Posts

Showing posts from 2010

LDAP SAMBA to Primary Domain Controller - Part 2

Image
------------------------------------------------------------------------------------

Samba config:
#vim /etc/samba/smb.conf

[global]
workgroup = hbn.local
netbios name = HBN
enable privileges = yes
#interfaces = 192.168.1.131
username map = /etc/samba/smbusers

server string = samba-ldap-pdc
security = user
encrypt passwords = Yes
admin users = root
#min passwd length = 3
obey pam restrictions = No

ldap passwd sync = Yes

log level = 0
syslog = 0
log file = /var/log/samba/log.%m
max log size = 100000
#time server = Yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
mangling method = hash2
Dos charset = 850
Unix charset = ISO8859-1

#guest account = root

logon script = logon.bat
logon drive =
logon home =
logon path =

domain logons = Yes
os level = 65
preferred master = Yes
domain master = Yes
wins support = Yes

passdb backend = ldapsam:ldap://127.0.0.1

ldap admin dn = cn=Manager,dc=hbn,dc=local

ldap suffix = dc=hbn,dc=local
ldap group suffix = ou=Groups
ldap user suffix = ou=…

LDAP SAMBA to Primary Domain Controller - Part 1

Image
LDAP SAMBA to Primary Domain Controller (PDC)

################################################################################################################
Step 1: DNS Service
a. Install
#cat /etc/hosts
    # Do not remove the following line, or various programs
    # that require network functionality will fail.
    192.168.44.150  server.hbn.local        server
    127.0.0.1       localhost.localdomain   localhost
    ::1             localhost6.localdomain6 localhost6
#yum install -y bind-chroot
#chmod 755 -R /var/named/
#cp /usr/share/doc/bind-*/sample/var/named/named.local /var/named/chroot/var/named/
#cp /usr/share/doc/bind-*/sample/var/named/named.root /var/named/chroot/var/named/
#cp /usr/share/doc/bind-*/sample/var/named/localhost.zone /var/named/chroot/var/named/
#touch /var/named/chroot/etc/named.conf
#chkconfig --level 35 named on
#service named start

b.Configuration:
#vim /var/named/chroot/etc/named.conf
options {
        directory "/var/named";

        forwa…

Load Balancing with HAProxy, Full Tutorial

Image
Load Balancing using HaProxy.

Writeen by Kendy Hikaru - Nam Habach
http://kendyhikaru.blogspot.com


Step 1: Basic config:
#cat /etc/hosts

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6     localhost6

##### IP's of HaProxy #####
192.168.44.130     server.hbn.local     server

##### IP's of Web Servers #####
192.168.44.131     www1.hbn.local     www1
192.168.44.132     www2.hbn.local     www2

##### IP's of MySQL DB servers #####
192.168.44.135     db.hbn.local     db

save and quit

#scp /etc/hosts www1:/etc/
#scp /etc/hosts www2:/etc/
#scp /etc/hosts db:/etc/
####################################################################################################
Step 2: Configurations

On 2 Web Servers:
#yum install -y httpd php php-mysql php-gd 
#service httpd start
#chkconfig --level 35 httpd on
web1:

#echo "
www1.demo.com " > /var/www/html/i…

LVS - Load Balancing Detaied Tutorial - Step 3: MySql Cluster - DRBD - Web Installation

Image
Next, we start last config: Mysql Clutering with DRBD
####################################################################################################
Step 3: MySQL cluster with Drbd and Heartbeat
Now, we have 4GB disks on both servers (db1 adn db2)
a.Partition Setup for Cluster Servers on both server:

Patition disks

# fdisk -l

Disk /dev/sda: 21.4 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          13      104391   83  Linux
/dev/sda2              14        2610    20860402+  8e  Linux LVM

Disk /dev/sdb: 4294 MB, 4294967296 bytes
255 heads, 63 sectors/track, 522 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Disk /dev/sdb doesn't contain a valid partition table


# fdisk /dev/sdb
Command (m for help): m
Command action
a toggle a bootable flag
b edit bsd disklabel
c toggle the dos compatibility flag
d delete …

LVS - Load Balancing Detaied Tutorial - Step 2: LVS Configuration

Image
In this step, we will config web server and load balancer server.


####################################################################################################
Step 2: LVS Setup configuration on LB1 and LB2

a. On Load Balacer Server
Install on Lvs1 and lvs2:
# yum install -y piranha

On Lvs1:
# vim /etc/sysconfig/ha/lvs.cf

serial_no = 14
primary = 192.168.44.101
service = lvs
rsh_command = ssh
backup_active = 1
backup = 192.168.44.102
heartbeat = 1
heartbeat_port = 1050
keepalive = 2
deadtime = 10
network = direct
debug_level = NONE
monitor_links = 1
virtual server1 {
active = 1
address = 192.168.44.130 eth0:1
port = 80
send = "GET / HTTP/1.1\r\n\r\n"
expect = "HTTP"
load_monitor = uptime
scheduler = rr
protocol = tcp
timeout = 10
reentry = 180
quiesce_server = 0
server www1 {
address = 192.168.44.131
active = 1
weight = 1
}
server www2 {
address = 192.168.44.132
active = 1
weight = 1
}
}
#scp /etc/sysconfig/ha/lvs.cf lvs2:/etc/sysconfig/ha/

#vim /etc/sysc…

LVS - Load Balancing Detaied Tutorial - Step 1: Basic Configuration

Image
LVS - Load Balancing Detaied Tutorial
Linux Load Balancer  using Piranha,Pulse,IPVsadm and Highly Available MySQL using DRBD & HearTBeat.
Source: http://www.Wbitt.com
Demo: http://www.hbn.local

6 Nodes Load Balancer

Two nodes for LVS (Piranha Pulse nannay Ipvsadm) as Load balancer
Two nodes for Web servers can be multiple upto your requirement.
Two nodes for mysql database server using Drbd & heartbeat for highly avaliable mysql database.

Step 1: Basic configurations

a. Hosts file
#cat /etc/hosts

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6     localhost6

##### IP's of Load Balancers #####
192.168.44.101     lvs1.hbn.local     lvs1
192.168.44.102     lvs2.hbn.local     lvs2

##### IP's of Web Servers #####
192.168.44.131     www1.hbn.local     www1
192.168.44.132     www2.hbn.local     www2

##### IP's of MySQL DB servers #####
192.168.44.…

SSLstrip - Google SSLstrip Demo

Image
The first, i recommnet: "I can`t hack SSL". Note, SSL is protocol used to exchange security data, base on PKI. In this example, attacker use sslstrip, is the man in the middle, attacker is proxy, will replace all https link by http. You can see more at: http://securitytube.net/Defeating-SSL-using-SSLStrip-%28Marlinspike-Blackhat%29-video.aspx
or: https://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike
Nothing is security :)).
So, if you type https, instead of click to link, you can prevent is. But follow me, note to certificate, if untrust, not connect. It is mistakes.
Demo use SSLstrip, ettercap
Link: http://www.mediafire.com/?j6laxbcceructc0


<p><br><br><br>orr</p>

------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
Al…

Samba - Domain Controller

Image
So easy to create master domain controller with Samba, many errors :)). But i like it than AD of M$. Because it is quickly, and i need only authenticate for my domain.
Lesson 3:Samba to PDC
Edit smb.conf

workgroup =    SMBDOMAIN

server string = PC1 domain controller

local master = yes

os level = 64

domain master = yes

preferred master = yes

domain logons = yes

win support = yes

uncommnet
[netlogon]
[Profiles]
[tmp]

groupadd lanmachines
useradd -M -s /sbin/nologin -g lanmachines winxp$
useradd -M -s /sbin/nologin -g lanmachines wintendo$

smbpasswd -am winxp
smbpasswd -am wintendo

smbpasswd -a root
tail /etc/samba/smbpasswd

join domain normal
note: use WORKGROUP = workgroup ( in samba config file), not domain.

Lab: http://www.mediafire.com/?ow47sz7l2femcm0
or:


------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window …

Samba - Basic

Many people ask me about samba. This my note about samba:
Install:
yum install -y samba-*
Note: don`t disable cups service
Lesson 1: SMB Client

Connect to Win
smbclinet -L winxp -U administrator

smbclient //winxp/install -U admnistrator
smb: \>; (smb mod) ls
? to help

mkdir /media/smb
smbmount //winxp/install /media/smb -o username=administrator
or:
# mount -t cifs //IP/share_name -o username=

mount (to list)
leave /media/smb directory
umount /media/smb

Lesson 2:

workgroup = SMBDOMAIN

server string = PC1 domain controller

hosts allow = 192.168.1. 192.168.2. 127.

security = user

wins support = yes

[demoproject]
commnet = share
path = /data/demoproject
valid users = @webproject kamran
public = no
write list = @webproject kamran root
create mask = 0660
directort mask = 0770

Video: 
Part1: http://www.mediafire.com/?wn82jiz2qi8j95c
Part2: http://www.mediafire.com/?4oke4vgb3j57sf4


------------------------------------------------------------
Thanks for reading
----------------------------…

ARP Poisoning - DNS Spoofing

Image
I used ettercap to perform this attack. In theory, it arp poisoning victim machine ( use dynamic map), said victime that " DNS Server has MAC address is xxxxxx". Of course, all DNS request will be going to Attacker Machine. You must distinguish between ARP Poisoning - DNS Spoofing with DNS Poison. Above, DNS Spoofing id a part of ARP Poisoning ( a plugin of ettercap), it perform ARP Posoning, then, Man in the Middle ( Attacker is DNS agent). But, DNS Poisong is we attack DNS Server ( not AiRP Poisonging), it can be DNS Server bug, cache posion, sub-domain poisoning.
Victim is XP SP2, use dynamic MAC to update MAC table, Attacker is Backtrack, use ettercap to poison. You can use cain&abel, similar to do.
Video i made :)
Exe file: http://www.mediafire.com/?xp6cp5217d28kab
Avi file - too big: http://www.mediafire.com/?r6p47gtj8d4n8oo
Youtube:




------------------------------------------------------------
Thanks for reading
----------------------------------------------------…

Session Hijacking - Demo

Thanks for Mr. Thịnh of my team :)).
This demo of session hijacking - man in the middle, We will steal session of facebook, and spoof it :)). The most importation is this tool, so easy to perform attack. :)).

Demo:


And this MF link: http://www.mediafire.com/?i3hij88dwne1j73

------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.

Buffer Overflow

Note lại bài Buffer Overflow
Note lại bài.
EIP: Thanh ghi con trỏ lệnh hiện hành., có người hiểu là lệnh tiếp theo, chuẩn bị được thực hiện.
ESP: Thanh ghi luôn trỏ đến đỉnh hiện thời ngăn xếp
EBP: Con trỏ cơ sở, nó sẽ là chuẩn để truy cập trong bộ nhớ.
Stack có địa chỉ phát từ trên cao xuống thấp.
Quá trình gọi hàm sẽ là:
Push các tham số ( đối số) của hàm vào stack.
Push EIP, đây là địa chỉ chương trình trả về sau khi thực hiện xong CT
Push giá trị EBP cũ ( của chương trình trước) vào stack
Push tiếp các biễn cục bộ.
Giá trị stack từ cao xuống thấp.
Giả sử trong CT có biến có độ dài 40 bytes, tuy nhiên ta nhập vào 1 dữ liệu lớn hơn 40 byte, phần dư sẽ được ghi đè lên 2 thanh ghi là EBP và EIP. Vấn đề là EIP sẽ chứa lệnh của chương trình trả về. Từ đó, attacker sẽ tìm cách nạp địa chỉ của đoạn code exploit vào EIP.
Khi đó, CT sẽ chuyển hướng, thực thi đoạn code CT exploit.

------------------------------------------------------------
Thanks for reading
-------------------------------…

Changing Partition - Create Custom Layout

Why you need change partitions in install CentOS process ( and Fedora), may be, called was "Create Custom Layout". Because in many case, you should create one partition for /home. Example: You setup web server, every user use home folder to store there data, so /home folder is too big in one partition. And you should do that to easy to back-up, or use RAID.
Then, you can modify size of swap partiton.
You can setup /var to other partition if necssary, it store lib files.
It it demo i change partition in install CentOS process:
http://www.mediafire.com/?a11k7m2i1enh4ef
------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.

Samba - LDAP Building PDC - Primary Domain Controller

Image
Nice tut for week-end. Long time to re-train Linux :)). So i start to built one PDC. 2 hour for first-time, hix
It is easiest way to buil PDC. thanks
Start:
Disable FireWall, SeLinux
yum install -y vim-ehanced
edit hosts file
    vim /etc/hosts
        # Do not remove the following line, or various programs
        # that require network functionality will fail.
        192.168.19.101  pdc.hbn.local pdc
        127.0.0.1       localhost.localdomain localhost
        ::1             localhost6.localdomain6 localhost6
    vim /etc/sysconfig/network
        NETWORKING=yes
        NETWORKING_IPV6=no
        HOSTNAME=pdc.hbn.local
        GATEWAY=192.168.19.2 install bind ( note you must add pdc.hbn.local to 192.168.19.101)
        previous entry
install ldap
    yum -y install openldap-servers openldap-clients
generate ldap password admin
    slappasswd -s nam123 -h {MD5}
        {MD5}VOGTJ3IVySVwvJZZvUj/QA== edit config
    vim /etc/openldap/slapd.conf


    # line 86: specify suffix
 …

Access Control

Note for first Module. Try on. Ganbatte Kudasai. Hikaru is light. I am Hikaru. And Hikaru use Kent. Kendy mean is candy, but this case, it is katana.
First!
A.    Access Control and Methodology
Access Control Basic:
    Access Control:
        Bảo vệ khỏi những truy cập trái phép (unauthorize access)
        Two entities:
        Subject: active request access to object, like user, computer...
        Object: passive    contain data and information, such as computer, data, file...
        Security Principle: CIA: Confidentiality - Integrity - Availablity
        3 steps: Indentification, Authentication, Authorization        -> resource
        Logical Access: tools for IAAA ( 3 steps + acountablity)
        2 steps Authenication: use public infor, like username, user number, and enter private info, such as password, PIN
        Strong Authentication: two factor authentication
        Indentification compoments: unique, naming schema, nondescriptive user, not share.
        Authenti…

PHP - Simple CMS

Coding. It is process, a work, in my feeling, very hard. But i regard porgramming as lego-games. Use many piece to bulit one program.
Last week-end, i try to build CMS using Ajax. It is very simple.:
Back-end: http://www.jetlovely.com/cms/
Front-end: http://www.jetlovely.com/cms/index.php?page=admin
One object is cms, it is center of this CMS. It  received request, respone, create html, load template....
I use html text in ajax response, like simple another web, because, i don`t remember using JSON and XML :)). And it is hardly to web server ( many webserver doesn`t support XML response). HTML is simple.
I learned many attention: don`t use header command to change header ( again, web server doesn`t support). I used echo and javascript to redirect page.
Next, don`t use session_is_registered(0, it can be duplecated. I use $_SESSION['name'] = $value to replace it.
Create function if you use more than 2 times, and if it don`t use sql to query, it should out of main object. Only Object can…