Cow Computing

There’s once I was required to setup a limited shell access user account on a commercial hardware product, in which to secure the original system from being modified and at the same time to provide a flexible environment for general work. I was on the way to make use of chroot command. Then i was lucky to came across Jailkit, which saved me a lot of time. So, i would like to use this post to give a little introduction on how to use it.

# First, let's create a directory for the jail account
mkdir /jail
chown root:root /jail

# Then we create a new user account specially for jail account
# *replace <group name>, <username>, <password> with your own value
groupadd <group name>
useradd -d /home/jail -g <group name> -p <password> <username>

# For example, if we only want to allow the jail account to have ssh and basic shell access
jk_init -v -j /jail basicshell ssh

# Then we shall jail the user account we previously created to the jail directory
jk_jailuser -m -j /jail <username>

Read More / Comment »

Often you will have to setup a mail server especially when you own a web server or VPS, however, this task is dauntingly hard, since mail is an old product. So, here I would like to jot down a step by step guide to walk through the setup of a simple mail server. By the end of this article, a working IMAP/POP3 server will be up. Nonetheless, if any extra stuff (e.g. the use of spam filter or so) is needed, they can be installed on top later.

First, we have to install “postfix” as the MTA and “mailx” as the mail utility.

sudo apt-get install postfix
sudo apt-get install mailx

Then, we will create a user on ubuntu as the mail user account

sudo useradd -m -s /bin/bash <username>
sudo passwd <username>

Now, the first step is done, and we might have a test on it by issuing

netcat localhost 25

and it should prompt you with this

220 localhost ESMTP Postfix (Ubuntu)

Read More / Comment »

Here, i would like to share with you all some commands that is useful in extracting network information from the OS.

1. Extracting IP of the current machine

ifconfig | grep 'inet addr:' | grep -v '127.0.0.1' | cut -d: -f2 | awk '{print $1}'

2. Getting the Gateway of the current machine

route -n | grep 'UG[ \t]' | awk '{print $2}'

3. Updating the network settings

// ifconfig <network interface> <ip> netmask <subnetmask> broadcast <broadcast address>
ifconfig eth0 192.168.0.10 netmask 255.255.255.0 broadcast 192.168.0.255

4. Updating Gateway

// in order to achieve this, we need to first delete the
// existing gateway entry and then add the new one
route del default

// route add -net default gw <gateway address> netmask 0.0.0.0 dev eth0;
route add -net default gw 192.168.0.255 netmask 0.0.0.0 dev eth0