Posts

Showing posts from December, 2010

LDAP SAMBA to Primary Domain Controller - Part 2

Image
------------------------------------------------------------------------------------ Samba config: #vim /etc/samba/smb.conf [global] workgroup = hbn.local netbios name = HBN enable privileges = yes #interfaces = 192.168.1.131 username map = /etc/samba/smbusers server string = samba-ldap-pdc security = user encrypt passwords = Yes admin users = root #min passwd length = 3 obey pam restrictions = No ldap passwd sync = Yes log level = 0 syslog = 0 log file = /var/log/samba/log.%m max log size = 100000 #time server = Yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 mangling method = hash2 Dos charset = 850 Unix charset = ISO8859-1 #guest account = root logon script = logon.bat logon drive = logon home = logon path = domain logons = Yes os level = 65 preferred master = Yes domain master = Yes wins support = Yes passdb backend = ldapsam:ldap://127.0.0.1 ldap admin dn = cn=Manager,dc=hbn,dc=local ldap suffix = dc=hbn,dc=local ldap

LDAP SAMBA to Primary Domain Controller - Part 1

Image
LDAP SAMBA to Primary Domain Controller (PDC) ################################################################################################################ Step 1: DNS Service a. Install #cat /etc/hosts     # Do not remove the following line, or various programs     # that require network functionality will fail.     192.168.44.150  server.hbn.local        server     127.0.0.1       localhost.localdomain   localhost     ::1             localhost6.localdomain6 localhost6 #yum install -y bind-chroot #chmod 755 -R /var/named/ #cp /usr/share/doc/bind-*/sample/var/named/named.local /var/named/chroot/var/named/ #cp /usr/share/doc/bind-*/sample/var/named/named.root /var/named/chroot/var/named/ #cp /usr/share/doc/bind-*/sample/var/named/localhost.zone /var/named/chroot/var/named/ #touch /var/named/chroot/etc/named.conf #chkconfig --level 35 named on #service named start b.Configuration: #vim /var/named/chroot/etc/named.conf options {         directory "/var/named

Load Balancing with HAProxy, Full Tutorial

Image
Load Balancing using HaProxy. Writeen by Kendy Hikaru - Nam Habach http://kendyhikaru.blogspot.com Step 1: Basic config: #cat /etc/hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6     localhost6 ##### IP's of HaProxy ##### 192.168.44.130     server.hbn.local     server ##### IP's of Web Servers ##### 192.168.44.131     www1.hbn.local     www1 192.168.44.132     www2.hbn.local     www2 ##### IP's of MySQL DB servers ##### 192.168.44.135     db.hbn.local     db save and quit #scp /etc/hosts www1:/etc/ #scp /etc/hosts www2:/etc/ #scp /etc/hosts db:/etc/ #################################################################################################### Step 2: Configurations On 2 Web Servers: #yum install -y httpd php php-mysql php-gd  #service httpd start #chkconfig --level 35 httpd on web1: #echo " w

LVS - Load Balancing Detaied Tutorial - Step 3: MySql Cluster - DRBD - Web Installation

Image
 Next, we start last config: Mysql Clutering with DRBD #################################################################################################### Step 3: MySQL cluster with Drbd and Heartbeat Now, we have 4GB disks on both servers (db1 adn db2) a.Partition Setup for Cluster Servers on both server: Patition disks # fdisk -l Disk /dev/sda: 21.4 GB, 21474836480 bytes 255 heads, 63 sectors/track, 2610 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes    Device Boot      Start         End      Blocks   Id  System /dev/sda1   *           1          13      104391   83  Linux /dev/sda2              14        2610    20860402+  8e  Linux LVM Disk /dev/sdb: 4294 MB, 4294967296 bytes 255 heads, 63 sectors/track, 522 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Disk /dev/sdb doesn't contain a valid partition table # fdisk /dev/sdb Command (m for help): m Command action a toggle a bootable flag b edit bsd disklabel c toggle the dos

LVS - Load Balancing Detaied Tutorial - Step 2: LVS Configuration

Image
In this step, we will config web server and load balancer server. #################################################################################################### Step 2: LVS Setup configuration on LB1 and LB2 a. On Load Balacer Server Install on Lvs1 and lvs2: # yum install -y piranha On Lvs1: # vim /etc/sysconfig/ha/lvs.cf serial_no = 14 primary = 192.168.44.101 service = lvs rsh_command = ssh backup_active = 1 backup = 192.168.44.102 heartbeat = 1 heartbeat_port = 1050 keepalive = 2 deadtime = 10 network = direct debug_level = NONE monitor_links = 1 virtual server1 { active = 1 address = 192.168.44.130 eth0:1 port = 80 send = "GET / HTTP/1.1\r\n\r\n" expect = "HTTP" load_monitor = uptime scheduler = rr protocol = tcp timeout = 10 reentry = 180 quiesce_server = 0 server www1 { address = 192.168.44.131 active = 1 weight = 1 } server www2 { address = 192.168.44.132 active = 1 weight = 1 } } #scp /etc/sysconfig/h

LVS - Load Balancing Detaied Tutorial - Step 1: Basic Configuration

Image
LVS - Load Balancing Detaied Tutorial Linux Load Balancer  using Piranha,Pulse,IPVsadm and Highly Available MySQL using DRBD & HearTBeat. Source: http://www.Wbitt.com Demo: http://www.hbn.local 6 Nodes Load Balancer Two nodes for LVS (Piranha Pulse nannay Ipvsadm) as Load balancer Two nodes for Web servers can be multiple upto your requirement. Two nodes for mysql database server using Drbd & heartbeat for highly avaliable mysql database. Step 1: Basic configurations a. Hosts file #cat /etc/hosts # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6     localhost6 ##### IP's of Load Balancers ##### 192.168.44.101     lvs1.hbn.local     lvs1 192.168.44.102     lvs2.hbn.local     lvs2 ##### IP's of Web Servers ##### 192.168.44.131     www1.hbn.local     www1 192.168.44.132     www2.hbn.local     www2 ##### IP's of My

SSLstrip - Google SSLstrip Demo

Image
The first, i recommnet: "I can`t hack SSL". Note, SSL is protocol used to exchange security data, base on PKI. In this example, attacker use sslstrip, is the man in the middle, attacker is proxy, will replace all https link by http. You can see more at: http://securitytube.net/Defeating-SSL-using-SSLStrip-%28Marlinspike-Blackhat%29-video.aspx or: https://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike Nothing is security :)). So, if you type https, instead of click to link, you can prevent is. But follow me, note to certificate, if untrust, not connect. It is mistakes. Demo use SSLstrip, ettercap Link:  http://www.mediafire.com/?j6laxbcceructc0 <p><br><br><br>orr</p> ------------------------------------------------------------ Thanks for reading ------------------------------------------------------------

Samba - Domain Controller

Image
So easy to create master domain controller with Samba, many errors :)). But i like it than AD of M$. Because it is quickly, and i need only authenticate for my domain. Lesson 3:Samba to PDC Edit smb.conf workgroup =    SMBDOMAIN server string = PC1 domain controller local master = yes os level = 64 domain master = yes preferred master = yes domain logons = yes win support = yes uncommnet [netlogon] [Profiles] [tmp] groupadd lanmachines useradd -M -s /sbin/nologin -g lanmachines winxp$ useradd -M -s /sbin/nologin -g lanmachines wintendo$ smbpasswd -am winxp smbpasswd -am wintendo smbpasswd -a root tail /etc/samba/smbpasswd join domain normal note: use WORKGROUP = workgroup ( in samba config file), not domain. Lab: http://www.mediafire.com/?ow47sz7l2femcm0 or: ------------------------------------------------------------ Thanks for reading -------------------------------------------------------------------------- All my Lab: Linux

Samba - Basic

Many people ask me about samba. This my note about samba: Install: yum install -y samba-* Note: don`t disable cups service Lesson 1: SMB Client Connect to Win smbclinet -L winxp -U administrator smbclient //winxp/install -U admnistrator smb: \>; (smb mod) ls ? to help mkdir /media/smb smbmount //winxp/install /media/smb -o username=administrator or: # mount -t cifs //IP/share_name -o username= mount (to list) leave /media/smb directory umount /media/smb Lesson 2: workgroup = SMBDOMAIN server string = PC1 domain controller hosts allow = 192.168.1. 192.168.2. 127. security = user wins support = yes [demoproject] commnet = share path = /data/demoproject valid users = @webproject kamran public = no write list = @webproject kamran root create mask = 0660 directort mask = 0770 Video:  Part1: http://www.mediafire.com/?wn82jiz2qi8j95c Part2: http://www.mediafire.com/?4oke4vgb3j57sf4 ------------------------------------------------------------