icewalkerz: October 2009

How to recover/repair lost/damage partitions

TestDisk is a powerful free data recovery software
! It was primarily designed to help recover lost partitions and/or make non-booting disks bootable again when these symptoms are caused by faulty software, certain types of viruses or human error (such as accidentally deleting a Partition Table). Partition table recovery using TestDisk is really easy.

TestDisk can:
    * Fix partition table, recover deleted partition
    * Recover FAT32 boot sector from its backup
    * Rebuild FAT12/FAT16/FAT32 boot sector
    * Fix FAT tables
    * Rebuild NTFS boot sector
    * Recover NTFS boot sector from its backup
    * Fix MFT using MFT mirror
    * Locate ext2/ext3 Backup SuperBlock
    * Undelete files from FAT, NTFS and ext2 filesystem
    * Copy files from deleted FAT, NTFS and ext2/ext3 partitions.

TestDisk has features for both novices and experts. For those who know little or nothing about data recovery techniques, TestDisk can be used to collect detailed information about a non-booting drive which can then be sent to a tech for further analysis. Those more familiar with such procedures should find TestDisk a handy tool in performing onsite recovery.

Installation:
OpenSuse 11.1 user can use "1-click" installer to install testdesk - here
After sucessfull installation go to terminall and fire command: testdesk to open the testdesk console, you need to be "root" to use deskdesk

Below are the few screen shots on how to use teskdesk, it's an menu driven and see to figure out the options

1) The first screen when you execute the testdesk

2) Here is the screen shorts after teskdest done with the analyzing the disk partition structure for any kind of errors

Refer here for more details and options to use deskdesk

How to recover deleted pictures and Video files

PhotoRec is file data recovery software designed to recover lost files including video, documents and archives from Hard Disks and CDRom and lost pictures (thus, its 'Photo Recovery' name) from digital camera memory. PhotoRec ignores the filesystem and goes after the underlying data, so it will still work even if your media's filesystem has been severely damaged or re-formatted.

PhotoRec is free, this open source multi-platform application is distributed under GNU Public License. PhotoRec is a companion program to TestDisk, an app for recovering lost partitions on a wide variety of filesystems and making non-bootable disks bootable again.

For more safety, PhotoRec uses read-only access to handle the drive or memory support you are about to recover lost data from. Important: As soon as a pic or file is accidentally deleted, or you discover any missing, do NOT save any more pics or files to that memory device or hard disk drive; otherwise you may overwrite your lost data. This means that even using PhotoRec, you must not choose to write the recovered files to the same partition they were stored on.

PhotoRec searches for known file headers. If there is no data fragmentation, which is often the case, it can recover the whole file. Photorec recognises numerous file format including ZIP, Office, PDF, HTML, JPEG and various graphics file formats. The whole list of file formats recovered by PhotoRec contains more than 180 file extensions (about 100 file famillies).

Installation:
OpenSuse 11.1 user can use "1-click" installer to install PhtoRec - here

After sucessfull installation go to terminall and fire command: PhtoRec to open the PhtoRec console, you need to be "root" to use PhtoRec

Below are the few screen shots on how to use and recover files using PhtoRec, it's an menu driven and see to figure out the options

1) The first screen when you execute the PhtoRec

2) Here is the screen shorts of PhtoRec while recovering the deleted files from the specified partition and copying the files back to a configured directory

Refer here for more details and options to use photoRec

Ubuntu Karmic : Changes between Grub 1.x and Grub2

Grub Legacy is not present in Karmic. People who upgrade from earlier versions may have the option of keeping Grub Legacy or upgrade to Grub2.

If you upgrade from Jaunty to Karmic you may get an option to keep Grub Legacy.

If you do a new install of Karmic you may install it (Grub2) on the partition instead of MBR and chainload it from existing Grub Legacy.

But I suggest everyone to just learn a couple of things and use Grub2:

1. Change in Partition numbering (hd0,X) is sdaX
2. Changes in menu entries: Grub Legacy v/s Grub2
The word "Title" has become "menuentry"
The word "root" has become "setroot"
The word "kernel" has become "Linux"
The word "initrd" remains the same
The Title decription has to be put inside ""
The Linux and initrd lines have to be put inside {}

Following are typical menuentries in grub.cfg
menuentry "Microsoft Windows XP Home Edition (on /dev/sda1)" {
set root=(hd0,1)
chainloader +1
}
menuentry "Ubuntu, Linux 2.6.31-14-generic (on /dev/sda6)" {
set root=(hd0,6)
linux /boot/vmlinuz-2.6.31-14-generic root=UUID=9ade8349-c94a-4639-a648-46b561

6b2e08 ro quiet splash
initrd /boot/initrd.img-2.6.31-14-generic
}

Credits: Kamalakar Agashe
[ http://www.orkut.co.in/Main#CommMsgs?cmm=141&tid=5397052498275796280&na=2&nst=5 ]

Which Linux Distribution to Choose?

Linux Distribution Chooser is an on line application where you have to answer series of questions, these sets also includes questions on your knowledge on Linux and type of OS you are look for and depending on your answers the application will gives you a list of recommendations on the Linux distributions that best suits your needs.

Do check this out, it's really useful.

What is Btrfs?

Btrfs (B-tree FS or "Butter FS") is a new copy on write filesystem for Linux aimed at implementing advanced features while focusing on fault tolerance, repair and easy administration. Initially developed by Oracle, Btrfs is licensed under the GPL and open for contribution from anyone.

Linux has a wealth of filesystems to choose from, but we are facing a number of challenges with scaling to the large storage subsystems that are becoming common in today's data centers. Filesystems need to scale in their ability to address and manage large storage, and also in their ability to detect, repair and tolerate errors in the data stored on disk.

The main Btrfs features include:
  * Extent based file storage (2^64 max file size)
  * Space efficient packing of small files
  * Space efficient indexed directories
  * Dynamic inode allocation
  * Writable snapshots
  * Subvolumes (separate internal filesystem roots)
  * Object level mirroring and striping
  * Checksums on data and metadata (multiple algorithms available)
  * Compression
  * Integrated multiple device support, with several raid algorithms
  * Online filesystem check
  * Very fast offline filesystem check
  * Efficient incremental backup and FS mirroring
  * Online filesystem defragmentation

Read here for Btrfs Performance Analysis

How to enable quota on OpenSuse

Quota allows System Administrator to specify limits on two aspects of disk storage: the number of inodes a user or a group of users may possess; and the number of disk blocks that may be allocated to a user or a group of users.

The idea behind quota is that users are forced to stay under their disk consumption limit, taking away their ability to consume unlimited disk space on a system. Quota is handled on a per user, per file system basis. If there is more than one file system which a user is expected to create files, then quota must be set for each file system separately.

1: To install quota: # yast2 -i quota

2: Edit /etc/fstab and add usrquota,grpquota to the mountpoints of the filesystem to which you want to enable quota (example /disk below)

# vi /etc/fstab
/dev/sda6 /disk ext3 defaults,noatime,usrquota,grpquota 0 0

3) Now go (cd) to the mount point (/disk) and create the quota files

# touch /aquota.user /aquota.group
# chmod 600 /aquota.*

4) Remount the partition: # mount -o remount /disk

5) Run the following command to initialize the quota on the /disk filesystem

# quotacheck -avugm
# quotaon -avug

The -a switch tells quotacheck to perform the check on all filesystems. The -u and -g switches tell it to check for user and group quotas. Using the -m switch means the filesystem will not be remounted as read-only.

The first time you run the quotacheck command, it will throw up several warnings because the filesystem had not been checked before.

quotacheck: Scanning /dev/sda6 [/disk] done
quotacheck: Cannot stat old user quota file: No such file or directory
quotacheck: Cannot stat old group quota file: No such file or directory
quotacheck: Cannot stat old user quota file: No such file or directory
quotacheck: Cannot stat old group quota file: No such file or directory
quotacheck: Checked 20 directories and 661 files
quotacheck: Old file not found.
quotacheck: Old file not found.

6) Your filesystems are now set up to use disk quotas. To turn them on, use the quotaon command:

# quotaon -augv
/dev/sda6 [/disk]: group quotas turned on
/dev/sda6 [/disk]: user quotas turned on

Once quotas are enabled, you can use the edquota command to limit the disk space available to users. The edquota -u username command will open up a text editor wherein you can specify the soft and hard inodes and blocks limits for a particular user. The edquota -g command can similarly be used to edit group quotas.

How to create an Encrypted Partition (local or removable disk)

Attention: following this tutorial will wipe all data from the partition or device you write it to. You cannot encrypt your file system after-the-fact using this method. Be sure you have backups or don’t care about the data being lost if you follow these steps!!!

Step 1:
The first step in the tutorial is installing the cryptsetup utility, which is part of the cryptsetup package. You can search for this using your favorite package management utility or use this command:

sudo aptitude install cryptsetup

Step 2: Prepare a partition using gparted or fdisk

Step 3:
To make sure that your kernel is up to date concerning the newly created / altered partition table you may need to run the command:

sudo partprobe

Step 4:(optional)

We’ll write data over the newly created partition to help aid in the encryption process. By writing data to the partition prior to encryption it helps protect against data attacks, finding patterns on the block-level, etc. You can use one of the following three commands:

sudo dd if=/dev/zero of=/dev/[your device] bs=4K
(this method is probably recommended unless you expect active attacks against your encryption layer)

sudo badblocks -vfw /dev/[your device] [block-size-of-your-device]
(this option will write 5 data patterns across your drive and overwrite and verify the data. This is used to check for badblocks, but can also be used to wipe out any existing data)
sudo dd if=/dev/urandom of=/dev/[your device] bs=4K
(this method is considered pretty secure. It is based on the truly random option below but is pseudo-random data--probably a very good option in most cases.)

sudo dd if=/dev/random of=/dev/[your device] bs=4K
(this is considered the most secure but will take a long time. It is also important to generate a lot of random data on your machine. Launch some applications, do some high disc I/O, move the mouse erratically, etc. This may take DAYS!)

Step 5:

At this point the partition is ready to be encrypted. Now there are multiple encryption methods and options to be used within each. This tutorial outlines using the LUKS encryption with my prefered string length, hash and cipher. You may change these if you know what you’re doing. If not, omitting my options will use the defaults (ripemd160 hash). This command will remind you that all data will be lost (although we already lost everything in Step 4. This is also where you’ll be prompted for your passphrase to access theencryption.

sudo cryptsetup luksFormat /dev/[your device] -c aes -s 256 -h sha256

(again, past [your device] are my preferred options)

If you see an error near this point similar to “Failed to setup dm-crypt key mapping. Check kernel for support for the aes-cbc-plain cipher spec and verify that /dev/[yourdevice] contains at least 258 sectors.” you’ll need to run this command:

sudo modprobe dm-crypt

You may want to have this module auto-magically added at boot time by appending this line to your /etc/modules file:

dm-crypt

Step 6:
Now that we’ve created the encryption basic layout on the partition we need to open the encrypted partition for use.

sudo cryptsetup luksOpen /dev/[your device] name

(name can be whatever you like. I use things like secure or vault or encrypt)

Step 7:
Now that we have the device open and added to the dm (dev mapper) system we can actually create a file system on it and use it. One last command and we’ve got ourselves an encrypted, usable filesystem.

sudo mke2fs -j /dev/mapper/name -L label

(where name was applied above and label is the filesystem label. I generally match the two. This also assumes an ext3 file system. If you know you want a different filesystem type I'm assuming you know the right command.)

If you’ve come this far your device is ready to use. A few additional points that you may be interested in.
Additional
First, if this is a local partition and filesystem, such as a /data folder, you may want it to be mounted automagically at boot time. You can add the new partition to your /etc/fstab file to be mounted at boot. Be sure to specify the /dev/mapper/[name] location and not the original partition location. You should note that when your booting system arrives at this device it will prompt you for a passphrase key and halt the boot process until one is provided. An example of a line in the /etc/fstab is:

/dev/mapper/name /data ext3 defaults 0 0

Second, if you are using this on a removable drive such as a usb key the Gnome Desktop (someone verify in KDE?) will recognize the encrypted setup and prompt you for a key visually. A message such as “The storage device contains encrypted data. Enter a password to unlock” will appear. You will be required to know the passphrase (as supplied in Step 5) to access thisdevice again. The desktop system also allows you to “ forget immediately“, “remember password until you logout” or “remember forever” the key provided. Those options are up to you and your usage. “Remember forever” should store the key in your gnome keyring.
Third, if you are following this guide for use on a removable disk you may want to change ownership (chown) on the mounted path and set group id (sgid) on the directory so that your user has full permissions. Considering we ran everything with sudo the mounted path and ownership is probably set to the root user. You can use these two commands to set the permissions:

sudo chown -R user.user /media/[name]
(user.user should, of course, be replaced with your username on the system)

sudo chmod g+s /media/[name]
([name] is the mount point that the system auto-mounted the device on. It *should* match whatever you set the label to in step 7.)

There is also an option to create multiple keys to unlock the device. This is helpful if it is a multi-user system and you don’t want to use a shared passphrase. You would add a key to the encrypted device using:

sudo cryptsetup luksAddKey /dev/[your device]

This will prompt you for your current key and then the new key. The new key will have to be entered twice. Also, if you want to remove a key you can use the similar:

sudo cryptsetup luksDelKey /dev/[your device] [slot #]

To find out more information about your encrypted partition / device, and to see things such as assigned key slots, you can also use:

sudo cryptsetup status name

sudo cryptsetup luksDump /dev/[your device]

Credits : http://ubuntu-tutorials.com/2007/08/17/7-steps-to-an-encrypted-partition-local-or-removable-disk/

Encrypt-Decrypt file using OpenSSL

The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.

OpenSSL is based on the excellent SSLeay library developed by Eric A. Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an Apache-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes subject to some simple license conditions.

To encrypt a file:

$ openssl des3 -salt -in file.log -out file.des3
enter des-ede3-cbc encryption password:
Verifying - enter des-ede3-cbc encryption password:

The above will prompt for a password, or you can put it in with a -k option, assuming you’re on a trusted server.

To Decrypt: openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword

Running Linux on Windows XP

"If Linux
runs on every architecture, why should another operating system be in its way? "

Cooperative Linux is the first working free and open source method for optimally running Linux on Microsoft Windows natively. More generally, Cooperative Linux (short-named coLinux) is a port of the Linux kernel that allows it to run cooperatively alongside another operating system on a single machine.

For instance, it allows one to freely run Linux on Windows 2000/XP, without using a commercial PC virtualization software such as VMware, in a way which is much more optimal than using any general purpose PC virtualization software.

Unlike in other Linux virtualization solutions such as User Mode Linux (or the forementioned VMware), special driver software on the host operating system is used to execute the coLinux kernel in a privileged mode (known as ring 0 or supervisor mode).

coLinux is a port of the standard Linux kernel. In other words, coLinux is the Linux kernel that's modified to run cooperatively with another operating system. The host operating system (Windows or Linux) maintains control of the physical resources of the operating system, while the guest operating system (coLinux) is provided with a virtual abstraction of the hardware. The host operating system must provide the means to execute a driver in the privileged ring (ring 0) and export the means to allocate memory

The root file system for coLinux is a regular file within the host operating system. To Windows it's just a regular file, but to coLinux it's an ext3 file system that can be read and written to..

To cooperatively share hardware with the host operating system, coLinux does not access I/O devices directly. Instead, it interfaces with emulated devices provided by the coLinux drivers in the host OS. For example, a regular file in Windows can be used as a block device in coLinux. All real hardware interrupts are transparently forwarded to the host OS, so this way the host OS's control of the real hardware is not being disturbed and thus it continues to run smoothly.

Unlike User Mode Linux, coLinux always utilizes only one process of the host OS for all its Linux processes, privately managing their scheduling, resources, and faults in a manner which is contained and entirely independent of the way the host OS is implemented. In fact, coLinux only requires a very small set of commonly exported primitives from the host OS kernel in order to work, thus, it can be rather easily ported to run under any operating system, such as Solaris, or even Linux itself.

Download: here

React Operating System - Another Windows in making

ReactOS is a free, modern operating system based on the design of Windows XP/2003. Written completely from scratch, it aims to follow the Windows architecture designed by Microsoft from the hardware level right through to the application level. This is not a Linux based system, and shares none of the unix architecture.

The main goal of the ReactOS project is to provide an operating system which is binary compatible with Windows. This will allow your Windows applications and drivers to run as they would on your Windows system. Additionally, the look and feel of the Windows operating system is used, such that people accustomed to the familiar user interface of Windows would find using ReactOS straightforward. The ultimate goal of ReactOS is to allow you to remove Windows out of your window and install ReactOS without the end user noticing the change.

ReactOS is licensed under the GNU General Public License.

More such screenshots - here

ntop (Monitor Network Traffic) installation/configuration on OpenSuSe

ntop is a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntop is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform and on Win32 as well.

ntop users can use a a web browser (e.g. Firefox) to navigate through ntop (that acts as a web server) traffic information and get a dump of the network status. In the latter case, ntop can be seen as a simple RMON-like agent with an embedded web interface. The use of:

    * a web interface
    * limited configuration and administration via the web interface
    * reduced CPU and memory usage (they vary according to network size and traffic)

make ntop easy to use and suitable for monitoring various kind of networks.

To run ntop you also require rrdtool, if not install, install it : # yast2 -i rrdtool rrdtool-devel

Installation: Use "1-click" installer to install ntop
OpenSuSe 11.1 - here
OpenSuSe 11.0 - here

Once the installation is successfully completed run ntop -A (as a root user) for the first time to set the password for the default ntop admin user (admin).

Now go to /etc/sysconfig/ntop config file and make the necessary changes like web interface (NTOPD_PORT="127.0.0.1:3000") and ethernet card (ip address) on which you want to monitor your network traffic like eth0, something like ....

After making all the necessary changes just restart the ntop server: # /etc/init.d/ntop restart and go to you web browser and point to: http://localhost:3000 to see network traffic flowing in and out of your network, something like ...

Speeding up Linux Using hdparm - Optimize Hard Disk

hdparm is a command line utility for the Linux operating systems to set and view SATA and IDE hard disk hardware parameters. It can set parameters such as drive caches, sleep mode, power management, acoustic management, and DMA settings.

Changing hardware parameters from suboptimal conservative defaults to their optimal settings can improve performance greatly. For example, turning on DMA can in some instances double or triple data throughput.

Here's how to put hdparm to use on your computer. Unlike recent tips, for this one you start by logging in as root. Type: $ su

Type the root password at the prompt. Then type: # hdparm -tT /dev/sda
Above commands should display a screen something this:

Timing cached reads: 1174 MB in 2.00 seconds = 587.03 MB/sec
Timing buffered disk reads: 174 MB in 3.01 seconds = 57.81 MB/sec

This performance isn't bad, but could be improved by tweaking some settings. Before you jump right in though, be sure to take some precautions. Some tweaks can cause problems, and may even make your hard disk unstable. First check the current settings: # hdparm /dev/sda

This will return something like:

multcount	= 16 (on)
IO_support	= 0 (default 16-bit)
unmaskirq	= 0 (off)
using_dma	= 1 (on)
keepsettings	= 0 (off)
readonly	= 0 (off)
readahead	= 256 (on)
geometry	= 65535/16/63, sectors = 60040544256, start = 0

Write down the parameters and their values, so you can set them back to the old values if needed.
To find additional info about your hard disk, use this command: # hdparm -i /dev/sda
This set of sample results from the above command shows just how detailed the information will be:

    Model=WDC WD800BD-22LRA0, FwRev=06.01D06, SerialNo=     WD-WMAM9P258947
     Config={ HardSect NotMFM HdSw>15uSec SpinMotCtl Fixed DTR>5Mbs FmtGapReq }
     RawCHS=16383/16/63, TrkSize=0, SectSize=0, ECCbytes=65
     BuffType=unknown, BuffSize=2048kB, MaxMultSect=16, MultSect=?1?
     CurCHS=16383/16/63, CurSects=16514064, LBA=yes, LBAsects=156301488
     IORDY=on/off, tPIO={min:120,w/IORDY:120}, tDMA={min:120,rec:120}
     PIO modes: pio0 pio3 pio4
     DMA modes: mdma0 mdma1 mdma2
     UDMA modes: udma0 udma1 udma2 udma3 udma4 udma5 *udma6
     AdvancedPM=no WriteCache=enabled
     Drive conforms to: Unspecified: ATA/ATAPI-1,2,3,4,5,6,7

    * signifies the current active mode

These are possible settings for your hard disk, and the tweaks you might make.
As an example, to set 32-bit I/O support flag to 3, multicount to 16 and DMA (Direct Memory Access) to 1 (= on), you give the following command from root: # hdparm -c3 -m16 -d1 /dev/sda

Enabling DMA can in some cases lead to serious instability. To disable DMA: # hdparm -d0 /dev/sda
After making changes, check to see if performance has improved: # hdparm -tT /dev/hda

File Access Permissions on Linux

File protection with chmod

chmod 400 file To protect a file against accidental overwriting.

chmod 500 dir To protect yourself from accidentally removing, renaming or moving files from this directory.

chmod 600 file A private file only changeable by the user who entered this command.

chmod 644 file A publicly readable file that can only be changed by the issuing user.

chmod 660 file Users belonging to your group can change this files, others don't have any access to it at all.

chmod 700 file Protects a file against any access from other users, while the issuing user still has full access.

chmod 755 dir For files that should be readable and executable by others, but only changeable by the issuing user.

chmod 775 file Standard file sharing mode for a group.

chmod 777 file Everybody can do everything to this file.

Special modes sticky bit

• sticky bit

– chmod +t

• when set on

– file: if sticky bit set, after job execution, the command is kept in memory

– directory: can only change files in this dir when user is owner of the file or has appropriate permissions see /tmp

Special modes set id

• set user id bit SUID

– chmod u+s

• set group id bit (SGID)

– chmod g+s

• when set on

– binary file: when run it runs with the group and or user of the file not the group/user of the person running it.

– directory: (SGID only) every file created in the directory takes same group as the directory, not the creator's group.

note: existing and copied files keep their group id)

Special modes numeric (octal) representation

0 setuid, setgid, sticky bits are cleared

1 sticky bit is set

2 setgid bit is set

3 setgid and sticky bits are set

4 setuid bit is set

5 setuid and sticky bits are set

6 setuid and setgid bits are set

7 setuid, setgid, sticky bits are set

Special modes textual representation

• SUID: If set, then replaces "x" in the owner permissions to "s", if owner has execute ermissions, or to "S" otherwise. Examples:

-rws------ both owner execute and SUID are set

-r-S------ SUID is set, but owner execute is not set

• SGID: If set, then replaces "x" in the group permissions to "s", if group has execute permissions, or to "S" otherwise. Examples:

-rwxrws--- both group execute and SGID are set

-rwxr-S--- SGID is set, but group execute not set

• Sticky bit: If set, then replaces "x" in the others permissions to "t", if others have execute permissions, or to "T" otherwise. Examples:

-rwxrwxrwt both others execute and sticky bit are set

-rwxrwxr-T sticky bit is set, but others execute is not set

How To Write, Compile and Execute C Programs under Linux

Most Linux and Unix programs are written in C. When you download source for a project, it will often be C or C++ source code. You don't necessarily need to know a darn thing about C or anything else to compile the source if you aren't changing it. It may be helpful for you to understand a bit if you are having problems with the compile, but even that isn't really necessary.

You can type you C program using any of the editors that are available under Linux such as vi or emacs or any other editor. My favourite is vi.

Source Code:
Write a Hello World C Program: Create a file call "firstprogram.c" in vi and type the following content into this file and save it.

#include
main()
{
printf("Hello World\n");
printf("My First C Program\n");
}

Once you have written and saved your C program using any editor return to the prompt. An “ls” command should display your C program. It should have the .c extension. Now at the prompt type the following

$ gcc firstprogram.c

You would be having a a.out in the same directory as the source C file. This is the default name of the executable that gcc creates. This would create problems when you compile many programs in one directory. So you override this with the -o option followed by the name of the executable

$ gcc -o hello firstprogram.c

Would create an executable by the name hello for your source code named firstprogram.c
Running the executable that you created is as simple as typing the following at the prompt.

$ ./hello

Or whatever you named your executable.

HowTo Get ClearType like Smooth Fonts in Ubuntu Linux

Turning on ClearType mode if you’re using an LCD monitor helps a lot in improving readability. Ubuntu, by default, doesn’t have ClearType turned on. However, you could achieve really nice font smoothing by just choosing an option in the settings.

In order to turn text smoothing on in Ubuntu, do the following:

    * Go to System > Preferences > Appearance
    * Go to the Fonts tab
    * Under rendering, select Subpixel Smoothing (LCD s)

* Click close

Goggles Music Manager (GMM) - Jukebox & Complete Multimedia Player

Goggles Music Manager (GMM) is a free opensource (licensed under GPLv3) music collection manager and player that automatically categorizes MP3, Ogg Vorbis, FLAC, and Musepack files based on genre, artist, album, and song. There is no need to create playlists of any kind. Just select one or more artists and albums to start playing your music.

It supports gapless playback and features easy tag editing. Googgles Music Manager is fast light-weight and starts up very quickly and there is no delay with splash screens.

Goggles Music Manager is written using OX, one of the fastest GUI toolkits available with the support for FOX-1.6.x and the latest development version FOX-1.7.x and the light-weight fast SQLite3 DB backend.

Features include,
    * Fast and light weight. Quick startup, no splash screen needed!
    * Supports Ogg Vorbis , FLAC, MP3 , MP4 , ASF and Musepack music files.
    * Support for AlbumArt embedded in tag or as separate file on disk.
    * Tag editing and file renaming capability (batch). One or more tracks may be edited at the same time.
    * Smart sorting with user configurable leading word filter to prevent sorting on common words like the, a or an.
    * Support for play lists. Play lists may be played in a certain configurable order, or browsed through like the main music library.
    * Export music library and play lists to XSPF,PLS,Extended M3U,M3U and CSV.
    * Clipboard & DND (drag-and-drop) support to arrange playlists and dragging to and from gnome / kde applications.
    * Uses xine multimedia library for gapless playback.
    * Written using FOX, one of the fastest GUI toolkits available. Support for FOX-1.6.x and the latest development version FOX-1.7.x.
    * Customizable icons. Either use buildin icons or use an existing gnome/kde icon theme.
    * Configurable user interface from minimalistic to detailed view. Full screen mode available with FOX-1.7.11.
    * Clean and fast database backend using SQLite 3.
    * Last-FM audio scrobbler support.
    * Replay Gain support (Ogg Vorbis, FLAC and mp3 with APE tags).
    * Equalizer

Installation - Goggles Music Manager:
OpenSUSE packages are provided by the PackMan project.
After successful installation you can find Goggles Music Manager

Application → Multimedia → Jukebox → Goggles Music Manager

The first time you start Goggles Music Manager, it will come up with a empty song database. In order to enjoy your music collection you first need to fill up the song database.

To add songs to the database, open up the Music menu and select "Import Folders". It will pop a dialog asking you to select from which directory you like to add songs from.

Once you press "Ok", Goggles Music Manager will add all Ogg Vorbis files located in the chosen directories and its subdirectories. Note this may take a while when you a have huge collection of songs. You only need to do this once. If you want to add new songs to the database use the "import" command in the Music menu.

If everything was successful, the database should have been filled up. Select any genre, then artist, and finally select the album and double click on the song you want to listen to.

Centos 5 Multimedia Howto

Step 1: Add the Rpmforge Repo

rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

Step 2: Add the Macromedia Repo

rpm -Uhv http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpm

Step 3: Install Multimedia Applications

yum -y install libdvdcss libdvdread libdvdplay libdvdnav lsdvd mplayerplug-in mplayer mplayer-gui compat-libstdc++-33 flash-plugin gstreamer-plugins-bad gstreamer-plugins-ugly

Step 4: Installing w32Codecs in order to play everything under the Sun.

wget www1.mplayerhq.hu/MPlayer/releases/codecs/mplayer-codecs-20061022-1.i386.rpm ; rpm -ivh mplayer-codecs-20061022-1.i386.rpm

wget www1.mplayerhq.hu/MPlayer/releases/codecs/mplayer-codecs-extra-20061022-1.i386.rpm; rpm -ivh mplayer-codecs-extra-20061022-1.i386.rpm

Note: if u got some trouble with the package 'libdvdread' , then check if u have enabled the 'epel' repository in your system . if yes , disable it !!

Backup & Restore MySQL Databases - MySQLDumper

MySQLDumper is a backup & restore management script for MySQL Databases, written in PHP and Perl, which fills this gap and offers a complete control over the databases.

MySQLDumper uses a proprietary technique to avoid execution interruption. It only reads and saves a certain amount of commands and then calls itself via JavaScript and memorizes how far in the process it was and resumes its action from its last standby.

MySQLDumper offers to write data directly into a compressed gz-File. The Restore-Script is able to read this file directly without unpacking it. Of course you can use it without compression, however using Gzip saves a sizable amount of bandwidth.

Installation & Configuration
* Download MySQLDumper - Here
* Extract the zip file under your webserver root directory: unzip msd1.24RC1.9.zip, this command will create a new directory msd1.24
* Lunch your browser and point to the msd1.24 directory, this will open up the installation wizard which is very simple and straight forward.
* After successful installation point your browser to "index.php" to open up the main application from where you can take & restore backup

Features:
MySQLDumper can read Dumpfiles from other Scripts via the integrated parser (for example from phpMyAdmin)
- Security: MySQLDumper can generate a .htaccess-file to protect itself and all of your backup-files
- MySQLDumper can do Multipart-Backups. That means: MySQLDumper can automatically split the dumpfile if it gets bigger than your chosen size. When you want to restore a backup and choose the wrong part - it doesn' matter: MySQLDumper will notice that and will get the correct startfile automatically.
- automatic Errormodul
- MiniSql: You have access to your MySQL-Tables. You can delete tables, edit or insert data. You can run/ save any SQL-Statement.
- Database-Overview: look at running processes or even stop them
- very good file-overview: backups of the same database are shown as one entry. Click it to see all of the files.
- automatic file-deletion: set your own rules to delete old backups. Specify the age or the number of files when it will be deletetd automatically to save server webspace.
- Perl Cronscript done: all features of the PHP-Script are now integrated in the Perlscript that can be started via a Cronjob
- Configuration can be set seperatly for each Script (PHP and Perl)
- befor you start a backup all your parameters are shown again, so you definitely know what you are doing :-)
- Send Emails with or without your dumpfile attached / you can set the maximum size of the attachement. If it grows bigger it won't be attached.
- Send dumpfiles via FTP to another Server. This is also working using the multipart feature.

Monitoring Apache Server

Apachetop is a curses-based realtime utility to display information from a running copy of Apache.

It is modelled after the standard 'top' utility, and displays information such as the requests pers second, bytes per second and the most popular URLs displayed.

It must be run from a machine running Apache, as it works by processing the logfiles found in /var/log/apache

Using Apachetop:
ApacheTop watches a logfile generated by Apache (in standard common or combined logformat, and generates human-parsable output in realtime.

-f logfile
Select which file to watch. Specify this option multiple times to watch multiple files.
-H hits | -T time
These options are mutually exclusive. Specify only one, if any at all. They work as follows. ApacheTop maintains a table of information internally containing all the relevant information about the hits it's seen. This table can only be a finite size, so you need to decide how big it's going to be. You have two options. You can either: Use -H to say "remember hits" or Use -T to say "remember all hits in seconds"
The default (at the moment) is to remember hits for 30 seconds. Setting this too large (whichever option you choose) will cause ApacheTop to use more memory and more CPU time. My experimentation finds that remembering no more than around 5000 requests works well.
-q
Instructs ApacheTop to keep the querystrings, not remove them.
-l
Instructs ApacheTop to lowercase all URLs, thus /FOO and /foo are treated as the same and accumulate the same statistics.
-s segments
Instructs ApacheTop to only keep the first parts of the path. Trailing slashes are kept if present. Statistics are then merged for each truncated url.
-p
Instructs ApacheTop to keep the protocol (http:// usually) at the front of its' referrer strings. Normal behaviour is to remove them to give more room to more useful information.
-r secs
Set default refresh delay, in seconds.

Example: apachetop -f /var/log/apache2/access_log

Installing Ubuntu without external media

The below method is only applicable if you alread have Linux (any) running, here I am using OpenSuSe 11.1 to install ubuntu-9.04 (Jaunty Jackalope) also you need a seperate partition to install ubuntu. you can also use gparted to create some space for ubuntu.

The benefits of installing without external media are that it can save you time if you are already familiar with the process, and you get a very usable system upon booting into the installer because it is running from a hard drive rather than a CD.

Note: you need to be root on your existing Linux system to use any of the below mentioned command

1) Download ubuntu iso - here

Note: I got my OpenSuSe 11.1 installed on /dev/sda2 and I want to install ubuntu on /dev/sda6, so check you device and move on.

2) Copy the iso contents using the command :

mkdir /tmp/iso
mount ubuntu-9.04-desktop-i386.iso -o loop /tmp/iso
mkdir /installer
mount /dev/sda6 /installer
cp -r /tmp/iso/* /installer
cp -r /tmp/iso/.disk /installer
umount /tmp/iso

3) Edit your grub configuration file (/etc/grub.conf or /boot/grub/menu.lst) to boot ubuntu.

title Ubuntu installer
root (hd0,5)
kernel /casper/vmlinuz boot=casper root=/dev/ram ramdisk_size=1048576 rw
initrd /casper/initrd.gz

The first line after the title tells grub which partition contains the installer. hd0 stands for "first hard disk," and the 5 following it standards for sixth partition. You will need to change this if your installer partition is different from /dev/sda6.

4) Reboot, and choose "Ubuntu installer" from the grub boot menu, and continue as if you were installing from CD.

Monitoring MySQL servers using mytop

MySQL is one of the most important programs on a server, unfortunatly it is also pretty resource intensive. One a server it is not uncommon for a single user or even a query to take up the bulk of the servers cpu cycles. Mytop is a very useful program to see what queries a server is currently processing as well as which user is executing them. Think of mytop as top for mysql. If you see a lot from a user that means they are probably the hog. Mytop can also be useful for figuring out exactly which queries are causing the problem in the case of a self-designed website. The following is how to install mytop on the server and run it.

Others: Download the latest version of mytop - here and follow the below instruction to compile and install mytop

tar -zxvf mytop-.tar.gz
cd mytop-
perl Makefile.PL
make
make test
make install

Using mytop:
You can directly use the mytop by typing “mytop” on your console screen initially you will get a message that “Unable to connect to Mysql” you will need to provide the host name, database name, username, password

To connect to the MySql database using Mytop you will need to give all your MySql details as a parameter:

-u - username of the database
-p - password for connecting to the database
-h - Host Name
-d - database name

Example: mytop -u root -p password -h localhost -d test

Instead of always using bulky command-line parameters, you can also use a config file in your home directory (~/.mytop). If present, mytop will read it automatically. It is read before any of your command-line arguments are processed, so your command-line arguments will override directives in the config file.

Here is a sample config file ~/.mytop which implements the defaults described above.

user=root
pass= xxxx
host=localhost
db=mysar
delay=5
port=3306
socket=
batchmode=0
header=1
color=1
idle=1

Using a config file will help to ensure that your database password isn't visible to users on the command-line. Just make sure that the permissions on ~/.mytop are such that others cannot read it., now go to console and type command: # mytop and you should see something like ...

Iptraf - Ncurses based LAN monitor

IPTraf is a network monitoring utility for IP networks. It intercepts packets on the network and gives out various pieces of information about the current IP traffic over it. Information returned by IPTraf include:

* Total, IP, TCP, UDP, ICMP, and non-IP byte counts
* TCP source and destination addresses and ports
* TCP packet and byte counts
* TCP flag statuses
* UDP source and destination information
* ICMP type information
* OSPF source and destination information
* TCP and UDP service statistics
* Interface packet counts
* Interface IP checksum error counts
* Interface activity indicators
* LAN station statistics

IPTraf can be used to monitor the load on an IP network, the most used types of network services, the proceedings of TCP connections, and others.

Others:
Download the latest version. Once you have it downloaded, move it to /usr/local/src and untar it by running: # tar -zxvf iptraf-3.0.0.tar.gz

To compile and install, just change to the iptraf-3.0.0 top-level directory and type:./Setup
This will automatically compile and install the software and install the binaries into /usr/local/bin so make sure that directory is in your PATH.

The traditional way to do it ..

cd src
make clean
make
make install

Precompiled binaries are available in the iptraf-3.0.0.i386.bin.tar.gz file. This contains no source code and is expected to run on Intel x86 Linux with the GNU C Library 2.1 or later.

Once you have it installed, start it up by typing /usr/local/bin/iptraf as root. An ncurses based main menu will come up on your screen and you will have a list of options that you can select.

Transferring audio/video to iPod

gtkpod is a Graphical User Interface (GUI) for Apple's iPod. It supports the first to fifth iPod generations including the iPod mini, iPod Photo, iPod Shuffle, iPod nano, and iPod Video.

It allows you to import your existing iTunes database, add songs, podcasts, videos and cover art, and to edit ID3 tags.

The latest version has added a raft of new features including: preliminary support gapless playback for MP3 files, multi-threaded on-the fly conversion of WAV, FLAC and OGG files to formats the iPod understands, background-copying of tracks to the iPod, display of album art, and the downloading of album art.

Features include:
* Remove and export tracks from the iPod
* Import and export Visio VDX files
* Read an existing iTunesDB ( import the existing contents of an iPod including playcounts, ratings and on-the-go playlists)
* Write the updated iTunesDB and added songs to the iPod
* Add MP3, WAV, M4A (non-protected AAC), M4B (audio book), podcasts, and various video files (single files, directories or existing playlists) to the iPod
* Normalize the volume of tracks (uses mp3gain or the replay-gain tag)
* Create and modify playlists, including smart playlists
* View, add and modify Cover Art
* Browse the contents of a local harddisk by album/artist/genre by adding all your songs to the 'local' database
* Extract tag information (artist, album, title...) from the filename
* Detect duplicates when adding songs (optional)
* Modify & refresh ID3 tags
* Synchronize directories
* Work offline and synchronize new playlists / songs with the iPod at a later time.
* Export korganizer, kaddressbook, Thunderbird, evocalendar, Evolution etc data to the iPod
* Choose the character set the ID3 tags are encoded in from within gtkpod

[ How to ] Use CentOS repos in RHEL-5 Server

1. Remove "yum-rhn-plugin" package from RHEL, this is used to check
the activation in RHEL.

# rpm -e yum-rhn-plugin

2. Remove the "redhat-release" related packages, this is used to check
the repositories compatibility. usually we can't remove these packages
because they are used by other packages of the system for proper
fuctioning. so we'll use the "--nodeps" parameter to forcely remove
them from the system.
# rpm -e redhat-release-notes-5Server redhat-release-5Server --nodeps

3. Download & install the "centos-release" relates packages, to fill
in the gap that we made by removing the "redhat-release" related
packages.

i386 (32 bit)
http://mirror.centos.org/centos-5/5/os/i386/CentOS/centos-release-5-3.el5.centos.1.i386.rpm
http://mirror.centos.org/centos-5/5/os/i386/CentOS/centos-release-notes-5.3-3.i386.rpm

4. To automatically inform about the updates in GUI, Do the following.

# vi /etc/yum/yum-updatesd.conf

In the file, type as follows under the section "# how to send notifications"

dbus_listener = yes

5. To change the OS name in the CLI login, Do the following.

# nano /etc/issue

Since we have installed the "centos-release" relates packages, the OS
name will come as "CentOS release 5 (Final)", so delete it and type

Red Hat Enterprise Linux Server release 5 (Tikanga)

Or any name you like.

6. Now your system is ready.

7 noy start your internet
open terminal type #yum updates

i have copyed the above steps from a a forums those worked with me i think this will also help novinces to get ypdates for RHEL-5

Credits : Pushkar

How to allow access to the mail server by individual domains - Sendmail

The access database (normally in /etc/mail/access) allows a mail administrator to administratively allow access to the mail server by individual domains. Each database entry consists of a domain name or network number as the key and an action as the value.

Keys can be a fully or partly qualified host or domain name such as host.subdomain.domain.com, subdomain.domain.com, or domain.com. The last two forms match any host or subdomain under the specified domain.

Keys can also be a network address or subnetwork, e.g., 205.199.2.250, 205.199.2, or 205.199. The latter two forms match any host in the indicated subnetwork. Lastly, keys can be user@host.domain to reject mail from a specific user.

Values can be REJECT to refuse connections from this host, DISCARD to accept the message but silently discard it (the sender will think it has been accepted), OK to allow access (overriding other built-in checks), RELAY to allow access including relaying SMTP through your machine, or an arbitrary message to reject the mail with the customized message.

For example, a database might contain:
abc.com REJECT

sendmail.org RELAY

spam@buyme.com 550 Spammer

to reject all mail from any host in the abc.com domain, allow any relaying to or from any host in the sendmail.org domain, and reject mail from spam@buyme.com with a specific message.

Note that the access database is a map and just as with all maps, the database must be generated using makemap. For example: makemap hash /etc/mail/access < /etc/mail/access

Gnome 3.0 Reviews – Coming on Ubuntu 10.04, Fedora 13

Gnome 3, which will be available to install in Ubuntu 10.04, Fedora 13 will mark the first radical change to the Gnome Desktop since it’s inception, thanks to it’s “new” interface ‘Gnome-Shell’.

Doing Things Better

On first glance, the Gnome 3 Desktop doesn’t seem all that different from the current default Gnome set-up.

Gnome 3 Desktop

You’ll notice there is no bottom taskbar and the top panel has been rearranged somewhat. It also has, in place of the Ubuntu System Menu, an ‘Activities’ button…

Activities – Making Things Easier To Manage

Pressing ‘Activities’ takes you into an ‘Overview’ mode. It’s from here that you can open new applications, add or remove workspaces, move windows between workspaces and navigate through your recent files.

You can easily find an application or document by typing it’s name in the search box. This will instantly show the list of matches beneath it.

You can also launch applications by clicking ‘browse’ and navigating the category lists – very similar to the current system menu applet.

Adding workspaces is simple. You just click on the circular add button in the bottom right-hand corner and a new workspace appears.
Similarly you can remove workspaces by clicking the circular minus button that is over-layed in the centre of a workspace in the overview mode.

Moving applications to a different workspace is as logical as just dragging them between panes!

It is the “basics” of this workflow which, in my opinion from the time I’ve spent using Gnome-Shell, truly enhance the usability factor in this new “desktop” metaphor.
Sadly, Compiz and Gnome-Shell don’t play nice, however this doesn’t mean the end of eye-candy effects as gnome-Shell has slick animations all of it’s own thanks to Clutter!
I’m really excited at the new possibilities that gnome-shell and gnome-3 will take the desktop in.

How to set Access/Restrictions on users logins

Time Based Restrictions
These examples will limit the login times of certain users. See /etc/security/time.conf for more information/examples. In order to place time restrictions on user logins, the following must be placed in /etc/pam.d/login:

account required /lib/security/pam_time.so

The remaining lines should be placed in /etc/security/time.conf.

1. Only allow user nikesh to login during on weekdays between 7 am and 5 pm.

login;*;nikesh;Wd0700-1700

2. Allow users A & B to login on all days between 8 am and 5 pm except for Sunday.

login;*;A|B;AlSu0800-1700

If a day is specified more than once, it is unset. So in the above example, Sunday is specified twice (Al = All days, Su = Sunday). This causes it to be unset, so this rule applies to all days except Sunday.

Access Based Restrictions
/etc/security/access.conf can be used to restrict access by terminal or host. The following must be placed in /etc/pam.d/login in order for these examples to work:

account required /lib/security/pam_access.so

1. Deny nikesh login access on all terminals except for tty1:

-:nikesh:ALL EXCEPT tty1

2. Users in the group operator are only allowed to login from a local terminal:

-:operator:ALL EXCEPT LOCAL

3. Allow user A to only login from a trusted server:

-:A:ALL EXCEPT trusted.somedomain.com

Free Disk Space by Reducing Reserved Blocks Percentage

In a default install Linux
reserves 5% of the disk space for privileged processes. It is a precautionary measure on part of Linux to keep up even after the file-system is filled up.

With this approach it allows root to conduct administrative activities on the partition and perhaps move some data off. However, this is most critical when the partition contains / or home directories. For pure data partitions, this is just lost space. Five percent of a 250Gb partition is 12.5 Gb. Especially in the case of large partitions, it is safe to set the reserved space to the minimum, which is one percent or even to 0 percent.

There are two ways through which you can adjust this reserve percentage

1) At the time of creation of file-system:

# mkfs.ext3 -m 1/dev/sda1 (replace sda1 with your partition name)

The above command creates a file system with only 1% of its space reserved for the root user.

2) After creation of file-system:

You can use tune2fs utility to reduce reserved blocks in ext2, ext3 as well as ext4 file-systems. To reduce reserved blocks to 1% use the following command:

# tune2fs -m 1 /dev/sda1 (replace sda1 with your partition name)

In a 1 TB hard drive you can save upto 37GB of space after applying this tweak.

How to set Cron/At Access Control

Cron stores it's enteries in the crontab (cron table) file. This is generally located in your /etc directory. As well, each user on your system can have their own crontab which would be stored in /var/spool/cron/. To edit a users crontab entry, simply log into your system for that particular user and type crontab -e. The default editor for the 'crontab -e' command is vi. Below is the simple example of crontab entry

0 12 * * * root php /srv/www/mysar/dump.php >> /dev/null 2>&1

Field	Meaning
1	Minute (0-59)
2	Hour (2-24)
3	Day of month (1-31)
4	Month (1-12, Jan, Feb, etc)
5	Day of week (0-6) 0 = Sunday, 1 = Monday etc or Sun, Mon, etc)
6	Run the command as following user
7	Command to execute

Now to control the access to crontab for particular user you need to edit the required configuration file depending upon your requirement, which are mentioned below.

1. /etc/cron.allow
If it exists, a user must be listed in this file in order to use crontab.

2. /etc/cron.deny
If it exists, a user must not be listed in this file in order to user crontab.

Similary for "at" access control, you can edit the following files depending upon your requirement

1. /etc/at.allow
Same as cron.allow, only for "at".

2. /etc/at.deny
Same as cron.deny, only for "at".

Fighting Spam mails

Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers rather than by the sender.

Spammers get your e-mail addresses from webpages, news groups or domain records (if you have your own domain). There are individuals who use robots to extract the addresses, burn them on CDs and sell them very cheap to other Spammers. If you write your e-mail address in clear text onto your homepage today such that programs can extract it, then you will have a major problem in a few months time and you can't stop it. The problem will be growing every day!

Now lets discuss some common filter techniques and how they work. I will not describe how to configure them exactly in each MTA. Instead I suggest you to read the documentation that comes with the MTA that you have installed. Postfix and Exim are well documented

Realtime Block lists:
These are DNS based lists. You check the IP address of the mailserver that wants to send mail to your server against a blacklist of known spammers. Common lists are www.spamhaus.org. You should however not be too enthusiastic about it and carefully choose the lists since there are also some which block entire IP ranges simply because one spammer had used a dialup connection from this ISP at one point in time.

8 bit characters in subject line:
About 30% of the spam origins in China, Taiwan or other Asian countries these days. If you are sure that you can't read Chinese then you can reject mail which has a lot of 8 bit characters (not ASCII) in the subject. Some MTAs have a separate configuration option for this but you can also use regular expression matching on the header:

/^Subject:.*[^ -~][^ -~][^ -~][^ -~]/

This will reject email which has more than 4 consecutive characters in the subject line which are not in the ASCII range space to tilde. Both exim and postfix can be compiled with perl regular expression support. This method is quite good and keeps out 20-30% of the spam-mail.

Lists with "From" addresses of known spammers:
Forget it. This used to work back in 1997. Spammers today use faked addresses or addresses of innocent people.

Reject non FQDN (Fully Qualified Domain Name) sender and unknown sender domain:
Some spammers use non existent addresses in the "From". It is not possible to check the complete address but you can check the hostname/domain part of it by querying a DNS server.
This keeps out about 10-15% of the spam and you don't want these mails anyhow because you would not be able to reply to them even if they were not spam.

IP address has no PTR record in the DNS:
This checks that the IP address from where you get the mail can be reverse resolved into a domain name. This is a very powerful option and keeps out a lot of mail. I would not recommend it! This does not test if the system administrator of the mail server is good but if he has a good backbone provider. ISPs buy IP addresses from their backbone providers and they buy from bigger backbone providers. All involved backbone providers and ISPs have to configure their DNS correctly to make the whole chain work. If somebody in between makes a mistake or does not want to configure it then it does not work. It says nothing about the individual mail server at the end of the chain.

Require HELO command:
When 2 MTAs (mail servers) talk to each other (via smtp) then they first say who they are. Some spam software does not do that. This keeps out 1-5% of the spam.

Require HELO command and reject unknown servers:
You take the name that you get in the HELO command and then you go to DNS and check if this is a correctly registered server. This is very good because a spammer who uses just a temporary dialup connection will usually not configure a valid DNS record for it.
This blocks about 70-80% of all spam but rejects also legitimate mail which comes from sites with multiple mail servers where a sloppy system administrator forgot to put the hostnames of all servers into DNS.

Some MTAs have even more options but the above are quite commonly available in a good MTA. The advantage of all those checks is that they are not CPU intensive. You will usually not need to update your mailserver hardware if you use those checks.