Netstat is your friend to know what process are using TCP and UDP ports on your machine.
there are many different switches for this.
e.g
netstat \? >> it will show you all the switches/options that netstat have
NETSTAT [-a] [-b] [-e] [-n] [-o] [-p proto] [-r] [-s] [-v] [interval]
-a Displays all connections and listening ports.
-b Displays the executable involved in creating each connection or
listening port. In some cases well-known executables host
multiple independent components, and in these cases the
sequence of components involved in creating the connection
or listening port is displayed. In this case the executable
name is in [] at the bottom, on top is the component it called,
and so forth until TCP/IP was reached. Note that this option
can be time-consuming and will fail unless you have sufficient
permissions.
-e Displays Ethernet statistics. This may be combined with the -s
option.
-n Displays addresses and port numbers in numerical form.
-o Displays the owning process ID associated with each connection.
-p proto Shows connections for the protocol specified by proto; proto
may be any of: TCP, UDP, TCPv6, or UDPv6. If used with the -s
option to display per-protocol statistics, proto may be any of:
IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6.
-r Displays the routing table.
-s Displays per-protocol statistics. By default, statistics are
shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6;
the -p option may be used to specify a subset of the default.
-v When used in conjunction with -b, will display sequence of
components involved in creating the connection or listening
port for all executables.
interval Redisplays selected statistics, pausing interval seconds
between each display. Press CTRL+C to stop redisplaying
statistics. If omitted, netstat will print the current
configuration information once.
Example
netstat -an ==>shows address and port in numerical form
netstat -ano ==> show all process ID associated with each connection
netstat -rn ==>show routing table
netstat -vb ==>show sequence of connection and listening port of all
executable
Best use of this command is
netstat -tnlp
Thursday, October 23, 2008
Thursday, October 16, 2008
Nagios Step by Step
Nagios is a network monitoring application that helps an administrator to detect the faults in network components.
Nagios is a feature rich application and some of them are as below:
1. Monitoring of Network Services (like http, ftp, smtp, dns, ping, etc)
2. Monitoring of Host Resources (like CPU, RAM, HDD, etc.)
3. Monitoring of Environmental Factors
4. Users can design their own service checks
5. Sending e-notifications during faults or outage
6. Log rotation
7. Support for redundant monitoring hosts implementation
8. Access Web Interface
Installation on CentOS5
1. download the nagios by weget command
2.install the rpm by #rpm -ivh
or
yum would be your best friend in RedHat based distributions
login by root user and give the below command and wait for the magic :)
#yum install nagios nagios-plugins nagios-plugins-nrpe nagios-devel
Once done successfully you will find "nagios.conf" file in "conf.d" directory of apache.
create a user for nagios administration, you may not want to root user for administration. say the userName is nagiosadmin
pass the below command at root prompt:
#htpasswd -c /etc/nagios/htpasswd.users nagiosadmin
New password:
Re-type new password:
Adding password for user nagiosadmin
Now
Edit the below file:
"/etc/nagios/cgi.cfg" >> you can use vi or emacs or nano editor
make the below changes to this file
use_authentication=1
authorized_for_system_information=nagiosadmin
authorized_for_configuration_information=nagiosadmin
authorized_for_system_commands=nagiosadmin
authorized_for_all_services=nagiosadmin
authorized_for_all_hosts=nagiosadmin
authorized_for_all_service_commands=nagiosadmin
authorized_for_all_host_commands=nagiosadmin
Now
You may want to take backup of of the "localhost.cfg" in "/etc/nagios" to "localhost.cfg.backupOriginal"
#cd /etc/nagios
#mv localhost.cfg localhost.cfg.backupOriginal
Now
Edit "nagios.cfg" by your choice of editor.
localhost.cfg.org
cfg_file=/etc/nagios/contactgroups.cfg
cfg_file=/etc/nagios/contacts.cfg
cfg_file=/etc/nagios/hostgroups.cfg
cfg_file=/etc/nagios/hosts.cfg
cfg_file=/etc/nagios/services.cfg
cfg_file=/etc/nagios/timeperiods.cfg
check_external_commands=1
command_check_interval=-1
Now
Create the config files as below:
#touch contactgroups.cfg contacts.cfg hostgroups.cfg hosts.cfg services.cfg timeperiods.cfg
#chown nagios.nagios contactgroups.cfg contacts.cfg hostgroups.cfg hosts.cfg services.cfg timeperiods.cfg
Now, you are free to customize these files as per your business requirement.
say for file:- /etc/nagios/timeperiods.cfg
________________________________________________________________
# '24x7' timeperiod definition
define timeperiod{
timeperiod_name 24x7
alias 24 Hours A Day, 7 Days A Week
sunday 00:00-24:00
monday 00:00-24:00
tuesday 00:00-24:00
wednesday 00:00-24:00
thursday 00:00-24:00
friday 00:00-24:00
saturday 00:00-24:00
}
# 'workhours' timeperiod definition
define timeperiod{
timeperiod_name workhours
alias "Normal" Working Hours
monday 08:00-17:00
tuesday 08:00-17:00
wednesday 08:00-17:00
thursday 08:00-17:00
friday 08:00-17:00
}
# 'nonworkhours' timeperiod definition
define timeperiod{
timeperiod_name after office hours
alias Non-Work Hours
sunday 00:00-24:00
monday 00:00-09:00,17:00-24:00
tuesday 00:00-09:00,17:00-24:00
wednesday 00:00-09:00,17:00-24:00
thursday 00:00-09:00,17:00-24:00
friday 00:00-09:00,17:00-24:00
saturday 00:00-24:00
}
# 'none' timeperiod definition
define timeperiod{
timeperiod_name none
alias None
}
_________________________________________________________
For File /etc/nagios/contacts.cfg
define contact{
contact_name MonitorAdmin
alias MonitorAdmin
service_notification_period 24x7
host_notification_period 24x7
service_notification_options c,r
host_notification_options d,r
service_notification_commands notify-by-email
host_notification_commands host-notify-by-email
email networkAlerts@YourComanyName.com
}
define contact{
contact_name NK
alias NK
service_notification_period workhours
host_notification_period workhours
service_notification_options c,r
host_notification_options d,r
service_notification_commands notify-by-email
host_notification_commands host-notify-by-email
email networkAlerts@YourCompanyName.com
}
__________________________________________________________________________
For File Name : /etc/nagios/contactgroups.cfg
define contactgroup{
contactgroup_name Monitor
alias Monitor
members MonitorAdmin,NK
}
__________________________________________________________________
Now
If you want to configure the hosts and hostgroups (optional) to be monitored in "/etc/nagios/hosts.cgi" and "/etc/nagios/hostgroups.cgi".
File:/etc/nagios/hosts.cfg
# Generic host definitions
define host{
name generic-host ; Generic template name
notifications_enabled 1 ; Host notifications are enabled
event_handler_enabled 1 ; Host event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information
retain_nonstatus_information 1 ; Retain non-status information
register 0 ; DONT REGISTER THIS DEFINITION
}
define host{
name Template1
use generic-host
check_command check-host-alive
max_check_attempts 5
notification_interval 5
notification_period 24x7
notification_options d,u,r
register 0
}
##### Begin Real Hosts #####
define host{
use Template1
host_name mail.yourComanyName.com
alias mail.yourCompanyName.com
address a.b.c.d
contact_groups Monitor
# notification_options d,r #overrides the basic-host option
}
_______________________________________________________________________
Now
File:/etc/nagios/hostgroups.cfg
define hostgroup{
hostgroup_name YourCompanyServers
alias YourCompanyServers
members mail.yourCompanyName.com
}
________________________________________________________________________
Its turn to configure the services now.
Per-defined services are in "/etc/nagios/commands.cfg"
Custom services are in "/etc/nagios/services.cfg"
File:/etc/nagios/services.cfg
define service{
name generic-service ; Generic service name
active_checks_enabled 1 ; Active service checks are enabled
passive_checks_enabled 1 ; Passive service checks are enabled/accepted
parallelize_check 1 ; Active service checks should be parallelized
obsess_over_service 1 ; We should obsess over this service
check_freshness 0 ; Default is to NOT check service 'freshness'
notifications_enabled 1 ; Service notifications are enabled
event_handler_enabled 1 ; Service event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information
retain_nonstatus_information 1 ; Retain non-status information
register 0 ; DONT REGISTER THIS DEFINITION
}
# Generic for all services
define service{
use generic-service
name basic-service
is_volatile 0
check_period 24x7
max_check_attempts 5
normal_check_interval 1
retry_check_interval 3
notification_interval 0
notification_period none
register 0
}
define service{
use basic-service
name ping-service
notification_options n
check_command check_ping!1000.0,20%!2000.0,60%
register 0
}
define service{
use basic-service
name www-service
notification_options n
check_command check_http
register 0
}
define service{
use basic-service
name mail-service
notification_options n
check_command check_smtp
register 0
}
define service{
use ping-service
service_description PING
contact_groups Monitor
hostgroup_name yourCompanyServers
# host_name yourHostClient
}
define service{
use mail-service
service_description MAIL
contact_groups Monitor
hostgroup_name yourCompanyServers
# host_name yourHostClient
}
define service{
use www-service
service_description WWW
contact_groups Monitor
hostgroup_name yourCompanyServers
# host_name yourHostClient
}
___________________________________________________________________________
Now
We have used check_ping, check_http and check_smtp commands to monitor servers under yourComanyServers group.
Groups are helpful if you may want to monitor multiple servers.
In this configuration example, we could have used host_name parameter and there should have been no need to configure hostgroups.
Okie, Now everything is setup and you can make a final testing by using below command to get similar output.
cross your fingers :)
#nagios -v nagios.cfg
Nagios 2.10
Copyright (c) 1999-2007 Ethan Galstad (http://www.nagios.org)
Last Modified: 10-21-2007
License: GPL
Reading configuration data...
Running pre-flight check on configuration data...
If you see any error check and fix them.....
Now the last step
Run the service
#/etc/init.d/nagios start
Want to see the output in web browser
http://NAGIOS_SERVER_IP/nagios
huh....Enjoy the Flight......
Need more info visit For more information: http://nagios.sourceforge.net/docs/2_0/toc.html
Nagios is a feature rich application and some of them are as below:
1. Monitoring of Network Services (like http, ftp, smtp, dns, ping, etc)
2. Monitoring of Host Resources (like CPU, RAM, HDD, etc.)
3. Monitoring of Environmental Factors
4. Users can design their own service checks
5. Sending e-notifications during faults or outage
6. Log rotation
7. Support for redundant monitoring hosts implementation
8. Access Web Interface
Installation on CentOS5
1. download the nagios by weget command
2.install the rpm by #rpm -ivh
or
yum would be your best friend in RedHat based distributions
login by root user and give the below command and wait for the magic :)
#yum install nagios nagios-plugins nagios-plugins-nrpe nagios-devel
Once done successfully you will find "nagios.conf" file in "conf.d" directory of apache.
create a user for nagios administration, you may not want to root user for administration. say the userName is nagiosadmin
pass the below command at root prompt:
#htpasswd -c /etc/nagios/htpasswd.users nagiosadmin
New password:
Re-type new password:
Adding password for user nagiosadmin
Now
Edit the below file:
"/etc/nagios/cgi.cfg" >> you can use vi or emacs or nano editor
make the below changes to this file
use_authentication=1
authorized_for_system_information=nagiosadmin
authorized_for_configuration_information=nagiosadmin
authorized_for_system_commands=nagiosadmin
authorized_for_all_services=nagiosadmin
authorized_for_all_hosts=nagiosadmin
authorized_for_all_service_commands=nagiosadmin
authorized_for_all_host_commands=nagiosadmin
Now
You may want to take backup of of the "localhost.cfg" in "/etc/nagios" to "localhost.cfg.backupOriginal"
#cd /etc/nagios
#mv localhost.cfg localhost.cfg.backupOriginal
Now
Edit "nagios.cfg" by your choice of editor.
localhost.cfg.org
cfg_file=/etc/nagios/contactgroups.cfg
cfg_file=/etc/nagios/contacts.cfg
cfg_file=/etc/nagios/hostgroups.cfg
cfg_file=/etc/nagios/hosts.cfg
cfg_file=/etc/nagios/services.cfg
cfg_file=/etc/nagios/timeperiods.cfg
check_external_commands=1
command_check_interval=-1
Now
Create the config files as below:
#touch contactgroups.cfg contacts.cfg hostgroups.cfg hosts.cfg services.cfg timeperiods.cfg
#chown nagios.nagios contactgroups.cfg contacts.cfg hostgroups.cfg hosts.cfg services.cfg timeperiods.cfg
Now, you are free to customize these files as per your business requirement.
say for file:- /etc/nagios/timeperiods.cfg
________________________________________________________________
# '24x7' timeperiod definition
define timeperiod{
timeperiod_name 24x7
alias 24 Hours A Day, 7 Days A Week
sunday 00:00-24:00
monday 00:00-24:00
tuesday 00:00-24:00
wednesday 00:00-24:00
thursday 00:00-24:00
friday 00:00-24:00
saturday 00:00-24:00
}
# 'workhours' timeperiod definition
define timeperiod{
timeperiod_name workhours
alias "Normal" Working Hours
monday 08:00-17:00
tuesday 08:00-17:00
wednesday 08:00-17:00
thursday 08:00-17:00
friday 08:00-17:00
}
# 'nonworkhours' timeperiod definition
define timeperiod{
timeperiod_name after office hours
alias Non-Work Hours
sunday 00:00-24:00
monday 00:00-09:00,17:00-24:00
tuesday 00:00-09:00,17:00-24:00
wednesday 00:00-09:00,17:00-24:00
thursday 00:00-09:00,17:00-24:00
friday 00:00-09:00,17:00-24:00
saturday 00:00-24:00
}
# 'none' timeperiod definition
define timeperiod{
timeperiod_name none
alias None
}
_________________________________________________________
For File /etc/nagios/contacts.cfg
define contact{
contact_name MonitorAdmin
alias MonitorAdmin
service_notification_period 24x7
host_notification_period 24x7
service_notification_options c,r
host_notification_options d,r
service_notification_commands notify-by-email
host_notification_commands host-notify-by-email
email networkAlerts@YourComanyName.com
}
define contact{
contact_name NK
alias NK
service_notification_period workhours
host_notification_period workhours
service_notification_options c,r
host_notification_options d,r
service_notification_commands notify-by-email
host_notification_commands host-notify-by-email
email networkAlerts@YourCompanyName.com
}
__________________________________________________________________________
For File Name : /etc/nagios/contactgroups.cfg
define contactgroup{
contactgroup_name Monitor
alias Monitor
members MonitorAdmin,NK
}
__________________________________________________________________
Now
If you want to configure the hosts and hostgroups (optional) to be monitored in "/etc/nagios/hosts.cgi" and "/etc/nagios/hostgroups.cgi".
File:/etc/nagios/hosts.cfg
# Generic host definitions
define host{
name generic-host ; Generic template name
notifications_enabled 1 ; Host notifications are enabled
event_handler_enabled 1 ; Host event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information
retain_nonstatus_information 1 ; Retain non-status information
register 0 ; DONT REGISTER THIS DEFINITION
}
define host{
name Template1
use generic-host
check_command check-host-alive
max_check_attempts 5
notification_interval 5
notification_period 24x7
notification_options d,u,r
register 0
}
##### Begin Real Hosts #####
define host{
use Template1
host_name mail.yourComanyName.com
alias mail.yourCompanyName.com
address a.b.c.d
contact_groups Monitor
# notification_options d,r #overrides the basic-host option
}
_______________________________________________________________________
Now
File:/etc/nagios/hostgroups.cfg
define hostgroup{
hostgroup_name YourCompanyServers
alias YourCompanyServers
members mail.yourCompanyName.com
}
________________________________________________________________________
Its turn to configure the services now.
Per-defined services are in "/etc/nagios/commands.cfg"
Custom services are in "/etc/nagios/services.cfg"
File:/etc/nagios/services.cfg
define service{
name generic-service ; Generic service name
active_checks_enabled 1 ; Active service checks are enabled
passive_checks_enabled 1 ; Passive service checks are enabled/accepted
parallelize_check 1 ; Active service checks should be parallelized
obsess_over_service 1 ; We should obsess over this service
check_freshness 0 ; Default is to NOT check service 'freshness'
notifications_enabled 1 ; Service notifications are enabled
event_handler_enabled 1 ; Service event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information
retain_nonstatus_information 1 ; Retain non-status information
register 0 ; DONT REGISTER THIS DEFINITION
}
# Generic for all services
define service{
use generic-service
name basic-service
is_volatile 0
check_period 24x7
max_check_attempts 5
normal_check_interval 1
retry_check_interval 3
notification_interval 0
notification_period none
register 0
}
define service{
use basic-service
name ping-service
notification_options n
check_command check_ping!1000.0,20%!2000.0,60%
register 0
}
define service{
use basic-service
name www-service
notification_options n
check_command check_http
register 0
}
define service{
use basic-service
name mail-service
notification_options n
check_command check_smtp
register 0
}
define service{
use ping-service
service_description PING
contact_groups Monitor
hostgroup_name yourCompanyServers
# host_name yourHostClient
}
define service{
use mail-service
service_description MAIL
contact_groups Monitor
hostgroup_name yourCompanyServers
# host_name yourHostClient
}
define service{
use www-service
service_description WWW
contact_groups Monitor
hostgroup_name yourCompanyServers
# host_name yourHostClient
}
___________________________________________________________________________
Now
We have used check_ping, check_http and check_smtp commands to monitor servers under yourComanyServers group.
Groups are helpful if you may want to monitor multiple servers.
In this configuration example, we could have used host_name parameter and there should have been no need to configure hostgroups.
Okie, Now everything is setup and you can make a final testing by using below command to get similar output.
cross your fingers :)
#nagios -v nagios.cfg
Nagios 2.10
Copyright (c) 1999-2007 Ethan Galstad (http://www.nagios.org)
Last Modified: 10-21-2007
License: GPL
Reading configuration data...
Running pre-flight check on configuration data...
If you see any error check and fix them.....
Now the last step
Run the service
#/etc/init.d/nagios start
Want to see the output in web browser
http://NAGIOS_SERVER_IP/nagios
huh....Enjoy the Flight......
Need more info visit For more information: http://nagios.sourceforge.net/docs/2_0/toc.html
Tuesday, September 2, 2008
Google Chrome for Windows
OOpppsssss This is what happened when i first installed google browser on my windows XP+ sp3 machine. It gives an impression that google is in hurry to launch its products and without proper testing. same this is happening with the Google Docs & Spreadsheets. They are still unpolished in comparison to Microsoft. People want to use these product but they are not seeing much value yet.
Friday, June 13, 2008
Twiki 4.2 Installation on CentOS 5
Download and install CentOS 5
Download Twiki 4.2 from http://twiki.org/
Wget command is quite handy at this.
#wget -c < link from where you want to download>
Check the services installed on the CentOS server. NMAP is a tool which is quite handy to figure out the installed services.
#nmap localhost
if NMAP is not installed then you can install this by
#yum install nmap
Now you can see how many services are up by using the command #nmap localhost.
Check for Apache Service
[root@localhost test]# nmap localhost
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-04-28 21:35 IST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 1673 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
443/tcp open https
IF you do not find 80 port open here then do the following.
#service httpd start
To make this service permanent on.
#chkconfig --levels 345 httpd on
Install the required CPAN modules
#perl -MCPAN -e 'install FreezeThaw'
#perl -MCPAN -e 'install CGI::Session'
#perl -MCPAN -e 'install HTML::Tree'
It is not necessary that all the modules installed from the CPAN.
there are other methods as well.
You can use RPM approach for those who were not able to install by the CPAN.
Download Twiki 4.2 from http://twiki.org/
Wget command is quite handy at this.
#wget -c < link from where you want to download>
Check the services installed on the CentOS server. NMAP is a tool which is quite handy to figure out the installed services.
#nmap localhost
if NMAP is not installed then you can install this by
#yum install nmap
Now you can see how many services are up by using the command #nmap localhost.
Check for Apache Service
[root@localhost test]# nmap localhost
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-04-28 21:35 IST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 1673 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
443/tcp open https
IF you do not find 80 port open here then do the following.
#service httpd start
To make this service permanent on.
#chkconfig --levels 345 httpd on
Install the required CPAN modules
#perl -MCPAN -e 'install FreezeThaw'
#perl -MCPAN -e 'install CGI::Session'
#perl -MCPAN -e 'install HTML::Tree'
It is not necessary that all the modules installed from the CPAN.
there are other methods as well.
You can use RPM approach for those who were not able to install by the CPAN.
Thursday, June 5, 2008
MySql 5: Error No. 1045 Access denied for user 'root'@'localhost' (using password: NO)
MySql 5: Error No. 1045 Access denied for user 'root'@'localhost' (using password: NO)
The above error happens in most cases when you have not given any password for ROOT user.
Solution:-
go to the bin directory of mysql and type the below.
c:\> mysqladmin SET PASSWORD FOR 'root'@'localhost' = PASSWORD('MyNewPassword');
or try allowing the 3306 port in your client firewall
or check if some other application is using the 3306 port by "netstat" command.
---------------------------------------------
If instead of NO , you get a YES
The “YES” doesn’t mean that you are using the password “Yes” it simply mean “Yes” you are using a password. If the password was blank it might say “No”
The problem is the host shouldn’t be ‘%’.
Set it to ‘localhost’. Problem solved.
update user set Host=’localhost’ where User=’myUserName’
The above error happens in most cases when you have not given any password for ROOT user.
Solution:-
go to the bin directory of mysql and type the below.
c:\> mysqladmin SET PASSWORD FOR 'root'@'localhost' = PASSWORD('MyNewPassword');
or try allowing the 3306 port in your client firewall
or check if some other application is using the 3306 port by "netstat" command.
---------------------------------------------
If instead of NO , you get a YES
The “YES” doesn’t mean that you are using the password “Yes” it simply mean “Yes” you are using a password. If the password was blank it might say “No”
The problem is the host shouldn’t be ‘%’.
Set it to ‘localhost’. Problem solved.
update user set Host=’localhost’ where User=’myUserName’
Tuesday, March 25, 2008
Tips n Tricks- Windows XP
1.How to Change the Drive Letters
==> Start->control Panel->Administrative Tools->Computer management++disk management++ then right click the partition++select "change drive letter and paths"
2.Turn off welcome screen
==> open control panel--> user account ==> change the way user logon and logoff.
3.Unlock WinXP setupp.ini
==> Find your setupp.ini file in the i386 directory on your WinXP CD. Open it up, it'll look something like this:
ExtraData=802A667567787F696F697911AE7E05
Pid=83034000
The Pid value is what we're interested in. What's there now looks like a standard default. There are special numbers that determine if it's a retail, oem, or volume license edition. First, we break down that number into two parts. The first five digits determines how the CD will behave, ie is it a retail cd that lets you clean install or upgrade, or an oem cd that only lets you perform a clean install? The last three digits determines what CD key it will accept. You are able to mix and match these values. For example you could make a WinXP cd that acted like a retail cd, yet accepted OEM keys.
Now, for the actual values. Remember the first and last values are interchangable, but usually you'd keep them as a pair:
Retail = 51882335
Volume License = 51883 270
OEM = 82503 OEM
So if you wanted a retail CD that took retail keys, the last line of your setupp.ini file would read:
Pid=51882335
And if you wanted a retail CD that took OEM keys, you'd use:
Pid=51882OEM
4.Password Recovery Disk
==> Take preventive measures against losing user-level passwords.
create a password recovery disk the minute you create your user account.
How to launch the Forgotten Password Wizard:
Single-click Start menu, Control Panel, and User Accounts.
Click your user account name.
Under Related Tasks on the left, click "Prevent forgotten password" to launch the wizard.
Now that you've launched the wizard, let it walk you through creating the recovery disk. Make sure the disk you use is formatted and in the drive.
If you happen to forget your password, all you need to do is click your user icon at the logon screen. Even though you don't have your password, go ahead and click the green arrow just like you would to finish logging on to your computer. This will launch a little yellow dialog box directing you to use your password recovery disk.
==> Start->control Panel->Administrative Tools->Computer management++disk management++ then right click the partition++select "change drive letter and paths"
2.Turn off welcome screen
==> open control panel--> user account ==> change the way user logon and logoff.
3.Unlock WinXP setupp.ini
==> Find your setupp.ini file in the i386 directory on your WinXP CD. Open it up, it'll look something like this:
ExtraData=802A667567787F696F697911AE7E05
Pid=83034000
The Pid value is what we're interested in. What's there now looks like a standard default. There are special numbers that determine if it's a retail, oem, or volume license edition. First, we break down that number into two parts. The first five digits determines how the CD will behave, ie is it a retail cd that lets you clean install or upgrade, or an oem cd that only lets you perform a clean install? The last three digits determines what CD key it will accept. You are able to mix and match these values. For example you could make a WinXP cd that acted like a retail cd, yet accepted OEM keys.
Now, for the actual values. Remember the first and last values are interchangable, but usually you'd keep them as a pair:
Retail = 51882335
Volume License = 51883 270
OEM = 82503 OEM
So if you wanted a retail CD that took retail keys, the last line of your setupp.ini file would read:
Pid=51882335
And if you wanted a retail CD that took OEM keys, you'd use:
Pid=51882OEM
4.Password Recovery Disk
==> Take preventive measures against losing user-level passwords.
create a password recovery disk the minute you create your user account.
How to launch the Forgotten Password Wizard:
Single-click Start menu, Control Panel, and User Accounts.
Click your user account name.
Under Related Tasks on the left, click "Prevent forgotten password" to launch the wizard.
Now that you've launched the wizard, let it walk you through creating the recovery disk. Make sure the disk you use is formatted and in the drive.
If you happen to forget your password, all you need to do is click your user icon at the logon screen. Even though you don't have your password, go ahead and click the green arrow just like you would to finish logging on to your computer. This will launch a little yellow dialog box directing you to use your password recovery disk.
Sunday, March 16, 2008
VI Editor Tips for beginners
There are two modes in VI editor
command mode and escape mode
Press to enter in command mode
Press "i" to enter in insert mode
Delete-dd
Press to delete one line
x
Delete one character
:wq
Save and exit
:q!
Quit without saving
^Z
suspend vi
ZZ
writes and quits at the same time
:r name
reads in the file name at the cursor point
copy and paste (yy and p) Yank
yy
yanks into a temp buffer
p
paste the yanked file
Search
==> /pattern
searches for the pattern in the file
n
carry search in the same direction
N
carry search in opposite direction
UNDO command
u
undo the last action
.
repeats the last command
command mode and escape mode
Press
Press "i" to enter in insert mode
Delete-dd
Press
x
Delete one character
:wq
Save and exit
:q!
Quit without saving
^Z
suspend vi
ZZ
writes and quits at the same time
:r name
reads in the file name at the cursor point
copy and paste (yy and p) Yank
yy
yanks into a temp buffer
p
paste the yanked file
Search
==> /pattern
searches for the pattern in the file
n
carry search in the same direction
N
carry search in opposite direction
UNDO command
u
undo the last action
.
repeats the last command
Few Linux TIPS
How to verify any change in files by RPM
#
M Mode differs (includes permissions and file type)
5 MD5 sum differs
L readLink path mis-match
=========================================================
Netstat
very nice utility to know what is running on your system
#netstat -atu
==========================================================
PS
Check the processes
#ps -aux
===========================================================
Last
who logged into the system in Past
#last -a
#
rpm -Va | less
==> very helpful to check every file on your computer,you will now which files are modified
say
.......T c /etc/inittab
..5....T c /etc/pki/nssdb/secmod.db
.......T c /etc/audit/auditd.conf
....L... c /etc/pam.d/system-auth
S.5....T c /etc/sysconfig/system-config-securitylevel
.......T c /etc/mail/sendmail.cf
S.5....T c /var/log/mail/statistics
.M...... c /etc/cups/classes.conf
where==>
S file Size differsM Mode differs (includes permissions and file type)
5 MD5 sum differs
L readLink path mis-match
=========================================================
Netstat
very nice utility to know what is running on your system
#netstat -atu
==========================================================
PS
Check the processes
#ps -aux
===========================================================
Last
who logged into the system in Past
#last -a
GPO to stop Blaster and Sobig.F
Start->Run->MMC
Select File
Add/Remove Snap-in
Add, Group Policy Object Editor,
Add, Close, Ok.
Go to :-Local Computer Policy, User Configuration, Administrative Templates, System
Click on Systems
Double Click on "Don't Run Specified Windows Applications".
Select File
Add/Remove Snap-in
Add, Group Policy Object Editor,
Add, Close, Ok.
Go to :-Local Computer Policy, User Configuration, Administrative Templates, System
Click on Systems
Double Click on "Don't Run Specified Windows Applications".
Select Enable and then click on Show, then Add
Add any applications you want to restrict. Blaster and Sobig.F are
-
WINPPR32.EXE
-
MSBLASTER.EXE
Click OK and close out of the MMC.
These will help to stop the above two Trojan / worms.
Time and Date Setting for Linux
How to set date and time in CentOS
rpm -qa | grep ntp
If not then load the package by YUM
yum install ntp
ntpdate us.pool.ntp.org
date (make sure it matches up with the date your timezone is set to)
hwclock (Verify the bios clock matches the system clock)
"Optional Step"
hwclock --systohc (Set the bios clock to match the system clock)
Then you can go about setting up /etc/ntp.conf and starting and running the time daemon ..
hwclock --set --date="10/05/10 14:19:05"
if you have ntp running
ntpdate "server DNS name or IP address"
hwclock --systohc
To keep your time accurate you can create a cron job that executes:(the -w option is the same as --systohc)
ntpdate "server name" && hwclock -w
------------------------------------------------------
rpm -qa | grep ntp
If not then load the package by YUM
yum install ntp
ntpdate us.pool.ntp.org
date (make sure it matches up with the date your timezone is set to)
hwclock (Verify the bios clock matches the system clock)
"Optional Step"
hwclock --systohc (Set the bios clock to match the system clock)
Then you can go about setting up /etc/ntp.conf and starting and running the time daemon ..
hwclock --set --date="10/05/10 14:19:05"
if you have ntp running
ntpdate "server DNS name or IP address"
hwclock --systohc
To keep your time accurate you can create a cron job that executes:(the -w option is the same as --systohc)
ntpdate "server name" && hwclock -w
------------------------------------------------------
Synchronizing clocks
Synchronizing your system clock to an accurate time server is important so that you can prove your log files are accurately time stamped. Create a file in /etc/cron.hourly that contains the following:
/usr/sbin/ntpdate -bu -t 3 your-local-gateway
/sbin/hwclock --systohc
Thursday, February 28, 2008
Rsync and Wget
This tool helps you to copy files or directories between a local and a remote host.
rsync attempts to identify differences between source and destination files prior to initiating a transfer, and (assuming differences exist) tries only to copy the changes, rather than the entire file.
http://www.samba.org/rsync/
It woks like
On the same machine
say dir1 and dir2 are two directories and file1 is the file that reside under dir1
command:-
rsync -a dir1 dir2 ==> will give the output as dir2/dir1/file1
command:-
rsync -a dir1/ dir2 ==> will give the output as dir2/file1
command:-
rsync -a --delete sourceDir/ destinationDir/ ==> will delete extra file from destinationDir which does not have presence in sourcedir
For Copying data by Rsync, it should be installed on both hosts.
Example:- How to copy data between localhost and remote host
You are sitting on localhost machine where you want to copy data from a remote machine
rsync -avz -e ssh userName@remoteHost:/remote/outgoingData/ /local/incomingData
here "/" after the outgoing data means that the localhost already have the directory and you just just want the data from the outgoingData directory.
If we remove the "/" then it means that you want to create the outgoingData directory first on
the remote machine then want to copy data from it. It should be like below:-
rsync -avz -e ssh userName@remoteHost:/fullPath/outgoingData/ /fullPath/incomingData/outgoingData
Mirroring the websites:-
you are giving the below command from server2.xyz.com (you want the backup to this server)
rsync -avz -e ssh userName@server1.xyz.com:/var/www/ /var/www/
rsync -az -e ssh --delete ~/public_html/ remote.com:'~/public_html' (Mirror web site (using compression and encryption))
copy files from remote server called server1 into /backup directory:
Use of "/" at the end of path:
When using "/" at the end of source, rsync will copy the content of the last folder.
When not using "/" at the end of source, rsync will copy the last folder and the content of the folder.
When using "/" at the end of destination, rsync will paste the data inside the last folder.
When not using "/" at the end of destination, rsync will create a folder with the last destination folder name and paste the data inside that folder.
rsync attempts to identify differences between source and destination files prior to initiating a transfer, and (assuming differences exist) tries only to copy the changes, rather than the entire file.
http://www.samba.org/rsync/
It woks like
On the same machine
rsync -a sourceDir/ destinationDir/
rsync care about the trailing slash, but only on the source argument say dir1 and dir2 are two directories and file1 is the file that reside under dir1
command:-
rsync -a dir1 dir2 ==> will give the output as dir2/dir1/file1
command:-
rsync -a dir1/ dir2 ==> will give the output as dir2/file1
command:-
rsync -a --delete sourceDir/ destinationDir/ ==> will delete extra file from destinationDir which does not have presence in sourcedir
For Copying data by Rsync, it should be installed on both hosts.
Example:- How to copy data between localhost and remote host
You are sitting on localhost machine where you want to copy data from a remote machine
rsync -avz -e ssh userName@remoteHost:/remote/outgoingData/ /local/incomingData
here "/" after the outgoing data means that the localhost already have the directory and you just just want the data from the outgoingData directory.
If we remove the "/" then it means that you want to create the outgoingData directory first on
the remote machine then want to copy data from it. It should be like below:-
rsync -avz -e ssh userName@remoteHost:/fullPath/outgoingData/ /fullPath/incomingData/outgoingData
Mirroring the websites:-
you are giving the below command from server2.xyz.com (you want the backup to this server)
rsync -avz -e ssh userName@server1.xyz.com:/var/www/ /var/www/
rsync -az -e ssh --delete ~/public_html/ remote.com:'~/public_html' (Mirror web site (using compression and encryption))
rsync -auz -e ssh remote:/dir/ . && rsync -auz -e ssh . remote:/dir/ (Synchronize current directory with remote one(
WGET
wget -c http://www.example.com/big.file [Continue downloading a partially downloaded file ]
wget -r -nd -np -l1 -A '*.jpg' http://www.example.com/dir/ [Download a set of files to the current directory ]
wget ftp://remote/file[1-9].iso/ [FTP supports globbing directly ]
wget -q -O- http://www.pixelbeat.org/timeline.html | grep 'a href' | head [Process output directly ]
echo 'wget url' | at 01:00 [Download url at 1AM to current dir]
wget --limit-rate=20k url [Do a low priority download (limit to 20KB/s in this case) ]
wget -nv --spider --force-html -i bookmarks.html [Check links in a file ]
wget --mirror http://www.example.com/ [Efficiently update a local copy of a site (handy from cron)]
copy files from remote server called server1 into /backup directory:
rsync -arvz -e ssh user@server1:/var/www/html /backupa = archive - means it preserves permissions (owners, groups), times, symbolic links, and devices.
r = recursive - means it copies directories and sub directories
v = verbose - means that it prints on the screen what is being copiedUse of "/" at the end of path:
When using "/" at the end of source, rsync will copy the content of the last folder.
When not using "/" at the end of source, rsync will copy the last folder and the content of the folder.
When using "/" at the end of destination, rsync will paste the data inside the last folder.
When not using "/" at the end of destination, rsync will create a folder with the last destination folder name and paste the data inside that folder.
Friday, February 22, 2008
Redundant Array of Individual Disks (RAID)
Types of RAID
RAID 0 or Disk Striping
Number of Minimum Disks Required=2
RAID 0 provides the highest performance but no redundancy. Data in the logical drive is striped (distributed) across several physical drives.
RAID 1 or Disk Mirroring
Number of Minimum Disks Required=2
Capacity=N/2
RAID 1 mirrors the data stored in one hard drive to another. RAID 1 can only be performed with two hard drives. If there are more than two hard drives, RAID (0+1) will be performed automatically.
RAID 3 or Disk Striping with Dedicated Parity Disk
Minimum Disk Required=3
Capacity=N-1
Redundancy=Yes
RAID 3 performs Block Striping with Dedicated Parity. One drive member is dedicated to storing the parity data. When a drive member fails, the controller can recover/ regenerate the lost data of the failed drive from the dedicated parity drive.
Raid 5 or Striping with Interspersed Parity
Minimum Disk Required=3
Capacity=N-1
Redundancy=Yes
RAID 5 is similar to RAID 3 but the parity data is not stored in one dedicated hard drive. Parity information is interspersed across the drive array. In the event of a failure, the controller can recover/regenerate the lost data of the failed drive from the other surviving drives.
Subscribe to:
Posts (Atom)