Quantcast
Channel: Linux tutorials Archives | Unixmen
Viewing all 1264 articles
Browse latest View live

Install Latest Stable Kernel On CentOS 6 And 7

$
0
0

In this brief tutorial, let us show you how I have upgraded my centos 7 kernel to the latest stable version. I am going to use a simple way so that beginners can easily understand how to upgrade to latest kernel.

Machine details:

cat /etc/os-release
 NAME="CentOS Linux"
 VERSION="7 (Core)"
 ID="centos"
 ID_LIKE="rhel fedora"
 VERSION_ID="7"
 PRETTY_NAME="CentOS Linux 7 (Core)"
 ANSI_COLOR="0;31"
 CPE_NAME="cpe:/o:centos:centos:7"
 HOME_URL="https://www.centos.org/"
 BUG_REPORT_URL="https://bugs.centos.org/"

Installed Kernel info:

uname  -a
Linux localhost.localdomain 3.10.0-123.el7.x86_64 #1 SMP Mon Jun 30 12:09:22 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

Add ELREPO  repository

Import the Public Key:

rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org

To install ELRepo for RHEL-7, SL-7 or CentOS-7:

rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm

To install ELRepo for RHEL-6, SL-6 or CentOS-6:

rpm -Uvh http://www.elrepo.org/elrepo-release-6-6.el6.elrepo.noarch.rpm

Start the new kernel installation:

yum --enablerepo=elrepo-kernel install kernel-ml-3.*
 Loaded plugins: fastestmirror, langpacks
 Loading mirror speeds from cached hostfile
 * base: mirror.1000mbps.com
 * elrepo: ftp.nluug.nl
 * elrepo-kernel: ftp.nluug.nl
 * epel: mirror.proserve.nl
 * extras: mirror.1000mbps.com
 * rpmforge: ftp.nluug.nl
 * updates: mirror.widexs.nl
 Resolving Dependencies
 --> Running transaction check
 ---> Package kernel-ml.x86_64 0:3.18.5-1.el7.elrepo will be installed
 --> Finished Dependency ResolutionDependencies Resolved==============================================================================================================================
 Package                    Arch                    Version                              Repository                      Size
 ==============================================================================================================================
 Installing:
 kernel-ml                  x86_64                  3.18.5-1.el7.elrepo                  elrepo-kernel                   35 MTransaction Summary
 ==============================================================================================================================
 Install  1 PackageTotal download size: 35 M
 Installed size: 160 M
 Is this ok [y/d/N]: Y

Accept and proceed by typing Y.

Reboot your system.

kernel-centos

2015-02-04_124805

Done!


Advertise here with BSA

---------------------------------------------------------------------
Install Latest Stable Kernel On CentOS 6 And 7


Install And Configure RoundCube Webmail On Ubuntu

$
0
0

RoundCube Webmail is a free and open source Webmail with browser-based multilingual IMAP client packed with plenty of AJAX goodness. RoundCube Webmail comes with an application-like user interface and provides full functionality you expect from an email client, address book, folder manipulation, including MIME support, message searching and spell checking.

The Roundcube application is a Webmail application so you need an email account to log in to it.

The objective of this article is to provide you with an understanding of installation and configuration of the RoundCube Webmail.

Install RoundCube Webmail on Ubuntu

Step 1 :Install Prerequisites

Before get started install RoundCube Webmail, you need to install a web server on Ubuntu (Apache, PHP, MySQL) called LAMP server, open terminal then running following commands:

sudo apt-get install lamp-server^

After installing  LAMP Server on ubuntu/Linux mint, you can now follow these instructions to install Roundcube Webmail on Ubuntu:

Step 2 : Creating A MySQL Database & User

Open the terminal and run this command to log in to MySQL server (use the MySQL password you have entered during the installation of the LAMP Server):

mysql -u root -p

Create a database for Roundcube Webmail.

create database roundcubedb;

Create MySQL user adminstrator of Roundcube Webmail.

create user adminmail;

Now Give user: admim123 a password

set password for 'adminmail' = password('admin123');

set  privileges usercube to access database roundcubedb using this command:

grant all privileges on roundcubedb.* to adminmail@localhost

Now, Exit from MySQL server,by typing command:

FLUSH PRIVILEGES;
exit

Step 3: Installing Roundcube Webmail

In this case Roundcube Webmail will be installed in the directory /var/www/webmail. Download and extract archieve Roundcube Webmail to directory /var/www/webmail

cd /tmp && wget  http://sourceforge.net/projects/roundcubemail/files/roundcubemail/1.0.5/roundcubemail-1.0.5.tar.gz/download
sudo tar -xzvf roundcubemail-1.0.5.tar.gz -C /var/www
sudo mv /var/www/roundcubemail-1.0.5/ /var/www/webmail

change ownership directory /var/www/webmail/ to user and group www-data ( www-data is user and group web server)

sudo chown -R www-data:www-data /var/www/webmail/*
sudo chown -R www-data:www-data /var/www/webmail/

Import database RoundCube to mysql server, login to mysql server then typing these command

mysql -u root -p roundcubedb < /var/www/webmail/SQL/mysql.initial.sql

To start the installation of Roundcube, open chrome or firefox browser, on address bar type :

http://server-ipaddress/webmail/installer/

This is screenshot page installer Roundcube Webmail

1

If all required modules and extensions are installed, press Continue and go to the next step

2

Enter your own configuration you want to use (SMTP & IMAP settings, etc.). If you want to log into your Gmail account with Roundcube Webmail, you can check this page for Gmail SMTP & IMAP settings. Don’t forget to fill your MySQL database details you have already created:

3

After complete configuration , Press Continue to finish the installation.

4

After Installation Roundcube Webmail complete, remove the directory /var/www/webmail/installer:

sudo rm -rf  /var/www/webmail/installer

Roundcube Webmail ready to use, Access Roundcube Webmail via browser (http://localhost/webmail/) then sign in using your email (Gmail, Yahoo, etc.)

Screenshow #01

Done. RoundCube Webmail with browser-based now available on your ubuntu server.

Enjoy !


Advertise here with BSA

---------------------------------------------------------------------
Install And Configure RoundCube Webmail On Ubuntu

Install OpenQRM Cloud Computing Platform In Debian

$
0
0

Introduction

openQRM is a web-based open source Cloud computing and datacenter management platform that integrates flexibly with existing components in enterprise data centers.

It supports the following virtualization technologies:

  • KVM,
  • XEN,
  • Citrix XenServer,
  • VMWare ESX,
  • LXC,
  • OpenVZ.

The Hybrid Cloud Connector in openQRM supports a range of private or public cloud providers to extend your infrastructure on demand via Amazon AWS, Eucalyptus or OpenStack. It, also, automates provisioning, virtualization, storage and configuration management, and it takes care of high-availability. A self-service cloud portal with integrated billing system enables end-users to request new servers and application stacks on-demand.

openQRM is available in two different flavours such as:

  • Enterprise Edition
  • Community Edition

You can view the difference between both editions here.

Features

  • Private/Hybrid Cloud Computing Platform;
  • Manages physical and virtualized server systems;
  • Integrates with all major open and commercial storage technologies;
  • Cross-platform: Linux, Windows, OpenSolaris, and *BSD;
  • Supports KVM, XEN, Citrix XenServer, VMWare ESX(i), lxc, OpenVZ and VirtualBox;
  • Support for Hybrid Cloud setups using additional Amazon AWS, Eucalyptus, Ubuntu UEC cloud resources;
  • Supports P2V, P2P, V2P, V2V Migrations and High-Availability;
  • Integrates with the best Open Source management tools – like puppet, nagios/Icinga or collectd;
  • Over 50 plugins for extended features and integration with your infrastructure;
  • Self-Service Portal for end-users;
  • Integrated billing system.

Installation

Here, we will install openQRM in Ubuntu 14.04 LTS. Your server must atleast meet the following requirements.

  • 1 GB RAM;
  • 100 GB Hdd;
  • Optional: Virtualization enabled (VT for Intel CPUs or AMD-V for AMD CPUs) in Bios.

First, install make package to compile openQRM source package.

sudo apt-get update
sudo apt-get upgrade
sudo apt-get install make

Then, run the following commands one by one to install openQRM.

Download the latest available version from here.

wget http://sourceforge.net/projects/openqrm/files/openQRM-Community-5.1/openqrm-community-5.1.tgz
tar -xvzf openqrm-community-5.1.tgz
cd openqrm-community-5.1/src/
sudo make
sudo make install
sudo make start

During installation, you’ll be asked to update the php.ini file.

sk@server: ~-openqrm-community-5.1-src_001

Enter mysql root user password.

sk@server: ~-openqrm-community-5.1-src_002

Re-enter password:

sk@server: ~-openqrm-community-5.1-src_003

Select the mail server configuration type.

sk@server: ~-openqrm-community-5.1-src_004

If you’re not sure, select Local only. In our case, I go with Local only option.

sk@server: ~-openqrm-community-5.1-src_005

Enter your system mail name, and finally enter the Nagios administration password.

sk@server: ~-openqrm-community-5.1-src_007

The above commands will take long time depending upon your Internet connection to download all packages required to run openQRM. Be patient.

Finally, you’ll get the openQRM configuration URL along with username and password.

sk@debian: ~_002

Configuration

After installing openQRM, open up your web browser and navigate to the URL: http://ip-address/openqrm.

For example, in my case http://192.168.1.100/openqrm.

The default username and password is: openqrm/openqrm.

Mozilla Firefox_003

Select a network card to use for the openQRM management network.

openQRM Server - Mozilla Firefox_004

Select a database type. In our case, I selected mysql.

openQRM Server - Mozilla Firefox_006

Now, configure the database connection and initialize openQRM. Here, I use openQRM as database name, and user as root and debian as password for the database. Be mindful that you should enter the mysql root user password that you have created while installing openQRM.

openQRM Server - Mozilla Firefox_012Congratulations!! openQRM has been installed and configured.
openQRM Server - Mozilla Firefox_013

Update openQRM

To update openQRM at any time run the following command:

cd openqrm/src/
make update

What we have done so far is just installed and configured openQRM in our Ubuntu server. For creating, running Virtual Machines, managing Storage, integrating additional systems and running your own private Cloud, I suggest you to read the openQRM Administrator Guide.

That’s all now. Cheers! Happy weekend!!


Advertise here with BSA

---------------------------------------------------------------------
Install OpenQRM Cloud Computing Platform In Debian

How To Install Fail2Ban On CentOS 7

$
0
0

Brute force attacks are a way for malicious hackers to get access on your machine so in order to protect from these kind of attacks you need to prepare. A very good solution is the use of an intrusion prevention framework on your server such as Fail2Ban which will provide security on your server by blocking and banning the ip address from which the attack is coming from.

Experiencing ssh attacks on your server is a real struggle and I am sure you don’t want to be part of that so better follow the instructions on this tutorial in order to be prepared for the future.

What Is Fail2Ban

Fail2Ban is a very useful piece of software widely spread in the industry, reduce the rate of incorrect authentications attempts with the main goal of preventing brute force attacks on various services such ssh, apache, courier and many others. It basically scans log files for finding malicious IP addresses with many password failures.

However you should always keep in mind that Fail2Ban does not protect your services from weak authentications so make sure you use strong enough passwords and also two factor or public/private authentication mechanisms.

How To Install Fail2Ban On CentOS

The first step we need to take for installing Fail2Ban on our CentOS machine is to make sure that we have root privileges, the following command will help to login as a user with root privileges.

su root

The command for logging as root is shown below.

su root

And the prompt changes.

Once the user has gained full privileges on the system guaranteed by being root it is time to get into some real action. The next step consists in installing the epel-release which will help us to install extra packages from EPEL(Extra Packages for Enterprise Linux) on our CentOS machine.

The following command will do the entire job for you.

yum install epel-release

Once the installation is finished you will be gifted with access to alot of new packages.and one of those is fail2ban which can be installed by using the following command.

yum install fail2ban

The above screenshot shows the command need to be used in order to install fail2ban on CentOS machines.

Type y and hit Enter on your keyboard.

y again.

The installation of fail2ban is finished now.

There are also many dependencies being installed such as fail2ban-firewall, fail2ban-sendmail, fail2ban-systemd, fail2ban-server and some others.

A Very Basic Configuration

Fail2Ban is a very complicated tool and requires deep knowledge to be used the right way so instead of explaining it on this tutorial I  will do a very simple configuration and then teach you guys how to use it on another tutorial.

The default configuration for Fail2Ban is kept under /etc/fail2ban/jail.conf but we are not going to directly edit as we don’t want to mess things up at the moment. So create a local copy of jail.conf by using the following command on your CentOS system.

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

 Use vim or nano to open the jail.local file like shown below.

vim /etc/fail2ban/jail.local

Now scroll down and take a look at options such as maxretry which is the number of failures a user is allowed to have before getting banned, port which specifies port range to be banned, bantime is the number of seconds the malicious user is banned from the service, protocol which is the default protocol being used and a very important option that catched my eye is the ignoreip one.

Every IP address defined here will not be banned by Fail2Ban. This is very useful in case you or other users forget their password and try different combinations to find the right one. Several addresses can be defined using space separator.

Conclusion

In this very detailed tutorial we took a very simple approach on how to install Fail2Ban on CentOS 7 operating system. We also covered a bit Fail2Ban default configuraition file, explaining different options and their usage. In another tutorial we will do a deep exploration of Fail2Ban so you can start mastering the tool for your own good and security.

 If you want to use Fail2Ban on Debian based systems, look at the following link.


Advertise here with BSA

---------------------------------------------------------------------
How To Install Fail2Ban On CentOS 7

How To Install Node.js On CentOS 7

$
0
0

Lately, I have been interested in learning Node.js which is a Javascript platform for server-side programming that allows the developer to write javascript code on the server and since there are many CentOS users struggling to prepare a development environment for this language I thought to make this tutorial.

Before going any further make sure you have CentOS version 7 because it is the only version I have been playing with and there is no absolute guarantee this guide will work on another.

Install Node.js From Source

First we will try to install Node.js from source. I really love installing software from source. So open a new terminal tab on your CentOS 7 machine and run the following command to download the archive file which we need to use for the installation.

wget http://nodejs.org/dist/v0.12.0/node-v0.12.0.tar.gz

As you can see from the above command we make use of the wget utility.

Then extract the tar file as shown below.

tar xvf node-v0.12.0.tar.gz

 Then use the following command to change the working directory to node.

cd node-v*

Now before compiling our code we need to install some packages in our CentOS machine that will help us to do so. So in the opened tab of your terminal enter the followings.

sudo yum install gcc gcc-c++

Wait for these packages to install and run the following commands to configure and compile.

./configure
make

Don’t worry if the above takes some time to complete because the compilation will take awhile. Then use the following command to install Node.js on your system.

sudo make install

 Once the installation is finished you can start using Node.js and to make sure that the correct version is installed you can use the following command in order to check it.

node --version

I get the following when running the above command.

v0.12.0

How To Install Node.js From The EPEL Repository

Another efective but very easy way to install Node.js on your machine is to do it from the official repository. To this make sure you have access to to the EPEL repository, you can do this by running the following command.

sudo yum install epel-release

Now use the yum command to install Node.js

sudo yum install nodejs

And since I want to manage node packages during the development I also need to install the npm package manager for Node.js by using the following command.

sudo yum install npm

Write Our First Node.js Program

Writing a hello world app in Node.js is very easy! Easier than python. All you have to do is type the following piece of code on a file that needs to be saved as something.js.

console.log("Hello World");

I am saving mine as hello.js. Then to run the Node.js application we just created we need to use the following command.

node hello.js

Now open the hello.js with your text editor and use the following piece of code. You can copy and paste it but I highly recommend to type because this is a very good you can get familiar with Node.js.

var http = require('http');

http.createServer(function (request, response) {
 response.writeHead(200, {'Content-Type': 'text/plain'});
 response.end('Hello World\n');
 }).listen(8080);

console.log('Server started');

Use the following command to run the application.

node hello.js

What do you see now? This example is a bit complicated for a beginner but not really hard to understand.What the above code does is that it will display ‘Hello World’ on your browser if you visit http://www.localhost:8000/.

If you want to learn more about Node.js then visit nodejs.org.

Conclusion

Installing Node.js on CentOS operating system is not that hard if you find the right guide and follow the instructions very carefully. I hope this tutorial helps to install it on your machine.


Advertise here with BSA

---------------------------------------------------------------------
How To Install Node.js On CentOS 7

Install And Configure SchoolTool On Ubuntu

$
0
0

Introduction

SchoolTool is a free, open source, web-based student information system for a single school. It can be used to manage any of the following records a school might keep:

  • Student enrollment and demographics
  • Grading and grade reporting
  • Racking student achievement of skills, competencies or outcomes,

It is also a framework for building customized applications and configurations for individual schools or states. SchoolTool has strong support for translation, localization and automated deployment and updates via the Ubuntu Linux installer and package management system.

SchoolTool is created by the most popular man of the Linux world Mr.Mark Shuttleworth, the founder of Canonical and Ubuntu. It is now maintained by Mr.Tom Hoffman and dozens of active contributors. It is written in Python language using the Zope 3 framework, and is licensed under GNU GPL2. SchoolTool is a complete stack web application that means it comes with a own web server and a database. Right now, It is available only for Ubuntu, and It is highly recommended to use it only on Ubuntu LTS versions such as Ubuntu 14.04 or Ubuntu 12.04 etc. Be mindful that SchoolTool is not a learning management system like Moodle, and it doesn’t include any subject materials or contents.

The objective of this article is to provide you with an understanding of installation and configuration of SchoolTool.

Features

  • Customizable student and teacher demographics and other personal data;
  • Contact management for teachers, students, and their guardians;
  • Teacher gradebooks;
  • Skill and outcomes based assessment;
  • Schoolwide assessment data collection and report card generation;
  • Class attendance and daily participation grades;
  • Calendars for the school, groups, individuals, and resource booking;
  • Tracking and management of student interventions;
  • And many.

Install SchoolTool on Ubuntu 14.04

Step 1: Install Prerequisites

As mentioned above SchoolTool comes with a built-in web server. Also, you can use other external webservers if you want.

Here, we will use Apache web server with SchoolTool. Before get started install SchoolTool, you need to install a web server on Ubuntu (Apache, PHP, MySQL) called LAMP server, open terminal then running following commands:

sudo apt-get install lamp-server^

The bare minimum RAM requirement for testing is estimated to be 512 megabytes. At least 1 gigabyte of RAM, plus at least 2 gigabytes of swap space is recommended and if you are setting up for a small production server, adding more than 1 gigabyte of RAM is worth it if you can afford it. More memory equals faster database performance.

Step 2: Adding SchoolTool’s Package Repository

SchoolTool 2.8 and later releases are organized by numbered PPA. It does not publish its software on the official Ubuntu package repositories, so you will need to add the address of their repository to your server:

sudo add-apt-repository ppa:schooltool-owners/2.8

Thus, to install or upgrade to SchoolTool 2.8, add the 2.8 PPA to your server’s sources list.

Using the command line:

$ sudo add-apt-repository ppa:schooltool-owners/2.8

If you get an “add-apt-repository not found” error, install it:

$ sudo apt-get install software-properties-common

Step 3: Installing SchoolTool

After adding SchoolTool’s repository to your server, enter at the command line  to install SchoolTool 

$ sudo apt-get update 
$ sudo apt-get install schooltool

After installation, the schooltool server can be accessed only from the localhost on the port 7080.

You can allow public Internet access to Shooltool  by following the instructions:

Open SchoolTool’s paste.ini configuration file on your server in nano, a terminal-based text editor.

sudo nano /etc/schooltool/standard/paste.ini

You will see like this example:

 [composite:main]
use = egg:Paste#urlmap
/ = schooltool
/schooltool.task_results = task_results

[app:schooltool]
use = egg:schooltool#main
config_file=schooltool.conf

[app:task_results]
use = egg:schooltool#task_results
config_file=schooltool.conf

[server:main]
use = egg:zope.server
host = 127.0.0.1
port = 7080

Replace 127.0.0.1 with 0.0.0.0.

[server:main]
use = egg:zope.server
host = 0.0.0.0
port = 7080

Save your changes to the configuration file and to apply the changes to SchoolTool, you will need to restart it.

sudo service schooltool restart

Now you can take a moment to view SchoolTool in your browser, to make sure everything is working so far.

Step 4: Configuring Port 80 Access (Optional)

The standard SchoolTool instance runs on port 7080, but most web traffic runs over port 80 – the standard HTTP port.By using a well-known web server such as Apache HTTP Server, you can change SchoolTool’s default port to 80.

To configure Apache as a proxy server listening to port 80 on school1.example.org and passing traffic to SchoolTool on port 7080, you will need root access to the Apache server.

Begin by creating a new file in your Apache configuration directory, /etc/apache/sites-available/school1.example.org, containing the following:

<VirtualHost *:80>
  ServerName school1.example.org

  <Proxy *>
      order allow,deny
      allow from all
      deny from none
  </Proxy>

  ProxyPreserveHost on
  RewriteEngine On

  RewriteRule ^/schooltool.task_results(/?.*) http://127.0.0.1:7080/schooltool.task_results/$1 [P,L]
  RewriteRule ^(/?.*) http://127.0.0.1:7080/++vh++http:school1.example.org:80/++$1 [P,L]

</VirtualHost>

You will need to enable Apache modules mod_proxy, mod_proxy_http and mod_rewrite:

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod rewrite

Then enable the site and restart apache:

sudo a2ensite school1.example.org
sudo service apache reload

Step 5: Start using and configureing  SchoolTool

Open your browser, and visit the URL http://example.com:7080 or http://your_server_ip:7080, depending on your desired configuration.

You should see the default calendar page.

Calendar view

In the upper right-hand corner, click on the Log in link.

Use the default SchoolTool login credentials:

  • Username: manager
  • Password: schooltool

Then press the Log in button to log in.

Login screen

You’re now logged in to SchoolTool.

To change the password for the manager account.

Click on the Home tab in the navigation menu located at the top of the web page. Next, click on theSettings > Password link in the left-hand navigation menu.

Left-hand navigation menu

Type in the current password, schooltool. Then type in your new password twice, and press the Apply button.

A Password changed successfully popup will appear. From now on, you should use this password to log in to the SchoolTool.

“Password changed successfully” popup

If you want to add teachers and students, set up grade books, and more check the full SchoolTool manual, refer to The SchoolTool Book, a knowledge base maintained by the developers of SchoolTool.

Now that you have installed SchoolTool, you have a free alternative that will allow your school to manage student records from a browser-based application.

Enjoy!


Advertise here with BSA

---------------------------------------------------------------------
Install And Configure SchoolTool On Ubuntu

Setup Your Own E-commerce Site Using OpenCart

$
0
0

Introduction

OpenCart is a popular open source shopping cart solution and provides elegantly written tools to establish a fully functional online store from scratch in a very short me with intuitive screens.It is a free open source ecommerce platform for online merchants.

OpenCart provides a professional and reliable foundation from which to build a successful online store. This foundation appeals to a wide variety of users; ranging from seasoned web developers looking for a user-friendly interface to use, to shop owners just launching their business online for the first time.

OpenCart has an extensive amount of features that gives you a strong hold over the customization of your store. With OpenCart’s tools, you can help your online shop live up to its fullest potential.

The objective of this article is to provide you with an understanding of installation and configuration of OpenCart.

Features

  • Automatic Image Resizing
  • Multiple Tax Rates
  • Related Products
  • Unlimited Information Pages
  • Shipping Weight Calculation
  • Discount Coupon System
  • Search Engine Optimization (SEO)
  • Unlimited Module Instance System
  • Backup & Restore Tools
  • Printable Invoices
  • Sales Reports
  • Error Logging
  • And many.

Install OpenCart on Ubuntu 14.10

OpenCart is an widely used Open Source E-Commerce CMS which uses PHP & MySQL. It has its own Psuedo MVC structure and it is easier to handle and faster to setup. .

System Requirements

OpenCart requires certain technical requirements to be met for the store to operate properly. You should check to see that these server requirements are provided and installed on your web servers:

  • Web Server (preferably Apache)
  • PHP (at least 5.2)
  • MySQL
  • Curl

These extensions must be enabled for OpenCart to install properly on the web server.

Step 1: Install Prerequisites

Here, we will use Apache web server with Opencart. Before get started install OpenCart, you need to install a web server on Ubuntu (Apache, PHP, MySQL) called LAMP server, open terminal then running following commands:

sudo apt-get install lamp-server^

You need to enable curel and GD . It simply means that you need to install php5 libraries on your VPS. You can install these libraries by running this simple command:

sudo apt-get install php5-curl php5-gd

Step 2: Downloading and unzipping OpenCart archive

The latest version of OpenCart (v.2.0.0.1) can be downloaded from the OpenCart website (recommended) or directly from github.

To download open the terminal and type in the following command:

sudo wget https://github.com/opencart/opencart/archive/2.0.1.1.zip

Now to unzip this folder, we will need to have Unzip module installed. In case you don’t have it, you can install it by inputting:

sudo apt-get install unzip

Now we will unzip this downloaded OpenCart zip file in the current directory:

unzip 2.0.1.1.zip

Now you need to navifate under Opencart file

cd opencart-20.1.1/

You will find the upload folder inside.

We have to move the files & folders present in uploads folder into the root www folder. Type in the following command

mv -v upload/* /var/www

You can now find all the core files & folders of OpenCart directly sitting in your root www folder.

Step 3: Creating A MySQL Database & User

The next step is to create a database on the MySQL server for OpenCart to store a shop’s data on.

Open the terminal and run this command to log in to MySQL server (use the MySQL password you have entered during the installation of the LAMP Server):

mysql -u root -p

Create a database for Opencart.

create database opencartdb;

Create MySQL user adminstrator of Opencart.

create user adminopencart;

Now Give user: admim123 a password

set password for 'adminopencart' = password('admin123');

We will use this database information later when we are configuring OpenCart using the auto-installer

Set  privileges usercube to access database opencartdb using this command:

grant all privileges on opencartdb.* to adminopencart@localhost

Now, Exit from MySQL server,by typing command:

FLUSH PRIVILEGES;
exit

Step 4: Renaming Config Files and Giving Ownership to Apache User

Now we need to rename the OpenCart config files from config-dist.php to config.php.

cp /var/www/config-dist.php /var/www/config.php

and also the file under admin folder.


cp /var/www/admin/config-dist.php /var/www/admin/config.php

We will give the ownership of our opencart files to the apache user by running the following command:

sudo chown www-data:www-data * -R

Step 5: Web installation

With a new database freshly created, we are now ready to install OpenCart directly onto a website. You should open up a web browser and enter in the web address of where they uploaded OpenCart. You should be automatically greeted by the following page:

opencart step1

After accepting the terms and conditions, you should see a screen similar to this:

opencart

After that you need to add the database connection details (username/password, database name) established when you created the store’s database using MySQL Databases.

opencart step3

Once you have installed OpenCart, it is good practice and necessary from a security point of view to delete your install folder. We should be careful that only the install folder is to be deleted and not admin, catalog, or system folders. You can use the following command.

rm -rf /var/www/install/

opencart step4

Now that you have installed Opencart, you have a free alternative that will allow to build a successful online store on your website.

Enjoy!


Advertise here with BSA

---------------------------------------------------------------------
Setup Your Own E-commerce Site Using OpenCart

Lm-sensors: Monitoring CPU And System Hardware Temperature

$
0
0

It is very important to keep an eye on your system temperature. Because overheating may cause unexpected hardware failures. This brief tutorial describes how to monitor your CPU and other system hardware temperatures, fan speeds, and voltages using a command line utility called lm-sensors.

Installation

Lm-sensors will be available in the default repositories of most modern Linux operating systems.

On DEB based systems:

sudo apt-get install lm-sensors

On RPM based systems:

sudo yum install lm-sensors

Usage

After installing lm-sensors on your system, run the following command to determine which kernel modules you need to load to use lm_sensors most effectively. It is generally safe and recommended to accept the default answers to all questions, unless you know what you’re doing.

sudo sensors-detect

Sample output:

I go with default answers. Simply press Enter key to accept the default answers.

# sensors-detect revision 6170 (2013-05-20 21:25:22 +0200)
# System: Dell Inc. Inspiron N5050 [Not Specified] (laptop)
# Board: Dell Inc. 01HXXJ

This program will help you determine which kernel modules you need
to load to use lm_sensors most effectively. It is generally safe
and recommended to accept the default answers to all questions,
unless you know what you're doing.

Some south bridges, CPUs or memory controllers contain embedded sensors.
Do you want to scan for them? This is totally safe. (YES/no): 
Module cpuid loaded successfully.
Silicon Integrated Systems SIS5595...                       No
VIA VT82C686 Integrated Sensors...                          No
VIA VT8231 Integrated Sensors...                            No
AMD K8 thermal sensors...                                   No
AMD Family 10h thermal sensors...                           No
AMD Family 11h thermal sensors...                           No
AMD Family 12h and 14h thermal sensors...                   No
AMD Family 15h thermal sensors...                           No
AMD Family 15h power sensors...                             No
AMD Family 16h power sensors...                             No
Intel digital thermal sensor...                             Success!
    (driver `coretemp')
Intel AMB FB-DIMM thermal sensor...                         No
VIA C7 thermal sensor...                                    No
VIA Nano thermal sensor...                                  No

Some Super I/O chips contain embedded sensors. We have to write to
standard I/O ports to probe them. This is usually safe.
Do you want to scan for Super I/O sensors? (YES/no): 
Probing for Super-I/O at 0x2e/0x2f
Trying family `National Semiconductor/ITE'...               No
Trying family `SMSC'...                                     No
Trying family `VIA/Winbond/Nuvoton/Fintek'...               No
Trying family `ITE'...                                      No
Probing for Super-I/O at 0x4e/0x4f
Trying family `National Semiconductor/ITE'...               Yes
Found unknown chip with ID 0xfc11

Some hardware monitoring chips are accessible through the ISA I/O ports.
We have to write to arbitrary I/O ports to probe them. This is usually
safe though. Yes, you do have ISA I/O ports even if you do not have any
ISA slots! Do you want to scan the ISA I/O ports? (YES/no): 
Probing for `National Semiconductor LM78' at 0x290...       No
Probing for `National Semiconductor LM79' at 0x290...       No
Probing for `Winbond W83781D' at 0x290...                   No
Probing for `Winbond W83782D' at 0x290...                   No

Lastly, we can probe the I2C/SMBus adapters for connected hardware
monitoring devices. This is the most risky part, and while it works
reasonably well on most systems, it has been reported to cause trouble
on some systems.
Do you want to probe the I2C/SMBus adapters now? (YES/no): 
Using driver `i2c-i801' for device 0000:00:1f.3: Intel Cougar Point (PCH)
Module i2c-i801 loaded successfully.
Module i2c-dev loaded successfully.

Next adapter: i915 gmbus ssc (i2c-0)
Do you want to scan it? (yes/NO/selectively): 

Next adapter: i915 gmbus vga (i2c-1)
Do you want to scan it? (yes/NO/selectively): 

Next adapter: i915 gmbus panel (i2c-2)
Do you want to scan it? (yes/NO/selectively): 

Next adapter: i915 gmbus dpc (i2c-3)
Do you want to scan it? (yes/NO/selectively): 

Next adapter: i915 gmbus dpb (i2c-4)
Do you want to scan it? (yes/NO/selectively): 

Next adapter: i915 gmbus dpd (i2c-5)
Do you want to scan it? (yes/NO/selectively): 

Next adapter: DPDDC-B (i2c-6)
Do you want to scan it? (yes/NO/selectively): 

Now follows a summary of the probes I have just done.
Just press ENTER to continue: 

Driver `coretemp':
  * Chip `Intel digital thermal sensor' (confidence: 9)

To load everything that is needed, add this to /etc/modules:
#----cut here----
# Chip drivers
coretemp
#----cut here----
If you have some drivers built into your kernel, the list above will
contain too many modules. Skip the appropriate ones!

Do you want to add these lines automatically to /etc/modules? (yes/NO)

Unloading i2c-dev... OK
Unloading i2c-i801... OK
Unloading cpuid... OK

Next, run the following command to find the temperature.

sudo sensors

Sample output:

acpitz-virtual-0
Adapter: Virtual device
temp1:        +55.5°C  (crit = +84.0°C)

coretemp-isa-0000
Adapter: ISA adapter
Physical id 0:  +59.0°C  (high = +80.0°C, crit = +85.0°C)
Core 0:         +59.0°C  (high = +80.0°C, crit = +85.0°C)
Core 1:         +59.0°C  (high = +80.0°C, crit = +85.0°C)

As you in the above output, our system temperature is normal. Also, the output what is the higher and critical temperature. If you reached that critical level, It is recommended to take steps to reduce the temperature. Whether we shall power off the system or close/stop some running unwanted programs/processes if any.

If you’re using Laptop and having overheating issues, you might want to check the following article.

Displaying Temperature results in Fahrenheit

If you want to get the output in Fahrenheit instead of Celsius, use -f parameter.

Example:

sudo sensors -f

Sample output:

acpitz-virtual-0
Adapter: Virtual device
temp1:       +137.3°F  (crit = +183.2°F)

coretemp-isa-0000
Adapter: ISA adapter
Physical id 0: +141.8°F  (high = +176.0°F, crit = +185.0°F)
Core 0:        +141.8°F  (high = +176.0°F, crit = +185.0°F)
Core 1:        +140.0°F  (high = +176.0°F, crit = +185.0°F)

Use Lm-sensors plugins

Also, lm-sensors plugins are available for various desktop environments like GNOME, LXDE, XFCE. If you want to monitor your GUI desktop, you can download and install these plugins. These plugins can be installed via Synaptic package manager.

For example, to install plugin for XFCE desktop, open Synaptic package manager, search for XFCE4-sensors-plugin, and install it.

Synaptic Package Manager _001

For LXDE desktops, you can download and install sensors plugin here.

Want to check your hard disk temperature?

Install hddtemp package:

sudo apt-get install hddtemp

And, run the following command to find the temperature of your Hdd.

sudo hddtemp /dev/sda

Sample output:

/dev/sda: ST9500325AS: 41°C

Watching Temperature

To watch temperature values updating every two seconds, run the following command:

sudo watch sensors

Sample output:

sk@sk: ~_002

As you see in the above output, the temperature values will be updated after each 2 seconds.

That’s it. Cheers!

Lm-sensors homepage


Advertise here with BSA

---------------------------------------------------------------------
Lm-sensors: Monitoring CPU And System Hardware Temperature


How To Install Git On CentOS 7

$
0
0

Git is a very useful version control tool in the today’s software development industry. I use it all the time so thought to write a useful tutorial for unixmen readers on how to install git on CentOS 7.

What is Git?

If you have ever used sites like Github or pushed code on Bitbucket to show it to your friends then you probably know what git is, at least it is for sure you have an idea about it.

Git is the most widely used version control system for software development which was initially released nine years ago on 7 April 2005 with the main primary goal of  maintaining a large distributed development project. Unlike client-server systems software developers are independent of network access or a central server as every Git working directory  is a full-fledged repository.

Linus Torvalds the author who started the development of Git decided to release it for free under the terms of the GNU General Public License version 2. According to wikipedia there are many languages being used to develop this version control system such as Perl, Bash, C and Tcl.

Before continuing with the installation of Git on GentOS version 7 I have to mention that it  Git supports the main operating systems such as Linux, POSIX, Windows and OS X.

Prerequisites

Make sure you have CentOS 7 installed on your machine as well as an account with root privileges as it is needed to install software on your system.

Installing Git – Compiling from source

Compiling and installing software from source is not very hard, but for sure it requires some knowledge and I highly recommend to follow each instruction presented on this tutorial very carefully  especially if you have not done this before.

Installing Git from source will allow us to get the latest version where latest features are included but the disadvantage of this method is that once the installation is finished the yum package manager which is being used on CentOS systems can not be used to update on this piece of software.

There are some package dependencies that you have to install manually in order to continue with the installation so fire up a terminal on CentOS 7 and run the following commands.

Since all these dependencies are in the default repositories of CentOS 7 the yum package manager can be used to download an install them. The first one we need to install is the Development Tools.

Become root by running the following.

su root

Use the following command.

sudo yum install "Development Tools"

The above command did not work for me. If that’s the case for you too then use the following command to solve this problem.

yum  groupinstall "Development Tools"

Select y and hit Enter.

Then run the following command to install some other packages needed for the purpose of this tutorial.

sudo yum install gettext-devel openssl-devel perl-CPAN perl-devel zlib-devel

Once the dependencies have been installed then we need to find out and download the latest version of Git software. The following screenshot shows the page from where we will get it.

As you can see from the above screenshot the latest version is v2.3.0. Always make sure to download a version that does not have -rc in it as it stands for a release candidate.

Download version 2.3.0 of Git by using the wget utility.

wget https://github.com/git/git/archive/v2.3.0.tar.gz

Then use the tar utility to untar the .tar archive you just downloaded.

tar xvf v2.3.0.tar.gz

 

Then use the cd command to change the working directory like shown below.

cd git*

 

Once we are in the source folder we can start building. Run the following commands.

make configure
./configure --prefix=/usr/local

You will see something similar to what is shown in the following screenshot.

 We can now execute make install command to finally install the Git software on our CentOS machine.

make install

Be patient after running the above command as it will take some time for the installation to complete. To make sure Git is installed properly run the following command.

git --version

If the above command works then you have done it right.

Install Git – Using Package manager

The easiest way to install Git on CentOS is to use the yum package manager. The following command will help you to download the Git software on your system.

sudo yum install git

Done!


Advertise here with BSA

---------------------------------------------------------------------
How To Install Git On CentOS 7

An Introduction To Access Control Lists (ACL)

$
0
0

What Is Access Control List (ACL)

Access Control List (ACL) provides an additional, more flexible permission mechanism for file systems. ACLs allow you to provide different levels of access to files and folders for different users. It is designed to assist with UNIX file permissions. ACL allows you to give permissions for any user or group to any disc resource.

Prerequisites

Verify your Filesystem options

Before using ACL’s we must first verify that our filesystem has the ACL option enabled or Disable.

A common way to enable ACL support on a filesystem is to add the ACL option to a filesystems mount options in /etc/fstab. We can check if that has been done on this system by using the mount command. Now open the Terminal (Ctrl+Alt+T) and write the following command.

sudo su
mount | grep root
/dev/mapper/workstation-root on / type ext4 (rw,errors=remount-ro)

In this case the ACL option has not been added but that doesn’t mean our filesystem doesn’t have acl’s enabled. On most distributions the default filesystems have the ACL option as part of the default mount options.

Now you can check if your filesystems have ACL as part of the defaults by using the tune2fs command.

tune2fs -l /dev/mapper/workstation-root

Default mount options: user_xattr acl

As you can see on my test system the default mount options contain acl, in this case my filesystem will support acl’s even if I don’t specify it during the mount process. If your filesystem does not have acl as a default mount option, than you can add it during the mount process easily by editing the fstab file.

sudo mcedit /etc/fstab

Simply add the term acl to the mount options as shown below.

Before:

 /dev/mapper/workstation-root / ext4 errors=remount-ro 0 1

After:

 /dev/mapper/workstation-root / ext4 acl,errors=remount-ro 0 1

Once your fstab file is edited you can remount your filesystem with the mount command.

mount -o remount /
mount | grep root
/dev/mapper/workstation-root on / type ext4 (rw,acl,errors=remount-ro)

ACL Utilities

Now that your filesystem supports acl’s we must make sure that you have the acl utilities installed. My test machine is an Ubuntu server install so I will use the dpkg command.

dpkg --list | grep acl
 ii libacl1 2.2.51-5ubuntu1 Access control list shared library

Install ACL

sudo apt-get install acl

Now we check again, and it is installed.

dpkg --list | grep acl
 ii acl 2.2.51-5ubuntu1 Access control list utilities
 ii libacl1 2.2.51-5ubuntu1 Access control list shared library

Setting and Configure ACL’s with getfacl and setfacl command

Now that we have the utilities installed we can start using the setfacl and getfacl commands.

Setting ACL’s with setfacl

Now go to directory

cd /var/tmp/
ls -la | grep appdir
drwxrwxr-x 2 root appgroup 4096 May 27 10:45 appdir

To add these permissions we will use the setfacl command

setfacl -m g:testusers:r appdir/

Let’s break the command down a little bit.

-m

The -m option tells setfacl to modify the acl list for the specified directory.

g:testusers:r

This is actually the access control list that is being set. The first column is specifying g for group, the second column is the group name that I want the permissions to be set for and the last column is the permissions I want that group to have. In this case the read permission.

appdir/

This is the directory that I am setting the permissions on.

Checking the ACL list with getfacl

Once you’ve set the acl with setfacl it is common sense to check if it took effect, in order to do so you will need to use the getfacl command.

getfacl appdir/

Output

# file: appdir/
# owner: root 
# group: appgroup
user::rwx 
group::rwx
group:testusers:r--
mask::rwx
other::r-x

The output of getfacl is pretty self explanatory, you can see the rule that we added below the standard group entry.

Examples of Usages ACL

  • Removing all ACL entries from a file or directory
  • Set test users to have read access to all files in a directory
  • Set the same ACL changes recursively
  • Set the same ACL on all newly created files automatically
  • Set testuser1 to have read, write and execute access to the appuser1 directory
  • Set all users to have read, write and execute access to the shared directory
  • Remove the ACL for testuser1 on appuser1 directory

 Removing all acl entries from a file or directory

Before we start messing with ACL’s in my directory I want to clear out all of the acl’s it previously had. Doing this one by one can be a bit of a pain, its a good thing the setfacl command gives you the ability to remove all acl’s on a specified file or directory. This can be accomplished using the -b option of setfacl.

setfacl -b appdir/
getfacl appdir

Set testusers to have read access to all files in the appdir directory

This is a pretty basic acl, we want the testusers group to have read access to all files in the appdir directory.

setfacl -m g:testusers:r appdir/
getfacl appdir

Set testuser1 to have read, write and execute access to the appuser1 directory

While the user testuser1 is in the testusers group and has read access to the appuser1 directory he does not have write access. In this case we want to give him write access without giving the rest of the testusers write access. This can be done using acl’s by specifying a specific user rather than a group.

setfacl -m u:testuser1:rwx appdir/
getfacl appdir/

The user testuser1 can now create files in the appdir1 directory.

sudo -u testuser1 touch appdir/file2
ls -la appdir/file2
-rw-rw-r--+ 1 testuser1 testusers 0 May 27 12:17 appdir/file2

Set all users to have read, write and execute to the shared directory

We have now given users and groups permissions on directories and files, but what happens when we want all users to have access to a directory? Adding every users name or group could get tedious, in this case we can set the “other” or “world” permissions so that all users on a system can access this directory.

setfacl -m o::rwx shared
getfacl shared/

Another Method Setting ACL

Setting ACL With Example

To modify ACL use setfacl command. To add permissions use setfacl -m.

Add permissions to some user:

setfacl -m "u:username:permissions"

or

setfacl -m "u:uid:permissions"

Add permissions to some group:

setfacl -m "g:groupname:permissions"

or

setfacl -m "g:gid:permissions"

Remove all permissions:

setfacl -b

Remove each entry:

setfacl -x "entry"

To check permissions use:

getfacl filename

Examples

Set all permissions for user johor to file named “abc”:

setfacl -m "u:johor:rwx" abc

Check permissions

getfacl abc

Output

# file: abc
# owner: someone
# group: someone
user::rw-
user:johor:rwx
group::r-- mask::rwx
other::r--

Change permissions for user johor:

setfacl -m "u:johor:r-x" abc

Check permissions

getfacl abc

Output

# file: abc
# owner: someone
# group: someone
user::rw-
user:johor:r-x
group::r--
mask::r-x
other::r--

Remove all extended ACL entries:

setfacl -b abc

Check permissions

getfacl abc
# file: abc
# owner: someone
# group: someone
user::rw-
group::r--
other::r--

Enjoy!


Advertise here with BSA

---------------------------------------------------------------------
An Introduction To Access Control Lists (ACL)

Creating and Setting Up Your Own Forum Using phpBB

$
0
0

Introduction

phpBB is one of the most widely used free discussion board scripts. This free and very powerful application is easy to install and administer. It allows flexibility in terms of design and organization.

phpBB is a free flat-forum bulletin board software solution that can be used to stay in touch with a group of people or can power your entire website. You can create a very unique forum in minutes using the extensive database of user-created modifications and styles database containing hundreds of style and image packages.

phpBB is open source, licensed under Version 2 of the GNU GPL. True to its name, phpBB was written in the PHP programming language. phpBB 3.1 has the added benefit of being built upon the Symfony framework.

The objective of this article is to provide you with an understanding of installation and configuration of phpBB.

Features

  • Password Protected Forums
  • Mange Bookmarks & Subscriptions
  • Custom Profile Fields
  • Type-aware Parameter Handling and Database Layer
  • Posts/Reports Moderation Queue
  • Global Topics/Announcements
  • Manage Bans and Warnings
  • Group-based Memberlist Display
  • Multiple Attachments
  • and many.

Install phpBB on Ubuntu 14.10

System Requirements

phpBB requires certain technical requirements to be met for the store to operate properly. You should check to see that these server requirements are provided and installed on your web servers.

A webserver or web hosting account running on any major Operating System with support for PHP

A SQL database system, one of:

  • MySQL 3.23 or above (MySQLi supported)
  • MariaDB 5.1 or above
  • MS SQL Server 2000 or above (via ODBC)
  • MS SQL Server 2005 or above (via the native adapter, SQLSRV)
  • Oracle
  • PostgreSQL 8.3+
  • SQLite 2
  • SQLite 3

PHP 5.3.3+ (>=5.3.3, >6.0-dev (compatible)) with support for the database you intend to use.

  • getimagesize() function enabled

The following PHP modules are required.

  • json

The following PHP modules are optional, but will provide access to additional features

  • zlib Compression support
  • Remote FTP support

Step 1: Install Prerequisites

Here, we will use Apache web server with phpBB. Before get started install phpBB, you need to install a web server on Ubuntu (Apache, PHP, MySQL) called LAMP server, open terminal then running following commands:

sudo apt-get install lamp-server^

You may need to install some php5 libraries and unzip which handles .zip files on your VPS. You can install these libraries by running this simple command:

sudo apt-get install php5-gd imagemagick unzip

Step 2: Creating A MySQL Database & User

The next step is to create a database on the MySQL server for phpbbdb to store a shop’s data on.

Open the terminal and run this command to log in to MySQL server (use the MySQL password you have entered during the installation of the LAMP Server):

mysql -u root -p

Create a database for phpBB.

create database phpbbdb;

Create MySQL user administrator of phpbbdb.

create user adminphpbb;

Now Give user: admim123 a password

set password for 'phpbbdb' = password('admin123');

We will use this database information later when we are configuring OpenCart using the auto-installer.

Set  privileges adminphpbb to access database phpbbdb using this command:

grant all privileges on phpbbdbdb.* to adminphpbbdb@localhost

Now, Exit from MySQL server,by typing command:

FLUSH PRIVILEGES;
exit

Step 3: Downloading and unzipping phpBB archive

The latest version of phpBB is 3.1.3, released on 2015-02-01 can be downloaded from the phpBB website.

To download open the terminal and type in the following command:

wget https://www.phpbb.com/files/release/phpBB-3.1.3.zip

Now we will unzip this downloaded phpBB zip file in the current directory:

unzip phpBB-3.1.3.zip

We have to move the files & folders present in uploads folder into the root www folder.

sudo cp -R phpBB3/* /var/www/html/

You can now find all the core files & folders of phpBB directly sitting in your root www folder.

Move to the /var/www/html/ directory.

cd /var/www/html/

We will give the ownership of our phpBB files to the apache user by running the following command:

sudo chown www-data:www-data * -R

Add permissions for the group to the following directories and files.

sudo chmod 660 images/avatars/upload/ config.php
sudo chmod 770 store/ cache/ files/

Step 4: Web installation

With a new database freshly created, we are now ready to install phpBB directly onto a website. You should open up a web browser and enter in the web address of where they uploaded phpBB. You should be automatically greeted by the following page:

After checking the terms and conditions,  you should click on the Install tab.

You should have all the required packages already installed. Click Proceed to next step, then Start install.

The next page is Installation compatibility. The Start Install button is available at the bottom of the page.

Enter the database credentials, replacing the database name, username, and password with your own values.If you have correctly entered the database details you should see a successful database connection.

In this next step, you should set up your administrator username and password.

A confirmation that the user administrator was successfully created and  you should click on the Proceed to next step button. This will bring you to the  successful installation confirmation page.

Once you have installed phpBB, it is good practice and necessary from a security point of view to delete your install folder. We should be careful that only the install folder is to be deleted and not others folders. You can use the following command.

rm -rf /var/www/install/

and remove some permissions on the config.php file.

sudo chmod 640 /var/www/html/config.php

Now you can access your phpBB forum at your Droplet’s IP address http://your_server_ip/.

ca

Now that you have installed phpBB, you have a free alternative that will allow to build a successful online forum on your website.

The administrator of a board has many powers, including fine-tuning the board settings and managing users. You can find out more about administrators in the phpBB Administration Guide.

Enjoy!


Advertise here with BSA

---------------------------------------------------------------------
Creating and Setting Up Your Own Forum Using phpBB

Security Onion: A Linux Distro For IDS, NSM, And Log Management

$
0
0

Introduction

Security Onion is a Linux distribution for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, Sguil, Squert, Snorby, ELSA, Xplico, Network Miner, and many other security tools. Security Onion is a platform that allows you to monitor your network for security alerts. It’s simple enough to run in small environments without many issues and allows advanced users to deploy distributed systems that can be used in network enterprise type environments.

Security Onion Layers

  • Ubuntu based OS
  • Snort, Suricata
  • Snorby
  • Bro
  • Sguil
  • Squert
  • ELSA
  • NetworkMiner
  • PADS

And Many Other tools…

Snort/Suricata

  • Snort and Suricata are NIDS Engine.

Snort

  • Snort is an open source network intrusion detection and prevention system (IDS/IPS)

Suricata

  • Suricata is a high performance Network IDS/IPS and network Security Monitoring system.

IDS Engines

  • Highly scalable
  • Protocol Identification
  • File Identification
  • MD5 Checksums
  • File Extraction

Snorby

Web frontend of network security’s monitoring.

  • Metrics and reports
  • Classifications
  • Full Packet
  • custom setting
  • Hotkeys

Bro

  • High-level semantic analysis at the application
  • site-specific monitoring policies Sguil
  • It is an analysis console for security’s monitoring
  • Its a powerful for Event analysis, Coreleation and review Squert
  • A web interfaces to query and to view Sguil event data and is a visual tools
  • Bro is a powerful network analysis framework

ELSA

ELSA is a centralized system log framework built on System log-NG, MySQL, and Sphinx full-text search. It provides a fully asynchronous web-based query interface that normalizes logs and makes searching billions of them for arbitrary strings as easy as searching the web. It also includes tools for assigning permissions for viewing the logs as well as email based alerts, scheduled queries, and graphing.

Step 1: Installing Security Onion

Download Security Onion ISO image from http://securityonion.blogspot.com/. I used the direct download link from Sourceforge. When the download is finished. After that, this ISO Image burn the CD. This CD Insert the DVD ROM. Then boot the machine. Then wait few second…

When ready to install the system, select the install script on the desktop.

Install Icon Gui

When Click Install security Onion 12.4. Then Preparing to Install and given two check box true value.

Installation section
The installer will prompt you on how you would like to partition the hard drive. Select Erase disk and Install security Onion.

partition

Now Given Username and Password of the system. No need to select encrypted my home folder and click Continue.

UP

When the installation is complete you will be prompted to reboot your system.

reboot

Step 2: Updating the Security Onion

When the installation is complete and the system reboots, you will need to update the Ubuntu OS components as well as the Security Onion components. Wait few second or Open Terminal prompt and write the update command..

sudo apt-get update

After that look at the menu bar, select “Check for updates”. When the process is complete, go back to the menu bar, and select “Install all updates”

When all updates have finished installing, restart the system.

update

Step 3: Updating Security Onion

Now we will update the Security Onion components. This will update the latest scripts and security tools used inside the Security Onion platform.

Now Open Terminal. Then Write the command

sudo su
sudo apt-get update
sudo apt-get install securityonion-pfring-module

The update procedure will take a few minutes.

Step 4 : Setting up Security Onion

Double click on the install script on the desktop.

setup

Now enter your root password.
You will prompted to configure network interfaces. Select yes.

network

You will be asked to chose your management interface. This is the interface that will have an IP address and be used to manage the system.

interface
You will be asked to configure the interface for static IP settings or DHCP. In most cases you will want to configure static IP addresses. However, I configured DHCP.

eth0

The system will prompt you to reboot when complete.

reboot
When the system reboots, click on the setup icon on the desktop again.

You may Skip the network setup since it is already completed.

setup
You will need to select to install Security Onion as a distributed system or chose the Quick Setup option. We will select the Quick Setup option.

333
You will need to create a username that will be used to log into and use the Sequill, Squert, and ELSA tools.
User Name like this: johor

You will be asked for an email address. This is the username you will use to log into Snorby. Snorby is going to one the primary interfaces we will use to monitor Snort.
Email Like this: mailofjohor@gmail.com

You will be asked to create a password. The system only accepts alphanumeric passwords, so you cannot use special characters.
Password like this: password

Enable ELSA
The system will finish configuring Security Onion tools.

finish

con
Congratulations you have installed Security Onion

Step 5 : Using Security Onion

The first thing we will want to do is update the Snort rules in Security Onion. Open up a terminal window and enure you have root privileges. We used the sudo su command to change over to root.

The command will update the rules.

 sudo /usr/bin/rule-update

Next, we will launch Snorby. You can simply double click on the Snorby icon on the desktop. You will use the email address and password you created during the setup script in Step 4 to login.

Example :

E-mail address: mailofjohor@gmail.com

Password: password

last

This is Monitoring Interface for Snorby

monitoring

Congratulations, you have successfully setup Security Onion, configured Snort to monitor your data, and are using Snorby to view alerts.

Enjoy!!


Advertise here with BSA

---------------------------------------------------------------------
Security Onion: A Linux Distro For IDS, NSM, And Log Management

Install Oracle Database 12c On openSUSE 13.2

$
0
0

Dear Unixmen Fans, today we will show you the steps about how to install Oracle Database 12c in openSUSE. Also, this will work on SUSE Linux Enterprise Server too.

About my machine:

Vmware  with 4GB RAM
Linux Opensuse  13.2  64bit
Hostname: opensuse-unixmen

Network:

eno167777 Link encap:Ethernet  HWaddr 00:0C:29:65:7C:EB
          inet addr:192.168.64.130  Bcast:192.168.64.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe65:7ceb/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:59537 errors:0 dropped:0 overruns:0 frame:0
          TX packets:54818 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:8441952 (8.0 Mb)  TX bytes:6909698 (6.5 Mb)
          Interrupt:19 Base address:0x2000

1- First update your machine

zupper dup

Accept the license and continue.

2- Add you hostname and ip to /etc/hosts

3- Check if these package has been installed

zypper install libstdc++46-devel libstdc++33 libstdc++33-devel libelf-devel gcc-c++ libaio-devel sysstat unixODBC unixODBC-devel xdpyinfo

4- Add groups

 groupadd -g 502 oinstall
 groupadd  -g 503 dba
 groupadd  -g 504 oper
 groupadd -g 505 asmadmin

5- Create oracle user and add it to following groups

useradd -u 502 -g oinstall -G dba,asmadmin,oper -s /bin/bash -m oracle

6- Set oracle user password

passwd oracle

6.1- Check Oracle user ID

id oracle
 uid=502(oracle) gid=502(oinstall) groups=503(dba),504(oper),505(asmadmin),502(oinstall)

7- Create database installation directory and set the proper rights

 mkdir -p /home/u01/app/oracle/product/12.1.0/dbhome_1
 chown -R oracle:oinstall /home/u01/
 chmod -R 775 /home/u01/

8- Configure the kernel parameters /etc/sysctl.conf

 fs.suid_dumpable = 1
 fs.aio-max-nr = 1048576
 fs.file-max = 6815744
 kernel.shmall = 2097152
 kernel.shmmax = 536870912
 kernel.shmmni = 4096
 # semaphores: semmsl, semmns, semopm, semmni
 kernel.sem = 250 32000 100 128linuxamd64_12102_database_1of2.zip
 net.ipv4.ip_local_port_range = 9000 65500
 net.core.rmem_default=4194304
 net.core.rmem_max=4194304
 net.core.wmem_default=262144
 net.core.wmem_max=1048586

9- Configure limits.conf file   (/etc/security/limits.conf

 oracle              soft    nproc   2047
 oracle              hard    nproc   16384
 oracle              soft    nofile  1024
 oracle              hard    nofile  65536
 oracle              soft    stack   10240

10- Load the new kernel  configuration

/sbin/sysctl -p

11- Go to your folder where you have Oracle database software and extract the zip files

 cd /Downloaded oracle_files/
 unzip linuxamd64_12102_database_1of2.zip
 unzip linuxamd64_12102_database_2of2.zip

Then

chown -R oracle:oinstall database
mv database /home/oracle

11- sudo to oracle user

su - oracle

12- Add installation variables to your bashrc profile

vi .bashrc

and add this:

Oracle Settings
 TMP=/tmp; export TMP
 TMPDIR=$TMP; export TMPDIR
#ORACLE_HOSTNAME=
# export ORACLE_HOSTNAME
 ORACLE_UNQNAME=DB12C; export ORACLE_UNQNAME
 ORACLE_BASE=/home/u01/app/oracle; export ORACLE_BASE
 ORACLE_HOME=$ORACLE_BASE/product/12.1.0/dbhome_1; export ORACLE_HOME
 ORACLE_SID=DB12C
 export ORACLE_SID
PATH=/usr/sbin:$PATH; export PATH
PATH=$ORACLE_HOME/bin:$PATH; export PATH
LD_LIBRARY_PATH=$ORACLE_HOME/lib:/lib:/usr/lib; export LD_LIBRARY_PATH
CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/rdbms/jlib; export CLASSPATH

save and exit.

13- Integrate this changes with your profile

vi .bash_profile

and add:

 if [ -f ~/.bashrc ]; then
 source ~/.bashrc
 fi

14- Login from Shell/ or from putty or others ssh terminals/tools supporting X11

15- Ensure that DISPLAY has been exported

export   DISPLAY=hotname:0.0
xhost +IP

16- Lets start the installations

cd /home/oracle/database

17- Start the installation

oracle@opensuse-unixmen:~/database> ./runInstaller
Starting Oracle Universal Installer...

Checking Temp space: must be greater than 500 MB.   Actual 6125 MB    Passed
Checking swap space: must be greater than 150 MB.   Actual 2047 MB    Passed
Checking monitor: must be configured to display at least 256 colors.    Actual 16777216    Passed
oracle@opensuse-unixmen:~/database> You can find the log of this install session at:
 /home/u01/app/oraInventory/logs/installActions2015-02-11_10-48-20PM.log

oracle1 oracle2 oracle3 oracle4 oracle5 oracle6 oracle7 oracle8 oracle9

This is the output of the commands

opensuse-unixmen:~ # /home/u01/app/oraInventory/orainstRoot.sh
Changing permissions of /home/u01/app/oraInventory.
Adding read,write permissions for group.
Removing read,write,execute permissions for world.

Changing groupname of /home/u01/app/oraInventory to oinstall.
The execution of the script is complete.
opensuse-unixmen:~ # /home/u01/app/oracle/product/12.1.0/dbhome_1/root.sh
Performing root user operation.

The following environment variables are set as:
    ORACLE_OWNER= oracle
    ORACLE_HOME=  /home/u01/app/oracle/product/12.1.0/dbhome_1

Enter the full pathname of the local bin directory: [/usr/local/bin]:
   Copying dbhome to /usr/local/bin ...
   Copying oraenv to /usr/local/bin ...
   Copying coraenv to /usr/local/bin ...


Creating /etc/oratab file...
Entries will be added to the /etc/oratab file as needed by
Database Configuration Assistant when a database is created
Finished running generic part of root script.
Now product-specific root actions will be performed.

Click  OK to continue

oracle90

 Make password for SYS and SYSTEM users

oracle91

Completed.

oracle92

Lets make some checks:

Check the Listener

oracle@opensuse-unixmen:~> lsnrctl  status

oracle93

Check the Enterprise manager Console

https://opensuse-unixmen:5500/em

oracle94

oracle95

oracle96

 Done!


Advertise here with BSA

---------------------------------------------------------------------
Install Oracle Database 12c On openSUSE 13.2

Tonido: A Free, Private Cloud And Streaming Media Server

$
0
0

What is Tonido?

Tonido is a cross platform, free application that allows you to access all files on your computer from a web browser, smartphone, tablet or even DLNA enabled devices. You can access your files from anywhere, and ofcourse you can share them to your friends, family, and colleagues as well. Additionally, you can create a secure private share that only authorized people are allowed to access them. As you’re the only person to access or share your files to others, you have a private and secure Cloud on your hand.

Also using Tonido, you can stream your Media such as Photos, Audios, and Videos to any devices on your network. Tonido will help you to sync files/folders on multiple systems. Tonido works great on almost all platforms and devices such as Linux, Windows, Mac, Raspberry Pi, QNAP and all major mobile phones and tablets including iPhone, iPad, Android, Windows Phone 8 and Blackberry. The good news is you’re free to customize Tonido and use your own logo, branding and Identity.

Installation

Tonido comes in two flavours. Free for SOHO users, and Paid for Enterprise. In this tutorial, We will test the free version in Ubuntu 14.04. You can install Tonido on other Linux platforms such as Fedora, RHEL, CentOS, OpenSUSE, Arch Linux, and Mepis. Find the detailed installation instructions here.

After downloading it, create working directory for Tonido.

sudo mkdir /usr/local/tonido

Go to that directory, and download the free version from the Tonido official download page.

cd /usr/local/tonido/
sudo wget http://www.tonido.com/download.php?tonido64.tar.gz

Extract the tar file.

sudo tar -zxvf tonido64.tar.gz

Now, run Tonido using command:

sudo ./tonido.sh start

Tonido Configuration

After starting Tonido, open your web browser and navigate to http://127.0.0.1:10001/. The following screen should appear.

We have to create a local account now. Enter the account name of your choice, account password, and email Id.

Tonido - Mozilla Firefox_002

Your remote access server URL will be created now. This URL will look like: http://<account-name>.tonido.com.

Tonido | skostechnix - Mozilla Firefox_003

Select the folders that can be accessed remotely via Tonido. You can change this settings later.

Tonido | skostechnix - Mozilla Firefox_005

Select the folders to index your Music, Photos and Video collection.

Tonido | skostechnix - Mozilla Firefox_008

Install the mobile apps for iOS, Android, Windows Phone and get seamless access to all your files, music, photos and videos.

Finally, click Close.

Tonido | skostechnix - Mozilla Firefox_009

Now, you’ll be redirected to your Tonido dashboard.

Tonido | skostechnix - Mozilla Firefox_010

From here, you can store your files/folders, and share them to others if you want.

Adding Media Files

You can add any kind of files like audio/video or images of your choice.

For example, we will add a video file. To do that click on the Videos button on the left.

Select the folder which contains the media files. Once you have selected the folders, click on the Index now button.

Tonido | skostechnix - Mozilla Firefox_017

Wait for minutes to index all media files. Then, have fun.

Playing music files:

Tonido | skostechnix - Mozilla Firefox_018

Playing Video files:

Tonido | skostechnix - Mozilla Firefox_019

Sharing Files

You can share files/folders to your friends, family, and colleagues or to a particular person. To do that, go to Shared files section, and select the folder you want to share.

Tonido | skostechnix - Mozilla Firefox_020

Also, you can share this folder to a particular person.

Selection_021

Sync Files/Folders

If you want to sync files/folders to multiple systems, you can install the Tonido sync tool. To do that, click the Account name drop-down box, and select Tonido Sync. As I want to use this on my desktop, I selected the Desktop application.

Menu_011

You’ll be redirected to the Tonido sync download page. Select and download the Sync app depending upon your device. For me, I downloaded and installed the desktop version.

Package Installer - tonidosync_012

Launch Tonido sync either from the Menu or Unity Dash. Select the folders you want to sync.

Headless Server Configuration

If you are running Tonido on a system without display, you will need to follow the steps below to setup Tonido correctly. First, you will have to change a config setting to create a profile remotely.

Do the following:

  1. Start Tonido first by running the tonidoconsole binary to let it initialize the config data. Stop Tonido.
  2. Navigate to the following location: ~/tonido/data
  3. Open the configex.xml file
  4. Find the following lines.
<rowentry>
 <name>WebAccess</name>
 <type>string</type>
 <value>local</value>
</rowentry>
<rowentry>
 <name>RemoteAdmin</name>
 <type>bool</type>
 <value>0</value>
</rowentry>
Change them To:
<rowentry>
 <name>WebAccess</name>
 <type>string</type>
 <value>all</value>
</rowentry>
<rowentry>
 <name>RemoteAdmin</name>
 <type>bool</type>
 <value>1</value>
</rowentry>
Save and close the file.

Start Tonido as a service in Ubuntu

Go to /etc/init.d directory. Create a new script as shown below.

sudo vi tonido_service.sh
Copy and paste the lines below into the new script.
#!/bin/bash
su <user> -c "bash -c ' /usr/local/tonido.sh $1'"
Replace the “<user>” with your own user account. Save and close the script.
Assign appropriate permission to the script.
sudo chmod 777 ./tonido_service.sh
Make the service script to run as service at every boot.
sudo update-rc.d tonido_service.sh defaults
To remove the tonido_service.sh script:
sudo update-rc.d tonido_service.sh remove
To start the script.
sudo service tonido_service.sh start
That’s it. Your private cloud and streaming media server is ready to use. For details, I suggest you to read the comprehensive usage guide from Tonido site.
Good day.

Advertise here with BSA

---------------------------------------------------------------------
Tonido: A Free, Private Cloud And Streaming Media Server

Remove The Password Of A Password Protected PDF Files

$
0
0

This brief tutorial describes how to remove the password protection from the PDF files. Please note that we are not going to hack or crack the password of PDF file. Instead, we just remove the known password of the PDF file using qpdf application from Terminal. It is really easy and fun. Let us get started.

What is Qpdf?

From the man pages,

The  qpdf program is used to convert one PDF file to another equivalent PDF file. It is capable of performing a variety of transformations such as linearization (also known as web optimization or fast web viewing), encryption, and decryption of PDF files. It also has many  options for inspecting or checking PDF files, some of which are useful primarily to PDF developers

Install Qpdf

Install Qpdf in Debian based system using command:

sudo apt-get install qpdf

In RPM based systems, we can install it using command:

sudo yum install qpdf

Remove Password Protection from PDF file

I have a password protected PDF file in my home folder, and I know the password. Be mindful that you should have your PDF file password. Otherwise, you can’t remove the password protection using this method.

My password protected PDF file name is password.pdf.

When opening the pdf file, It asks me to enter the password.

password.pdf — Password Required_001

Ofcourse, I know the password ,and I can easily open it using the password. But I really don’t want password protection.

Using the following command, I am going to remove the password from the password.pdf file, and save it with a name nopassword.pdf in the home directory.

qpdf --password='mypassword' --decrypt password.pdf nopassword.pdf

Done!

Then, I opened the PDF file, It didn’t ask to enter the password. Very easy, isn’t it?

For more details about Qpdf, I suggest you to read the Qpdf manual.

Remove password Using Pdftk

Also, you do it using pdftk.

To install Pdftk, use the following command on Debian based system.

sudo apt-get install pdftk

On RPM based systems:

Refer the pdftk installation page.

After installing it, run the following command to remove the password.

pdftk password.pdf input_pw mypassword output nopassword.pdf

Thanks Mr.David to let us know about Pdftk via Comment.

That’s it. happy weekend!


Advertise here with BSA

---------------------------------------------------------------------
Remove The Password Of A Password Protected PDF Files


Install Sublime Text 3 On Linux [Quick Tip]

$
0
0

Sublime Text is one of the text editors I love so much. switching over Linux distributions,  I find it difficult sometimes installing it on some distros. Recently it was Fedora 21. Yes I know Fedy can be used to install Sublime Text 3 but it failed this time round.

I came across Simone Vittori’s post about how to install sublime on any distro thanks to his script.

To install open Terminal and run the command below:

curl -L git.io/sublimetext | sh
➜ ~ curl -L git.io/sublimetext | sh
 % Total % Received % Xferd Average Speed Time Time Time Current
 Dload Upload Total Spent Left Speed
 0 0 0 0 0 0 0 0 --:--:-- 0:00:03 --:--:-- 0
 0 0 0 0 0 0 0 0 --:--:-- 0:00:05 --:--:-- 0
 100 1286 100 1286 0 0 198 0 0:00:06 0:00:06 --:--:-- 1427
 % Total % Received % Xferd Average Speed Time Time Time Current
 Dload Upload Total Spent Left Speed
 100 7380k 100 7380k 0 0 289k 0 0:00:25 0:00:25 --:--:-- 457k
 [sudo] password for seth:
 % Total % Received % Xferd Average Speed Time Time Time Current
 Dload Upload Total Spent Left Speed
 100 170k 100 170k 0 0 57142 0 0:00:03 0:00:03 --:--:-- 57160
Sublime Text 3 installed successfully!
Run with: subl

You should see Sublime Text 3 (Build 3065) installed now.

Credit


Advertise here with BSA

---------------------------------------------------------------------
Install Sublime Text 3 On Linux [Quick Tip]

Setting Up Multiple WordPress Sites Using Multisite

$
0
0

Introduction

WordPress is the most popular CMS (content management system) on the internet. It allows you to easily set up flexible blogs and websites on top of a MySQL backend with PHP processing. WordPress has seen incredible adoption and is a great choice for getting a website up and running quickly.

If you plan to have more than one WordPress website or blog, there are different ways to accomplish this.

  • First option is to install multiple independent WordPress instances on the same server. With this option each website needed to have its own installation and configuation so you need more time to do the installation for each website.
  • Second option is to install WordPress Multisite, which lets you create and manage multiple WordPress blogs/websites from a single WordPress instance. This option might be a good option . It easier to create multiple WordPress sites on one server and lets you manage multiple websites from a common dashboard, and you have the added advantage of being able to share themes and plugins between your WordPress Multisite sites.

If you haven’t installed WordPress yet, check the following article.

On Debian based systems:

On RPM based systems:

Following on from my previous article How To Secure WordPress Website  show you checklist allows you to secure and test your WordPress site with as little effort as possible.

What is WordPress Multisite?

A WordPress multisite network allows you to run and manage multiple WordPress sites from a single WordPress installation. You can create new sites instantly and manage from a single dashboard. You can install plugins and themes on multiple sites in one time. Multisite network also makes it easier for you to manage updates. You only need to update your WordPress, plugins, or themes on one install.

Install WordPress Multisite

To begin with, modify the WordPress configuration, activating the multisite networking:

sudo nano /var/www/wp-config.php

You need to add this line to your wp-config.php file just before the /* That’s all, stop editing! Happy blogging. */ line.

/* Multisite */
define('WP_ALLOW_MULTISITE', true);

You will see this error message if you don’t enable multisite in your wp-config.php file.

wp

Once you have enabled multisite through wp-config.php and saved the file, you will see a new option in your tools menu entitled “Network Setup” (located at www.yourdomain.com/wp-admin/network.php).

wpYou need to make sure that the mode rewrite is enabled. You can activate the apache mod_Rewrite module by typing this command:

sudo a2enmod rewrite

Now that you have successfully enabled the Multisite Network feature on your WordPress site, it is time to set up your network.

Before you proceed with the installation you need to deactivate all of your WordPress plugins. This is a precautionary measure that avoids any conflictions occurring.

wp

At this stage , go into your WordPress dashboard and select Tools => Network Setup.

wp

You can add an admin email address other than the one you are currently using to manage your multisite.

Once you are done, click on the button Install.

wp

Create a directory for your new sites:

sudo mkdir /var/www/wp-content/blogs.dir

Alter your WordPress configuration. Make sure to paste this above the line /* That’s all, stop editing! Happy blogging. */:

sudo nano /var/www/wp-config.php
define('MULTISITE', true);
define('SUBDOMAIN_INSTALL', false);
$base = '/';
define('DOMAIN_CURRENT_SITE', 'YOUR IP ADDRESS HERE');
define('PATH_CURRENT_SITE', '/');
define('SITE_ID_CURRENT_SITE', 1);
define('BLOG_ID_CURRENT_SITE', 1);

Now, add WordPress’s rewrite rules to /var/www htaccess file:

sudo nano /var/www/.htaccess
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# uploaded files
RewriteRule ^([_0-9a-zA-Z-]+/)?files/(.+) wp-includes/ms-files.php?file=$2 [L]

# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
RewriteRule  ^[_0-9a-zA-Z-]+/(wp-(content|admin|includes).*) $1 [L]
RewriteRule  ^[_0-9a-zA-Z-]+/(.*\.php)$ $1 [L]
RewriteRule . index.php [L]

After successfully setting up the Multisite Network, log into WordPress Dashboard once more  you will notice that the header bar now has a section called, “My Sites” instead of simply displaying your blog’s name.

wp

To add a new site to your WordPress multisite, simply click on Sites under My Sites.

wp

 

That’s all.

We hope this article helped you install and setup WordPress multisite network.

Following on from my previous article How To Secure WordPress Website  show you checklist allows you to secure your WordPress site with as little effort as possible.

If you have any feedback or comments, feel free to post them in the comment section below.

Install VMware Tools On Linux

$
0
0

This method should work on ESXi/Vsphere/Vmware Workstation. Please follow the following instructions, It is same for installing vmware tools for linux.

How to install VMware Tools in a CentOS Guest

First, you must select option for Install/Upgrade Tools in your eSXI./Vshere/Vmware Workstation  To this,
Right click on virtual machine→ Guest Menu → Install/Upgrade Vmware Tools.

For Fusion: Virtual Machine > Install VMware Tools.
For Workstation: VM > Install VMware Tools.
For Player: Player > Manage > Install VMware Tools.

vmware

install Development tools first

CentOS:

yum groupinstall "Development Tools"

Ubuntu:

apt-get install build-essential linux-headers-$(uname -r)

Now, copy and paste the following commands in your terminal:

mkdir /mnt/cdrom
mount /dev/cdrom /mnt/cdrom
cp /mnt/cdrom/VMwareTools-*.tar.gz /tmp
umount /mnt/cdrom
tar zxf /tmp/VMwareTools*.tar.gz -C /tmp
cd /tmp/vmware-tools-distrib/
./vmware-install.pl –default

Please  follow  the instructions one by one.

Now,

Remove the installation files

rm f /tmp/VMwareTools*.tar.gz
rm -rf /tmp/vmware-tools-distrib

Done!

VeraCrypt: Secure Your Data On An Encrypted Volume

$
0
0

Introduction

As you may know, CIA, Confidentiality/Integrity/Availability, is the main key elements of Information Security. The main Job of a System Administrator/Security expert is to protect the data from unauthorized access, use, disclosure, disruption, destruction, and modification. There are n number of tools and methods are available out there to secure your data. The one we will discuss today is VeraCrypt.

VeraCrypt is a free disk encryption software. It is based on TrueCrypt, and solves many vulnerabilities and security issues found in TrueCrypt. Using VeraCrypt anyone can make an encrypted volume. Whenever you store data in VeraCrypt volume, the data will automatically be encrypted before it is saved, and decrypted after it is loaded, without any user intervention. Nobody can steal/read/edit your data on the encrypted volume without using the correct password/keyfile(s). The entire filesystem will be encrypted including file names, folder names, contents of every file, free space, meta data, etc.

You can store files on VeraCrypt volumes as the way you do in normal volumes. Data that are being written on VeraCrypt volumes will be encrypted automatically, and data that are being copied or read from the encrypted volumes will be decrypted automatically. Once you unmount the VeraCrypt vloume, the data are inaccessible and encrypted. To access the data, you should mount the VeraCrypt volume with the correct password and/or keyfile. VeraCrypt is completely free for use, and it works well on GNU/Linux, Windows, and Mac OS X.

In this tutorial, we will see how to create a encrypted volume in local and external drive. This guide is tested on Ubuntu 14.04, and is worked for me as explained.

Installation

Download the latest version from the VeraCrypt download page.

Extract the tar file using command:

tar -xjvf veracrypt-1.0f-1-setup.tar.bz2

The above command will extract and save the files in the current directory. typically, there will be for files. Two files for command-line installation(x86 & x64 bit), and two files for GUI mode installation. I am going to install the 64bit version GUI file.

You will see the following screen. Click Install Veracrypt.

xmessage_001

Accept the license agreement.

xmessage_002

Click OK to continue.

xmessage_003

Finally press Enter to exit and complete the installation.

VeraCrypt Setup_004

We have successfully installed VeraCrypt. Let us see how to use and encrypt a volume.

1. Creating VeraCrypt Container

In this method, we will create an encrypted container inside a file. Let us see how to do it.

Launch it either from the Menu or Dash. VeraCrypt interface will look like below.

Click Create Volume.

 VeraCrypt_001

Select Create an encrypted container option.

VeraCrypt Volume Creation Wizard_002

Select Standard VeraCrypt volume.

VeraCrypt Volume Creation Wizard_003

Next, you have to specify where you want to store the encrypted volume. In my case, I created a folder called “Encrypted” in my Home folder. So, I am going to use the folder to create and mount VeraCrypt volume. Also, you have to name the file container.

VeraCrypt Volume Creation Wizard_004

Specify a New VeraCrypt Volume_005

Click Next after selecting the Volume location.

VeraCrypt Volume Creation Wizard_006

Select the Encryption Algorithm. You can choose any algorithm type. I will go with default selected encryption algorithm.

VeraCrypt Volume Creation Wizard_010

Specify the size of the container in KB, MB, or GB.

VeraCrypt Volume Creation Wizard_007

Now, we reached the important part. You should enter a strong a password consisting of minimum 20 characters, and maximum 64 characters. The password must contain a random combination of lower/upper case letters, numbers, and special characters.

VeraCrypt Volume Creation Wizard_011

Now, you have to choose any one of the option. If you want to store files larger than 4GB or less than 4GB. I will go with first option.

VeraCrypt Volume Creation Wizard_008

Select the file system.

VeraCrypt Volume Creation Wizard_012

Move your mouse pointer as randomly as possible within the following window atleast 30 seconds. This significantly increases the cryptographic strength of the encryption keys. The longer you move it, the better.

VeraCrypt Volume Creation Wizard_013

I did this for 50 seconds. Finally, click Format.

VeraCrypt Volume Creation Wizard_014

The format process will take few minutes depending upon the size.

Finally, you will see a successful installation completed wizard. Click Ok.

VeraCrypt_015

If you wish to create another volume, click Next, else click Exit.

VeraCrypt Volume Creation Wizard_016

That’s it. We successfully created the Volume. We will see how to mount and dismount it.

Mount/Dismount Volumes

Once you created the encrypted volumes, go back to the main window of VeraCrypt. Select a slot, browser to the file container location, and click Mount.

VeraCrypt_009

Enter your VeraCrypt password.

Enter password for "-home-sk-Encrypted-My Encrypted Volume"_010

Then, enter your root user password of your local system.

Administrator privileges required_011

Voila! The virtual drive has been created and mounted.

VeraCrypt_012

You can check it on your file manager too.

Selection_013

Now, you can use this virtual disk as the way you use a normal volume. Store the highly confidential data in the VeraCrypt volume and be relax. Nobody can steal your data without the correct password or/and keyfile(s).

To dismount the volume, click on the Dismount button on the VeraCrypt main interface.

VeraCrypt_014

Now, your volume will be dismounted. You or anyone no longer can access the volume. The data stored in the volume is inaccessible, safe and encrypted.

What we have seen so far is just a created a file in our local hard disk, and mount the encrypted volume on it. The second part describes how to make an encrypted volume on external drives like USB thumb drive.

2. Create Encrypted Partition/Drive

This is method is quite same as above, but with some little changes.

Launch VeraCrypt either from the Menu or Dash.

Now, Plug your USB drive, and make sure there aren’t any important data on it.

Click Create Volume.

VeraCrypt_005

Select Create a volume within a partition/drive option and click Next.

VeraCrypt Volume Creation Wizard_006

We have to choose whether you want to create a standard or Hidden veracrypt volume. I will go with default option. So I selected the first option: Standard VeraCrypt volume.

VeraCrypt Volume Creation Wizard_007

Now, select your device that you want to encrypt.

In my case, I selected my USB drive. And, make sure “Never save history” option is checked.

VeraCrypt Volume Creation Wizard_008

You may now be asked to enter your root user password.

Administrator privileges required_009

Select the Encryption Algorithm. You can choose any algorithm type. I will go with default selected encryption algorithm.

VeraCrypt Volume Creation Wizard_010

Now, we reached the important part. You should enter a strong a password consisting of minimum 20 characters, and maximum 64 characters. The password must contain a random combination of lower/upper case letters, numbers, and special characters.

VeraCrypt Volume Creation Wizard_011

Select the file system.

VeraCrypt Volume Creation Wizard_012

Move your mouse pointer as randomly as possible within the following window atleast 30 seconds. This significantly increases the cryptographic strength of the encryption keys. The longer you move it, the better.

VeraCrypt Volume Creation Wizard_013

I did this for 50 seconds. Finally, click Format.

VeraCrypt Volume Creation Wizard_014

The format process will take few minutes depending upon the size.

Finally, you will see a successful installation completed wizard. Click Ok.

VeraCrypt_015

If you wish to create another volume, click Next, else click Exit.

VeraCrypt Volume Creation Wizard_016

Mount/Dismount Volumes

Once you created the encrypted volumes, go back to the main window of VeraCrypt, select a slot and click Mount.

VeraCrypt_020

Enter the password.

Enter password for "-dev-sdb1"_021

After that, you’ll see the USB drive is mounted.

VeraCrypt_022

Now, open your file manager, and start using the encrypted volumes.

To dismount the volume, simply click on the Dismount in the VeraCrypt main window.

VeraCrypt_025

Uninstallation

If you not satisfy with VeraCrypt, you can uninstall it using command:

sudo /usr/bin/veracrypt-uninstall.sh

For more detailed usage details, refer the official VeraCrypt Documentation.

Conclusion

We have seen how to install VeraCrypt on Ubuntu and create encrypted volumes, and unmount them when not used. As far as I know, VeraCrypt is a must have and useful tool if you’re having some confidential data. Try and find yourself. You won’t be disappointed.

Cheers!

Increase Disk Space And Memory In Linux VMware Virtual Machines

$
0
0

When doing a standard Linux installation on a Vmware virtual machine, the installation process typically allocates all of the available virtual disk space to the Linux file system and swap partitions.

The size of the virtual disk can easily be increased using the Vmware utility (Vmware Workstation or Vsphere), but as neither the partition table or the file systems themselves are modified by Vmware utility, the guest system does not see the new virtual disk size.

This article explains how to add  disk space and memory RAM to VMware VM.

Increase Disk Space in Linux VMware VM

Before Increasing the disk size you need  to shutdown your VM. After that you can change the disk sapce by editing the settings of the VM (right click > Settings).

The Vmware utility (Vmware Workstation or Vsphere)  provides a dialog to change the size of the Vmware virtual disk.

Select the new storage size by entering the value in the dialog. The virtual disk will be resized to the new value. When increasing the size, the data on the disk is preserved.

vmware4

Increasing the size of the VM disk size does not change the filesystem on that disk. You need to connect to the command line of the Linux VM via the console or putty session and log in as root.

Find the device where the unpartitioned space using this command:

fdisk -l

fdisk

Create a new partition that takes up the remaining space and is of filesystem type 8e (LVM):

fdisk /dev/sda

vmware5

Now enter ‘n‘, to create a new partition and choose “p” to create a new primary partition. Please note, your system can only have 4 primary partitions on this disk! If you’ve already reached this limit, create an extended partition.

 n (new)
 p (primary)
 3 (partition number, since 1st and 2nd partition already exists)
 select default first available cylinder to the default last cylinder.
 t (type)
 3 (partition number)
 8e (set type to LVM)
 p (view the new partitions layout)
 w (write out the new partitions layout to disk)

reboot the system so the new partition is recognized by the system.

reboot

The new partition layout is now:

Disk /dev/sda: 53.6 GB, 53687091200 bytes
 255 heads, 63 sectors/track, 6527 cylinders
 Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot      Start         End      Blocks   Id  System
 /dev/sda1   *           1          13      104391   83  Linux
 /dev/sda2              14        2610    20860402+  8e  Linux LVM
 /dev/sda3            2611        6527    31463302+  8e  Linux LV

Now, create the physical volume as a basis for your LVM.

pvcreate /dev/sda3

Add the new Physical Volume to the Volume Group as additional free space:

vgextend VolGroup00 /dev/sda3

To find out how your Volume Group is called use this command.

vgdisplay
--- Volume group ---
 VG Name               VolGroup00
 System ID
 Format                lvm2
 Metadata Areas        2
 Metadata Sequence No  4
 VG Access             read/write
 VG Status             resizable
 MAX LV                0
 Cur LV                2
 Open LV               2
 Max PV                0
 Cur PV                2
 Act PV                2
 VG Size               49.88 GB
 PE Size               32.00 MB
 Total PE              1596
 Alloc PE / Size       636 / 19.88 GB
 Free  PE / Size       960 / 30.00 GB
 VG UUID               0JB6GV-gFJW-onuN-7Xq1-OKim-n5gM-EVPUKB

Have the Logical Volume (within the Volume Group) overtake the remaining free space of the Volume Group:

 lvextend -l +100%FREE /dev/VolGroup00/LogVol00
vgdisplay
--- Volume group ---
 VG Name               VolGroup00
 System ID
 Format                lvm2
 Metadata Areas        2
 Metadata Sequence No  5
 VG Access             read/write
 VG Status             resizable
 MAX LV                0
 Cur LV                2
 Open LV               2
 Max PV                0
 Cur PV                2
 Act PV                2
 VG Size               49.88 GB
 PE Size               32.00 MB
 Total PE              1596
 Alloc PE / Size       1596 / 49.88 GB
  Free  PE / Size       0 / 0 
 VG UUID               0JB6GV-gFJW-onuN-7Xq1-OKim-n5gM-EVPUKB

Trigger online resizing of the live and mounted filesystem so the new disk space can be utilized immediately:

resize2fs -p /dev/mapper/VolGroup00-LogVol00

Now, you can check the disk space using this command

df -h
Filesystem            Size  Used Avail Use% Mounted on
 /dev/mapper/VolGroup00-LogVol00 45G  3.2G   40G   8% /
 /dev/sda1              99M   19M   76M  20% /boot
 tmpfs                1014M     0 1014M   0% /dev/shm

Increase RAM VMware VM

To increase the memory (RAM) assigned to a virtual machine, you need to edit the VM‘s setting to increase the memory while the VM is shutdown. You cannot edit the VM’s memory configuration while the VM is suspended or powered on.

Follow the instructions to add memory to the VM.

Shutdown the VM.

vmware3

Go to the VM menu and select Settings

vmware1

Select Memory on the Hardware tab

vmware2

Adjust the slider or enter the amount of memory to assign to the virtual machine. Click OK

Now you have add additional resource to the VM to also increase performance of your virtual environment.


Advertise here with BSA

---------------------------------------------------------------------
Increase Disk Space And Memory In Linux VMware Virtual Machines

Viewing all 1264 articles
Browse latest View live


Latest Images