Kousik Chatterjee's Blog

-- GlassFish is an Application Server which can also be used as a Web Server (Http Server). GlassFish Server is the world's first implementation of the Java Platform.

Step: 1. Bind Hosts File :

# vi /etc/hosts

10.100.97.39           ser3.domain.com    ser3

-- Save & Quit (:wq)

Step: 2. Disable Selinux & Stop Firewall :

# vi /etc/sysconfig/selinux

SELINUX=disabled

-- Save & Quit (:wq)

# service iptables stop
# chkconfig iptables off

Step: 3. Install NTP Server (for Time Synchronization) :

# yum -y install ntp
# service ntpd restart
# chkconfig ntpd on
# ntpdate pool.ntp.org

# init 6

Step: 4. Installing the Java :

# yum -y install wget
# cd /opt
# wget --no-check-certificate --no-cookies --header 'Cookie: oraclelicense=accept-securebackup-cookie' http://download.oracle.com/otn-pub/java/jdk/8u5-b13/jdk-8u5-linux-x64.rpm
   
# yum -y install jdk-8u5-linux-x64.rpm

Step: 5. Setup JAVA_HOME Variable :

# export JAVA_HOME=/usr/java/jdk1.8.0_05
# export PATH=$PATH:$JAVA_HOME
# echo $JAVA_HOME

Step: 6. Edit the Java Profile :

# vi /etc/profile.d/java.sh

#!/bin/bash
JAVA_HOME=/usr/java/jdk1.8.0_05
PATH=$JAVA_HOME/bin:$PATH
export PATH JAVA_HOME
export CLASSPATH=.

-- Save & Quit (:wq)

# chmod +x /etc/profile.d/java.sh
# source /etc/profile.d/java.sh

Step: 7. Check Version of JAVA :

# java -version

java version "1.8.0_05"
Java(TM) SE Runtime Environment (build 1.8.0_05-b13)
Java HotSpot(TM) Client VM (build 25.5-b02, mixed mode)

Step: 8. Download & Extract Glassfish :

# yum -y install unzip
# cd /opt
# wget http://download.java.net/glassfish/4.1.1/release/glassfish-4.1.1.zip
# wget http://download.java.net/glassfish/4.0/release/glassfish-4.0.zip
# unzip glassfish-4.1.1.zip

Step: 9. Start the GlassFish Server :

# /opt/glassfish4/bin/asadmin start-domain

Waiting for domain1 to start .........
Successfully started the domain : domain1
domain  Location: /opt/glassfish4/glassfish/domains/domain1
Log File: /opt/glassfish4/glassfish/domains/domain1/logs/server.log
Admin Port: 4848
Command start-domain executed successfully.

Step: 10. Set GlassFish Admin Password (By Default Password is Blank) :

# cd /opt/glassfish4/bin/
# ./asadmin
asadmin> change-admin-password

Enter admin user name [default: admin]> Just Press Enter.
Enter the admin password> Just Press Enter.
Enter the new admin password> Passw0rd (Press Enter.)
Enter the new admin password again> Passw0rd (Press Enter.)
Command change-admin-password executed successfully.

Step: 11. Enabled to Access the DAS Remotely on GlassFish :

asadmin> enable-secure-admin

Enter admin user name>  admin
Enter admin password for user "admin"> Passw0rd

You must restart all running servers for the change in secure admin to take effect.
Command enable-secure-admin executed successfully.

asadmin> stop-domain

Waiting for the domain to stop .
Command stop-domain executed successfully.

asadmin> start-domain

Waiting for domain1 to start .......
Successfully started the domain : domain1
domain  Location: /opt/glassfish4/glassfish/domains/domain1
Log File: /opt/glassfish4/glassfish/domains/domain1/logs/server.log
Admin Port: 4848
Command start-domain executed successfully.

asadmin> exit
Command multimode executed successfully.

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

 

-- This tutorial describes how to give users chrooted SSH or SFTP access on CentOS. With this setup, you can give your users shell access without having to fear that they can see your whole system. Your users will be jailed in a specific directory which they will not be able to break out of.

Step: 1. Create a New Group For SFTP Users :

# groupadd sftpusers

Step: 2. Create a SFTP User :

# mkdir /var/www/html/koushik.com
# useradd -g sftpusers -d /var/www/html/koushik.com/koushik -s /sbin/nologin koushik
# passwd koushik

Step: 3. Configure SFTP Server :

# vi /etc/ssh/sshd_config

-- Find & Commented :

#Subsystem      sftp    /usr/libexec/openssh/sftp-server

-- Add those Lines :

Subsystem sftp internal-sftp
AllowUsers koushik

# User specific configuration
Match User koushik
ChrootDirectory /var/www/html/koushik.com
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

-- Save & Quit (:wq)

Step: 4. Restart SFTP/SSH Service :

# service sshd restart

Step: 5. Give Permission of Chroot Directory :

# chown -Rf koushik:sftpusers /var/www/html/koushik.com/
# chmod -Rf 755 /var/www/html/koushik.com/

Step: 6. Testing SFTP Chroot Jail :

# sftp koushik@192.168.100.229

Are you sure you want to continue connecting (yes/no)? yes

koushik@192.168.100.229's password: redhat

sftp> pwd
Remote working directory: /
sftp> cd /tmp
Couldn't canonicalise: No such file or directory
sftp> cd /etc
Couldn't canonicalise: No such file or directory
sftp> mkdir test
sftp> ls
test
sftp> bye
[root@ser2 ~]#

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

 

Q. What is VSFTPD ?

-- vsftpd, (or very secure FTP daemon), is an FTP server that runs on Linux/UNIX Operating Systems. It is Licensed under the GNU General Public License. It supports IPv6 and SSL. VSFTP is a secure, stable, and fast FTP Server.

Step: 1. Install VSFTP Server :

# yum install -y vsftpd

Step: 2. Configure FTP Server :

# vi /etc/vsftpd/vsftpd.conf

Find these Lines :

-- At line 12:

anonymous_enable=NO

-- At lines 96 & 97 Uncommented the following :

chroot_local_user=YES
chroot_list_enable=YES

-- At line 98 Uncomment the following :

chroot_list_file=/etc/vsftpd/chroot_list

-- Just delete the # sign

userlist_enable=YES

-- Save & Exit (:wq)

Step: 3. Make the Directory Accessible to the ftp-users Group :

# useradd -d /var/www/path/to/your/dir -s /usr/sbin/nologin ftpuser1
# passwd ftpuser1
# chown -Rf ftpuser1 /var/www/path/to/your/dir
# chmod 775 /var/www/path/to/your/dir

Step: 4. Create a File Under /etc/vsftpd :

# vi /etc/vsftpd/chroot_list

-- Jail Users or Limits Users to only their home directory. To add the limited user name in the 'chroot_list'

ftpuser1
ftpuser2

-- Save & Quit (:wq)

Step: 5. To Add a nologin to the Shell :

# vi /etc/shells

-- The file should look like this:

    /bin/ksh
    /usr/bin/rc
    /usr/bin/tcsh
    /bin/tcsh
    /usr/bin/esh
    /bin/dash
    /bin/bash
    /bin/rbash

-- Add this line at the End:

    /usr/sbin/nologin

-- Save & Exit (:wq)

Step: 6. Now Create a usergroup & Add the ftpuser1 to it :

# addgroup ftp-users
# usermod -Gftp-users ftpuser1

Step: 7. Restart the FTP Service :

# service vsftpd restart
# chkconfig vsftpd on
# netstat -tulpn | grep :21
# service vsftpd status

Step: 8. Configure Firewall & Set SELinux for FTP :

# iptables -I INPUT -p tcp -m tcp --dport 20 -j ACCEPT
# iptables -I INPUT -p tcp -m tcp --dport 21 -j ACCEPT
# iptables -I INPUT -p tcp -m tcp --dport 12000:12100 -j ACCEPT
# iptables -I INPUT -p udp -m tcp --dport 12000:12100 -j ACCEPT

# setsebool -P ftpd_disable_trans=1

Step: 9. View FTP Log File :

# tail –100f /var/log/vsftpd.log

Step: 10. VSFTP Passive Port Configuration :

# vi /etc/vsftpd/vsftpd.conf

-- Add these Lines at the End:

# PASV Configurations :
pasv_promiscuous=YES
pasv_enable=YES
pasv_min_port=12000
pasv_max_port=12100
#pasv_address=X.X.X.X

# Other Parameter :
max_login_fails=5
max_per_ip=5
max_clients=10
require_ssl_reuse=NO
listen_port=21
use_localtime=YES
connect_from_port_20=NO

-- Save & Quit (:wq)

# service vsftpd restart

Step: 11. Check Connectivity through Web Browser:

ftp://192.168.72.142
Enter User name & Password.

-- Or You Can use Filezilla or Any other FTP Client.

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

What is Apache CouchDB?

-- Apache CouchDB is an open source document-oriented database with NoSQL. NoSQL means, it doesn’t have any database schema, tables, rows, etc. CouceDB uses JSON to store data with documents, which you can access from a web browser via HTTP. CouchDB works smoothly with all latest modern web and mobile apps.

Step: 1. Install Build Tools & Required Dependencies :
 
# apt-get update
# apt-get -y upgrade
# apt-get -y install build-essential erlang-base-hipe erlang-dev erlang-manpages erlang-eunit \
   erlang-nox libicu-dev libmozjs185-dev libcurl4-openssl-dev wget

Step: 2. Installing CouchDB  :

# cd /tmp
# wget http://mirror.fibergrid.in/apache/couchdb/source/1.6.1/apache-couchdb-1.6.1.tar.gz
# tar -xvf apache-couchdb-1.6.1.tar.gz
# rm -rf apache-couchdb-1.6.1.tar.gz
# cd apache-couchdb-1.6.1
# ./configure
# make && make install

Step: 3. Configuring CouchDB :

# adduser --disabled-login --disabled-password --no-create-home couchdb
# chown -Rf couchdb:couchdb /usr/local/var/lib/couchdb/
# chown -Rf couchdb:couchdb /usr/local/var/log/couchdb/
# chown -Rf couchdb:couchdb /usr/local/var/run/couchdb/
# ln -s /usr/local/etc/init.d/couchdb /etc/init.d/couchdb
# update-rc.d couchdb defaults

Step: 4. Give HTTP Access To CouchDB :

# vi /usr/local/etc/couchdb/local.ini

-- Uncomment & Modify Line No. 11 & 12 :

[httpd]
port = 5984
bind_address = 0.0.0.0

-- Save & Quit (:wq)

Step: 5. Start CouchDB Service :

# service couchdb start
# service couchdb status

Step: 6. Verifing CouchDB :

# curl http://localhost:5984

Or

Open Web Browser & Type: http://10.100.97.37:5984

Step: 7. Access Couchdb Web Interface For Manage the Database :

http://10.100.97.37:5984/_utils/

-- Create Admin User :

-- By Default there is no admin user, you need to create one by just clicking on the bottom right
     corner that says "Fix this". Once you click on that link you will prompted to enter admin user
     and password.

-- Give Username & Password.
-- Click on "Create" Button.

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

-- Remote Desktop Protocol (RDP) stands for Administrative Console Access. If your System has Remote Desktop enabled, it is listening for TCP connections on Port 3389 (by default Port) and it may be necessary to make it even more secure by changing the TCP Port used for the network access. Since this port is both well known and can be used to attack accounts. If you want to change the port, it requires a quick change in the Windows registry.

Note: Editing the registry is very risky, So be sure you have a verified backup before saving any changes.

Step: 1. Open Registry Editor :

Click on Start -> Run -> Type: regedit -> Press 'OK'.

Step: 2. Change Registry :

Go to:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber

Double Click on PortNumber -> Select Decimal -> Give Value Data (2289) -> OK

Step: 3. Allow your Port Number within Windows 2008 Firewall :

Click on Start -> Administrative Tools -> Windows Firewall with Advanced Security -> Inbound Rules -> Search Remote Desktop (TCP-In) & Right Click -> Disable Rule.

-- Then Create a New Rule for RDP :

Inbound Rules -> New Rule -> Select Port -> Next -> Specific Local Ports (2289) -> Next -> Next -> Next -> Give Name (RDP) -> Finish -> Close.

Step: 4. Restart Remote Desktop Service (plus Dependent Services) :

Click on Start -> Administrative Tools -> Services -> Restart the following Services :

-- Remote Desktop Configuration
-- Remote Desktop Services
-- Remote Desktop Services
-- UserMode Port Redirector

Step: 5. Finally Restart the Server :

Now Login with new Port Number.

Note: When you try to Connect to this Computer by using the Remote Desktop Connection, you must Type the new Port Number.

Ex: 192.168.100.102:2289

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

Q. What is Redmine ?

-- Redmine is a free and open source, web-based project management and issue tracking tool, Written using the Ruby on Rails framework. It allows users to manage multiple projects and associated sub projects. It features per project wikis and forums, time tracking, and flexible role based access control.

Features :

1. Multiple Projects Support.
2. Flexible Role Based Access Control
3. Flexible Issue Tracking System etc.

Step: 1. Set Host Name :

# hostname tickets.domain.com
# vi /etc/hostname

tickets.domain.com

-- Save & Quit (:wq)

Step: 2. Bind Host File :

# vi /etc/hosts

10.100.97.137    tickets.domain.com    tickets

-- Save & Quit (:wq)

Step: 3. Update the System :

# apt-get update
# apt-get -y upgrade

Step: 4. Install Prerequisites :

# apt-get -y install apache2 apache2-utils apache2-threaded-dev apache2-prefork-dev \
    libapache2-mod-passenger make automake autoconf cmake openssl libcurl4-openssl-dev \
    libapr1-dev libaprutil1-dev libmysqlclient-dev wget

# apt-get -y install php5 libapache2-mod-php5 php5-mysql libapache2-mod-perl2 libssl-dev \
    libmagickcore-dev libmagickwand-dev curl git-core patch build-essential bison zlib1g-dev \
    libxml2-dev autotools-dev libxslt1-dev libyaml-0-2 libreadline6-dev libyaml-dev libtool \
    imagemagick libicu-dev libssh2-1 libssh2-1-dev libgpg-error-dev

Step: 5. Install Ruby & Gem with Rails :

# apt-get -y remove ruby
# curl -#LO https://rvm.io/mpapis.asc
# gpg --import mpapis.asc
# curl -sSL https://get.rvm.io | bash -s stable
# source /etc/profile.d/rvm.sh
# rvm requirements
# rvm install 2.3.0
# rvm use 2.3.0 --default

Step: 6. To Check Ruby & Gem Version :

# ruby -v
ruby 2.3.0p0 (2015-12-25 revision 53290) [x86_64-linux]

# gem -v
2.5.1

Step: 7. Install Passenger :

# gem install passenger
# passenger-install-apache2-module

Press Enter and Press " ! " and Make Sure you Select only the 'ruby' one.

**LOOK CAREFULLY after successfully installing it give codes .we must edit in our apache. FOR ME .It may be other for you. ========================================================================
LoadModule passenger_module /usr/local/rvm/gems/ruby-2.3.0/gems/passenger-5.0.30/buildout/apache2/mod_passenger.so
<IfModule mod_passenger.c>
    PassengerRoot /usr/local/rvm/gems/ruby-2.3.0/gems/passenger-5.0.30
    PassengerDefaultRuby /usr/local/rvm/gems/ruby-2.3.0/wrappers/ruby
</IfModule>
=========================================================================

Step: 8. To Load the Passenger Module into Apache :

# vi /etc/apache2/mods-available/passenger.load

-- Delete the LoadModule Line & Paste the Below Module.

LoadModule passenger_module /usr/local/rvm/gems/ruby-2.3.0/gems/passenger-5.0.30/buildout/apache2/mod_passenger.so

-- Save & Quit (:wq)

# vi /etc/apache2/mods-available/passenger.conf

-- Delete Everything & Paste the Below Code.

<IfModule mod_passenger.c>
    PassengerRoot /usr/local/rvm/gems/ruby-2.3.0/gems/passenger-5.0.30
    PassengerDefaultRuby /usr/local/rvm/gems/ruby-2.3.0/wrappers/ruby
</IfModule>

-- Save & Quit (:wq)

# a2enmod passenger

Step: 9. Now, you can Download the Latest Version of Redmine :

# cd /var/www
# wget http://www.redmine.org/releases/redmine-3.0.4.tar.gz
# tar zxf redmine-3.0.4.tar.gz
# rm redmine-3.0.4.tar.gz
# mv redmine-3.0.4 redmine
# chown -R www-data:www-data /var/www/redmine
# chmod -R 775 /var/www/redmine
# touch /var/www/redmine/log/production.log
# chown root:www-data /var/www/redmine/log/production.log
# chmod 664 /var/www/redmine/log/production.log

Step: 10. Start the Apache Server :

# service apache2 restart

Step: 11. Install MySQL Server :

# apt-get -y install mysql-server mysql-client

New password for the MySQL "root" user: redhat
Repeat password for the MySQL "root" user: redhat

Step: 12. Create Database for Redmine :

# mysql -u root -p
Enter Password:

mysql> create database redminedb character set utf8;
mysql> grant all privileges on redminedb.* to redmine@'localhost' identified by 'password';
mysql> flush privileges;
mysql> exit

Step: 13. Now, Install the Gem file and the bundler :

# gem install rake rack i18n rubytree RedCloth mysql coderay rails jquery-rails fastercsv builder mime-types awesome_nested_set activerecord-jdbc-adapter selenium-webdriver shoulda mysql2

# cd /var/www/redmine
# gem install bundler
# bundle install --without development test rmagick

Step: 14. Setup the Database Connection for Redmine :

# cd /var/www/redmine/config
# mv database.yml.example database.yml
# vi database.yml

In the 'production' Section, update the 'database', username, password and other Parameters Accordingly like so :

production:
  adapter: mysql2
  database: redminedb
  host: localhost
  username: redmine
  password: "password"
  encoding: utf8

-- Save & Quit (:wq)

Step: 15. Create the Virtual host files for running Redmine :

# mv /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/000-default.conf.bak
# cd /etc/apache2/sites-enabled
# unlink 000-default.conf
# vi /etc/apache2/sites-available/redmine.conf

<VirtualHost *:80>
ServerName redmine

DocumentRoot /var/www/
Alias /tickets /var/www/redmine/public

<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/redmine>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Directory /var/www/redmine/public>
PassengerEnabled on
SetHandler none
PassengerAppRoot /var/www/redmine
RailsBaseURI /redmine
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>

-- Save & Quit (:wq)

# a2ensite redmine.conf

Step: 16. Restart Apache Server :

# service apache2 restart

Step: 17. Set Environment to "production" Environment :

# cd /var/www/redmine/config
# vi environment.rb

Note: If there is line uncomment it, if not just proceed ahead.

ENV['RAILS_ENV'] ||= 'production'

-- Save & Quit (:wq)

Step: 18. In Terminal, use Following Command :

# cd /var/www/redmine/
# bundle install
# RAILS_ENV=production bundle exec rake generate_secret_token
# RAILS_ENV=production bundle exec rake db:migrate
# RAILS_ENV=production bundle exec rake redmine:load_default_data

Type 'en' when asked & Press Enter.

Step: 19. Rename dispatch CGI files in /redmine/public/ :

# cd /var/www/redmine/public
# mv dispatch.fcgi.example dispatch.fcgi
# cp htaccess.fcgi.example .htaccess

Step: 20. Fix Rights for the Apache user :

# chown -Rf www-data:www-data /var/www/redmine

Step: 21. Restart the Apache Server :

# service apache2 restart

Step: 22. Point Your Web Browser & Type :

http://ip_address_server/redmine
or
http://domain_name/redmine
User: admin
Pass: admin

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

-- Config Server Firewall (or CSF) is a free and advanced firewall for most Linux distributions and Linux based VPS. In Addition to the Basic Functionality of a Firewall – Filtering Packets. CSF includes other security features, such as Login/Intrusion/Flood Detections.

Step: 1. Stop Firewall :

# service iptables stop
# chkconfig iptables off

Step: 2. Disable Selinux :

# vi /etc/sysconfig/selinux

SELINUX=disabled

-- Save & Quit (:wq)

Step: 3. Reboot the Server :

# init 6

Step: 4. Installation of CFS Dependencies :

# yum -y install wget vim perl perl-libwww-perl.noarch perl-Time-HiRes

Step: 5. Download & Extract CSF Package :

# cd /usr/src/
# wget https://download.configserver.com/csf.tgz
# tar -xzf csf.tgz

Step: 6. Install CFS :

# cd csf
# sh install.sh

Step: 7. Now You should Check that CSG really Works on this Server :

# cd /usr/local/csf/bin/
# perl csftest.pl

[OUTPUT]
RESULT: csf should function on this server.

Step: 8. Configure CSF :

# vi /etc/csf/csf.conf

-- Line No. 11 :

TESTING = "0"

Note: By default CSF Allows Incoming & Outgoing Traffic for the SSH Standard Port 22, if you use a Different SSH Port then please Add your port to the Configuration in line 139 "TCP_IN".

-- Line No. 69 :

RESTRICT_SYSLOG = "3"

-- Save & Quit (:wq)

Step: 9. Start CSF & LFD Service :

# service csf restart
# chkconfig csf on

# service lfd restart
# chkconfig lfd on

Step: 10. To View the list of Default Rules of CSF :

# csf -l
Or
# csf --status

Step: 11. Basic CSF Commands :

-- Start the Firewall (Enable the Firewall Rules) :

# csf -s
Or
# csf --start

-- Flush/Stop the Firewall Rules :

# csf -f
Or
# csf --stop

-- Reload the Firewall Rules :

# csf -f

-- Restart the Firewall Rules :

# csf -r
Or
# csf --restart

-- Allow an IP & Add it to csf.allow :

# csf -a 10.100.97.37
Or
# csf --add 10.100.97.37

-- Remove/Delete an IP from csf.allow :

# csf -ar 10.100.97.37
Or
# csf --addrm 10.100.97.37

-- Deny an IP & Add to csf.deny :

# csf -d 10.100.97.37
Or
# csf --deny 10.100.97.37

-- Remove/Delete an IP from csf.deny :

# csf -dr 10.100.97.37
Or
# csf --denyrm 10.100.97.37

-- Remove & Unblock all Entries from csf.deny :

# csf -df
Or
# csf --denyf

-- Search for a Pattern Match on iptables e.g : IP, CIDR, Port Number :

# csf -g 10.100.97.37
Or
# csf --grep 10.100.97.37

-- Disable CSF & LFD Completely :

# csf -x
Or
# csf --disable

-- Displays the Current List of Temporary Allow & Deny IP Entries with their TTL & Comment :

# csf -t
Or
# csf --temp

-- Add an IP to the Temp IP Allow List :

# csf -ta 10.100.97.37 ttl -p 22 -d 0.0.0.0 Allow All For Port No 22
Or
# csf --tempallow 10.100.97.37 ttl [-p port] [-d direction] [comment]

-- Add an IP to the Temp IP Ban List :

# csf -td 10.100.97.37 ttl -p 22 -d 0.0.0.0 Ban All For Port No 22
Or
# csf --tempdeny 10.100.97.37 ttl [-p port] [-d direction] [comment]

-- Remove an IP From the Temporary IP Ban or Allow List :

# csf -tr 10.100.97.37
Or
# csf --temprm 10.100.97.37

-- Flush all IPs from the Temporary IP Entries :

# csf -tf
Or
# csf --tempf

Step: 12. Advanced CSF Configuration :

# vi /etc/csf/csf.conf

-- Don't Block IP addresses that are in the csf.allow files :

IGNORE_ALLOW = "1"

-- Allow Incoming & Outgoing ICMP. Line No 152 for Incoming & Line 159 for Outgoing :

ICMP_IN = "1"
ICMP_OUT = "1"

-- Block Certain Countries. Go To Line 836 & Add the Country Codes :

CC_DENY = "CN,UK,US"
CC_ALLOW = "ID,IN,DE"

-- Send the Su & SSH Login Logs by Email. Go to the Line No. 1069 :

LF_SSH_EMAIL_ALERT = "1"

LF_SU_EMAIL_ALERT = "1"

-- And then Define the Email Address at Line No. 588 :

LF_ALERT_TO = "koushik@domain.com"

-- Save & Quit (:wq)

Step: 13. Restart CSF & LFD Service :

# service csf restart
# service lfd restart

IMPORTANT NOTES:
=================

-- The Ports Opened by Default are the Following :

TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"
TCP_OUT = "20,21,22,25,53,80,110,113,443"
UDP_IN = "20,21,53"
UDP_OUT = "20,21,53,113,123"

-- Services using the Open Ports :

Port 20: FTP data transfer
Port 21: FTP control
Port 22: Secure shell (SSH)
Port 25: Simple mail transfer protocol (SMTP)
Port 53: Domain name system (DNS)
Port 80: Hypertext transfer protocol (HTTP)
Port 110: Post office protocol v3 (POP3)
Port 113: Authentication service/identification protocol
Port 123: Network time protocol (NTP)
Port 143: Internet message access protocol (IMAP)
Port 443: Hypertext transfer protocol over SSL/TLS (HTTPS)
Port 465: URL Rendesvous Directory for SSM (Cisco)
Port 587: E-mail message submission (SMTP)
Port 993: Internet message access protocol over SSL (IMAPS)
Port 995: Post office protocol 3 over TLS/SSL (POP3S)

-- Below are Port sets that should be opened if you are Running the Listed Service :

On any Server:

TCP_IN: 22,53
TCP_OUT: 22,53,80,113,443
UPD_IN: 53
UPD_OUT: 53,113,123

Apache:

TCP_IN: 80,443

FTP Server:

TCP_IN: 20,21
TCP_OUT: 20,21
UPD_IN: 20,21
UPD_OUT:20,21

Mail Server:

TCP_IN: 25,110,143,587,993,995
TCP_OUT: 25,110

MySQL Server (if remote access is required):

TCP_IN: 3306
TCP_OUT: 3306

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

Q. What is Openfire?

-- Openfire is an Instant Messaging and Group chat server, written in Java that uses XMPP (Extensible Messaging and Presence Protocol) server. Wikipedia reports, Openfire was previously called as ‘Wildfire‘ and ‘Jive Messenger‘. The Application Software is developed by Jive Software and a community called ‘IgniteRealtime.org‘, and is Licensed under Apache License.

Openfire Features :

- Web Based Admin control
- SSL/TLS support
- LDAP connectivity
- User Friendly
- Platform Independent

Openfire Installation :

Step: 1. Bind Host File :

# vi /etc/hosts

192.168.100.220    ser1.domain.com    ser1

-- Save & Quit (:wq)

Step: 2. Disable Selinux :

# vi /etc/sysconfig/selinux

SELINUX=disabled

-- Save & Quit (:wq)

# init 6


Step: 3. Install Java ( lastest version is preferred) :

# cd /opt
# wget --no-check-certificate --no-cookies --header 'Cookie: oraclelicense=accept-securebackup-cookie' http://download.oracle.com/otn-pub/java/jdk/8u5-b13/jdk-8u5-linux-x64.rpm
   
# yum -y install jdk-8u5-linux-x64.rpm
# yum -y install libldb.i686

Step: 4. Setup Environment Variables :

Setup JAVA_HOME Variable :
   
# export JAVA_HOME=/usr/java/jdk1.8.0_05
# export PATH=$PATH:$JAVA_HOME
# echo $JAVA_HOME

Step: 5. Edit the Java Profile :

# vi /etc/profile.d/java.sh

#!/bin/bash
JAVA_HOME=/usr/java/jdk1.8.0_05
PATH=$JAVA_HOME/bin:$PATH
export PATH JAVA_HOME
export CLASSPATH=.

-- Save & Quit (:wq)

# chmod +x /etc/profile.d/java.sh
# source /etc/profile.d/java.sh

Step: 6. Check Version of JAVA :

# java -version
   
java version "1.8.0_05"
Java(TM) SE Runtime Environment (build 1.8.0_05-b13)
Java HotSpot(TM) Client VM (build 25.5-b02, mixed mode)

Step: 7. Install the Openfire Dependencies :

# yum -y install httpd httpd-devel wget
# service httpd restart
# chkconfig httpd on

Step: 8. Download the Openfire RPM using wget Command :

# cd /tmp
# wget http://download.igniterealtime.org/openfire/openfire-3.9.3-1.i386.rpm

Step: 9. Install the OpenFire RPM :

# rpm -Uvh openfire-3.9.3-1.i386.rpm

Step: 10. Once the RPM has been installed, Start the OpenFire service :

# service openfire start

Step: 11. Ensure that OpenFire will boot with your Server :

# chkconfig openfire on

Step: 12. For this instance, you’ll want to make sure iptables is not running, you can Configure the iptables rules how you need them later :

# service iptables stop
# chkconfig iptables off

Step: 13. Install MySQL Server with MySQL Connector :

# yum -y install mysql mysql-server mysql-connector-java

Step: 14. Start MySQL Server :

# service mysqld restart
# chkconfig mysqld on

Step: 15. Set MySQL Root Password :

# mysql_secure_installation

Step: 16. Create Database for OpenFire :

# mysql -u root -predhat

mysql> CREATE DATABASE openfire;
mysql> grant all on openfire.* to openfire@'localhost' identified by 'password';
mysql> grant all on openfire.* to openfire@'%' identified by 'password';
mysql> flush privileges;
mysql> exit

Step: 17. Navigate in your Web Browser To :

Note: If Showing any JAVA Error while Installing the OpenFire through Web Browser then Restart the Server Once.

http://yourip_address:9090

-- Choose Language: (English)
-- Click on "Continue"

-- Server Settings:
     Domain: (127.0.0.1)
     Admin Console Port: (9090)
     Secure Admin Console Port: (9091)

Note: Don't Change Admin Port and Secure Admin Port. Generally you don’t need to change these data, until you need a custom port.

-- Select "Blowfosh"-- Property Encryption Key: (Leave it Blank)
-- Click on "Continue"

-- Database Settings:
-- Select "Standard Database Connection".
-- Click on "Continue"

-- Database Settings - Standard Connection :
     Database Driver Presets: Select MySQL
     Database URL:  jdbc:mysql://localhost:3306/openfire?rewriteBatchedStatements=true
     Username: openfire
     Password: password
     Minimum Connections: 5
     Maximum Connections: 25
-- Click on "Continue"

-- Profile Settings: Select Default
-- Click on "Continue"

-- Administrator Account:
     Admin Email Address: kchatterjee@kminfosystems.com
     New Password: Passw0rd
     Confirm Password: Passw0rd
-- Click on "Continue"

-- Finally Click on "Login to the Admin Console"

Note: Login to Openfire Admin User using username 'admin' and password, the one we set above.

User: admin
Pass: Passw0rd

Step: 18. To Create OpenFire Chat User :

-- Click on Users/Groups (Tabs)
-- Click on Create New User.
-- Fill the User Details.
-- Click on "Create User"'.

Step: 19. Installation of Spark Client :

Download and Install cross platform Spark client for your system using the below link.

http://www.igniterealtime.org/downloads/index.jsp

Once you’ve installed Spark client, open the application and enter username, password and IP addresss of openfire server.

User Name: koushik
Password: Passw0rd
Server IP: 192.168.100.221

-- Check on Save Password.
-- Check on Auto Login
-- Click on Login

Once you logged in you can chat with the users who are online.

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog.

Step: 1. First We need to Create the Following Directory Structure :

# mkdir -p /Backups/DB_backups
# mkdir /Backups/scripts

Step: 2. Create a Read-Only MySQL User Called "backupoperator" :

Note: Don't use "root" user.

-- Make Sure You have given the Right Privileges to "backupoperator" to take Backup.

# mysql -u root -p
Enter the Password:

mysql> grant select on *.* to backupoperator@localhost identified by 'backupoperator_password';
mysql> flush privileges;
mysql> quit

Step: 3. Creating MySQL Database Backup Shell  Script under "scripts" Directory :

Note: Backup Retention is 3 days. 3 days older file will deleted automatically.

# vi /Backups/scripts/mysql_backup_script.sh

-- Paste the Below Codes :

#!/bin/bash
export path1=/Backups/DB_backups
date1=`date +%y%m%d_%H%M%S`
# Set Backup Retention. Here Backup Retention is 3 days.
/usr/bin/find $path1/* -type d -mtime +3 -exec rm -r {} \; 2> /dev/null
cd $path1/
mkdir $date1
USER="backupoperator"
PASSWORD="backupoperator_password"
OUTPUTDIR="$path1/$date1"
MYSQLDUMP="/usr/bin/mysqldump"
MYSQL="/usr/bin/mysql"
databases=`$MYSQL --user=$USER --password=$PASSWORD \
 -e "SHOW DATABASES;" | tr -d "| " | grep -v Database`
echo "` for db in $databases; do
    echo $db
if [ "$db" = "performance_schema" ] ; then
       $MYSQLDUMP --force --opt --single-transaction --lock-tables=false --skip-events  --user=$USER --password=$PASSWORD \
    --databases --routines $db > "$OUTPUTDIR/$db.sql"
         else
$MYSQLDUMP --force --opt --single-transaction --lock-tables=false --events  --user=$USER --password=$PASSWORD \
    --databases --routines $db > "$OUTPUTDIR/$db.sql"
fi
done `" 2> /Backups/Logs/error_$date1.log

-- Save & Quit (:wq)

Step: 4. Now, Give the Executable Permission :

# chmod 755 /Backups/scripts/mysql_backup_script.sh

Step: 5. To Execute the Script :

# cd /Backups/scripts/
# ./mysql_backup_script.sh

Step: 6. Schedule in Crontab :

# crontab -e

30 2 * * * /Backups/scripts/mysql_backup_script.sh > /dev/null

-- Save & Quit (:wq)

Note: It will take backup automatically every day at 2:30 AM.

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

Q. What is OTRS ?

-- OTRS is one of the most flexible web-based ticketing systems used for Customer Service, Help Desk, IT Service Management. With a fast implementation and easy customization to your needs it helps you reducing costs and increasing the efficiency and transparency of your business communication.

Step: 1. Bind Host File :

# vi /etc/hosts

10.100.99.13    ser3.domain.com    ser3

-- Save & Quit (:wq)

Step: 2. Disable Selinux & Stop Firewall :

# vi /etc/sysconfig/selinux

SELINUX=disabled

-- Save & Quit (:wq)

# service iptables stop
# chkconfig iptables off

Note: If Iptables service is on, then Adjust iptables to allow Apache Default Port 80.

# vi /etc/sysconfig/iptables

Add the Following Line in Filter Table :

-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT

-- Save & Quit (:wq)

# service iptables restart

Step: 3. Reboot the System :

# init 6

Step: 4. Install EPEL Repository :

# yum -y install epel-release

Step: 5. Install MySQL Server :

# yum -y install mysql mysql-server

Step: 6. Start MySQL Service & Set MySQL Root Password :

# service mysqld restart
# chkconfig mysqld on

# mysql_secure_installation

Step: 7. To Change Engine MyISM to InnoDB & Restart MySQL Service :

# vi /etc/my.cnf

-- Add the Following Lines under the [mysqld] Section :

max_allowed_packet=20M
query_cache_size=32M
innodb_log_file_size = 500M
default-storage-engine = InnoDB

-- Save & Quit (:wq)

# service mysqld stop
# mv /var/lib/mysql/ib_logfile0 /var/lib/mysql/ib_logfile0.bak
# mv /var/lib/mysql/ib_logfile1 /var/lib/mysql/ib_logfile1.bak

# service mysqld restart

Step: 8. Create Database For OTRS :

# mysql -u root -p
Enter Password:

mysql> create database otrsdb;
mysql> grant all privileges on otrsdb.* to otrsuser@localhost identified by 'password';
mysql> flush privileges;
mysql> \q

Step: 9. Install Apache Web Server :

# yum -y install httpd httpd-devel wget

Step: 10. Start Apache Service :

# service httpd restart
# chkconfig httpd on

Step: 11. Download & Install OTRS RPM Package :

# cd /mnt
# wget http://ftp.otrs.org/pub/otrs/RPMS/rhel/6/otrs-5.0.10-01.noarch.rpm
# yum -y install otrs-5.0.10-01.noarch.rpm

Step: 12. Restart Apache Service :

# service httpd restart

Step: 13. Install Additional PERL Modules :

# /opt/otrs/bin/otrs.CheckModules.pl

# yum -y install "perl(Crypt::Eksblowfish::Bcrypt)" "perl(DBD::ODBC)" "perl(DBD::Pg)" "perl(Encode::HanExtra)" "perl(GD)" "perl(GD::Text)" "perl(GD::Graph)" "perl(JSON::XS)" "perl(Mail::IMAPClient)" "perl(PDF::API2)" "perl(Text::CSV_XS)" "perl(YAML::XS)"

# /opt/otrs/bin/otrs.CheckModules.pl

Step: 14. Now Install OTRS Through Web Browser :

http://10.100.99.13/otrs/installer.pl

-- Click on "Next".
-- Click on "Accept License & Continue".
-- Database Selection:
     Type: MySQL
     Install Type: Use an existing database for OTRS

-- Click on "Next".
-- Configure MySQL:
     User: otrsuser
     Password: password
     Host: 127.0.0.1
     Database Name: otrsdb
-- Click on "Check Database Settings".
-- Click on "Next".
-- Click on "Next".
-- System Settings:
     AdminEmail: koushik@domain.com
     Organization: Your Organization
-- Click on "Next".
-- Mail Configuration: For Now Skip this Step.

Step: 15. Now Login OTRS Admin Panel :

http://10.100.99.13/otrs/index.pl

User: root@localhost
Password: LvMiOnXJAu2U7Vg6

-- Click on "Login".

Step: 16. To Resolve OTRS Daemon is not running, Do the Following :

# useradd otrs
# chmod -Rf 777 /opt/otrs/Kernel/Config/Files/
# su - otrs
$ /opt/otrs/bin/otrs.Daemon.pl start
$ /opt/otrs/bin/Cron.sh start

Step: 17. To Change Admin Password :

http://10.100.99.13/otrs/index.pl

User: root@localhost
Password: LvMiOnXJAu2U7Vg6

-- Click on "Edit Personal Peferences"
-- Change Password:
     Current password: LvMiOnXJAu2U7Vg6
     New Password: Passw0rd@123
     Verify Password: Passw0rd@123
-- Click on "Update".

Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog

-- Hosted Network is a feature that comes included with the Netsh (Network Shell) command-line utility. It's was previously introduced in Windows 7, and it allows you to use the operating system to create a virtual wireless adapter.

This method does not require you to Download any third-party Application. You can easily set up a Wi-Fi hotspot using the built-in tools in Windows.

Step: 1. Open Command Prompt with Administrator Privileges :
























Step: 2. Check if your Wireless Adapter Supports Hosted Networks in Windows 10 :

Type the below Command :

C:\WINDOWS\system32> netsh wlan show drivers

Step: 3. Create a Wireless Hosted Network :

Type the below Command :

C:\WINDOWS\system32> netsh wlan set hostednetwork mode=allow ssid=MySSID key=Passw0rd
C:\WINDOWS\system32> netsh wlan start hostednetwork



















Step: 4. Share your Internet Connection with a Hosted Network :

-- Right Click on "Network Adapter"
-- Click on "Open Network and Sharing Center"


Note: In Network Connections, you should see a new Microsoft Hosted Virtual Adapter which is labeled Local Area Connection* X.


-- Right Click on "Ethernet" 
-- Click on "Properties"


-- Click the "Sharing" tab

-- Check "Allow other Network users to Connect through this Computer's Internet 
    Connection" option.

-- Next, from the "Home Networking Connection" drop-down menu select the "Microsoft 
    Hosted Virtual Adapter".

-- Click "OK" to Finish.
 
 
Now, You’ll have a brand new Wi-Fi Network that’s connected to your home internet.

Step: 5. Now Connect Any Wireless Capable Device to the newly Created Access Point :





















Thanks For Visiting on My Blog, For More Tutorials Keep Visiting My Blog