Useful Linux Links for 2014-08-20 - Below are links that I used used in a given day in helping me with my Linux System Administration.
This afternoon like many others in my Google+ Network we received our Google Domains Invitation from the Google Domains Team.
Though at the time I was happy and very interested in the program, I did notice that the price per domain would cost me an extra $2.00, now then an extra $2.00 may be nothing you say...but my partner and I have well over 20 or so domains. So I think for now we will stick to hover.com.
Here is the notice I received from Google Domains:
So there you have it, the interface when using the system is very simple and easy, but I am trying to find the added benefit to the service. I am very pleased with Hover and they're simple no BS domain name registration but I am not loyal to any domain name registration service. What are your thoughts?
This small list was originally created last week 2014-08-08, but I am barely getting to posting them. For those of you that use fail2ban being able to block an IP is easy, but unblocking can be a different matter if you have never done so before. If you have questions leave a comment.
This weekend if I have time I plan on hacking one of my 2 WeMo's. If you have never heard of a WeMo take a look here, it basically allows you to control your homes electronics by turning them off & on.
Useful Linux Links for 2014-08-08 - Below are links that I used used in a given day in helping me with my Linux System Administration.
Useful Linux Links for 2014-08-07 - Below are links that I used used in a given day in helping me with my Linux System Administration.
Below are the steps I took to troubleshoot my creation of the user: david and how I fixed the in ability to update the .ICEauthority file in /home/david/.ICEauthority
* Be sure you replace all instances with david with your username
Step by Step:
1. Begin by logging into root
2. Locate the home directory of the user that you wish fix. Example: cd /home/david
3. In some instances you may need to create the user directory as I had to. To do so, in the home directory type in mkdir david
4. Once the directory is created type in the following so that we can ensure that the user has ownership of the directory. chown david: david .ICEauthority
5. Logout as root
6. Login as your username
This entry explains how to enable / disable to the graphical user interface (GUI) in CentOS by modifying the inittab file. If you are a hard code command line user disabling the GUI will give the added benefit of save resources, and we LOVE saving resources on our servers.
Begin by opening up the command line and doing the following. (I will assume you know how to open up the command line, but if not it can be found on your gnome, kdm, xdm dock.
Step 1: In the command line type:
Step 2: Now find the line that states:
Step 3:Now simply press i (to insert text, then change the id:5:initdefault: to the following:
Step 4: Once this is complete press the colon, and type wq! (This will commit the change.)
So what is going on here is that we are modifying the inittab file and telling CentOS to default the multiuser user mode. Doing so will now disable the GUI from CentOS, and now present to command line from now on.
As always if you have questions, leave a comment.
This entry explains how to move all content from one directory to another directory with out copying the original directory itself.
Step 1: In this example I will begin by getting a file from the web. In the command prompt type:
Step 2: I will begin the extraction process, since the file is in a tar ball, we need to extract the contents. In the command prompt type:
tar -xf file.tar.gz
Step 3: Finally, we will move the extracted directories contents 'mydir' to the path that we wish the files to be moved to.
mv mydir/* /home/david/mynewdir
I know this is a 101 tip, but it never hurts to reflect on your command line beginnings. If you have questions leave a comment.
This entry explains how to rename files extensions & variables in Linux.
Currently I have a web server running CentOS. Recently I came across a ton of files in various directories with a file extension .html which needed to be renamed to .php. (I configured .htaccess to not be allowed on the server)
Things you will need:
First you will need to do is open up terminal and navigate to the parent directory in which all of your files with the file extensions that you would like to change are located. Once at this location run the code that I have provided for you below. What this will do is find and rename all files with the extension .html to .php regardless of the name of the file. So you will be responsible for modifying my .html and .php to the extensions that suit your change.
Now then, if you would like to specify the path and NOT have to navigate to the path, simply change the /var/www/html/mydir in the line below to the path with the files with the extensions that need to be renamed. Also be sure that you change my .html and .php to the extensions that suit you!
No need to contine below if this completes your needs:
Now that we have all of our file extensions changed from .html to .php in the current directory and subdirectories all we need to do is rename the contents in our index.php formelly index.html. If we we're to view index.php in our browser we would have a bunch of links pointing to .html files, but since we renamed them the links now 404.
Well let's update those links! Open index.php (or whatever your index is) in vi, and enter the following:
This will now update all .html extension to .php that are found inside of the file index.php. Keep in mind that many of you will not have to do this, and your renaming stopped after step one in this entry.
Well, I hope this helped you with the pain staking task of renaming files on your linux machine. Yes, I do know that my instructions can be hard to follow if you are a beginner to the linux system. But when I have time, I promise to create a video that will demonstrate everything that I have explained above.
As always if you have any questions leave a comment, I promise to assist you in any way I can.
Cool, I got mentioned on The Daily Tech News Show with Tom Merritt & Guests yesterday morning. Daily Tech News Show is a audio podcast that scour the web for the most important tech news to share with you.
Video playback below. 1 min 52 sec:
I submitted an article regarding Google releasing source code Tuesday for a Chrome extension called “End to End” that would provide OpenPGP encryption for messages within a browser.
You can read more about the day's show at: DTNS 2249 – BUFFER BATTLES
Just an late update on my progression with my certifications.
Good afternoon everyone, sorry for not positing this sooner I know a few of you were wondering where I am at with my certifications so here's the update.
As your already aware I became Network+ Certified back in January, and now I am Security+ Certified as of this past March. This was an elective certification for me, but I am glad I took it! Some thing's that I took out of it we're preventive measures from a network & server stand point which are invaluable for someone that is in my field.
CompTia Security+ covered some of the following:
1. Intrusion Prevention Systems (IPS)
2. Intrusion Detection Systems (IDS)
3. Kerbos & Radius Servers
6. IPV4 / IPV6 / DNS
7. Man in the Middle Attacks
8. Input Validation
9. LDAP Injections
10. Secure Protocols & more!
I took this exam because I felt that the knowledge I got from it would be invaluable for me as a sys admin level later down the line. With everything being cracked / hacked / spoofed / injected nowadays I would recommend studying and giving the exam a shot. My Network+ knowledge really helped in my success on it, but it is not required.
Security+ Study resources I used:
1. CompTIA Security+ Deluxe Study Guide Recommended Courseware: Exam SY0-301
2. CompTia SY0-301 Security+ Terms & Definitions (excuse my mess)
3. Darril Gibson's - Get Certified and Get Ahead (Must get, has practice tests!)
4. Finally being a self taught student I also used (and continue to use) ITPro.tv - CompTIA Security+ (SY0-301)
My recommendation is if you plan on taking the exam, get familiar on how questions are asked. Sometimes all the questions are right, but there is a better answer among them. Darril Gibson, well train you on this and will give you reasons why your answer is wrong. (Very helpful)
Questions? Leave them below, I am happy to help.
Want to run multiple screen sessions in one terminal window? Well here is how you do it with this nice little unix command.
Keep in mind, that you must be running Linux. I only say this to avoid questions regarding terminal emulators like putty & xshell.
Horizontally Split the Terminal Screen
1. Open Terminal
2. Type Screen
3. Press Enter
4. Then type CTRL & A
5. Then SHIFT S
You will notice that your terminal windows how has 2 screens with 2 separate sessions!
To then tab between the 2 horizontally split terminal window now do the following.
Tab between the 2 screens
1. Press CTRL & A
2. Then Press Tab
This will allow you to tab between the 2 split terminal sessions. Now then if you are on a Debian based system you can extend the horizontally spit screen to vertical by doing the following:
1. Type screen (if you haven't done so)
2. CTRL & A
3. SHIFT & |\
Then to tab between the two follow the tab instructions above. If your a sys admin this can be a handy tool that will enable you to multitask while still administering multiple sessions.
How to exit screen terminal sessions
To exit the terminal screen session simply press exit, this will immediately terminate the screen session and bring you back to the native terminal screen.
If you have any questions or comments leave them below, in the mean time continue learning your Linux options and get get lazy by working smarter, not harder.
Lost Disk Space on Linux Due to Stop Command - Entry explains how I lost my disk space on my Linux CentOS Server by stopping a tar file in process.
AS I usually do, I create backups on my websites periodically on my webserver. I usually create these backups as yyyy-mm-dd-www.tar.gz well let me just say, be sure to check your allocated disk space before you begin a backup on the machine you are on. Or perhaps mnt another device and off load the file to that, then proceed with your back up strategy.
Well here is the issue. As my file was being tar'ed I forgot to check if I had enough disk for the file. Not knowing, I stopped / interrupted the file with a CTRL+C. I then proceeded to check my disk with a $df -ah. I was right! I had utilized 91% of my storage, and only had 4.2 gb's remaining. I proceeded to remove the file with a rm -rf yyyy-mm-dd-www.tar.gz but no reflection of my disk. Still 91% of my storage, and 4.2 gb remaining. Yikes!
The way I solved this was by starting with a few commands.
2. $lsof +L1
3. Find the PID of TAR
4. kill -9 PID
Once I had done this the issue was fixed! lsof is list of open files, and +L1 will select open files that have been unlinked. From there I simply found my tar files process id, then executed the kill command.
Thanks to my bud Jim for the assistance. If you have questions, leave a comment! Sorry for the lack of enthusiasm on this entry. It's my second time typing it up.
Synergy FOSS is now Synergy Project.
Hi there, it's been a while. I received an email from Nick at Synergy-Foss letting webmasters know that they have a new domain name Synergy-Project.org He continues saying the reason is because nobody knows what FOSS is. (Free Open Source Software) He is asking that everyone updates they're links to synergy-project.org.
I have been using synergy for over 3 years now, and I'm a proud premium member who is happy to give back to the project. I mean, how cool is it to be on my CentOS machine, controlling a Mac, and Windows Machine that are on different hardware? Well that is the whole point of the Synergy Project.
Head over to Synergy and download it, and consider donating if you have the means.
I received this email this morning at 7:36 AM (1 hour ago). I wonder why the discontinued the service?
We are writing to you to notify you that we will be shutting down the Ubuntu One file services, effective +1 June 2014. This email gives information about the closure and what you should expect during the shutdown process.
As of +today, it will no longer be possible to purchase storage or music from the Ubuntu One store. The Ubuntu One file services apps in the Ubuntu, Google, and Apple stores will be updated appropriately.
As always, your content belongs to you. You can simply download your files onto your PC or an external hard drive. While the service will stop as of 1 June, you will have an additional two months (until 31 July 2014) to collect all of your content. After that date, all remaining content will be deleted.
If you have an active annual subscription, the unused portion of your fees will be refunded. The refund amount will be calculated from today's announcement.
We know you have come to rely on Ubuntu One, and we apologise for the inconvenience this closure may cause. We've always been inspired by the support, feedback and enthusiasm of our users and want to thank you for the support you've shown for Ubuntu One. We hope that you'll continue to support us as together we bring a revolutionary experience to new devices.
The Ubuntu One team
Got my first call today from these guys from a San Antonio number. They state that if you allow them to place a sign on your lawn they will give you a free alarm system, and free installation.
Legit? I think not, listen below.
" Re 15 seconds your local police recommend you protect your home. If you are allow us to place a small sign in your yard. We will install a new security system at absolutely no cost to you whatsoever. There is no cost for the system or the installation whatsoever to hear more press one now to be placed on our do not call list, press 9."
Obviously, if you receive this call DO NOT press 1 to be placed on the do not call list. This will only lead to the acknowledgement that you are listening on the other line and it may trigger more calls.
This entry will show you how to change your default port on Windows Remote Desktop (RDP-TCP).
Changing the default port to Windows Remote Desktop Protocol has a security advantage. Well for one it's not using it's native port of 3389. So changing it adds an extra (not much) layer of security.
What you will need:
1. Access to your Router to Port Forward
2. Allow Remote Assistance
2. Administrative Access to Firewall
3. Administrative Access to Registry
It would be my recommendation that you create a system restore point before making changes to the registry as I am about to show you. Have you created the restore point? have you already port forwarded the port you would like in your router? I will assume you have.
Let's Allows Remote Desktop on Windows:
1. Go to the Windows Start Button
2. Right click on Computer
3. Go to properties
4. Click on Advanced System Settings
5. Go to the Remote Tab
6. Check mark Allow Remote Assistance connections to this computer
7. Now check mark Allow connections from computers running any version of Remote Desktop (less secure) Please feel free to toggle to Advanced settings and Users list if you wish.
Let's change the Default Windows Remote Desktop Port:
1. Go to the start button
2. In the Search box type in regedit.exe
3. In the registry editor go to: HKEY_LOPCAL_MACHINE
4. Now open the SYSTEM folder
5. Now open the CurrentControlSet
6. Open Control
7. Find the folder called Terminal Server
8. Now open the WinStations directory
9. Finally (last directory) open the RDP-Tcp folder
10. Inside this directory look for the REG_DWORD named PortNumber
11. Right click PortNumber
12. Choose Modify
13. Now select Decimal
14. Here you can change the port number to whatever you like. Instead of 3389 you can make it 333889. (That's a little obscure)
15. Once you have chosen a number click ok.
16. Now go back to the Windows Start Button.
17. Go to the Search Programs and Files field and enter. Windows Firewall with Advanced Security.
Here you will need to allow the port through your firewall. Click on Inbound Rules and then click on New Rule.
Select Port > TCP > Specific local ports: 33389 > Allow the connection > Select Domain / Private / Public based on your preference > Now name and describe your open port. (I would recommend that you do.
Then hit finish, and restart your computer. That should do it!
Let's test on another machine
On another machine Open Remote Desktop Connection and go to something like this:
you.host.com:333389 or 192.168.1.3:33389
To connect you will need the username and password to the respected machine.
Questions? Ask away.
Just a follow up on my Network+ Certification.
Hi there, as you may already know by the title I am now CompTIA Network+ Certified. Hooray! I can honestly say that this was not an easy exam for me since my background is in web development / programming. I had about 7 network simulations and 73 various network+ questions.
Now before you pass judgement let me explain my background in computer networking. Well first off, it consisted of a SOHO with a WAN connection to a router connected to X amount of LAN connections. The router/wap also included XX amount of devices, all that required a WPA2 Enterprise authentication. Since then I have identified every device on the network and have assigned the most important ones a static/reserved local IP address.
I have done so much work to my internal network such as creating limitations on signal strength, DMZ addressing for my web server, MAC address filtering for my devices, and setting up an IDS and IPS.
BTW: I just want to let you know that I do work full time at a well known company in here in San Antonio. My job requires me to manage certain situations on the network. BUT, can I create experimental situations on a job's network? The answer is NO
The best place to do this was in my SOHO.
Download a Network+ Cheat Sheet