Wednesday, June 23, 2010
Get Paid Every Week
Thursday, May 6, 2010
How To Use IPtables to Block ICMP (Internet Control Message Protocol) Requests?
How To Use IPtables to Block ICMP (Internet Control Message Protocol) Requests?
How to use IPtables to block ICMP (Internet Control Message Protocol) requests?
Ans : To do this we have understand why we require this thing should be done.
When Hackers try to hack in to any machine first thing they will do is a basic ping test.
Code :
#ping target-machine
If this is succeed they will come to a conclusion that system is up and they can go forward and they can do DDOS attacks or try to find some other open ports using NMAP command.
Code :
#nmap target-machine
So if you are exposing a machine to outer world from your network, first disable incoming ping requests to your machine as follows.
So this can be done by two ways through IPtables
1. Reject the ICMP packets.
2. Drop the ICMP packets.
In the above mentioned methods best thing is to drop the ICMP packets, by doing this we are not giving any clue to hacker whether the system is alive or not. Where as if we do reject definitely hacker will come to know that ICMP packets are blocked and the system is live.
Step1 : Executing following command to drop all the incoming ICMP packets
#iptables –A INPUT –p icmp --icmp-type echo-request –j DROP
Let me explain this command
-A is to append this rule to already existing one.
INPUT specifies that it’s a
Step2 : Save this changes to IPtables file (/etc/sysconfig/iptables), restart the IPtables service and check your IPtables status whether your IPtables chain is updated or not.
#service iptables save
#service iptables restart
#iptables –L
How to allow icmp ping request in case you want them,First we have to remove the rule which we created for blocking the icmp ping.
#iptables –D INPUT –p icmp --icmp-type echo-request –j DROP
Then execute the following commands
#iptables –A INPUT –p icmp --icmp-type echo-request –j ACCEPT
#service iptables save
#service iptables restart
Some points to be noted
What are the methods used by hackers using this ICMP ping?
Though these are old denial-of-service attack (DoS attack), worth to learn them
Ping flood
Smurf attack
Ping to death
How to use IPtables to block ICMP (Internet Control Message Protocol) requests?
Ans : To do this we have understand why we require this thing should be done.
When Hackers try to hack in to any machine first thing they will do is a basic ping test.
Code :
#ping target-machine
If this is succeed they will come to a conclusion that system is up and they can go forward and they can do DDOS attacks or try to find some other open ports using NMAP command.
Code :
#nmap target-machine
So if you are exposing a machine to outer world from your network, first disable incoming ping requests to your machine as follows.
So this can be done by two ways through IPtables
1. Reject the ICMP packets.
2. Drop the ICMP packets.
In the above mentioned methods best thing is to drop the ICMP packets, by doing this we are not giving any clue to hacker whether the system is alive or not. Where as if we do reject definitely hacker will come to know that ICMP packets are blocked and the system is live.
Step1 : Executing following command to drop all the incoming ICMP packets
#iptables –A INPUT –p icmp --icmp-type echo-request –j DROP
Let me explain this command
-A is to append this rule to already existing one.
INPUT specifies that it’s a
Step2 : Save this changes to IPtables file (/etc/sysconfig/iptables), restart the IPtables service and check your IPtables status whether your IPtables chain is updated or not.
#service iptables save
#service iptables restart
#iptables –L
How to allow icmp ping request in case you want them,First we have to remove the rule which we created for blocking the icmp ping.
#iptables –D INPUT –p icmp --icmp-type echo-request –j DROP
Then execute the following commands
#iptables –A INPUT –p icmp --icmp-type echo-request –j ACCEPT
#service iptables save
#service iptables restart
Some points to be noted
What are the methods used by hackers using this ICMP ping?
Though these are old denial-of-service attack (DoS attack), worth to learn them
Ping flood
Smurf attack
Ping to death
Getting mulitple files from ftp server with out any prompt
Getting mulitple files from ftp server with out any prompt
How to get lot of multiple file from server I am using
FTP command(mget ...), but each file asked "yes/no", every file should be put 'yes'
then 'Enter'?
we can resolve this issue in two ways
1)when you are accessing FTP server use -i option which is nothing but interactive way to get files from FTP server, actually this -i option will disable iteractive download of files from server.
Syntax:ftp -i server-ip/servername
#ftp -i 222.1.89.1
2)This is used when you are middle of the transaction you can use prompt command in ftp mode to get multiple files with out any prompt, here is the example and this is for that session
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r-- 1 1005 0 47 Apr 11 19:37 file1.txt
-rw-r--r-- 1 1005 0 47 Apr 11 19:37 file2.txt
-rw-r--r-- 1 1005 0 47 Apr 11 19:37 file3.txt
-rw-r--r-- 1 1005 0 47 Apr 11 19:37 file4.txt
226 Directory send OK.
ftp> prompt
Interactive mode off.
ftp> mget *
local: file1.txt remote: file1.txt
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for file1.txt (47 bytes).
226 File send OK.
47 bytes received in 0.00 secs (72.1 kB/s)
local: file2.txt remote: file2.txt
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for file2.txt (47 bytes).
226 File send OK.
47 bytes received in 0.00 secs (88.3 kB/s)
local: file3.txt remote: file3.txt
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for file3.txt (47 bytes).
226 File send OK.
47 bytes received in 0.00 secs (136.2 kB/s)
local: file4.txt remote: file4.txt
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for file4.txt (47 bytes).
226 File send OK.
47 bytes received in 0.00 secs (136.6 kB/s).
How to get lot of multiple file from server I am using
FTP command(mget ...), but each file asked "yes/no", every file should be put 'yes'
then 'Enter'?
we can resolve this issue in two ways
1)when you are accessing FTP server use -i option which is nothing but interactive way to get files from FTP server, actually this -i option will disable iteractive download of files from server.
Syntax:ftp -i server-ip/servername
#ftp -i 222.1.89.1
2)This is used when you are middle of the transaction you can use prompt command in ftp mode to get multiple files with out any prompt, here is the example and this is for that session
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rw-r--r-- 1 1005 0 47 Apr 11 19:37 file1.txt
-rw-r--r-- 1 1005 0 47 Apr 11 19:37 file2.txt
-rw-r--r-- 1 1005 0 47 Apr 11 19:37 file3.txt
-rw-r--r-- 1 1005 0 47 Apr 11 19:37 file4.txt
226 Directory send OK.
ftp> prompt
Interactive mode off.
ftp> mget *
local: file1.txt remote: file1.txt
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for file1.txt (47 bytes).
226 File send OK.
47 bytes received in 0.00 secs (72.1 kB/s)
local: file2.txt remote: file2.txt
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for file2.txt (47 bytes).
226 File send OK.
47 bytes received in 0.00 secs (88.3 kB/s)
local: file3.txt remote: file3.txt
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for file3.txt (47 bytes).
226 File send OK.
47 bytes received in 0.00 secs (136.2 kB/s)
local: file4.txt remote: file4.txt
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for file4.txt (47 bytes).
226 File send OK.
47 bytes received in 0.00 secs (136.6 kB/s).
Disabling SELinux
Disabling SELinux
Some basics of SELinux :
How to disable SElinux?
SElinux is a security feature which was shipped with RHEL5, it is much secure than any other security priviously such as PAM and Initd
Here we are going to see some basics of SElinux.
Step1:Seeing whether SELinux is enabled or not ?
#getenforce
Step2:To see SELinux status in elaborated way you can use sestatus
#sestatus
SElinux status : enabled
SELinux mount : /selinux
Current mode : enforcing
Mode from config file : enforcing
Policy version : 21
Policy from config file : targeted
From the above output we can see that SElinux is enabled and its in enforced mode.
and to see detailed status you can use -b option, this will give which service are SElinux enabled and which services are disabled.
setenforce
/etc/grub.conf and /etc/selinux/config
Step3:disabling SElinux
We can do it in two ways
1)Perminant way : edit /etc/selinux/config
change the status from enable to disable and selinux type from strict to targeted, after changes are made we have to restart, if the server's are in production and don't want to restart the server follow the temporary way of disabling it.
2)Temporary way : echo 0 > /selinux/enforceFor your info if you want to enable it again, try below command
echo 1 > /selinux/enforce.
Some basics of SELinux :
How to disable SElinux?
SElinux is a security feature which was shipped with RHEL5, it is much secure than any other security priviously such as PAM and Initd
Here we are going to see some basics of SElinux.
Step1:Seeing whether SELinux is enabled or not ?
#getenforce
Step2:To see SELinux status in elaborated way you can use sestatus
#sestatus
SElinux status : enabled
SELinux mount : /selinux
Current mode : enforcing
Mode from config file : enforcing
Policy version : 21
Policy from config file : targeted
From the above output we can see that SElinux is enabled and its in enforced mode.
and to see detailed status you can use -b option, this will give which service are SElinux enabled and which services are disabled.
setenforce
/etc/grub.conf and /etc/selinux/config
Step3:disabling SElinux
We can do it in two ways
1)Perminant way : edit /etc/selinux/config
change the status from enable to disable and selinux type from strict to targeted, after changes are made we have to restart, if the server's are in production and don't want to restart the server follow the temporary way of disabling it.
2)Temporary way : echo 0 > /selinux/enforceFor your info if you want to enable it again, try below command
echo 1 > /selinux/enforce.
CREATING FILES IN LINUX
CREATING FILES IN LINUX
Cmd1 : Use touch command to create empty file's
to create file's
SYNTAX: # touch filename
Example:
#touch test
To create multiple files at a time..
#touch {filename1 filename2 filename3}
#touch {1,2,3}{4,5,6}
The above command will create files with 14,15,16,24,25,26,34,35,36 as names by using this you can create n number of files at a time.
For checking weather your files/folders are created you can use ls command.
Cmd2 : Creating files using cat command in combination of output redirecting operator(>)
#cat > filename
Once enter this command you have to enter the content of the file and once you finish it just press Ctrl+d this will save the file. Use again ls command to display the files created.
Cmd3 : Creating a file with any editor(either VI,emacs etc)
#vi filename
Once you execute this command the file will be opened and in order to enter any data we have to first press i to go in to insert mode. Once you type the content in to the file just press esc and :wq to save and quit the file.
Cmd1 : Use touch command to create empty file's
to create file's
SYNTAX: # touch filename
Example:
#touch test
To create multiple files at a time..
#touch {filename1 filename2 filename3}
#touch {1,2,3}{4,5,6}
The above command will create files with 14,15,16,24,25,26,34,35,36 as names by using this you can create n number of files at a time.
For checking weather your files/folders are created you can use ls command.
Cmd2 : Creating files using cat command in combination of output redirecting operator(>)
#cat > filename
Once enter this command you have to enter the content of the file and once you finish it just press Ctrl+d this will save the file. Use again ls command to display the files created.
Cmd3 : Creating a file with any editor(either VI,emacs etc)
#vi filename
Once you execute this command the file will be opened and in order to enter any data we have to first press i to go in to insert mode. Once you type the content in to the file just press esc and :wq to save and quit the file.
Commands On Commands in Linux
Commands On Commands in Linux
With my knowledge i tried to gather below commands, please share your thoughts/experiences through comments.
1.strace -- very much handy when debugging a command/script which will struck in middle of execution. This command will be tough when you start using it initially, but will come hand when start using excessively. And there are some more sister commands for this ie ltrace mtrace which i never used, please give some inputs on these.
For example if we want to see how ls command is executed and want to see what actually ls command is doing? you can check that out by using strace
#strace ls
2.watch --used to see a command executino at a regular intervels(by default 2 sec)
Some valuable examples
a.Monitoring a copy activity of CD/DVD, which will show the progress.
#cp -ar /dev/cdrom /mnt &
#watch ls -l /mnt
b.Watching who are connecting to a system and disconnecting
#watch lsof -i
3.time --To see how much time a command taken to execute, This a handy tool when you want to check how much time your shell script taken to execute.
#time ls
#time shellscript.sh
4.whereis --to find where a command located
#whereis ls
5.whatis --to get one line info on a command
#whatis ls
And a well known man command and info commands to see the details of a command what it can do.
#man ls
#info ls.
With my knowledge i tried to gather below commands, please share your thoughts/experiences through comments.
1.strace -- very much handy when debugging a command/script which will struck in middle of execution. This command will be tough when you start using it initially, but will come hand when start using excessively. And there are some more sister commands for this ie ltrace mtrace which i never used, please give some inputs on these.
For example if we want to see how ls command is executed and want to see what actually ls command is doing? you can check that out by using strace
#strace ls
2.watch --used to see a command executino at a regular intervels(by default 2 sec)
Some valuable examples
a.Monitoring a copy activity of CD/DVD, which will show the progress.
#cp -ar /dev/cdrom /mnt &
#watch ls -l /mnt
b.Watching who are connecting to a system and disconnecting
#watch lsof -i
3.time --To see how much time a command taken to execute, This a handy tool when you want to check how much time your shell script taken to execute.
#time ls
#time shellscript.sh
4.whereis --to find where a command located
#whereis ls
5.whatis --to get one line info on a command
#whatis ls
And a well known man command and info commands to see the details of a command what it can do.
#man ls
#info ls.
BASH_History_Capabalities in Linux
BASH_History_Capabalities in Linux
Though this is a basic topic known to many of you, But I want to share so that some one will get new things.
BASH(Broune Again Shell) is the default shell in Linux, which will act as a communicator between Kernel and user. Its having so many capabilities such as
a.Short cuts
b.Command chaining
c.History
As I mention we will see all about BASH shell history capabilities here. And I have divided this BASH capabilities in to three parts like basics, medium and advanced.
Basic capabilities of BASH History:
1.To see all the commands what we executed previously
#history
2.To check the history size of your system
#echo $HISTSIZE
3.To check where is your history file, which stores all your previous commands
#echo $HISTFILE
4.To browse history.
Just press up/down arrow to browse history
5.To see all the commands which have particular word
#history | grep string
Example:
#history | grep cd
Medium capabilities of Bash history:
6.Some times browsing history is very tedious job and some times we are executing some big big commands so there is a capability in Bash to over come this ie search-i-reverse. For doing this press ctrl+r and type a string in previous command which you want to execute.
Lets see it with an example
root@satish:~#(reverse-i-search)`se': service winbind restart
if you see above I just pressed ctrl+r and then started to type se, it is showing service winbind restart command, so I no need to type entire command and I have to justent press enter
root@satish:~# service winbind restart
* Stopping the Winbind daemon winbind [ OK ]
* Starting the Winbind daemon winbind [ OK ]
root@satish:~#
7.Changing the size of history. Most of the Linux machines by default it can store up to 500 previously executed commands. Some people likes to change it to some value, here i want to keep my previously executed 3000 commands.
#HISTSIZE=3000
8.to execute previous command
#!!
or
!-1
9.To execute 25 command in bash history
#!25
10.To execute a recent command which start with a string
#!string
11.To clear all the history
#HISTSIZE=0
or
#history –c
12.In Linux when we execute some command there will be no output of the command, for example useradd or mount -a commands will not give you output saying that command is executed successfully or not at that time we can used the below command to see whether the previous command is executed successfully or not
#echo $?
If the out put of the above command is "0", that indicates previous command executed successfully, for any other values the command is not executed successfully(total there are 256 values, 0-255).
Advanced capabilities of Bash history:
History Modifiersreferences:
http://linux.about.com/od/commands/l/blcmdl3_history.htm
http://www.linuxtopia.org/online_books/redhat_linux_debugging_with_gdb/using-history-interactively.html
http://docstore.mik.ua/orelly/linux/lnut/ch08_06.htm
http://www.catonmat.net/blog/the-definitive-guide-to-bash-command-line-history/
Though this is a basic topic known to many of you, But I want to share so that some one will get new things.
BASH(Broune Again Shell) is the default shell in Linux, which will act as a communicator between Kernel and user. Its having so many capabilities such as
a.Short cuts
b.Command chaining
c.History
As I mention we will see all about BASH shell history capabilities here. And I have divided this BASH capabilities in to three parts like basics, medium and advanced.
Basic capabilities of BASH History:
1.To see all the commands what we executed previously
#history
2.To check the history size of your system
#echo $HISTSIZE
3.To check where is your history file, which stores all your previous commands
#echo $HISTFILE
4.To browse history.
Just press up/down arrow to browse history
5.To see all the commands which have particular word
#history | grep string
Example:
#history | grep cd
Medium capabilities of Bash history:
6.Some times browsing history is very tedious job and some times we are executing some big big commands so there is a capability in Bash to over come this ie search-i-reverse. For doing this press ctrl+r and type a string in previous command which you want to execute.
Lets see it with an example
root@satish:~#(reverse-i-search)`se': service winbind restart
if you see above I just pressed ctrl+r and then started to type se, it is showing service winbind restart command, so I no need to type entire command and I have to justent press enter
root@satish:~# service winbind restart
* Stopping the Winbind daemon winbind [ OK ]
* Starting the Winbind daemon winbind [ OK ]
root@satish:~#
7.Changing the size of history. Most of the Linux machines by default it can store up to 500 previously executed commands. Some people likes to change it to some value, here i want to keep my previously executed 3000 commands.
#HISTSIZE=3000
8.to execute previous command
#!!
or
!-1
9.To execute 25 command in bash history
#!25
10.To execute a recent command which start with a string
#!string
11.To clear all the history
#HISTSIZE=0
or
#history –c
12.In Linux when we execute some command there will be no output of the command, for example useradd or mount -a commands will not give you output saying that command is executed successfully or not at that time we can used the below command to see whether the previous command is executed successfully or not
#echo $?
If the out put of the above command is "0", that indicates previous command executed successfully, for any other values the command is not executed successfully(total there are 256 values, 0-255).
Advanced capabilities of Bash history:
History Modifiersreferences:
http://linux.about.com/od/commands/l/blcmdl3_history.htm
http://www.linuxtopia.org/online_books/redhat_linux_debugging_with_gdb/using-history-interactively.html
http://docstore.mik.ua/orelly/linux/lnut/ch08_06.htm
http://www.catonmat.net/blog/the-definitive-guide-to-bash-command-line-history/
All About info, man, whatis, whereis, --help Commands
All About info, man, whatis, whereis, --help Commands
Do you know what dmidecode command will do?
Ans : Are you going to search in google about dmidecode? No need to search boss. No need to go any where. Linux provied many help tools to know more about a command. This post is all about these commands they are as follows.
1.info command
2. man command
3. --help option
4. whatis command
5. whereis command
First command in this list is info
1. info command(Information command) :
info is a good command which will describe all about the command in detail. Its like lots and lots of pages of information will be there for a single command.
Example :
info ls
The above command will show full help about ls command which is of 10 pages. This will give full information.
2. man command(manual command)
This will give little bit less descriptive but will provied information which you require, and most of the times each option of a command will be described in one sentence and some times in paragraphs.
Example :
man ls
3. --help option
This option is to give one line discription to each option of the command
Example :
ls --help
Please remember --help may present or not present to a command.
4. whatis command
This will show one line description to a give command,
whatis ls
5.Last but not least
whereis this is not a help command but i feel describing this here. This command will show the location of any command.
whereis ls
Do you know what dmidecode command will do?
Ans : Are you going to search in google about dmidecode? No need to search boss. No need to go any where. Linux provied many help tools to know more about a command. This post is all about these commands they are as follows.
1.info command
2. man command
3. --help option
4. whatis command
5. whereis command
First command in this list is info
1. info command(Information command) :
info is a good command which will describe all about the command in detail. Its like lots and lots of pages of information will be there for a single command.
Example :
info ls
The above command will show full help about ls command which is of 10 pages. This will give full information.
2. man command(manual command)
This will give little bit less descriptive but will provied information which you require, and most of the times each option of a command will be described in one sentence and some times in paragraphs.
Example :
man ls
3. --help option
This option is to give one line discription to each option of the command
Example :
ls --help
Please remember --help may present or not present to a command.
4. whatis command
This will show one line description to a give command,
whatis ls
5.Last but not least
whereis this is not a help command but i feel describing this here. This command will show the location of any command.
whereis ls
Installing YUM server in RHEL4
Installing YUM server in RHEL4
If you are looking for YUM server in RHEL5 you can clickhere other wise just read on..
Recently I came across a strange issue.. ie implementing YUM(Yellow dog Updater and Modifier) server in RHEL4 :(. By the time of RHEL4 released there is no YUM server implementation..
so I did some research and collected some documentation on net and implemented YUM server in RHEL4
configuring YUM server in RHEL4 as follows..
Step1:Download following packages
sqlite-2.8.16-1.2.el4.rf.i386.rpm
python-sqlite-0.5.0-1.2.elr4.rf.i386.rpm
python-urlgrabber-2.9.6-1.2.el4.rf.noaarch.rpm
pytyhon-elementtree-1.26-1.2.el4.rf.noarch.rpm
python-celementtree-1.0.2-1.2.el4.rf.i386.rpm
yum-2.4.2-1.noarch.rpm
yum-utils-0.3.1-1.fc4.noarch.rpm ( we need for repository)
createrepo-0.3.1-1.noarch.rpm
Step2: Install the above mention packages in the same sequence once you download them.
rpm -Uvh sqlite-2.8.16-1.2.el4.rf.i386.rpm
rpm -Uvh python-sqlite-0.5.0-1.2.elr4.rf.i386.rpm
rpm -Uvh python-urlgrabber-2.9.6-1.2.el4.rf.noaarch.rpm
rpm -Uvh pytyhon-elementtree-1.26-1.2.el4.rf.noarch.rpm
rpm -Uvh python-celementtree-1.0.2-1.2.el4.rf.i386.rpm
rpm -Uvh yum-2.4.2-1.noarch.rpm
rpm -Uvh yum-utils-0.3.1-1.fc4.noarch.rpm
rpm -Uvh createrepo-0.3.1-1.noarch.rpm
Step3:Now dump your rpms from your RHEL4 cds/dvd
cp -ar * /var/ftp/pub/Server/
Step4: Create repository
#createrepo -v /var/ftp/pub/Server/
Here yum server will create a repository and metadata once creation of metadata is done we can configure yum client on the same mechine.. as follows
Step5:Creating a repo file and updating with the repository details
#vi /etc/yum.repo.d/server.repo
[server]
name= Redhat repository
baseurl=file:///var/ftp/pub/Server
gpgcheck=0
save the file and exit and start using yum to install packages in RHEL4.
If you are looking for YUM server in RHEL5 you can clickhere other wise just read on..
Recently I came across a strange issue.. ie implementing YUM(Yellow dog Updater and Modifier) server in RHEL4 :(. By the time of RHEL4 released there is no YUM server implementation..
so I did some research and collected some documentation on net and implemented YUM server in RHEL4
configuring YUM server in RHEL4 as follows..
Step1:Download following packages
sqlite-2.8.16-1.2.el4.rf.i386.rpm
python-sqlite-0.5.0-1.2.elr4.rf.i386.rpm
python-urlgrabber-2.9.6-1.2.el4.rf.noaarch.rpm
pytyhon-elementtree-1.26-1.2.el4.rf.noarch.rpm
python-celementtree-1.0.2-1.2.el4.rf.i386.rpm
yum-2.4.2-1.noarch.rpm
yum-utils-0.3.1-1.fc4.noarch.rpm ( we need for repository)
createrepo-0.3.1-1.noarch.rpm
Step2: Install the above mention packages in the same sequence once you download them.
rpm -Uvh sqlite-2.8.16-1.2.el4.rf.i386.rpm
rpm -Uvh python-sqlite-0.5.0-1.2.elr4.rf.i386.rpm
rpm -Uvh python-urlgrabber-2.9.6-1.2.el4.rf.noaarch.rpm
rpm -Uvh pytyhon-elementtree-1.26-1.2.el4.rf.noarch.rpm
rpm -Uvh python-celementtree-1.0.2-1.2.el4.rf.i386.rpm
rpm -Uvh yum-2.4.2-1.noarch.rpm
rpm -Uvh yum-utils-0.3.1-1.fc4.noarch.rpm
rpm -Uvh createrepo-0.3.1-1.noarch.rpm
Step3:Now dump your rpms from your RHEL4 cds/dvd
cp -ar * /var/ftp/pub/Server/
Step4: Create repository
#createrepo -v /var/ftp/pub/Server/
Here yum server will create a repository and metadata once creation of metadata is done we can configure yum client on the same mechine.. as follows
Step5:Creating a repo file and updating with the repository details
#vi /etc/yum.repo.d/server.repo
[server]
name= Redhat repository
baseurl=file:///var/ftp/pub/Server
gpgcheck=0
save the file and exit and start using yum to install packages in RHEL4.
SAMBA Server Configuration
SAMBA Server Configuration
SAMBA(SMB server) is a file sharing server. Which is used to share files between Windows, Linux and Unix Systems. SMB(Server Message Block) is a proprietary protocol which is developed by Microsoft
Lets see how we can configure SAMBA in Linux.
Step1 : Create a directory where you want to keep data and share with other remote systems(either windows/Solaris/in fact any unix flavor etc).
#mkdir /share1
Step2 : Installing Samba server
#yum install samba
Step3 : Once we install Samba server, configure it using its main configuration file(/etc/samba/smb.conf)
Step3(a) : Open smb.conf file and specify the work group where this server belongs
#vi /etc/samba/smb.conf
search for workgroup word and specify your work group name
workgroup = windows-group.
Why we require this workgroup?
Ans : When windows user try to access any network resource they first try to access my network places and then search for workgroup then to server. So definitly we have to specify this workgroup entry in smb.conf file.
Step3(b) : So now we have to give a name to this samba server, search for "server string" with out quotes then provide the samba server name(here that name is linux-share)
server string = linux-share
Step3(c):Now specify the share details, which folder you want to share. To whom you want to share? Goto last line of the smb.conf file specify your shared folder details as follows.
[myshare]
comment = "This is my Linux data want to share with my windows users"
path = /share1
valid users = user1 user2
writable = no
privatable = no
browsable =yes.
After giving this seven entries just save and exit the file.
Let me explain each and every thing what we used here.
a.[myshare] --This is my share name, so when ever any user accessed my samba server through network this will be visible as folder shared.
b.comment -- This is just a comment, which will help to know what is this share for.
c.path -- This is used to specify which folder on my samba machine to share.
d.valid users --This will specifies which user is having access on this folder.
e.writable --This will specify whether users are able to write or not, In this example the can just read the folder and copy.
f.Privatable --This will indicate whether this folder is private or not.
g.browsable -- This is used to specify whether the folder content is browsable or not.
Step4 : Now create passwords for the users who are going to access this samba share remotely.
#smbpasswd -a user1
#smbpasswd -a user2
Please specify the passwords for this 2 users and this passwords will be stored in /etc/samba/smbpasswd
Step5 : check for the syntax for your smb.conf file if in case you did any mistake
#testparm
Step6 : Restart the samba service
#service smb restart
Step7 : Permanently on the smb service, So that after rebooting the system too our server will start running.
#chkconfig smb on
Please check my other post how to mount or see the SAMBA shares here.
SAMBA(SMB server) is a file sharing server. Which is used to share files between Windows, Linux and Unix Systems. SMB(Server Message Block) is a proprietary protocol which is developed by Microsoft
Lets see how we can configure SAMBA in Linux.
Step1 : Create a directory where you want to keep data and share with other remote systems(either windows/Solaris/in fact any unix flavor etc).
#mkdir /share1
Step2 : Installing Samba server
#yum install samba
Step3 : Once we install Samba server, configure it using its main configuration file(/etc/samba/smb.conf)
Step3(a) : Open smb.conf file and specify the work group where this server belongs
#vi /etc/samba/smb.conf
search for workgroup word and specify your work group name
workgroup = windows-group.
Why we require this workgroup?
Ans : When windows user try to access any network resource they first try to access my network places and then search for workgroup then to server. So definitly we have to specify this workgroup entry in smb.conf file.
Step3(b) : So now we have to give a name to this samba server, search for "server string" with out quotes then provide the samba server name(here that name is linux-share)
server string = linux-share
Step3(c):Now specify the share details, which folder you want to share. To whom you want to share? Goto last line of the smb.conf file specify your shared folder details as follows.
[myshare]
comment = "This is my Linux data want to share with my windows users"
path = /share1
valid users = user1 user2
writable = no
privatable = no
browsable =yes.
After giving this seven entries just save and exit the file.
Let me explain each and every thing what we used here.
a.[myshare] --This is my share name, so when ever any user accessed my samba server through network this will be visible as folder shared.
b.comment -- This is just a comment, which will help to know what is this share for.
c.path -- This is used to specify which folder on my samba machine to share.
d.valid users --This will specifies which user is having access on this folder.
e.writable --This will specify whether users are able to write or not, In this example the can just read the folder and copy.
f.Privatable --This will indicate whether this folder is private or not.
g.browsable -- This is used to specify whether the folder content is browsable or not.
Step4 : Now create passwords for the users who are going to access this samba share remotely.
#smbpasswd -a user1
#smbpasswd -a user2
Please specify the passwords for this 2 users and this passwords will be stored in /etc/samba/smbpasswd
Step5 : check for the syntax for your smb.conf file if in case you did any mistake
#testparm
Step6 : Restart the samba service
#service smb restart
Step7 : Permanently on the smb service, So that after rebooting the system too our server will start running.
#chkconfig smb on
Please check my other post how to mount or see the SAMBA shares here.
Subscribe to Posts [Atom]