Denyhost is a package which is exellent for blocking brute forc ssh attacks.
It is also easy to install and manage.
Installation
apt-get install denyhosts
Configuration:
Default configuration are pretty good but you can tune the basic.
/etc/denyhosts.conf
It reads the logs and add those IPs which try to break in /etc/hosts.deny
You can add your IP/valid IP or with your domain.
/etc/hosts.allow
sshd: yourdomain.com 192.168.0.1
Start/stop service
/etc/init.d/denyhosts stop
/etc/init.d/denyhosts start
Purging denyhost
denyhosts --purge
The /etc/rc3.d contains the denyhost which start on run time.
Wednesday, December 31, 2008
Wednesday, November 5, 2008
LDAP server on Debian ETCH
INSTALLATION
apt-get install slapd ldap-utils libldap-2.4-2 libdb4.6
During installion it will ask you questions like passwd or domain name (it did not ask my installation)
Administrator password: password
Confirm password: password
CONFIGURATION
Client side : (Remember same system is serving as client and server.)
Edit /et/ldap/ldap.conf
BASE dc=fizaan, dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
URI ldap://10.0.2.15
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
Server Configuration
These Schemas by default are included, if not make sure they are included.
# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
Change the log level from 0 to 256
loglevel 256
Data base, you can change if you want different. I m using default.
database bdb
Your domain name, be default
# The base of your directory in database #1
suffix "dc=fizaan,dc=com"
rootdn you will use to access the ldap server, the passwd I changed using slappasswd
# rootdn directive for specifying a superuser on the database. This is needed
# for syncrepl.
rootdn "cn=admin,dc=fizaan,dc=com"
rootpw {MD5}gdyb21LQTcIANtvYMT7QVQ==
Index options, I added index uid eq, you can add more e.g index gid eq
index objectClass eq
index uid eq
CHANGING OWNERSHIP AND RESTART OF SERVER.
sudo invoke-rc.d slapd stop
sudo slapindex
sudo chown openldap:openldap /var/lib/ldap/*
sudo invoke-rc.d slapd start
TESTING LDAP SERVER
type ldapsearch -x, it will show you all ldap entries.
ldap:/home/imran# ldapsearch -x
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# fizaan.com
dn: dc=fizaan,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: fizaan.com
dc: fizaan
.
.
CREATING BASIC DIRECTORY STRUCTURE
Create a file /var/tmp/ou.ldif with these, it will add two organizational unit under you top level domain, add by following command.
ldap:/home/imran# slapadd -c -v -l /var/tmp/ou.ldif
dn: ou=People,dc=fizaan,dc=com
ou: People
objectClass: organizationalUnit
dn: ou=Group,dc=fizaan,dc=com
ou: Group
objectClass: organizationalUnit
CREATION OF USERS/POPULATING DIRECTORY
Create a file with following information, of users and add it with this command
ldap:/home/imran# ldapadd -c -x -D cn=admin,dc=fizaan,dc=com -W -f /var/tmp/user1.ldi
dn: cn=aanish,ou=group,dc=fizaan,dc=com
cn: aanish
gidNumber: 20002
objectClass: top
objectClass: posixGroup
dn: uid=aanish,ou=people,dc=fizaan,dc=com
uid:aanish
uidNumber: 20002
gidNumber: 20002
cn:Aanish
sn:Imran
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
loginShell: /bin/bash
homeDirectory: /home/aanish
TESTING OF ADDED USERS
ldap:/home/imran# ldapsearch -x uid=aanish
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: uid=aanish
# requesting: ALL
#
# aanish, people, fizaan.com
dn: uid=aanish,ou=people,dc=fizaan,dc=com
uid: aanish
uidNumber: 20002
gidNumber: 20002
cn: Aanish
sn: Imran
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
loginShell: /bin/bash
homeDirectory: /home/aanish
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
ldap:/home/imran#
CLIENT TOOL
1) luma
apt-get install luma
after installation, on command prompt type luma, it will be started.
First add you ldap server by clicking Setting, Edit serve list and ADD, give IP address of your server. After adding the server give the authentication credentials.
(see above Fig1)
2) phpldapadmin is a web based Graphical tool, you can install very easily
apt-get install phpldapadmin
In browser write address of server and login with credential
User :cn=admin,dc=fizaan,dc=com
Passwd:1234
(see above Fig2)
Reference
Ldap Install
Debian ldap
Sunday, October 12, 2008
Window 2003 Termianl Server Installation, Configuration and Maintenance
Server End:
Installation
During Installain of Windows 2003 Server, Terminal srver installs by default, no need to install again.
Configuration
Step 1:Share Remoter Desktop Connection by sharing this folser: C:\Windows\system32\clients\tsclient\win32 to access folser and copy in their system.
Step 2: Give permission to user e.g imran by Right click on win32 folder, click propterties, select Security tab and click add, enter user name: imran (this user should already be created in server machine) under enter Object name
Step 3: Allow remote users to access remotely by Enabling Remote access.
Step 4: Right click on My computer, Click Properties, select Enable Remoter Desktop in this computer.
client Side:
Step 1: If your client is Windows XP: Click start, All programmes, Accesseries and then Open Remote Desktop Connection
Step 2: Write IP of terminal server e.g 192.168.1.102
Step 3: Give user name and password, this usre name and passward should be permit
Step 4: This will open the Terminal to you
Note: Default mode (Administrative) only allow 2 users to access.
Changing Remote Administrative to Applicatoin user
Server Side
Step 1: Open Add/remove programs from Control panel
Step 2: Open Add/remove Windows components, check the terminal serve after opening the window
Step 3: Click next, this will start installain, privide Windows 2003 serve CD.
Step 4: Finish and restart the machine.
Managing the Terminal Server by opeing the Terminal service Manager
and
To manage Terminal Services Protoclo Configuratoin RDP, open Terminal Service Configuration from Administrative tools
Installation
During Installain of Windows 2003 Server, Terminal srver installs by default, no need to install again.
Configuration
Step 1:Share Remoter Desktop Connection by sharing this folser: C:\Windows\system32\clients\tsclient\win32 to access folser and copy in their system.
Step 2: Give permission to user e.g imran by Right click on win32 folder, click propterties, select Security tab and click add, enter user name: imran (this user should already be created in server machine) under enter Object name
Step 3: Allow remote users to access remotely by Enabling Remote access.
Step 4: Right click on My computer, Click Properties, select Enable Remoter Desktop in this computer.
client Side:
Step 1: If your client is Windows XP: Click start, All programmes, Accesseries and then Open Remote Desktop Connection
Step 2: Write IP of terminal server e.g 192.168.1.102
Step 3: Give user name and password, this usre name and passward should be permit
Step 4: This will open the Terminal to you
Note: Default mode (Administrative) only allow 2 users to access.
Changing Remote Administrative to Applicatoin user
Server Side
Step 1: Open Add/remove programs from Control panel
Step 2: Open Add/remove Windows components, check the terminal serve after opening the window
Step 3: Click next, this will start installain, privide Windows 2003 serve CD.
Step 4: Finish and restart the machine.
Managing the Terminal Server by opeing the Terminal service Manager
and
To manage Terminal Services Protoclo Configuratoin RDP, open Terminal Service Configuration from Administrative tools
Window 2003 DFS Server Installation, Configuration and Maintenance
Server Side:
Installation:
In windows 2003 Installatin, DFS is installed by default, no need to install again.
Configuration:
Client Side:
Step 1: Make a filder e.g c:\DFS-client1
Step 2: Share the folder and set the permissin.
Server Side:
Step 1: Make a folder and share it, e.g C:\root
Step 2: Open Distributed File System from Administrative Tools
Step 3: Right click on Distributed file systme, Click New Root, a wizard will start, click Next.
Step 4: If you have Domain, select Domain root, if WORKGROUP then Stand-alone root , I am using stand-alone root, click Next.
Step 5: Write Server name or IP e.g 192.168.1.102, click Next
Step 6: Now give the root name, shared folder made in first step on srver e.g root and Finish the wizard.
Step 7: After finish right click on \\TEST03-SERVER\root and click New Link
Step 8: Name of Link for client1 e.g 192.168.1.104, select the path to shared folder by click on Browse, Entire Network, Microsoft Windows Network, Workgroup, 2003-client select DFS-client1, press ok, Finsih
Step 9: Repeat the same steps for other clients.
Installation:
In windows 2003 Installatin, DFS is installed by default, no need to install again.
Configuration:
Client Side:
Step 1: Make a filder e.g c:\DFS-client1
Step 2: Share the folder and set the permissin.
Server Side:
Step 1: Make a folder and share it, e.g C:\root
Step 2: Open Distributed File System from Administrative Tools
Step 3: Right click on Distributed file systme, Click New Root, a wizard will start, click Next.
Step 4: If you have Domain, select Domain root, if WORKGROUP then Stand-alone root , I am using stand-alone root, click Next.
Step 5: Write Server name or IP e.g 192.168.1.102, click Next
Step 6: Now give the root name, shared folder made in first step on srver e.g root and Finish the wizard.
Step 7: After finish right click on \\TEST03-SERVER\root and click New Link
Step 8: Name of Link for client1 e.g 192.168.1.104, select the path to shared folder by click on Browse, Entire Network, Microsoft Windows Network, Workgroup, 2003-client select DFS-client1, press ok, Finsih
Step 9: Repeat the same steps for other clients.
Saturday, October 11, 2008
Window 2003 FTP Server Installation, Configuration and Maintenance
Server Side
You server must have IIS and static IP
InstallationStep 1:
Step 1: Open add/remove programs from Control panel
Step 2: Click add/remove windows components,
Step 3: Select Application Server, select Internet Information Server (IIS), click details, check FTP along with default checks.
Step 4: This will start installation wizard, provide 2003 cd, during install.
Configuration
Step 1: Open IIS from Administrative Tools
Step 2: Right click on FTP Sites, click New FTP Site..
Step 3: Wizard will start, Next, wirte Description e.g ftp server, Next
Step 4: Select IP e.g 192.168.1.102, port 21 (default), Next
Step 5: FTP user usolation, check Isolate users, Next
Step 6: FTP sites home Directory, browse, select drive e.g C, click Make New Folder, cheate folder e.g FTP, ok
Step 7: Allow file permission Read, Write (if you want to give write rights), finish
Client Side
Step 1: Open browser and write serve IP ftp://192.168.1.102
Step 2: Provide credentials if required
Step 3: Browse and use
You server must have IIS and static IP
InstallationStep 1:
Step 1: Open add/remove programs from Control panel
Step 2: Click add/remove windows components,
Step 3: Select Application Server, select Internet Information Server (IIS), click details, check FTP along with default checks.
Step 4: This will start installation wizard, provide 2003 cd, during install.
Configuration
Step 1: Open IIS from Administrative Tools
Step 2: Right click on FTP Sites, click New FTP Site..
Step 3: Wizard will start, Next, wirte Description e.g ftp server, Next
Step 4: Select IP e.g 192.168.1.102, port 21 (default), Next
Step 5: FTP user usolation, check Isolate users, Next
Step 6: FTP sites home Directory, browse, select drive e.g C, click Make New Folder, cheate folder e.g FTP, ok
Step 7: Allow file permission Read, Write (if you want to give write rights), finish
Client Side
Step 1: Open browser and write serve IP ftp://192.168.1.102
Step 2: Provide credentials if required
Step 3: Browse and use
Thursday, October 9, 2008
Window 2003 Web Server (IIS) Installation, Configuration and Maintenance
Server End
Pre-request
DNS in your networkd.
Domain in your network.
Static IP configured in server where you are going to install IIS.
Make a folder e.g C:/web in you server and store page inded.html
Installation
Step 1: Open control add/remove programs, click add/remove Windows components
Step 2: Select Application services, click details
Step 3: Check Internet Information Services
Step 4: Click ok then Next
Configuratoin
Step 1: Open IIS from administrative tools
Step 2: Right click on Web sites, click New site...
Step 3: Wizard will start, next, description e.g my web site, next
4tep 4: Give IP: 192.168.1.102, prot 80 default, header www.fizaan.com
Step 6: Browser the path to we directory e.g web
Step 7: Set the web site permission, next and finish.
Step 8: Expand the web sites folder left side and right click on websites click propterties
Step 9: Click the Documents tab, move up default page index.html to top
Step 10: Ok
Client Side
Step 1: Set the DNS to Your DNS server 192.168.1.102
Step 2: Open the browser and write www.yhaoo.com
Step 3: This will open the page
Step 10:
Pre-request
DNS in your networkd.
Domain in your network.
Static IP configured in server where you are going to install IIS.
Make a folder e.g C:/web in you server and store page inded.html
Installation
Step 1: Open control add/remove programs, click add/remove Windows components
Step 2: Select Application services, click details
Step 3: Check Internet Information Services
Step 4: Click ok then Next
Configuratoin
Step 1: Open IIS from administrative tools
Step 2: Right click on Web sites, click New site...
Step 3: Wizard will start, next, description e.g my web site, next
4tep 4: Give IP: 192.168.1.102, prot 80 default, header www.fizaan.com
Step 6: Browser the path to we directory e.g web
Step 7: Set the web site permission, next and finish.
Step 8: Expand the web sites folder left side and right click on websites click propterties
Step 9: Click the Documents tab, move up default page index.html to top
Step 10: Ok
Client Side
Step 1: Set the DNS to Your DNS server 192.168.1.102
Step 2: Open the browser and write www.yhaoo.com
Step 3: This will open the page
Step 10:
Window 2003 DHCP Server Installation, Configuration and Maintenance
Installation
You server should have static IP on it.
Step 1: Click add/remove windows components in add/remove progmrams in Control panel
Step 2: Select Networking Services, dlick details,
Step 3: check only Dynamic Host configuration Prptocol (DHCP), OK, Next, This will start installation
Step 4: Finsih
Configuration
Step 1: Open DHCP from Administrative Tools
Step 2: Right Expand Computer name e.g Test03-server, click New Scope
Step 3: Write name of scope e.g fizaan-dhcp and Descrition
Step 4: Enter Start IP: e.g 192.168.1.150 and End IP: e.g 192.168.1.250, Subnet mask Length: 24 and mask: 255.255.255.0, Next
Step 5: Skip Add Exclusions, Next, Lease Duration change default 8 days to 1, press Next
Step 6: Configure options now, press Next, Give Router IP of your Network: 192.168.1.1
Step 7: Give Domain Name: fizaan.com, DNS server IP:192.168.1.102, WINS server IP: 192.168.1.104
Step 8: Activate scope, select Yes I wan to activate this scope now, Press Next
Your DHCP server is ready now
Client side Steps
Open properties of client network card, put on get IP automatic and release old by writing ipconfig /rlease on dos prompt.
Changing/Writing later DNS,WINS and Router IP
Step 1: Open DHCP from Administrative Tools and expand the Scope tree folder
Step 2: Right click on Server options and Click Configure options (same can be done via scope options)
Step 3: From General tab select different options check Router IP, WINS, DNS and give respective IP
Step 4: Click apply and ok
You server should have static IP on it.
Step 1: Click add/remove windows components in add/remove progmrams in Control panel
Step 2: Select Networking Services, dlick details,
Step 3: check only Dynamic Host configuration Prptocol (DHCP), OK, Next, This will start installation
Step 4: Finsih
Configuration
Step 1: Open DHCP from Administrative Tools
Step 2: Right Expand Computer name e.g Test03-server, click New Scope
Step 3: Write name of scope e.g fizaan-dhcp and Descrition
Step 4: Enter Start IP: e.g 192.168.1.150 and End IP: e.g 192.168.1.250, Subnet mask Length: 24 and mask: 255.255.255.0, Next
Step 5: Skip Add Exclusions, Next, Lease Duration change default 8 days to 1, press Next
Step 6: Configure options now, press Next, Give Router IP of your Network: 192.168.1.1
Step 7: Give Domain Name: fizaan.com, DNS server IP:192.168.1.102, WINS server IP: 192.168.1.104
Step 8: Activate scope, select Yes I wan to activate this scope now, Press Next
Your DHCP server is ready now
Client side Steps
Open properties of client network card, put on get IP automatic and release old by writing ipconfig /rlease on dos prompt.
Changing/Writing later DNS,WINS and Router IP
Step 1: Open DHCP from Administrative Tools and expand the Scope tree folder
Step 2: Right click on Server options and Click Configure options (same can be done via scope options)
Step 3: From General tab select different options check Router IP, WINS, DNS and give respective IP
Step 4: Click apply and ok
Window 2003 WINS Server Installation, Configuration and Maintenance
Installation
Step 1: Open add/remove Windows by selecting add/remove programes in Control Panel
Step 2: Select Networking Service, click details
Step 3: Check Windows Internet Name Server
Step 4: Click Ok, Next
Configuration
Step 1: Open WINS from Administrative tools and expand Computer Name e.g TEST03-SERVER (192.168.1.102)
Step 2: Right Click on Active Registration then select Display
Step 3: From new window, Click Record Types (3rd Tab), Click Clear All
Step 4: Select only those tecord which you want to display, Click Find now
Back up WINS Database
Step 1: In WINS, right Click on computer name and select properties
Step 2: In General tab, click browse, select driver, make new folder e.g WINS backup, press OK.
Step 3: Right click again on computer name and click backu, it will take the backup
Restore WINS backup
Step 1: Stop WINS service by right click on Computer name in WINS, all taks then Stop, this will put red cross on WINS (cannot find WINS server)
Step 2: After stop, right click on computer name agian in WINS, click Restore Database
Step 3: Provide path and click ok
WINS Replication
Step 1: Install WINS on 2nd Computer in the same way did in frist.
Step 2: Open WINS from Administrative Tools, select computer name
Step 3: Right click on Replication Partner, select New Replication partner
Step 4: In pop-up windows give the IP or name of 2nd WINS e.g 192.168.1.104
Step 5: Select the Replication partner in right windows, right click on it
Step 6: Start push Replication, check Start for this partner only, press ok, ok
Step 7: Start pull Replication,
Step 8: FOLLOW SAME STEPS ON WINS SERVER 2 AT 192.168.1.104
Step 1: Open add/remove Windows by selecting add/remove programes in Control Panel
Step 2: Select Networking Service, click details
Step 3: Check Windows Internet Name Server
Step 4: Click Ok, Next
Configuration
Step 1: Open WINS from Administrative tools and expand Computer Name e.g TEST03-SERVER (192.168.1.102)
Step 2: Right Click on Active Registration then select Display
Step 3: From new window, Click Record Types (3rd Tab), Click Clear All
Step 4: Select only those tecord which you want to display, Click Find now
Back up WINS Database
Step 1: In WINS, right Click on computer name and select properties
Step 2: In General tab, click browse, select driver, make new folder e.g WINS backup, press OK.
Step 3: Right click again on computer name and click backu, it will take the backup
Restore WINS backup
Step 1: Stop WINS service by right click on Computer name in WINS, all taks then Stop, this will put red cross on WINS (cannot find WINS server)
Step 2: After stop, right click on computer name agian in WINS, click Restore Database
Step 3: Provide path and click ok
WINS Replication
Step 1: Install WINS on 2nd Computer in the same way did in frist.
Step 2: Open WINS from Administrative Tools, select computer name
Step 3: Right click on Replication Partner, select New Replication partner
Step 4: In pop-up windows give the IP or name of 2nd WINS e.g 192.168.1.104
Step 5: Select the Replication partner in right windows, right click on it
Step 6: Start push Replication, check Start for this partner only, press ok, ok
Step 7: Start pull Replication,
Step 8: FOLLOW SAME STEPS ON WINS SERVER 2 AT 192.168.1.104
Wednesday, October 8, 2008
Window 2003 Secondary DNS Server/Taking Backup of Primary to Secondary DNS
Primary DNSWe have already installed Primary DNS on 192.168.1.102, see Windows 2003 DNS Installation and Configuratoin tutorial.
Secondary DNS/ Backup DNS
Installation and Configuration on Secondary DNS
Step 1: Set the static IP e.g 192.168.1.104, insert Windows 2003 CD into CD rom
Step 2: Open Windows components from Add Remove Programe in Controll Pannel
Step 3: Select Networking Services, click Details, check only on Domain Name Systme DNS, Click Next, This will Install DNS.
Step 4: After install open DNS, expand computer Name, right click on Forward Lookup Zone, right click, Click New Zone
Step 5: Wizard will start, Next, Select Secondary Zone type, Next
Step 6: Enter zone name, fizaan.com, Next
Step 7: Write Master DNS IP here it is 192.168.1.102, add, Next, Finish
Further Steps on Primary/Master DNS
Step 8: Open DNS and expand Forward Lookup Zones
Step 9: Select Zone name e.g fizaan.com, right click select properties
Step 10:Select Zone Transfer, check Only to the following servers,
Step 11:write Secondary DNS/backup DNS IP e.g 192.168.1.104, press, Add, apply and Ok
Verification: on Secondary/Backup, open DNS, expand computer name right click on zone e.g fizaan.com, slect Transfer from Master, This will transfer the reconds.
Secondary DNS/ Backup DNS
Installation and Configuration on Secondary DNS
Step 1: Set the static IP e.g 192.168.1.104, insert Windows 2003 CD into CD rom
Step 2: Open Windows components from Add Remove Programe in Controll Pannel
Step 3: Select Networking Services, click Details, check only on Domain Name Systme DNS, Click Next, This will Install DNS.
Step 4: After install open DNS, expand computer Name, right click on Forward Lookup Zone, right click, Click New Zone
Step 5: Wizard will start, Next, Select Secondary Zone type, Next
Step 6: Enter zone name, fizaan.com, Next
Step 7: Write Master DNS IP here it is 192.168.1.102, add, Next, Finish
Further Steps on Primary/Master DNS
Step 8: Open DNS and expand Forward Lookup Zones
Step 9: Select Zone name e.g fizaan.com, right click select properties
Step 10:Select Zone Transfer, check Only to the following servers,
Step 11:write Secondary DNS/backup DNS IP e.g 192.168.1.104, press, Add, apply and Ok
Verification: on Secondary/Backup, open DNS, expand computer name right click on zone e.g fizaan.com, slect Transfer from Master, This will transfer the reconds.
Tuesday, October 7, 2008
Windows 2003 Active Directory Removel
Server Side
Step 1: Click Start,Run, write dcpromo
Step 2: A wizard will start, click Next
Step 3: Check This server is the last domain controoler in the domain on Removel Active Directory page, click Next
Step 4: click yes on do you want to coninue
Step 5: On Application Directory Partitons page, click Next to remove all partitions
Step 6: Check Delete all application directory partitions on this domain controller, Next
Step 7: Give root passwd and click Next, It will start to remove, If you face any error re-do the all above steps
Step 8: click Finish and Restart the computer
Step 9: Remove suffix domain name e.g fizaan and restart again
Disjoin the Domain on client
Step 1: Right click on My Computer, click properties
Step 2: Click Computer Name, then change button and Select Workgroup and write WORKGROUP
Step 3: Restart the computer
Step 1: Click Start,Run, write dcpromo
Step 2: A wizard will start, click Next
Step 3: Check This server is the last domain controoler in the domain on Removel Active Directory page, click Next
Step 4: click yes on do you want to coninue
Step 5: On Application Directory Partitons page, click Next to remove all partitions
Step 6: Check Delete all application directory partitions on this domain controller, Next
Step 7: Give root passwd and click Next, It will start to remove, If you face any error re-do the all above steps
Step 8: click Finish and Restart the computer
Step 9: Remove suffix domain name e.g fizaan and restart again
Disjoin the Domain on client
Step 1: Right click on My Computer, click properties
Step 2: Click Computer Name, then change button and Select Workgroup and write WORKGROUP
Step 3: Restart the computer
Windows 2003 DNS Installation, Configuration
Installation: Server Side
Step 1: Insert Windows 2003 CD into cd rom
Step 2: Open control pannel: first open my computer then click control panel
Step 3: Open add/remove program then open add/remove windows compnent
Step 4: Select Networking services, click detain button, check Domain Name System DNS
Step 5: Press OK, this will install the DNS, press Finish
Configuration Server Side
Creation of Forward Lookup zone
Step 1: Open DNS from Administrative Tools
Step 2: Click-right on Forward Lookup Zones, then New Zone
Step 3: Wizard will start, click Next, Select Primary Zone, Next
Step 4: Write Zone name e.g fizaan.com
Step 5: Zone File name, no need to change fizaan.com.dns, click Next
Step 6: Select Allow Dynamic updates both secure and non secure, Next, finish the Wizard
Step 7: click fizaan.com folder in right side window,
Step 8: Double Click on Namer Server Type
Step 9: Click on add button, write FQDN e.g fizaan.com and IP of a DNS Server, it same machine 192.168.1.102
Step 10: Apply and Ok
Creation of New host Record in zone
Step 1: Right click on Zone name e.g oslo.com, right click on right side windows
Step 2: Click New Host(A)
Step 3: Write Name e.g www, then IP address: 192.168.1.102 (same machine also have web server)
Step 4: Add host, host have been created successfuly, this installed the host record.
Making Reverse Look-up zone
Step 1: open DNS and expand, select Reverse Lookup zone, right click New Zone
Step 2: Wizard will start, select Primary zone, Next
Step 3: Enter Network ID: 192.168.1, Next
Step 4: Leave the Revere lookup zone name as it is,1.168.192.in-addr.arpa.dns, Next
Step 5: Select Allow both nonsecure and secure dynamic updates, Next, finish
After that Create the POINTER RECORD in it
Step 6: Expand Reverse lookup zones, click 192.168.1.x.Subnet
Step 7: Right click on right side window and select New Pointer(PTR)
Step 8: Enter Host IP e.g 102 and host name test03-server.fizaan.com in my case.
Step 9: Press Ok
Client Side
Check/change the DNS to newly installed DNS 192.168.1.102
Step 1: click start, run, write nslookup
Step 2: write the zone name e.g > oslo.com
Step 3: It will give the Name: oslo.com and Address: 192.168.1.102
Step 4: now write the name of Web server e.g > www.oslo.com
Step 5: It will/should give Name: www.oslo.com Address: 192.168.1.102
Step 1: Insert Windows 2003 CD into cd rom
Step 2: Open control pannel: first open my computer then click control panel
Step 3: Open add/remove program then open add/remove windows compnent
Step 4: Select Networking services, click detain button, check Domain Name System DNS
Step 5: Press OK, this will install the DNS, press Finish
Configuration Server Side
Creation of Forward Lookup zone
Step 1: Open DNS from Administrative Tools
Step 2: Click-right on Forward Lookup Zones, then New Zone
Step 3: Wizard will start, click Next, Select Primary Zone, Next
Step 4: Write Zone name e.g fizaan.com
Step 5: Zone File name, no need to change fizaan.com.dns, click Next
Step 6: Select Allow Dynamic updates both secure and non secure, Next, finish the Wizard
Step 7: click fizaan.com folder in right side window,
Step 8: Double Click on Namer Server Type
Step 9: Click on add button, write FQDN e.g fizaan.com and IP of a DNS Server, it same machine 192.168.1.102
Step 10: Apply and Ok
Creation of New host Record in zone
Step 1: Right click on Zone name e.g oslo.com, right click on right side windows
Step 2: Click New Host(A)
Step 3: Write Name e.g www, then IP address: 192.168.1.102 (same machine also have web server)
Step 4: Add host, host have been created successfuly, this installed the host record.
Making Reverse Look-up zone
Step 1: open DNS and expand, select Reverse Lookup zone, right click New Zone
Step 2: Wizard will start, select Primary zone, Next
Step 3: Enter Network ID: 192.168.1, Next
Step 4: Leave the Revere lookup zone name as it is,1.168.192.in-addr.arpa.dns, Next
Step 5: Select Allow both nonsecure and secure dynamic updates, Next, finish
After that Create the POINTER RECORD in it
Step 6: Expand Reverse lookup zones, click 192.168.1.x.Subnet
Step 7: Right click on right side window and select New Pointer(PTR)
Step 8: Enter Host IP e.g 102 and host name test03-server.fizaan.com in my case.
Step 9: Press Ok
Client Side
Check/change the DNS to newly installed DNS 192.168.1.102
Step 1: click start, run, write nslookup
Step 2: write the zone name e.g > oslo.com
Step 3: It will give the Name: oslo.com and Address: 192.168.1.102
Step 4: now write the name of Web server e.g > www.oslo.com
Step 5: It will/should give Name: www.oslo.com Address: 192.168.1.102
Saturday, October 4, 2008
Windows 2003 Users and Group Managment in Active Directory
Creation of Users and Groups
Step 1: Open Active Directory users and Computer, for that click start,
Administrative Tools
Step 2: Expand domain name, fizaan, right click on user, click new user
Step 3: Fill credentials of user in open windows
Step 4: Provide good password, 2003 has some policy of choosing password
Step 5: Click finish
Step 6: Login from client using this user/pasword, remember choose the domain FIZAAN, in login window
Creation of Group
Step 1: Open Active Directory users and Computer, for that click start,
Administrative Tools
Step 2: Expand domain name, fizaan, right click on user, click new group
Step 3: Provide the group name, scope and Type. press OK
Adding members in Group
Step 1: Right click on group name and properties
Step 2: Click member tab, add button, write user name aanish, you can fine users by clicking Advance
Step 3: Click Ok
Setting user login time and selected Computer
Step 1: Right click on user name then click properties
Step 1: Click Account tab, Logon hours, select the time
Step 1: for setting selected computer, on account tab, click Logon To and select the computer by writting it's name.
Step 1: Open Active Directory users and Computer, for that click start,
Administrative Tools
Step 2: Expand domain name, fizaan, right click on user, click new user
Step 3: Fill credentials of user in open windows
Step 4: Provide good password, 2003 has some policy of choosing password
Step 5: Click finish
Step 6: Login from client using this user/pasword, remember choose the domain FIZAAN, in login window
Creation of Group
Step 1: Open Active Directory users and Computer, for that click start,
Administrative Tools
Step 2: Expand domain name, fizaan, right click on user, click new group
Step 3: Provide the group name, scope and Type. press OK
Adding members in Group
Step 1: Right click on group name and properties
Step 2: Click member tab, add button, write user name aanish, you can fine users by clicking Advance
Step 3: Click Ok
Setting user login time and selected Computer
Step 1: Right click on user name then click properties
Step 1: Click Account tab, Logon hours, select the time
Step 1: for setting selected computer, on account tab, click Logon To and select the computer by writting it's name.
Friday, October 3, 2008
Windows 2003 Active Directory Installation and Configuration
Windows 2003 Server: Installation
You computer is connected to switch and get ip from DHCP server or static
Step 1: Click start,Run,enter dcpromo
Step 2: Click next and next again
Step 3: Select the Domain controller for your domain, click next
Step 4: Select Domain in New forest and Next
Step 5: Write FQDN e.g fizaan.com, click Next
Step 6: Netbion name FIZAN, click next
Step 7: Click next on Database and log folder, leave the default
Step 8: Shared system Volume Folder, leave it default and click Next
Step 9: Select Install and configure the DNS on the computer and cleck Next
Step 10:Permission Compatible with Pre Windows.... and click Next
Step 11:Restore mode Password, leave it blank click Next
Step 12:Summary page, view and click Next
Step 13:It will ask the Windows 2003 Server CD
Step 14:End of Active Directory Installation wizard, press Finish
Step 15:Restart the computer
Windows 2003 client: Configuration
This computer is in same network in server and have IP.
Step 1: Right click on My computer icon and click properties
Step 2: click Computer Name and change button
Step 3: Select the Domain, write fizaan, click OK
Step 4: Prompt for user name and password, provide(I did not mention in above server installation)
Step 5: There will be message prompt " Welcome to the Fizaan domain", press ok
Step 6: Restart the computer
You computer is connected to switch and get ip from DHCP server or static
Step 1: Click start,Run,enter dcpromo
Step 2: Click next and next again
Step 3: Select the Domain controller for your domain, click next
Step 4: Select Domain in New forest and Next
Step 5: Write FQDN e.g fizaan.com, click Next
Step 6: Netbion name FIZAN, click next
Step 7: Click next on Database and log folder, leave the default
Step 8: Shared system Volume Folder, leave it default and click Next
Step 9: Select Install and configure the DNS on the computer and cleck Next
Step 10:Permission Compatible with Pre Windows.... and click Next
Step 11:Restore mode Password, leave it blank click Next
Step 12:Summary page, view and click Next
Step 13:It will ask the Windows 2003 Server CD
Step 14:End of Active Directory Installation wizard, press Finish
Step 15:Restart the computer
Windows 2003 client: Configuration
This computer is in same network in server and have IP.
Step 1: Right click on My computer icon and click properties
Step 2: click Computer Name and change button
Step 3: Select the Domain, write fizaan, click OK
Step 4: Prompt for user name and password, provide(I did not mention in above server installation)
Step 5: There will be message prompt " Welcome to the Fizaan domain", press ok
Step 6: Restart the computer
Tuesday, September 16, 2008
How to setup TFTP server on Debian
Step 1: Installation of tftpd package (server) and client
aptitude install tftpd
aptitude install tftp
Step 2: Creating Directory and setting permission
mkdir /tftpboot
chmod 777 /tftpboot
chown imran.imran /tftpboot
Step 3: Checking and editing(if required) the /etc/inetd.conf
Correct the location of director from /srv/tftp to /tftpboot
tftp dgram udp wait nobody /usr/sbin/tcpd /usr/sbin/in.tftpd /tftpboot
Don't forget to restart.
It is is tricky to restart the tftpd, you have to restart inetd, but in Debian it is openbsd-inetd
cd /etc/init.d
./openbsd-inetd restart
Step 4: Testing
Type following
tftp 127.0.0.1
tftp>
Step 5: Security
you can edit /etc/hosts.allow and /etc/hosts.deny for restriction.
That's it.
Further doc
http://www.debianhelp.co.uk/tftp.htm
http://www.onlamp.com/pub/a/bsd/2003/06/05/FreeBSD_Basics.html
aptitude install tftpd
aptitude install tftp
Step 2: Creating Directory and setting permission
mkdir /tftpboot
chmod 777 /tftpboot
chown imran.imran /tftpboot
Step 3: Checking and editing(if required) the /etc/inetd.conf
Correct the location of director from /srv/tftp to /tftpboot
tftp dgram udp wait nobody /usr/sbin/tcpd /usr/sbin/in.tftpd /tftpboot
Don't forget to restart.
It is is tricky to restart the tftpd, you have to restart inetd, but in Debian it is openbsd-inetd
cd /etc/init.d
./openbsd-inetd restart
Step 4: Testing
Type following
tftp 127.0.0.1
tftp>
Step 5: Security
you can edit /etc/hosts.allow and /etc/hosts.deny for restriction.
That's it.
Further doc
http://www.debianhelp.co.uk/tftp.htm
http://www.onlamp.com/pub/a/bsd/2003/06/05/FreeBSD_Basics.html
Monday, September 8, 2008
How to Setup Central Syslog server in Debian Etch
As it is installed in debian in OS installation.
Step 1: Stop Sysllog server.
/etc/init.d/sysklogd stop
Step 2: Start remote acception
edit /etc/default/syslogd
change SYSLOGD="" to "-r"
Step 3: Create a file to log remote log messages (optional)
edit /etc/sylogd.conf
*.*;auth,authpriv.none to
*.*;auth,authpriv,local0.none
append at the end the path to file
local0.* -/var/log/sxlog
Step 4: Restart the syslog server
/etc/init.d/sysklogd start
a meesage with "remote reception" by doing tail -f /var/log/messages confirms.
Setp 5: Test by viewing the file
cat /var/log/sxlog
Further info
http://news.softpedia.com/news/Setting-Up-a-Central-Syslog-Server-44063.shtml
Step 1: Stop Sysllog server.
/etc/init.d/sysklogd stop
Step 2: Start remote acception
edit /etc/default/syslogd
change SYSLOGD="" to "-r"
Step 3: Create a file to log remote log messages (optional)
edit /etc/sylogd.conf
*.*;auth,authpriv.none to
*.*;auth,authpriv,local0.none
append at the end the path to file
local0.* -/var/log/sxlog
Step 4: Restart the syslog server
/etc/init.d/sysklogd start
a meesage with "remote reception" by doing tail -f /var/log/messages confirms.
Setp 5: Test by viewing the file
cat /var/log/sxlog
Further info
http://news.softpedia.com/news/Setting-Up-a-Central-Syslog-Server-44063.shtml
Tuesday, August 26, 2008
Installation and Configuration of Joomla CMS! on Debian ETCH
Step 1: Install the LAMP server and also phpmyadmin
See my blogpost "Installation of LAMP on Debian"
#aptitude install phpmyadmin
Step 2: Download Lattest version of Joomla e.g
dwonload from following location
http://linux.softpedia.com/progDownload/Joomla-Download-5739.html
Step 3: make directory under /var/www/joomla and decompress joomla
mkdir /var/www/joomla
cd /var/www/joomla
tar -xvf var/www/Joomla_1.5.6-Stable-Full_Package.tar.gz
Step 4: Create Database in MySQL
#mysqladmin -u root -p create Joomla
mysql -u root -p
mysql>GRANT ALL PRIVILEGES ON Joomla.* TO Joomla@localhost IDENTIFIED BY 'Joomla';
mysql>flush privileges;
mysql>quit
Step 5: Change ownership and priviliges of /var/www/joomla
chown www-data.www-data /var/www/joomla
chmod 777 /var/www/joomla
Notw: Rechange this mode to normal after installation.
Step 6: Begin installattion
http://192.168.100.10/joomla
This will start the wizard, answer the questions, in check list try to eliminate missing components (in red color) and also remember following;
Database Name:Joomla
Database User:Joomla
Password:Joomla
Admin passowrd: you will enter at the end.
At the end this will ask to remove the installation directory.
Further information
http://www.craigschurr.com/index2.php?option=com_content&do_pdf=1&id=16
http://www.linux-vashi.blogspot.com/2008/02/how-to-install-joomla-on-debian-etch_12.html
See my blogpost "Installation of LAMP on Debian"
#aptitude install phpmyadmin
Step 2: Download Lattest version of Joomla e.g
dwonload from following location
http://linux.softpedia.com/progDownload/Joomla-Download-5739.html
Step 3: make directory under /var/www/joomla and decompress joomla
mkdir /var/www/joomla
cd /var/www/joomla
tar -xvf var/www/Joomla_1.5.6-Stable-Full_Package.tar.gz
Step 4: Create Database in MySQL
#mysqladmin -u root -p create Joomla
mysql -u root -p
mysql>GRANT ALL PRIVILEGES ON Joomla.* TO Joomla@localhost IDENTIFIED BY 'Joomla';
mysql>flush privileges;
mysql>quit
Step 5: Change ownership and priviliges of /var/www/joomla
chown www-data.www-data /var/www/joomla
chmod 777 /var/www/joomla
Notw: Rechange this mode to normal after installation.
Step 6: Begin installattion
http://192.168.100.10/joomla
This will start the wizard, answer the questions, in check list try to eliminate missing components (in red color) and also remember following;
Database Name:Joomla
Database User:Joomla
Password:Joomla
Admin passowrd: you will enter at the end.
At the end this will ask to remove the installation directory.
Further information
http://www.craigschurr.com/index2.php?option=com_content&do_pdf=1&id=16
http://www.linux-vashi.blogspot.com/2008/02/how-to-install-joomla-on-debian-etch_12.html
Import and Export mysql database in Debian using phpmyadmin
Step 1: Install phpmyadmin
aptitude install phpmyadmin
Step 2: Login to phpmyadmin
https://192.168.100.1/phpmyadmin/
Default user: root
Enter root password.
Step 3: Export Database
After log in, click Export
In EXPORT menue select your database
e.g joomla
Select format under Select All/Unselect All
e.g SQL (by default)
Click Save as file e.g jooml
Press Go (botton right)
Save it to your local hard disk
Step 4: Import Database
Press Import after log in to phpmyadmin in other machine.
select the file under Location of the text file,
Leave every thing by default and
Press Go
This will import the mysql database.
aptitude install phpmyadmin
Step 2: Login to phpmyadmin
https://192.168.100.1/phpmyadmin/
Default user: root
Enter root password.
Step 3: Export Database
After log in, click Export
In EXPORT menue select your database
e.g joomla
Select format under Select All/Unselect All
e.g SQL (by default)
Click Save as file e.g jooml
Press Go (botton right)
Save it to your local hard disk
Step 4: Import Database
Press Import after log in to phpmyadmin in other machine.
select the file under Location of the text file,
Leave every thing by default and
Press Go
This will import the mysql database.
Monday, August 25, 2008
Recover MYSQL root password in Debian
Step # 1 : Stop mysql service
# /etc/init.d/mysql stop
Step # 2: Start to MySQL server without password
# mysqld_safe --skip-grant-tables &
Step # 3: Connect to mysql server using mysql client:
# mysql -u root
mysql>
Step # 4: Setup new MySQL root user password
mysql> use mysql;
mysql> update user set password=PASSWORD("imran") where User='root';
mysql> flush privileges;
mysql> quit
Step # 5: Stop MySQL Server:
# /etc/init.d/mysql stop
Step # 6: Start MySQL server
# /etc/init.d/mysql start
Step # 7: Test it
# mysql -u root -p
# /etc/init.d/mysql stop
Step # 2: Start to MySQL server without password
# mysqld_safe --skip-grant-tables &
Step # 3: Connect to mysql server using mysql client:
# mysql -u root
mysql>
Step # 4: Setup new MySQL root user password
mysql> use mysql;
mysql> update user set password=PASSWORD("imran") where User='root';
mysql> flush privileges;
mysql> quit
Step # 5: Stop MySQL Server:
# /etc/init.d/mysql stop
Step # 6: Start MySQL server
# /etc/init.d/mysql start
Step # 7: Test it
# mysql -u root -p
Installation of LAMP on Debian
Step 1) Installation of Apache and PHP4
aptitude install apache2 php4 libapache2-mod-php4
Step 2) Installation of MySQL Server
aptitude install mysql-server mysql-client php4-mysql
change of MYSQL root Pasword
mysql -u root
mysql> USE mysql;
mysql> UPDATE user SET Password=PASSWORD('new-password') WHERE user='root';
mysql> FLUSH PRIVILEGES;
step 3) Installation of PhpMyAdmin
aptitude install phpmyadmin
Edit /etc/apache2/apach2.conf:
append at the end
Include /etc/phpmyadmin/apache.conf
Testing
http://domainname.com/phpmyadmin/
Login using mysql root and create users.
Further docs
http://www.howtoforge.com/ubuntu_debian_lamp_server
aptitude install apache2 php4 libapache2-mod-php4
Step 2) Installation of MySQL Server
aptitude install mysql-server mysql-client php4-mysql
change of MYSQL root Pasword
mysql -u root
mysql> USE mysql;
mysql> UPDATE user SET Password=PASSWORD('new-password') WHERE user='root';
mysql> FLUSH PRIVILEGES;
step 3) Installation of PhpMyAdmin
aptitude install phpmyadmin
Edit /etc/apache2/apach2.conf:
append at the end
Include /etc/phpmyadmin/apache.conf
Testing
http://domainname.com/phpmyadmin/
Login using mysql root and create users.
Further docs
http://www.howtoforge.com/ubuntu_debian_lamp_server
Installing and configuring DHCP on Debian
Step 1: Install DHCP package
aptitude install dhcp3-server
Step 2: Configure DHCP package
option domain-name "domain.com";
option domain-name-servers 10.0.0.2, 193.10.10.10;
option routers 10.0.0.1;
default-lease-time 3600;
subnet 10.0.0.0 netmask 255.0.0.0 {
arrange 10.0.0.100 10.0.0.254;
#OPTIONS
#if you want to assign IP based on MAC address
host imran {
hardware ethernet 00:50:BA:82:DE:63;
fixed-address 10.10.10.10;
}
}
Step 3: Restart
/etc/init.d/dhcp3-server restart
Further Docs
http://www.debianhelp.co.uk/dhcp.htm
aptitude install dhcp3-server
Step 2: Configure DHCP package
option domain-name "domain.com";
option domain-name-servers 10.0.0.2, 193.10.10.10;
option routers 10.0.0.1;
default-lease-time 3600;
subnet 10.0.0.0 netmask 255.0.0.0 {
arrange 10.0.0.100 10.0.0.254;
#OPTIONS
#if you want to assign IP based on MAC address
host imran {
hardware ethernet 00:50:BA:82:DE:63;
fixed-address 10.10.10.10;
}
}
Step 3: Restart
/etc/init.d/dhcp3-server restart
Further Docs
http://www.debianhelp.co.uk/dhcp.htm
Useful Linux commands
Adding user name and password in authentication file in Apache2
root@jupiter:/etc/apache2# htpasswd /etc/apache2/intranet.passwd halvard
This will append the MD5 password with user in file.
Installation of Java on Ubuntu
root@imran-desktop:~# sudo apt-get install sun-java6-jre sun-java6-plugin sun-java6-fonts
root@imran-desktop:~# java -version
java version "1.6.0_16"
Java(TM) SE Runtime Environment (build 1.6.0_16-b01)
Java HotSpot(TM) Client VM (build 14.2-b01, mixed mode, sharing)
Check directory size
du -hs /home/imran/
How to check all installed packaged and version of a specific installed package
dpkg -s apache2
dpkg --list |more
How to Zip and unzipp
#aptitude install zip unzip
zip imran.zip file1 file2 file3
Then you can extract the original files like this:
unzip imran.zip
root@jupiter:/etc/apache2# htpasswd /etc/apache2/intranet.passwd halvard
This will append the MD5 password with user in file.
Installation of Java on Ubuntu
root@imran-desktop:~# sudo apt-get install sun-java6-jre sun-java6-plugin sun-java6-fonts
root@imran-desktop:~# java -version
java version "1.6.0_16"
Java(TM) SE Runtime Environment (build 1.6.0_16-b01)
Java HotSpot(TM) Client VM (build 14.2-b01, mixed mode, sharing)
Check directory size
du -hs /home/imran/
How to check all installed packaged and version of a specific installed package
dpkg -s apache2
dpkg --list |more
How to Zip and unzipp
#aptitude install zip unzip
zip imran.zip file1 file2 file3
Then you can extract the original files like this:
unzip imran.zip
Thursday, August 21, 2008
How to copy files/directory in Debian using rsync and scp over network
1) Network copying using rsync
Step 1: Install rsync on both machines
aptitude install rsync
Step 2: Edit of /etc/default/rsync on both machines
RSYNC_ENABLE=false
to
RSYNC_ENABLE=true
Step 3: Restart rsync on both machines
/etc/init.d/rsync restart
Step 4: Start copy from machine1 to machine2
rsync -e ssh -avz /home/imran 192.168.100.10:/media/usbdisk/imran
options
a: archive mode perserver file permission
v: verbose
z: compress (this will reduce time)
This will prompt for password, enter password, you will see
building file list..
Backup using Rsync
Make script and place it under /etc/cron.daily.
Generate and copy the key
ssh-keygen -t dsa,
and press Enter when prompted for a passphrase. After the key is created, use
ssh-copy-id -i .ssh/id_dsa.pub root@remote.host.com
to copy the public key to the remote host.
(Note: this presume that SSH is installed with key transfer)
2) Network copying using scp
scp -Cr /home/imran 192.168.100.10:/media/usbdisk
r:recursvly copying
C:exncrytpion 3DES default.
Don't use this method if directory contails too many files.
Further reading:
http://www.crucialp.com/resources/tutorials/server-administration/how-to-copy-files-across-a-network-internet-in-unix-linux-redhat-debian-freebsd-scp-tar-rsync-secure-network-copy.php
Step 1: Install rsync on both machines
aptitude install rsync
Step 2: Edit of /etc/default/rsync on both machines
RSYNC_ENABLE=false
to
RSYNC_ENABLE=true
Step 3: Restart rsync on both machines
/etc/init.d/rsync restart
Step 4: Start copy from machine1 to machine2
rsync -e ssh -avz /home/imran 192.168.100.10:/media/usbdisk/imran
options
a: archive mode perserver file permission
v: verbose
z: compress (this will reduce time)
This will prompt for password, enter password, you will see
building file list..
Backup using Rsync
Make script and place it under /etc/cron.daily.
Generate and copy the key
ssh-keygen -t dsa,
and press Enter when prompted for a passphrase. After the key is created, use
ssh-copy-id -i .ssh/id_dsa.pub root@remote.host.com
to copy the public key to the remote host.
(Note: this presume that SSH is installed with key transfer)
2) Network copying using scp
scp -Cr /home/imran 192.168.100.10:/media/usbdisk
r:recursvly copying
C:exncrytpion 3DES default.
Don't use this method if directory contails too many files.
Further reading:
http://www.crucialp.com/resources/tutorials/server-administration/how-to-copy-files-across-a-network-internet-in-unix-linux-redhat-debian-freebsd-scp-tar-rsync-secure-network-copy.php
Saturday, August 16, 2008
ENABLE AUTHENTICATION ON DEBIAN APACHE WEB SERVER
Step by Step Guide;
Step 1 Enable Digest Authentication
This authentication does not supported by default
#a2enmod auth_digest
Step 2 Set up user/password/realm
htdigest -c /var/www/munin/.htpasswd munin username
munin is realm and username is username.
supply "username" user password,
Step 3 Making Authentication required
go back to /etc/apache2/sites-available/monitoring.
Options FollowSymLinks
AllowOverride None
#authentification
AuthType Digest
AuthName "munin"
AuthDigestFile /var/www/munin/.htpasswd
#people using apache 2.2 will use instead:
#AuthUserFile /var/www/munin/.htpasswd
require valid-user
Step 4 Reload apache configuration
#apache2ctl -t
Syntax OK
$/etc/init.d/apache2 force-reload
Step 5 Tesing and Running
Now, go to http://monitoring.example.com with your browser. A box should prompt you for a username and password. Supply the one you define above and you should be given access to munin statistics.
Step 1 Enable Digest Authentication
This authentication does not supported by default
#a2enmod auth_digest
Step 2 Set up user/password/realm
htdigest -c /var/www/munin/.htpasswd munin username
munin is realm and username is username.
supply "username" user password,
Step 3 Making Authentication required
go back to /etc/apache2/sites-available/monitoring.
Options FollowSymLinks
AllowOverride None
#authentification
AuthType Digest
AuthName "munin"
AuthDigestFile /var/www/munin/.htpasswd
#people using apache 2.2 will use instead:
#AuthUserFile /var/www/munin/.htpasswd
require valid-user
Step 4 Reload apache configuration
#apache2ctl -t
Syntax OK
$/etc/init.d/apache2 force-reload
Step 5 Tesing and Running
Now, go to http://monitoring.example.com with your browser. A box should prompt you for a username and password. Supply the one you define above and you should be given access to munin statistics.
Monitoring Linux (Debain) Network With Munin
It requires following packages;
• Web Server e.g apache
• Munin Server
• Munin Clients
• Measuring temperature using smartmontools
• Munin Windows plugins
• Documentation and further Reading
WEB SERVER e.g APACHE
Linux Apach2 for debian
#apt-get install apache2-mpm-prefork
Run the script “apache2-ssl-certificate” i.e
# apache2-ssl-certificate
MUNIN ON SERVER
#apt-get install munin munin-node
Edit Configuration
/etc/munin/munin.conf
# a simple host tree
[localhost.localdomain]
address 127.0.0.1
use_node_name yes
[machine1.domain.com]
address xx.xxx.xxx.xx
use_node_name yes
[machine2.domain.com]
address xx.xxx.xxx.xx
use_node_name yes
##please write ip on xx
MUNIN ON CLIENTS
Instlal it in each client
#apt-get install munin-node
change configuration
/etc/munin/munin-node.conf
Edit Configuration on each Client Machine
Client 1 machine1.domain.com
#
# Example config-file for munin-node
#
log_level 4
log_file /var/log/munin/munin-node.log
port 4949
pid_file /var/run/munin/munin-node.pid
background 1
setseid 1
# Which port to bind to;
host *
host 127.0.0.1
host xx.xxx.xxx.xx
## xx server IP
user root
group root
setsid yes
allow ^127\.0\.0\.1$
allow ^xx\.xxx\.xxx\.xx$
Testing
browse under http://ipaddress/munin
Examples can be found here: http://www.linpro.no/projects/munin/example/
If you have any problems you need to check the log files of munin located at /var/
log/munin directory
MEASURING TEMPERATURE USING SMARTMONTOOLS
1.#apt-get install smartmontools
which is apparently needed by munin's hddtemp_smartctl plugin ;
2. and ln -s /usr/share/munin/plugins/hddtemp_smartctl /etc/munin/plugins/hddtemp_smartctl
.. which 'activates' the plugin ;
3. and /etc/init.d/munin-node restart to apply these changes.
WINDOWS PLUGIN
http://www.jory.info/#downloads_muninnode
http://munin.projects.linpro.no/wiki/HowToMonitorWindows
http://www.debuntu.org/book/export/html/134
DOCUMENTATION AND FURTHER READING
http://www.debianhelp.co.uk/munin.htm
http://www.debianhelp.co.uk/munin.htm
• Web Server e.g apache
• Munin Server
• Munin Clients
• Measuring temperature using smartmontools
• Munin Windows plugins
• Documentation and further Reading
WEB SERVER e.g APACHE
Linux Apach2 for debian
#apt-get install apache2-mpm-prefork
Run the script “apache2-ssl-certificate” i.e
# apache2-ssl-certificate
MUNIN ON SERVER
#apt-get install munin munin-node
Edit Configuration
/etc/munin/munin.conf
# a simple host tree
[localhost.localdomain]
address 127.0.0.1
use_node_name yes
[machine1.domain.com]
address xx.xxx.xxx.xx
use_node_name yes
[machine2.domain.com]
address xx.xxx.xxx.xx
use_node_name yes
##please write ip on xx
MUNIN ON CLIENTS
Instlal it in each client
#apt-get install munin-node
change configuration
/etc/munin/munin-node.conf
Edit Configuration on each Client Machine
Client 1 machine1.domain.com
#
# Example config-file for munin-node
#
log_level 4
log_file /var/log/munin/munin-node.log
port 4949
pid_file /var/run/munin/munin-node.pid
background 1
setseid 1
# Which port to bind to;
host *
host 127.0.0.1
host xx.xxx.xxx.xx
## xx server IP
user root
group root
setsid yes
allow ^127\.0\.0\.1$
allow ^xx\.xxx\.xxx\.xx$
Testing
browse under http://ipaddress/munin
Examples can be found here: http://www.linpro.no/projects/munin/example/
If you have any problems you need to check the log files of munin located at /var/
log/munin directory
MEASURING TEMPERATURE USING SMARTMONTOOLS
1.#apt-get install smartmontools
which is apparently needed by munin's hddtemp_smartctl plugin ;
2. and ln -s /usr/share/munin/plugins/hddtemp_smartctl /etc/munin/plugins/hddtemp_smartctl
.. which 'activates' the plugin ;
3. and /etc/init.d/munin-node restart to apply these changes.
WINDOWS PLUGIN
http://www.jory.info/#downloads_muninnode
http://munin.projects.linpro.no/wiki/HowToMonitorWindows
http://www.debuntu.org/book/export/html/134
DOCUMENTATION AND FURTHER READING
http://www.debianhelp.co.uk/munin.htm
http://www.debianhelp.co.uk/munin.htm
Thursday, August 14, 2008
Mounting External USB Disk on Debian
After plugin USB, see any activity
tail -f /var/log/syslog
if nothing about usb mass storage, check reasons. If "no loadable modules!", your old Kernel does not support USB, you might need to upgrade it (depending upon hardware of machine) in my case it was the Via CPU which is not a
full-blown 686.
Then install the new kernel
apt-get install linux-image-2.6.18-4-486
After that config the lilo or grub in our case it was lilo:
edit /etc/lilo.conf
default=2.6.18
Then restart the machine.
check activity and see syslog (see up command)
Kernal find the disk
Aug 14 20:05:11 neptune kernel: usb-storage: device found at 3
Aug 14 20:05:11 neptune kernel: usb-storage: waiting for device to
settle before scanning
Aug 14 20:05:16 neptune kernel: Vendor: ATA Model: SAMSUNG
HD321KJ Rev: CP10
Aug 14 20:05:16 neptune kernel: Type: Direct-Access
ANSI SCSI revision: 05
Aug 14 20:05:16 neptune kernel: SCSI device sda: 625142448 512-byte hdwr
sectors (320073 MB)
Aug 14 20:05:16 neptune kernel: sda: Write Protect is off
Aug 14 20:05:16 neptune kernel: sda: Mode Sense: 00 00 00 00
Aug 14 20:05:16 neptune kernel: sda: assuming drive cache: write through
Aug 14 20:05:16 neptune kernel: SCSI device sda: 625142448 512-byte hdwr
sectors (320073 MB)
Aug 14 20:05:16 neptune kernel: sda: Write Protect is off
Aug 14 20:05:16 neptune kernel: sda: Mode Sense: 00 00 00 00
Aug 14 20:05:16 neptune kernel: sda: assuming drive cache: write through
Aug 14 20:05:16 neptune kernel: sda: sda1 sda2 sda3 sda4
Aug 14 20:05:16 neptune kernel: sd 1:0:0:0: Attached scsi disk sda
Aug 14 20:05:16 neptune kernel: usb-storage: device scan complete
This means that the device was inserted into the kernel as /dev/sda.
From the bottom of the log, you see that the device has four partitions.
(sda1, sda2, sda3, sda4) If you don't know what filesystems they
contain, you can make mount autodetect by:
mount /dev/sda2 /mnt/media
When you finish your work, unmount this can corrupt the file system.
umont /mnt/media
Thanks Fredrik Gratte, from Owera As
tail -f /var/log/syslog
if nothing about usb mass storage, check reasons. If "no loadable modules!", your old Kernel does not support USB, you might need to upgrade it (depending upon hardware of machine) in my case it was the Via CPU which is not a
full-blown 686.
Then install the new kernel
apt-get install linux-image-2.6.18-4-486
After that config the lilo or grub in our case it was lilo:
edit /etc/lilo.conf
default=2.6.18
Then restart the machine.
check activity and see syslog (see up command)
Kernal find the disk
Aug 14 20:05:11 neptune kernel: usb-storage: device found at 3
Aug 14 20:05:11 neptune kernel: usb-storage: waiting for device to
settle before scanning
Aug 14 20:05:16 neptune kernel: Vendor: ATA Model: SAMSUNG
HD321KJ Rev: CP10
Aug 14 20:05:16 neptune kernel: Type: Direct-Access
ANSI SCSI revision: 05
Aug 14 20:05:16 neptune kernel: SCSI device sda: 625142448 512-byte hdwr
sectors (320073 MB)
Aug 14 20:05:16 neptune kernel: sda: Write Protect is off
Aug 14 20:05:16 neptune kernel: sda: Mode Sense: 00 00 00 00
Aug 14 20:05:16 neptune kernel: sda: assuming drive cache: write through
Aug 14 20:05:16 neptune kernel: SCSI device sda: 625142448 512-byte hdwr
sectors (320073 MB)
Aug 14 20:05:16 neptune kernel: sda: Write Protect is off
Aug 14 20:05:16 neptune kernel: sda: Mode Sense: 00 00 00 00
Aug 14 20:05:16 neptune kernel: sda: assuming drive cache: write through
Aug 14 20:05:16 neptune kernel: sda: sda1 sda2 sda3 sda4
Aug 14 20:05:16 neptune kernel: sd 1:0:0:0: Attached scsi disk sda
Aug 14 20:05:16 neptune kernel: usb-storage: device scan complete
This means that the device was inserted into the kernel as /dev/sda.
From the bottom of the log, you see that the device has four partitions.
(sda1, sda2, sda3, sda4) If you don't know what filesystems they
contain, you can make mount autodetect by:
mount /dev/sda2 /mnt/media
When you finish your work, unmount this can corrupt the file system.
umont /mnt/media
Thanks Fredrik Gratte, from Owera As
Tuesday, August 12, 2008
Squirrelmail Web Client Installatin and Configuration on Debian
Following things are involved.
We are already running EXIM4, as our mail mail server on a different machine and network with folloing IMAP and SMTP
Imap.domain.com
Smtp.domain.com
No need to install it from scracth.
INSTALLATION OF PACKAGES:
A) Web server Apache with ssl support
Install apache2: apt-get install apach2
install ssl certificate: apt-get install ssl-cert
generate certificate: openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem
country name: NO
state name: Oslo
locality name: Oslo
organizaion name: yourcompany
organizatinal unit: IT
common name: webmail
email addres: youremail@yourdomain.com
B) PHP4 (php5 has some problems)
PHP4 Installation: apt-get install php4
C) UW IMAP
Installation of uw-imapd: apt-get install uw-imapd
D) Squirrelmail
Squirrelmail Installation: apt-get install squirelmail
you can also download from this location and install,
http://www.squirrelmail.org/download.php
CONFIGURATION:
Apache WebServer
chmod 600 /etc/apache2/apache.pem
Enabling SSL Support
a2enmod ssl
Module ssl installed; run /etc/init.d/apache2 force-reload to enable.
Configuring SSL support
Edit /etc/apache2/ports.conf
Listen 443
Edit /etc/apache2/sites-available/default.conf
NameVirtualHost *:443
ServerAdmin webmaster@owera.com
ServerName webmail.owera.com
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
DocumentRoot /var/squirrelmail/www/
.
.
Restart apache2
/etc/init.d/apache2 restart
Squirrelmail configuration
After downloading, create directory and unpack
mkdir /var/squirrelmail
cd /var/squirrelmail
mkdir data attachment www
chown -R www-data.www-data /ver/squirrelmail/
chgrp www-data data attachment
chmod 0730 data attachment
tar --bzip2 -xvf /usr/local/src/downloads/squirrelmail-1.4.5.tar.bz2
mv squirrelmail-1.4.5 www
cd www/config
cp -p config_default.php config.php
Edit config.php
Change this to your organization's name.
$org_name = 'YOUR_ORGANIZATION';
Change this to the title you would like shown on the SquirrelMail web page.
$org_title = 'YOUR_TITLE $version';
Change this to the mail domain that is being served by SquirrelMail.
$domain = 'YOUR_MAIL_DOMAIN.com';
Define your SMTP server. This is the name of the server running the Postfix MTA for your mail domain. If Postfix is running on the same server as SquirrelMail then this would be 'localhost'. If it is another server then enter 'SERVERNAME.com'.
$smtpServerAddress = 'localhost';
Define your IMAP server. We always have SquirrelMail running on the same server as IMAP so this will always be 'localhost'.
$imapServerAddress = 'localhost';
Define the IMAP server type. The IMAP package in EnGarde Secure Community 3.0 is 'Washington University' so use 'wu' here.
$imap_server_type = 'wu';
.
.
DOCUMENTATION:
http://www.squirrelmail.org/docs/admin/admin-3.html#ss3.1
http://www.flatmtn.com/computer/Linux-Squirrelmail.html
http://www.engardelinux.org/doc/howtos/install-squirrelmail/install-squirrelmail/config-edit.shtml
http://www.flatmtn.com/computer/Linux-EmailServer.html
- MAIL SERVER 'Exim4'
- INSTALLATION OF PACKAGES
- CONFIGURATION
- FURTHER DOCUMENTATION
We are already running EXIM4, as our mail mail server on a different machine and network with folloing IMAP and SMTP
Imap.domain.com
Smtp.domain.com
No need to install it from scracth.
INSTALLATION OF PACKAGES:
A) Web server Apache with ssl support
Install apache2: apt-get install apach2
install ssl certificate: apt-get install ssl-cert
generate certificate: openssl req $@ -new -x509 -days 365 -nodes -out /etc/apache2/apache.pem -keyout /etc/apache2/apache.pem
country name: NO
state name: Oslo
locality name: Oslo
organizaion name: yourcompany
organizatinal unit: IT
common name: webmail
email addres: youremail@yourdomain.com
B) PHP4 (php5 has some problems)
PHP4 Installation: apt-get install php4
C) UW IMAP
Installation of uw-imapd: apt-get install uw-imapd
D) Squirrelmail
Squirrelmail Installation: apt-get install squirelmail
you can also download from this location and install,
http://www.squirrelmail.org/download.php
CONFIGURATION:
Apache WebServer
chmod 600 /etc/apache2/apache.pem
Enabling SSL Support
a2enmod ssl
Module ssl installed; run /etc/init.d/apache2 force-reload to enable.
Configuring SSL support
Edit /etc/apache2/ports.conf
Listen 443
Edit /etc/apache2/sites-available/default.conf
NameVirtualHost *:443
ServerName webmail.owera.com
SSLEngine on
SSLCertificateFile /etc/apache2/apache.pem
DocumentRoot /var/squirrelmail/www/
.
.
Restart apache2
/etc/init.d/apache2 restart
Squirrelmail configuration
After downloading, create directory and unpack
mkdir /var/squirrelmail
cd /var/squirrelmail
mkdir data attachment www
chown -R www-data.www-data /ver/squirrelmail/
chgrp www-data data attachment
chmod 0730 data attachment
tar --bzip2 -xvf /usr/local/src/downloads/squirrelmail-1.4.5.tar.bz2
mv squirrelmail-1.4.5 www
cd www/config
cp -p config_default.php config.php
Edit config.php
Change this to your organization's name.
$org_name = 'YOUR_ORGANIZATION';
Change this to the title you would like shown on the SquirrelMail web page.
$org_title = 'YOUR_TITLE $version';
Change this to the mail domain that is being served by SquirrelMail.
$domain = 'YOUR_MAIL_DOMAIN.com';
Define your SMTP server. This is the name of the server running the Postfix MTA for your mail domain. If Postfix is running on the same server as SquirrelMail then this would be 'localhost'. If it is another server then enter 'SERVERNAME.com'.
$smtpServerAddress = 'localhost';
Define your IMAP server. We always have SquirrelMail running on the same server as IMAP so this will always be 'localhost'.
$imapServerAddress = 'localhost';
Define the IMAP server type. The IMAP package in EnGarde Secure Community 3.0 is 'Washington University' so use 'wu' here.
$imap_server_type = 'wu';
.
.
DOCUMENTATION:
http://www.squirrelmail.org/docs/admin/admin-3.html#ss3.1
http://www.flatmtn.com/computer/Linux-Squirrelmail.html
http://www.engardelinux.org/doc/howtos/install-squirrelmail/install-squirrelmail/config-edit.shtml
http://www.flatmtn.com/computer/Linux-EmailServer.html
Subscribe to:
Posts (Atom)