----<|)imshahmemyselfandi(|>----

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Mon, 19 Oct 2009 07:41:00 +0000

CPU / Memory

1. HPUX

2. AIX

3. Solaris

4. Linux

5. Tru64

HPUX

How to check CPU/Memory usage

# glance OR top OR vmstat OR iostat OR sar

## to check CPU/Memory utilisation

· Find large processes which currently filled up the CPU/Memory usage.

AIX

How to check CPU/Memory usage:

# sar OR vmstat OR iostat OR topas ## to check CPU/Memory utilisation

· Find large processes which currently filled up the CPU/Memory usage.

SOLARIS

How to check CPU/Memory usage:

# sar OR vmstat OR iostat ## to check CPU/Memory utilisation

· Find large processes which currently filled up the CPU/Memory usage.

LINUX

How to check CPU/Memory usage:

# sar OR vmstat OR iostat OR top ## to check CPU/Memory utilisation

· Find large processes which currently filled up the CPU/Memory usage.

TRU64

How to check CPU/Memory usage:

# vmstat OR iostat OR top ## to check CPU/Memory utilisation

· Find large processes which currently filled up the CPU/Memory usage.

HPUX

How to check disk space: (using /var as example)

# bdf /var ## to check disk utilisation for /var filesystem

# find /var -xdev -type f -size +5000000c -exec ls -l {} \; | sort -nk 5 ## to find larger files in /var

AIX, SOLARIS, LINUX, TRU64

How to check disk space:

# df -k /var ## to check disk utilisation for /var filesystem

# find /var -xdev -type f -size +5000000c -exec ls -l {} \; | sort -nk 5 ## to find larger files in /var

HPUX/AIX/SOLARIS/LINUX/TRU64

Pre-checking before reboot

Capture the system details

# bdf > /tmp/bdf.txt ## For HPUX

OR

# df –k > /tmp/df.txt ## For other OS

# netstat –in > /tmp/netstat.in.txt

# netstat –rn > /tmp/netstat.rn.txt

# lanscan > /tmp/lanscan.txt ## For HPUX

# ioscan –fn > /tmp/ioscan.txt ## For HPUX

# ps –ef | grep –i sap ## Double confirm no SAP running

# ps –ef | grep –I oracle ## Double confirm no Database running

How to reboot server

# shutdown [-option] [ +Time [ Message ] ] ## man shutdown to find more the option

Account Creation

# finger

OR

# grep –i <> /etc/passwd

HPUX/AIX/SOLARIS/LINUX/TRU64

# useradd –c -g -m –d -s id

## man useradd for more the option

AIX

# mkuser ## man mkuser for more the option

Account Mod

Do initial checking on the account

# finger

OR

# grep –i <> /etc/passwd

HPUX/SOLARIS/LINUX/TRU64

# usermod ## man usermod for more the option

AIX

# chuser ## man chuser for more the option

Account Deletion

Do initial checking on the account

# finger

OR

# grep –i <> /etc/passwd

HPUX/SOLARIS/LINUX/TRU64

# userdel –r ## man userdel for more the option

AIX

# rmuser ## man rmuser for more the option

Generic Process to add printer

1) Confirm details provided (such as printer queue name, IP address and model).

2) Perform initial checking:-

# ping ## Ping new printer IP address

# lpstat –o ## Verify if printer queue used up

Issue following command to create print queue.

# hppi or sam ## HP UX

# smitty ## IBM

Generic Process to modify printer:

1) Confirm details provided (such as printer queue name, IP address and model).

2) Perform initial checking:-

HPUX

# ping ## Ping new and old printer IP address

# lpstat –o ## Verify printer queue

# grep –i model /etc/lp/interface ## Check printer model

# grep –i periph /etc/lp/interface ## Check printer IP

# grep –i /etc/hosts ## Check printer IP

IBM

# Smitty

Issue following command to modify printer queue IP or model. Printer modify can be do anytime.

HPUX

# vi /etc/lp/interface ## Change network printer IP only

**To modify printer model, remove old print queue and recreate with new model.

**If print queue are remote printer, remove old print queue and recreate with new IP or model.

IBM

**Remove old print queue and recreate with new IP or model

Generic Process to delete printer:

1) Confirm details provided (such as printer queue name, IP address and model).

2) Perform initial checking:-

HPUX/IBM/SUN SOLARIS/Linus/Tru64

# ping ## Ping new and old printer IP address

# lpstat –o ## Verify printer queue

Issue following command to delete printer queue IP or model.

HPUX

# hppi or sam

IBM

# smitty

Using nmap for Linux administration and security

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Thu, 04 Jun 2009 03:35:00 +0000

This articles is taken from here

In this tip we are going to learn about nmap, an open source network scanner that is ideal for network troubleshooting, scanning, and auditing. The tool can be used to identify devices on the network as well as the services running on the particular devices. Additionally, advanced information such as operating systems in use, particular services (name and version), and network filters and firewalls can be identified.

The identification of services with nmap is achieved through its fingerprint database that currently contains 5,000+ fingerprints. This database is supported by the community by allowing submission of known fingerprints.

Nmap as an inventory tool
One of the common applications of nmap is to generate basic inventory reports. This is useful for network maps, renewal of maintenance agreements on network devices and nodes, and to identify rogue, unauthorized, or forgotten devices.
The basic scan for an inventory makes use of a ping scan. For example, the following scan shows the host available on the 192.168.1.0/24 network. The -sP tells nmap to do a ping scan, and the -n says to not do name resolution.

nmap -sP -n 192.168.1.0/24
Starting Nmap 4.76 (http://nmap.org) at 2009-05-14 10:18 CDT
Host 192.168.1.1 appears to be up.
MAC Address: 00:18:3A:A4:43:BA (Westell Technologies)
Host 192.168.1.2 appears to be up.
Host 192.168.1.3 appears to be up.
MAC Address: 00:17:EE:01:95:19 (Motorola CHS)
Host 192.168.1.4 appears to be up.
MAC Address: 00:16:CB:A3:27:E4 (Apple Computer)
Host 192.168.1.5 appears to be up.
MAC Address: 00:1E:52:7D:84:7E (Apple)
Nmap done: 256 IP addresses (5 hosts up) scanned in 2.17 seconds

This ping scan is quite useful for building inventories quickly. It can also be the building blocks of more sophisticated scripts and programs to validate adds and changes to the network. For example, the following command reports the new host (192.168.1.5) on the network from two daily scans output to text files:

diff monday.scan tuesday.scan | grep "> Host"
> Host 192.168.1.5 appears to be up.

Host-specific inventory
To look at a particular host to determine services running, you can use nmap. For example, let's take a closer look at the 192.168.1.5 that appears to have been turned up sometime after the Monday scan but before the Tuesday scan:

nmap -n 192.168.1.5
Starting Nmap 4.76 ( http://nmap.org ) at 2009-05-14 12:44 CDT
Interesting ports on 192.168.1.5:
Not shown: 984 closed ports
PORT STATE SERVICE
22/tcp open ssh
88/tcp open kerberos-sec
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
515/tcp open printer
548/tcp open afp
631/tcp open ipp
1021/tcp open unknown
1022/tcp open unknown
1023/tcp open netvenuechat
2049/tcp open nfs
3300/tcp open unknown
5900/tcp open vnc
20221/tcp open unknown
20222/tcp open unknown
MAC Address: 00:16:CB:A3:27:E4 (Apple Computer)
Nmap done: 1 IP address (1 host up) scanned in 10.46 seconds
It appears to be a Unix based system based upon ssh, but the identification of the MAC address makes the system most likely an Apple Mac computer. But, a closer look using nmap's service and version detection, more information can be gleaned. The -sV parameter is used for this:

mb3:~ root# nmap -n -sV 192.168.1.5
Starting Nmap 4.76 ( http://nmap.org ) at 2009-05-14 12:47 CDT
Interesting ports on 192.168.1.5:
Not shown: 984 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.1 (protocol 1.99)
88/tcp open kerberos-sec Mac OS X kerberos-sec
111/tcp open rpcbind
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
515/tcp open printer
548/tcp open afp?
631/tcp open ipp CUPS 1.3
1021/tcp open rpcbind
1022/tcp open rpcbind
1023/tcp open rpcbind
2049/tcp open rpcbind
3300/tcp open unknown?
5900/tcp open vnc VNC (protocol 3.8)
20221/tcp open unknown?
20222/tcp open unknown?
1 service unrecognized despite returning data.
If you know the service/version, please submit the following fingerprint
at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port548-TCP:V=4.76%I=7%D=5/14%Time=4A0C5929%P=i386-apple-darwin9.4.0%r(
SF:SSLSessionReq,172,"\x01\x03\0\0Q\xec\xff\xff\0\0\x01b\0\0\0\0\0\x18\0\"
AD9
SF:6FA5112ED039C\0\x04mini");
MAC Address: 00:16:CB:A3:27:E4 (Apple Computer)
Service Info: OS: Mac OS X
Host script results:
| Discover OS Version over NetBIOS and SMB: Unix
|_ Discover system time over SMB: 2009-05-14 12:49:02 UTC-5
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 119.68 seconds

Now the administrator knows that it is Mac OS X, and that it is being used for Windows file sharing using Samba, that it is most likely sharing printers via CUPS, and that the system is configured for remote management with virtual network computing (VNC).

Using nmap for security
While nmap is quite useful for administrators as shown above, it is also quite powerful for security audits. For example, many companies do not allow Web servers to be run on user networks (i.e. networks where user computers and laptops are connected). nmap can easily be used to identify all the systems with Web services running on the well known ports of 80 and 443 with:

nmap -n -p 80,443 192.168.1.0/24 | egrep "ports|open"
Interesting ports on 192.168.1.1:
80/tcp open http
443/tcp open https
Interesting ports on 192.168.1.2:
Interesting ports on 192.168.1.3:
Interesting ports on 192.168.1.4:
Interesting ports on 192.168.1.5:

Another useful feature is identifying particular versions to determine if systems are vulnerable to an announced vulnerability. For example, let's assume the Samba team has announced a security issue with a particular version of Samba, and you need to identify all your Samba versions. The following reports the Samba versions:

nmap -n -sV -p 139 192.168.1.0/24 | egrep "ports|139"
Interesting ports on 192.168.1.1:
139/tcp closed netbios-ssn
Interesting ports on 192.168.1.2:
139/tcp closed netbios-ssn
Interesting ports on 192.168.1.3:
139/tcp filtered netbios-ssn
Interesting ports on 192.168.1.4:
139/tcp open netbios-ssn Samba smbd 3.2 (workgroup: HQ)
Interesting ports on 192.168.1.5:
139/tcp open netbios-ssn Samba smbd 2.1 (workgroup: REMOTE)
Interesting ports on 192.168.1.15:
139/tcp open netbios-ssn Samba smbd 3.2 (workgroup: WORKGROUP)

This tip has shown how nmap can be used for network inventory scans (-sP), more thorough inventory and auditing, and security scans to identify unauthorized services as well as assist in security vulnerability assessments. nmap is a good tool to have readily available...combine it with grep or egrep and it becomes a powerful reporting tool.

How to check Ubuntu version

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Thu, 04 Jun 2009 03:16:00 +0000

There are a few command to check the Ubuntu version. See below.

Command : lsb_release -a
root@ubuntu:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 8.10
Release: 8.10
Codename: intrepid

Command : cat /etc/issue
root@ubuntu:~# cat /etc/issue
Ubuntu 8.10 \n \l

Command : cat /etc/lsb-release
root@ubuntu:~# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=8.10
DISTRIB_CODENAME=intrepid
DISTRIB_DESCRIPTION="Ubuntu 8.10"

Command : cat /etc/apt/sources.list
root@ubuntu:~# cat /etc/apt/sources.list
#
# deb cdrom:[Ubuntu-Server 8.10 _Intrepid Ibex_ - Release amd64 (20081028.1)]/ intrepid main restricted

#deb cdrom:[Ubuntu-Server 8.10 _Intrepid Ibex_ - Release amd64 (20081028.1)]/ intrepid main restricted
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.

deb http://my.archive.ubuntu.com/ubuntu/ intrepid main restricted
deb-src http://my.archive.ubuntu.com/ubuntu/ intrepid main restricted

## Major bug fix updates produced after the final release of the
## distribution.
deb http://my.archive.ubuntu.com/ubuntu/ intrepid-updates main restricted
deb-src http://my.archive.ubuntu.com/ubuntu/ intrepid-updates main restricted

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://my.archive.ubuntu.com/ubuntu/ intrepid universe
deb-src http://my.archive.ubuntu.com/ubuntu/ intrepid universe
deb http://my.archive.ubuntu.com/ubuntu/ intrepid-updates universe
deb-src http://my.archive.ubuntu.com/ubuntu/ intrepid-updates universe

## OpenNMS
deb http://debian.opennms.org stable main
deb-src http://debian.opennms.org stable main

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://my.archive.ubuntu.com/ubuntu/ intrepid multiverse
deb-src http://my.archive.ubuntu.com/ubuntu/ intrepid multiverse
deb http://my.archive.ubuntu.com/ubuntu/ intrepid-updates multiverse
deb-src http://my.archive.ubuntu.com/ubuntu/ intrepid-updates multiverse

## Uncomment the following two lines to add software from the 'backports'
## repository.
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
# deb http://my.archive.ubuntu.com/ubuntu/ intrepid-backports main restricted universe multiverse
# deb-src http://my.archive.ubuntu.com/ubuntu/ intrepid-backports main restricted universe multiverse

## Uncomment the following two lines to add software from Canonical's
## 'partner' repository. This software is not part of Ubuntu, but is
## offered by Canonical and the respective vendors as a service to Ubuntu
## users.
# deb http://archive.canonical.com/ubuntu intrepid partner
# deb-src http://archive.canonical.com/ubuntu intrepid partner

# Line commented out by installer because it failed to verify:
#deb http://security.ubuntu.com/ubuntu intrepid-security main restricted
# Line commented out by installer because it failed to verify:
#deb-src http://security.ubuntu.com/ubuntu intrepid-security main restricted
# Line commented out by installer because it failed to verify:
#deb http://security.ubuntu.com/ubuntu intrepid-security universe
# Line commented out by installer because it failed to verify:
#deb-src http://security.ubuntu.com/ubuntu intrepid-security universe
# Line commented out by installer because it failed to verify:
#deb http://security.ubuntu.com/ubuntu intrepid-security multiverse
# Line commented out by installer because it failed to verify:
#deb-src http://security.ubuntu.com/ubuntu intrepid-security multiverse

Installing nmap in Ubuntu

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Thu, 04 Jun 2009 02:54:00 +0000

I want to using nmap in my Ubuntu server but I found that nmap is not installed yet.
root@ubuntu:~# nmap
The program 'nmap' is currently not installed. You can install it by typing:

So, to install nmap just type the below command. It is extremely simple and easy :)
type this command : apt-get install nmap
-bash: nmap: command not found
root@ubuntu:~# apt-get install nmap
** nmap will be installed and the below process will be shown
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
nmap
0 upgraded, 1 newly installed, 0 to remove and 46 not upgraded.
Need to get 1080kB of archives.
After this operation, 3789kB of additional disk space will be used.
Get:1 http://my.archive.ubuntu.com intrepid/main nmap 4.62-1ubuntu1 [1080kB]
Fetched 1080kB in 20s (52.4kB/s)
Selecting previously deselected package nmap.
(Reading database ... 53517 files and directories currently installed.)
Unpacking nmap (from .../nmap_4.62-1ubuntu1_amd64.deb) ...
Processing triggers for man-db ...
Setting up nmap (4.62-1ubuntu1) ...

taddaaaaaaa...!!!! Nmap is installed..Yeaaaaa
root@ubuntu:~# nmap
Nmap 4.62 ( http://nmap.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iL : Input from list of hosts/networks
-iR : Choose random targets
--exclude : Exclude hosts/networks
--excludefile : Exclude list from file
HOST DISCOVERY:
-sL: List Scan - simply list targets to scan
-sP: Ping Scan - go no further than determining if host is online
-PN: Treat all hosts as online -- skip host discovery
-PS/PA/PU [portlist]: TCP SYN/ACK or UDP discovery to given ports
-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
-PO [protocol list]: IP Protocol Ping
-n/-R: Never do DNS resolution/Always resolve [default: sometimes]
--dns-servers : Specify custom DNS servers
--system-dns: Use OS's DNS resolver
SCAN TECHNIQUES:
-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
-sU: UDP Scan
-sN/sF/sX: TCP Null, FIN, and Xmas scans
--scanflags : Customize TCP scan flags
-sI : Idle scan
-sO: IP protocol scan
-b : FTP bounce scan
--traceroute: Trace hop path to each host
--reason: Display the reason a port is in a particular state
PORT SPECIFICATION AND SCAN ORDER:
-p : Only scan specified ports
Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080
-F: Fast mode - Scan fewer ports than the default scan
-r: Scan ports consecutively - don't randomize
--top-ports : Scan most common ports
--port-ratio : Scan ports more common than
SERVICE/VERSION DETECTION:
-sV: Probe open ports to determine service/version info
--version-intensity : Set from 0 (light) to 9 (try all probes)
--version-light: Limit to most likely probes (intensity 2)
--version-all: Try every single probe (intensity 9)
--version-trace: Show detailed version scan activity (for debugging)
SCRIPT SCAN:
-sC: equivalent to --script=safe,intrusive
--script=: is a comma separated list of
directories, script-files or script-categories
--script-args=: provide arguments to scripts
--script-trace: Show all data sent and received
--script-updatedb: Update the script database.
OS DETECTION:
-O: Enable OS detection
--osscan-limit: Limit OS detection to promising targets
--osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE:
Options which take are in milliseconds, unless you append 's'
(seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
-T[0-5]: Set timing template (higher is faster)
--min-hostgroup/max-hostgroup : Parallel host scan group sizes
--min-parallelism/max-parallelism : Probe parallelization
--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout : Specifies
probe round trip time.
--max-retries : Caps number of port scan probe retransmissions.
--host-timeout : Give up on target after this long
--scan-delay/--max-scan-delay : Adjust delay between probes
--min-rate : Send packets no slower than per second
FIREWALL/IDS EVASION AND SPOOFING:
-f; --mtu : fragment packets (optionally w/given MTU)
-D : Cloak a scan with decoys
-S : Spoof source address
-e : Use specified interface
-g/--source-port : Use given port number
--data-length : Append random data to sent packets
--ip-options : Send packets with specified ip options
--ttl : Set IP time-to-live field
--spoof-mac : Spoof your MAC address
--badsum: Send packets with a bogus TCP/UDP checksum
OUTPUT:
-oN/-oX/-oS/-oG : Output scan in normal, XML, s| and Grepable format, respectively, to the given filename.
-oA : Output in the three major formats at once
-v: Increase verbosity level (use twice or more for greater effect)
-d[level]: Set or increase debugging level (Up to 9 is meaningful)
--open: Only show open (or possibly open) ports
--packet-trace: Show all packets sent and received
--iflist: Print host interfaces and routes (for debugging)
--log-errors: Log errors/warnings to the normal-format output file
--append-output: Append to rather than clobber specified output files
--resume : Resume an aborted scan
--stylesheet : XSL stylesheet to transform XML output to HTML
--webxml: Reference stylesheet from Insecure.Org for more portable XML
--no-stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:
-6: Enable IPv6 scanning
-A: Enables OS detection and Version detection, Script scanning and Traceroute
--datadir : Specify custom Nmap data file location
--send-eth/--send-ip: Send using raw ethernet frames or IP packets
--privileged: Assume that the user is fully privileged
--unprivileged: Assume the user lacks raw socket privileges
-V: Print version number
-h: Print this help summary page.
EXAMPLES:
nmap -v -A scanme.nmap.org
nmap -v -sP 192.168.0.0/16 10.0.0.0/8
nmap -v -iR 10000 -PN -p 80
SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES
root@ubuntu:~#

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Mon, 25 May 2009 02:32:00 +0000

INVITATION TO PARTICIPATE IN MSC MALAYSIA OPEN SOURCE CONFERENCE 2009

Date: 31 May - 3 June, 2009
Venue: Berjaya Times Square Hotel & Convention Center, Kuala Lumpur.

MSC Malaysia's inaugural and full-fledged Open Source Conference to incorporate a "Quadruple play" of 4 crucial stakeholders consisting of government, businesses, developers and community in envisioning open source's contribution to the IT industry and socio-economy.

Positioned as International forum for sharing and exchanging ideas on technical advancements, applications, development and business cases on open source, and its positive impact in meeting challenges of the current economic climate.

Organised by MSC Malaysia in cooperation with the Malaysian Administrative Modernisation and Management Planning Unit (MAMPU), the annual MSC Malaysia OSCONF is also supported by the Malaysian Open Source community. This event complements the annual Malaysian Government Open Source Software Conference (MyGOSSCON) as the premier platform for all things Open Source in Malaysia.

With 3 DAYS, 3 TRACKS, 1 HACKATHON are in store for everyone who attend this conference. In addition, we have renowned speakers from prime Open Source Enterprises which are Mozilla, Google and Red Hat to name a few and also not forgeting from the developer community - Ubuntu, BSD, Fedora, PHPs, etc

Come join us at the MSC Malaysia Open Source Conference 2009! You'll be pleasantly surprised...

Who should attend?

Business executives from MSC Malaysia and Non-MSC Malaysia Status companies
Open Source developers, communities, inventors, evangelist, researchers, strategist
Government officers
Students, general public

Why you should attend?

Provide exposure and knowledge on the importance of Open Source in enhancing competitiveness by giving freedom of choice in software usage with lower total cost of ownership, hence benefiting businesses and society at large. Over 30 session tracks are made available.
Share amongst the open source community on new directions and latest innovations by the subject matter experts, thought leaders and industry gurus.
Provide a platform for conference participants to actively interact, share and exchange views, ideas, and tools on the latest trends and issues of Open Source.
Networking, learning and having great fun! Click here for more details

How to create a website statistic using AWSTATS

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Wed, 13 May 2009 03:45:00 +0000

This post is based on my experience on setup and configuring the Awstats. configuration. I'm installing it on my Ubuntu server 8.10.

Step 1

Access to AWSTATS server by using SSH protocol.

IP address: 192.168.19.50

loginname: awstats

password: ********

awstats@ubuntu:~$ type cd /var/www/awstats/tools/

Step 2

awstats@ubuntu:/var/www/awstats/tools$ type ls

awstats_buildstaticpages.pl awstats_updateall.pl maillogconvert.pl xslt

awstats_configure.pl httpd_conf urlaliasbuilder.pl

awstats_exportlib.pl logresolvemerge.pl webmin

Step 3

awstats@ubuntu:/var/www/awstats/tools$ sudo ./awstats_configure.pl

[sudo] password for awstats:

----- AWStats awstats_configure 1.0 (build 1.8) (c) Laurent Destailleur -----

This tool will help you to configure AWStats to analyze statistics for

one web server. You can try to use it to let it do all that is possible

in AWStats setup, however following the step by step manual setup

documentation (docs/index.html) is often a better idea. Above all if:

- You are not an administrator user,

- You want to analyze downloaded log files without web server,

- You want to analyze mail or ftp log files instead of web log files,

- You need to analyze load balanced servers log files,

- You want to 'understand' all possible ways to use AWStats...

Read the AWStats documentation (docs/index.html).

-----> Running OS detected: Linux, BSD or Unix

Warning: AWStats standard directory on Linux OS is '/usr/local/awstats'.

If you want to use standard directory, you should first move all content

of AWStats distribution from current directory:

/var/www/awstats

to standard directory:

/usr/local/awstats

And then, run configure.pl from this location.

Do you want to continue setup from this NON standard directory [yN] ? press y

-----> Check for web server install

Enter full config file path of your Web server.

Example: /etc/httpd/httpd.conf

Example: /usr/local/apache2/conf/httpd.conf

Example: c:\Program files\apache group\apache\conf\httpd.conf

Config file path ('none' to skip web server setup):

> type /etc/apache2/apache2.conf

-----> Check and complete web server config file '/etc/apache2/apache2.conf'

All AWStats directives are already present.

-----> Update model config file '/var/www/awstats/wwwroot/cgi-bin/awstats.model.conf'

File awstats.model.conf updated.

-----> Need to create a new config file ?

Do you want me to build a new AWStats config/profile

file (required if first install) [y/N] ? press y

-----> Define config file name to create

What is the name of your web site or profile analysis ?

Example: www.mysite.com

Example: demo

Your web site, virtual server or profile name:

> type the name of website or profile eg; lbjt,insken,bankrakyat etc..

-----> Define config file path

In which directory do you plan to store your config file(s) ?

Default: /etc/awstats

Directory path to store config file(s) (Enter for default):

> Just press Enter here

-----> Create config file '/etc/awstats/awstats.lbjt.conf'

Config file /etc/awstats/awstats.lbjt.conf created.

-----> Add update process inside a scheduler

Sorry, configure.pl does not support automatic add to cron yet.

You can do it manually by adding the following command to your cron:

/var/www/awstats/wwwroot/cgi-bin/awstats.pl -update -config=lbjt

Or if you have several config files and prefer having only one command:

/var/www/awstats/tools/awstats_updateall.pl now

Press ENTER to continue... Just press Enter here

A SIMPLE config file has been created: /etc/awstats/awstats.lbjt.conf

You should have a look inside to check and change manually main parameters.

You can then manually update your statistics for 'lbjt' with command:

> perl awstats.pl -update -config=lbjt

You can also read your statistics for 'lbjt' with URL:

> http://localhost/awstats/awstats.pl?config=lbjt

Press ENTER to finish... Just press Enter here

Step 4

awstats@ubuntu:/var/www/awstats/tools$ type sudo pico /etc/awstats/awstats.lbjt.conf

** To find the value that need to be edited as represent by the red colour below, simply press the “Page Down” button on the keyboard **

# If there are several log files from load balancing servers :

# Example: "/pathtotools/logresolvemerge.pl *.log |"

LogFile="/var/log/apache2/lbjt.skali.my-access_log" change to this from default “/var/log/httpd/mylog.log”

# LogFormat = 1

# LogFormat = "%host %other %logname %time1 %methodurl %code %bytesd %refererqu$

# Example for IIS:

# LogFormat = 2

LogFormat=4 change to this value from default “ 1 ”

# If analyzing mail log, enter here the domain name of mail server.

# Example: "myintranetserver"

# Example: "www.domain.com"

# Example: "ftp.domain.com"

# Example: "domain.com"

SiteDomain="lbjt" make sure this is value is entered

# Example: "/var/lib/awstats"

# Example: "../data"

# Example: "C:/awstats_data_dir"

# Default: "." (means same directory as awstats.pl)

DirData="/var/www/awstats" change to this from the default “/var/lib/awstats”

Step 4

awstats@ubuntu:/var/www/awstats/tools$ type sudo /var/www/awstats/wwwroot/cgi-bin/awstats.pl config=lbjt -update

Create/Update database for config "/etc/awstats/awstats.lbjt.conf" by AWStats version 6.9 (build 1.925)

From data in log file "/var/log/apache2/lbjt.skali.my-access_log"...

Phase 1 : First bypass old records, searching new record...

Searching new records from beginning of log file...

Phase 2 : Now process new records (Flush history on disk after 20000 hosts)...

Jumped lines in file: 0

Parsed lines in file: 1788

Found 0 dropped records,

Found 0 corrupted records,

Found 0 old records,

Found 1788 new qualified records.

awstats@ubuntu:/var/www/awstats/tools$

Step 5

Open browser using Internet Explorer or Mozilla FireFox. At the URL address type the below address;

http://192.168.19.50/awstats/awstats.pl?config=lbjt and the web page as below will be displayed and your awstats configuration is successful. Replace the lbjt name with other website profile. Let say if you are creating a profile for Bank Rakyat, then type, bankrakyat after config= (eg; config=bankrakyat) and so on for other profile.

PFSense: Basic Installation Tutorial for Dummies Like Me :-)

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Wed, 15 Apr 2009 06:28:00 +0000

Taken from PFSense website :-)

Welcome to the home page of the pfSense project!

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices.

This project started in 2004 as a fork of the m0n0wall project, but focused towards full PC installations rather than the embedded hardware focus of m0n0wall. pfSense also offers an embedded image for Compact Flash based installations, however it is not our primary focus.

Click here for details

This simple tutorial is based on my experience. This software is awesome with a lot of features in it. The main reason I'm installing this software is for creating a Squid proxy server. Since this software have a lot of add-on so why not I'm trying to install it. Actually, I had installed this PFSense in my SUN VirtualBox. On the moment I'm posting this post, I'm using the latest PFSense version 1.2.2. To download the software click here

Configure Console > Choose "Change Video Font (Default)"

Select Task > Choose "Install pfSense"

Select Disk > Select your desired disk, default is "ad0"

Select Geometry > I didn't change anything here, just proceed with the default, "choose Use this Geometry"

ABOUT TO FORMAT! Proceed? > Verified it first and then "choose Format ad0"

Partition Disk? > Read this first and choose Partition Disk if you satisfied :)

Edit Partitions > I'm using this default and choose Accept and Create

Partitions Anyway? > "Choose Yes, partition ad0"

Information > The disk was successfully partitioned, ahaaaa OK

Select Partition > Select the primary partition, I choose 1:blablabla ;)

Are you SURE? Choose OK if you dare to format your disk

Information > Primary partition #1 was formatted.

Select Subpartitions > I'm just selecting the default as below. Choose Accept and Create

Executing Commands

Install Kernel > Choose Uniprocessor kernel (one processor) if your system has only one processor. But, if you installed it on server maybe you should choose Symmetric multi processing blablabla

Cancelled? What the heck? I dont know why this happen but I Retry it and it works!!! Yeaa!

Install Bootblocks > I don't want headache so, I just keep the default and choose Accept and Install Bootblocks

Information > Bootblocks were successfully installed

Reboot > Choose Reboot

Reboot, bip! bip! will hear the bip bip sound

Open up the web browser FireFox or IE. Enter the default PFSense IP Address, 192.168.1.1, Username: admin and Password: pfsense to get to the page as below

General Information

Time Server Information

Time Server Information, choose Timezone

Configure WAN interface, I'm using DHCP at first.

Contd..

Configure LAN Interface

Set Admin WebGUI Password

Reload, click Reload button

A reload is now in progress. Please wait but if unpatient click on PFSense icon :-P

System Overview page

Installing Firewall on Ubuntu using Lokkit

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Thu, 21 Aug 2008 11:12:00 +0000

I have searching on the Internet how to setup a my Ubuntu (8.04) machine as a firewall and I finally found a step that I need to do. Lokkit, yeah this is the firewall that I think suitable. What I need to do is to download it first to my Ubuntu machine, install and configure it as I need.

rootubuntu@myubuntu-vbox:~$ sudo apt-get install lokkit <---- type this command
[sudo] password for rootubuntu: type the root password, after that the below details will be displayed during the installation. (see below)
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
ipmasq
Recommended packages:
gnome-lokkit
The following NEW packages will be installed:
lokkit
0 upgraded, 1 newly installed, 0 to remove and 1 not upgraded.
Need to get 128kB of archives.
After this operation, 811kB of additional disk space will be used.
Get:1 http://my.archive.ubuntu.com hardy/universe lokkit 0.50.22-7.1ubuntu2 [128kB]
Fetched 128kB in 6s (20.6kB/s)
Selecting previously deselected package lokkit.
(Reading database ... 138076 files and directories currently installed.)
Unpacking lokkit (from .../lokkit_0.50.22-7.1ubuntu2_i386.deb) ...
Setting up lokkit (0.50.22-7.1ubuntu2) ...
You must use lokkit or gnome-lokkit to configure the firewall. -end of installation-

After installation of Lokkit is finished enter below command to run Lokkit
rootubuntu@myubuntu-vbox:~$ lokkit <---- type this command

ERROR - You must be root to run lokkit. why I got this message? because I'm not run it as a root. use sudo

rootubuntu@myubuntu-vbox:~$ whoami
rootubuntu
rootubuntu@myubuntu-vbox:~$ sudo lokkit
[sudo] password for rootubuntu: type the root password, then the Lokkit window will be pop-up as below.

Managing Veritas Cluster Server using command line

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Tue, 08 Jul 2008 12:32:00 +0000

Instead of using GUI (graphical user interface) to managing the VCS, user can also use command line too. As I am new to VCS, there is a few command that I know to monitor the status of VCS and switching the server services to another server.

To run the VCS
[root@MY-BEDB01]#hagui

To check the status of VCS
[root@MY-BEDB01]#hastatus -sum

To check GAB (Global Atomic Broadcast) status
[root@MY-BEDB01]# gabconfig -a
GAB Port Memberships
===============================================================
Port a gen 625e07 membership 012
Port d gen 625e08 membership 01
Port d gen 625e08 visible ; 2
Port h gen 625e0a membership 012

To check LLT (Low Latency Transport) connection
[root@MY-BEDB01]# lltstat -vvn

Managing Veritas Cluster Server in Unix

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Tue, 08 Jul 2008 11:17:00 +0000

I was be given a task and responsibility to handling a Veritas Cluster Server (VCS) at my site office. Honestly, I didn't know what is VCS. I have heard it name before and I really don't care what it is. After this time come, I'm doing a reseacrh to know what is VCS. It is about High-Availability clustering and (also known as HA). From my simple understand, VCS providing the availability of application to run without any problem as it is mirroring or duplicating what server A has to server B and this help a lot to reduce and avoid downtime. If I'm wrong, please guide me. :-) This is what i have done to managing the VCS.

1) Login to my Solaris 9 server using X-Manager Software

2) To run the VCS, type #hagui

3) Veritas Cluster Server windows will be displayed

4) Enter the username and password for VCS.

5) VCS is in progress to be shown

6) Successfully login into the VCS interface.

7) Displaying the AppService that is listed in Application Server

8) Displaying the OracleService that is listed in Application Server

9) Switching the AppService from Application server to Fail Over server. To do this, right click on the AppService > click Switch To menu > click on the desired Fail Over server.

10) User will be prompted to proceed switch the AppServer to the Fail Over server.

11) After AppServer is switching to the Fail Over server, VCS will show that the Application Server state is Partial Online. It is normal when the switching process is in progress.

12) To check the status of the switching process by using a command line, type #hastatus -sum in the console and the below result will be displayed. It will show that AppService at befo01 (stands for Fail Over server) is in STARTING|PARTIAL state. It means that the AppService is in process to start running in Fail Over server.

13) Finally, the AppService is running at the Fail Over server. See at the Group Status On Member System. befo01 is in Online state. Now, AppService is running at the Fail Over server.

14) To check the status of the switching process by using a command line, type #hastatus -sum in the console and the below result will be displayed.

XAMPP: Error 1! Couldn't start Apache!

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Sun, 07 Oct 2007 02:45:00 +0000

Oppsss, I got this error message when I tried to edit the SSL certificate in XAMPP on my application server. Honestly, it makes me panic! Know what, I can't running the Apache services. When I tried to run the command it shows an error like this

[root@pknp ~]# /opt/lampp/lampp start
Starting XAMPP for Linux 1.5.3a...
XAMPP: Starting Apache with SSL (and PHP5)...
XAMPP: Error 1! Couldn't start Apache!
XAMPP: Starting diagnose...
XAMPP: Sorry, I've no idea what's going wrong.
XAMPP: Please contact our forum http://www.apachefriends.org/f/

I'm searching on the Internet and exactly I've found it from XAMPP website. It said that I need to type the below command:

[root@mybox ~]#tail -2 /opt/lampp/logs/error_log and then it shows what is the type of error

[root@pknp ~]# tail -2 /opt/lampp/logs/error_log
[Sun Oct 07 10:11:52 2007] [error] Unable to configure RSA server private key
[Sun Oct 07 10:11:52 2007] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

As I expect earlier, it is caused by the SSL editing. I didn't know how this thing happen.
Maybe there is some misconfigration or the XAMPP version compatibility. When i write this post, I'm using XAMPP for Linux 1.5.3a while the new version is available, XAMPP Linux 1.6.3b. After a few attempt to start the Apache in XAMPP is fail, I was thinking how stupid am I not backup the original certificates files. Now the things come worst. But, I was thinking, Hey, I've got another server (database) that also using XAMPP. Why not I copy that certificate file in that server and replace it back to the original state of my application server.
Fortunately, I still didn't make any configuration to that database server. So, I just copy the files (server.crt and server.key) and replace it to on my application server.
The I tried to restart the XAMPP back and YESSS!!!! It back on track again. So, the moral is, please BACKUP your original file first before you are going to edit it.
If not, then it will become a nightmare for you. :-P

Create A Self-signed SSL Certificate in XAMPP

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Fri, 05 Oct 2007 03:54:00 +0000

I have added a plugins for my webmail (Squirrelmail).
It is Secure Login plugins.
This plugins enables a secure HTTPS/SSL-encrypted connection
for my SquirrelMail login page. So, it can secure my email access.
As I'm using Apache in XAMPP, the generated SSL certificate are using the default setting.
When I view the certificate, it show's a default XAMPP Apache setting like below :

Issued To
Common Name (CN)           localhost
Organization (O)               Apache Friends
Organization Unit (OU)
Serial Number                   00

Issued By
Common Name (CN)           localhost
Organization (O)               Apache Friends
Organization Unit (OU)

So, to create my own self-signed SSL certificate, I need to edit the certain file make a few tuning. So that, the certificate will be no longer using a default XAMPP setting.

1. Open a terminal/console at local or do it remotely through SSH access

2. The first thing that need to do is, create a RSA Private Key by using the below command.

[root@mybox ~]#openssl genrsa -des3 -out server.key 1024

Generating RSA private key, 1024 bit long modulus
.........................................................++++++
........++++++
e is 65537 (0x10001)
Enter PEM pass phrase: enter the desired pass phrase
Verifying password - Enter PEM pass phrase: same as a above

3. The next step is to create a Certificate Signing Request (CSR). CSR is a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate. User will be prompt to enter an information that related to CSR certificate. To create a CSR, enter the below command.

[root@mybox ~]#openssl req -new -key server.key -out server.csr

Country Name (2 letter code) [GB]:type your 2 letter country code
State or Province Name (full name) [Berkshire]:type your state or province name
Locality Name (eg, city) [Newbury]:type your city name
Organization Name (eg, company) [My Company Ltd]:type your company name
Organizational Unit Name (eg, section) []:type your department
Common Name (eg, your name or your server's hostname) []:type your server hostname
Email Address []:type your email address
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:type your password
An optional company name []:type your company name

4. The next step is to remove the passphrase key. It is because if you enable the passphrase, Apache will ask for the pass-phrase each time the web server is started. It will be a problem if the server is restarted as the user always need to type the passphrase. The below command will remove the passphrase.

[root@mybox ~]#cp server.key server.key.org
[root@mybox ~]#openssl rsa -in server.key.org -out server.key

5. To generating a Self-Signed Certificate, enter the below command. As this certificate is not verified by Certificate Authority such as Thawte or Verisign, your browser will notice an error inform you that the signing certificate authority is unknown and not trusted. Bear in mind that this is self-signed certificate. So, you should ignore that error message.

[root@mybox ~]#openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

6. Installing the Private Key and Certificate is simple. All you need to do is to know where are your XAMPP Apache directory. I assume that, we are using the default XAMPP directory, /opt/lampp. So, copy the two below files, ssl.crt and ssl.key to the XAMPP directory.

[root@mybox ~]#cp server.crt /opt/lampp/etc/ssl.crt
[root@mybox ~]#cp server.key /opt/lampp/etc/ssl.key/server.key

When you are being asked to overwritten the file, just type yes and hit Enter.

7. Restart Apache and test to access your site. Check the certificate and make sure the information that you have insert is correct.

8. Finish! Your configuration is done. Good luck :-)

Linux Intrusion Discovery

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Mon, 17 Sep 2007 02:53:00 +0000

THIS GUIDE IS TAKEN FROM SANS INSTITUTE

Purpose
System Administrators are often on the front lines of computer security. This guide aims to support System Administrators in finding indications of a system compromise.

What to use this sheet for
On a periodic basis (daily, weekly, or each time you
logon to a system you manage,) run through these
quick steps to look for anomalous behavior that
might be caused by a computer intrusion. Each of
these commands runs locally on a system.
This sheet is split into these sections:
• Unusual Processes
• Unusual Files
• Unusual Network Usage
• Unusual Scheduled Tasks
• Unusual Accounts
• Unusual Log Entries
• Additional Supporting Tools

• Unusual Processes
Look for running processes:
# ps –aux
Get familiar with “normal” processes for the machine.
Look for unusual processes. Focus on processes with
root (UID 0) privileges.
If you spot a process that is unfamiliar, investigate
unusual processes, getting more detail using:
# lsof –p [pid]
This command shows all files and ports used by the
running process.

• Unusual Files
Look for unusual SUID root files:
# find / -uid 0 –perm -4000 –print
Requires knowledge of normal SUID files
Look for unusual large files (greater than 10
MegaBytes):
# find / -size +10000k –print
Requires knowledge of normal large files
Look for files named with dots and spaces:
(“...”, “.. “, “. “, and “ “)
# find / -name “...“ –print
# find / -name “.. “ –print
# find / -name “. “ –print

On a Linux machine with RPM installed (RedHat,
Mandrake, etc.), run the RPM tool to verify packages
# rpm –Va
Checks size, MD5 sum, permissions, type, owner, and
group of each file with information from RPM
database
Output includes:
S – File size differs
M – Mode differs (permissions)
5 – MD5 sum differs
D – Device number mismatch
L – readLink path mismatch
U – user ownership differs
G – group ownership differs
T – modification time differs
Pay special attention to changes associated with
items in /sbin, /bin, /usr/sbin, and /usr/bin

• Unusual Network Usage
Look for promiscuous mode, which might indicate a
sniffer:
# ip link | grep PROMISC
Note that ifconfig doesn’t work reliably for detecting
promiscuous mode on Linux kernel 2.4

Look for unusual port listeners:
# lsof –i
# netstat –nap
Need to know which TCP and UDP ports are
normally listening on your system and look for
deviations from the norm

Look for unusual ARP entries, mapping IP address to
MAC addresses that aren’t correct for the LAN:
# arp –a
Requires detailed knowledge of what is supposed to
be on the LAN

• Unusual Scheduled Tasks
Look for cron jobs scheduled by root and any other
UID 0 accounts:
# crontab –u root –l
Look for unusual system-wide cron jobs:
# cat /etc/crontab

• Unusual Accounts
Look in /etc/passwd for new accounts, especially
with UID 0 or GID 0
# less /etc/passwd
# grep :0: /etc/passwd
Normal accounts will be there, but look for new,
unexpected accounts

• Unusual Log Entries
Look through your system log files for suspicious
events, including:
Promiscuous mode
“entered promiscuous mode”
Large number of authentication or login
failures from either local or remote access
tools (e.g., telnetd, sshd, etc.)
Remote Procedure Call (rpc) programs with a
log entry that includes a large number (> 20)
strange characters (-^PM-^PM-^PM-^PM-
^PM-^PM-^PM-^PM)
For web servers: Large number of Apache
logs saying “error”

• Additional Supporting Tools
The following tools are often not built into
Linux operating system, but can be used to
analyze its security status in more detail.
Each is available for free download at the
listed web site.
Chkrootkit looks for anomalies on systems
introduced by user-mode and kernel-mode
RootKits
www.chkrootkit.org - free
Tripwire looks for changes to critical system
files
www.tripwire.org - free for Linux for noncommercial
use
AIDE looks for changes to critical system files
http://www.cs.tut.fi/~rammer/aide.html

How to change network setting in Linux

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Wed, 22 Aug 2007 05:16:00 +0000

I'm having a problem to access to my desktop using GUI. So, I decided to use command in console. I would like to share with people especially newbies how to configure Linux network using a command prompt based on my experience.

1. [root@localhost ~]#ifconfig eth0 172.20.30.30 netmask 255.255.255.0 up
2. [root@localhost ~]#route add default gw 172.20.30.254

How to disabling the Ctrl+Alt+Delete in Linux console

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Mon, 13 Aug 2007 01:30:00 +0000

As usual, I'm coming to office and entering the server room and login to the portal to check in for my attendance system. But all of the sudden, the server is restart!!!! Oh my god! I was accidentally press the Ctrl+Alt+Delete!!! What I have done? Than, I tried to fix the problem. The solution that I can do is I need to disable the Ctrl+Alt+Delete key. I'm afraid that if anyone that accidentally press that key than everything will be horror. To disable that key is quiet simple actually. Below are the steps that I have done.

1. Backup the original etc/inittab file and named it as a inittab.ori
[root@localhost ~]# cp /etc/inittab /root/Desktop/backup/inittab.ori

2. Edit the original file in /etc/inittab
[root@localhost ~]#vi /etc/inittab

3. Find the the # Trap CTRL-ALT-DELETE line
You can see that there is a file that exactly look like this
ca::ctrlaltdel:/sbin/shutdown -t3 -r now

4. Now edit that line such below
ca:12345:ctrlaltdel:/bin/echo "CTRL-ALT-DEL is disabled"

5. Save the file that you have edit and quit from VI

6. In order to activate the changes, you need to run this command
[root@localhost ~]# init q

7. After that to make sure it is effective or not, try to press the Ctrl+Alt+Del key. Your screen should appear "CTRL-ALT-DEL is disabled"

8. Done :-)

Installing Internet Explorer on Fedora Core 6

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Tue, 01 May 2007 21:06:00 +0000

After installing Fedora Core 6 on my notebook, i was thinking and curious to try to install Internet Explorer on this distro to see how it works. To make it happen, all we need to do is to get wine and and cabextract file. To get this two files, we need to use yum to download both of it.

1. Open Terminal, make sure you are root. Type : yum -y install wine*

2. Finish downloading installing wine files

3. After installing the wine, the next step is to yum the cabextract. Type the command : yum -y install cabextract

4. Get the ie4slinux file using wget command.
wget http://www.tatanka.com.br/ies4linux/downloads/ies4linux-latest.tar.gz

5. Then, untar the ies4linux-latest.tar.gz file using this command : tar zxvf ies4linux-latest.tar.gz

6. You will be asked a few question regarding the Internet Explorer installation. Just follow the instruction.

7. The related file will be downloaded and the installation will be run automatically.

8. There should be no problem at all when you are reaching this step unless in a certain situation you are facing problem. Thank god, the installation is finish.... :-) After this step, what you need to do is type this command : ie6 and hit Enter

9. Finally, the Internet Explorer is on your Linux distro. The congratulation page will be appear to tell that your installation are successful. There are also a Internet Explorer icon at your desktop. Just click it to use it.

10. The Internet Options are still like on Windows. Surfing until die.... ;-p

Sick of viewing the too many Windows? Check this out

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Tue, 01 May 2007 20:16:00 +0000

When using GUI to open up a file, sometimes it will make you feel dizzy. Why? Because multiple windows will appear. Imagine, you just want to view httpd.conf file but on your desktop, there are many windows appear. All you need to do is just follow this very simple step :

1. Open Computer
2. Click on Edit > Preferences
3. Behavior > Choose Always open in browser windows > Close
4. Try to re-open back the directory
5. No multiple windows on your desktop anymore
6. Have a nice day!!! :-)

MAMPU-OSCC (Open Source Competency Centre)

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Thu, 19 Apr 2007 14:25:00 +0000

What is OSCC ?

OSCC is stand for Open Source Competency Centre and it is a part of MAMPU (Malaysia Administration and Modenisation Planning Unit). MAMPU is one of the government agency under Malaysia government. OSCC are providing a services that based on a Open Source. It is responsible to make an implementation of open source software in a government sector. OSSC are offering a lot of benefits to civil servant that working especially in a IT field. One of the best thing is they are offering a FREE fees training cost. :-) If you seat for Linux Fundamental training at the any training provider, at least you need to spend RM thousand. But, at OSCC you don't need to think about fees.

Me At OSCC

I'm one of the lucky person i guess chosen to attend the Linux Fundamental courses at OSCC on 17 April - 18 April 2007. It is not easy to be invited because there are so many government staff out there waiting for their turn. The two days course give a lot of information to the trainee, meet new friends and so on. The facilities are good, with the HP Compaq dc7700 CMT and powered by Ubuntu 7.04 64bit (Feisty Fawn), it is a very good experience and exposure for me to improve my skills and knowledge.

MC - Midnight Commander

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Wed, 18 Apr 2007 02:04:00 +0000

What is Midnight Commander?

DESCRIPTION
GNU Midnight Commander is a directory browser/file manager for Unix-like operating systems.

I'm learning something new during my training at OSCC. It is Midnight Commander a Linux file browser. Basically, it seems like Windows Explorer but the interface is less icon and less graphical look compared to Windows Explorer. To use MC, you can just use the given function key F1 until F9. Even, it's more to command line look, user still can use mouse to use it. Easy huh? Really2 easy la i can say. :)

Install MC if it is not installed yet on your machine. How to install? It's simple. I'm using Ubuntu when I'm write this post.

GUI installation
System > Administration > Synaptic Package Manager > Search type MC > Double click MC > Install

Command line installation
root@training20-desktop:/home# apt-get install mc

DONE!

My Linux server won't display anything!

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Sat, 14 Apr 2007 10:20:00 +0000

I'm back on my duty after a week spending my time to prepared for my examination. I was shock when i see there's no display appear at my Linux server monitor. Where did the desktop go?? I have experienced this things but the thing i do is just reboot the server. [root@db~]# init 6 then everthing is back on normal. But this time i will never ever doing that way. I will try to find how can i fix such problem and yes Internet are the most total solution for you.

1. I try to ping my webserver from db server and it's alive
2. SSH to my webserver using root account
3. Enter this command
[root@apps ~]# ps aux | grep 'cat /tmp/.X0-lock'
4. Then it appear such message
root 4856 0.0 0.0 3912 692 pts/4 S+ 11:44 0:00 grep cat /tmp.x0-lock
5. Enter this command
[root@apps ~]# start --x:1
6. And the display on my webserver is back again!

ProZilla for Linux

Ir.m4nxkurx5@gmail.com (imshahmemyselfandi) — Sat, 14 Apr 2007 09:12:00 +0000

ProZilla - Linux File Download Accelarator

I was searching on the net and found this software. Great! It's for Linux. So, i have install it on my Linux server. I'm using yum to install it. After the installation is finished, then i try to use this software. See what this download accelerator can do. There are no complex configuration that you need to do. All you need to do, is just enter a few easy command based on the given manual on ProZilla website. I'm using a command line base ProZilla . There are also another ProZilla version that called ProzGUI. This type of ProZilla are using graphical interface. For me, i do prefer use command line as it can improve my skills on mastering the command line. I have tried to remotely (SSH) download the AVG 7.5 from Grisoft (avg75free_446a991.exe) using ProZilla.

ProZilla Usage

1. Open a linux terminal

2. Enter this syntax : proz See the example below

[root@localhost ~]# proz http://free.grisoft.com/softw/70free/setup/avg75free_446a991.exe

3. Press Enter and then the file will be downloaded to your machine. The below screen shows
how the download accelarator works.

This below are the ProZilla information on my server

[root@localhost ~]# rpm -qi prozilla
Name : prozilla Relocations: (not relocatable)
Version : 2.0.4 Vendor: Fedora Project
Release : 7.fc5 Build Date: Tue 02 Jan 2007 07:28:32 AM MYT
Install Date: Fri 30 Mar 2007 04:37:15 PM MYT Build Host: hammer2.fedora.redhat.com
Group : Applications/Internet Source RPM: prozilla-2.0.4-7.fc5.src.rpm
Size : 297098 License: GPL
Signature : DSA/SHA1, Thu 04 Jan 2007 04:49:46 PM MYT, Key ID 82ed95041ac70ce6
Packager : Fedora Project
URL : http://prozilla.genesys.ro/
Summary : Advanced Linux download manager
Description :
ProZilla is a download accellerator program written for Linux to speed
up the normal file download process. It often gives speed increases of
around 200% to 300%. It supports both FTP and HTTP protocols, and the
theory behind it is very simple.

The program opens multiple connections to a server, and each of the
connections downloads a part of the file, thus defeating existing
internet congestion prevention methods which slow down a single
connection based download.

ProZilla also supports file download resuming, and ftpsearch for
fastest ping times.