unix list files opened by process application

How to list files being used by the application

When you need to know which files are being used by the application  un unix/linux, you could try using the lsof command:

$ lsof -p <pid number>

But sometimes there is no lsof installed. In that case you can you the awk command:

$ pid=1337$ awk '!/\[/&&$6{_[$6]++}END{for(i in _)print i}' /proc/$pid/maps

SOA Web Services Security Testing

Today, while I was searching for some information regarding SOA and security in web services, I found this article written by one of my colleagues.

Here is the link to  the article:


http://ipsec.pl/web-application-security/2013/web-services-security-testing.html

How to create new domain in Weblogic using gui or console mode

How to create a new domain in Weblogic?

There are couple options when you want to create/ extend a domain in Weblogic: 

1. Configuration Wizard in either GUI/ or console ( text-mode mode)
2. WLST
3. Create the files manually
4. Copy the domain from another project :)

1a.Using the GUI mode:

in the shell go to the WLS binaries directory:

${WLS_HOME}/common/bin

and run the following script:

./config.sh

or

${WLS_BIN}/common/bin/config.sh

If the system can not support GUI mode, Configuration Wizard will start text-based mode.

1b. Using the console ( text-based ) mode:

in the shell go to the WLS binaries directory:

${WLS_HOME}/common/bin

and run the following script:

./config.sh -mode=console

or

${WLS_BIN}/common/bin/config.sh -mode=console

2. Using WLST mode

http://docs.oracle.com/cd/E13222_01/wls/docs92/config_scripting/domains.html

What are MBeans JavaBeans and JMX

What are MBeans JavaBeans and JMX

What are MBeans?

MBeans Objects are type of JavaBean, created (mostly) with the Dependency Injection

What is inside the MBean?

MBeans represent current state/ resource of a running parts of the application, and expose the management interface containing:

1. getters / setters – in order to set or get specific values on the particular items
2. ability to perform more advanced operations
3. provide self description mechanism

MBeans structure:

So basically MBeans can hold information like statistics, current configuration, or simply act as a key-value store.

MBeans are registeresd to the MBean Server and are used in the JMX (Java Management Extensions technology).

JMX:

JMX (Java Management Extensions) – allows co connect to the currently running JVM to monitor/ manager running applications through MBeans.

JMX can communicate with the MBeans through a connector (RMI, IIOP, JMS…)that talk with the MBean Server via API. MBean Server is a bridge between the connector and MBeans.


The JMX specification defines following types of MBeans:

1. Standard MBeans
2. Dynamic MBeans
3. Open MBeans
4. Model MBeans
5. MXBeans

Resources:

http://docs.jboss.org/jbossas/jboss4guide/r4/html/jbosscache.chapt.html https://blogs.oracle.com/jmxetc/entry/what_is_jmx

How to disable remote shutdown in Tomcat (secure)

How to disable remote shutdown in Tomcat

Examples:

• change the port number from default to different one (not recommended)
• change the shutdown command (partially recommended)
• change port number to -1 (recommended)

By default Tomcat listens on port 8005 for SHUTDOWN command. When such message is received, all applications within this context are shutdown. By default it is bound to loopback interface, though not accessible from external network. For security reasons I’d strongly advise to disable this functionality if it is not needed, just in case some user might shutdown the service on purpose or by accident.

We can find this definition in the server.xml file

$CATALINA_HOME/conf/server.xml

<Server port="8005" shutdown="SHUTDOWN">

You might have ‘address’ variable in this line. This indicates possible usage of multiple NIC (http://en.wikipedia.org/wiki/Network_interface_controller

We can prevent shutting down on specific port by changing these values.

EXAMPLE 1:

Change the settings in the server.xml file from:

<Server port="8005" shutdown="SHUTDOWN">

To:

<Server port="8008" shutdown="SECRETCOMMAND">

From now on, only SECRETCOMMAND command will shutdown the instance. All other commands (including SHUTDOWN) will fail.

Result:

[me@me ~]$ telnet 192.168.1.3 8005 Trying 192.168.1.3... Connected to 192.168.1.3. Escape character is '^]'. SHUTDOWN Connection closed by foreign host.

Response (by default- catalina.out file) :

WARNING: StandardServer.await: Invalid command 'SHUTDOWN' received

EXAMPLE 2: 

Change the settings in the server.xml file from:

<Server port="8005" shutdown="SHUTDOWN">

To 

<Server port="8001" shutdown="SHUTDOWN">

From now on only SHUTDOWN command issued on port 8001 (if not used by other application) will shutdown the instance. Port 8005 will not be used by this instance. 

Result: 

[me@me ~]$ telnet 192.168.1.3 8005 Trying 192.168.1.3... telnet: connect to address 192.168.1.3: Connection refused

EXAMPLE 3 (recommended): 

Change the settings in the server.xml file from:

<Server port="8005" shutdown="SHUTDOWN">

To

<Server port="-1" shutdown="SHUTDOWN">

This will disable SHUTDOWN service/ command for good :)

Result:

[me@me ~]$ telnet 192.168.1.3 8005 Trying 192.168.1.3... telnet: connect to address 192.168.1.3: Connection refused

AJP (Liferay/ Tomcat) no response fix

https://github.com/wheelq/AJP.Stats

Description of the issue

When using Liferay on Tomcat + Apache/nginx you might experience a small Denial Of Service from time to time. In the most cases the issue is in Tomcat's configuration, well to be more precise - in lack of the configuration ;)

When defining an AJP connector on port 8009:

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" address="10.0.1.2" URIEncoding="UTF-8">

People often miss one important setting -connectiontimeout andkeepAlivetimeout.

Solution

connectiontimeout - is the number of milliseconds Connector will wait, after accepting a connection, for the request URI to be presented. If no value is defined, then the value becomes: -1 (i.e. infinite).

KeepAliveTimeout - is the number of milliseconds Connector will wait for another AJP request before closing the connection. The default value is to use the value that has been set for the connectiontimeout attribute.

Lack of this configuration might cause the DOS (Denial Of Service) of the application itself. Once you have fixed this problem be defining the settings mentioned above you might want to monitor number of connections to your application/Liferay and see if there is a high number of connections maintained or not.

AJP.Stats

That is why I have created small, not really intelligent, very slow, but working script to make your life easier :)

ENJOY! :)

https://github.com/wheelq/AJP.Stats

mod_unique_id unable to find IPv4 address - IBM HTTP Server not starting

There might be several causes of this issue, why after starting the IHS there is no process running in the system.

# ./apachectl start
#ps -ef | grep httpd
#

No errors thrown, no process running. Even config test runs fine:

$./apachectl configtest

Syntax OK

We could check if it is SELinux issue, but we will check the logs first:

#tail error_log

[Sun Feb 09 17:31:40 2014] [alert] (EAI 2)Name or service not known: mod_unique_id: unable to find IPv4 address of "test0"

The main reason for that is most probably your hostname is not defined in the /etc/hosts file.

Either you have to change your hostname to "localhost" or add the "test0" to the /etc/hosts file.