CSF on Virtuozzo

A installation of CSF performed on a VM (based on Virtuozzo) was no longer accepting traffic to VM. In order to correct this I created the csfpre.sh file (/etc/csf/csfpre.sh) – and set the following set of rules – are executed before all other statements when CSF is started:

iptables -A INPUT -i venet0 -j ACCEPT
iptables -A OUTPUT -o venet0 -j ACCEPT
iptables -A FORWARD -j ACCEPT -p all -s 0/0 -i venet0
iptables -A FORWARD -j ACCEPT -p all -s 0/0 -o venet0

This is required to allow the traffic through your virtual ethernet device (venet0). Restart the firewall and everything should work once again as expected.

dig, host, and nslookup

BIND Utilities is a collection of the client side programs that are included with BIND. The BIND package includes the client side programs nslookup, dig and host. If you install BIND server, these programs will be installed automatically. In the situation when you are not looking on having the BIND server installed, but you would like to install the client side applications (dig, host, and nslookup) this can be done by installing only the bind-utils package:

$ host
-bash: host: command not found

$ dig
-bash: dig: command not found

$ nslooup
-bash: nslookup: command not found

yum install bind-utils

$ dig -v
DiG 9.7.3-P3-RedHat-9.7.3-2.el6_1.P3.3

Open Relay test

An Open Relay is an SMTP server that allows 3rd party relay of e-mail messages. By processing mail that is neither for nor from a local user, an open relay makes it possible for an unscrupulous sender to route large volumes of unsolicited emails. While they are a large number of online tools that would verify if your mail server is an open relay, for those that prefer testing this manually, this can be done by establishing a telnet connection on port 25 and trying to send a message, without authentication:

# telnet 25
Connected to
Escape character is ‘^]’.
220 server.auxell.ro
helo client.auxell.ro
250 server.auxell.ro
mail from: dragos.fedorovici@google.com
250 2.1.0 Ok
rcpt to: dragos.fedorovici@gmail.com
554 5.7.1: Relay access denied

If you are receiving a similar message then you’re mail server is secured (at list from this point of view). I will detail below the commands that are used in the above example:

helo – the client sends this command to the SMTP server to identify itself and initiate the SMTP conversation. The domain name or IP address of the SMTP client is usually sent as an argument together with the command (e.g. “HELO client.example.com”). If a domain name is used as an argument with the HELO command, it must be a fully qualified domain name.

mail from – specifies the e-mail address of the sender. This command also tells the SMTP server that a new mail transaction is started. If the senders e-mail address is accepted the server will reply with the 250 OK code.

rcpt to – specifies the e-mail address of the recipient. This command can be repeated multiple times for a given e-mail message in order to deliver a single e-mail message to multiple recipients.

Insertion sort algorithm

Insertion sort is a simple sorting algorithm: a comparison sort in which the sorted array/list is built one entry at a time. It is much less efficient on large lists than more advanced algorithms such as quicksort, heapsort or merge sort. Created for educational purpose , please check this video that explains the entire algorithm: