Category Archives: Unix

Unix Web Server

Modify Server Banner with mod_security

July 4, 2007 – 12:06 am

Apache/2.2.4 (Win32) PHP/5.2.1

Microsoft-IIS/6.0

Apache

GWS/2.1

Yes, my friend like to collect what server that run with specific domain.

Such online tools exist in internet like :

Netcraft

Untroubled

Using these tools, server can be "guest" but how accurate this information and whats this information for?

just for fun, nothing else icon smile Modify Server Banner with mod security

I just try mod_security within freebsd box to modify it’s banner which result :

"Solaris 10"

for apache 1.37 I run

Steps :

1. Install mod_security

kongja# whereis mod_security
mod_security: /usr/ports/www/mod_security
kongja# cd /usr/ports/www/mod_security
kongja# make install

2. Edit httpd.conf

Make sure this line exist :

LoadModule security_module    libexec/apache/mod_security.so

3. Activate mod_security by adding these lines in httpd.conf to modify the banner

SecFilterEngine On

SecServerSignature "Solaris 10"

4. Restart apache server and finish

Check  again using netcraft or untroubled

Change Solaris 10 to other, like GWS/2.1 ( google engine? hehehehe) or girlfriend name icon smile Modify Server Banner with mod security

Untroubled

Modify Server Banner with mod security

Netcraft

Modify Server Banner with mod security

 

Permalink | Comments Off
Unix

Afraid to install new OS?, take a look in vmware appliance

June 28, 2007 – 12:41 am

I remember first time I use Linux, it’s Redhat Linux 5

Click next..next and finish don’t work for me icon smile Afraid to install new OS?, take a look in vmware appliance

One HD die with honor for trying install Linux, since that time I’m a bit afraid to test new OS.

Nowadays everything seem easy, live CD everywhere

Even Fedora 7 came in Live CD version

How about non live CD version?

Simple,  use Vmware icon smile Afraid to install new OS?, take a look in vmware appliance

Vmware provide dedicated directory where many appliance reside. Famous Oracle,  OpenBSD secure by default, FreeBSD, instant ISP all in ready to use mode. Just install and run it with vmware.

Only vmware capable to run?

No, within newset version of VirtualBox (1.4) you can run vmware appliance.

I test it for my FreeBSD 6.2 stable from  snapshots Juni version. I still can’t install FreeBSD 6.2 in VirtualBox but able to run vmware disk in VirtualBox.

Interesting to see *BSD apliance

 http://www.fosstools.org/ provide :

NAMP, DAMP and OAMP are the NetBSD, DragonFly BSD and OpenBSD cousins of the popular LAMP deployment (Linux+Apache+MySQL+PHP) but also provide an installation of the powerful open-source database engine PostgreSQL, SQLite, Perl, Ruby and Python. The apliances also provide the popular tools phpMyAdmin and phpPgAdmin for easy administration of MySQL and PostgreSQL over the web. Recent development by the NetBSD and DragonFly BSD teams have resulted in significant performance gains for these operating systems and the popular opinion is that they rival the Linux 2.6.x kernel in performance, while providing excellent stability and security out of the box. The suitability of OpenBSD for the purposes of information assurance does not need any advertising. The *BSD AMPs are available as VMware appliances. For more information, please refer to the NAMP, DAMP, and OAMP sites.

Afraid to try new OS?

Find vmware apliancefor your want to try OS icon smile Afraid to install new OS?, take a look in vmware appliance

 

Permalink | Comments Off
Unix

Spread Link : FreeBSD June snapshots

June 13, 2007 – 12:29 am

FreeBSD i386 snapshots for June :

More architecture, click here

Permalink | Comment (1)
Unix

Set ip alias in FreeBSD

June 6, 2007 – 2:46 am

FreeBSD support ip aliasing, unlimited ip can assigned to one interface

From command line :

kongja# ifconfig -a

em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=b<RXCSUM,TXCSUM,VLAN_MTU>
        inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255
        inet 172.88.1.15 netmask 0xffff0000 broadcast 172.88.255.255
        ether 00:0e:0c:4e:21:d2
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=b<RXCSUM,TXCSUM,VLAN_MTU>
        inet 222.124.4.107 netmask 0xfffffff8 broadcast 222.124.4.111
        ether 00:0e:0c:4e:21:d3
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        inet 222.124.4.108 netmask 0xffffffff broadcast 222.124.4.108
        ether 00:60:97:6e:79:8e
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
pfsync0: flags=0<> mtu 2020
        syncpeer: 224.0.0.240 maxupd: 128
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0×5
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33208
read more »

Permalink | Comments Off
Unix

/etc/rc.local and pure-ftp

June 5, 2007 – 1:38 am

pure-ftp already run in port 21 and other instance needed to make different server call

existing one controlled by /etc/rc.conf and I don’t know howto configure another one

after searching google I found clue about rc.local

by default rc.local not exist, I have to create one :

kongja# ee /etc/rc.local

put this lines :

#!/bin/sh

/usr/local/sbin/pure-ftpd -S 172.88.1.15,212 -A -c50 -j -l mysql:/home/alamster/ftp/pureftpd-mysql_login.conf &

save by press Esc button

either execute it by typing :

kongja# sh /etc/rc.local

or by restarting  server then I can see two ftp service running . One using port 21 and another one using port 212

kongja# ps -ax | grep ftp
 1063  ??  I      0:00.03 pure-ftpd (SERVER) (pure-ftpd)
64979  p0- I      0:00.02 pure-ftpd (SERVER) (pure-ftpd)

 to make sure :

kongja# netstat -an | grep LISTEN
tcp4       0      0  *.21                   *.*                    LISTEN
tcp4       0      0  172.88.1.15.212         *.*                    LISTEN

great, I hope I not breaking anything by putting this line in rc.local icon smile /etc/rc.local and pure ftp

Permalink | Comments Off
Database Unix

Installing your favorite mysql version in FreeBSD

June 3, 2007 – 3:03 am

Ports offer more flexibility than package in general but when dealing with size I prefer using package icon smile Installing your favorite mysql version in FreeBSD

My common question when see this on freebsd ports page :

Installing your favorite mysql version in FreeBSD

to get mysql support on php, I must install mysql-client-5.0.41 thats means I must install mysql5 server too if I decide to install mysql in my server, I prefer to install mysql4. Is it possible?

I’m luckly, freebsd ports offer flexible options, simple trick to use mysql 4.0.27 with php4 is installing mysql4 server first.

after installing mysql server version 4 then php4-mysql will use mysql4-client automatically.

with this option some options for favorit mysql version available, depend on you.

-bash-2.05b$ cd /usr/ports/databases/
-bash-2.05b$ ls | grep mysql

read more »

Permalink | Comments Off
Unix

php 5.2.3 ports

June 2, 2007 – 1:03 pm

New release php5.2.3 make me curious to test upgrade from php4.4.7 to php5.2.3

kongja# cd /usr/ports/lang/php5

 

kongja# ee Makefile

 

PORTNAME=       php5
PORTVERSION=    5.2.3
PORTREVISION?=  0
CATEGORIES?=    lang devel www

 

kongja# make fetch

=> php-5.2.3.tar.bz2 is not in /data3/ports/lang/php5/distinfo.
=> Either /data3/ports/lang/php5/distinfo is out of date, or
=> php-5.2.3.tar.bz2 is spelled incorrectly.
*** Error code 1

kongja# ee distinfo

MD5 (php-5.2.2.tar.bz2) = d084337867d70b50a10322577be0e44e
SHA256 (php-5.2.2.tar.bz2) = cd69e73c46e1d171ac0cf27b7ee492c3bf8f6b45a763a77fd0cb79d5afa9f407
SIZE (php-5.2.2.tar.bz2) = 7310926
MD5 (suhosin-patch-5.2.2-0.9.6.2.patch.gz) = 081fe08d584820a6ece1fe2e8629711f
SHA256 (suhosin-patch-5.2.2-0.9.6.2.patch.gz) = 932d8155028686b96d3ebf89215dab7cd9353ac72f9ea82c252d0999fb4bd864
SIZE (suhosin-patch-5.2.2-0.9.6.2.patch.gz) = 22850
MD5 (php-5.2.2-mail-header.patch) = 6b2562b5230b1f85a2ccb292e124a91a
SHA256 (php-5.2.2-mail-header.patch) = 5394732be1953c7eedc2de9529d10971d85959af6352c8a67b4561124ddc8df5
SIZE (php-5.2.2-mail-header.patch) = 3420

                                        Options for php5 5.2.3                       
                            │ ┌────────────────────────────────────────────────────────────────┐ │
                            │ │  [X] CLI        Build CLI version                              │ │
                            │ │  [ ] CGI        Build CGI version                              │ │
                            │ │  [X] APACHE     Build Apache module                            │ │
                            │ │  [ ] DEBUG      Enable debug                                   │ │
                            │ │  [X] SUHOSIN    Enable Suhosin protection system               │ │
                            │ │  [ ] MULTIBYTE  Enable zend multibyte support                  │ │
                            │ │  [ ] IPV6       Enable ipv6 support                            │ │
                            │ │  [ ] MAILHEAD   Enable mail header patch                       │ │
                            │ │  [ ] REDIRECT   Enable force-cgi-redirect support (CGI only)   │ │
                            │ │  [ ] DISCARD    Enable discard-path support (CGI only)         │ │
                            │ │  [ ] FASTCGI    Enable fastcgi support (CGI only)              │ │
                            │ │  [ ] PATHINFO   Enable path-info-check support (CGI only)      │ │
                            │ │                                                                │ │
                            │ │                                                                │ │
                            │ │                                                                │ │
                            ├─└────────────────────────────────────────────────────────────────┘─┤
                                                    [  OK  ]       Cancel

===>  php5-5.2.3 : Your apache does not support DSO modules.
*** Error code 1

Stop in /data3/ports/lang/php5.
*** Error code 1

Stop in /data3/ports/lang/php5.

hehehehe, I should wait for official ports icon wink php 5.2.3 ports

Permalink | Comments Off
Unix

FreeBSD new logo on T-shirts

June 1, 2007 – 7:16 am

Just try to spread the word icon smile FreeBSD new logo on T shirts

FreeBSD mall put new t-shirts, see below example t-shirts + FreeBSD new logo that pick from their place

I love that design with silk screen

Wanna yours?, then go visit FreeBSD mall

p.s : get the full news from  Florent  Thoumie blog

bsdbobble FreeBSD new logo on T shirts

moz screenshot FreeBSD new logo on T shirts

Permalink | Comments Off
Unix

-r switch in portupgrade

May 28, 2007 – 1:42 pm

During update process from php4.4.6 to php4.4.7 I have problem, suhosin patch not found, force me to leave update process for few days while doing some other importing job.

Today I try again to update php4 ports and working well but then I become lazy after see a lot of php4-* ports icon smile r switch in portupgrade

After read more in portupgrade manual I found -r :

From manual :

-r

–recursive            Act on all those packages depending on the given
packages as well.

kongja# portversion -v | grep ‘< '

XFree86-libraries-4.5.0 < needs updating (port has 4.5.0_1)
freetype2-2.2.1_1 < needs updating (port has 2.2.1_2)
gd-2.0.34,1 < needs updating (port has 2.0.34_1,1)
gettext-0.16.1_1 < needs updating (port has 0.16.1_3)
gmake-3.81_1 < needs updating (port has 3.81_2)
libdrm-2.0.2 < needs updating (port has 2.3.0)
libungif-4.1.4_2 < needs updating (port has 4.1.4_3)
ming-0.3.0 < needs updating (port has 0.3.0_1)
p5-GD-2.35 < needs updating (port has 2.35_1)
p5-GD-TextUtil-0.86 < needs updating (port has 0.86_1)
pfstat-2.2_2 < needs updating (port has 2.2_3)
php4-4.4.6 < needs updating (port has 4.4.7)
php4-bz2-4.4.6 < needs updating (port has 4.4.7)
php4-ctype-4.4.6 < needs updating (port has 4.4.7)
php4-ftp-4.4.6 < needs updating (port has 4.4.7)
php4-gd-4.4.6 < needs updating (port has 4.4.7)
php4-imap-4.4.6 < needs updating (port has 4.4.7)
php4-mbstring-4.4.6 < needs updating (port has 4.4.7)
php4-mcrypt-4.4.6 < needs updating (port has 4.4.7)
php4-mysql-4.4.6 < needs updating (port has 4.4.7)
php4-overload-4.4.6 < needs updating (port has 4.4.7)
php4-pcre-4.4.6 < needs updating (port has 4.4.7)
php4-posix-4.4.6 < needs updating (port has 4.4.7)
php4-recode-4.4.6 < needs updating (port has 4.4.7)
php4-session-4.4.6 < needs updating (port has 4.4.7)
php4-snmp-4.4.6 < needs updating (port has 4.4.7)
php4-sockets-4.4.6 < needs updating (port has 4.4.7)
php4-tokenizer-4.4.6 < needs updating (port has 4.4.7)
php4-xml-4.4.6 < needs updating (port has 4.4.7)
php4-zlib-4.4.6 < needs updating (port has 4.4.7)
png-1.2.14 < needs updating (port has 1.2.18)
popt-1.7_3 < needs updating (port has 1.7_4)
sarg-2.2.3.1_1 < needs updating (port has 2.2.3.1_2)
t1lib-5.1.1,1 < needs updating (port has 5.1.1_1,1)

read more »

Permalink | Comments Off
Unix

Install xorg 7.2 via package, still error upgrading php4-gd

May 26, 2007 – 4:26 pm

Finally I’m using xorg 7.2 icon smile Install xorg 7.2 via package, still error upgrading php4 gd

Using package

kongja# pkg_add -vr xorg

kongja# portversion -v | grep ‘< '

[Updating the pkgdb
in /var/db/pkg ... - 405 packages found (-0 +256) ................................................................................................................................................................................................................................................................ done]
dri-6.5.3,2                 <   needs updating (port has 6.5.3_1,2)
libGL-6.5.3_1               <  needs updating (port has 6.5.3_2)
libungif-4.1.4_2            <  needs updating (port has 4.1.4_3)
luit-1.0.2                  <  needs updating (port has 1.0.2_1)
php4-gd-4.4.6               <  needs updating (port has 4.4.7)
t1lib-5.1.1,1               <  needs updating (port has 5.1.1_1,1)
xorg-server-1.2.0_1,1       <  needs updating (port has 1.2.0_2,1)

kongja# portupgrade php4-gd

read more »

Permalink | Comments Off
Unix

Logical Volume in FreeBSD with gconcat

May 26, 2007 – 1:52 pm

New data come everyday make existing storage media no longer reliable, need to add new harddisk

New harddisk + old harddisk need to join in single volume

FreeBSD provide a few method, gvinum, gconcat and gstripe

Since I only have two harddisk I try use gconcat :

kongja# df -H

Filesystem Size Used Avail Capacity Mounted on
/dev/ad0s1a 5.2G 111M 4.7G 2% /
devfs 1.0k 1.0k 0B 100% /dev
/dev/ad0s1d 52G 38G 9.3G 80% /home
/dev/ad0s1e 7.3G 7.0G -295M 104% /usr
/dev/ad0s1f 11G 4.5G 6.0G 43% /var
/dev/ad2s1d 194G 137G 42G 77% /data3
/dev/ad1s1d 243G 1.9M 224G 0% /data2
/dev/ad3s1d 242G -12k 223G -0% /data4

unmount /data2 and /data4 for merger operation :

kongja# umount /data2
kongja# umount /data4

Merger :

kongja# gconcat label -v data5 /dev/ad1s1d /dev/ad3s1d

Metadata value stored on /dev/ad1s1d.
Metadata value stored on /dev/ad3s1d.
Done.

make new mount point :

kongja# mkdir /data5

kongja# mount /dev/concat/data5 /data5

Check size of new partition /data5

kongja# df -H /data5

Filesystem Size Used Avail Capacity Mounted on
/dev/concat/data5 485G 4.1k 446G 0% /data5

Great, to make it permanent, must add new entry in fstab and edit loader.conf :

geom_concat_load=”YES”

Yay, FreeBSD rocks

Can’t wait for 7.0 with ZFS icon smile Logical Volume in FreeBSD with gconcat

Permalink | Comment (1)

« Previous PageNext Page »

« Previous PageNext Page »