Wednesday, February 29, 2012

mod_security bypass administrator backend (forbidden)

edit the /etc/httpd/modsecurity.d/modsecurity_localrules.conf


SecRule REQUEST_FILENAME "/joomla/administrator/index2.php" \
"allow,phase:1,nolog,ctl:ruleEngine=Off"


Ref: http://optics.csufresno.edu/~kriehn/fedora/fedora_files/f7/howto/joomla.html
Posted by at No comments:

Tuesday, February 28, 2012

centos install usb modem sms gateway

http://catatanlepas.com/komputer/37-aplikasi-linux/194-membuat-sms-gateway-di-centos-55.html

1. install wvdial

yum install wvdial

2. scan for usb device


[root@local ~]# wvdialconf /etc/wvdial.conf
Scanning your serial ports for a modem.

WvModem<*1>: Cannot get information for serial port.
ttyS0<*1>: ATQ0 V1 E1 -- failed with 2400 baud, next try: 9600 baud
ttyS0<*1>: ATQ0 V1 E1 -- failed with 9600 baud, next try: 115200 baud
ttyS0<*1>: ATQ0 V1 E1 -- and failed too at 115200, giving up.
ttyS1: No such device or address
Port Scan<*1>: S1
ttyS2: No such device or address
Port Scan<*1>: S2
ttyS3: No such device or address
Port Scan<*1>: S3


Sorry, no modem was detected!  Is it in use by another program?
Did you configure it properly with setserial?

Please read the FAQ at http://open.nit.ca/wvdial/

If you still have problems, send mail to wvdial-list@lists.nit.ca.

3. switch from usb mass storage to modem mode

http://www.linuxquestions.org/questions/linux-newbie-8/zte-ac2627-usb-modem-not-working-in-fedora-9-a-795499/
yum install usb_modeswitch



Posted by at No comments:

Saturday, February 25, 2012

rsync + ssh on different port

rsync -av --progress --inplace --rsh='ssh -p8023' somefile user@host:somedir/

In the example above, rsync will use ssh on port 8023.


ref:http://www.linuxquestions.org/questions/linux-software-2/rsync-ssh-on-different-port-448112/
Posted by at No comments:

Wednesday, February 22, 2012

svn without SP3

use silksvn to checkout svn repository for older sp2 windows xp. sp3 users can use tortise svn

http://www.sliksvn.com/en/download/
Posted by at No comments:

Sunday, February 19, 2012

django

starting django exploration:
https://docs.djangoproject.com/en/1.3/intro/tutorial01/
Posted by at No comments:

Sunday, February 12, 2012

install git on centos

http://www.davegardner.me.uk/blog/2010/01/29/setting-up-git-on-centos-5-server/
http://www.jedi.be/blog/2009/05/06/8-ways-to-share-your-git-repository/#apachehttp

#yum install git

(using rpmforge repository)


Creating and sharing a repository

Creating a repository is easy! Simply create a folder and type git init.
mkdir newrepo
cd newrepo
git init
Once created, we can copy/create our files (think svn import) and then do:
git add .
git commit


Share over apache http

Preparing the repository
# On the web server we assume var/git as the central repository place and will create a new project-X dir
$ cd /var/git
$ mkdir project-X
$ cd project-X


# now we initialize this directory
# but instead of using git init, we use  git --bare init
# "A short aside about what git means by bare: A default git repository assumes that you will be using it as your working directory
# , so git stores the actual bare repository files in a .git directory alongside all the project files. Remote repositories don't need copies of the
 files on the filesystem unlike working copies, all they need are the deltas and binary what-nots of the repository itself. This is what "bare" means to git. Just the repository itself."
$ git --bare init
Now that we created the project directory we need to give apache access to it:
  • Be sure to set the correct permissions on the /var/git directory so that it can be read by the webuser. chown -R apache:apache /var/git/project-X
  • If you have selinux enabled: chcon -R -t httpd_sys_content_t /var/git/project-X
  • Enable the post-update hook: chmod +x /var/git/project-X/hooks/post-update

When you did not set the post commithook:
$ git clone http://git.yourdomain.com/project-X
Initialized empty Git repository in /Users/mydir/project-X/.git/
fatal: http://git.yourdomain.com/project-X.git/info/refs not found: did you run git update-server-info on the server?
Then you can need to run it manually the first time
$ cd /var/git/project-X
$ sudo -u apache git update-server-info

Preparing apache
This document assumes you have a basic apache setup. And you have virtual name server working. Most of it is standard acces to the directory.
To allow write access, we need to have Webdav enabled. 
http://www.kernel.org/pub/software/scm/git/docs/howto/setup-git-server-over-http.txt 

 Servername git.mydomain.com
 DocumentRoot /var/git
 
    DAV On
    Options +Indexes +FollowSymLinks 
  AllowOverride None
  Allow from all
  Order allow,deny
This will add a virtual server that has access to the /var/git directory using simple browsing.
In case you are experiencing trouble:
  • Remove the restrictions from welcome.conf: in this default file, it disables the index option. Error: ...
  • Note the + before the options, to allow the merge of permissions
Controlling access
We control access to your repository using apache groupfiles and password files

 ServerName git.yourdomain.com
 DocumentRoot /var/git
 
  DAV On
  Options ExecCGI FollowSymLinks Indexes
  # Deny everyything here
  Deny from all
  AuthType Basic
  AuthName "git repository"
  AuthUserFile /var/git/htpasswd.git
  AuthGroupFile /var/git/htgroup.git
 


 
  Allow from all
  Order allow,deny
  
   Require group project-X-read
  
  
   Require group project-X-write

Accessing the repository
Git uses curl to access http repositories. Because our repository is now protected we need to create an entry in our $HOME/.netrc file 
$ cat $HOME/.netrc
machine git.yourdomain.com
login reader
password reader
Now you should be able to clone project-X
$ git clone http://git.mydomain.com/project-X
Possible Errors
Trying update
error: Cannot access URL http://git.yourdomain.com/project-X/, return code 22
error: failed to push some refs to 'http://git.yourdomain.com/project-X'
If there's something wrong with the permissions. Maybe you don't have webdav enabled, the user is in the wrong group, or filepermissions are not set correctly. Check your apache error_log 

$ git clone http://git.yourdomain.com/project-X
$ git push
fatal: git-push is not available for http/https repository when not compiled with USE_CURL_MULTIerror: failed to push some refs to 'http://git.yourdomain.com/project-X'
Either you compile your git client with the correct curl options. Or you can alternatively mount the remote repository as webdav share and access it via file:// references. See http://wiki.dreamhost.com/Talk:Git
The following happens if your curl library  was not compiled with the correct options to post to 
http://kerneltrap.org/mailarchive/git/2008/1/13/564431
After a bit of research it seems that CURL compilation into GIT was not entirely successful for the Git on Mac OS X. As I was already mounting the git repository via WebDAV you an push and pull to your locally mounted repository by replacing the http URL with the path to your mounted WebDAV (/Volumes//). This worked pretty well for me and works well with Dreamhost with very little configuration.



$ git push
Fetching remote heads...
   refs/
   refs/tags/
   refs/heads/
   No refs in common and none specified; doing nothing.

This happens when you cloned an empty repository: Because you cloned an empty repository , you need to specify the origin and master , after this first push, you can use git push as usual
$ git push origin master
Posted by at No comments:

Thursday, February 09, 2012

svn + ssh on another port

http://www.techper.net/2009/01/11/changing-port-number-of-svnssh-subversion-protocol/


configuration in .subversion/config:
[tunnels]
sshtunnel = ssh -p 12345
I can use a subversion URL like this: svn+sshtunnel:// and subversion will spawn the given command with the port option.
Posted by at No comments:

Wednesday, February 08, 2012

setting subversion svn daemon

http://geek.co.il/wp/2011/11/28/setting-up-subversion-svnserve-daemon-on-centos

update ref: http://www.ochounos.com/?blog&entry=10
Package installation
  1. First, we need to install the subversion package. We can do it easily with yum. Just install the subversion.x86_64 package (or subversion.i386 for 32 bits architectures):
    $yum install subversion.x86_64
    Maybe some dependences are required to be installed also with this package.
Repository creation
  1. Create the repository using svnadmin:
    svnadmin create ${REPOS_PATH}
    The folder will be created if not exists.
Configure repository
  1. Under the folder created there is a structure of files. First at all we need to configure this repository instance. This configuration is located in some files under the folder ${REPOS_PATH}/conf. Go there.

    The main configuration will be located in svnserve.conf. We can change some values for our instance. Some of them that could be interesting to modify are:
    1234567891011
    # no access for anonymous users
    anon-access = none
    # read/write access for logged users
    auth-access = write
    # the file where passwords will be stored
    password-db = passwd
    # the file where users will be stored
    authz-db = authz
  2. Now we need to add an user to the list of users that access to the server. We need to modify the file authz and add the next line:
    1234
    # give access to the user for read and write to the folder /
    # / means all the repository
    [/]
    ${SVN_USER_NAME} = rw
    We can give access per folder (which includes branches, tags, trunk and subfolders) and assign permissions for read and write using the letters r and w respectively.
  3. And we need to specify the password for this user. We need to modify the file passwd and add the next line:
    1
    ${SVN_USER_NAME} = ${SV_USER_PWD}
  4. The access for the user root (and others) is disabled by default and is discouraged to use the root user for access to the server.
Configure firewall
  1. We can check if any other process is listening in the port that we are trying to use runnig the next command:
    netstat -apnt | grep ${SVN_PORT}
    Verify that no other process is listening in the same port that you are planning to use.
  2. Now we need to open the port in the firewall, using iptables, launching the next command:
    iptables -I INPUT -p tcp -m tcp --dport ${SVN_PORT} -j ACCEPT
  3. And we need to save the changes, so they will be applied next time that the machine starts:
    service iptables save
Configure svn as service
  1. We can run the svn as service, so it will be launched when the machine is started. We can add this service at level 3, but the problem is that the default configuration is not taken our repository as default repository to serve. We need to add our configuration to the file used as configuration file for the script /etc/init.d/svnserve. This script uses the file /etc/sysconfig/svnserve, so we need to add a line in this file:
    1
    OPTIONS="-r ${REPOS_PATH}"
  2. And finally we need to add this service to the level 3:
    chkconfig --levels 3 svnserve on
  3. Next time, when the machine starts, will launch svnserve at level 3 listening in the port specified and using our repository. But in case you want to launch the server right now, you don't need to restart, just run the next command:
    service svnserve start
Remote access
  1. You can use any svn client to acces to your server and repository. Just remember to use the protocol svn:// and not http://, so specify svn://yourdomain.com as url for your svn server.
  2. You can specify also some subfolder in your url using svn://yourdomain.com/trunk for example, or any other subfolder as svn://yourdomain.com/trunk/subfolder1/subfolder2.
Posted by at No comments:

Tuesday, February 07, 2012

symantec pc anywhere source code released

reading post on $50k offer to keep source code private:
http://irsyad.rc.my/2012/02/hackers-wanted-50000-to-keep-symantec.html

today antisec released pc anywhere source code into public.
https://plus.google.com/u/0/114850208945242416360/posts

its about 1.2Gb. i hope maybe we learnt something from this case.
1. how Yama Tough get the source code
2. discussion email headers (full) released to public : http://pastebin.com/GJEKf1T9
3. what happened if we faced this problem?
4. security on antivirus maker (symantec) company.

what if silent hackers watching your activity now? is that scary?
Posted by at No comments:

Monday, February 06, 2012

configure bandwidthd reverse dns

http://ubuntuforums.org/showthread.php?t=3407

Open /etc/hosts with your favorite text editor. Remember to use sudo.

Code:
Format:
 . 

Example:
127.0.0.1 localhost.localdomain localhost

The reason this line won't work:

10.10.0.2 www.mysite.dyndns.org home
is because 10.10.0.2 is a private ip address & www.mysite.dyndns.org has to resolve to a public ip address. To use www.mysite.dyndns.org as the FQDN you need to enter the router's public ip address & set the router to forward port 80 traffic to your private ip address. If it's not your network (meaning that your netadmin won't give you access to the router/firewall) you can just replace www.mysite.dyndns.org with mysite.localhost and use mysite as an alias. The easiest way to access your webserver from the inside, however, is to just enter localhost in the address bar if the server is on your machine, or enter the ip (10.10.0.2) in the address bar if it's not. The result will be the same no matter how you address it from your browser. You'll see the same thing everyone else sees.
Posted by at No comments:

Friday, February 03, 2012

install trac on centos with fastcgi

installation was simplified with yum and easyinstall (setuptools)

yum install python mod_python
yum install mysql-devel
yum install python-devel


Install MySQL-python
  1. Download the tarball from http://sourceforge.net/projects/mysql-python
  2. Compile the package:
    # python setup.py build && python setup.py install
Install Clearsilver, a templating package needed by Trac
  1. Download Clearsilver from http://www.clearsilver.net/downloads/
  2. Compile Clearsilver:
  3. #./configure && make && make install
install setuptools

#yum install python-setuptools

A few examples:
  • first install of the latest stable version Trac 0.12.2, with i18n support:
    easy_install Babel==0.9.5
easy_install Trac
    It's very important to run the two easy_install commands separately, otherwise the message catalogs won't be generated.
then: http://trac.edgewall.org/wiki/TracFastCgi
sample configuration: https://coderanger.net/~coderanger/httpd/fcgi_example.conf

other reading:
http://www.justinbritten.com/work/2008/05/installing-trac-on-centos-5/
http://trac.edgewall.org/wiki/TracInstall
Posted by at No comments:

Thursday, February 02, 2012

update with select on same table

http://the-stickman.com/uncategorized/mysql-update-with-select-on-the-same-table-in-the-same-query/

update euser set `parentID` = (SELECT user_id from (SELECT `user_id` FROM euser WHERE `usernameid` = `usrname`) as userid ) - not working

http://www.daniweb.com/web-development/databases/mysql/threads/300670

this works:
update euser inner join euser2 on euser.`usernameid`=euser2.usrname set euser.`parentID` = euser2.user_id
Posted by at No comments:
Subscribe to: Posts (Atom)
Related Posts Plugin for WordPress, Blogger...