Networking

PHP Ping Script Video Tutorial

Webucator, a provider of online and onsite business and technical training, contacted me and asked if they use my php ping script article as a basis for a new training video. The video would be added to their list of PHP courses. I allowed them to use the php ping script as part of their video and a few days later I was sent a link to the newly created php ping script video.

After watching the video Webucator created, I was was truly amazed and it had surpassed all my expectations. Webucator have managed to perfectly convert the written article into an easy to understand, fully comprehensive and simple to follow php tutorial video.

I was impressed with how much detail the above php video tutorial encompassed. The video covers each of the different php ping scripts, and perfectly explains how each of the php ping scripts work. They also highlighted the strengths and usefulness of the each script as well as demonstration a working version of each script.

The video also pays attention to vital parts of each script, such as:

  • Why you should escape arguments passed to the ping script.
  • The situations in which each ping script is most useful.
  • Which ping script you should be using if the website is blocking icmp packets.

Take a look at the video and check out their other training videos. It will be well worth your time.

Manually Override DNS -Window, Linux and Mac Examples

Overview

First off, let me explain what a DNS Entry is in order for us to understand why we would need to override it. Basically a DNS entry is a record or entry that tells us what ip address is of a domain will point to. Such as an example (not actual) IP of 66.12.23.124 could point to a domain such as www.example.com.

Say perhaps we are updating a DNS entry and as the nature of DNS would have it, sometimes it will take up to 48 hours for the DNS to propagate through the Internet. Or perhaps we don’t want to update a DNS record which could affect everyone but rather just change a record for ourselves, locally. In these case, we can manually override the DNS change which will only reflect on our local machine. Below I will show you how to achieve this on Windows, Linux and Mac.

Manually Override DNS on Windows

Open up the hosts file located under “C:\Windows\System32\etc\drivers\“. In there you will see the IP address in the left column and a space separated list of domains to the right. The below example will set the 3 domains of www.example.com, anotherdomain.example.com and lastdomain.com to the IP address of 10.0.0.1.

10.0.0.1 www.example.com anotherdomain.example.com lastdomain.com

Manually Override DNS on Linux

vi the hosts file which is located under /etc/hosts. Add in a line below the last entry in the same fashion as you would for windows. For example if you wanted to change the ip address for the domain www.example.com to point to 192.168.0.20 you would enter:

10.0.0.1 www.example.com anotherdomain.example.com lastdomain.com

Manually Override DNS DNS on Mac

Mac is the same as the above linux example. Simply edit the hosts file under /etc/hosts and add in the entries as needed. So again, you could enter something such as:

172.10.1.5 www.anydomain.com

Manually Override DNS Using IPV6

You don’t always have to use a standard IPV4 as the IP address. You can also use IPV6 and enter it into any of the hosts files like so:

fe80::1%lo0 localhost

And that is all there is in Manually Override DNS in windows, linux and mac.

List Of Common Ports And Protocols

List Of Common Ports And Protocols

Below is a list of common ports and protocols as well as the service it is generally associated with. If you feel there are ports that should be on this list, please leave a comment or contact us.

PortDescriptionTCPUDP
20FTP – data port (File Transfer Protocol)
21FTP – command port (File Transfer Protocol)
22SSH (Secure Shell)
23Telnet
25SMTP – Sending Mail (Simple Mail Transfer Protocol)
43WHOIS – Domain Name Lookup
53DNS (Domain Name System)
67DHCP – Server (Dynamic Host Configuration Protocol)
68DHCP – Client (Dynamic Host Configuration Protocol)
80HTTP – Webservers such as Apache2 and IIS – more info on accessing websites on alternate ports
110POP3 – Receiving emails (Post Office Protocol, version 3)
123NTP (Network Time Protocol)
143IMAP – Receiving emails (Internet Message Access Protocol)
443SSL – Webserver with encryption (Secure Socket Layer)
Plesk Control Panel also uses this port
1433MSSQL – Database (Microsoft SQL Server)
2082cPanel
2083cPanel over SSL
2095cPanel Webmail
2096cPanel Webmail over SSL
3128Squid Proxy – Default Squid Proxy Port. Port 8080 is another common port for squid.
3306MySQL – Database
8080HTTP Port (Alternate port generally used when port 80 is already in use – more info)
8443Plesk Control Panel

 

Accessing a website on a different port

When you access websites, you are, by default, accessing them on the port 80 since this is the default web port used by websites. This means that http://www.darian-brown.com/ is the exact same as http://www.darian-brown.com:80/ (where :80 specifies the port number). However if the website server is using another port such as a more commonly used alternate port 8080, then you will need to specify the non-default port in the following format: http://www.example.com:8080/ where www.example.com is the website domain or IP address and 8080 is the port number the website is running on.

Online DNS Dig Website

Overview

For those people who find themselves playing around with DNS setups from time to time will more than likely have worked with or at least heard of the command `DIG`.

For those who don’t know what DIG is or think of it as the necessary first step to hiding a body, will be surprised to know that DIG is a command that is used to directly query a DNS server to find out specific information about a domain name or sub domain. This can be useful when you are trying to setup a new domain or simply check if a sub domain already exists.

Further to this, you can check many types of records such as mail records (used in creating a mail server), CNAME records (points one domain name to another domain name) and most commonly is the A record (domain pointing to an IP address).

Online DNS Dig Website

Now there are times when I don’t have access to my Linux machine or perhaps to lazy to try remember 32 bit password i seem to create and couldn’t get access to the normal dig tool. Here is what lead me to create a website that would allow me to easily perform a dns look up and execute a web based dns dig online. Simply enter the domain you are querying, the type of record to look up and optionally enter the dns server and off you go.

Check Out The Online DNS Dig Tool

You too can use the site by clicking here. Please note that this site is still in it’s early release and may perform unexpectedly.

Read more…

Perl Ping Script To Ping Remote Server Or Website

Overivew

Below is a perl script which will allow you to ping a remote server. The article is a follow up article to my php ping script article. This article is similar in that we will also be pinging a remote website to see it if up and running, however this time we will be using perl’s Net module.

Perl Ping Script To Ping Remote Server Or Website

Here is a surprisingly simple perl code snippet to perform a perl ping request to check if a remote server or website is up. It creates a new Net::Ping object and then sends pings the server. We can optionally specify a port to see if a specific port is responding on the server which can be very useful if we want to know if a service is still up and running such as MySQL or Apache.

Perl Ping Specific Port

By using the perl ping script to ping a specific port, we can test wether a service on the server is up and running. For example, port 3306 would test for MySQL, 80 and 443 would test the webserver and 21 would test FTP.

A Perl Ping Script can be very useful and it can be used to make sure a website or server is up and can make our lives easier if we are monitoring multiple servers.

#!/usr/bin/perl -w

use Net::Ping;

# Host can be either an IP or domain name
my $host = "www.google.com";
#optionally specify a timeout in seconds (Defaults to 5 if not set)
my $timeout = 10;

# Create a new ping object
$p = Net::Ping->new("icmp");

# Optionally specify a port number (Defaults to echo port is not used)
$p->port_number("80");

# perform the ping
if( $p->ping($host, $timeout) )
{
        print "Host ".$host." is aliven";
}
else
{
        print "Warning: ".$host." appears to be down or icmp packets are blocked by their servern";
}

# close our ping handle
$p->close();

Conclusion

In the above example, we ping port 80. This will test if the website is active. As stated above, changing from port 80 to 3306 for example, would then test for an active MySQL service running.

How To Setup IP Address in Linux

Overview

In this guide, you will be shown how to setup the IP address of a computer or server running Linux. Before we know which way to configure your network card, you need to know if you want to use a static or dynamic IP address.

Setup IP Address

Setup IP Address

Static IP vs DCHP IP

Whats the difference? Static is an IP address that yet manually chose and set for your computer. It won’t change until you decide to update it. DHCP is an IP address that is given to your computer by a DHCP server (usually a router or another server). The DHCP assigned IP address is given to you from a pool (or range) of IP addresses and can change depending on which ones are available.

How To Setup IP Address in Linux

Depending on your network configuration, you will need to either use a static IP address which is commonly used on servers on corporate networks. A static IP address is manually entered in and doesn’t change.
You could also use a dynamic IP address which can be assigned to your computer via a DHCP service. DHCP is more common in home networks as it can be setup automatically and doesn’t require the user to know how to change an IP address. DHCP is a service that runs on your network that will automatically setup your network IP address. Before DHCP can assign your computer a IP address, you need to setup your network interface to use DHCP

Editing the Network Interface

All your IP address information be it dynamic or static is stored under your network interface file which can be found under the path /etc/network/interface. To edit this file you may need root or sudo access. To edit the file enter the following:

sudo vi /etc/network/interfaces

Inside this file you will notice a loop back device. Ignore this part as we want to focus on the eth0 interface – or interface 0. If you have multiple network interfaces, you may see eth0, eth1, etc.

Setup DHCP for Network Interface

Find the section that has iface eth0 (or whichever interface you need – eth1, eth2, etc). and change it to match below. That’s the only configuration you. Now you need to restart your network interface to bring in the changes (shown below).

allow-hotplug eth0
iface eth0 inet dhcp

Setup Static IP for Network Interface

If you need a static ip address, then edit your interface file to be similar to below. Note that your ip, netmask and other items will need to match your own network range.

# The primary network interface
allow-hotplug eth0
iface eth0 inet static
address 192.168.0.20
netmask 255.255.255.0
network 192.168.0.1
broadcast 192.168.0.255
gateway 192.168.0.1
dns-nameservers 192.168.0.2

Note that network and broadcast are optional entries and if omitted will be automatically detected.

Restart Networking Interfaces

In order for the above changes to come into effect, you need to restart your network interface. You can do this by running the following command:

/etc/init.d/networking restart

Sometimes you will find your interface doesn’t come online when restarting so entering in `ifup` will bring it back up where eth0 is the network interface you configured.

ifup eth0

And inversely, if you wanted to bring the network interface down, you would type in:

ifdown eth0

Caution! Typing in ifdown will take the network interface offline and drop your network connection so don’t running this command remotely!

Add New Zone To Bind DNS Server

Overview

Welcome to the second of my DNS articles. It is more of a prequel to my first article in which I explained the steps in Creating A DNS Entry For A SubDomain.

This article assumes you have already installed bind and it is all running. If not, then you will need to setup bind first.

What is a DNS Zone?

My previously article explained what a zone is so I won’t go into to much detail here, but essentially a zone is the term used to describe a config file which contains a specific domain/subdomain collection in your DNS server. Bear in mind that a DNS server has multiple zones (and thus domains) associated to it. Each domain generally has its own zone file however in some situations, you can have multiple domains per zone file. For example, mydomain.com and mydomain.net and mydomain.org could all be in the same zone file as long as they all need to point to the same ip address.

Create the DNS zone file

The zone file we will create for this example will be for the domain example.com. The zone file will tell the DNS server which IP the domain should point to as well as configuring expiry and refresh times for the domain. Generally, the naming format for a zone file is db.example.com.conf where the domain in this case is example.com. Now to create the zone file and add the contents shown in the Sample DNS Domain Zone File

sudo vi /etc/bind/db.example.com.conf

Sample DNS Domain Zone File

In this sample DNS domain zone file, there are a couple changes you need to make to ensure it works in your situation. Firstly, change ns1.exampledns.com and ns2.exampledns.com with your own ns1 and ns2 dns servers. Secondly you can change example.com to the domain you are adding.

Optionally leave out $ORIGIN if you are adding multiple domains to a single zone file. The @ symbol simply means the current zone which is great for when you have multiple domains to a single zone file.

; Zone file for example.com
$TTL    3600
$ORIGIN example.com
@       IN      SOA     ns1.exampledns.com.    root.example.com. (
                     2012033101         ; Serial
                           3600         ; Refresh
                           1800         ; Retry
                         604800         ; Expire
                          43200 )       ; Negative Cache TTL

        IN      NS      ns1.exampledns.com.
        IN      NS      ns2.exampledns.com.

@       IN      A       192.168.0.2
www     IN      A       192.168.0.2

Add New Zone To Bind DNS Server

Above we created the zone config file. Now we need to add the zone file to our dns config file which tells our DNS server that it should control and serve requests for this new domain zone.

Open your DNS config file and add a zone in for your domain. I will be using example.com in my example. Here the file is located under /etc/bind/named.conf.local however depending on the way your DNS server was configured, it may be under /etc/bind/named.conf.options or rarely even /etc/bind/named.conf

sudo vi /etc/bind/named.conf.local

Add a zone to your DNS config file

At the end of the file add an entry similar to the following

zone "example.com" {
	type master;
	file "/etc/bind/db.example.com.conf";
};

As you will see, the type of zone is a master zone. This means that it is the primary holder for dns information regarding this domain.

Restarting Bind DNS Server

Once you have added your new zone to your bind dns server, you need to restart the bind daemon in order to reload the new config file. You can do so by issuing the following command.

Debian / Ubuntu Linux

Restart bind dns server on Debian and Ubuntu Linux.

service bind9 start

Alternate method to restart bind dns server on Debian and Ubuntu Linux.

/etc/init.d/bind9 restart

Redhat / Fedora Linux

Restart bind dns server on Redhat and Fedora Linux.

service named restart

Alternate method to restart bind dns server on Redhat and Fedora Linux.

/etc/init.d/named restart

Note: you may need to use sudo to run these commands if your account doesn’t have enough privileges.

Create DNS Record For Subdomain – Add DNS Entry Into Bind

Overview

Welcome to the first of a number of DNS related articles I will write to help explain the different tasks needed to configure and manage your own DNS server using bind under Linux.

The article assumes you have already installed bind and it is all running. If not, then you will need to setup bind first. Once you have setup bind, you are now ready to create DNS record for subdomain. You can also checkout my next article (which is more of a prequel) about adding Adding New Zone To Bind DNS Server.

What is a DNS Zone?

Essentially a zone in DNS terms is a domain along with all it’s subdomains. Typically you will have one zone config file per domain (which includes its subdomains and any mail records, alias’ and other entries associated with that domain) however you can also have multiple domains using a single zone file. If you have multiple domains to a zone file, each of those domains will be configured identically which includes the IP addresses and subdomains each of the entries point to. The zone file tells the DNS server what IP addresses are associated to each of the domains and subdomains. Each record in the zone file can also be configured to be any type of DNS record such as A record, MX record, TXT record, etc.

Editing a zone file

The zone files are located under /etc/bind/ and the zone files generally (but not always) are in the format of db.domain.com.conf. For example, my zone file for darian-brown.com is under:

/etc/bind/db.darian-brown.com.conf

So now we simply edit the zone file using vi or your preferred editor

sudo vi /etc/bind/db.darian-brown.com.conf

Create DNS Record For Subdomain

In your zone file you will see a couple existing DNS records. You should see a section similar to this where 192.168.0.2 is the IP address on our internal network where these domains point to. The @ symbol simply means the current domain which in our case is darian-brown.com

@	IN	A	192.168.0.2
www	IN	A	192.168.0.2

Now we are going to add a subdomain called blog and point it to a different server. So we add the line after those two entries (or even at the bottom of the file) like so.

@	IN	A	192.168.0.2
www	IN	A	192.168.0.2
blog	IN	A	192.168.0.10

Update Config File Serial

You need to update the serial in the zone config file. Change it so the serial number is higher than it used to be. This will allow bind to see that the config file has been updated and that it need to load in the new config file.

$ORIGIN example.com
@       IN      SOA     ns1.exampledns.com.    root.example.com. (
                     2014082301         ; Serial
                           3600         ; Refresh
                           1800         ; Retry
                         604800         ; Expire
                          43200 )       ; Negative Cache TTL

I like to use the current date for the serial and a two digit to show the number of times it edited the file that day. This ensures the serial is unique, always higher and has the added benefit of showing when I last updated the config file. So use the format of YYYYMMDDXX where xx is the edit that day. Starting at 01 for the first edit, 02 for the second edit, etc.

Save And Restart Bind DNS Server

Once you have added your new subdomain and updated the serial in your DNS config file, you need to restart the bind daemon in order to reload the new config file. You can do so by issuing the following command.

Debian / Ubuntu Linux

Restart bind dns server on Debian and Ubuntu Linux.

service bind9 start

Alternate method to restart bind dns server on Debian and Ubuntu Linux.

/etc/init.d/bind9 restart

Redhat / Fedora Linux

Restart bind dns server on Redhat and Fedora Linux.

service named restart

Alternate method to restart bind dns server on Redhat and Fedora Linux.

/etc/init.d/named restart

Note: you may need to use sudo to run these commands if your account doesn’t have enough privileges.

Testing new subdomain

In order to test your new entry is working, you can dig the new address. See my article on What is Dig and When Should I use it for more information. Dig is a lot more informative and can be extremely useful as you can directly query your DNS server rather than waiting for the DNS to refresh.
An example of how to do would be

dig @ns1.mynameserver.com -t A blog.darian-brown.com

and if the DNS entry was added successfully, you should see a section in the response that is something like

;; ANSWER SECTION:
blog.darian-brown.com.	3600	IN	A	192.168.0.2

Alternately you can ping the subdomain using

ping blog.darian-brown.com

Final Note!

Once you have create DNS record for subdomain, it may take a while before it comes into effect. The reason is that your DNS server must send the new information to other DNS servers around the world, so that other DNS server all over know your new subdomain details and are able to find it on the internet. This process is commonly called DNS propagation.

DNS Propagation

This process may take up to 48 hours however a few hours usually does the trick. Updating a subdomain usually takes longer than creating a new domain or subdomain. This is because the other DNS servers will wait for their cache to expire before refetching your updated DNS zone file.

Disable SSH Login For FTP User

Overview

The below guide will show you have to create an FTP account for vsftpd and also block ssh access making a ssh account a ftp only account. This will also disable telnet access to the ssh account.

Disable SSH Login For FTP User

Secure Lock

Create The Ftp User

The ssh login account will be used as the ftp login account. So first step is to create the ssh user. Since this will be the FTP username choose name you wish to use are your ftp username. someusername is the username I am using as an example for this tutorial. We will disable ssh access later on.

Enable FTP Login Using SSH Account

In order to allow local ssh users to be able to ftp in, you need to set local_enable=YES in your vsftpd.conf file. That will allows any users on the system, to gain access to the server through FTP.

adduser someusername

Disable SSH Login For FTP User

Open up your passwd file which is usually located under /etc/passwd. Now change the default shell which would be similar to /bin/bash to your ftp only shell which I will create as /etc/ftponly. I created the file under /etc/ftponly however you can place the file anywhere you see fit.

someusername:x:1017:1017:,,,:/home/someusername:/etc/ftponly

Create the ftponly shell file

Now create the ftponly file of /etc/ftponly and type in a scary message to deter trespassers. Save the file in the location you specified in the passwd file located at /etc/passwd.

#!/bin/sh
echo "Welcome to my FTP Webserver. Please note that all activity is tracked for security purposes!"
exit

Ensure the file can be executed

chmod a+x /etc/ftponly

Step 5 – Add ftponly as a valid shell

Add our file /etc/ftponly to the list of valid shells. Simply add the following line to the end of your shells file which is located at /etc/shells. Your shells file will look something like this:

# /etc/shells: valid login shells
/bin/csh
/bin/sh
/usr/bin/es
/usr/bin/ksh
/bin/ksh
/usr/bin/rc
/usr/bin/tcsh
/bin/tcsh
/usr/bin/esh
/bin/bash
/bin/rbash
/usr/bin/screen
/etc/ftponly

All Done!

Now when people try to ssh or telnet into the server, they will see the message “Welcome to my FTP Webserver. Please note that all activity is tracked for security purposes!” and they won’t be able to gain any further access however they will still be able to login using FTP.

Warning Note!

If the shells file /etc/shells file doesn’t exist, you will need to add in the other shells similar to above since you will be overriding the default shells. If you fail to do so, you could prevent any further ssh access.

PHP Ping Script To Check Remote Server Or Website

Overview

Ever needed a quick php code snippet to perform a ping to check if a remote server or website is up? Then see the code below which contains two variations of a ping function that will show you how to ping from php using a PHP Ping Script. The first version uses exec() and the second version uses fsockopen().

PHP Ping Website

The advantage of the second function is that it can connect to a specified port which allows you to also check if a port or service is available on your server. Great if you want to check if your Website is still running on port 80 or if your MySQL service is still responding.

PHP Ping Script To Check Remote Server Or Website

A PHP Ping Script can be very useful to check if your website or server is up before attempting to connect to it resulting in you having to wait for ages while the program or script to eventually timeout.

Our first version using PHP exec() to ping the server.

First example is a simple example that will send a standard ping.

<?php

/* our simple php ping function */
function ping($host)
{
	exec(sprintf('ping -c 1 -W 5 %s', escapeshellarg($host)), $res, $rval);
	return $rval === 0;
}

/* check if the host is up
	$host can also be an ip address */
$host = 'www.example.com';
$up = ping($host);

/* optionally display either a red or green image to signify the server status */
echo '<img src="'.($up ? 'on' : 'off').'.jpg" alt="'.($up ? 'up' : 'down').'" />';

?>

Our alternate PHP Ping Script using fsockopen().

Our second example is by far more useful as it accepts a port as the parameter. This allows us to check specific services on the server. Using port 80 in most cases will test the website, or 3306 will try connect to a mysql server.

<?php

function ping($host,$port=80,$timeout=6)
{
	$fsock = fsockopen($host, $port, $errno, $errstr, $timeout);
	if ( ! $fsock )
	{
		return FALSE;
	}
	else
	{
		return TRUE;
	}
}

?>

Useful Example of Using PHP Ping Script

We can use this ping function to allow us to provide our users with a better message rather than seeing our site is down.

<?php

$host = 'www.example.com';
$up = ping($host);

// if site is up, send them to the site.
if( $up ) {
	header('Location: http://'.$host);
}
// otherwise, take them to another one of our sites and show them a descriptive message
else {
	header('Location: http://www.anothersite.com/some_message');
}

?>

Now if the site is up, they will get sent to your site. Otherwise they will be sent to www.anothersite.com and shown a message.