Archive for September, 2008

SPR720 – LAB4

September 29, 2008

Installing a software from the source.

I choose the Clam AntiVirus to compile from the source. Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX.

To compile the Clam I just needed gcc, ./configure; make; make install and that’s it.

About Clam AntiVirus – http://www.clamav.net

source: http://www.clamav.net

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library.

Here is a list of the main features:

  • command-line scanner
  • fast, multi-threaded daemon with support for on-access scanning
  • milter interface for sendmail
  • advanced database updater with support for scripted updates and digital signatures
  • virus scanner C library
  • on-access scanning (Linux® and FreeBSD®)
  • virus database updated multiple times per day (see home page for total number of signatures)
  • built-in support for various archive formats, including Zip, RAR, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others
  • built-in support for almost all mail file formats
  • built-in support for ELF executables and Portable Executable files compressed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor and others
  • built-in support for popular document formats including MS Office and MacOffice files, HTML, RTF and PDF
Advertisements

Compiz-Fusion on Toshiba P200 Laptop

September 28, 2008

A brief how to for setting compiz-fusion in the Fedora 9 + kde in the Toshiba Laptop P200 with Intel GM965/GL960 Integrated Graphics Controller.

1) Verify if the direct rendering is working

$ glxinfo | grep -i direct
direct rendering: Yes

2) Installing the software

# yum install compiz-kde fusion-icon-qt compiz-fusion-plugins-unsupported compiz-fusion-plugins-extra compiz-bcop ccsm emerald-themes  compizconfig-backend-kconfig

3) Testing compiz

To test compiz-fuzion, just issue the command:

$ LIBGL_ALWAYS_INDIRECT=1 INTEL_BATCH=1 compiz –replace –sm-disable –ignore-desktop-hints ccp

4) Configuring compiz-fusion to auto-start

$ ln -s /usr/bin/fusion-icon ~/.kde/Autostart/

Have fun !!!

SPR720 – Lab 3

September 25, 2008

Ufa this lab was really hard, so many time that I do not use the commands sed, awk, etc…..

After some hours reading a book about shell scripting, IBM material about sed and awk I could finish my lab.

The idea is monitor the partitions of the system and if a partition usage hits 80%, print a warning message.

In a environment with lots of servers is impossible to memorize every partition in each server, and a good tool to keep monitoring the available space on the server is Nagios with the plugin NRPE – Nagios Remote Plugin Executer.

Here is my little script:

Robot Exclusion

September 23, 2008

Source: http://www.robotstxt.org/
Source1: http://www.indiaseos.com/user-agent-robot-txt.htm

Robots are programs that goes to many pages recursively retrieving linked pages. They are also called WWW Robots, Spiders or Crawlers.

They were useful in the past when the dial-up calls were expensive and a cheaper solution was to download all the texts (newspapers, books, etc) you want to read in your computer and then hang up the phone line, saving you some money in the phone bill.

One popular program I used in that days was webmirror ( http://www.bmtmicro.com/BMTCatalog/multipleos/webmirror.html )

Some time in the years 1993 or 1994 there have been occasions where robots have visited web servers where they weren’t welcome for various reasons. One of these reasons were robot specific swamped servers with rapid-fire requests, retrieved the same files repeatedly or going very deep virtual trees.

These incidents indicated the need for established mechanisms for web servers to indicate to robots which parts of their server should not be accessed.

The solution to exclude robots from accessing sensitive information on a server was to create a file on the server which specifies an access policy for robots. This file must be accessible via HTTP on the local URL “/robots.txt“.

This approach was chosen because it can be easily implemented on any existing WWW server, and a robot can find the access policy with only a single document retrieval. Even though this control is implemented in the robot, and can deactivated.

Phishing – Protect yourself before lose your informations

September 22, 2008

Following the definition from the website http://www.webopedia.com, fishing is the act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identify theft.

The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The web site, however, is bogus and set up only to steal the user’s information.

To protect yourself against phishing the users must following some recommendations:

  • Never open a email from a unknown sender
  • Take care about which kind of attachments your are going to open
  • Use Firefox instead of Internet Explorer
  • Keep your web browser always updated
  • Uses a good anti virus and update it daily
  • Never click in links to go to any website, always prefer to type the address by yourself
  • Pay attention about the locker that appear in the browser when entering in a protected website

In the blog http://www.jgc.org/blog/2006/09/watching-phishing-attack-live.html the author describe step by step a phishing attempt against his blog.

Another web site http://www.cs.utoronto.ca/~ronda/itrustpage/screenshots/index.html have a huge collection of screen shots from real fishing attacks. They also have a free GNU / GPL anti fishing software.

XWN740 – Lab2

September 22, 2008

This lab was cool, because these commands can help you to troubleshot a lot of problems. It happened with me some times that the mouse of the server did not work properly and instead of use the cursor I plugged a usb mouse, but with the knowledge I gained about how to use the keys to do the mouse work. I will never need to plug another usb mouse, once I can use the numeric keyboard.

Answers for the lab here.

LPT730 – LAB2

September 15, 2008
  • Public Keys
  • Thunderbird with the Enigmail
  • Certificates

Answers for the LPT730 – LAB2

Tips to register and protect your nickname on IRC

September 12, 2008

Connect to the IRC server and type the following commands

1) Register

/msg nickserv register <password>   <email>

You will receive a email with a password to confirm the registration process.

2) To avoid other users to use your nickname

/msg NickServ set enforce on

If someone try to use your nickname, this person will have their nickname changed.

3) To identify your nickname

/msg nickserv identify <password>

SPR720 – Command Lab

September 8, 2008

1. Go through the files in /usr/bin and for each file, note whether it’s a command you have used. Select 25 of the commands you haven’t used and research what they do (use manpages and online resources). Blog about your experience and what you’ve found.

List of commands that I have never used:

Source: Linux manpages

a2p – Awk to Perl translator
A2p takes an awk script specified on the command line (or from standard input) and produces a comparable perl script on the standard output.

ab – Apache HTTP server benchmarking tool
ab  is  a  tool  for  benchmarking  your  Apache Hypertext Transfer Protocol (HTTP) server. It is designed to give you an impression of how your current Apache installation performs.  This  especially shows you how many requests per second your Apache installation is capable of serving.

ac –  print statistics about users’ connect time
ac prints out a report of connect time (in hours) based on the logins/logouts in the current wtmp file.  A total is also printed out.

bc – An arbitrary precision calculator language
bc  is  a language that supports arbitrary precision numbers with interactive execution of statements.

bzmore, bzless – file perusal filter for crt viewing of bzip2 compressed text

bzgrep, bzfgrep, bzegrep – search possibly bzip2 compressed files for a regular expression

bzcat – decompresses files to stdout

bzip2recover – recovers data from damaged bzip2 files

bzcmp, bzdiff – compare bzip2 compressed files
Bzcmp  and  bzdiff are used to invoke the cmp or the diff program on bzip2 compressed files.  All options specified are passed directly to cmp or diff.  If only 1  file  is  specified, then  the files  compared  are  file1 and an uncompressed file1.bz2. If two files are specified, then they are uncompressed if necessary and fed to cmp or diff.  The exit status from cmp or diff  is  preserved.

cd-info – List informations about the medias in the cd/dvd drive

cd-drive – List informations about the physical drive

comm – compare two sorted files line by line
Compare sorted files FILE1 and FILE2 line by line. With  no option, produce three-column output.  Column one contains lines unique to FILE1, column two contains lines unique to FILE2, and column three contains lines common to both files.

cmp – compare two files
The cmp utility compares two files of any type and writes the results to the standard output.  By default, cmp is silent if the files are the same; if they differ, the byte and line number at which the first difference occurred is reported.

createuser – define a new PostgreSQL user account
createuser  creates a new PostgreSQL user (or more precisely, a role).  Only superusers and users with CREATEROLE privilege can create new users, so createuser must be invoked by someone who  can connect as a superuser or a user with CREATEROLE privilege.

createrepo – Create repomd (xml-rpm-metadata) repository
createrepo  is  a program that creates a repomd (xml-based rpm metadata) repository from a set of rpms.

ddate – converts Gregorian dates to Discordian dates
ddate prints the date in Discordian date format. If  called with no arguments, ddate will get the current system date, convert this to the Discordian date format and print this on the standard output. Alternatively, a Gregorian  date  may  be specified on the command line, in the form of a numerical day, month and year.

file – determine the file type

id – print user identity
Print information for USERNAME, or the current user

isosize – outputs the length of a iso9660 file system
This  command  outputs the length of an iso9660 file system that is contained in given file. That file may be a normal file or a block device (e.g. /dev/hdd or /dev/sr0). In the  absence  of  any switches (or errors) it will output the size of the iso9660 file system in bytes. This can now be a large number (> > 4 GB).

locale – Get locale-specific information.
The locale program writes information about the current locale environment, or all locales, to standard output. When invoked without arguments, locale summarizes the current locale environment for each locale category defined by the LC_* environment variables.

last, lastb – show listing of last logged in users
Last  searches  back  through  the file /var/log/wtmp (or the file designated by the -f flag) and displays a list of all users logged in (and out) since that file was created.  Names of users and tty’s  can  be  given,  in  which  case last will show only those entries matching the arguments. Names of ttys can be abbreviated, thus last 0 is the same as last tty0.

lndir – create a shadow directory of symbolic links to another directory tree
The  lndir  program makes a shadow copy todir of a directory tree fromdir, except that the shadow is not populated with real files but instead with symbolic links pointing at the  real  files  in the  fromdir  directory  tree.   This is usually useful for maintaining source code for different machine architectures.  You create a shadow directory containing links to the real source,  which you  will  have usually mounted from a remote machine.  You can build in the shadow tree, and the object files will be in the shadow directory, while the source files in the shadow directory  are just symlinks to the real files.

look – display lines beginning with a given string
The look utility displays any lines in file which contain string as a prefix.  As look performs a binary search, the lines in file must be sorted (where sort(1) got the same options -d and/or -f that look is invoked with).

lua – lua compiler

lsdvd – read the content info of a DVD

An application  for reading the contents of a DVD and printing the contents to your terminal and dump for further processing in external applications.

nc – arbitrary TCP and UDP connections and listens

The nc (or netcat) utility is used for just about anything under the sun involving TCP or UDP.  It can open TCP connections, send UDP packets, listen on arbitrary TCP and UDP ports, do port scanning, and deal with both IPv4 and IPv6.  Unlike telnet(1), nc scripts nicely, and separates error messages onto standard error instead of sending them to standard output, as telnet(1) does with some.

nsupdate – Dynamic DNS update utility
nsupdate is used to submit Dynamic DNS Update requests as defined in RFC2136 to a name server. This allows resource records to be added or removed from a zone without manually editing the zone file. A single update request can contain requests to add or remove more than one resource record.

ntfsfix – fix common errors and force Windows to check NTFS

ntfsfix  is  a  utility  that fixes some common NTFS problems.

ntfscmp – compare two NTFS filesystems and tell the differences

After finish the research in the folder /usr/bin I realize that there are a lot of tools, some times not so popular, that can help a lot in the administration and problem solving on Linux Servers.

NAD710 – LAB 1

September 6, 2008

Questions

Based on the information collected, answer the following questions:

1) What is the kernel version of Linux on matrix?

2.6.18.8-0.5-default

2) What is the IP address and MAC address of the Linux machine on matrix?

IP: 192.168.1.59

MAC: 00:0E:0C:7F:84:79

3) What is the network mask on matrix?

255.255.255.0

4) What are the network addresses of the Linux machine? (there should be three networks)

device “eth0”
192.168.1.59 – host
192.168.1.255 – broadcast
device “lo”
127.0.0.1 – loopback

5) What is the IP address of the gateway for the Linux machine on matrix?

192.168.1.254

6) What is the command to display all the currently loaded kernel modules?

$ lsmod

7) Where is the file for the kernel module called “e100”?

/lib/modules/2.6.18.8-0.5-default/kernel/drivers/net/e100.ko

8 ) What is the MAC address for the network device that has the IP address 192.168.1.254?

00:0E:0C:7F:84:6F

9) How do you display all the physically network addresses known by a Linux machine?

$ arp -a

10) What is the MAC address of the network device on the Linux machine on matrix ?

00:07:E9:F6:36:1F