1. Create a nat pool with single public ip address
router(config)#ip nat pool shrestha 175.176.229.33 175.176.229.33 net 255.255.255.0
2. Create access list permitting the local LAN
router(config)#access-list 1 permit 192.168.100.0 0.0.0.255
3. Map access list 1 to new pool using overload(PAT)
router(config)#ip nat inside source list 1 pool shrestha overload
4. Go to public ip interface and execute following command
ip nat [...]
R1(config)# hostname R1
R1(config)#ip domain-name anuj.com
R1(config)#username anuj password shrestha
R1(config)#crypto key generate rsa
choose default or 1024 and press enter and wait for a while to get the message that SSH has been enabled
R1(config)# line vty 0 4
R1(config-line)#transport input ssh
Try logging from another host using ssh—-
«« Read More Comments Off
Download packages from http://pkgs.org/
or with direct link
#wget http://centos.alt.ru/repository/centos/5/i386/l7-filter-userspace-0.11-2.el5.i386.rpm
#wget http://centos.alt.ru/repository/centos/5/i386/l7-protocols-20090528-1.el5.i386.rpm
#wget http://centos.alt.ru/repository/centos/5/i386/libnetfilter_conntrack-0.9.1-1.el5.i386.rpm
#wget http://centos.alt.ru/repository/centos/5/i386/libnfnetlink-1.0.0-1.el5.i386.rpm
#wget http://centos.alt.ru/repository/centos/5/i386/libnetfilter_queue-1.0.0-1.el5.i386.rpm
Install Packages
#rpm -ivh libnfnetlink-1.0.0-1.el5.i386.rpm
#rpm -ivh libnetfilter_conntrack-0.9.1-1.el5.i386.rpm
#rpm -ivh libnetfilter_queue-1.0.0-1.el5.i386.rpm
#rpm -ivh l7-filter-userspace-0.11-2.el5.i386.rpm
#rpm -ivh l7-protocols-20090528-1.el5.i386.rpm
#modprobe ip_conntrack_netlink
#l7-filter -vv -f /etc/l7-filter.conf
# yum install xen virt-manager kernel-xen
# chkconfig xend on
# reboot
unpack CentosOS 5.5 in some location and redirect /install to that directory to install from http and configure apache
Edit /etc/xend-config.sxp and change
(dom0-min-mem 1024)
#mkdir /xen
#ifconfig eth0 192.168.32.62
# virt-install –prompt (name = libra; ram = 512; file = /xen/libra.img; file size = 10; location http://192.168.32.62/install
follow the [...]
They call it the “Quarter-life Crisis.”
It is when you stop going along with the crowd and start realizing that there are many things about yourself that you didn’t know and may not like. You start feeling insecure and wonder where you will be in a year or two, but then get scared because you barely [...]
Many years ago in a small Indian village,
A farmer had the misfortune Of owing a large sum of money to a village moneylender.
The Moneylender, who was old and ugly, fancied the farmer’s beautiful Daughter. So he proposed a bargain. He said he would forgo the farmer’s debt if he could marry his Daughter. Both the [...]
If
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z is represented as:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26.
Then
Hard Work
H+A+R+D+W+O+R+K
8+1+18+4+23+15+18+11 [...]
One day a farmer’s donkey fell down into a well.
The animal cried piteously for hours as the farmer tried to figure out what to do.
Finally, he decided the animal was old, and the well needed to be covered up anyway;it just wasn’t worth it to retrieve the donkey.
He invited all his neighbors to come over [...]
[root@mbox /home/anujstha]# cat CreateMaildir.sh
#!/bin/bash
echo “Enter username”
read USER
echo “Enter qmail uid”
read QMAILUID
initial=$(echo ${USER:0:1})
mkdir -p /mbox/$initial/$USER
/var/qmail/bin/maildirmake /mbox/$initial/$USER/Maildir/
echo “|/usr/bin/qmailquota” > /mbox/$initial/$USER/.qmail
echo “./Maildir/” >> /mbox/$initial/$USER/.qmail
echo “10000″ /mbox/$initial/$USER/.quota
chown ${QMAILUID}:55 /mbox/$initial/$USER
chown -R ${QMAILUID}:55 /mbox/$initial/$USER/Maildir/
echo “User : ${USER}”
echo “QMAILUID : ${QMAILUID}”
echo “Initials : ${initial}”
########################################
CREATE A SELF-SIGNED CERTIFICATE WITH OpenSSL:
Generating an RSA key
% openssl genrsa -out cert.key 1024
Generating RSA private key, 1024 bit [...]
mod_fcgid——
cd /usr/local/src
http://downloads.sourceforge.net/mod-fcgid/mod_fcgid.2.2.tgz?use_mirror=nchc
tar -xzvf mod_fcgid.2.2.tgz
cd mod_fcgid.2.2
vi Makefile (define apache/apxs location)
make
make install
NIKTO—-
cd /src
wget http://www.cirt.net/nikto/nikto-current.tar.gz
tar -xzvf nikto-current.tar.gz
wget http://www.wiretrip.net/rfp/libwhisker/LW.pm
cp LW.pm ./nikto/LW.pm
mv nikto-1.35/ /usr/local/nikto
cd /usr/local/nikto
perl nikto.pl -update
perl nikto.pl -h localhost
perl nikto.pl -h example.com -evasion 1
mod_spamhaus is an Apache module that uses DNSBL in order to block spam relay
via web forms, preventing URL injection, block http DDoS attacks from bots and
generally protecting your web service denying access to a known bad IP address.
cd /usr/local/src
wget http://kent.dl.sourceforge.net/sourceforge/mod-spamhaus/mod_spamhaus05.tar.gz
tar -xzvf mod_spamhaus05.tar.gz
cd mod-spamhaus/
vi Makefile ( Define apxs2 location )
make install
vi /usr/local/apache2/conf/httpd.conf
<IfModule mod_spamhaus.c>
MS_METHODS POST,PUT,OPTIONS,CONNECT
MS_WhiteList /usr/local/apache2/conf/spamhaus.wl
MS_CacheSize [...]
configure and installation of mysql 5.1.30
We are installing mysql with non default datadir and non default socket
path so make sure that following directories doesnot exists
. There could be problem due to these files existance.
/usr/local/mysql
/web/mysql
make sure /web exists.
create user mysql
groupadd mysql
useradd mysql -s /bin/nologin -g mysql
Download mysql 5.1.30 source from web.
extract the compressed mysql source file.
configure [...]
cd /usr/local/src
wget ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.2.tar.gz
cd proftpd-1.3.2
install_user=root install_group=wheel ./configure –prefix=/usr/local/proftpd –enable-autoshadow
make
make install
cp /usr/local/src/proftpd-1.3.2/contrib/dist/rpm/proftpd.init.d /etc/init.d/proftpd
chkconfig –add proftpd
chkconfig proftpd on
proftpd.conf
ServerName “ProFTPD server”
ServerIdent on “FTP Server ready.”
ServerAdmin root@localhost
ServerType standalone
DefaultServer on
AccessGrantMsg “User %u logged in.”
DeferWelcome off
DefaultRoot ~ !adm
AuthPAMConfig proftpd
AuthOrder mod_auth_pam.c* mod_auth_unix.c
IdentLookups [...]
ORACLE INSTANT CLIENT
First we need install following,
Instanceclient-basic
Instanceclient-sqlplus
Instanceclient-sdk
perl-DBI
perl-DBD-Oracle
in /etc/profile add following:
#TNS LISTNER
export TNS_ADMIN=/etc/oracle
#ORACLE LIBRARY
export LD_LIBRARY_PATH=LD_LIBRARY_PATH:/usr/lib/oracle/11.1/client/lib/
#ORACLE INSTANCE CLIENT HOME
export ORACLE_HOME=/usr/lib/oracle/11.1/client
#ORACLE PATH
export PATH=/usr/lib/oracle/11.1/client/bin:$PATH
cd /etc/oracle
vi tnsnames.ora
RAD1DB =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 202.79.32.36)(PORT = 1521))
)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = raddb)
)
)
RADDB =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 202.79.45.36)(PORT = 1521))
)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = [...]
sysinstall
configure->distribudion src base sys
cd /sys/i386/conf
cp GENERIC mykern
vi mykern #append the following kernel options
options IPFIREWALL
options IPFIREWALL_FORWARD
options MSGMNB=65536
options MSGMNI=40
options MSGSEG=32767
options MSGSSZ=64
options MSGTQL=2048
options SHMSEG=256
options SHMMNI=256
options SHMMAX=536870912
options SHMALL=131072
options MAXFILES=64000
options VFS_AIO
and compile the kernel
# cd /usr/src
Compile the kernel:
# make buildkernel KERNCONF=mykern
Install the new kernel:
# make installkernel KERNCONF=mykern
Generate pub keys in www0 and copy it to the remote server www1 and change permissions
ssh-keygen -t dsa
ssh-keygen -t rsa
scp /root/.ssh/id_*.pub root@www1:/root/.ssh/
In Remote Server
cd /root/.ssh
mv /root/.ssh/id_dsa.pub /root/.ssh/id_dsa.pub.www0
mv /root/.ssh/id_rsa.pub /root/.ssh/id_rsa.pub.www0
cat /root/.ssh/id_dsa.pub.www0 >> authorized_keys
cat /root/.ssh/id_rsa.pub.www0 >> authorized_keys
chmod 600 *
chmod 700 ../.ssh
Now login from www0 to www1
cd /usr/local/src
fetch http://telana.com/files/httpd-2.2.3-peruser-0.3.0.patch
fetch http://archive.apache.org/dist/httpd/httpd-2.2.3.tar.bz2
tar -xf httpd-2.2.3.tar.bz2
ls
cd httpd-2.2.3
cat ../httpd-2.2.3-peruser-0.3.0.patch | patch -p1
./buildconf
./configure –with-mpm=peruser –enable-module=expires
–enable-module=so –enable-module=headers –enable-module=usertrack
–enable-module=env –enable-suexec –enable-module=auth_dbm
–enable-module=auth_db –enable-module=auth_anon
–enable-module=digest –enable-shared=max
make
make install
echo ‘apache22_enable =”YES”‘ >> /etc/rc.conf