How to set OR enable Timestamp for the previously executed commands in Linux?

August 5, 2010    |   Posted by admin   |    Category: Linux Administration

Linux provides a command called “history” to view the previously executed commands on shell. By default, the “history” command display only the commands that were executed but not the date and time when they were executed.

To display the time and date of the previously executed commands, you need to set the “HISTTIMEFORMAT” variable. The variable has to be set in the users profile file so to take effect on each session.

To set the “HISTTIMEFORMAT” variable, SSH to your server and execute:

# export HISTTIMEFORMAT="[%F] [%T] "

You can also insert the above line at the end of the .bash_profile file

# vi /root/.bash_profile

Once the file is saved, open a new SSH session and execute the ‘history’ command to view the timestamp of the previously executed commands.

For example:

root@server [~]# history
 1068  [2010-08-05] [07:17:04] ps -auxf
 1069  [2010-08-05] [07:17:06] top c
 1070  [2010-08-05] [07:17:35] ll
 1071  [2010-08-05] [07:37:51] ls -la
 1072  [2010-08-05] [07:41:37] cat /root/.bash_profile
 1073  [2010-08-05] [07:41:47] cd

The commands in the above output is just an example.

3 Comments

How to Block Ftp Access/Port using iptables OR CSF?

August 1, 2010    |   Posted by admin   |    Category: Linux Administration

The default firewall of Linux is iptables which can be use to block Ftp access/port on your server. If you have a CSF firewall (which also use iptables), see section 2.

Section 1:  Iptables

Completely block Ftp access on the server:

# iptables -A INPUT -p tcp --dport 21 -j DROP

Block Ftp access for a specific IP address, say 11.12.13.14

# iptables -A INPUT -p tcp -s 11.12.13.14 --dport 21 -j DROP

Block Ftp access for a specific subnet

# iptables -I INPUT -p tcp -s 11.12.13.0/24 --dport 21 -j DROP

The rules need to be saved else they will be removed if the iptables service is restarted.

# service iptables save

Section 2: CSF

To completely block Ftp access, edit csf.conf file and remove port 21 from the TCP_IN list

# pico /etc/csf/csf.conf

To block Ftp access for a specific IP address, edit the csf.deny file

# pico /etc/csf/csf.deny

and place the following line

tcp:in:d=21:s=11.12.13.14

Save the file and don’t forget to restart the firewall.

Comments Off on How to Block Ftp Access/Port using iptables OR CSF?
Next Entries »