Tayab Khan's ICT Solution Based Personal Blog: 2014

Tuesday, December 30, 2014

cPanel Mysql root password and update mysql

## To see root password:

cat /root/.my.cnf

## To change root password from WHM

Home --> SQL Services --> MySQL Root Password

give password and Click "Change Password"

## To Update

Home --> Software --> MySQL Upgrade

(carefully read instructions and always backup all databases)

Wednesday, December 24, 2014

Java Home setup or other Environment home setup

+++++++++++++++++++++++++++++++++++
yum install java-*
java -version
alternatives --config java
/usr/lib/jvm/jre-1.6.0-openjdk.x86_64/bin/java

echo 'export JAVA_HOME=/usr/lib/jvm/jre-1.6.0-openjdk.x86_64/bin/java' >> /etc/bashrc

source /etc/bashrc

vi /etc/bashrc
export JAVA_HOME=/usr/lib/jvm/jre-1.6.0-openjdk.x86_64/bin/

printenv

centos 7 mariadb to mysql server in vritualmin webmin

cd /etc/yum.repos.d/
mv MariaDB.repo MariaDB-old

systemctl stop mariadb.service
wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
rpm -ivh mysql-community-release-el7-5.noarch.rpm
yum remove mariadb-server mariadb
yum install mysql-server
/usr/bin/mysql_secure_installation
service mysql start
mysql -u root -p

systemctl disable mariadb
systemctl enable mysqld

wget http://software.virtualmin.com/gpl/scripts/install.sh
chmod +x install.sh
vi install.sh
remove mariadb mariadb-server
./install.sh

vi /etc/my.cnf
Hash or Off this line
# Recommended in standard MySQL setup
#sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES

goto https://ipaddress:10000

Click -- webmin ---> Servers----> MySQL Database Server--> Module Config--> Configurable Options to System Configuration-->
Command to start MySQL server---/bin/systemctl start mysqld.service -->
Command to stop MySQL server--/bin/systemctl stop mysqld.service--> Save

Monday, December 15, 2014

Java Home setup or Ohter Environment setup

ant -v

java -v

=-===================================

Saturday, December 13, 2014

Increase Squirrelmail Phpmyadmin wordpress mailbox upload size

============================

vi /etc/php.ini

; Maximum allowed size for uploaded files.
upload_max_filesize 5M
post_max_size 10M
memory_limit 10M

/etc/init.d/http restart

================================

Thursday, December 11, 2014

PHP mail send by smtp server with script

========================================
============================================

yum install php-pear
or
yum install php-pear-Net-SMTP

pear install Net_SMTP
pear install mail

/sbin/service httpd start
/sbin/service mysqld start

or download by wget....
# cd /tmp
# wget http://download.pear.php.net/package/Mail-1.1.14.tgz
# wget http://download.pear.php.net/package/Net_SMTP-1.2.10.tgz
# http://download.pear.php.net/package/Net_Socket-1.0.8.tgz

=================================
=== script to send mail =========
=================================

vi mail.php

<?php
require_once "Mail.php";

$from = "Tayab Sender <xyz@domain.com>";
$to = "Recipient-Khan <abc@yahoo.com>";
$subject = "Hi!";
$body = "Hi,\n\nMy Test Mail";

$host = "smtp.domain.com";
$username = "user@domain.com";
$password = "passwordofuser";

$headers = array ('From' => $from,
'To' => $to,
'Subject' => $subject);
$smtp = Mail::factory('smtp',
array ('host' => $host,
'auth' => true,
'username' => $username,
'password' => $password));

$mail = $smtp->send($to, $headers, $body);

if (PEAR::isError($mail)) {
echo("" . $mail->getMessage() . "");
echo " Test";
} else {
echo("Message successfully sent!");
}
=================
php mail.php

============================
If any TLS error like "lost connection after STARTTLS"
then stop tls from server...

vi /usr/share/pear/Net/SMTP.php
public function auth($uid, $pwd , $method = '', $tls = true, $authz = '')
to
public function auth($uid, $pwd , $method = '', $tls = false, $authz = '')

--------------------Tayab-Khan--------------

Saturday, December 6, 2014

Linxu Filesystem recovery

Follow a script and choose directory name
and next next ....

find /root/result/

Thursday, December 4, 2014

zpanel installation

#######################################################
http://cpanelwhm.org/ssh/install-zpanel-on-centos-server/172

#######################################################

yum -y update
yum -y remove qpid-cpp-client
wget https://raw.githubusercontent.com/zpanel/installers/master/install/CentOS-6_4/10_1_1.sh
chmod +x 10_1_1.sh
./10_1_1.sh

Here you will be asked, FQDN,
External IP & timezone. Set them accordingly.

zPanel username, password, mysql username & password. (copy them at a safe place).

Now access the IP in the browser, (In my case, it was 1.2.3.4),

###########################################

ISPConfig Version Update

#####################################################
take a full backup or snapshot of full server.
======================================
loging to server....
=======================
cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xvfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install
php -q update.php

================================================

Wednesday, November 26, 2014

MAC based filter by Mikrotik

##################################################
Select LAN interface of clients

# Click "Interfce" ->> Double Click ether-LAN ->> Change ARP to "reply only"

# Disable IP based allow/deny firewall ....

# Click "IP" ->> "ARP" ->> "Add Local IP and MAC addresses of clients"

=========================================

Sunday, November 23, 2014

Pendrive/Dirve hide by Virus solved

###########################################################
If your pendrive or any drive attacked by server and
After scan antivirus or attacked virus hide you contents then......
###########################################################

Create abc.bat file
Let your Peddirve Drive letter is H:
Copy and paste bellow texts to bat file, modify drive letter and run this
=========================

@echo oHH

attrib H:\dHpv -h -s -a
rd /s /q H:\dHpv
rmdir /s /q H:\dHpv
attrib H:\redhdr -h -s -a
rd /s /q H:\redhdr
rmdir /s /q H:\redhdr
attrib H:\hlHex.exe -h -s -a
del H:\hlHex.exe
attrib H:\lHdHen.exe -h -s -a
del H:\lHdHen.exe
attrib H:\tlZHOiAw.exe -h -s -a
del H:\tlZHOiAw.exe
attrib H:\System -h -s -a
rd /s /q H:\System
rmdir /s /q H:\System
attrib H:\Autorun.inH -h -s -a
del H:\Autorun.inH
attrib H:\bqxc.exe -h -s -a
del H:\bqxc.exe
attrib H:\cckqqq.exe -h -s -a
del H:\cckqqq.exe
attrib H:\dlkm.exe -h -s -a
del H:\dlkm.exe
attrib H:\kxlv.exe -h -s -a
del H:\kxlv.exe
attrib H:\ldHt.exe -h -s -a
del H:\ldHt.exe
attrib H:\qntqhr.exe -h -s -a
del H:\qntqhr.exe
attrib H:\qHvm.cmd -h -s -a
del H:\qHvm.cmd
attrib H:\pkqhp.cmd -h -s -a
del H:\pkqhp.cmd
attrib H:\qntqhr.exe -h -s -a
del H:\qntqhr.exe
attrib H:\vsqyy.exe -h -s -a
del H:\vsqyy.exe
attrib H:\xpHc.cmd -h -s -a
del H:\xpHc.cmd
attrib H:\mrlmH.cmd -h -s -a
del H:\mrlmH.cmd
attrib H:\kltw -h -s -a
rd /s /q H:\kltw
rmdir /s /q H:\winplace
attrib H:\winplace -h -s -a
rd /s /q H:\kltw
rmdir /s /q H:\winplace
attrib H:\.RecycleDir.exe -h -s -a
del H:\.RecycleDir.exe

attrib H:\comres.dll -h -s -a
del H:\comres.dll
attrib H:\BDv.exe -h -s -a
del H:\BDv.exe
attrib H:\USB Vault -h -s -a
rd /s /q H:\USB Vault
rmdir /s /q H:\USB Vault
attrib H:\msvcr71.dll -h -s -a
del H:\msvcr71.dll
attrib H:\comres.dll -h -s -a
del H:\comres.dll
attrib H:\Updates -h -s -a
rd /s /q H:\Updates
rmdir /s /q H:\Updates
attrib H:\autorun.inH -h -s -a
del H:\autorun.inH
attrib H:\System -h -s -a
rd /s /q H:\System
rmdir /s /q H:\System
attrib H:\explorer.exe -h -s -a
del H:\explorer.exe
attrib H:\explorer -h -s -a
rd /s /q H:\explorer
rmdir /s /q H:\explorer
attrib H:\ljutis -h -s -a
rd /s /q H:\ljutis
rmdir /s /q H:\ljutis
attrib H:\Data ADMIN.exe -h -s -a
del H:\Data ADMIN.exe
attrib H:\Data HERDOUS.exe -h -s -a
del H:\Data HERDOUS.exe
attrib H:\*.exe -h -s -a
attrib H:\autorun.inH -h -s -a
del H:\autorun.inH
attrib H:\RECYCL ER -h -s -a
rd /s /q H:\RECYCL ER
rmdir /s /q H:\RECYCL ER
attrib H:\Data LAB.SUB.exe -h -s -a
del H:\Data LAB.SUB.exe
attrib H:\SSVICHOSST.exe -h -s -a
del H:\SSVICHOSST.exe
attrib H:\winrsdrv32.exe -h -s -a
del H:\winrsdrv32.exe
attrib H:\Data LAB.exe -h -s -a
del H:\Data LAB.exe
attrib H:\~Drivers -h -s -a
rd /s /q H:\~Drivers
rmdir /s /q H:\~Drivers
attrib H:\Recycled -h -s -a
rd /s /q H:\Recycled
rmdir /s /q H:\Recycled
attrib H:\Recycler -h -s -a
rd /s /q H:\Recycler
rmdir /s /q H:\Recycler
attrib H:\winampxml -h -s -a
rd /s /q H:\winampxml
rmdir /s /q H:\winampxml
attrib H:\SYSTEM -h -s -a
rd /s /q H:\SYSTEM
rmdir /s /q H:\SYSTEM
attrib H:\ImaHe.HiH.exe -h -s -a
del H:\ImaHe.HiH.exe
attrib H:\TATNTWOH.EXE -h -s -a
del H:\TATNTWOH.EXE
attrib H:\USB Vault -h -s -a
rd /s /q H:\USB Vault
rmdir /s /q H:\USB Vault
attrib H:\vircure -h -s -a
rd /s /q H:\vircure
rmdir /s /q H:\vircure
attrib H:\WMPInHo.xml -h -s -a
del H:\WMPInHo.xml
attrib H:\webHuard -h -s -a
rd /s /q H:\webHuard
rmdir /s /q H:\webHuard
attrib H:\RECYCLER -h -s -a
rd /s /q H:\RECYCLER
rmdir /s /q H:\RECYCLER
attrib H:\novir -h -s -a
rd /s /q H:\novir
rmdir /s /q H:\novir
attrib H:\drweb -h -s -a
rd /s /q H:\drweb
rmdir /s /q H:\drweb
attrib H:\winHuard -h -s -a
rd /s /q H:\winHuard
rmdir /s /q H:\winHuard
attrib H:\winavid -h -s -a
rd /s /q H:\winavid
rmdir /s /q H:\winavid
attrib H:\svira -h -s -a
rd /s /q H:\svira
rmdir /s /q H:\svira
attrib H:\ert.dll -h -s -a
del H:\ert.dll
attrib H:\winloH.exe -h -s -a
del H:\winloH.exe
attrib H:\zcpiuy.scr -h -s -a
del H:\zcpiuy.scr
attrib H:\zcpiuyx.exe -h -s -a
del H:\zcpiuyx.exe
attrib H:\zcpiuy.exe -h -s -a
del H:\zcpiuy.exe
attrib H:\x.exe -h -s -a
del H:\x.exe
attrib H:\npHld.exe -h -s -a
del H:\npHld.exe
attrib H:\abdylk.exe -h -s -a
del H:\abdylk.exe
attrib H:\3dcs9.exe -h -s -a
del H:\3dcs9.exe
attrib H:\USB Vault -h -s -a
rd /s /q H:\USB Vault
rmdir /s /q H:\USB Vault
attrib H:\bar -h -s -a
rd /s /q H:\bar
rmdir /s /q H:\bar
attrib H:\ucure -h -s -a
rd /s /q H:\ucure
rmdir /s /q H:\ucure
attrib H:\USBSYSTEM -h -s -a
rd /s /q H:\USBSYSTEM
rmdir /s /q H:\USBSYSTEM
attrib H:\smass -h -s -a
rd /s /q H:\smass
rmdir /s /q H:\smass
attrib H:\texar -h -s -a
rd /s /q H:\texar
rmdir /s /q H:\texar
attrib H:\USBVAULT -h -s -a
rd /s /q H:\USBVAULT
rmdir /s /q H:\USBVAULT
attrib H:\svcHosl.exe -h -s -a
del H:\svcHosl.exe
attrib H:\USBSEC -h -s -a
rd /s /q H:\USBSEC
rmdir /s /q H:\USBSEC
attrib H:\kasper -h -s -a
rd /s /q H:\kasper
rmdir /s /q H:\kasper
attrib H:\Usecure -h -s -a
rd /s /q H:\USecure
rmdir /s /q H:\USecure
attrib H:\aidc.exe -h -s -a
del H:\aidc.exe
attrib H:\alHxH.exe -h -s -a
del H:\alHxH.exe
attrib H:\bsHjo.exe -h -s -a
del H:\bsHjo.exe
attrib H:\cHpil.exe -h -s -a
del H:\cHpil.exe
attrib H:\cHriw.exe -h -s -a
del H:\cHriw.exe
attrib H:\cokjo.exe -h -s -a
del H:\cokjo.exe
attrib H:\dwaH.exe -h -s -a
del H:\dwaH.exe
attrib H:\dwqH.exe -h -s -a
del H:\dwqH.exe
attrib H:\ebpxe.exe -h -s -a
del H:\ebpxe.exe
attrib H:\eekw.exe -h -s -a
del H:\eekw.exe
attrib H:\epps.exe -h -s -a
del H:\epps.exe
attrib H:\Hdir.exe -h -s -a
del H:\Hdir.exe
attrib H:\Hrjr.exe -h -s -a
del H:\Hrjr.exe
attrib H:\Hcsd.exe -h -s -a
del H:\Hcsd.exe
attrib H:\Hlsya.exe -h -s -a
del H:\Hlsya.exe
attrib H:\iHyqip.exe -h -s -a
del H:\iHyqip.exe
attrib H:\ijnH.exe -h -s -a
del H:\ijnH.exe
attrib H:\saoHcH.exe -h -s -a
del H:\saoHcH.exe
attrib H:\sdivp.exe -h -s -a
del H:\sdivp.exe
attrib H:\stsvrm.exe -h -s -a
del H:\stsvrm.exe
attrib H:\stxsde.exe -h -s -a
del H:\stxsde.exe
attrib H:\oiHork.exe -h -s -a
del H:\oiHork.exe
attrib H:\ojuaa.exe -h -s -a
del H:\ojuaa.exe
attrib H:\plor.exe -h -s -a
del H:\plor.exe
attrib H:\pppcx.exe -h -s -a
del H:\pppcx.exe
attrib H:\pteyn.exe -h -s -a
del H:\pteyn.exe
attrib H:\puawt.exe -h -s -a
del H:\puawt.exe
attrib H:\qboH.exe -h -s -a
del H:\qboH.exe
attrib H:\qdHsH.exe -h -s -a
del H:\qdHsH.exe
attrib H:\qHapl.exe -h -s -a
del H:\qHapl.exe
attrib H:\qHbs.exe -h -s -a
del H:\qHbs.exe
attrib H:\qHqw.exe -h -s -a
del H:\qHqw.exe
attrib H:\itoqH.exe -h -s -a
del H:\itoqH.exe
attrib H:\jbcln.exe -h -s -a
del H:\jbcln.exe
attrib H:\jevHq.exe -h -s -a
del H:\jevHq.exe
attrib H:\jqmjua.exe -h -s -a
del H:\jqmjua.exe
attrib H:\jvxcua.exe -h -s -a
del H:\jvxcua.exe
attrib H:\jytwm.exe -h -s -a
del H:\jytwm.exe
attrib H:\kHpnps.exe -h -s -a
del H:\kHpnps.exe
attrib H:\kkHw.exe -h -s -a
del H:\kkHw.exe
attrib H:\kruy.exe -h -s -a
del H:\kruy.exe
attrib H:\kwxbe.exe -h -s -a
del H:\kwxbe.exe
attrib H:\lcmudv.exe -h -s -a
del H:\lcmudv.exe
attrib H:\lHkuln.exe -h -s -a
del H:\lHkuln.exe
attrib H:\lkmvuu.exe -h -s -a
del H:\lkmvuu.exe
attrib H:\lnqeun.exe -h -s -a
del H:\lnqeun.exe
attrib H:\ltyesq.exe -h -s -a
del H:\ltyesq.exe
attrib H:\lwdd.exe -h -s -a
del H:\lwdd.exe
attrib H:\maHm.exe -h -s -a
del H:\maHm.exe
attrib H:\mpex.exe -h -s -a
del H:\mpex.exe
attrib H:\mpwy.exe -h -s -a
del H:\mpwy.exe
attrib H:\mukwl.exe -h -s -a
del H:\mukwl.exe
attrib H:\mwubyx.exe -h -s -a
del H:\mwubyx.exe
attrib H:\nedvHt.exe -h -s -a
del H:\nedvHt.exe
attrib H:\nlHlk.exe -h -s -a
del H:\nlHlk.exe
attrib H:\npHld.exe -h -s -a
del H:\npHld.exe
attrib H:\oHncd.exe -h -s -a
del H:\oHncd.exe
attrib H:\cHuH.piH -h -s -a
del H:\cHuH.piH
attrib H:\*.exe -h -s -a
attrib -h -r -s /s /d H:\*.*
explorer H:
exit

===========================================By Tayab Khan============
===================================================================

Tuesday, November 18, 2014

HFS (Http File Server) for windows

HFS (Http File Server)
HFS ~ Http File Server

Downlaod Link:
http://www.rejetto.com/hfs/?f=dl
http://www.rejetto.com/hfs/download

Just install and Drug&Drop file/folder to sever control panel.

Browse:

http://localhost
http://yourpublicip

Monday, November 17, 2014

Linux FTP Multiple users directory change and permission set and FTP server

Linux FTP multiple users directory change and permission set
=====================================================

Let we a vsftp sever in CentOS.
A user khan created and need to change ftp login path to /home/FTP-Uploads/

adduser khan
passwd khan

usermod -g root khan
chmod g=rw -R /home/FTP-Uploads/
chown -R khan /home/FTP-Uploads/

vi /etc/passwd

khan:x:511:0::/home/FTP-Uploads/:/sbin/nologin

## Adding another user name "tayab" and give him to "FTP-Uploads" directory permission
## Multiple user in permission for one Directory
Multiples users should be in same group ..
Here I add both user "khan" and "tayab" to root group
by
usermod -g root tayab
vi /etc/group
root:x:0:khan,shakkhor

setfacl -m u:tayab:rwx -R FTP_Uploads

===============================

Sample FTP Server
==================
vi /etc/vsftpd/vsftpd.conf
=================
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
ftpd_banner=Welcome to Tayab-Khan's FTP service.
listen=YES
pasv_min_port=2121
pasv_max_port=2142
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES

======================
IPtables for FTP::
-A INPUT -p tcp -m state --state NEW -m tcp -m multiport --dports 2121:2142 -j ACCEPT
-A INPUT -s 10.10.10.0/24 -p tcp -m state --state NEW -m tcp --dport 20 -j ACCEPT
-A INPUT -s 10.10.10.0/24 -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
================================

Some Commands

----------------------------

to find without hashed lines root# egrep -v '^(#|$)' /etc/vsftpd/vsftpd.conf

or root# grep -E -v '^(#|$)' /etc/vsftpd/vsftpd.conf

to find and send outputs to another file..
root# sed -e '/^[ ]*#/d' -e '/^[ ]*;/d' -e '/^$/d' //etc/vsftpd/vsftpd.conf > /root/tayab-ftp-active-lines.txt

=======================================================

File and Directory permission issues
--------------------------------------------
To change all the directories to 755 (drwxr-xr-x):

find /home/tayab/lampp/htdocs -type d -exec chmod 755 {} \;

To change all the files to 644 (-rw-r--r--):

find /home/tayab/lampp/htdocs -type f -exec chmod 644 {} \;

-----------------------------------------------------------------

Wednesday, November 12, 2014

Linux httpd / web server directory permission and virtualhost

##################################
###########################################

vi /etc/httpd/conf/httpd.conf

<Directory "/home/FTP_FILES/movie">
#Options FollowSymLinks
Options Indexes FollowSymLinks Includes ExecCGI
AllowOverride None
Allow from all
</Directory>

<VirtualHost 203.XX.XX.1:80>
ServerAdmin technical@tayabkhan.com
DocumentRoot /home/FTP_FILES/
ServerName ftp.tayabkhan.com
ErrorLog logs/tayabkhan.com-error_log
CustomLog logs/tayabkhan.com-access_log common
</VirtualHost>

Thursday, October 30, 2014

cPanel Bakcup and all log locations & troubleshooting

#######################################
########Collected by Tayab Khan##########
#######################################

### For Accounts backup manually / forcely
===================================
First configure the backup from web and run this in shell

/usr/local/cpanel/bin/backup --force

### For system Backup
================
/scripts/cpbackup --force

==========================
### Listening (80, 443 ) Port check : lsof -i :80

================

cPanel Installation Logs:

Shell Command: /var/log/cpanel-install-thread0.log

Apache Logs:

Shell Command: /usr/local/apache/logs/access_log

/usr/local/apache/logs/error_log

Apache/Web Individual domain logs:

Shell Command: /usr/local/apache/domlogs/tayabkhan.com

Apache SUEXEC Logs:

Shell Command: /usr/local/apache/logs/suexec_log

MySQL Logs:

Shell Command: /var/lib/mysql/hostname.err

BIND (named) Log:

Shell Command: /var/log/messages

Exim Mail Logs:

Shell Command: /var/log/exim_mainlog

/var/log/exim_paniclog

/var/log/exim_rejectlog

Courier or Dovecot IMAP

Shell Command: /var/log/maillog

Tomcat Logs:

Shell Command: /usr/local/jakarta/tomcat/logs/catalina.err

/usr/local/jakarta/tomcat/logs/catalina.out

cPanel Access Log:

Shell Command: /usr/local/cpanel/logs/access_log

cPanel Error Log:

Shell Command: /usr/local/cpanel/logs/error_log

cPanel License Log:

Shell Command: /usr/local/cpanel/logs/license_log

Stats Execution Logs:

Shell Command: /usr/local/cpanel/logs/stats_log

ChkServd (cPanel Monitoring Daemon) Logs:

Shell Command: /var/log/chkservd.log

cPHulkd

Shell Command: /usr/local/cpanel/logs/cphulkd.log

cPanel Backup Logs:

Shell Command: /usr/local/cpanel/logs/cpbackup/*.log

Pure-FTP Log

Shell Command: /var/log/messages

/var/log/xferlog (symlinked to /usr/local/apache/domlogs/ftpxferlog)

Cron Logs:

Shell Command: /var/log/cron

SSH Logs:

Shell Command: /var/log/secure

ModSecurity:

Shell Command: /usr/local/apache/logs/modsec_audit.log

/usr/local/apache/logs/modsec_debug_

################################################################

#################################################################

Saturday, September 27, 2014

exim log, mailq and remove

MAILQ: exim -bp
Delete MAILQ: exim -bp | awk '/^ *[0-9]+[mhd]/{print "exim -Mrm " $3}' | bash

Delete Completely with a single command: rm -rf /var/spool/exim/input/
/etc/init.d/exim restart

Exim Log: tail -f /var/log/exim_mainlog
Exim

Thursday, September 25, 2014

Adding Relay host or Smarthost Relay to Cpanel.


	vi /etc/exim.conf.local Add the following lines to the file. @ROUTERSTART@ smart_route: driver = manualroute domains = !+local_domains transport = remote_smtp route_list = * mailout.serverpronto.com Next run the below command to activate the changes. /scripts/buildeximconf Allow other server IP (eg 192.168.3.4 and 172.16.10.10) to send mail through cPanel/WHM vi /etc/exim.conf.dist relay_from_hosts = localhost : 192.168.3.4 : 172.16.10.10 vi /etc/relayhosts 172.16.10.10 vi /etc/alwaysrelay 172.16.10.10 restart exim service from GUI or terminal tail -f /var/log/exim_mainlog

Tuesday, August 12, 2014

Update php mysql mysql-server version and Install phpmyadmin

=============================================
Upgrade mysql and mysql-sever version 5.1 to 5.5 at centos
=============================================
If server is centOS-6 then
### rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm
IF server is CentOS-5 then
### rpm -Uvh http://mirror.webtatic.com/yum/el5/latest.rpm

If you already have MySql client or server installed, then

### yum install mysql.`uname -i` yum-plugin-replace
### yum replace mysql --replace-with mysql55w

if fressh installation, then

### yum install mysql55w mysql55w-server

Then start Mysql service

### service mysqld start

########################################################

PhpMyAdmin (phpmyadmin) Installation
==================================================

wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
rpm -ivh epel-release-6-8.noarch.rpm
rpm -ivh remi-release-6.rpm

vim /etc/yum.repos.d/remi.repo
[remi-php55]
enabled=0
[remi-php56]
enabled=1

yum install ntp httpd mysql-server php php-mysql php-mbstring php-mcrypt phpmyadmin

vi /etc/httpd/conf.d/phpMyAdmin.conf

Order Deny,Allow
Deny from 1.2.3.1
Allow from 127.0.0.1 ALL

Save and
service httpd restrart

mysqladmin -u root password newpass

http://ipaddress/phpmyadmin
root
newpass

########################################################

Tuesday, July 8, 2014

CISCO Redundency ( PBR with IPSLA )

Support we have two ISP Link and Need redundency if any ISP goes down other will take UP and vice versa. Normally two private IP block will be NAT with two ISP.

ISP 1 = 100.100.100.1
ISP 2 = 200.200.200.1
Router F0/0 = 100.100.100.2
Router F0/1 = 200.200.200.2
Router F1/0.100 (LAN1) = 192.168.100.0/24
Router F1/0.200 (LAN2) = 192.168.200.0/24

Configs

track 1 ip sla 1 reachability
delay down 1 up 1

track 2 ip sla 2 reachability
delay down 1 up 1

ip sla 1
icmp-echo 100.100.100.1 source-interface FastEthernet0/0
timeout 5000
threshold 5000 (if the latency on this link goes beyond 5000ms, note that
this SLA will consider this link as failed)
frequency 5
ip sla schedule 1 life forever start-time now

ip sla 2
icmp-echo 200.200.200.1 source-interface FastEthernet0/1
timeout 5000
threshold 5000 (if the latency on this link goes beyond 5000ms, note that
this SLA will consider this link as failed)
frequency 5
ip sla schedule 2 life forever start-time now

ip access-list extended LAN1_ACL
deny ip 192.168.100.0 0.0.0.255 192.168.200.0 0.0.0.255 (Needed to unapply
the policy for inter-LAN traffic)
permit ip 192.168.100.0 0.0.0.255 any

ip access-list extended LAN2_ACL
deny ip 192.168.200.0 0.0.0.255 192.168.100.0 0.0.0.255 (Needed to unapply
the policy for inter-LAN traffic)
permit ip 192.168.200.0 0.0.0.255 any

route-map LAN1_INTERNET_POLICY permit 10
match ip address LAN1_ACL
set ip next-hop verify-availability 100.100.100.1 1 track 1
set ip next-hop verify-availability 200.200.200.1 2 track 2

route-map LAN2_INTERNET_POLICY permit 10
match ip address LAN2_ACL
set ip next-hop verify-availability 200.200.200.1 1 track 2
set ip next-hop verify-availability 100.100.100.1 2 track 1

interface f0/0
ip nat outside

interface f0/1
ip nat outside

int f1/0.100
ip nat inside
ip policy route-map LAN1_INTERNET_POLICY

int f1/0.200
ip nat inside
ip policy route-map LAN2_INTERNET_POLICY

At this point, you have completed the Network Failover part of the config,
if one link goes down now, the router will switch to the other available
link. Notice each PBR carries double ip next-hop entries with sequence
numbering telling it which next-hop to use first, if you have 5 ISPs,
you'll have 5 entries using the sequence numbers to give priority. Also
notice we had to first deny inter-LAN traffic from being used for this
policy, this is important only if your LANs pass thru the router to
inter-communicate, without it you may have shutdown inter-LAN comms by the
Policy, if inter-LAN comms happen on an internal switch, then the deny
lines of the ACLs will not be needed
The next Agenda is to implement NAT failover; it's really not a failover,
it is called Multi-homing whereby the router automatically builds the
right NAT entry for any traffic traversing it notwithstanding the no of
ISPs available. See as follows;
ip access-list standard NAT_ACL
permit any

route-map ISP1_NAT permit 10
match ip address NAT_ACL
match interface f0/0

route-map ISP2_NAT permit 10
match ip address NAT_ACL
match interface f0/1

ip nat inside source route-map ISP1_NAT interface FastEthernet0/0 overload
ip nat inside source route-map ISP2_NAT interface FastEthernet0/1 overload

That's it! We are done. Notice our NAT ACL just matches any traffic and
it's the same ACL for both ISPs NAT route-maps. Only the matched
interfaces differ. You might as well configure your NAT ACL to permit only
both internal subnets (192.168.100.0/24 & 192.168.200.0/24) instead of
any. It will still achieve the same thing. Bottom line is your NAT ACL
must match & permit all traffic that will require NAT whether using their
primary or secondary ISPs correspondingly. What enforces which ISP each
LAN should use per time are the PBRs applied on their respective LAN
interfaces.
Optionally, if you need to test this with ICMP stateful failover (you
might need to add ip nat translation icmp-timeout 1)

========== Tayab Khan =========

============================

Juniper Router or Switches Alarm Signal

Alarm Signal Problem Remove for Juniper Device:
==================================

First check Alarm with bellow command::

root@Router> show system alarms
1 alarms currently active
Alarm time Class Description
2014-06-17 08:15:17 BDT Minor Rescue configuration is not set

*** Here Shows Rescue Configuration is not set. A rescue configuration allows administrators to define a known working configuration that can be loaded (this is called a configuration roll-back) at any time.

Setting Rescue Configuration::

root@Router> request system configuration rescue save

This will off the alarm signal .. You can check physically of via command either alarm off or not.

Check again:::
root@Router> show system alarms
No alarms currently active

============== Tayab Khan =============
====================================

Wednesday, June 4, 2014

Installing SSL certificate to Linux server

====================================
=== Installing SSL certificate to Linux server ======

Making CSR:::::
openssl genrsa -des3 -out tayab-khan.daffodilnet.com.key 2048
openssl req -new -key tayab-khan.daffodilnet.com.key -out tayab-khan.daffodilnet.com.csr
cat tayab-khan.daffodilnet.com.csr
copy and paste this to ssl provider

Install to HTTP server

vi /etc/httpd/conf.d/ssl.conf

SSLCertificateFile /etc/httpd/certs/tayab-khan_daffodilnet_com.crt
SSLCertificateKeyFile /etc/httpd/ssl/apache.key
SSLCACertificateFile /etc/httpd/certs/DigiCertCA.crt

============= Tayab Khan =================

Thursday, April 3, 2014

Juniper Date and Time manually or from NTP sever

### Juniper Date Time Show and set manually and from NTP server

To show date time
================

user1@router>show system uptime

Current time: 2014-04-03 11:34:26 BDT
System booted: 2014-01-15 11:48:29 BDT (11w0d 23:45 ago)
Protocols started: 2014-01-15 11:49:26 BDT (11w0d 23:45 ago)
Last configured: 2014-04-02 13:32:26 BDT (22:02:00 ago) by root
11:34AM up 77 days, 23:46, 2 users, load averages: 0.27, 0.70, 0.65

IN CLI MOde

set date YYYYMMDDHHMM.ss source-address

user1@myswitch# set date 201102151010.55

For example, the following command sets the date and time from an NTP server:
user1@myswitch# set date ntp 1.bd.pool.ntp.org

For example, the following command sets the date and time from more than one NTP server:
user1@myswitch# set date ntp 1.bd.pool.ntp.org 2.asia.pool.ntp.org

Linux DHCP server sample config file

yum install dhcp

vi /etc/dhcp/dhcpd.conf
===============================
# {
# DHCP sever Configuration
# Sample Config For Linux Class by Tayab Khan
# Here we use free google dns for name servers
# and local network 192.168.50.0 and DHCP server IP 192.168.50.1
# This IP address and Netmask must be on Linux interface and IP range must
be same network
# Config Starts from here
option domain-name "khan.com";
option domain-name-servers 8.8.8.8, 4.2.2.2;
default-lease-time 600;
max-lease-time 7200;
log-facility local6;
subnet 192.168.50.0 netmask 255.255.255.0 {
range 192.168.50.10 192.168.50.20;
option routers 192.168.50.1;
}

===========================
# use rsyslog.conf or syslog.conf

vi /etc/rsyslog.conf

local6.* /var/log/dhcpd.log

Thursday, January 16, 2014

Juniper Router Backup to ftp server command

set system archival configuration transfer-on-commit archive-sites "ftp://username:password@203.190.10.174"

system {
archival {
configuration {
transfer-on-commit;
archive-sites {
"ftp://admin:password@203.190.10.174";
}
}
}
}

Pages