Blog Navigation
Partners
Latest Activity
Phil gives the source code for implementing a MySQL singleton class in both PHP and Python.
Posted on: April 8th, 2010 by Famous Phil
Today I was reviewing my server logs and noticed the following error:
“ the working directory is not writable: 1 Time(s)”
The solution to this error can be found here: http://slaptijack.com/system-administration/dnsbind-issue-named-the-working-directory-is-not-writable/comment-page-1/#comment-19370
Here is a summary of the solution:
cd /var/named/chroot/var/
ls -la
If you see group not writable on the named directory like the following:
drwxr-x— 4 root named 4096 Jan 9 01:56 named/
issue the following commands:
chmod g+w named
rndc reload
The log file should no longer show this error.
Tags: bind, named, not writeable
Posted in Hosting / Server Administration
|| 2 Comments »
Posted on: April 5th, 2010 by Famous Phil
There comes a time in every admin’s career when knowing how to telnet is a necessary evil. Telnet basically opens a network connection to a server on a specified port so that you can communicate with a server. Telnet isn’t secure by any means, so this is an excellent tool for checking firewall blocks, email servers, web servers, etc. I’m just going to outline a few tricks that I always find myself forgetting.
Open a command prompt in either Windows, Mac, or Linux (chances are that Windows users will need to add it in the Add/Remove Windows Components area of the control panel). Putty also supports telnet.
Telnet to the email server and port 25 (smtp) by “telnet email.server.com 25″. SMTP is Simple Mail Transfer Protocol.
Type “HELO server.com.” or “EHLO server.com.”
Type “MAIL FROM:you@yourserver.com.”
You should see “250 ok”
Type “RCPT TO:friend@theirdomain.com.”
You should see “250 ok”
Type “DATA”
You might see — 354 Please start mail input.
Type “SUBJECT: Test Subject”
Type in your message as normal
Type “.” on the last line by itself
You might see 250 Mail queued for delivery meaning the mail will be sent. At this point, you can exit telnet by typing in “quit” and enter.
Normally: this will allow for something called an open relay, and that is why computer scientists occasionally give SMTP the nickname “Stupid Mail Transfer Protocol”. This was designed back in the 1970′s which is why this protocol is so vulnerable, unfortunately it is how Email functions. There are better methods in the works, but compatibility prevents these from taking off. For instance, Google Wave attempted to fix the problems in Email while making it much better. Maybe it will take off some day because it is amazing, but right now, it doesn’t look good.
Open relays allow for anyone to connect to your mail server and send mail as someone else. This is how spammers manage to spam so easily. Because of this, many internet service providers block port 25 so that customers have to use the ISP’s heavily protected servers to send mail. In addition, most providers make their servers only accept mail for valid users on that server. This way, a spammer can’t send mail as anyone to someone that may be on another email system in the world. This really helps cut down on spam. For administrators, there is a relay testing service that is discussed in tip 3.
3. The last trick is testing that your mail server isn’t an open relay: The easiest way of doing this is open up a telnet session to mail-abuse.org… so on your mail server’s terminal (command prompt), simply “telnet relay-test.mail-abuse.org”. They will connect to your server remotely shortly after you connect and then return to you a full diagnostic list of tests and tell you about problems that they found. This has to be done from the physical mail server, so you need to be the admin of that server to initiate this test.
Hopefully these telnet tricks might help you. I know that I need them occasionally for my own system.
Tags: abuse, escape, mail, prevention, telnet
Posted in Hosting / Server Administration
|| 21 Comments »