See Open Ports in a Linux PC ( Localhost/Remote Machine)

  November 27, 2014 Raaz   , , , , , , , , , , ,   No comments   Edit
I am writing a small post that will help you just to see what ports are open in  a particular remote/local machine.

we are going to use tool name as nc.

To install it , open your terminal and type as

 # yum install nc



                              After installing , you can use it with

nc -zv xxx.xxx.xxx.xxx <Port>

                                           for example:

nc -zv 192.168.1.100 80

                                          if you want to do that for 2-3 ports

nc -zv 192.168.1.100 80 8009

                                            if you want to do scanning for range of ports

nc -zv 192,168.1.100 80-8080


hope it will help you.

THANK YOU


Tutorial on .htpasswd and .htaccess with apache(httpd) in Linux

  November 16, 2014 Raaz   , , , , , , , , , , , , , ,   No comments   Edit
If there is a situation that have to dealt with like a public website but with some secret information.
How can we protect the information ? .

We can use .htpasswd and .htaccess in that time.

How  ? Lets see................

Open your terminal and type as

                        vim /etc/httpd/conf/httpd.conf

and find line no : 334 to 338. This is the area of httpd.conf that dealt with .htaccess

    334 # AllowOverride controls what directives may be placed in .htaccess files.
    335 # It can be "All", "None", or any combination of the keywords:
    336 #   Options FileInfo AuthConfig Limit
    337 #
    338     AllowOverride AuthConfig
 

Now look at line no 338 , before modifying it will look like

                     AllowOverride None

You have to modify it to

                     AllowOverride AuthConfig

Now make sure that if you have some website and VirtualHost configuration of that website is successfully completed.



For my case that website is website1.com and now open your terminal and type as

                   #  vim /var/www/html/website1/protected/.htaccess

Then Write below lines

                   AuthUserFile /var/www/html/website1/protected/.htpasswd
                   AuthType basic
                   AuthName " My Personal Files"
                   Require valid-user

So what they means , here we go.....

AuthUserFile  : This is the path of .htpasswd file. Make sure you are giving proper path. If you give wrong path , it wont allow to login. Dont panic we are admins , we can make it solve by giving proper path.

AuthType : The AuthType directive selects that method that is used to authenticate the user. The most common method is Basic, and this is the method implemented by mod_auth_basic. It is important to be aware, however, that Basic authentication sends the password from the client to the server unencrypted. This method should therefore not be used for highly sensitive data, unless accompanied by mod_ssl. Apache supports one other authentication method: AuthType Digest. This method is implemented by mod_auth_digest and was intended to be more secure. This is no longer the case and the connection should be encrypted with mod_ssl instead.

AuthName : So AuthName can be anything , its the name get displayed on that password window.

Require : So this is to define to whom we have to allow to access.

For Example :

Require valid-user  # means only the valid user who are in .htpasswd file
Require raja raaz # means among the users of .htpasswd file allow only raja and raaz

But

Require valid-user raja is wrong way of usage because if you give so it doesnt make any sense.

I hope that explanation is fine. Now save and close that file and now we are going to create users for it.

# htpasswd -c /var/www/html/website1/protected/.htpasswd raja  Password

Location of htpasswd file is completely upto you but .htaccess must be inside of protected directory which intended to be protected.

To add one more user you can use this command
# htpasswd  /var/www/html/website1/protected/.htpasswd raaz  Password

If you mentioned -c here then it will overwrite old .htpasswd file. So dont  mention -c while adding one more user.
Now raja is username and Password is password to access. This will store in  /var/www/html/website1/protected/.htpasswd location. After you added user.

You can try. Just try to access  website1.com/protected in your browser and it will ask you username and password and only allowed are able to access those content.

Hope it helps.

In case of any queries please let me know.


References:

http://www.colostate.edu/~ric/htpass.html
http://www.anchor.com.au/hosting/support/password_protection_using_htaccess
http://www.seas.upenn.edu/cets/answers/auth-htpasswd.html
http://httpd.apache.org/docs/2.2/howto/auth.html


 Thank you

Make the system Time Zone persistent across REBOOT in Linux

  November 14, 2014   , , , , , , , ,   No comments   Edit
Hi Guys!
Are tou tired of fixing the Time Zone across reboot in your Linux box..?  Here are three simple steps for you to fix the issue.
In this example we are fixing the time zone to IST. Similarly you can set it to any Time Zone of your choice.

Step:1 Set the hardware clock to IST time zone
# ln -sf /usr/share/zoneinfo/Asia/Calcutta /etc/localtime

Step:2 Verify the hardware clock is set to IST properly
# hwclock --show

Step:3 Verify the date and time also if necessary
# date

What if the system time is wrong..? Then follow Steps 4 to 7

Step;4 Correct system time
# date -s "Tue 26 Apr 2016 19:36:00"

Step:5 Sync system time to hardware clock time
# hwclock --systohc --localtime

Step:6 Verify hardware clock time
# hwclock --show

Step:7 Verify system time
# date

Result of Step:6 & 7 must be same.

Thank You!

How To do Software RAID using mdadm in CentOS

  November 10, 2014 Raaz   , , , , , , , , , , ,   1 comment   Edit

Today I am writing about how to create Software RAID. Creating Software RAID is pretty easy. All we need either 3 equal size partitions on different harddisks or 3 equal size harddisks.
        In my approach , I am doing this in VmWare by choosing 3 virtual harddisks with equal 1 GB             Size. Our first step is we need to make those harddisks as ready for RAID.

        In your terminal type as

          # fdisk -l
       To see available partitions and then try to create RAID partitions in that.

        If We assume my 3 harddisks as /dev/sdb,/dev/sdc,/dev/sdd then in your terminal

          # fdisk /dev/sdb

        Then
       
         [root@ns1 sysadmin]# fdisk /dev/sdb
WARNING: DOS-compatible mode is deprecated. It's strongly recommended to
         switch off the mode (command 'c') and change display units to
         sectors (command 'u').
Command (m for help): m
Command action
   a   toggle a bootable flag
   b   edit bsd disklabel
   c   toggle the dos compatibility flag
   d   delete a partition
   l   list known partition types
   m   print this menu
   n   add a new partition
   o   create a new empty DOS partition table
   p   print the partition table
   q   quit without saving changes
   s   create a new empty Sun disklabel
   t   change a partition's system id
   u   change display/entry units
   v   verify the partition table
   w   write table to disk and exit
   x   extra functionality (experts only)
Command (m for help): n
          I am selecting new partition here as primary with default size ,( all my 3 VHDS having same size)
Command action
   e   extended
   p   primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-130, default 1): 
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-130, default 130): 
Using default value 130
Now we have to change Partition type to RAID , so

Command (m for help): t
Selected partition 1
Hex code (type L to list codes):  fd ( fd for auto RAID)

Now just verify
Command (m for help): p
Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x8a6b2eca
   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1         130     1044193+  fd  Linux raid autodetect
All good , we can commit our changes.

Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.

Same as above do the same for /dev/sdc and /dev/sdd and then finally it will be like


[root@ns1 sysadmin]# fdisk -l
Disk /dev/sda: 21.5 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00092c9c
   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          64      512000   83  Linux
Partition 1 does not end on cylinder boundary.
/dev/sda2              64        2611    20458496   8e  Linux LVM
Disk /dev/sdb: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x8a6b2eca
   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1         130     1044193+  fd  Linux raid autodetect
Disk /dev/sdc: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x6429c3f4
   Device Boot      Start         End      Blocks   Id  System
/dev/sdc1               1         130     1044193+  fd  Linux raid autodetect
Disk /dev/sdd: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xe883f58a
   Device Boot      Start         End      Blocks   Id  System
/dev/sdd1               1         130     1044193+  fd  Linux raid autodetect
Disk /dev/mapper/VolGroup-lv_root: 18.9 GB, 18865979392 bytes
255 heads, 63 sectors/track, 2293 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000

Disk /dev/mapper/VolGroup-lv_swap: 2080 MB, 2080374784 bytes
255 heads, 63 sectors/track, 252 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Now we have to create RAID, Here I am choosing RAID 5 which needs minimum 3 RAID Harddisks

[root@ns1 sysadmin]# mdadm --create /dev/md0 --level=5 --raid-devices=3 /dev/sdb1 /dev/sdc1 /dev/sdd1
mdadm: Defaulting to version 1.2 metadata
mdadm: array /dev/md0 started.
RAID 5 Created. --level indicates RAID level and after number and name of the devices.

To see your RAID Information execute this command

[root@ns1 sysadmin]# mdadm --detail /dev/md0
/dev/md0:
        Version : 1.2
  Creation Time : Tue Nov 11 00:05:20 2014
     Raid Level : raid5
     Array Size : 2086912 (2038.34 MiB 2137.00 MB)
  Used Dev Size : 1043456 (1019.17 MiB 1068.50 MB)
   Raid Devices : 3
  Total Devices : 3
    Persistence : Superblock is persistent
    Update Time : Tue Nov 11 00:05:26 2014
          State : clean
 Active Devices : 3
Working Devices : 3
 Failed Devices : 0
  Spare Devices : 0
         Layout : left-symmetric
     Chunk Size : 512K
           Name : ns1.example.com:0  (local to host ns1.example.com)
           UUID : af2998ef:acc6cb1e:feb832f1:7f9b2f1b
         Events : 18
    Number   Major   Minor   RaidDevice State
       0       8       17        0      active sync   /dev/sdb1
       1       8       33        1      active sync   /dev/sdc1
       3       8       49        2      active sync   /dev/sdd1
Then we have to save our RAID Configuration.

In CentOS configuration file : /etc/mdadm.conf
In Debain baed /etc/mdadm/mdadm.conf

So save the configuration with

[root@ns1 sysadmin]# mdadm --detail --scan
ARRAY /dev/md0 metadata=1.2 name=ns1.example.com:0 UUID=af2998ef:acc6cb1e:feb832f1:7f9b2f1b
[root@ns1 sysadmin]# mdadm --detail --scan > /etc/mdadm.conf
[root@ns1 sysadmin]# 

if you want to see stats of your RAID

[root@ns1 sysadmin]# cat /proc/mdstat
Personalities : [raid6] [raid5] [raid4] 
md0 : active raid5 sdd1[3] sdc1[1] sdb1[0]
      2086912 blocks super 1.2 level 5, 512k chunk, algorithm 2 [3/3] [UUU]

To set any RAID Disk as failed/faulty

# mdadm --fail /dev/md0 /dev/sdb1

To Remove any Disk from RAID

# mdamd --remove /dev/md0 /dev/sdb1

To add new disk

# mdadm --add /dev/md0 /dev/sdb1

If harddisk/partition has taken from another RAID , to flush all data in it before using into a new RAID

# mdadm --zero-superblock  /dev/sda1

Stop a Running RAID

# mdadm --stop /dev/md0

and to start

# mdadm --run /dev/md0 

Its supposed to run but with research i have done it wont run/start.

To start it we have to do like assembling again

# mdadm --assemble /dev/md0 /dev/sda1 /dev/sdb1 /dev/sdc1 

If you UUID of /dev/md0 it will be more easier and perfect.

# mdadm --assemble --scan --uuid=af2998ef:acc6cb1e:feb832f1:7f9b2f1b


Source:

http://www.devil-linux.org/documentation/1.0.x/ch01s05.html
https://raid.wiki.kernel.org/index.php/RAID_setup










VSFTPD - Passive mode port configuration

  November 06, 2014 Raaz   , , , , , , , , , , , , ,   No comments   Edit
If your FTP got configured in Passive mode then to allow data transfers , you must to this.


##########/etc/vsftpd/vsftpd.conf################3

pasv_min_port=49152
pasv_max_port=65534

#############/etc/sysconfig/iptables-config##############

IPTABLES_MODULES="ip_conntrack_ftp"

Virtual Hosts in Apache -Linux

  November 06, 2014 Raaz   , , , , , , , , ,   No comments   Edit

############################
Listen 192.168.56.150:80
Listen 192.168.56.151:81
############################

So above two lines are stands for IP based virtual hosting and as well as Port based Virtual Host.

The virtual Host which listens to the 1st IP will browse throughh port 80 but other will listens and browse through port 81 only.

Now We have to configure Virtual Hosts

#########################################
<VirtulHost 192.168.56.150:80>
    ServerAdmin root@localhost
    DocumentRoot /var/www/website1.com
    ServerName website1.com
    ServerAlias www.website1.com
    ErrorLog logs/www.website1.com_error.log
    CustomLog logs/www.website1.com_custom.log
</VirtualHost>
###########################################

###########################################
<VirtualHost 192.168.56.151:81>
    ServerAdmin root@localhost
    DocumentRoot /var/www/website2.com
    ServerName website2.com
    ServerAlias www.website2.com
    ErrorLog log/website2.com_error.log
    CustomLog log/webiste2.com_custom.log
############################################


Note: If you dont have your DNS Server then you can make some entries like below in your /etc/hosts file
########################
# vi /etc/hosts

192.168.56.150 website1.com
192.168.56.150 www.website1.com
192.168.56.151 website2.com
192.168.56.151 www.website2.com

###############################

So Name resolution can be done.


While I am doing

##############################

# service httpd restart

##############################

I am getting error like
###########
Starting httpd: [Wed Nov 19 01:17:25 2014] [warn] VirtualHost website1.com:80 overlaps with VirtualHost userinfo.com:80, the first has precedence, perhaps you need a NameVirtualHost directive
###########

Its because I am doing name based virtual hosting with one common IP, So we have to add that IP for name based virtualhosting with a line in /etc/httpd/conf/httpd.conf

######################
NameVirtualHost XXX.XXX.XXX.XXX:PORT
######################

Then save and restart with
######################

# service httpd restart

######################

and I am sure it will be fine.



Rename Database in MySQL

  November 04, 2014 Raaz   , , , , ,   No comments   Edit
Today I am writing about how to rename MySQL Database.

So If you want to rename a database in MySQL dont forget taking backup of your Views,Procedures and Functions of current database. Because while you renaming changes wont apply for Views,Procedures and functions.

After you have taken the backup , We can go for renaming with the command below.

RENAME TABLE old_db.table TO new_db.table;
Here old_db is your old database name and new_db is your new database name. You have to execute this command for each table. And this is the way.

But what if we have a big database with 1000 tables ? executing the same above command for 1000 times is a stupid idea.

If you are using Linux you can use following BASH script to do that for you

for table in $(mysql -p -s -N -e "show tables from db1"); do mysql -s -N -e "rename table db1.$table to db2.$table"; done;

db1 is your old database name and db2 is your new database name and remaining everything will tool care by script only except giving password.:P

After executing the command successfully without any errors , you must have to restore that backup of Views,Proc's and Functions.

Errors: I have got one error with triggering. Generally some tables have triggers. So you copy the code of triggers and then delete those triggers. Then try to rename the table again.

After it got successful , just recreate the triggers for the same tables in new database.

I have done this trigger creation in MYSQL Workbench.

If you want to backup only Functions and not data of database then you can use this command
mysqldump --routines --no-create-info --no-data --no-create-db --skip-opt  <database> > outputfile.sql
Here : 

--routines                 =       for including routines ( views,functions,procedures)
--no-create-info       =       Do not write CREATE TABLE statements that re-create each dumped
                              table.
--no-data                  =        Do not write any row information for the table. This is very useful
                        if you want to get a dump of only the structure for a table.
 --no-create-db         =        This option suppresses the CREATE DATABASE /*!32312 IF NOT EXISTS*/
                        db_name statements that are otherwise included in the output if the
                        --databases or --all-databases option is given.
--skip-out        = --opt
                    This option is shorthand; it is the same as specifying
                    --add-drop-table --add-locks --create-options --disable-keys
                    --extended-insert --lock-tables --quick --set-charset. It should
                    give you a fast dump operation and produce a dump file that can be
                    reloaded into a MySQL server quickly.  As of MySQL 4.1, --opt is on
                    by default, but can be disabled with --skip-opt. To disable only
                    certain of the options enabled by --opt, use their --skip forms; for
                    example, --skip-add-drop-table or --skip-quick.




Famous SELinux Contexts

  November 03, 2014 Raaz   , , , , , , ,   No comments   Edit
1. httpd SELinux context

                                        chcon -v --type=httpd_sys_content_t /path/to/dir

2.httpd SELinux context

                   chcon -Rv --type=httpd_sys_content_t /path/to/dir

3. Restore old/default context

                   restorecon -Rv -n /var/www/html


                    ;  -n switch to prevent any relabelling occurring.
4. Changing default port for services permitted SELinux

                                     #  semanage port -l
                    # semanage port -a -t http_port_t -p tcp 81
5. For Nagios

chcon -R -t httpd_sys_content_t /usr/local/nagios

        

  1st command to see what are the supported services. 2nd one changing default port for http service.



Note: Give me time to write them with proper explanation. 

More: http://wiki.centos.org/TipsAndTricks/SelinuxBooleans

How to set the primary IP address of a Windows Server 2008 R2

  November 01, 2014   , , , , ,   No comments   Edit
Hi All..!

Finally, today I got a solution for the problem continuously facing, whenever we add a new IP to our servers (Windows 2008 server), the primary IP address ( the default outgoing IP) is getting changed automatically which in turn causing lot many issues later.

Here is the solution.


This URL says that we need to install several patches, which is not mandatory for your servers as we already update the servers at the time of building them. So you can skip installing the patches and can proceed further as given below.

1) Open cmd with elevated privileges ( Run as Administrator) and add the ipaddress command-line instead of using GUI. Just run the following command in case if you are trying to add the IPADDRESS : 192.168.20.11 with SUBNETMASK: 255.255.255.0.

netsh int ipv4 add address "Local Area Connection" 192.168.20.11 255.255.255.0 skipassource=true

2) In our scenario why we are trying to add the additional IPaddress is as we need to host one more new HTTPS website we require a dedicated IP address that need to be binded with HTTPS domain. Once I added the ipaddress using the command given above, will add the ipaddress successfully and off-course it will not change the default outgoing IP address. You can also see the list of IP addresses assigned and their properties using the following command

netsh int ipv4 show ipaddresses level=verbose

Here, the problem comes,

When I go to IIS manager and tries to host the HTTPS site, in the "Site Bindings" section I was unable to find the IP address that I have added recently with the property skipassource=true. So what to do..?

Here is the solution...!

3) Download and install the following fix from microsoft.com and then add the IP address as explained in step:1 it works.


Subscribe to: Posts (Atom)