Batangas Open Source Society -- Tech Blogs: November 2006

List of Spamassassin Rules and RBLs

On a Redhat Enterprise Linux or CentOS system, you can install the rules at /etc/mail/spamassassin/

#cd /etc/mail/spamassassin
#wget http://www.timj.co.uk/linux/bogus-virus-warnings.cf
#wget http://mywebpages.comcast.net/mkettler/sa/antidrug.cf
#wget http://www.emtinc.net/includes/backhair.cf
#wget http://www.timj.co.uk/linux/bogus-virus-warnings.cf
#wget http://www.emtinc.net/includes/chickenpox.cf
#wget http://www.sa-blacklist.stearns.org/sa-blacklist/sa-blacklist.current.uri.cf
#wget http://www.sa-blacklist.stearns.org/sa-blacklist/random.current.cf
#wget http://www.rulesemporium.com/rules/99_FVGT_Tripwire.cf
#wget http://www.nospamtoday.com/download/mime_validate.cf
#wget http://bl.csma.biz/csma.cf
#wget http://www.ahbl.org/docs/mailservers/spamassassin.txt

To restart spamassassin

#/etc/init.d/spamassassin restart
#service spamassassin restart ( in RHEL or CentOS Enterprise Linux system)

SpamAssassin Rules Emporium
http://www.rulesemporium.com/

Testing your Rules

#spamassassin --lint -D

This command will check if there are errors on your Spamassassin rules

Real Time Block List (RBL)

relays.ordb.org
bl.spamcannibal.org
list.dsbl.org
bl.spamcop.net
dnsbl.njabl.org
cbl.abuseat.org
opm.blitzed.org
sbl.spamhaus.org

List updated: Nov 28, 2006

Endian Update

I monitored the behaviour of my Endian installation. It seems that Dansguardian utilizes most of the CPU resources.

root@kalasag:~ # w
14:52:34 up 6 days, 22:32, 2 users, load average: 0.03, 0.14, 0.16

More info at my QrooniX blog.

Updating Snort Rules

One of the effective tool for updating Snort Rules is by using Activeworx IDS Policy Manager.

Activeworx IDS Policy Manager Screenshot

You can use both Snort Oinkmaster Rules and Bleeding Edge Snort Rules

Endian Firewall Usage

I have deployed Endian Firewall within our corporate network. I'm already recieving a lot of complaints regarding it's very strict default rules. My boss is happy about it. My only beef against this is the flaky local authentication support.

Endian Firewall Uptime

14:18:28 up 43 days, 16:43, 1 user, load average: 0.26, 0.20, 0.14

So far my Endian Firewall deployment performs very well. Anyways, there still lots of problems on the squid authentication as experienced by Qroon.

SFTP -- Secure File Transfer Protocol

'Sftp' is a secure version of the File Transfer Protocol (ftp). It uses FTP commands to transfer files securely between accounts, whether the accounts are on the same machine or on different machines, including your home computer, if it is properly configured.

Popoy:~# sftp user@popoy.com

Some standard commands for command line SFTP include:

`cd`	Change the directory on the remote computer
`chmod`	Change the permissions of files on the remote computer
`chown`	Change the owner of files on the remote computer
`dir` (or `ls`)	List the files in the current directory on the remote computer
`exit` (or `quit`)	Close the connection to the remote computer and exit SFTP
`get`	Copy a file from the remote computer to the local computer
`help` (or `?`)	Get help on the use of SFTP commands
`lcd`	Change the directory on the local computer
`lls`	See a list of the files in the current directory on the local computer
`lmkdir`	Create a directory on the local computer
`ln` (or `symlink`)	Create a symbolic link for a file on the remote computer
`lpwd`	Show the current directory (present working directory) on the local computer
`lumask`	Change the local umask value
`mkdir`	Create a directory on the remote computer
`put`	Copy a file from the local computer to the remote computer
`pwd`	Show the current directory (present working directory) on the remote computer
`rename`	Rename a file on the remote host
`rm`	Delete files from the remote computer
`rmdir`	Remove a directory on the remote host (the directory usually has to be empty)
`version`	Display the SFTP version
`!`	In Unix, exit to the shell prompt, where you can enter commands. Enter `exit` to get back to SFTP. If you follow `!` with a command (e.g., `!pwd`), SFTP will execute the command without dropping you to the Unix prompt.

PostgreSQL commands to Remember

Inserting Query
psql -U postgresqluser databasename -f file

Backup the PostgreSQL database
pg_dump databasename > databasebackup.bak

DOS vs. Linux Commands To Remember

Command's Purpose	MS-DOS	Linux	Basic Linux Example
Copies files	`copy`	`cp`	`cp thisfile.txt /home/thisdirectory`
Moves files	`move`	`mv`	`mv thisfile.txt /home/thisdirectory`
Lists files	`dir`	`ls`	`ls`
Clears screen	`cls`	`clear`	`clear`
Closes prompt window	`exit`	`exit`	`exit`
Displays or sets date	`date`	`date`	`date`
Deletes files	`del`	`rm`	`rm thisfile.txt`
"Echoes" output on the screen	`echo`	`echo`	`echo this message`
Edits files with simple text editor	`edit`	`pico`	`pico thisfile.txt`
Compares the contents of files	`fc`	`diff`	`diff file1 file2`
Finds a string of text in a file	`find`	`grep`	`grep this word or phrase` `thisfile.txt`
Formats a diskette	`format a:` (if diskette is in `A:`)	`mke2fs`	`/sbin/mke2fs /dev/fd0` (`/dev/fd0` is the Linux equivalent of `A:`)
Displays command help	`command /?`	`man`	`man command`
Creates a directory	`mkdir`	`mkdir`	`mkdir directory`
View a file	`more`	`less`	`less thisfile.txt`
Renames a file	`ren`	`mv`	`mv thisfile.txt thatfile.txt`
Displays your location in the file system	`chdir`	`pwd`	`pwd`
Changes directories with a specified path (absolute path)	`cd pathname`	`cd pathname`	`cd /directory/directory`
Changes directories with a relative path	`cd ..`	`cd ..`	`cd ..`
Displays the time	`time`	`date`	`date`
Shows amount of RAM and use	`mem`	`free`	`free`