assuming the Network you want to add a DHCP server to is the
192.168.1.0/24 network
your router IP Address is 192.168.1.1
Your ISP's DNS servers IP Address is 194.158.2.2
the leases that you want to give out are 192.168.1.128 to 192.168.1.254
first install the DHCP server software.
yum install dhcp.i386
once installed
edit /etc/dhcpd.conf (if it doesn't exist create it)
vi /etc/dhcpd.conf
add in the following lines
ddns-update-style interim;
ignore client-updates;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.128 192.168.1.254;
default-lease-time 21600;
max-lease-time 43200;
option routers 192.168.1.1;
option ip-forwarding off;
option domain-name-servers 194.158.2.2;
option broadcast-address 192.168.1.255;
option subnet-mask 255.255.255.0;
save the file :wq
next, configure the dhcpd service to start at start up
chkconfig dhcpd on
to make sure it is running either reboot or type
/etc/init.d/dhcpd start
that's it , your done. Your DHCP server will give out IP addresses to any clients that connect to your network.
there are many other options that you can add to your DHCP server, like reserving an IP address for a specific mac-address etc
to see all of these option just check out the man pages of dhcpd
type
man dhcpd
Friday, November 6, 2009
Thursday, November 5, 2009
Source .bashrc when you connect over SSH
If your .bashrc file is not being sourced when you connect to your system over SSH and it only gets sourced when you open up a terminal locally on the system.
you may need to add the following to your etc/profile file
if [ -e ~/.bashrc ]; then
. ~/.bashrc
fi
you may need to add the following to your etc/profile file
if [ -e ~/.bashrc ]; then
. ~/.bashrc
fi
Tuesday, November 3, 2009
VMWare boot from CD
VMWare can be very frustrating when you try and boot a VM from a CD .
The VM’s BIOS is set to boot from disk first, so you need to change the boot device order. The problem is that the boot process is so fast that you never have enough time to hit the F2 key and enter the bios setup to change the boot order of your VM.
A solution to the problem is to edit the .vmx file in your VM's directory and simply add the following line.
bios.bootDelay = “boot delay in milliseconds”
for example if you want to give yourself 20 seconds add the following line
bios.bootDelay = “20000”
save the file and then restart your Virtual machine.
You will now have enough time to enter into the VM's console and hit the F2 key so that you can edit the boot order in the Bios.
Wednesday, October 28, 2009
Right Click Open Terminal in current folder
nautilus-open-terminal runs on Gnome Windows manager and it allows you to right click in your file manager
and open up your terminal in the current folder. Clearly a very useful tool.
It used to be installed as a default application in many distributions but for some reason it was left out of Fedora 11
To add it back in simply type
sudo yum install nautilus-open-terminal
If it somehow got left out of your Ubuntu installation, then type
sudo apt-get install nautilus-open-terminal
You will need to restart your Gnome session to activate it.
Friday, October 23, 2009
How to Install Google Chrome on Ubuntu
edit the /etc/apt/sources.list file
sudo vim /etc/apt/sources.list
Add one of the following
For ubuntu 9.10 (armic) add the following two lines
deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu karmic main
deb-src http://ppa.launchpad.net/chromium-daily/ppa/ubuntu karmic main
For ubuntu 9.04 (Jaunty) add the following two lines
deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu jaunty main
deb-src http://ppa.launchpad.net/chromium-daily/ppa/ubuntu jaunty mainFor ubuntu 8.10 (Intrepid) add the following two lines
deb http://ppa.launchpad.net/chromium-daily/ppa/ubuntu intrepid main
deb-src http://ppa.launchpad.net/chromium-daily/ppa/ubuntu intrepid mainSave the file
Next add the GPG key by typing:
sudo apt-key adv
--recv-keys--keyserver keyserver.ubuntu.com 0xfbef0d696de1c72ba5a835fe5a9bf3bb4e5e17b5Update the source list. by typing
sudo apt-get update
Install chromium by typing
sudo apt-get install chromium-browser
Done
Monday, October 19, 2009
Clone a hard Drive
Good, easy way to clone a hard drive.
dd which is used for converting and copying files, can be used as a powerful and simple image cloning application.
dd if=/dev/hda of=/dev/hdb
done
if you want to see your progress
then type in another terminal
kill -SIGUSR1 xxxx
were xxxx is the process ID of the running dd process
and the progress will report on the original terminal that you started your cloning operation on.
Wednesday, October 14, 2009
share a single mouse and keyboard accross multiple computers
Here's the scenario.you have 3 PC's on your Desk. One running Linux , One running MAC OS and the other running Windows XP.
all 3 with their own Monitor .
wouldn't it be cool, to be able to use the same Mouse and keyboard for all 3 PC's. and to be able to copy and paste, Text, Images and HTML content between the PC's.
No Problem, (drum roll...) ... in steps Synergy.
Synergy lets you share a single mouse and keyboard between multiple computers with different operating systems, each with its own display.
Redirecting the mouse and keyboard is as simple as moving the mouse off the edge of your screen. Synergy also merges the clipboards of all the systems into one, allowing you to cut-and-paste between systems. it also synchronizes screen savers so they all start and stop together.
Synergy uses TCPIP to communicate mouse position and keyboard keystrokes between the PC's. So all you need for Synergy to work is to have your PC's connected to the same network. (No additional hard ware is required)
you can download synergy from http://synergy2.sourceforge.net/
Tuesday, October 6, 2009
Shutdown a Windows Machine from your Linux Machine
Ever need to reboot or shutdown a Windows machine on your network, from your Linux workstation.
No problem.
apt-get install samba-common package
or
yum install samba-common package
net rpc shutdown -I ipAddressOfWindowsPC -U username%password
or
yum install samba-common package
net rpc shutdown -I ipAddressOfWindowsPC -U username%password
This will issue a shutdown command to the Windows machine. username must be an administrator on the Windows machine.
Other commands are:
net rpc shutdown -r : reboot the Windows machine
net rpc abortshutdown : abort shutdown of the Windows machine
Type:
net rpc
to show all commands
Monday, September 28, 2009
How to get a complete list of packages that are installed on your system
dpkg --get-selections
will show you a complete list of packages installed on your Ubuntu system
and
rpm -qa
will give you the complete list on a Fedora / Redhat /CentOS system
since these lists are long its a good idea to pipe them to less
dpkg --get-selections | less
and
rpm -qa | less
will show you a complete list of packages installed on your Ubuntu system
and
rpm -qa
will give you the complete list on a Fedora / Redhat /CentOS system
since these lists are long its a good idea to pipe them to less
dpkg --get-selections | less
and
rpm -qa | less
Saturday, September 26, 2009
Friday, September 25, 2009
Argument list too long
Today I was limited by rm
I needed to clean up a folder by deleting previous years (2008) log files which amounted to a few thousand files
rm logs-2008*
returned me the error
/bin/rm:Argument too long
The reason for this error is a limitation of your running kernel and will limit you to other commands as well. Like mv and cp, if the amount of files you want to act on is larger than the set limitation.
a work around is to pipe the matching files to rm one at a time.
To do this, issue the following command
find -name 'log2008*' | xargs rm (substitute 'log2008*' for your search string)
If the files you are trying to remove have spaces in them, then you need to use the following command
find -name 'log2008*' | -print0 | xargs -0 rm
I needed to clean up a folder by deleting previous years (2008) log files which amounted to a few thousand files
rm logs-2008*
returned me the error
/bin/rm:Argument too long
The reason for this error is a limitation of your running kernel and will limit you to other commands as well. Like mv and cp, if the amount of files you want to act on is larger than the set limitation.
a work around is to pipe the matching files to rm one at a time.
To do this, issue the following command
find -name 'log2008*' | xargs rm (substitute 'log2008*' for your search string)
If the files you are trying to remove have spaces in them, then you need to use the following command
find -name 'log2008*' | -print0 | xargs -0 rm
Thursday, September 24, 2009
Static Routes
To add a static route to say the 10.10.1.0/24 network from your machine through your gateway router who's IP is 192.168.1.1
route add -net 10.10.1.0 netmask 255.255.255.0 gw 192.168.1.1 dev eth0
will add the route to your kernel and it will be available immediately. However this will not survive a reboot.
To make this persistent after a reboot you need to input the route into a configuration file
on Ubuntu edit
/etc/network/interfaces
and Red hat / Centos / Fedora
edit /etc/sysconfig/network-scripts/route-eth0
if the route-eth0 file file does not exist (it probably won't) then create it
and add the following
10.10.1.0/24 via 192.168.1.1
save the file and then restart networking to read in the new route
/etc/init.d/networking restart
route add -net 10.10.1.0 netmask 255.255.255.0 gw 192.168.1.1 dev eth0
will add the route to your kernel and it will be available immediately. However this will not survive a reboot.
To make this persistent after a reboot you need to input the route into a configuration file
on Ubuntu edit
/etc/network/interfaces
and Red hat / Centos / Fedora
edit /etc/sysconfig/network-scripts/route-eth0
if the route-eth0 file file does not exist (it probably won't) then create it
and add the following
10.10.1.0/24 via 192.168.1.1
save the file and then restart networking to read in the new route
/etc/init.d/networking restart
Wednesday, July 8, 2009
How to install Google Chrome on Fedora
vi /etc/yum.repos.d/chromium.repo
paste the following into the file
[chromium]
name=Chromium Test Packages
baseurl=http://spot.fedorapeople.org/chromium/F$releasever/
enabled=1
gpgcheck=0
:wq to save
then yum install chromium
voila
Friday, May 15, 2009
Dreambox HD
Every once in a while something comes along that really impresses me, my Blackberry was one of them, Virtual Machines another, my WD 1 Terabyte Mybook and now dream box HD has just been added to that list.
The dream box is a Linux based set-top box with a MIPS processor, a Satellite card , gigabit Ethernet card, USB slot digital audio out and DVI / HDMI out .(dependiing on the model you buy)
connected to a motorized satellite dish, you can receive thousands of Satellite channels available under the Sky, as you can imagine , there is no shortage of choice of channels,
The HD channels I must say are awesome to watch, and by installing an internal 500GB Sata drive, you can pause live television, and record 77 hours of HD television in HD.
Were the Dream box comes into its own, is the pluggins that are available for it, and the fact that it is a Linux O.S connected to your home network and the Internet, means that it easily serves as a HD media center for all of your Multimedia content. and the possibilities are endless. My current setup allows me to stream television to every PC or Laptop in my house, I can change channels from the web interface available to every PC laptop in my house, my dream box also accesses my WD 1 terabyte Mybook drive were all my HD home video is stored, as well as all my digital pictures, which I can now enjoy in the comfort of my lounge in full HD and in 5.1 surround sound. My MP3 collection is now served up to my HiFi set and my Media tomb UPnP stream is also accessible via the Dreambox. I can access my dreambox from a blackberry, veiw the program guide and setup a recording from a Blackberry or any 3G phone.
the dream box has been the missing link that I've been waiting for that has made complete media convergence for the home in HD now easy to achieve.
the dreambox 8000 HD can take up to 4 tuners , which means you can record 3 different channels at the same time whilst watching a 4th, provided they are all on the same Satellite.
Now to find the time to do anything Else.
Wednesday, April 1, 2009
using NMAP to Scan your entire network for Conficker
Since a signature has been discovered that conficker worm leaves
on infected machines, you can now scan a machine and ask it ,if it is infected with the conficker worm,
beta5 version of NMAP provides this ability.
follow these quick steps to scan entire networks and give them a clean
bill of health from the conficker worm.
to download and install Nmap beta 5 do the following:
on infected machines, you can now scan a machine and ask it ,if it is infected with the conficker worm,
beta5 version of NMAP provides this ability.
follow these quick steps to scan entire networks and give them a clean
bill of health from the conficker worm.
to download and install Nmap beta 5 do the following:
wget http://download.insecure.org/nmap-dist/nmap-4.85BETA5.tar.bz2
bzip2 -cd nmap-4.85BETA5.tar.bz2 | tar xvf -
cd nmap-4.85BETA5
./configure
make
su root
make install
to Scan for conficker type the following
nmap -PN T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [target network]
eg:
nmap -PN T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 192.168.1.0/24
bzip2 -cd nmap-4.85BETA5.tar.bz2 | tar xvf -
cd nmap-4.85BETA5
./configure
make
su root
make install
to Scan for conficker type the following
nmap -PN T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 [target network]
eg:
nmap -PN T4 -p139,445 -n -v --script=smb-check-vulns --script-args safe=1 192.168.1.0/24
the scan will take a while depending on the size of your network.
Tuesday, March 31, 2009
saving a file in VI as root
It often happens that you open up a file for editing using vi or vim and only when you come to save the file, you realise you did not open the file with root privileges and are unable to save the file.
when you type :wq!
you get E212: Can't open file for writing.
If that happens to you , simply type
:w !sudo tee %
you will be asked for your sudo password
enter your password and
press enter when asked
(
it to be reloaded.)
when you type :wq!
you get E212: Can't open file for writing.
If that happens to you , simply type
:w !sudo tee %
you will be asked for your sudo password
enter your password and
press enter when asked
(
it to be reloaded.)
As a shortcut, you can define your own command.
Put the following in your /etc/vimrc
command W w !sudo tee % > /dev/null
and then in future simply type
:W
Friday, March 27, 2009
How to Stop yum from updating your Kernel
On a Server and also on your own machine, kernel Upgrades can break already installed 3rd party Applications, since the application would have been compiled for use on a specific kernel, I find this to be particularly a problem with vmware and Virtual box, every time my system upgrades its kernel there are a few packages that i need to recompile to get to work, this is a real pain, and on your server can lead to serious problems. To stop yum from updating your Kernel
You can tell yum to skip kernel updates by adding kernel-* to the 'exclude=' option in /etc/yum.conf. if the exclude option does not exist simply add it, add in a line that says exclude=kernel-*
you can do the same for any package that you do not want to update, for example, I run a patched version of postfix on one of my servers, since ive included a quota patch when I compiled it , I do not want postfix to upgrade to an unpatched version. So to stop that particular server from upgrading postfix I simply added postfix to the 'exclude=' option in /etc/yum.conf
you can add multiple exclude options by simply adding exclude=app_name_to_exclude under one another.
You can tell yum to skip kernel updates by adding kernel-* to the 'exclude=' option in /etc/yum.conf. if the exclude option does not exist simply add it, add in a line that says exclude=kernel-*
you can do the same for any package that you do not want to update, for example, I run a patched version of postfix on one of my servers, since ive included a quota patch when I compiled it , I do not want postfix to upgrade to an unpatched version. So to stop that particular server from upgrading postfix I simply added postfix to the 'exclude=' option in /etc/yum.conf
you can add multiple exclude options by simply adding exclude=app_name_to_exclude under one another.
Tuesday, March 24, 2009
Test smtp server with required authentication
To test your smtp server, to see if it is an open relay or to
test if your authentication works on it. Use telnet to connect
to the server, this allows you to very quickly test different connection
scenarios to the server. this method is very useful if you
want to test how your smtp server behaves from different remote locations,
and all you have is an ssh account into the locations you want to test from.
You can simply ssh into the remote location you want to test from and then
follow these steps
In this example I wanted to test if basic outgoing smtp authentication was working on my server (everything in Bold is what you type everything not in bold is the servers response)
telnet smtp.mailserver.com 25
Trying 195.158.102.65...
Connected to mail.clivesblog.com.
Escape character is '^]'.
220 smtp.mailserver.com.com ESMTP ready
ehlo
250-smtp.mailserver.com ESMTP hello
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5 DIGEST-MD5 GSSAPI
250-AUTH=PLAIN LOGIN CRAM-MD5 DIGEST-MD5 GSSAPI
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-SIZE 10485760
250-STARTTLS
250-HELP
250 OK
auth login
334 VXNlcm5hbWU6
Y2xpdmUuZ2VyYWRhQHJzMi5jb20=
334 UGFzc3dvcmQ6
cnMy
235 Authentication successful
mail from:clive.gerada@clivesblog.com
250 Sender accepted
rcpt to:anybody@anyaddress.com
250 Recipient accepted
data
354 Ready to receive data; remember.
subject: any subject
double space (ie hit the space bar twice)
then enter any text for the body of the email
.
250 Mail queued for delivery
quit
221-smtp.mailserver.com ESMTP is closing connection
221 Good bye
the Y2xpdmUuZ2VyYWRhQHJzMi5jb20=
and cnMy
is my username and password encoded in Basd64 cypher
you have to encode it in base64 for the server to understand it.
you can use the following online tool to encode and decode to and from base64
perl -MMIME::Base64 -e 'print encode_base64("password");'
http://ostermiller.org/calc/encode.html
test if your authentication works on it. Use telnet to connect
to the server, this allows you to very quickly test different connection
scenarios to the server. this method is very useful if you
want to test how your smtp server behaves from different remote locations,
and all you have is an ssh account into the locations you want to test from.
You can simply ssh into the remote location you want to test from and then
follow these steps
In this example I wanted to test if basic outgoing smtp authentication was working on my server (everything in Bold is what you type everything not in bold is the servers response)
telnet smtp.mailserver.com 25
Trying 195.158.102.65...
Connected to mail.clivesblog.com.
Escape character is '^]'.
220 smtp.mailserver.com.com ESMTP ready
ehlo
250-smtp.mailserver.com ESMTP hello
250-PIPELINING
250-AUTH PLAIN LOGIN CRAM-MD5 DIGEST-MD5 GSSAPI
250-AUTH=PLAIN LOGIN CRAM-MD5 DIGEST-MD5 GSSAPI
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250-SIZE 10485760
250-STARTTLS
250-HELP
250 OK
auth login
334 VXNlcm5hbWU6
Y2xpdmUuZ2VyYWRhQHJzMi5jb20=
334 UGFzc3dvcmQ6
cnMy
235 Authentication successful
mail from:clive.gerada@clivesblog.com
250 Sender accepted
rcpt to:anybody@anyaddress.com
250 Recipient accepted
data
354 Ready to receive data; remember
subject: any subject
double space (ie hit the space bar twice)
then enter any text for the body of the email
.
250 Mail queued for delivery
quit
221-smtp.mailserver.com ESMTP is closing connection
221 Good bye
the Y2xpdmUuZ2VyYWRhQHJzMi5jb20=
and cnMy
is my username and password encoded in Basd64 cypher
you have to encode it in base64 for the server to understand it.
you can use the following online tool to encode and decode to and from base64
perl -MMIME::Base64 -e 'print encode_base64("password");'
will encode base64 for you or alternatively you can use an online encoder like
http://ostermiller.org/calc/encode.html
How to Encrypt/decrypt files
If you want to protect files so that they can transverse across cyberspace safely, or you just want to protect them from
prying eyes with a password.
use the gpg command.
gpg -c filename
You will be asked for a pass phrase.
enter your pass phrase.
You will be asked to repeat your pass phrase
a file will be created with the .gpg extention
Caution: if you forget your pass phrase you will not be able to recover your file. the encryption used is that good.
to decrypt the file simply type
gpg filename.gpg
enter your pass phrase when asked.
To do multiple files I usually zip them into one zip file and then encrypt the zip file.
you can do this in one shot by typing the following
zip - file1 file2 file3 file4 file5 | gpg -eat > outfile.zip.asc
Subscribe to:
Comments (Atom)