Posts

Showing posts from 2010

LDAP SAMBA to Primary Domain Controller - Part 2

Image
------------------------------------------------------------------------------------ Samba config: #vim /etc/samba/smb.conf [global] workgroup = hbn.local netbios name = HBN enable privileges = yes #interfaces = 192.168.1.131 username map = /etc/samba/smbusers server string = samba-ldap-pdc security = user encrypt passwords = Yes admin users = root #min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 #time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 #guest account = root logon script = logon.bat logon drive = logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://127.0.0.1 ldap admin dn = cn=Manager,dc=hbn,dc=local ldap suffix = dc=hbn,dc=local ldap

LDAP SAMBA to Primary Domain Controller - Part 1

Image
LDAP SAMBA to Primary Domain Controller (PDC) ################################################################################################################ Step 1: DNS Service a. Install #cat /etc/hosts     # Do not remove the following line, or various programs     # that require network functionality will fail.     192.168.44.150  server.hbn.local        server     127.0.0.1       localhost.localdomain   localhost     ::1             localhost6.localdomain6 localhost6 #yum install -y bind-chroot #chmod 755 -R /var/named/ #cp /usr/share/doc/bind-*/sample/var/named/named.local /var/named/chroot/var/named/ #cp /usr/share/doc/bind-*/sample/var/named/named.root /var/named/chroot/var/named/ #cp /usr/share/doc/bind-*/sample/var/named/localhost.zone /var/named/chroot/var/named/ #touch /var/named/chroot/etc/named.conf #chkconfig --level 35 named on #service named start b.Configuration: #vim /var/named/chroot/etc/named.conf options {         directory "/var/named

Load Balancing with HAProxy, Full Tutorial

Image
Load Balancing using HaProxy. Writeen by Kendy Hikaru - Nam Habach http://kendyhikaru.blogspot.com Step 1: Basic config: #cat /etc/hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6     localhost6 ##### IP's of HaProxy ##### 192.168.44.130     server.hbn.local     server ##### IP's of Web Servers ##### 192.168.44.131     www1.hbn.local     www1 192.168.44.132     www2.hbn.local     www2 ##### IP's of MySQL DB servers ##### 192.168.44.135     db.hbn.local     db save and quit #scp /etc/hosts www1:/etc/ #scp /etc/hosts www2:/etc/ #scp /etc/hosts db:/etc/ #################################################################################################### Step 2: Configurations On 2 Web Servers: #yum install -y httpd php php-mysql php-gd  #service httpd start #chkconfig --level 35 httpd on web1: #echo " w

LVS - Load Balancing Detaied Tutorial - Step 3: MySql Cluster - DRBD - Web Installation

Image
 Next, we start last config: Mysql Clutering with DRBD #################################################################################################### Step 3: MySQL cluster with Drbd and Heartbeat Now, we have 4GB disks on both servers (db1 adn db2) a.Partition Setup for Cluster Servers on both server: Patition disks # fdisk -l Disk /dev/sda: 21.4 GB, 21474836480 bytes 255 heads, 63 sectors/track, 2610 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes    Device Boot      Start         End      Blocks   Id  System /dev/sda1   *           1          13      104391   83  Linux /dev/sda2              14        2610    20860402+  8e  Linux LVM Disk /dev/sdb: 4294 MB, 4294967296 bytes 255 heads, 63 sectors/track, 522 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Disk /dev/sdb doesn't contain a valid partition table # fdisk /dev/sdb Command (m for help): m Command action a toggle a bootable flag b edit bsd disklabel c toggle the dos

LVS - Load Balancing Detaied Tutorial - Step 2: LVS Configuration

Image
In this step, we will config web server and load balancer server. #################################################################################################### Step 2: LVS Setup configuration on LB1 and LB2 a. On Load Balacer Server Install on Lvs1 and lvs2: # yum install -y piranha On Lvs1: # vim /etc/sysconfig/ha/lvs.cf serial_no = 14 primary = 192.168.44.101 service = lvs rsh_command = ssh backup_active = 1 backup = 192.168.44.102 heartbeat = 1 heartbeat_port = 1050 keepalive = 2 deadtime = 10 network = direct debug_level = NONE monitor_links = 1 virtual server1 { active = 1 address = 192.168.44.130 eth0:1 port = 80 send = "GET / HTTP/1.1\r\n\r\n" expect = "HTTP" load_monitor = uptime scheduler = rr protocol = tcp timeout = 10 reentry = 180 quiesce_server = 0 server www1 { address = 192.168.44.131 active = 1 weight = 1 } server www2 { address = 192.168.44.132 active = 1 weight = 1 } } #scp /etc/sysconfig/h

LVS - Load Balancing Detaied Tutorial - Step 1: Basic Configuration

Image
LVS - Load Balancing Detaied Tutorial Linux Load Balancer  using Piranha,Pulse,IPVsadm and Highly Available MySQL using DRBD & HearTBeat. Source: http://www.Wbitt.com Demo: http://www.hbn.local 6 Nodes Load Balancer Two nodes for LVS (Piranha Pulse nannay Ipvsadm) as Load balancer Two nodes for Web servers can be multiple upto your requirement. Two nodes for mysql database server using Drbd & heartbeat for highly avaliable mysql database. Step 1: Basic configurations a. Hosts file #cat /etc/hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6     localhost6 ##### IP's of Load Balancers ##### 192.168.44.101     lvs1.hbn.local     lvs1 192.168.44.102     lvs2.hbn.local     lvs2 ##### IP's of Web Servers ##### 192.168.44.131     www1.hbn.local     www1 192.168.44.132     www2.hbn.local     www2 ##### IP's of My

SSLstrip - Google SSLstrip Demo

Image
The first, i recommnet: "I can`t hack SSL". Note, SSL is protocol used to exchange security data, base on PKI. In this example, attacker use sslstrip, is the man in the middle, attacker is proxy, will replace all https link by http. You can see more at: http://securitytube.net/Defeating-SSL-using-SSLStrip-%28Marlinspike-Blackhat%29-video.aspx or: https://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike Nothing is security :)). So, if you type https, instead of click to link, you can prevent is. But follow me, note to certificate, if untrust, not connect. It is mistakes. Demo use SSLstrip, ettercap Link:  http://www.mediafire.com/?j6laxbcceructc0 <p><br><br><br>orr</p> ------------------------------------------------------------ Thanks for reading ------------------------------------------------------------

Samba - Domain Controller

Image
So easy to create master domain controller with Samba, many errors :)). But i like it than AD of M$. Because it is quickly, and i need only authenticate for my domain. Lesson 3:Samba to PDC Edit smb.conf workgroup =    SMBDOMAIN server string = PC1 domain controller local master = yes os level = 64 domain master = yes preferred master = yes domain logons = yes win support = yes uncommnet [netlogon] [Profiles] [tmp] groupadd lanmachines useradd -M -s /sbin/nologin -g lanmachines winxp$ useradd -M -s /sbin/nologin -g lanmachines wintendo$ smbpasswd -am winxp smbpasswd -am wintendo smbpasswd -a root tail /etc/samba/smbpasswd join domain normal note: use WORKGROUP = workgroup ( in samba config file), not domain. Lab: http://www.mediafire.com/?ow47sz7l2femcm0 or: ------------------------------------------------------------ Thanks for reading -------------------------------------------------------------------------- All my Lab: Linux

Samba - Basic

Many people ask me about samba. This my note about samba: Install: yum install -y samba-* Note: don`t disable cups service Lesson 1: SMB Client Connect to Win smbclinet -L winxp -U administrator smbclient //winxp/install -U admnistrator smb: \>; (smb mod) ls ? to help mkdir /media/smb smbmount //winxp/install /media/smb -o username=administrator or: # mount -t cifs //IP/share_name -o username= mount (to list) leave /media/smb directory umount /media/smb Lesson 2: workgroup = SMBDOMAIN server string = PC1 domain controller hosts allow = 192.168.1. 192.168.2. 127. security = user wins support = yes [demoproject] commnet = share path = /data/demoproject valid users = @webproject kamran public = no write list = @webproject kamran root create mask = 0660 directort mask = 0770 Video:  Part1: http://www.mediafire.com/?wn82jiz2qi8j95c Part2: http://www.mediafire.com/?4oke4vgb3j57sf4 ------------------------------------------------------------

ARP Poisoning - DNS Spoofing

Image
I used ettercap to perform this attack. In theory, it arp poisoning victim machine ( use dynamic map), said victime that " DNS Server has MAC address is xxxxxx". Of course, all DNS request will be going to Attacker Machine. You must distinguish between ARP Poisoning - DNS Spoofing with DNS Poison. Above, DNS Spoofing id a part of ARP Poisoning ( a plugin of ettercap), it perform ARP Posoning, then, Man in the Middle ( Attacker is DNS agent). But, DNS Poisong is we attack DNS Server ( not AiRP Poisonging), it can be DNS Server bug, cache posion, sub-domain poisoning. Victim is XP SP2, use dynamic MAC to update MAC table, Attacker is Backtrack, use ettercap to poison. You can use cain&abel, similar to do. Video i made :) Exe file: http://www.mediafire.com/?xp6cp5217d28kab Avi file - too big: http://www.mediafire.com/?r6p47gtj8d4n8oo Youtube: ------------------------------------------------------------ Thanks for reading ------------------------------------------

Session Hijacking - Demo

Thanks for Mr. Thịnh of my team :)). This demo of session hijacking - man in the middle, We will steal session of facebook, and spoof it :)). The most importation is this tool, so easy to perform attack. :)). Demo: And this MF link: http://www.mediafire.com/?i3hij88dwne1j73 ------------------------------------------------------------ Thanks for reading -------------------------------------------------------------------------- All my Lab: Linux Lab -- window and Cisco Lab to be continued - I will update more.

Buffer Overflow

Note lại bài Buffer Overflow Note lại bài. EIP: Thanh ghi con trỏ lệnh hiện hành., có người hiểu là lệnh tiếp theo, chuẩn bị được thực hiện. ESP: Thanh ghi luôn trỏ đến đỉnh hiện thời ngăn xếp EBP: Con trỏ cơ sở, nó sẽ là chuẩn để truy cập trong bộ nhớ. Stack có địa chỉ phát từ trên cao xuống thấp. Quá trình gọi hàm sẽ là: Push các tham số ( đối số) của hàm vào stack. Push EIP, đây là địa chỉ chương trình trả về sau khi thực hiện xong CT Push giá trị EBP cũ ( của chương trình trước) vào stack Push tiếp các biễn cục bộ. Giá trị stack từ cao xuống thấp. Giả sử trong CT có biến có độ dài 40 bytes, tuy nhiên ta nhập vào 1 dữ liệu lớn hơn 40 byte, phần dư sẽ được ghi đè lên 2 thanh ghi là EBP và EIP. Vấn đề là EIP sẽ chứa lệnh của chương trình trả về. Từ đó, attacker sẽ tìm cách nạp địa chỉ của đoạn code exploit vào EIP. Khi đó, CT sẽ chuyển hướng, thực thi đoạn code CT exploit. ------------------------------------------------------------ Thanks for reading ----------------

Changing Partition - Create Custom Layout

Why you need change partitions in install CentOS process ( and Fedora), may be, called was "Create Custom Layout". Because in many case, you should create one partition for /home. Example: You setup web server, every user use home folder to store there data, so /home folder is too big in one partition. And you should do that to easy to back-up, or use RAID. Then, you can modify size of swap partiton. You can setup /var to other partition if necssary, it store lib files. It it demo i change partition in install CentOS process: http://www.mediafire.com/?a11k7m2i1enh4ef ------------------------------------------------------------ Thanks for reading -------------------------------------------------------------------------- All my Lab: Linux Lab -- window and Cisco Lab to be continued - I will update more.

Samba - LDAP Building PDC - Primary Domain Controller

Image
Nice tut for week-end. Long time to re-train Linux :)). So i start to built one PDC. 2 hour for first-time, hix It is easiest way to buil PDC. thanks Start: Disable FireWall, SeLinux yum install -y vim-ehanced edit hosts file     vim /etc/hosts         # Do not remove the following line, or various programs         # that require network functionality will fail.         192.168.19.101  pdc.hbn.local pdc         127.0.0.1       localhost.localdomain localhost         ::1             localhost6.localdomain6 localhost6         vim /etc/sysconfig/network         NETWORKING=yes         NETWORKING_IPV6=no         HOSTNAME=pdc.hbn.local         GATEWAY=192.168.19.2 install bind ( note you must add pdc.hbn.local to 192.168.19.101)         previous entry install ldap     yum -y install openldap-servers openldap-clients     generate ldap password admin     slappasswd -s nam123 -h {MD5}         {MD5}VOGTJ3IVySVwvJZZvUj/QA== edit config     vim /etc/openldap/slapd.co

Access Control

Note for first Module. Try on. Ganbatte Kudasai. Hikaru is light. I am Hikaru. And Hikaru use Kent. Kendy mean is candy, but this case, it is katana. First! A.    Access Control and Methodology Access Control Basic:     Access Control:         Bảo vệ khỏi những truy cập trái phép (unauthorize access)         Two entities:         Subject: active request access to object, like user, computer...         Object: passive    contain data and information, such as computer, data, file...         Security Principle: CIA: Confidentiality - Integrity - Availablity         3 steps: Indentification, Authentication, Authorization        -> resource         Logical Access: tools for IAAA ( 3 steps + acountablity)         2 steps Authenication: use public infor, like username, user number, and enter private info, such as password, PIN         Strong Authentication: two factor authentication         Indentification compoments: unique, naming schema, nondescriptive user, not share.   

PHP - Simple CMS

Coding. It is process, a work, in my feeling, very hard. But i regard porgramming as lego-games. Use many piece to bulit one program. Last week-end, i try to build CMS using Ajax. It is very simple.: Back-end:  http://www.jetlovely.com/cms/   Front-end: http://www.jetlovely.com/cms/index.php?page=admin One object is cms, it is center of this CMS. It  received request, respone, create html, load template.... I use html text in ajax response, like simple another web, because, i don`t remember using JSON and XML :)). And it is hardly to web server ( many webserver doesn`t support XML response). HTML is simple. I learned many attention: don`t use header command to change header ( again, web server doesn`t support). I used echo and javascript to redirect page. Next, don`t use session_is_registered(0, it can be duplecated. I use $_SESSION['name'] = $value to replace it. Create function if you use more than 2 times, and if it don`t use sql to query, it should out of main objec