February 28th, 2010 | 
Author: IdeaStack now venturing into the windows hosting market with what we call the best windows hosting plan in the industry.Our windows plans start as low as $ 14.95 /Year with 1 GB Space 10 GB Bandwith with the same IdeaStack High Quality Support and uptime.We will be redesigning our site to add the windows plans and dedicated server .IdeaStack Dedicated servers our not like the standard cheap server’s that you buy no doubt we are cheap .but we provide our customers with complete control from reboot to RDNS all automated in our very own IdeaPanel .Normal Cheap Dedicated server providers do not give any control to customers like when they need a reboot they have to open a ticket and then that ticket is queued with others there is only one staff available at the data center who manuall y goes to the server and reboots it this takes about 20 min average among all budget providers now this 20 min of downtimes can have very bad effect on your SLA .IdeaStack Servers come with circuit breakers integrated with our very own ideaPanel so you get instant Reboot.Free Unlimited OS Reloads (Automated And Instant most budget server providers charge $ 25 for OS Reload).RDNS Set up API that connect Directly with the isp no staff intervention required.Add to that Free Management at the cost of Unmannaged Servers .Servers Start as low as $ 99 /month With Free 5 SSL Certificates a Value of $ 300 per Year
Posted in 
Welcome to the INDIA.This is where politics is what determines everything.RBI has problems with the hard earned money of indian SEO companies and Indian webmasters while 1000 cr of politicians moves freely unharmed the $ rates fall during elections and rises after this is a trend happening from last 30 years .Paypal is being used by lacks of indian webmasters .lots of people depend on it lot’s of companies pay salary to there staff after getting the paypal deposits .RBI has problems with e-wallet services .I m not against India.I am against the system that’s spoiling india.
My suggestions to RBI
Stop Currency Notes(Only Denominations Less than 10 should be Kept till every Indian has a mobile)
Use E-Transfers for Everything ( Even for paying for Taxi or Vegetable Store)
Implement Direct Tax Code( NO HRA NO LTA NO RUBBISH )
99.9% PEOPLE USE to Save Tax
Every Person should be asked to submit whatever cash they have and get it credited in there e-token
Make a Paypal Like System for all internal Payments via Mobile Phones
Deduct Tax Direcly from it ask every department of government to pay funds using it ( NO BRIBES NO BLACK MONEY)
INDIA WILL not grow at 10% if this is done it will grow at 100% trust me India grows 100%
90% is pulled down by Politics
We are developing a billing script to be provided to our reseller clients the billing script aims at providing the reseller a cheap and affordable billing solutions with integration with Cpanel and Paypal
Our Main Aim is
1.Simplicity
a)One Click Order Click on Order Enter Domain ->Enter Details and Make the Payment -> Receive the Account Details via Email and Invoice Payment Confirmation
b)Support Center One Click Ticket Submission easy admin side for following up the ticket replies
c)Support for Direct Domain Registration using our Reseller Account (Planed for Next Release)
d)Support for Extra Payment Options (Next Release)
e) Completely user friendly and Optimized script after studying drooped carts and abandon patterns for years
One More Surprise for our Customers
Sell Reseller Accounts Using Out Simple WHM Addon
Lots Happenning at IdeaStack @ 2010
We Assure Our Customers Best Services at All times and Expect a lot of New Innovations in 2010
It is basically loading your Pc with malware by using unsuspicious methods i.e search results, ad banners , scripts etc. It can corrupt te java scripts in a page and make it look as harmless as possible but once clicked on it does not take much time. Web servers are being hacked all over the world to be inserted with these and are infecting millions of computers everyday.
Most of the Malware distributors use the Internet marketing techniques like SEO to get their links listed and clicked on. Search engines are the biggest source of these infections.
Search engines need to secure their cache and be tougher with these malicious codes.
Koobface is the name of the virus that is spreading on facebook through some corrupted applications. It prompts you to update the flash video player which downloads a file called as “flash_player.exe” file. Once that is done you are asked to download a Security management software at start up (SamSs) which then manipulates every search result and hijacks many proxies to take you to dangerous sites that will do more harm to your computer. The easiest way to remove this threat is to scan your computer with a good AntiVirus and change your Facebook password. This attack on the world’s most popular social networking site and its 120 million users comes just weeks after Facebook won an $873 million lawsuit against several people accused of hacking user accounts and spreading spam.
remove Webmin software under Linux / UNIX operating system?
Remove Webmin RPM (RHEL / Centos / Fedora )
If you have installed it via rpm, type the following command to remove the same:
# rpm -ev webmin
Uninstall Webmin Source Installation
Just run the command /etc/webmin/uninstall.sh if you’ve install it from source:
# /etc/webmin/uninstall.sh
Sample Output:
Are you sure you want to uninstall Webmin? (y/n) : y
Stopping Webmin server in /usr/local/webmin-1.330
/etc/webmin/stop: line 4: kill: (2359) – No such process
Running uninstall scripts ..
Deleted init script /etc/rc.d/init.d/webmin
Deleting /usr/local/webmin-1.330 ..
Deleting /etc/webmin ..
Done!
Solaris UNIX Remove Webmin Software
if you have installed the Solaris package, enter:
# pkgrm WSwebmin
Debian / Ubuntu Linux Remove Webmin Software
Use apt-get command to remove the same:
# apt-get –purge remove webmin
FreeBSD Remove Webmin Software
Type the following command to remove webmin under FreeBSD operating system:
# cd /usr/ports/sysutils/webmin
# make deinstall clean
OR use pkg_delete command:
# pkg_delete webmin
A Note About Firewall Configuration
You may need to update your pf or netfilter scripts to close port # 10000 which was opened for webmin.
Captcha is a visual challenge to avoid bots from gaining access to yout site . There are plenty of libraries provided for PHP. I recommend the reCAPTCHA PHP Library, which provides a simple way to place a CAPTCHA on your PHP forms. It can stop bots from abusing it. you need to use the reCAPTCHA API.
Step # 1: Get reCAPTCHA API Library
Visit reCAPTCHA website to sign up for an API key (it is free). Please note down your private and public keys.
Step # 2: Download and Install reCAPTCHA PHP
Download the reCAPTCHA library from Google code repo:
$ cd /tmp
$ wget http://recaptcha.googlecode.com/files/recaptcha-php-1.10.zip
Unzip recaptcha-php-1.10.zip, enter:
$ unzip recaptcha-php-1.10.zip
Finally, copy recaptchalib.php to the directory where your forms live. For e.g. if your contact.php is at /var/www/html, copy recaptchalib.php as follows:
$ cp /tmp/recaptcha-php-1.10/recaptchalib.php /var/www/html
Step # 3: Test It
Create a php script as follows:
<html>
<head>
<title>Sample Email Form</title>
</head>
<body>
<script>
function checkForm() {
if (document.forms.myphpform.elements['yname'].value.length == 0) {
alert(’Please enter a value for the “Name” field’);
return false;
}
if (document.forms.myphpform.elements['email'].value.length == 0) {
alert(’Please enter a value for the “Email” field’);
return false;
}
if (document.forms.myphpform.elements['message'].value.length == 0) {
alert(’Please enter a value for the “Message” field’);
return false;
}
return true;
}
</script>
<form action=”?done=1″ method=”post” name=”myphpform” onSubmit=”return checkForm()” >
<table border=0>
<tr>
<td>Your Name:</td>
<td>
<input type=”text” name=”yname” size=”50″ maxlength=”50″ value=”" /></td>
</tr>
<tr>
<td>Your Email:</td>
<td>
<input type=”text” name=”email” size=”50″ maxlength=”50″ value=”" /></td>
</tr>
<tr>
<td>Message:</td>
<td>
<input type=”text” name=”message” size=”50″ maxlength=”50″ value=”" /></td>
</tr>
<tr>
<td>Are you a human being?</td>
<td>
<?php
@require_once(’recaptchalib.php’);
$publickey = “YOUR-PUBLIC-KEY”;
$privatekey = “YOUR-PRIVATE-KEY”;
$resp = null;
$error = null;
# are we submitting the page?
if ($_POST["submit"]) {
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if ($resp->is_valid) {
$to=”you@example.com”;
$subject=”Feedback from example.com”;
$body=” Message via webform:
Name: ” .$_POST["yname"] . “\n
Email: ” .$_POST["email"] . “\n
Message: ” .$_POST["message"] . “\n”;
/* send email */
mail($to,$subject,$body);
echo ”
Email sent!
“;
exit(1);
} else {
echo “Sorry cannot send email as you’ve failed to provide correct captcha! Try again…”;
}
}
echo recaptcha_get_html($publickey, $error);
?>
<td/>
</tr>
<tr>
<td> </td>
<td>
<input type=”submit” name=”submit” value=”submit” /></td>
</tr>
</table>
</form>
</body>
</html>
All public IP address on the Internet is registered to ISP or an owner or a larger organization. Each IP address is recorded in the whois database. You can query this database to get owner name, phone, email address and so on the Internet using whois command line client.
Find IP Address For A Host Name
For instance to find the IP address for a ideastack.com open a command line and type in:
host ideastack.com
or
nslookup ideastack.com
Sample Outputs:
ideastack.com has address 69.162.114.73
69.162.114.73
is IPv4 address for ideastack.com hostname.
whois – Client For The Whois Directory Service
Type the following command to find out the owner of an IP address called 69.162.114.73
$ whois 69.162.114.73
Domain Whois record
Queried whois.inregistry.in with “ideastack.com”…
Domain ID:D3832221-AFIN
Domain Name:ideastack.com
Created On:14-Oct-2009 17:33:41 UTC
Last Updated On:14-Oct-2009 17:34:26 UTC
Expiration Date:14-Oct-2010 17:33:41 UTC
Sponsoring Registrar:Directi Internet Solutions Pvt. Ltd. dba PublicDomainRegistry.com (R5-AFIN)
Status:CLIENT TRANSFER PROHIBITED
Status:TRANSFER PROHIBITED
Registrant ID:DI_10529592
Registrant Name:IdeaStack Support
Registrant Organization:IdeaStack Solutions Private Limited
Registrant Street1:5/A Sagar Tower Jogeshwari
Registrant Street2:
Registrant Street3:
Registrant City:mumbai
Registrant State/Province:Maharashtra
Registrant Postal Code:400102
Registrant Country:IN
Registrant Phone:+91.2226782833
Registrant Phone Ext.:
Registrant FAX:
Registrant FAX Ext.:
Registrant Email:supportisspl@gmail.com
Admin ID:DI_10529592
Admin Name:IdeaStack Support
Admin Organization:IdeaStack Solutions Private Limited
Admin Street1:5/A Sagar Tower Jogeshwari
Admin Street2:
Admin Street3:
Admin City:mumbai
Admin State/Province:Maharashtra
Admin Postal Code:400102
Admin Country:IN
Admin Phone:+91.2226782833
Admin Phone Ext.:
Admin FAX:
Admin FAX Ext.:
Admin Email:supportisspl@gmail.com
Tech ID:DI_10529592
Tech Name:IdeaStack Support
Tech Organization:IdeaStack Solutions Private Limited
Tech Street1:5/A Sagar Tower Jogeshwari
Tech Street2:
Tech Street3:
Tech City:mumbai
Tech State/Province:Maharashtra
Tech Postal Code:400102
Tech Country:IN
Tech Phone:+91.2226782833
Tech Phone Ext.:
Tech FAX:
Tech FAX Ext.:
Tech Email:supportisspl@gmail.com
Name Server:NS1.CHEAPHOSTINGPLAN.IN
Name Server:NS2.CHEAPHOSTINGPLAN.IN
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Name Server:
Network Whois record
Queried whois.arin.net with “69.162.114.73″…
OrgName: Limestone Networks, Inc.
OrgID: LIMES-2
Address: 400 N. St. Paul
City: Dallas
StateProv: TX
PostalCode: 75201
Country: US
ReferralServer: rwhois://rwhois.limestonenetworks.com:4321
NetRange: 69.162.64.0 – 69.162.127.255
CIDR: 69.162.64.0/18
OriginAS: AS46475
NetName: LSN-DLLSTX-2
NetHandle: NET-69-162-64-0-1
Parent: NET-69-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.LIMESTONENETWORKS.COM
NameServer: NS2.LIMESTONENETWORKS.COM
NameServer: NS3.LIMESTONENETWORKS.COM
Comment: http://www.limestonenetworks.com
RegDate: 2008-06-27
Updated: 2008-11-10
RAbuseHandle: ABUSE1804-ARIN
RAbuseName: Abuse
RAbusePhone: +1-214-586-0555
RAbuseEmail: abuse@limestonenetworks.com
RNOCHandle: NOC2791-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-214-586-0555
RNOCEmail: noc@limestonenetworks.com
RTechHandle: NOC2791-ARIN
RTechName: Network Operations Center
RTechPhone: +1-214-586-0555
RTechEmail: noc@limestonenetworks.com
OrgAbuseHandle: ABUSE1804-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-214-586-0555
OrgAbuseEmail: abuse@limestonenetworks.com
OrgTechHandle: NOC2791-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-214-586-0555
OrgTechEmail: noc@limestonenetworks.com
# ARIN WHOIS database, last updated 2009-11-03 20:00
DNS records
name class type data time to live
ideastack.com IN MX
preference: 0
exchange: ideastack.com
14400s (04:00:00)
ideastack.com IN SOA
server: ns1.cheaphostingplan.in
email: shazim.gmail.com
serial: 2009102901
refresh: 86400
retry: 7200
expire: 3600000
minimum ttl: 86400
86400s (1.00:00:00)
ideastack.com IN NS ns1.cheaphostingplan.in 86400s (1.00:00:00)
ideastack.com IN NS ns2.cheaphostingplan.in 86400s (1.00:00:00)
ideastack.com IN A 69.162.114.73 14400s (04:00:00)
73.114.162.69.in-addr.arpa IN PTR 73-114-162-69.reverse.lstn.net 3600s (01:00:00)
Traceroute
Tracing route to ideastack.com [69.162.114.73]…
hop rtt rtt rtt ip address fully qualified domain name
1 0 1 4 70.84.211.97 61.d3.5446.static.theplanet.com
2 0 0 0 70.87.254.1 po101.dsr01.dllstx5.theplanet.com
3 0 0 0 70.85.127.105 po51.dsr01.dllstx3.theplanet.com
4 0 0 0 70.87.253.5 et5-1.ibr03.dllstx3.theplanet.com
5 105 2 2 157.238.225.5 xe-2-4.r01.dllstx09.us.bb.gin.ntt.net
6 0 0 0 129.250.4.41 ae-3.r21.dllstx09.us.bb.gin.ntt.net
7 0 0 0 129.250.6.30 xe-4-1.r00.dllstx11.us.bb.gin.ntt.net
8 1 2 2 157.238.224.146 d1-0-1-3-8.a10.dllstx01.us.ce.verio.net
9 1 1 1 74.63.203.18 ge3-2.bdr2.core1.dllstx2.dallas-idc.com
10 1 1 1 74.63.203.46 ge0-1.vl8.cr03-20.dllstx2.dallas-idc.com
11 0 0 0 69.162.86.114 114-86-162-69.reverse.lstn.net
12 1 1 1 69.162.114.73 73-114-162-69.reverse.lstn.net
Trace complete
Service scan
FTP – 21 220———- Welcome to Pure-FTPd [TLS] ———-
220-You are user number 1 of 50 allowed.
220-Local time is now 16:20. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
220 Logout.
SMTP – 25 Error: TimedOut
HTTP – 80 HTTP/1.1 200 OK
Date: Wed, 04 Nov 2009 13:20:53 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8b mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8
Last-Modified: Thu, 29 Oct 2009 11:08:42 GMT
ETag: “8e38c91-3860-ef21e280″
Accept-Ranges: bytes
Content-Length: 14432
Connection: close
Content-Type: text/html
POP3 – 110 +OK Hello there.
IMAP – 143 * OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2008 Double Precision, Inc. See COPYING for distribution information.
Set security options in TCP/IP stack and virtual memory to improve security and performance of my system? How to set certain Linux parameters to prevent any kind of attack on your system.
sysctl is an interface that allows you to make changes to a running Linux kernel. With /etc/sysctl.conf you can configure various Linux networking and system settings such as:
-
Limit network-transmitted configuration for IPv4
-
Limit network-transmitted configuration for IPv6
-
Turn on execshield protection
-
Prevent against the common ’syn flood attack’
-
Turn on source IP address verification
-
Prevents a cracker from using a spoofing attack against the IP address of the server.
- Logs several types of suspicious packets, such as spoofed packets, source-routed packets, and redirects.
sysctl command
The sysctl command is used to modify kernel parameters at runtime. /etc/sysctl.conf is a text file containing sysctl values to be read in and set by sysct at boot time. To view current values, enter:
# sysctl -a
# sysctl -A
# sysctl mib
# sysctl net.ipv4.conf.all.rp_filter
To load settings, enter:
# sysctl -p
Sample /etc/sysctl.conf
Edit /etc/sysctl.conf and update it as follows. The file is documented with comments. However, I recommend reading the official Linux kernel sysctl tuning help file (see below):
# The following is suitable for dedicated web server, mail, ftp server etc. # --------------------------------------- # BOOLEAN Values: # a) 0 (zero) - disabled / no / false # b) Non zero - enabled / yes / true # -------------------------------------- # Controls IP packet forwarding net.ipv4.ip_forward = 0 # Controls source route verification net.ipv4.conf.default.rp_filter = 1 # Do not accept source routing net.ipv4.conf.default.accept_source_route = 0 # Controls the System Request debugging functionality of the kernel kernel.sysrq = 0 # Controls whether core dumps will append the PID to the core filename # Useful for debugging multi-threaded applications kernel.core_uses_pid = 1 # Controls the use of TCP syncookies #net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_synack_retries = 2 ########## IPv4 networking start ############## # Send redirects, if router, but this is just server net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 # Accept packets with SRR option? No net.ipv4.conf.all.accept_source_route = 0 # Accept Redirects? No, this is not router net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.secure_redirects = 0 # Log packets with impossible addresses to kernel log? yes net.ipv4.conf.all.log_martians = 1 net.ipv4.conf.default.accept_source_route = 0 net.ipv4.conf.default.accept_redirects = 0 net.ipv4.conf.default.secure_redirects = 0 # Ignore all ICMP ECHO and TIMESTAMP requests sent to it via broadcast/multicast net.ipv4.icmp_echo_ignore_broadcasts = 1 # Prevent against the common 'syn flood attack' net.ipv4.tcp_syncookies = 1 # Enable source validation by reversed path, as specified in RFC1812 net.ipv4.conf.all.rp_filter = 1 net.ipv4.conf.default.rp_filter = 1 ########## IPv6 networking start ############## # Number of Router Solicitations to send until assuming no routers are present. # This is host and not router net.ipv6.conf.default.router_solicitations = 0 # Accept Router Preference in RA? net.ipv6.conf.default.accept_ra_rtr_pref = 0 # Learn Prefix Information in Router Advertisement net.ipv6.conf.default.accept_ra_pinfo = 0 # Setting controls whether the system will accept Hop Limit settings from a router advertisement net.ipv6.conf.default.accept_ra_defrtr = 0 #router advertisements can cause the system to assign a global unicast address to an interface net.ipv6.conf.default.autoconf = 0 #how many neighbor solicitations to send out per address? net.ipv6.conf.default.dad_transmits = 0 # How many global unicast IPv6 addresses can be assigned to each interface? net.ipv6.conf.default.max_addresses = 1 ########## IPv6 networking ends ############## #Enable ExecShield protection kernel.exec-shield = 1 kernel.randomize_va_space = 1 # TCP and memory optimization # increase TCP max buffer size setable using setsockopt() #net.ipv4.tcp_rmem = 4096 87380 8388608 #net.ipv4.tcp_wmem = 4096 87380 8388608 # increase Linux auto tuning TCP buffer limits #net.core.rmem_max = 8388608 #net.core.wmem_max = 8388608 #net.core.netdev_max_backlog = 5000 #net.ipv4.tcp_window_scaling = 1 # increase system file descriptor limit fs.file-max = 65535 #Allow for more PIDs kernel.pid_max = 65536 #Increase system IP port limits net.ipv4.ip_local_port_range = 2000 65000
You can now run your own pptp VPN business from an Ideastack VPS easily. All you will need is Cent OS latest x64.
run update.
yum update
install ppp.
yum install ppp
install PPTPD.
wget http://poptop.sourceforge.net/yum/stable/rhel5/x86_64/pptpd-1.3.4-1.rhel5.1.x86_64.rpm
install this RPM.
rpm -ivh pptpd-1.3.4-1.rhel5.1.x86_64.rpm
edit the config.
nano /etc/pptpd.conf
if nano is not found type down “yum install nano” without the “”.
go all the way to the bottom of the page of pptpd.conf Find.
localip
remoteip
and take out the # that come before them. Only take out one set of # not on both sets of localip and remote ip, because there will be 2. Also change it to this.
localip 10.0.0.1
remoteip 10.0.0.10-100
( without the space in between. ) Ctrl + X to save and exit the file now. Next, lets edit anohter config
/etc/ppp/options.pptpd
next, uncomment the ms-dns lines (by removing the ‘#’ in front of them) So they should look like.
ms-dns 208.67.222.222
ms-dns 208.67.220.220
Ctrl + X to save and exit the file now. Now lets create an account!
nano /etc/ppp/chap-secrets
It should look like this.
# Secrets for authentication using CHAP
# client server secret IP addresses
username * password *
username2 * password2 *
The IP address only uses the IPs that are available, you can specify a dedicated one though if you wish.
Now we must start IP forwarding. So open the file nano /etc/sysctl.conf and set ‘net.ipv4.ip_forward’ to 1.
net.ipv4.ip_forward = 1
To make the changes to sysctl.conf take effect, use the following command.
sysctl -p
Next, lets allow NAT in iptables.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Next, we need to allow TCP port 1723 and the GRE protocol through iptables.
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
These rules are necessary to run traffic through your server.
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
Now start the PPTP service, if you have not.
service pptpd start
After you’ve done everything, your VPN server should work fine!
Troubleshooting
If you can’t browse sites or site won’t load, change the MUT. To do this use nano /etc/ppp/ip-up file and just before the last line, add the following line.
/sbin/ifconfig $1 mtu 1400
Save the file and restart the pptpd service.
service pptpd restart
eth0 -j MASQUERADE
Next, we need to allow TCP port 1723 and the GRE protocol through iptables.
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -i eth0 -p gre -j ACCEPT
These rules are necessary to run traffic through your server.
iptables -A FORWARD -i ppp+ -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp+ -j ACCEPT
Now start the PPTP service, if you have not.
service pptpd start
After you’ve done everything, your VPN server should work fine!