Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Before I transfer the database. I'd like to check the version of mysql and php
You could always look at the installed packages. Something like rpm -i packagename might do the trick. Given how old your install is, have a quick look at the rpm man page for correct syntax.
Quote:
Some people just type the command in "/", then they can get the info.
How to make my redhat to do this?
I suspect that it has something to do with your PATH environment variable. If you type $PATH into a console, that will show all the directories PATH knows about. If you need to add /usr/local/mysql/bin to your path, it would probably be best to do it in your ~./bash_profile file.
Quote:
Another example: when I type mysql -u root -p, it says command not found.
Seriously check the content of the php you will be transfering!!!
Check with the one who developed the site if there are any suspicious files before putting them on another server.
If you blindly transfer files it's possible the problems will start over.
Hackers like using tools like for example C40Shell (just type c40shell in google and you will be amazed how many results you get of infected sites)
Such scripts allow the hackers to the content of all your php files to gather information (sql passes, ... etc) and they can even modify and upload new files if permissions are not set safely (like directories that have been chmod to 777)
Even worse, if PHP is not well configured and 'jailed' (see open_basedir for example) the hacker can just read and/or write anywhere in your operating system where permissions allow it.
Often you will also find stuff like torrentflux (mostly in a directory named 'tf') or other 'applictaions' which are in fact torrent clients/servers.
It is mostly those torrent and other p2p tools that eat you bandwidth.
Also check you mailserver on that machine since lots of hackers tend to use the hacked machines for sending spam (if it is the case you will probably find tons of deferred mails). Find out how the hacker did this and secure it.
Once you transfered and secured the site make sure to continue monitoring it and keep the OS updated.
It is not enough to install a secure OS system, you have to monitor it on a frequent base to see if someone is trying to mess arround with it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.