads to major security holes. Rather than openning ports that need higher security for FTP we will change the port range. With this modified port range you can open your firewall to ports that do not have any use but PASV FTP.

First find out what the defined port range is

# cat /proc/sys/net/ipv4/ip_local_port_range
1024 4999

Know select the port range that you wan, I will define a port range of my desire but this is up to the network admin.
To change the port range you have two option

Edit with nano or vi /proc/sys/net/ipv4/ip_local_port_range
Or

echo “55001 65535” > /proc/sys/net/ipv4/ip_local_port_range

These will both change the port, chech this with # cat /proc/sys/net/ipv4/ip_local_port_range

To make these changes permanent as these definitions will vanish on every reboot you need to put a script in /etc/sysctl.conf

Nano or vi /etc/sysctl.conf
Add

# Controls Ephemeral Port Range (this is for the admin to remember what it is)
net.ipv4.ip_local_port_range = 55001 65535

Save
Exit
Reboot (if you like)
And you are done!

The post Ephemeral port range for FTP appeared first on VeriTeknik.