Archive for the ‘Linux’ Category

Hi,

2 easy commands to secure your Joomla site:

cd /var/www/somewebdir/
find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;

Yes, I know… My Joomla site is very old. In this article I will write down all my migration steps. The best practise is to create a development environment. I download and install a Debian 5.0 (lenny) OS and installed all the common LAMP, SSH, Samba, PHPMyadmin & ImageMagick  packages. Then:

1. I Copy the content of my site to my development environment
2. Edit the joomla configuration.php file and change my physical paths
3. Upload my database
4. Check all my joomla modules
5. set 777 permisions for easy testing
6. I know from earlier testing that mine Joomla template is not compatible with 1.5. So I download and install Artisteer 2 to create a new template. This software works so easy I created the template with my girlfriend (download torrent)
7. My Biggest concern is the community builder component and the forum. This are the most important modules so I will upgrade them first.
8. Backup administrator/components/com_comprofiler/ue_config.php, remove the CB module and reinstall the latest versions. (note: latest CB have 1.5.10 native support)
9. My Fireboard version is aleady to the latest version (1.0.5 RC2)
10. Now I will install the migrator tools and follow the 5 migration steps @ http://docs.joomla.org/Migrating_from_1.0.x_to_1.5_Stable
11. I have installed the migrator and the fireboard ETL’s. After that I create A SQL Dump. Now I must create a new 1.5 install and import everything.
12. Note: You can now download your SQL dump file and upload it into your Joomla! 1.5 installation to continue the process. Don’t forget to select migration and use the prefix ‘jos_’ (this migrator rewrites your prefix to jos_ even if the sites prefix is different).
13. I found a small community builder howto @ http://www.alledia.com/blog/joomla-15/migrating-to-joomla-15/
14. * Step 1: Export the Community Builder database tables from 1.0
    * Step 2: Download administrator / components / com_profiler / ue_config.php
    * Step 3: Install CB on the 1.5 site:
    * Step 4: Delete the CBt database tables on 1.5 and import the old tables from 1.0
    * Step 5: Upload the old ue_config.php to administrator / components / com_profiler / ue_config.php
15. For expose I can install the latest version. The copy the ../components/com_expose/expose/img and xml folders to the new site. That as very easy
16. For the CB Profile pictures I copy images/comprofiler to the new site.
18. .. to be continued

Template fix:

Extensions > Module manager > Top Menu (or any other menu, e.g. Main Menu) > click to Edit this module > select Position = user3. Save the configuration and go to the frontpage. You should see your Artisteer style applied to the menu items.

And first assign another default template and then your template

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.

How longer you use firefox how slower the automatic search will be. There is a plugin thats defragment the search database.

Quote Vacuum Places Improved 1:

Defragments your Firefox “Places” database (history/bookmarks)
This greatly reduces the lag while typing in the address bar and the start-up time.
This extension features configurable automatic cleaning, periodic reminder, and internationalization.

URL: https://addons.mozilla.org/nl/firefox/addon/13878

1. Install Clamav with your favorite packet manager

#apt-get install clamav

2. Update ClamAV Database

#freshclam

3. Scan your server and only list infected files

#clamscan / -r -i

Read user groups

id username

Add user

useradd -G group1 -G group2 new-user

Set password

passwd new-user

Try:

Mini 10 @ http://stashbox.org/v/574866/flashBIOSv1.exe

Mini 9 @ http://stashbox.org/v/556752/flashBIOSv1.51.exe

Download and Install The NTP Package

Most RedHat and Fedora Linux software products are available in the RPM format. Downloading and installing RPMs isn’t hard. If you need a refresher, Chapter 6, “Installing Linux Software“, has all the details.

When searching for the file, remember that the NTP RPM’s filename usually starts with the word ntp followed by a version number as in ntp-4.1.2-5.i386.rpm.

The /etc/ntp.conf File

The /etc/ntp.conf file is the main configuration file for Linux NTP in which you place the IP addresses of the stratum 1 and stratum 2 servers you want to use. Here are the steps to create a configuration file using a pair of sample Internet-based NTP servers:

1) First we specify the servers you’re interested in:

server  otherntp.server.org    # A stratum 1 server at server.org
server  ntp.research.gov       # A stratum 2 server at research.gov

2) Restrict the type of access you allow these servers. In this example the servers are not allowed to modify the run-time configuration or query your Linux NTP server.

restrict otherntp.server.org   mask 255.255.255.255 nomodify notrap noquery
restrict ntp.research.gov      mask 255.255.255.255 nomodify notrap noquery

The mask 255.255.255.255 statement is really a subnet mask limiting access to the single IP address of the remote NTP servers.

3) If this server is also going to provide time for other computers, such as PCs, other Linux servers and networking devices, then you’ll have to define the networks from which this server will accept NTP synchronization requests. You do so with a modified restrict statement removing the noquery keyword to allow the network to query your NTP server. The syntax is:

restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

In this case the mask statement has been expanded to include all 255 possible IP addresses on the local network.

4) We also want to make sure that localhost (the universal IP address used to refer to a Linux server itself) has full access without any restricting keywords:

restrict 127.0.0.1

5) Save the file and restart NTP for these settings to take effect. You can now configure other Linux hosts on your network to synchronize with this new master NTP server in a similar fashion.

How To Get NTP Started

You have to restart the NTP process every time you make a change to the configuration file for the changes to take effect on the running process.

To get NTP configured to start at boot, use the line:

[root@bigboy tmp]# chkconfig ntpd on

To start, stop and restart NTP after booting, follow these examples:

[root@bigboy tmp]# service ntpd start
[root@bigboy tmp]# service ntpd stop
[root@bigboy tmp]# service ntpd restart

Testing And Troubleshooting NTP

After configuring and starting NTP, you should test it to make sure it is working. Here are some guidelines you can follow to get NTP working correctly.

Verifying NTP is Running

To test whether the NTP process is running use the command

[root@bigboy tmp]# pgrep ntpd

You should get a response of plain old process ID numbers.

Doing An Initial Synchronization

If the time on the local server is very different from that of its primary time server your NTP daemon will eventually terminate itself leaving an error message in the /var/log/messages file. You should run the ntpdate -u command to force your server to become instantly synchronized with its NTP servers before starting the NTP daemon for the first time. The ntpdate command doesn’t run continuously in the background, you will still have to run the ntpd daemon to get continuous NTP updates.

Take a look at some sample output of the ntpdate command in which a server whose initial time was set to midnight, was correctly set to 8:03 am.

• The date was originally set to midnight which was verified by using the date command.

[root@smallfry tmp]# date
Thu Aug 12 00:00:00 PDT 2004
[root@smallfry tmp]#

• The ntpdate command is run three times to synchronize smallfry’s clock to server 192.168.1.100, but it must be run while the ntpd process is stopped. So you’ll have to stop ntpd, run ntpdate and then start ntpd again.

[root@smallfry tmp]# service ntpd stop
[root@smallfry tmp]# ntpdate -u 192.168.1.100
Looking for host 192.168.1.100 and service ntp
host found : bigboy.my-site.com
12 Aug 08:03:38 ntpdate[2472]: step time server 192.168.1.100 offset 28993.084943 sec
[root@smallfry tmp]# ntpdate -u 192.168.1.100
Looking for host 192.168.1.100 and service ntp
host found : bigboy.my-site.com
12 Aug 08:03:40 ntpdate[2472]: step time server 192.168.1.100 offset 2.467652 sec
[root@smallfry tmp]# ntpdate -u 192.168.1.100
Looking for host 192.168.1.100 and service ntp
host found : bigboy.my-site.com
12 Aug 08:03:42 ntpdate[2472]: step time server 192.168.1.100 offset 0.084943 sec
[root@smallfry tmp]# service ntpd start
[root@smallfry tmp]#

• The date is now corrected.

[root@smallfry tmp]# date
Thu Aug 12 08:03:45 PDT 2004
[root@smallfry tmp]#

Determining If NTP Is Synchronized Properly

Use the ntpq command to see the servers with which you are synchronized. It provided you with a list of configured time servers and the delay, offset and jitter that your server is experiencing with them. For correct synchronization, the delay and offset values should be non-zero and the jitter value should be under 100.

[root@bigboy tmp]# ntpq -p

Here is some sample output of the command:

     remote          refid       st t when poll reach  delay   offset   jitter
==============================================================================
-jj.cs.umb.edu   gandalf.sigmaso  3 u   95 1024  377  31.681  -18.549    1.572
milo.mcs.anl.go  ntp0.mcs.anl.go  2 u  818 1024  125  41.993  -15.264    1.392
-mailer1.psc.edu ntp1.usno.navy.  2 u  972 1024  377  38.206   19.589   28.028
-dr-zaius.cs.wis ben.cs.wisc.edu  2 u  502 1024  357  55.098    3.979    0.333
+taylor.cs.wisc. ben.cs.wisc.edu  2 u  454 1024  347  54.127    3.379    0.047
-ntp0.cis.strath harris.cc.strat  3 u  507 1024  377 115.274   -5.025    1.642
*clock.via.net   .GPS.            1 u  426 1024  377 107.424   -3.018    2.534
ntp1.conectiv.c  0.0.0.0         16 u    - 1024    0   0.000    0.000  4000.00

Your Linux NTP clients cannot Synchronize Properly

A telltale sign that you haven’t got proper synchronization is when all the remote servers have jitter, delay and reach values of 0. In some older versions of Fedora, the jitter values will be 4000.

    remote           refid      st t when poll reach   delay   offset  jitter
=============================================================================
LOCAL(0)        LOCAL(0)        10 l    -   64    7    0.000    0.000   0.008
ntp-cup.externa 0.0.0.0         16 u    -   64    0    0.000    0.000   0.000
snvl-smtp1.trim 0.0.0.0         16 u    -   64    0    0.000    0.000   0.000
nist1.aol-ca.tr 0.0.0.0         16 u    -   64    0    0.000    0.000   0.000

This could be caused by the following:

• Older versions of the NTP package that don’t work correctly if you use the DNS name for the NTP servers. In these cases you will want to use the actual IP addresses instead.
• A firewall blocking access to your Stratum 1 and 2 NTP servers. This could be located on one of the networks between the NTP server and its time source, or firewall software such as iptables could be running on the server itself.
• The notrust nomodify notrap keywords are present in the restrict statement for the NTP client. In some versions of the Fedora Core 2′s implementation of NTP, clients will not be able to synchronize with a Fedora Core 2 time server unless the notrust nomodify notrap keywords are removed from the NTP client’s restrict statement.

In this example the restrict statement has only the client network defined without any keywords and the configuration line that works with other NTP versions has been commented out:

# -- CLIENT NETWORK -------
#restrict 172.16.1.0 mask 255.255.255.0 notrust nomodify notrap
restrict 172.16.1.0 mask 255.255.255.0

Introduction

UNetbootin allows for the installation of various Linux/BSD distributions to a partition or USB drive, so it’s no different from a standard install, only it doesn’t need a CD. It can create a dual-boot install, or replace the existing OS entirely.

Requirements

• Microsoft Windows 2000/XP/Vista, or Linux, or a USB Drive. If you are having trouble with the Linux version, try the Windows version, it usually works better.
• A broadband internet connection to download the distribution packages (unless installing from pre-downloaded media, see below)
• Spare hard drive space to install the OS in (varies depending on distribution)

Features

UNetbootin can install to your local hard disk or make a bootable liveUSB drive. It can also load floppy/hard disk images, or kernel/initrds, or (some) ISO (CD image) files, for installing other distributions.

tcpdump “tcp port 80 and (((ip[2:2] – ((ip[0]&0xf)<<2)) – ((tcp[12]&0xf0)>>2)) != 0)”

easier command:

tcpdump -i eth0 not port 22