Rsync Examples (Linux Command)

Rsync Examples (Linux Command)

HowTo Use rsync For Transferring Files Under Linux or UNIX

by on December 5, 2006 · 60 comments· LAST UPDATED August 8, 2012

in , ,

How do you install and use rsync to synchronize files and directories from one location (or one server) to another location? – A common question asked by new sys admin.

rsyncis a free software computer program for Unix and Linux…

View On WordPress

Rsync Examples (Linux Command) - CP Blog

New Post has been published on http://blog.cripperz.sg/2014/07/16/rsync-examples-linux-command/

Rsync Examples (Linux Command)

HowTo Use rsync For Transferring Files Under Linux or UNIX

by on December 5, 2006 · 60 comments· LAST UPDATED August 8, 2012

in , ,

How do you install and use rsync to synchronize files and directories from one location (or one server) to another location? – A common question asked by new sys admin.

rsync is a free software computer program for Unix and Linux like systems which synchronizes files and directories from one location to another while minimizing data transfer using delta encoding when appropriate. An important feature of rsync not found in most similar programs/protocols is that the mirroring takes place with only one transmission in each direction.

So what is unique about the rsync command?

It can perform differential uploads and downloads (synchronization) of files across the network, transferring only data that has changed. The rsync remote-update protocol allows rsync to transfer just the differences between two sets of files across the network connection.

How do I install rsync?

Use any one of the following commands to install rsync. If you are using Debian or Ubuntu Linux, type the following command:
# apt-get install rsync
OR
$ sudo apt-get install rsync
If you are using Red Hat Enterprise Linux (RHEL) / CentOS 4.x or older version, type the following command:
# up2date rsync
RHEL / CentOS 5.x or newer (or Fedora Linux) user type the following command:
# yum install rsync

Always use rsync over ssh

Since rsync does not provide any security while transferring data it is recommended that you use rsync over ssh session. This allows a secure remote connection. Now let us see some examples of rsync command.

Comman rsync command options

  • --delete : delete files that don’t exist on sender (system)
  • -v : Verbose (try -vv for more detailed information)
  • -e "ssh options" : specify the ssh as remote shell
  • -a : archive mode
  • -r : recurse into directories
  • -z : compress file data

Task : Copy file from a local computer to a remote server

Copy file from /www/backup.tar.gz to a remote server called openbsd.nixcraft.in
$ rsync -v -e ssh /www/backup.tar.gz jerry@openbsd.nixcraft.in:~
Output:

Password:
sent 19099 bytes  received 36 bytes  1093.43 bytes/sec
total size is 19014  speedup is 0.99

Please note that symbol ~ indicate the users home directory (/home/jerry).

Task : Copy file from a remote server to a local computer

Copy file /home/jerry/webroot.txt from a remote server openbsd.nixcraft.in to a local computer’s /tmp directory:
$ rsync -v -e ssh jerry@openbsd.nixcraft.in:~/webroot.txt /tmp

Task: Synchronize a local directory with a remote directory

$ rsync -r -a -v -e "ssh -l jerry" --delete /local/webroot openbsd.nixcraft.in:/webroot

Task: Synchronize a remote directory with a local directory

$ rsync -r -a -v -e "ssh -l jerry" --delete openbsd.nixcraft.in:/webroot/ /local/webroot

Task: Synchronize a local directory with a remote rsync server or vise-versa

$ rsync -r -a -v --delete rsync://rsync.nixcraft.in/cvs /home/cvs
OR
$ rsync -r -a -v --delete /home/cvs rsync://rsync.nixcraft.in/cvs

Task: Mirror a directory between my “old” and “new” web server/ftp

You can mirror a directory between my “old” (my.old.server.com) and “new” web server with the command (assuming that ssh keys are set for password less authentication)
$ rsync -zavrR --delete --links --rsh="ssh -l vivek" my.old.server.com:/home/lighttpd /home/lighttpd

Read related previous articles

Other options – rdiff and rdiff-backup

The rdiff command uses the rsync algorithm. A utility called rdiff-backup has been created which is capable of maintaining a backup mirror of a file or directory over the network, on another server. rdiff-backup stores incremental rdiff deltas with the backup, with which it is possible to recreate any backup point. Next time I will write about these utilities.

rsync for Windows Server/XP/7/8

Please note if you are using MS-Windows, try any one of the program:

  1. DeltaCopy
  2. NasBackup
Further readings

=> Read rsync man page
=> Official rsync documentation

Source Article @ http://blog.cripperz.sg/2014/07/16/rsync-examples-linux-command/

Xen Server console to vm via command line / CLI

Xen Server console to vm via command line / CLI

How to get console on linux domU with XenServer (xm console equivlent)

Besides the gui/vnc con­soles you can still use the equiv­lent of xm con­sole in Cit­rix XenServer.

On the host console:

  • xe vm-list to get the list of domins run­ning (just note the uuid of the domain you want).
  • list_domains will list the domain name and the uuid of the domains. Match up your uuid so you get the proper dom_id

View On WordPress

Xen Server console to vm via command line / CLI - CP Blog

New Post has been published on http://blog.cripperz.sg/2014/06/27/xen-server-console-vm-via-command-line-cli/

Xen Server console to vm via command line / CLI

How to get console on linux domU with XenServer (xm console equivlent)

Besides the gui/vnc con­soles you can still use the equiv­lent of xm con­sole in Cit­rix XenServer.

On the host console:

  • xe vm-list to get the list of domins run­ning (just note the uuid of the domain you want).
  • list_domains will list the domain name and the uuid of the domains. Match up your uuid so you get the proper dom_id
  • xm con­sole equiv­lent is /usr/lib/xen/bin/xenconsole dom_id

Its not in the root users $PATH though I think it ought to be. Of course you can sym­link it or alter your path your­self but it would be a sen­si­ble default.

Exam­ple:

xen01 = dom0

knox = lin­uxpv domU

Say I want to con­nect to knox (a linux domU)

1
2
3
4
5
6
7
8
9
10
11
12
[root@xen01 ~]# xe vm-list
uuid ( RO)           : 8258a6d4-23f6-003d-30d7-65bd13086863
name-label ( RW): knox
power-state ( RO): running
uuid ( RO)           : 1a191475-a99d-7a77-6550-b30a0038fd92
name-label ( RW): Windows Server 2008 SP2 x86
power-state ( RO): halted
uuid ( RO)           : ffd95724-d818-4f15-b4b4-159b7ff41df4
name-label ( RW): Control domain on host: xen01
power-state ( RO): running

Now get domain ids

1
2
3
4
5
6
[root@xen01 ~]# list_domains
id |                                 uuid |  state
0 | ffd95724-d818-4f15-b4b4-159b7ff41df4 |     R
1 | bc150966-8c21-7ad9-c329-839d5823041d |    B H
7 | baa3699b-95dd-eea0-ccc4-51e8972857f5 |    B
11 | 8258a6d4-23f6-003d-30d7-65bd13086863 |    B

You can see the domain ID that matches the UUID of knox is 11. So we use xenconsole.

1
2
3
4
[root@xen01 ~]# /usr/lib/xen/bin/xenconsole 11
(press enter)
You have new mail in /var/spool/mail/root
[root@knox ~]#

Source Article @ http://blog.cripperz.sg/2014/06/27/xen-server-console-vm-via-command-line-cli/

Setting up network alias in BSD (openBSD / freeBSD)

Setting up network alias in BSD (openBSD / freeBSD)

FreeBSD
  1. Find the Interface
  2. Set a Temporary IP Alias
  3. Set a Permanent IP Alias
  4. Remove an IP Alias
OpenBSD
  1. Find the Interface
  2. Set an IP Alias
  3. Make the IP Alias Permanent
  4. Remove an IP Alias

FreeBSD

Find the Interface

If you want to put an IP alias on an interface under FreeBSD, first find the interface:

 FreeBSD# ifconfig 
 em0: flags=8843 metric 0 mtu 1500 options=19b ether 00:1c:25:74:af:69 inet…

View On WordPress

Setting up network alias in BSD (openBSD / freeBSD) - BLog.CripperZ.SG

New Post has been published on http://blog.cripperz.sg/2014/06/26/setting-network-alias-bsd-openbsd-freebsd/

Setting up network alias in BSD (openBSD / freeBSD)

FreeBSD

  1. Find the Interface
  2. Set a Temporary IP Alias
  3. Set a Permanent IP Alias
  4. Remove an IP Alias

OpenBSD

  1. Find the Interface
  2. Set an IP Alias
  3. Make the IP Alias Permanent
  4. Remove an IP Alias

FreeBSD

Find the Interface

If you want to put an IP alias on an interface under FreeBSD, first find the interface:

 FreeBSD# ifconfig 
 em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
         options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4>
         ether 00:1c:25:74:af:69
         inet 192.168.1.200 netmask 0xffffff00 broadcast 192.168.1.255
         media: Ethernet autoselect (100baseTX <full-duplex>)
         status: active
 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
         inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 
         inet6 ::1 prefixlen 128 
         inet 127.0.0.1 netmask 0xff000000 

In our case the interface is called em0. We will use this name in all the examples. Replace it with the interface name you find on your system!

Set a Temporary IP Alias

Then set the alias with ifconfig

 FreeBSD# ifconfig em0 192.168.100.200 netmask 255.255.255.0 alias

This sets an IP address 192.168.100.200 to em0. Check again with ifconfig:

 FreeBSD# ifconfig
 em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
         options=19b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4>
         ether 00:1c:25:74:af:69
         inet 192.168.1.200 netmask 0xffffff00 broadcast 192.168.1.255
         inet 192.168.100.200 netmask 0xffffff00 broadcast 192.168.100.255
         media: Ethernet autoselect (100baseTX <full-duplex>)
         status: active
 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
         inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 
         inet6 ::1 prefixlen 128 
         inet 127.0.0.1 netmask 0xff000000 

Now we see two IP addresses on em0. If you want to set an IP address within the same network you would have to set a fake netmask of 255.255.255.255.

Set a Permanent IP Alias

The above alias will be lost after the next reboot. If you need a permanent alias, add the following line to /etc/rc.conf:

 ifconfig_em0_alias0="192.168.100.200 netmask 255.255.255.0"

and restart the network:

 FreeBSD# /etc/rc.d/netif restart && /etc/rc.d/routing restart

Remove an IP Alias

To remove the alias (until next reboot, if you made it permanent), just remove the IP address from the interface you put on it earlier:

 FreeBSD# ifconfig em0 192.168.100.200 delete

OpenBSD

Setting an IP alias to an interface with OpenBSD is straight forward:

Find the Interface

First find the interface you want to put an IP alias with ifconfig:

 OpenBSD# ifconfig
 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33208
         groups: lo
         inet 127.0.0.1 netmask 0xff000000
         inet6 ::1 prefixlen 128
         inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
 vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
         lladdr 00:40:45:28:89:37
         groups: egress
         media: Ethernet autoselect (100baseTX full-duplex)
         status: active
         inet 192.168.1.199 netmask 0xffffff00 broadcast 192.168.1.255
         inet6 fe80::240:45ff:fe28:8937%vr0 prefixlen 64 scopeid 0x2

From the above output you see that your current IP address is put on vr0. We will use this name in all the examples. Replace it with the interface name you find on your system!

Set an IP Alias

To put a second IP address to the same interface, just enter on the commandline as root:

 OpenBSD# ifconfig vr0 inet alias 192.168.100.199 netmask 255.255.255.0

This sets an IP address 192.168.100.199 to vr0. Check again with ifconfig:

 OpenBSD# ifconfig -A
 lo0: flags=8049 mtu 33208
         groups: lo
         inet 127.0.0.1 netmask 0xff000000
         inet6 ::1 prefixlen 128
         inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
 vr0: flags=8843 mtu 1500
         lladdr 00:40:45:28:89:37
         groups: egress
         media: Ethernet autoselect (100baseTX full-duplex)
         status: active
         inet 192.168.1.199 netmask 0xffffff00 broadcast 192.168.1.255
         inet6 fe80::240:45ff:fe28:8937%vr0 prefixlen 64 scopeid 0x2
         inet 192.168.100.199 netmask 0xffffff00 broadcast 192.168.100.255

Now we see two IP addresses on vr0. If you want to set an IP address within the same network you would have to set a fake netmask of 255.255.255.255.

Make the IP Alias Permanent

If you use ifconfig to set an IP alias, the alias won’t be present after the next reboot. To make the setting permanent, add a line to /etc/hostname.<INTERFACE>:

 OpenBSD# vi /etc/hostname.vr0
 inet 192.168.1.199 255.255.255.0 NONE 
         inet alias 192.168.100.199 255.255.255.0

Remove an IP Alias

You can remove an IP alias with a comand like this:

 OpenBSD# ifconfig vr0 192.168.100.199 delete

This deletes the second IP address from the interface keeping the first.

Source: UnixWerk

Source Article @ http://blog.cripperz.sg/2014/06/26/setting-network-alias-bsd-openbsd-freebsd/

Postfix empty / delete all mail queue command line

Postfix empty / delete all mail queue command line

Empty Postfix Mail Queue

This command will delete one specific email from the mailq (taken from the postsuper man page) mailq
| tail +2 | grep -v ‘^ *(‘ | awk ‘BEGIN { RS = “” } { if ($8 ==
“email@address.com” && $9 == “”) print $1 } ‘ | tr -d ‘*!’ |
postsuper -d -

I use a few scripts that check the status of our servers and email/page me if they don’t respond. This led to a problem when I was…

View On WordPress

Postfix empty / delete all mail queue command line - BLog.CripperZ.SG

New Post has been published on http://blog.cripperz.sg/2014/06/19/postfix-empty-delete-mail-queue-command-line/

Postfix empty / delete all mail queue command line

Empty Postfix Mail Queue

This command will delete one specific email from the mailq (taken from the postsuper man page)


I use a few scripts that check the status of our servers and email/page me if they don’t respond. This led to a problem when I was offline for one reason or another. I would get a ton of messages sent to the postfix queue which would all be sent out when I reconnected to the internet. Deleting the postfix mail Queue is suprisingly easy: This command will delete all messages in the Postfix queue. If you need more selective deleting, this can be done as well, use ‘man postsuper’ to find out all of the available options.


The other thing that helped with this was checking for a local network connection before doing the server checks. This is done with the following.

Source Article @ http://blog.cripperz.sg/2014/06/19/postfix-empty-delete-mail-queue-command-line/

How to delete million of files on busy Linux servers (rm -f *: Argument list too long)

How to delete million of files on busy Linux servers (rm -f *: Argument list too long)

How to delete million of files on busy Linux servers (rm -f *: Argument list too long)

If you try to delete more than 131072 of files on Linux with rm -f *, where the files are all stored in the same directory, you will get an error:

/bin/rm: Argument list too long.

I’ve earlier blogged on deleting multiple files on Linux and FreeBSD and this is not my first time facing this error.
Anyways, as…

View On WordPress

How to delete million of files on busy Linux servers (rm -f *: Argument list too long) - BLog.CripperZ.SG

New Post has been published on http://blog.cripperz.sg/2014/06/17/delete-million-files-busy-linux-servers-rm-f-argument-list-long/

How to delete million of files on busy Linux servers (rm -f *: Argument list too long)

How to delete million of files on busy Linux servers (rm -f *: Argument list too long)

If you try to delete more than 131072 of files on Linux with rm -f *, where the files are all stored in the same directory, you will get an error:

/bin/rm: Argument list too long.

I’ve earlier blogged on deleting multiple files on Linux and FreeBSD and this is not my first time facing this error.
Anyways, as time passed, I’ve found few other new ways to delete large multitudes of files from a server.

In this article, I will explain shortly few approaches to delete few million of obsolete files to clean some space on your server.
Here are 3 methods to use to clean your tons of junk files.

1. Using Linux find command to wipe out millions of files

a.) Finding and deleting files using find’s -exec switch:

# find . -type f -exec rm -fv ;

This method works fine but it has 1 downside, file deletion is too slow as for each found file external rm command is invoked.

For half a million of files or more, using this method will take “long”. However from a server hard disk stressing point of view it is not so bad as, the files deletion is not putting too much strain on the server hard disk.
b.) Finding and deleting big number of files with find’s -delete argument:

Luckily, there is a better way to delete the files, by using find‘s command embedded -delete argument:

# find . -type f -print -delete

c.) Deleting and printing out deleted files with find’s -print arg

If you would like to output on your terminal, what files find is deleting in “real time” add -print:

# find . -type f -print -delete

To prevent your server hard disk from being stressed and hence save your self from server normal operation “outages”, it is good to combine find command with ionice, e.g.:

# ionice -c 3 find . -type f -print -delete

Just note, that ionice cannot guarantee find’s opeartions will not affect severely hard disk i/o requests. On  heavily busy servers with high amounts of disk i/o writes still applying the ionice will not prevent the server from being hanged! Be sure to always keep an eye on the server, while deleting the files nomatter with or without ionice. if throughout find execution, the server gets lagged in serving its ordinary client requests or whatever, stop the execution of the cmd immediately by killing it from another ssh session or tty (if physically on the server).

2. Using a simple bash loop with rm command to delete “tons” of files

An alternative way is to use a bash loop, to print each of the files in the directory and issue /bin/rm on each of the loop elements (files) like so:

for i in *; do
rm -f $i;
done

If you’d like to print what you will be deleting add an echo to the loop:

# for i in $(echo *); do
echo "Deleting : $i"; rm -f $i;

The bash loop, worked like a charm in my case so I really warmly recommend this method, whenever you need to delete more than 500 000+ files in a directory.

3. Deleting multiple files with perl

Deleting multiple files with perl is not a bad idea at all.
Here is a perl one liner, to delete all files contained within a directory:

# perl -e 'for(<*>)((stat)[9]<(unlink))'

If you prefer to use more human readable perl script to delete a multitide of files use delete_multple_files_in_dir_perl.pl

Using perl interpreter to delete thousand of files is quick, really, really quick.
I did not benchmark it on the server, how quick exactly is it, but I guess the delete rate should be similar to find command. Its possible even in some cases the perl loop is  quicker …

4. Using PHP script to delete a multiple files

Using a short php script to delete files file by file in a loop similar to above bash script is another option.
To do deletion  with PHP, use this little PHP script:

<?php
$dir = "/path/to/dir/with/files";
$dh = opendir( $dir);
$i = 0;
while (($file = readdir($dh)) !== false)
$file = "$dir/$file";
if (is_file( $file))
unlink( $file);
if (!(++$i % 1000))
echo "$i files removedn";



?>

As you see the script reads the $dir defined directory and loops through it, opening file by file and doing a delete for each of its loop elements.
You should already know PHP is slow, so this method is only useful if you have to delete many thousands of files on a shared hosting server with no (ssh) shell access.

This php script is taken from Steve Kamerman’s blog . I would like also to express my big gratitude to Steve for writting such a wonderful post. His post actually become  inspiration for this article to become reality.

You can also download the php delete million of files script sample here

To use it rename delete_millioon_of_files_in_a_dir.php.txt to delete_millioon_of_files_in_a_dir.php and run it through a browser .

Note that you might need to run it multiple times, cause many shared hosting servers are configured to exit a php script which keeps running for too long.
Alternatively the script can be run through shell with PHP cli:

php -l delete_millioon_of_files_in_a_dir.php.txt.

5. So What is the “best” way to delete million of files on Linux?

In order to find out which method is quicker in terms of execution time I did a home brew benchmarking on my thinkpad notebook.

a) Creating 509072 of sample files.

Again, I used bash loop to create many thousands of files in order to benchmark.
I didn’t wanted to put this load on a productive server and hence I used my own notebook to conduct the benchmarks. As my notebook is not a server the benchmarks might be partially incorrect, however I believe still .they’re pretty good indicator on which deletion method would be better.

hipo@noah:~$ mkdir /tmp/test
hipo@noah:~$ cd /tmp/test;
hiponoah:/tmp/test$ for i in $(seq 1 509072); do echo aaaa >> $i.txt; done

I had to wait few minutes until I have at hand 509072  of files created. Each of the files as you can read is containing the sample “aaaa” string.

b) Calculating the number of files in the directory

Once the command was completed to make sure all the 509072 were existing, I used a find + wc cmd to calculate the directory contained number of files:

hipo@noah:/tmp/test$ find . -maxdepth 1 -type f |wc -l
509072

real 0m1.886s
user 0m0.440s
sys 0m1.332s

Its intesrsting, using an ls command to calculate the files is less efficient than using find:

hipo@noah:/tmp/test$ time ls -1 |wc -l
509072

real 0m3.355s
user 0m2.696s
sys 0m0.528s

c) benchmarking the different file deleting methods with time

- Testing delete speed of find

hipo@noah:/tmp/test$ time find . -maxdepth 1 -type f -delete
real 15m40.853s
user 0m0.908s
sys 0m22.357s

You see, using find to delete the files is not either too slow nor light quick.

- How fast is perl loop in multitude file deletion ?

hipo@noah:/tmp/test$ time perl -e 'for(<*>)((stat)[9]<(unlink))'real 6m24.669suser 0m2.980ssys 0m22.673s

Deleting my sample 509072 took 6 mins and 24 secs. This is about 3 times faster than find! GO-GO perl :)
As you can see from the results, perl is a great and time saving, way to delete 500 000 files.

- The approximate speed deletion rate of of for + rm bash loop

hipo@noah:/tmp/test$ time for i in *; do rm -f $i; done

real 206m15.081s
user 2m38.954s
sys 195m38.182s

You see the execution took 195m en 38 secs = 3 HOURS and 43 MINUTES!!!! This is extremely slow ! But works like a charm as the running of deletion didn’t impacted my normal laptop browsing. While the script was running I was mostly browsing through few not so heavy (non flash) websites and doing some other stuff in gnome-terminal) :)

As you can imagine running a bash loop is a bit CPU intensive, but puts less stress on the hard disk read/write operations. Therefore its clear using it is always a good practice when deletion of many files on a dedi servers is required.

b) my production server file deleting experience

On a production server I only tested two of all the listed methods to delete my files. The production server, where I tested is running Debian GNU / Linux Squeeze 6.0.3. There I had a task to delete few million of files.
The tested methods tried on the server were:

- The find . type -f -delete method.

- for i in *; do rm -f $i; done

The results from using find -delete method was quite sad, as the server almost hanged under the heavy hard disk load the command produced.

With the for script all went smoothly. The files were deleted for a long long time (like few hours), but while it was running, the server continued with no interruptions..

While the bash loop was running, the server load avarage kept at steady 4
Taking my experience in mind, If you’re running a production, server and you’re still wondering which delete method to use to wipe some multitude of files, I would recommend you go  the bash for loop + /bin/rm way. Yes, it is extremely slow, expect it run for some half an hour or so but puts not too much extra load on the server..

Using the PHP script will probably be slow and inefficient, if compared to both find and the a bash loop.. I didn’t give it a try yet, but suppose it will be either equal in time or at least few times slower than bash.

If you have tried the php script and you have some observations, please drop some comment to tell me how it performs.

To sum it up;

Even though there are “hacks” to clean up some messy parsing directory full of few million of junk files, having such a directory should never exist on the first place.

Frankly, keeping millions of files within the same directory is very stupid idea.
Doing so will have a severe negative impact on a directory listing performance of your filesystem in the long term.

The reason this occurs is because bash actually expands the asterisk to every matching file, producing a very long command line.

Try this:

find . -name "*.pdf" -print0 | xargs -0 rm

Warning: this is a recursive search and will find (and delete) files in subdirectories as well. Tack on -f to the rm command only if you sure you don’t want confirmation.

If you’re on Linux, you can do the following to make the command non-recursive:

find . -name "*.pdf" -maxdepth 1 -print0 | xargs -0 rm

Source Article @ http://blog.cripperz.sg/2014/06/17/delete-million-files-busy-linux-servers-rm-f-argument-list-long/

Over 2000 computers in Singapore infected by “Gameover Zeus”, here is how you can test your PC if it’s infected

Over 2000 computers in Singapore infected by “Gameover Zeus”, here is how you can test your PC if it’s infected

BREAKING: 2,000 users in Singapore affected by the computer viruses Gameover Zeus and CryptoLocker malware: IDA http://cna.asia/1in7QuF

antivirus-100066277-large

Users can test by simply visiting a Web page if their computers have been infected with Gameover Zeus, a sophisticated online banking Trojan that law enforcement officers temporarily disrupted last week.

The one-click testwas developed by security researchers…

View On WordPress

Over 2000 computers in Singapore infected by “Gameover Zeus”, here is how you can test your PC if it’s infected - BLog.CripperZ.SG

New Post has been published on http://blog.cripperz.sg/2014/06/11/2000-computers-singapore-infected-gameover-zeus-can-test-pc-infected/

Over 2000 computers in Singapore infected by “Gameover Zeus”, here is how you can test your PC if it’s infected

BREAKING: 2,000 users in Singapore affected by the computer viruses Gameover Zeus and CryptoLocker malware: IDA

antivirus-100066277-large

Users can test by simply visiting a Web page if their computers have been infected with Gameover Zeus, a sophisticated online banking Trojan that law enforcement officers temporarily disrupted last week.

The one-click test was developed by security researchers from antivirus vendor F-Secure and takes advantage of the malware’s aggressive URL matching algorithm.

Gameover Zeus monitors and injects rogue code into Web browsing sessions when users access banking and other popular websites from infected computers. The targeted sites are determined by regular-expression-based rules listed in the malware’s configuration file.

For example, to steal log-in credentials for Amazon.com or other Amazon websites the malware monitors if any URLs accessed in the browser match the following regular expression: http.*?://.*?amazon..*?/.*?. However, this regular expression matches not just Amazon sites, but any URL that has “amazon” in it, including https://www.f-secure.com/amazon.com/index.html.

“We can use this to ‘trick’ Gameover bots and make an easy check to see if an infection is present in your browser!” said Antti Tikkanen, director of security response at F-Secure, in a blog post Monday.

Tricking an infected PC to “bite”

Visiting the test page set up by F-Secure from a Gameover-infected computer will force the malware to inject its malicious code into it. The page then performs a check on itself to detect if Gameover-specific code was added.

“We search for the string ‘LoadInjectScript’,” Tikkanen said. “If the string is found on the page, we know Gameover Zeus has infected your browser!”

The test is not perfect though, because the malware doesn’t support native 64-bit browsers, so visiting the F-Secure page from such a browser will not detect the infection. Users are therefore advised to perform the test using a 32-bit version of Internet Explorer, Google Chrome or Mozilla Firefox.

F-Secure also provides a free online scanner that is capable of detecting and removing the threat.

Law enforcement agencies from multiple countries worked with security vendors to disrupt the Gameover Zeus botnet at the beginning of June.

According to the FBI, the malware infected over 1 million computers and was used to steal millions of dollars from businesses and Internet users worldwide. It was also used to distribute CryptoLocker, a separate malware threat that encrypts files and asks for a ransom to restore them.

The Gameover Zeus botnet has a peer-to-peer architecture with no single point of failure, so it’s possible that its operators might attempt to regain control of it in the future. Because of this, users are advised to scan their computers and remove the malware if found as possible.

Source Article @ http://blog.cripperz.sg/2014/06/11/2000-computers-singapore-infected-gameover-zeus-can-test-pc-infected/

Ipv6 Tunnel on OpenVZ VPS

Ipv6 Tunnel on OpenVZ VPS

You can get IPv6 connectivity using a tunnel, if you don’t have native IPv6 support.
Doing this is pretty straightforward if you have a dedicated server or a KVM VPS.

However, with an OpenVZ VPS, things are a little different.

Here’s how you can get IPv6 working on a OpenVZ VPS with a tunnel – Tutorial for Ubuntu 12.04 LTS.

  1. Create a tunnel at tunnelbroker.net
    Hurricane Electric allows creation of…

View On WordPress