Saturday, May 15, 2010

Detecting DoS / DDoS Attack on a Windows 2003 / 2008 Server

SkyHi @ Saturday, May 15, 2010

Question: How do I detect a DDOS (Distributed denial of service) / DOS attack on a Windows Server 2003 / 2000 / 2008? Can I use Linux netstat command syntax to detect DDoS attacks?



Answer:A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users.


You can always use netstat command to get list of connections under Windows. Open command prompt by visiting Start > Run > Type "cmd" in box.


netstat is a command line utility which displays protocol statistics and current TCP/IP network connections in a system. Type the following command to see all connections:

netstat -noa

Where,


  1. n: Displays active TCP connections, however, addresses and port numbers are expressed numerically and no attempt is made to determine names.
  2. o: Displays active TCP connections and includes the process ID (PID) for each connection. You can find the application based on the PID on the Processes tab in Windows Task Manager.
  3. a: Displays all active TCP connections and the TCP and UDP ports on which the computer is listening.

You can use find command as filter to searches for a specific string of text in a file. In the following example you are filtering out port 80 traffic:

netstat -ano | find /c "80"

Find the IP address which is having maximum number of connection and block it using Cisco firewall or IPSec. Another protective measurement is to harden the TCP/IP stack.


REFERENCES
http://www.cyberciti.biz/faq/detect-ddos-dos-attack-on-windows-server/

How to Change an IP Address on Solaris

SkyHi @ Saturday, May 15, 2010

To change an IP address on a Solaris system immediately, use the `ifconfig` command.


The syntax for `ifconfig` is:


ifconfig <interface> <ip address> <netmask> <broadcast address>


If you don't know the names of your network interfaces, use the `ifconfig -a` command to list all of the available network interfaces.


Permanently Change an IP Address on Solaris


To make this change permanent, you will need to edit one or more Solaris configuration files. If you do not, then your IP address will change back to the old address the next time you reboot the system.


You will need to edit the hosts entry in /etc/hosts.


If you have moved the system to a new network, you will need to change the default route in /etc/defaultrouter.


If you are using VLSM (Variable Length Subnet Masks), you may need to edit /etc/netmasks.


If you are using Solaris 9 or above, you may need to edit the IP address in /etc/inet/ipnodes.


You should then reboot the server to test your changes and ensure that they operate correctly.


REFERENCES

http://www.topbits.com/how-to-change-an-ip-address-on-solaris.html

Setting bash as default shell FreeBSD

SkyHi @ Saturday, May 15, 2010

Q. I am using FreeBSD and I would like to setup bash as default shell?


A. CSH is default shell under FreeBSD. First, make sure bash is installed. Type bash to see if you can execute bash:

$ bash

If you get command not found error. Use pkg_add command to install bash

# pkg_add -r -v bash


Now to setup bash as shell type chsh command.

chsh -s /path/to/shell {user-name}


chsh changes the user login shell. This determines the name of the user's initial login command. A normal user may only change the login shell for her own account, the super user may change the login shell for any account. To setup bash default shell for user vivek, type command:


$ which bash

Output:


/usr/local/bin/bash

Now change shell:

$ chsh -s /usr/local/bin/bash vivek

Output:


Password

Provide your login password. Verify that shell is changed:

$ grep ^vivek /etc/passwd


You can also edit /etc/passwd file and change shell (you need to login as root user):

# vi /etc/passwd

Last filed is shell

From

vivek:x:1000:1000:vivek,,,:/home/vivek:/bin/sh

To

vivek:x:1000:1000:vivek,,,:/home/vivek:/usr/local/bin/bash


Save and close the file.


REFERENCES

http://www.cyberciti.biz/faq/howto-set-bash-as-your-default-shell/

Friday, May 14, 2010

Clamav errors on upgrade to 0.96 clamd and clamav-milter

SkyHi @ Friday, May 14, 2010

Some updates to the yum-sent clamav-milter.conf and (to a lesser extent) clamd.conf may be necessary.


After an automatic yum-update of the clamd family on RHEL, there’s a disparity in the way clamav-milter listens and clamd services the socket or port connection — clamav-milter doesn’t know what to go with (local socket on unix:/tmp/clamav.socket or tcp:127.0.0.1) – so you need to tell it. Otherwise, you get messages such as the below in you clamav-milter.log:


clamav-milter[5149]: No clamd server appears to be available

ERROR: Failed to initiate streaming/fdpassing


So make sure the ClamdSocket in clamav-milter.conf points to the LocalSocket that clamd.conf says it’s broadcasting on. So if clamd.conf is


LocalSocket /tmp/clamd.socket


clamav-milter.conf should have


ClamdSocket unix:/tmp/clamd.socket


Else, if you’re on LocalSocket on 127.0.0.1 on the default port, just set ClamdSocket as below:


ClamdSocket tcp:127.0.0.1


Also, be sure to do an sa-update



Simple, eh? But you knew that already

REFERENCES
http://blog.sven.co.za/2010/04/03/clamav-error-yum-upgrade-to-0-96-clamd-and-clamav-milter/

How to change the font and background colour of Terminal in Leopard

SkyHi @ Friday, May 14, 2010
1. Menu Bar -> Go -> Utilites
2. go to Terminal->Preferences->Settings



find the color scheme that you like or make a new one then

click on the Startup tab and select that scheme.



your new window should open with the new scheme when you open the existing one
and open a new one

Tuesday, May 11, 2010

Title Bar Button Side Switching in Ubuntu 10.04

SkyHi @ Tuesday, May 11, 2010

A ton of users are dissatisfied with the decision to change the buttons on the title bar, however, it’s incredibly easy to change back and forth between the old (Karmic) look, and the new (Lucid Alpha) look. You do not have to be on Lucid to test out the new look. These commands work fine on Karmic and (probably) older.



First, open up a terminal.


If you want your Title Bar icons to look like they do in Karmic (RIGHT side), copy and paste the following code into the Terminal and press Enter


gconftool-2 --set “/apps/metacity/general/button_layout” --type string “:minimize,maximize,close”


If you want your Title Bar icons to look like they do in Lucid Alpha (LEFT  side), copy and paste the following code into the Terminal and press Enter:


gconftool-2 --set “/apps/metacity/general/button_layout” --type string “maximize,minimize,close:”


Method 2


To change the buttons layout from left side of the window to  the rightside , hit the  alt-F2 keys then type gconf-editor, then apps > metacity  > general > button layout > menu:minimize,maximize,close


REFERENCE

http://www.ubuntugeek.com/quick-and-easy-title-bar-button-side-switching-in-ubuntu-10-04-lucid9-10-karmic.html#more-4360

Monday, May 10, 2010

error: /lib/libnss_dns.so.2: symbol __res_maybe_init

SkyHi @ Monday, May 10, 2010
facing this error whever i ssh gentoo box





sshd: USER@pts/191: relocation error: /lib/libnss_dns.so.2: symbol __res_maybe_init, version GLIBC_PRIVATE not defined in file libc.so.6 with link time reference


Connection to x_IP closed.





it was working fine an hour ago.





solved: glibc updated and a sshd restart!

How to Install FFmpeg Centos

SkyHi @ Monday, May 10, 2010

FFmpeg is so important
if you are planning to run a video website with streaming with conversion of
video files to different video formats. This tutorial is intended for Centos/Redhat
versions of Linux where any novice user can install ffmpeg without compiling
the source which is a more traditional way of installing the FFmpeg software
on linux servers. In this tutorial i will show you the easy way to install ffmpeg
and ffmpeg-php (php extension) with just yum rather than compiling ffmpeg from
source files.




 


FFmpeg (http://ffmpeg.mplayerhq.hu)

Mplayer + Mencoder (http://www.mplayerhq.hu/design7/dload.html)

Flv2tool (http://inlet-media.de/flvtool2)

Libogg + Libvorbis (http://www.xiph.org/downloads)

LAME MP3 Encoder (http://lame.sourceforge.net)


FlowPlayer - A Free Flash Video Player - http://flowplayer.org/


Installing FFMpeg


yum install ffmpeg ffmpeg-devel


If you get package not found, then you will need to add few
lines in the yum repository for dag packages installation. Create a file named
dag.repo in /etc/yum.repos.d with the following
contents on it


[dag]

name=Dag RPM Repository for Red Hat Enterprise Linux

baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag

gpgcheck=1

enabled=1


then


yum install ffmpeg ffmpeg-devel


If everything is fine, then the installation should proceed smoothly. If not
you will get something like warning GPG public key missing .


Common Errors


To fix rpmforge GPG key warning:


rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm


For more information refer to this
faq
depending on Centos version


Missing Dependency Error:


If you get missing dependency error like shown below, in the middle of ffmpeg
installation


Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed
by package ffmpeg

Error: Missing Dependency: libtheora.so.0(libtheora.so.1.0) is needed by package
ffmpeg

Error: Missing Dependency: rtld(GNU_HASH) is needed by package ffmpeg

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package imlib2

Error: Missing Dependency: rtld(GNU_HASH) is needed by package a52dec

Error: Missing Dependency: rtld(GNU_HASH) is needed by package imlib2

Error: Missing Dependency: rtld(GNU_HASH) is needed by package gsm

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package x264

Error: Missing Dependency: rtld(GNU_HASH) is needed by package xvidcore

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package lame

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package a52dec

Error: Missing Dependency: rtld(GNU_HASH) is needed by package faad2

Error: Missing Dependency: rtld(GNU_HASH) is needed by package x264

Error: Missing Dependency: rtld(GNU_HASH) is needed by package lame

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package xvidcore

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package faac

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package faad2

Error: Missing Dependency: libgif.so.4 is needed by package imlib2

Error: Missing Dependency: rtld(GNU_HASH) is needed by package faac

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package gsm

Error: Missing Dependency: libpng12.so.0(PNG12_0) is needed by package imlib2

Error: Missing Dependency: rtld(GNU_HASH) is needed by package libmp4v2

Error: Missing Dependency: libc.so.6(GLIBC_2.4) is needed by package libmp4v2


then most commonly you have GLIB 2.3 installed instead of GLIB 2.4 version.
To check the current GLIB version installed on your server. just use


yum list glib*


and it should list the latest GLIB package version.


The reason i was getting this error was my rpmforge packages was pointed to
centos 5 versions instead of centos 4.6.


To fix dependency error:


To fix this error, you might need to check your rpmforge packages compatible
to the release of your existing CentOS version.

Check the file /etc/yum.repos.d/rpmforge.repo and it should
look like for Centos 4.6(Final). If you have lines like http://apt.sw.be/redhat/el5/en/mirrors-rpmforge
you might need to make changes to the rpmforge.repos
like shown below


Note: Backup the original rpmforge.repo file
before you edit its content.


[rpmforge]

name = Red Hat Enterprise $releasever - RPMforge.net - dag

#baseurl = http://apt.sw.be/redhat/el4/en/$basearch/dag

mirrorlist = http://apt.sw.be/redhat/el4/en/mirrors-rpmforge

#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge

enabled = 1

protect = 0

gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag

gpgcheck = 1


To know what linux type and version you are running


cat /etc/redhat-release


Once this is done, do again yum install ffmpeg.


This trick resolved the problem in my linux box running Centos 4.6 and this
is the only way i found to install ffmpeg using yum.


To check the FFmpeg working:


Finally, check the ffmpeg whether it is working or not.


> ffmpeg

> ffmpeg -formats

> ffmpeg --help

// This lists path of mpeg, its modules and other path information




ffmpeg -i Input.file Output.file


To check what audi/video formats are supported


ffmpeg -formats > ffmpeg-format.txt


Open the ffmpeg-formats.txt to see the ooutput


D means decode

E means encode

V means video

A means audio

T = Truncated


Install FFMPEG-PHP Extension


FFmpeg-php
is a very good extension and wrapper for PHP which can pull useful information
about video through API interface. Inorder to install it you will need to download
the source file and then compile and install extension in your server. You can
download the source tarball : http://ffmpeg-php.sourceforge.net/


wget /path/to/this/file/ffmpeg-php-0.5.2.1.tbz2


tar -xjf ffmpeg-0.5.2.1.tbz2


phpize


./configure

make

make install


Common Errors


1. If you get command not found error for
phpize, then you will need to do yum install php-devel


2. If you get error like "ffmpeg headers not
found"
while configuring the source.


configure: error: ffmpeg headers not found. Make sure ffmpeg is
compiled as shared libraries using the --enable-shared option


then it means you have not installed ffmpeg-devel packages.


To Fix: Just install ffmpeg-devel using


yum install ffmpeg-devel


3. If you get an error like shared libraries not found problem
and the program halts in the middle, then you must specify the ffmpeg installed
path explicitly to the ./configure.


configure: error: ffmpeg shared libraries not found. Make sure
ffmpeg is compiled as shared libraries using the --enable-shared option


To Fix:


1. First find out the ffmpeg path with ffmpeg --help command.
The prefix default path should be like /usr/local/cpffmpeg

2. Configure the FFmpeg-php with --with-ffmpeg option


./configure --with-ffmpeg=/usr/local/cpffmpeg


That should resolve the problem!


Editing PHP.INI


Once you have done that without any problems then you will see the php extension
file /usr/local/lib/php/extensions/no-debug-non-zts-20060613/ffmpeg.so
and you will need mention that extension in php.ini file


nano /usr/local/lib/php.ini


Put the below two lines at the end of the php.ini file


[ffmpeg]

extension=ffmpeg.so


Then restart the server service httpd restart


To check whether ffmpeg enabled with php, point your browser
to test.php file. It should show the confirmation of installed
ffmpeg php extension


// #test.php



<?php


phpinfo()


?>



If any case the ffmpeg does not show in the phpinfo() test make sure that php.ini
path to ffmpeg.so is correct. Still the problem occurs, the reason could be
you might be using older versions of ffmpeg-php which is buggy. Just download
the latest version of ffmpeg-php source then compile it.


Installing Mplayer + Mencoder


Just issue the following yum commands to install the rest of the packages.


yum install mplayer mencoder


Installing FlvTool2


Flvtool2 is a flash video file manipulation tool. It can calculate metadata
and can cut and edit cue points for flv files.


If you are on Centos 5 try yum install flvtool2 with dag
repository and if you get package not found you will need to manually download
and compile the flvtool2. You can download latest version of flvtool2 here:
http://rubyforge.org/projects/flvtool2/


wget <url-link>


ruby setup.rb config

ruby setup.rb setup

sudo ruby setup.rb install


If you get command not found error, it probably means that
you dont have ruby installed.


yum install ruby


Thats it! Once ffmpeg works fine with php extension, download a sample video,
convert to .flv format in the command line and plug it to flowplayer
to see it work on your web browser. Try also to download the video file offline
and see whether the converted flv file works well with both audio and video.


Useful Links


FFmpeg (http://ffmpeg.mplayerhq.hu)

Mplayer + Mencoder (http://www.mplayerhq.hu/design7/dload.html)

Flv2tool (http://inlet-media.de/flvtool2)

Libogg + Libvorbis (http://www.xiph.org/downloads)

LAME MP3 Encoder (http://lame.sourceforge.net)


FlowPlayer - A Free Flash Video Player - http://flowplayer.org/


Install FFmpeg from Compiling Source (Tutorial
Link
)

Nice FFmpeg Installation Tutorial (click
here
)

Important Audio Codecs (http://www.mplayerhq.hu/DOCS/HTML/en/audio-codecs.html)

Common Errors & Fixes while Installing FFmpeg (click
here
)

http://www.mysql-apache-php.com/ffmpeg-install.htm

Flash Streaming vs Progressive Download

SkyHi @ Monday, May 10, 2010

This is a brief description of Streaming vs Progressive Download with Flash and how it relates to web video.


Progressive Download


This is a common way people link to videos from their own websites. They encode a video, upload it to their website then embed the video.


When someone views this video it is downloaded to their computer. The web server does not care about the quality or size of the video, it will allow them to download it like any other image or document as fast as they can. Playback will begin as soon as enough video has been downloaded, but you are not able to fast-forward to the end of the video without it being downloaded.


To get a little more technical this transfer happens over HTTP (Hypertext Transport Protocol) which operates on TCP (Transport Control Protocol). These protocols make every little bit of video that is downloaded to your computer will be a little larger than it needs to be. This is to ensure that every piece of data is guaranteed to be delivered and if it isn’t the data is sent again, using a little more bandwidth. If someones internet is interment you can end up using more bandwidth for resending information than for the video itself.


TCP (progressive download) is not designed for efficient real time delivery or careful bandwidth control. But if you need a file accurate and reliable then it will deliver every time.


When the h.264 codec was released this introduced another flaw in progressive downloads. h.264 has the information to play the video at the end of the file, so the whole file must be downloaded before the video can start to play. (This was fixed with Flash player 10)


Key Points:


  • cannot be used for live events
  • is not efficient
  • is not secure
  • can not adjust for a users connection speed
  • can not jump to video without it being downloaded
  • video is downloaded

Streaming (Flash Media Server)


Streaming is more efficient and less common because you need FMS software running on a web server to use it. It works similar to embedding a video on a website using progressive download. The videos is encoded, uploaded to a FMS then embedded on a website.


When someone views the video a well made player will detect the viewers connection speed and buffer a little video, not downloading the whole file. A viewer will be able to fast-forward to any place in the file without having to download it.


To get more technical the videos are transferred over RTMP (Real Time Messaging Protocol) or RTMPS which has little overhead compared to HTTP. Every little piece of video that is sent to your computer will be just enough to view the video. If someones connection is interment then the video will pause, re-buffer and start when the connection is better. This is a more efficient use of bandwidth.


Also if RTMP (port 1935) fails it will fall back to RTMPT which will send the packets over HTTP, but will not need to resend information as with progressive download.


Using FMS and streaming videos you can also apply security by IP viewing the video or web page the video is streaming from.


Key Points:


  • can be used for live events
  • used for advanced interactive content
  • is efficient
  • adjusts for connection speeds
  • video is not downloaded
  • better analytics (how many seconds viewed)

REFERENCES
http://www.zoomwebvideo.com/zoomlab/index.php/2010/02/flash-streaming-vs-progressive-download/

Compiz Keyboard Shortcuts in Ubuntu 10.04

SkyHi @ Monday, May 10, 2010

I couldn’t find much information about keyboard shortcuts for Compiz effects in Ubuntu 10.04. I poked through the default Compiz configuration and found some I didn’t know about, and some that have changed from previous versions of Ubuntu.


Some of the following keyboard shortcuts will not work at all if Compiz (visual effects) if turned off.


Workspaces


  • Ctrl + Alt + Left/Right/Up/Down arrow – move to the workspace in the given direction
  • Ctrl + Alt + Shift + Left/Right arrow – move the current window to the workspace in the given direction
  • Super + E - “expo” effect, shows all workspaces (move windows with left mouse button, zoom to a workspace with right mouse button)

Window Management


  • Super + W – “scale” effect, shows all windows in current workspace (left click selects window, middle click closes window, right click zooms window)
  • Super + A – “scale” effect, shows all windows
  • Alt + F10 – toggle maximize current window
  • Alt + F9 – minimize current window
  • Ctrl + Alt + D – toggle show desktop
  • Alt + Middle mouse button – resize window
  • Alt + Left mouse button – move window
  • Alt + Right mouse button – window menu
  • Alt + F7 – move current window (without holding down mouse button)
  • Alt + F8 – resize current window (without holding down mouse button)
  • Alt + Tab – switch windows on current workspace
  • Ctrl + Alt + Tab – switch windows on all workspaces

Accessibility


  • Super + Mouse wheel scroll – zoom screen
  • Super + Middle mouse button – draw rectangle to zoom to
  • Super + N – invert colours of current window
  • Super + M – invert colours of screen (Compiz is configured for this shortcut, but the messaging indicator seems to have taken it over so it doesn’t work)

Ubuntu Community Documentation has more on keyboard shortcuts (although some of it is outdated now for Ubuntu 10.04). You can view and change some shortcuts using System->Preferences->Keyboard Shortcuts.


REFERENCES
http://tombuntu.com/index.php/2010/05/05/compiz-keyboard-shortcuts-in-ubuntu-10-04/