Step by step wormanup, kido for Win XP

Our school get annoying worm which cause slow internet connection and make it dificult to access major anti virus website. Finally we found out the name :

  • Worm.Conficker [PCTools]
  • W32.Downadup [Symantec]
  • Net-Worm.Win32.Kido.ih [Kaspersky Lab]
  • W32/Conficker.worm [McAfee]
  • W32/Confick-A [Sophos]
  • Worm:Win32/Conficker.A [Microsoft]
  • Worm.Win32.Conficker [Ikarus]

Scan Infected computers

To detect it from network we use mikrotik tools ‘torch’ and pointing it to port 445 :

445

Source address of infected computer easily found using torch.

Continue reading

nginx proxy and wordpress multi user

WordPress multi user get a for serving blog experince to our student.

The architecture is :

Firewall -> FreeBSD Box -> Jail Box

A lot of jails (around 14) put inside FreeBSD Box to server student with different purpose. One of them is for wordpress muti user.

# jls

JID  IP Address      Hostname                      Path
14  172.88.0.14     blog.digitalfusi.com           /data2/jails/blogcom
13  172.88.0.12     db.digitalfusi.com             /data2/jails/db
12  172.88.0.13     demo.digitalfusi.com           /data2/jails/demoint
11  172.88.0.11     outside.digitalfusi.com        /data2/jails/outside
10  172.88.0.10     mail.rasyid.net           /data/jails/mailserver
9  172.88.0.9      sandbox.digitalfusi.com        /data2/jails/sandbox
8  172.88.0.7      blog.rasyid.net           /data2/jails/blog
7  172.88.0.8      demo2.digitalfusi.com          /data2/jails/demo2
6  172.88.0.6      palembang.digitalfusi.com      /data/jails/palembang
5  172.88.0.5      jambi.digitalfusi.com          /data/jails/jambi
4  172.88.0.4      lahat.digitalfusi.com          /data/jails/lahat
3  172.88.0.3      prabumulih.digitalfusi.com     /data/jails/prabumulih
2  172.88.0.2      linggau.digitalfusi.com        /data/jails/linggau
1  172.88.0.1      baturaja.digitalfusi.com       /data/jails/baturaja

To establish connection to jail box I use this rules in nginx.conf :

For serving *.blog.rasyid.net for end user.

server {
listen 80;
server_name www.blog.rasyid.net   .blog.rasyid.net;
location / {
proxy_pass http://172.88.0.7;
proxy_set_header Host $host;
}
}

I use nginx :

# pkg_info | grep nginx
nginx-devel-0.7.41  Robust and small WWW server

Great, I love nginx :-)

You need to rebuild jls(8) and to use the new features jail(8), jexec(8) and cpuset(1) with a new kernel

Wow, that message is shown when I check UPDATING after latest csup to STABLE.

20090207:
Multi-IPv4/v6/no-IP jail support was merged to STABLE.
You need to rebuild jls(8) and to use the new features
jail(8), jexec(8) and cpuset(1) with a new kernel.
__FreeBSD_version was bumped to 701103.

Try to do that :

# cd /usr/src/usr.sbin/jls/

# make clean && make depend && make && make install
rm -f jls jls.o jls.8.gz jls.8.cat.gz
rm -f .depend
mkdep -f .depend -a    -DSUPPORT_OLD_XPRISON /usr/src/usr.sbin/jls/jls.c
echo jls: /usr/lib/libc.a  >> .depend
cc -O2 -fno-strict-aliasing -pipe  -DSUPPORT_OLD_XPRISON -Wsystem-headers -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wcast-align -Wunused-parameter -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -Wno-pointer-sign -c /usr/src/usr.sbin/jls/jls.c
/usr/src/usr.sbin/jls/jls.c: In function ‘print_xprison_v1’:
/usr/src/usr.sbin/jls/jls.c:56: error: invalid application of ‘sizeof’ to incomplete type ‘struct xprison_v1’
/usr/src/usr.sbin/jls/jls.c:62: error: dereferencing pointer to incomplete type
/usr/src/usr.sbin/jls/jls.c:62: error: dereferencing pointer to incomplete type
/usr/src/usr.sbin/jls/jls.c:62: error: dereferencing pointer to incomplete type
/usr/src/usr.sbin/jls/jls.c:66: error: dereferencing pointer to incomplete type
/usr/src/usr.sbin/jls/jls.c:70: error: dereferencing pointer to incomplete type
/usr/src/usr.sbin/jls/jls.c:70: error: dereferencing pointer to incomplete type
/usr/src/usr.sbin/jls/jls.c:70: error: dereferencing pointer to incomplete type
/usr/src/usr.sbin/jls/jls.c:73: error: invalid use of undefined type ‘struct xprison_v1’
/usr/src/usr.sbin/jls/jls.c: In function ‘print_xprison_v3’:
/usr/src/usr.sbin/jls/jls.c:92: error: ‘struct xprison’ has no member named ‘pr_state’
/usr/src/usr.sbin/jls/jls.c:92: error: ‘struct xprison’ has no member named ‘pr_state’
/usr/src/usr.sbin/jls/jls.c:93: error: ‘prison_states’ undeclared (first use in this function)
/usr/src/usr.sbin/jls/jls.c:93: error: (Each undeclared identifier is reported only once
/usr/src/usr.sbin/jls/jls.c:93: error: for each function it appears in.)
/usr/src/usr.sbin/jls/jls.c:93: error: invalid application of ‘sizeof’ to incomplete type ‘struct prison_state’
/usr/src/usr.sbin/jls/jls.c:96: error: ‘struct xprison’ has no member named ‘pr_state’
/usr/src/usr.sbin/jls/jls.c:101: error: ‘struct xprison’ has no member named ‘pr_ip4s’
/usr/src/usr.sbin/jls/jls.c:104: error: ‘struct xprison’ has no member named ‘pr_ip6s’
/usr/src/usr.sbin/jls/jls.c:117: error: ‘struct xprison’ has no member named ‘pr_name’
/usr/src/usr.sbin/jls/jls.c:117: error: ‘struct xprison’ has no member named ‘pr_name’
/usr/src/usr.sbin/jls/jls.c:122: error: ‘struct xprison’ has no member named ‘pr_cpusetid’
/usr/src/usr.sbin/jls/jls.c:127: error: ‘struct xprison’ has no member named ‘pr_ip4s’
/usr/src/usr.sbin/jls/jls.c:131: error: ‘struct xprison’ has no member named ‘pr_ip4s’
/usr/src/usr.sbin/jls/jls.c:139: error: ‘struct xprison’ has no member named ‘pr_ip6s’
/usr/src/usr.sbin/jls/jls.c:142: error: ‘struct xprison’ has no member named ‘pr_ip6s’
*** Error code 1

Whoaa….

Checking Version

# uname -v
FreeBSD 7.1-STABLE #0: Wed Feb  4 10:20:35 WIT 2009

I see, I’ll need new kernel :-)

Install ocsinventory-ng and glpi on FreeBSD

Recent search for finding solution for inventory computer in the school lead me to interesting url :

http://www.ocsinventory-ng.org/

From their architecture page :

“OCS Inventory NG uses an agent, which runs the inventory on client computers, and a management server, which centralizes inventory results, allow viewing inventory results and creating deployment packages.”

arsitektur_ocs

Very interesting software. After think a little bit I decide to try to install it on one of FreeBSD jail.

(In case you have old FreeBSD iso, you can try different version that works).

Here’s the steps :

1. Install database server

cd /usr/ports/databases/mysql50-server/ && make install

2. Install ocsinventory-ng

cd /usr/ports/net-mgmt/ocsinventory-ng/ && make install

3. Install logrotate

cd /usr/ports/sysutils/logrotate && make install

mkdir /etc/logrotate.d

mkdir /etc/logrotate.d/ocsinventory-NG

cd /usr/ports/net-mgmt/ocsinventory-ng/work/OCSNG_LINUX_SERVER_1.01

./setup.sh

That step will initiate checking screen.

Continue reading

Step by step install Rescue Time in windows xp

I’ve spend my time more in reading google reader, plurk or check email. I’m not so sure how much time I spent for that activity. Rescue time will help me to find that :-)

Here’s step by step installation process of rescue time in windows xp :

1. Go to signup page for personal account that free  ( at the time I wrote this posting).

2. Download data collector for windows here.

3. Double click installer to start install.

Click Next.

rt

4. Pick installation destination folder.

Click next.

Continue reading