When you turn on your computer, the bios will start the bootstrap procedure from the primary boot-device.
(If you’re planning to run a LiveCD, you might make that your CD/DVD-rom drive)
A bootstrap is in fact nothing else than having a small program, so that this can load a bigger one.
That’s the thing GRUB does, in short!
What you should remember, is that it’s important, and you would not like to break it.
If you do, you’ll render your hardisk unbootable.

So the first thing you want to do, is back up your MBR!
Why not just GRUB?
The MBR is a 512-byte segment, the first sector, on your harddisk.
GRUB takes 446 bytes, the partition table takes 66 bytes
and the 2 remaining bytes are for a signature.
You might want to keep these 3 intact.

So before you want to start doing something with it, you might want to make a backup of those first 512 bytes.

foo@bar:~# dd if=/dev/hda of=/root/hda.mbr bs=512 count=1

explanation:
The dd command has a primary purpose to low-level copying and conversion of raw data.
The if= option can be read as input from and the source.
You might want to change /dev/hda to /dev/hdb or something relevant to your situation.
The of= option can be read as output file and is the file where you want to write the output to.
bs= sets both input and output block sizes to size bytes.
count= copies only n input blocks to the output.

Check it out

Just like any other program in linux, you can look at it’s configuration by opening a text file.
Open the /etc/grub/grub.conf file with your favorite text editor.
If you don’t have one, use nano.

foo@bar:~# sudo nano /etc/grub/grub.conf

This is what mine looks like at this moment:

default		0
timeout		3

## password ['--md5'] passwd

# Put static boot stanzas before and/or after AUTOMAGIC KERNEL LIST

### BEGIN AUTOMAGIC KERNELS LIST
## lines between the AUTOMAGIC KERNELS LIST markers will be modified
## by the debian update-grub script except for the default options below

## DO NOT UNCOMMENT THEM, Just edit them to your needs

## ## Start Default Options ##
## default kernel options
## default kernel options for automagic boot options
## If you want special options for specific kernels use kopt_x_y_z
## where x.y.z is kernel version. Minor versions can be omitted.
## e.g. kopt=root=/dev/hda1 ro
##      kopt_2_6_8=root=/dev/hdc1 ro
##      kopt_2_6_8_2_686=root=/dev/hdc2 ro
# kopt=root=/dev/mapper/Grubfellow-root ro

## default grub root device
## e.g. groot=(hd0,0)
# groot=e52270f2-fe58-41c3-b20a-01bd057de3ea

## should update-grub create alternative automagic boot options
## e.g. alternative=true
##      alternative=false
# alternative=true

## should update-grub lock alternative automagic boot options
## e.g. lockalternative=true
##      lockalternative=false
# lockalternative=false

## additional options to use with the default boot option, but not with the
## alternatives
## e.g. defoptions=vga=791 resume=/dev/hda5
# defoptions=quiet splash

## should update-grub lock old automagic boot options
## e.g. lockold=false
##      lockold=true
# lockold=false

## Xen hypervisor options to use with the default Xen boot option
# xenhopt=

## Xen Linux kernel options to use with the default Xen boot option
# xenkopt=console=tty0

## altoption boot targets option
## multiple altoptions lines are allowed
## e.g. altoptions=(extra menu suffix) extra boot options
##      altoptions=(recovery) single
# altoptions=(recovery mode) single

## controls how many kernels should be put into the menu.lst
## only counts the first occurence of a kernel, not the
## alternative kernel options
## e.g. howmany=all
##      howmany=7
# howmany=all

## specify if running in Xen domU or have grub detect automatically
## update-grub will ignore non-xen kernels when running in domU and vice versa
## e.g. indomU=detect
##      indomU=true
##      indomU=false
# indomU=detect

## should update-grub create memtest86 boot option
## e.g. memtest86=true
##      memtest86=false
# memtest86=true

## should update-grub adjust the value of the default booted system
## can be true or false
# updatedefaultentry=false

## should update-grub add savedefault to the default options
## can be true or false
# savedefault=false

## ## End Default Options ##

title		Ubuntu 9.04, kernel 2.6.28-14-generic
uuid		e52270f2-fe58-41c3-b20a-01bd057de3ea
kernel		/vmlinuz-2.6.28-14-generic root=/dev/mapper/Grubfellow-root ro quiet splash
initrd		/initrd.img-2.6.28-14-generic
quiet

title		Ubuntu 9.04, kernel 2.6.28-14-generic (recovery mode)
uuid		e52270f2-fe58-41c3-b20a-01bd057de3ea
kernel		/vmlinuz-2.6.28-14-generic root=/dev/mapper/Grubfellow-root ro  single
initrd		/initrd.img-2.6.28-14-generic

title		Ubuntu 9.04, memtest86+
uuid		e52270f2-fe58-41c3-b20a-01bd057de3ea
kernel		/memtest86+.bin
quiet

### END DEBIAN AUTOMAGIC KERNELS LIST

This will differ from your, as you might run another linux distribution or kernel.

In most modern distro’s the grub.config file will be updated every time there is a kernel-update.
So remember, if you would ever use an exotic distro or did a kernel-update by hand, you might go check whether the grub.config is changed too.

Most of the modern config files are well documented, if not in the file itself, on the internet.
You can also alter the background color/image and the lay-out of the menu/text.
But i’ll explain that to you in a next post.

• /packet.mdb
• /wwwroot.zip
• /shop.rar
• /shop.zip
• /site.rar
• /web.rar
• /web.zip
• /www.zip
• /www.rar
• /tomdb.mdb
• /shop.mdb
• /shoes.rar
• /wwwroot.rar
• /HSH.mdb
• /site.zip
• /HYTop.mdb

The fact that some people put effort & time in such web-crawling means that they have results on this.
So folks, plz stop putting database-files & backup-files in your publicly-accessible folders! This is the only remedy against such “attacks”.

Whilst I’m on web-security, let me remind you of some other dangerous things when hosting a website:

• Use SFTP instead of FTP!  (FTP sends data & passwords unencrypted over the big bad Internet).
• Do not use password protected directory’s on Microsoft IIS servers.
• Manage Database and web/ftp users on a strict base. (unused logins should be removed).
• Keep an eye on the log-files of the server.
• If you don’t know how to program, first learn it!
• Be careful when installing plug-ins/scripts from someone else. First review the code and user comments on it!
• Remove unused packages/software/scripts from the server, they might form a major security leak.
• Do not put passwords and other personal data on free webhosting spaces.
• Be careful what tools you use. Some, such as Filezilla store usernames, passwords and other valuable credentials in an xml file (clear text) in an unencrypted directory.
• etc …

These are security issues that are verry common, as most people tend  to think that a safe hosting/code is enough to secure a website.