-- Remote Desktop Protocol (RDP) stands for Administrative Console Access. If your System has Remote Desktop enabled, it is listening for TCP connections on Port 3389 (by default Port) and it may be necessary to make it even more secure by changing the TCP Port used for the network access. Since this port is both well known and can be used to attack accounts. If you want to change the port, it requires a quick change in the Windows registry.

Note: Editing the registry is very risky, So be sure you have a verified backup before saving any changes.

Step: 1. Open Registry Editor :

Click on Start -> Run -> Type: regedit -> Press 'OK'.

Step: 2. Change Registry :

Go to:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber

Double Click on PortNumber -> Select Decimal -> Give Value Data (2289) -> OK

Step: 3. Allow your Port Number within Windows 2008 Firewall :

Click on Start -> Administrative Tools -> Windows Firewall with Advanced Security -> Inbound Rules -> Search Remote Desktop (TCP-In) & Right Click -> Disable Rule.

-- Then Create a New Rule for RDP :

Inbound Rules -> New Rule -> Select Port -> Next -> Specific Local Ports (2289) -> Next -> Next -> Next -> Give Name (RDP) -> Finish -> Close.

Step: 4. Restart Remote Desktop Service (plus Dependent Services) :

Click on Start -> Administrative Tools -> Services -> Restart the following Services :

-- Remote Desktop Configuration
-- Remote Desktop Services
-- Remote Desktop Services
-- UserMode Port Redirector

Step: 5. Finally Restart the Server :

Now Login with new Port Number.

Note: When you try to Connect to this Computer by using the Remote Desktop Connection, you must Type the new Port Number.

Ex: 192.168.100.102:2289

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

Q. What is Redmine ?

-- Redmine is a free and open source, web-based project management and issue tracking tool, Written using the Ruby on Rails framework. It allows users to manage multiple projects and associated sub projects. It features per project wikis and forums, time tracking, and flexible role based access control.

Features :

1. Multiple Projects Support.
2. Flexible Role Based Access Control
3. Flexible Issue Tracking System etc.

Step: 1. Set Host Name :

# hostname tickets.domain.com
# vi /etc/hostname

tickets.domain.com

-- Save & Quit (:wq)

Step: 2. Bind Host File :

# vi /etc/hosts

10.100.97.137    tickets.domain.com    tickets

-- Save & Quit (:wq)

Step: 3. Update the System :

# apt-get update
# apt-get -y upgrade

Step: 4. Install Prerequisites :

# apt-get -y install apache2 apache2-utils apache2-threaded-dev apache2-prefork-dev \
    libapache2-mod-passenger make automake autoconf cmake openssl libcurl4-openssl-dev \
    libapr1-dev libaprutil1-dev libmysqlclient-dev wget

# apt-get -y install php5 libapache2-mod-php5 php5-mysql libapache2-mod-perl2 libssl-dev \
    libmagickcore-dev libmagickwand-dev curl git-core patch build-essential bison zlib1g-dev \
    libxml2-dev autotools-dev libxslt1-dev libyaml-0-2 libreadline6-dev libyaml-dev libtool \
    imagemagick libicu-dev libssh2-1 libssh2-1-dev libgpg-error-dev

Step: 5. Install Ruby & Gem with Rails :

# apt-get -y remove ruby
# curl -#LO https://rvm.io/mpapis.asc
# gpg --import mpapis.asc
# curl -sSL https://get.rvm.io | bash -s stable
# source /etc/profile.d/rvm.sh
# rvm requirements
# rvm install 2.3.0
# rvm use 2.3.0 --default

Step: 6. To Check Ruby & Gem Version :

# ruby -v
ruby 2.3.0p0 (2015-12-25 revision 53290) [x86_64-linux]

# gem -v
2.5.1

Step: 7. Install Passenger :

# gem install passenger
# passenger-install-apache2-module

Press Enter and Press " ! " and Make Sure you Select only the 'ruby' one.

**LOOK CAREFULLY after successfully installing it give codes .we must edit in our apache. FOR ME .It may be other for you. ========================================================================
LoadModule passenger_module /usr/local/rvm/gems/ruby-2.3.0/gems/passenger-5.0.30/buildout/apache2/mod_passenger.so
<IfModule mod_passenger.c>
    PassengerRoot /usr/local/rvm/gems/ruby-2.3.0/gems/passenger-5.0.30
    PassengerDefaultRuby /usr/local/rvm/gems/ruby-2.3.0/wrappers/ruby
</IfModule>
=========================================================================

Step: 8. To Load the Passenger Module into Apache :

# vi /etc/apache2/mods-available/passenger.load

-- Delete the LoadModule Line & Paste the Below Module.

LoadModule passenger_module /usr/local/rvm/gems/ruby-2.3.0/gems/passenger-5.0.30/buildout/apache2/mod_passenger.so

-- Save & Quit (:wq)

# vi /etc/apache2/mods-available/passenger.conf

-- Delete Everything & Paste the Below Code.

<IfModule mod_passenger.c>
    PassengerRoot /usr/local/rvm/gems/ruby-2.3.0/gems/passenger-5.0.30
    PassengerDefaultRuby /usr/local/rvm/gems/ruby-2.3.0/wrappers/ruby
</IfModule>

-- Save & Quit (:wq)

# a2enmod passenger

Step: 9. Now, you can Download the Latest Version of Redmine :

# cd /var/www
# wget http://www.redmine.org/releases/redmine-3.0.4.tar.gz
# tar zxf redmine-3.0.4.tar.gz
# rm redmine-3.0.4.tar.gz
# mv redmine-3.0.4 redmine
# chown -R www-data:www-data /var/www/redmine
# chmod -R 775 /var/www/redmine
# touch /var/www/redmine/log/production.log
# chown root:www-data /var/www/redmine/log/production.log
# chmod 664 /var/www/redmine/log/production.log

Step: 10. Start the Apache Server :

# service apache2 restart

Step: 11. Install MySQL Server :

# apt-get -y install mysql-server mysql-client

New password for the MySQL "root" user: redhat
Repeat password for the MySQL "root" user: redhat

Step: 12. Create Database for Redmine :

# mysql -u root -p
Enter Password:

mysql> create database redminedb character set utf8;
mysql> grant all privileges on redminedb.* to redmine@'localhost' identified by 'password';
mysql> flush privileges;
mysql> exit

Step: 13. Now, Install the Gem file and the bundler :

# gem install rake rack i18n rubytree RedCloth mysql coderay rails jquery-rails fastercsv builder mime-types awesome_nested_set activerecord-jdbc-adapter selenium-webdriver shoulda mysql2

# cd /var/www/redmine
# gem install bundler
# bundle install --without development test rmagick

Step: 14. Setup the Database Connection for Redmine :

# cd /var/www/redmine/config
# mv database.yml.example database.yml
# vi database.yml

In the 'production' Section, update the 'database', username, password and other Parameters Accordingly like so :

production:
  adapter: mysql2
  database: redminedb
  host: localhost
  username: redmine
  password: "password"
  encoding: utf8

-- Save & Quit (:wq)

Step: 15. Create the Virtual host files for running Redmine :

# mv /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/000-default.conf.bak
# cd /etc/apache2/sites-enabled
# unlink 000-default.conf
# vi /etc/apache2/sites-available/redmine.conf

<VirtualHost *:80>
ServerName redmine

DocumentRoot /var/www/
Alias /tickets /var/www/redmine/public

<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/redmine>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Directory /var/www/redmine/public>
PassengerEnabled on
SetHandler none
PassengerAppRoot /var/www/redmine
RailsBaseURI /redmine
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>

-- Save & Quit (:wq)

# a2ensite redmine.conf

Step: 16. Restart Apache Server :

# service apache2 restart

Step: 17. Set Environment to "production" Environment :

# cd /var/www/redmine/config
# vi environment.rb

Note: If there is line uncomment it, if not just proceed ahead.

ENV['RAILS_ENV'] ||= 'production'

-- Save & Quit (:wq)

Step: 18. In Terminal, use Following Command :

# cd /var/www/redmine/
# bundle install
# RAILS_ENV=production bundle exec rake generate_secret_token
# RAILS_ENV=production bundle exec rake db:migrate
# RAILS_ENV=production bundle exec rake redmine:load_default_data

Type 'en' when asked & Press Enter.

Step: 19. Rename dispatch CGI files in /redmine/public/ :

# cd /var/www/redmine/public
# mv dispatch.fcgi.example dispatch.fcgi
# cp htaccess.fcgi.example .htaccess

Step: 20. Fix Rights for the Apache user :

# chown -Rf www-data:www-data /var/www/redmine

Step: 21. Restart the Apache Server :

# service apache2 restart

Step: 22. Point Your Web Browser & Type :

http://ip_address_server/redmine
or
http://domain_name/redmine
User: admin
Pass: admin

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

-- Config Server Firewall (or CSF) is a free and advanced firewall for most Linux distributions and Linux based VPS. In Addition to the Basic Functionality of a Firewall – Filtering Packets. CSF includes other security features, such as Login/Intrusion/Flood Detections.

Step: 1. Stop Firewall :

# service iptables stop
# chkconfig iptables off

Step: 2. Disable Selinux :

# vi /etc/sysconfig/selinux

SELINUX=disabled

-- Save & Quit (:wq)

Step: 3. Reboot the Server :

# init 6

Step: 4. Installation of CFS Dependencies :

# yum -y install wget vim perl perl-libwww-perl.noarch perl-Time-HiRes

Step: 5. Download & Extract CSF Package :

# cd /usr/src/
# wget https://download.configserver.com/csf.tgz
# tar -xzf csf.tgz

Step: 6. Install CFS :

# cd csf
# sh install.sh

Step: 7. Now You should Check that CSG really Works on this Server :

# cd /usr/local/csf/bin/
# perl csftest.pl

[OUTPUT]
RESULT: csf should function on this server.

Step: 8. Configure CSF :

# vi /etc/csf/csf.conf

-- Line No. 11 :

TESTING = "0"

Note: By default CSF Allows Incoming & Outgoing Traffic for the SSH Standard Port 22, if you use a Different SSH Port then please Add your port to the Configuration in line 139 "TCP_IN".

-- Line No. 69 :

RESTRICT_SYSLOG = "3"

-- Save & Quit (:wq)

Step: 9. Start CSF & LFD Service :

# service csf restart
# chkconfig csf on

# service lfd restart
# chkconfig lfd on

Step: 10. To View the list of Default Rules of CSF :

# csf -l
Or
# csf --status

Step: 11. Basic CSF Commands :

-- Start the Firewall (Enable the Firewall Rules) :

# csf -s
Or
# csf --start

-- Flush/Stop the Firewall Rules :

# csf -f
Or
# csf --stop

-- Reload the Firewall Rules :

# csf -f

-- Restart the Firewall Rules :

# csf -r
Or
# csf --restart

-- Allow an IP & Add it to csf.allow :

# csf -a 10.100.97.37
Or
# csf --add 10.100.97.37

-- Remove/Delete an IP from csf.allow :

# csf -ar 10.100.97.37
Or
# csf --addrm 10.100.97.37

-- Deny an IP & Add to csf.deny :

# csf -d 10.100.97.37
Or
# csf --deny 10.100.97.37

-- Remove/Delete an IP from csf.deny :

# csf -dr 10.100.97.37
Or
# csf --denyrm 10.100.97.37

-- Remove & Unblock all Entries from csf.deny :

# csf -df
Or
# csf --denyf

-- Search for a Pattern Match on iptables e.g : IP, CIDR, Port Number :

# csf -g 10.100.97.37
Or
# csf --grep 10.100.97.37

-- Disable CSF & LFD Completely :

# csf -x
Or
# csf --disable

-- Displays the Current List of Temporary Allow & Deny IP Entries with their TTL & Comment :

# csf -t
Or
# csf --temp

-- Add an IP to the Temp IP Allow List :

# csf -ta 10.100.97.37 ttl -p 22 -d 0.0.0.0 Allow All For Port No 22
Or
# csf --tempallow 10.100.97.37 ttl [-p port] [-d direction] [comment]

-- Add an IP to the Temp IP Ban List :

# csf -td 10.100.97.37 ttl -p 22 -d 0.0.0.0 Ban All For Port No 22
Or
# csf --tempdeny 10.100.97.37 ttl [-p port] [-d direction] [comment]

-- Remove an IP From the Temporary IP Ban or Allow List :

# csf -tr 10.100.97.37
Or
# csf --temprm 10.100.97.37

-- Flush all IPs from the Temporary IP Entries :

# csf -tf
Or
# csf --tempf

Step: 12. Advanced CSF Configuration :

# vi /etc/csf/csf.conf

-- Don't Block IP addresses that are in the csf.allow files :

IGNORE_ALLOW = "1"

-- Allow Incoming & Outgoing ICMP. Line No 152 for Incoming & Line 159 for Outgoing :

ICMP_IN = "1"
ICMP_OUT = "1"

-- Block Certain Countries. Go To Line 836 & Add the Country Codes :

CC_DENY = "CN,UK,US"
CC_ALLOW = "ID,IN,DE"

-- Send the Su & SSH Login Logs by Email. Go to the Line No. 1069 :

LF_SSH_EMAIL_ALERT = "1"

LF_SU_EMAIL_ALERT = "1"

-- And then Define the Email Address at Line No. 588 :

LF_ALERT_TO = "koushik@domain.com"

-- Save & Quit (:wq)

Step: 13. Restart CSF & LFD Service :

# service csf restart
# service lfd restart

IMPORTANT NOTES:
=================

-- The Ports Opened by Default are the Following :

TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"
TCP_OUT = "20,21,22,25,53,80,110,113,443"
UDP_IN = "20,21,53"
UDP_OUT = "20,21,53,113,123"

-- Services using the Open Ports :

Port 20: FTP data transfer
Port 21: FTP control
Port 22: Secure shell (SSH)
Port 25: Simple mail transfer protocol (SMTP)
Port 53: Domain name system (DNS)
Port 80: Hypertext transfer protocol (HTTP)
Port 110: Post office protocol v3 (POP3)
Port 113: Authentication service/identification protocol
Port 123: Network time protocol (NTP)
Port 143: Internet message access protocol (IMAP)
Port 443: Hypertext transfer protocol over SSL/TLS (HTTPS)
Port 465: URL Rendesvous Directory for SSM (Cisco)
Port 587: E-mail message submission (SMTP)
Port 993: Internet message access protocol over SSL (IMAPS)
Port 995: Post office protocol 3 over TLS/SSL (POP3S)

-- Below are Port sets that should be opened if you are Running the Listed Service :

On any Server:

TCP_IN: 22,53
TCP_OUT: 22,53,80,113,443
UPD_IN: 53
UPD_OUT: 53,113,123

Apache:

TCP_IN: 80,443

FTP Server:

TCP_IN: 20,21
TCP_OUT: 20,21
UPD_IN: 20,21
UPD_OUT:20,21

Mail Server:

TCP_IN: 25,110,143,587,993,995
TCP_OUT: 25,110

MySQL Server (if remote access is required):

TCP_IN: 3306
TCP_OUT: 3306

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

Q. What is Openfire?

-- Openfire is an Instant Messaging and Group chat server, written in Java that uses XMPP (Extensible Messaging and Presence Protocol) server. Wikipedia reports, Openfire was previously called as ‘Wildfire‘ and ‘Jive Messenger‘. The Application Software is developed by Jive Software and a community called ‘IgniteRealtime.org‘, and is Licensed under Apache License.

Openfire Features :

- Web Based Admin control
- SSL/TLS support
- LDAP connectivity
- User Friendly
- Platform Independent

Openfire Installation :

Step: 1. Bind Host File :

# vi /etc/hosts

192.168.100.220    ser1.domain.com    ser1

-- Save & Quit (:wq)

Step: 2. Disable Selinux :

# vi /etc/sysconfig/selinux

SELINUX=disabled

-- Save & Quit (:wq)

# init 6


Step: 3. Install Java ( lastest version is preferred) :

# cd /opt
# wget --no-check-certificate --no-cookies --header 'Cookie: oraclelicense=accept-securebackup-cookie' http://download.oracle.com/otn-pub/java/jdk/8u5-b13/jdk-8u5-linux-x64.rpm
   
# yum -y install jdk-8u5-linux-x64.rpm
# yum -y install libldb.i686

Step: 4. Setup Environment Variables :

Setup JAVA_HOME Variable :
   
# export JAVA_HOME=/usr/java/jdk1.8.0_05
# export PATH=$PATH:$JAVA_HOME
# echo $JAVA_HOME

Step: 5. Edit the Java Profile :

# vi /etc/profile.d/java.sh

#!/bin/bash
JAVA_HOME=/usr/java/jdk1.8.0_05
PATH=$JAVA_HOME/bin:$PATH
export PATH JAVA_HOME
export CLASSPATH=.

-- Save & Quit (:wq)

# chmod +x /etc/profile.d/java.sh
# source /etc/profile.d/java.sh

Step: 6. Check Version of JAVA :

# java -version
   
java version "1.8.0_05"
Java(TM) SE Runtime Environment (build 1.8.0_05-b13)
Java HotSpot(TM) Client VM (build 25.5-b02, mixed mode)

Step: 7. Install the Openfire Dependencies :

# yum -y install httpd httpd-devel wget
# service httpd restart
# chkconfig httpd on

Step: 8. Download the Openfire RPM using wget Command :

# cd /tmp
# wget http://download.igniterealtime.org/openfire/openfire-3.9.3-1.i386.rpm

Step: 9. Install the OpenFire RPM :

# rpm -Uvh openfire-3.9.3-1.i386.rpm

Step: 10. Once the RPM has been installed, Start the OpenFire service :

# service openfire start

Step: 11. Ensure that OpenFire will boot with your Server :

# chkconfig openfire on

Step: 12. For this instance, you’ll want to make sure iptables is not running, you can Configure the iptables rules how you need them later :

# service iptables stop
# chkconfig iptables off

Step: 13. Install MySQL Server with MySQL Connector :

# yum -y install mysql mysql-server mysql-connector-java

Step: 14. Start MySQL Server :

# service mysqld restart
# chkconfig mysqld on

Step: 15. Set MySQL Root Password :

# mysql_secure_installation

Step: 16. Create Database for OpenFire :

# mysql -u root -predhat

mysql> CREATE DATABASE openfire;
mysql> grant all on openfire.* to openfire@'localhost' identified by 'password';
mysql> grant all on openfire.* to openfire@'%' identified by 'password';
mysql> flush privileges;
mysql> exit

Step: 17. Navigate in your Web Browser To :

Note: If Showing any JAVA Error while Installing the OpenFire through Web Browser then Restart the Server Once.

http://yourip_address:9090

-- Choose Language: (English)
-- Click on "Continue"

-- Server Settings:
     Domain: (127.0.0.1)
     Admin Console Port: (9090)
     Secure Admin Console Port: (9091)

Note: Don't Change Admin Port and Secure Admin Port. Generally you don’t need to change these data, until you need a custom port.

-- Select "Blowfosh"-- Property Encryption Key: (Leave it Blank)
-- Click on "Continue"

-- Database Settings:
-- Select "Standard Database Connection".
-- Click on "Continue"

-- Database Settings - Standard Connection :
     Database Driver Presets: Select MySQL
     Database URL:  jdbc:mysql://localhost:3306/openfire?rewriteBatchedStatements=true
     Username: openfire
     Password: password
     Minimum Connections: 5
     Maximum Connections: 25
-- Click on "Continue"

-- Profile Settings: Select Default
-- Click on "Continue"

-- Administrator Account:
     Admin Email Address: kchatterjee@kminfosystems.com
     New Password: Passw0rd
     Confirm Password: Passw0rd
-- Click on "Continue"

-- Finally Click on "Login to the Admin Console"

Note: Login to Openfire Admin User using username 'admin' and password, the one we set above.

User: admin
Pass: Passw0rd

Step: 18. To Create OpenFire Chat User :

-- Click on Users/Groups (Tabs)
-- Click on Create New User.
-- Fill the User Details.
-- Click on "Create User"'.

Step: 19. Installation of Spark Client :

Download and Install cross platform Spark client for your system using the below link.

http://www.igniterealtime.org/downloads/index.jsp

Once you’ve installed Spark client, open the application and enter username, password and IP addresss of openfire server.

User Name: koushik
Password: Passw0rd
Server IP: 192.168.100.221

-- Check on Save Password.
-- Check on Auto Login
-- Click on Login

Once you logged in you can chat with the users who are online.

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog.