See HTTP header using command telnet

You can see the HTTP (hypertext transfer protocol) header from a web site using the standard Telnet program that comes with Windows. For example, to see the header from the root page of the Microsoft web site, do these steps:

1. Start a DOS command prompt
2. From the command prompt type

   telnet www.microsoft.com 80

3. Turn on localecho so you can see what you are doing.
   1. Type Ctrl+] (hold down the Ctrl key and press the right bracket)
   2. Type

      set localecho

   3. Press Enter on a blank line
4. type
   

   GET / HTTP/1.1
   Host: www.microsoft.com
   

5. Press Enter twice

Installing samba in debian

You want to replace that expensive windows file server with a cheap linux solution. But you need to connect from a windows client. Use samba server to do this! Here is how you do it on debian.


apt-get install samba smbfs


After downloading you will be asked a series of questions.
1) workgroup/domain name: share

2)use password encription: YES

3) modify smb.conf to accept wins information: YES

4) How to run samba?: inetd

5) Create Samba password database: YES

6) now that your all done downloading, do this to get a new config file.


cd /etc/samba/
mv smb.conf old.smb.conf
wget /smb.txt
mv smb.txt smb.conf
nano smb.conf
mkdir /share
/etc/init.d/samba restart
smbuser -a tendydon
smbpasswd -a tendydon


if you want to add shares to your samba server add the following lines in the config file.

[newshare]
path = /newshare
browseable = yes
comment = share
writable = yes
public = yes
guest ok = no

Now create the share and give it some permissions.

chmod 777 /share
chown tendydon:tendydon /share
chmod 755 /share/

Here tendydon is user for more user permissions here

You should be able to open the share from a windows machine now. Have fun.

Reverse lookup setup for debian

For reverse lookup setup in debian server following conf files are to be edited

1.named.conf :append the following at the end

zone "10.168.192.in-addr.arpa" {
       type master;
       file "/etc/bind/192.168.10.db";
};

where 192.168.10.X  is a lookup zone

2.The above mentioned file 192.168.10.db should be in respective directory as below:

; BIND reverse data file for local system
;
$TTL    604800
@       IN      SOA     example. example.com. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      example.com.
71      IN      PTR     example.com.

192.168.10.71 is ip of system to be reversed lookonto





 

Alert setting server 2003

In this day of constant attacks and intrusions it becomes increasingly difficult to respond to all threats and intrusion attempts and this is why you need ISA's built in Alerting functionality to be operational as it can shut down services if the professional is not at the station.  Alert notification configuration follows:Alert notifications can be in the form of email or a program can be started

To start the configurations please follow the steps below:

1.

Click on your ISA server then click Monitoring and configuration then click Alerts.

2.

In the details pane, right click the alert of your choice, and click Properties the alert object you have chosen

3.

In the Alert Properties dialog box, click the Actions tab

4. Remember to select an SMTP server that allows the ISA server to relay messages.  Some servers do not allow relays and this in turn will cause the messages not to reach the administrator.

5. Make sure the alert is enabled. You can do this by checking in the details pane if there is a down red arrow on the alert or not.

 Enabled

 Disabled

reset root password red hat linux

To enter single-user mode, reboot your computer. If you use the default boot loader, GRUB, you can enter single user mode by performing the following:

1. At the boot loader menu, use the arrow keys to highlight the installation you want to edit and type [A] to enter into append mode.

2. You are presented with a prompt that looks similar to the following(you may get different than this):

   grub append> ro root=LABEL=/

3. Press the Spacebar once to add a blank space, then add the word single to tell GRUB to boot into single-user Linux mode. The result should look like the following( just append single at the end) :

   ro root=LABEL=/ single

4. Press [Enter] and GRUB will boot single-user Linux mode. After it finishes loading, you will be presented with a shell prompt similar to the following:

   sh-2.05b#

5. You can now change the root password by typing

   passwd root

   You will be asked to re-type the password for verification. Once you are finished, the password will be changed. You can then reboot by typing reboot at the prompt; then you can log in to root as you normally would.

Posting Photos in blog

Posting Photos in blog

You can now upload photos to your blog(s) using Blogger Images; just click the image icon in the post editor's toolbar.

When you click this icon, you'll get a window that allows you to select an image or multiple images from your computer. Click the Browse button to locate the ones you want. Alternatively, you can enter the URL of an image that's already online and insert it into your post.

If you click the link to choose a layout, you can customize the way your images will appear in your post:

The left, center and right options determine how the text of your post flows around the pictures. The size option lets you scale the pictures to different sizes within this posting area. Note that the picture will still be uploaded in its full size; this option just determines how it's scaled within the content of your post.

Alternatively, you can post images to your blog using Mail-to-Blogger.

Posting blogger via email

Post blog via email

The Mail-to-Blogger feature turns any email account into a blog-posting application. In Settings | Email you can create a Mail-to-Blogger address which you will use to send posts via email to your blog:

To post to your blog via email, you need to configure your Mail-to-Blogger email address in Settings | Email:

The format of the email address is username.secretword@blogger.com. Note that this email address must be kept secret. Otherwise, anyone who gets it will be able to post as you.

Also be sure to specify whether or not you prefer your email posts to publish automatically. If this option is not checked, then your posts will be saved on your account but will not appear on your blog until you log in to Blogger.com and publish them yourself.

Once you have saved your Settings, you can send email to your blog. The subjects of your email letters will be the titles of your posts, and the body of the emails will be the posts themselves. To include an image in your post, you can attach an image to you your email.

Notes:

• Sometimes email programs append text to the bottom of each sent message; to make sure this cruft doesn't get posted to your blog, put #end at the end of your post.

Subdomain Configuration Bind and Apache

Subdomain Configuration
A subdomain configuration is very similar to a domain name configuration. The only difference is that the subdomain entry is tied to the corresponding domain name lookup. A request for the subdomain (e.g. http://content.websitegear.com) will be routed to a DNS server containing the DNS information for the parent domain (websitegear.com). Once the DNS record for the subdomain is resolved to a particular IP address, the request is sent to the web server listening on that IP address. The web server can now delegate the request to the particular website based on the subdomain name in the host header of the request object. Various combinations of subdomain configurations are possible by using DNS server entries and web server application setup for load distribution, application isolation or security purposes.

Subdomain Setup on DNS server
The forward lookup zone of the parent domain in the DNS server should contain a pointer to the sub domain using either an alias (CNAME), a hostname (A) or a mail enchanger (MX) entry. The alias (CNAME) record is used for a subdomain if the subdomain points to a website running on the same web server at the same IP address as the parent domain website. A new hostname (A) record is used if the subdomain points to a different web server, or to the same web server listening on a different IP address (as in the case of load distribution).

Alias (CNAME) Setup: An alias points the subdomain to the same web server, which hosts the website for the parent domain. The canonical names (CNAMES) are added for each of the subdomains as shown below. Once the subdomain is resolved to the IP address of the web server, the web server can route the request to a different website (see section on web server setup below). Note that an alias for www is setup as a subdomain by default by most hosting companies, so that requests to www.domain.com is sent to the same website that handles the requests for domain.com.

www IN CNAME domain.com.
subdomain1 IN CNAME domain.com.
subdomain2 IN CNAME domain.com.

Address (A) Record Setup: A hostname DNS entry is required if the subdomain is pointing to a different IP address than that set for the domain name. Add the address (A) records to the forward lookup zone of the parent domain and associate the address records with the IP addresses of the web servers, which will handle the requests for the subdomain.

subdomain1 IN A 123.2.33.45.
subdomain2 IN A 123.2.33.46.

Mail Exchanger (MX) Setup: The mail exchanger subdomain configuration is required if an email server is setup to handle the subdomain mail accounts. For example, an email address like joe@arts.myschool.edu will require a subdomain setup for resolving the mail server for arts.myschool.edu. The setup is similar to the CNAME setup but with MX records.

subdomain1 IN MX 10 subdomain1.domain.com.
subdomain2 IN MX 10 subdomain2.domain.com.

Note: If the sub-domain is configured on another DNS name server, a Name Server (NS) record has to be created for the sub-domain on the corresponding domain name DNS server, so that it can delegate the sub-domain lookup to the other name servers. Using different name servers can eliminate security issues in cases where the sub-domains are maintained by separate administrators. However, the lookup carries an additional overhead.

Configuring the web server for sub-domains
Once the DNS server is setup to send the request for the sub-domain to the corresponding IP address, the work of the web server begins. The web server needs to be configured appropriately to handle the request for the sub-domain based on either the IP address or the host header entry. Host headers are commonly used by web servers to host multiple domains or sub-domains on one IP address.

Microsoft Windows IIS : In case of Internet Information Server (IIS), create a new web site for the subdomain using the IIS Manager, and add the sub-domain (e.g. subdomain.domain.com) as a new host header value listening to the same IP address as specified in the DNS entry. The port is set to 80 (the default for http requests). The host header can be added by clicking on the advanced tab next to the IP address configuration for that web site application. If the subdomain points to a subdirectory of the web site for the domain, then set the home directory for the subdomain web site to the subdirectory. For example, if the domain.com points to C:\Inetpub\wwwroot\ and the subdomain needs to be setup for C:\Inetpub\wwwroot\subdomain, then the directory for the subdomain website should be set to C:\Inetpub\wwwroot\subdomain.

Apache Web Server : In case of Apache web server, the subdomain is configured by virtual host entries in httpd.conf as shown below.

Listen 80
NameVirtualHost *

<VirtualHost *>
ServerName www.domain.com
DocumentRoot /home/httpd/htdocs/
</VirtualHost>

<VirtualHost *>
ServerName subdomain.domain.com
DocumentRoot /home/httpd/htdocs/subdomain/
</VirtualHost>

Conclusion
Sub-domain configuration starts with an entry in the DNS server of the parent domain and the lookup resolves the sub-domain to an IP address of the web server. The web server in turn delegates the requests based on its configuration for the sub-domain. Various sub-domain configurations can be used effectively to distribute the load evenly among available web applications or web servers listening to different IP addresses. The load distribution is achieved by the DNS round robin feature of the BIND. Other uses include application isolation, simpler and professional looking URL, content categorization etc.

Greyed Shut Down button available server 2003

To force Windows NT and Windows 2000 to display the Shut Down button on the logon screen, log on to your server as Administrator or as a user with administrator rights. Start the registry editor by selecting Run from the Start menu, typing regedt32 in the Open text box, and clicking OK. From here, the two systems diverge. If you're running Windows 2000, you'll make the registry change in a different location than Windows NT.

In Windows NT, when the Registry Editor window opens, navigate the left pane until you get to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon hive. In the right pane, look for the value named ShutdownWithoutLogon.

To change the value, double-click it. You'll then see the String Editor. Enter a value of 1 in the String field and click OK.

If the value doesn't exist, you'll need to add it. Select Add Value from the Edit menu. When the Add Value menu appears, enter the name of the value in the Value Name field exactly as listed above. Make sure the Data Type list box contains the value REG_SZ and then click OK. You'll then see the String Editor screen. In the String field, enter a value of 1 and click OK.

In Windows 2000, you'll find the ShutdownWithoutLogon key in the exact same location as in Windows NT. However, if you change the value to 1, it won't change the Shut Down button. The key only appears to exist in this location for compatibility reasons.

To enable the Shut Down button in this version of the OS, you must navigate the left pane until you get to the HKEY_LOCAL_MACHINE\SOFTWARE\CurrentVersion\policies\system hive. In the right pane, look for the value named shutdownwithoutlogon. For some reason, Windows 2000 also lists this key in all lowercase.

To change the value, double-click it. You'll then see the DWORD Editor. Enter a value of 1 in the Data field and click OK.

Add the value if it doesn't exist by selecting Add Value from the Edit menu. When the Add Value menu appears, enter the name of the value in the Value Name field exactly as listed above. Make sure the Data Type list box contains the value REG_DWORD and then click OK. You'll then see the Data Editor screen. In the String field, enter a value of 1 and click OK.

Bind 9 configuration Debian

Introduction

This HOWTO will assist you in getting a Domain Name Server (DNS) up and running using BIND9 on Debian Etch. When setting up a DNS server it is common practise to use two separate DNS servers for a domain as you are required to have at least two DNS servers running for DNS to work correctly. If one breaks, the other can continue to serve your domain.

However, when I setup my DNS system I did not have the resources on hand to use two different servers for DNS so the setup below will configure one server to run both nameservers. It's not an ideal solution and is definitely not a best-practise solution but one can only work with what you have.

In this HOWTO I will use the fictional domain "example.com". The nameservers will use 192.168.254.1 and 192.168.254.2 as their IP addresses. Both the domain and namerserver IPs need to be changed to reflect your server.

Requirements

• A Debian Etch base installation - Installation HOWTO here.
• At least two static IP addresses that you can use to setup the nameserver information.
• Root access to your server.

Pre-Installation

Before proceeding to install, update the necessary packages in Debian with this command.

apt-get update
apt-get upgrade

Installing lsb-base and BIND9

To continue we need some Debian building tools since we have to download source packages:

apt-get install devscripts

BIND9 depends on lsb-base from testing. Lets grab it: (Syntax explanation: the -y tells apt to say yes to all questions, build-dep installs all packages required for -testing_packageX- from the Etch repository and with -b the source gets built straight away.)

mkdir /usr/local/lsb-base/
cd /usr/local/lsb-base/
apt-get -y build-dep lsb-base
apt-get source lsb-base -b
dpkg-i lsb-base*.deb

Next is BIND9:

mkdir /usr/local/bind9
cd /usr/local/bind9
apt-get -y build-dep bind9
apt-get source bind9 -b
dpkg -i *.deb

Configure the Master DNS Server

First we need to stop BIND9:

/etc/init.d/bind9 stop

In order to chroot bind we need to set an option in /etc/default/bind9.

Locate this in /etc/default/bind9:

OPTIONS="-u bind"

Replace it with this:

OPTIONS="-u bind -t /var/lib/named"

It will now run as user 'bind' chrooted in '/var/lib/named'.

These steps are required for the chroot jail:

mkdir -p /var/lib/named/etc
mkdir /var/lib/named/dev
mkdir -p /var/lib/named/var/cache/bind
mkdir -p /var/lib/named/var/run/bind/run
mv /etc/bind /var/lib/named/etc
ln -s /var/lib/named/etc/bind /etc/bind
 mknod /var/lib/named/dev/null c 1 3
mknod /var/lib/named/dev/random c 1 8
chmod 666 /var/lib/named/dev/*
chown -R bind:bind /var/lib/named/var/*
chown -R bind:bind /var/lib/named/etc/bind

Bind now has its own dir with space for .pid files and config files. In order to keep things clear we made a symlink back to /etc/.

Now edit /etc/init.d/sysklogd to allow logging of bind activity. Replace this:

SYSLOGD=""

With this:

SYSLOGD="-a /var/lib/named/dev/log"

Now restart sysklogd and BIND9:

/etc/init.d/sysklogd restart
/etc/init.d/bind9 start

And test:

ping www.grabble.co.za

If you get a reply, then your DNS master server is working and ready to use. We will now complete and use the example.com domain with our new master server.

Setting up the example.com domain

The new master DNS server is currently just forwarding requests to the server of your ISP. So, we will now install and configure our own domain and let our new server handle all request regarding that domain.

Example.com has been chosen for illustrative purposes as per the RFC 2606 - see this Wikipedia Example.com article for more information.

Creating the zone files

Lets start with creating the directory where we will store the zone file. This file contains all info about the domain.

mkdir /etc/bind/zones/master/

Next we will create the zones file:

vim /etc/bind/zones/master/example.com.db

Add the following (obviously replacing example.com and 192.168.254.1 with your own details):

;
; BIND data file for example.com
;
$TTL    604800
@       IN      SOA     ns1.example.com. info.example.com. (
                             2007011501         ; Serial
                                  7200         ; Refresh
                                   120         ; Retry
                               2419200         ; Expire
                                 604800)        ; Default TTL
;
@       IN      NS      ns1.example.com.
@       IN      NS      ns2.example.com.
 example.com.    IN      MX      10      mail.example.com.
example.com.    IN      A       192.168.254.1
ns1                     IN      A       192.168.254.1
 ns2                     IN      A       192.168.254.2
www                     IN      CNAME   example.com.
mail                    IN      A       192.168.254.1
ftp                     IN      CNAME   example.com.
 example.com.            IN      TXT     "v=spf1 ip4:192.168.254.1 a mx ~all"
mail                    IN      TXT     "v=spf1 a -all"

Here we have created a DNS zone file with both nameservers as well as records for the mail and ftp server for the domain example.com. Trying to go into more detail about what each item reflects above is beyond the scope of this HOWTO and you should do your own research into what each item means.

In South Africa registering domain names with the .co.za extension requires that Reverse DNS (RDNS) is setup correctly. Other TLD's don't necessarily require RDNS but either way it's good practise to setup RDNS for your DNS server so we'll do so now.

Create a new file called 192.168.254.rev which follows the convention of the first three IP ranges in your IP address

vim /etc/bind/zones/master/192.168.254.rev

Add the following:

$TTL 1d ;
$ORIGIN 254.168.192.IN-ADDR.ARPA.
@       IN      SOA     ns1.example.com.   info.example.com. (
                                       2007011501
                                        7200
                                       120
                                       2419200
                                       604800
)
        IN      NS      ns1.example.com.
         IN      NS      ns2.example.com.
1       IN      PTR     ns1.example.com.
2       IN      PTR     ns2.example.com.
 

The reverse lookup files are almost identical to the domain zone files with only minor changes. The first section of this file is exactly the same as the first section of the domain zone file. The bottom section is where it is different. This time we are listing the last part of the IP address first and then the hostname last.

There are 2 things you must notice here. You have to use the fully qualified domain name here and you must put a "." at the end of it. These 2 things are important to the file and weird things will happen if you don't do it this way.

You must also change the $ORIGIN section at the top of the RDNS file to reflect the reverse IP address of your server. In this example our IP address ranges are 192.168.254.1/2 and the reverse of this would be 254.168.192.IN-ADDR.ARPA. In the PTR records at the bottom we assign the final IP range to reflect our two nameservers - i.e. 1 & 2.

Making sure all is OK

Now that we've created both zone and reverse files we need to check that our main zone file is good to go. BIND9 breaks very easily so it's best to run this check before committing your changes.

cd /etc/bind/zones/master/
named-checkzone example.com example.com.db

You should get an OK status when doing this. If not you need to double-check your zone file and make changes until you get an OK status.

Adding zone files to BIND9

We now need to add the zone file data to the named.conf.local file:

vim /etc/bind/named.conf.local

And add the following to the file:

zone "example.com" {
       type master;
       file "/etc/bind/zones/master/example.com.db";
};

zone "254.168.192.IN-ADDR.ARPA" {
       type master;
        file "/etc/bind/zones/master/192.168.254.rev";
};

Testing

We can now restart bind and check if it works:

/etc/init.d/bind9 restart
ping ns1.example.com

This should bring bring up a ping result resolving to 192.168.254.1

Try another test:

nslookup
ns1.example.com

Should give you 192.168.254.1

Finally run this one:

dig @localhost example.com

If all is OK then you'll be presented with the zone file information.

At this stage you now have a working and usable DNS server.

Troubleshooting

If you're wondering why updates to the zone file on your master seem to fail, check the serial number inside the zone file. Each time you make a change to the zone file you will need to increase the Serial number in the zone file to ensure that your latest changes are updated.

The serial is setup and structured as follows:

2007011501 = (2007)(01)(15)(01)
First 4 digits of the serial indicate the year - i.e. 2007
Next 2 digits of the serial indicate the month - i.e. 01 (January)
Next 2 digits of the serial indicate the date - i.e. 15
 The final 2 digits of the serial indicate the revision number for that day - i.e. 01

If you are updating your Serial number but your changes are not being reflected I recommend that you reload your BIND data by executing the following command in a Linux shell:

rndc reload

If you are running BIND on two different servers you will need to install ntpdate on both servers to ensure that zone transfers happen correctly. Both master and slave servers need to have the exact same time setting for zone transfers to take place:

apt-get -y install ntpdate

reset root password linux

There are times for system administrators they might have forgot their debian machine root password and they want to reset this password.We will see the available options.

There are various methods available for resetting a root password.

Boot debian linux into single-user mode
Boot using a boot disk (like knoppix,gnoppix) and edit the password file
Mount the drive on another computer and edit the password file

It is possible to boot a system and log on to the root account without knowing the root password as long as one has access to the console keyboard.

This is a procedure which requires no external boot disks and no change in BIOS boot settings. Here, "Linux" is the label for booting the Linux kernel in the default Debian install.

Solution 1

At the lilo boot screen, as soon as boot: appears (you must press a shift key at this point on some systems to prevent automatic booting and when lilo uses the framebuffer you have to press TAB to see the options you type), enter:

boot: Linux init=/bin/sh        (for grub  init=/bin/bash)

This causes the system to boot the kernel and run /bin/sh instead of its standard init. Now you have gained root privileges and a root shell. Since / is currently mounted read-only and many disk partitions have not been mounted yet, you must do the following to have a reasonably functioning system.

# mount -n -o remount,rw /

# mount -avt nonfs,noproc,nosmbfs

# cd /etc

# vi passwd

# vi shadow

(If the second data field in /etc/passwd is "x" for every username, your system uses shadow passwords, and you must edit /etc/shadow.) To disable the root password, edit the second data field in the password file so that it is empty. Now the system can be rebooted and you can log on as root without a password. When booting into runlevel 1, Debian (at least after Potato) requires a password, which some older distributions did not.

It is a good idea to have a minimal editor in /bin/ in case /usr/ is not accessible.Also consider installing the sash package. When the system becomes unbootable, execute

boot: Linux init=/bin/sash

sash serves as an interactive substitute for sh even when /bin/sh is unusable. It's statically linked, and includes many standard utilities as built-ins.

Solution 2

Boot from any emergency boot/root disk set. If /dev/hda3 is the original root partition, the following will let one edit the password file just as easily as the above.

# mkdir recovery

# mount /dev/hda3 recovery

# cd recovery/etc

# vi shadow

# vi passwd

Scroll down to the line containing the root user's information, which looks something like

root:weeWRSF!sfDFs:12581:0:99999:7:::

Delete everything between the first and second colons, so that the line looks like

root::12581:0:99999:7:::

Save the file and exit your editor.Type cd to return to your home directory.

Type umount mountplace to unmount the partition.

#unmount /dev/hda3 recovery

Type reboot to reboot your system

The advantage of this approach over the previous method is one does not need to know the lilo password . But to use it one must be able to access the BIOS setup to allow the system to boot from floppy disk or CD, if that is not already set.

Solution 3

Reseting passwords by mounting on another system and editing the password file is bit more work need to be done.first you need to Shut down the machine after backing up all important data.Now remove you machine hard disk and connect this hard disk as slave drive for another machine(this should be linux OS) and boot this machine.Once the system finishes booting, mount the slave drive's root partition and edit the password file.If /dev/hda3 is the original root partition, the following will let one edit the password file just as easily as the above.

# mkdir recovery

# mount /dev/hda3 recovery

# cd recovery/etc

# vi shadow

# vi passwd

Scroll down to the line containing the root user's information, which looks something like

root:weeWRSF!sfDFs:12581:0:99999:7:::

Delete everything between the first and second colons, so that the line looks like

root::12581:0:99999:7:::

Save the file and exit your editor.Type cd to return to your home directory.

Type umount mountplace to unmount the partition.

#unmount /dev/hda3 recovery

Type reboot to reboot your system

Solution 4 (The most easy one)

boot with livecd (i'm using ubuntu live )

start terminal (use sudo or su to gain root previldge of live cd  )

mkdir /d
mount /dev/hda1 /d
chroot /d
passwd (or passwd root)
type your new password
press Ctrl+Alt+Delete and enjoy

If you want to prevent others from resetting your root password you can use two options first one is protect your bootloader with password i.e your GRUB or LILO boot loaders and second one is protect BIOS with password.