Pooo

Funny thing, before me and my old mma training partner had a fallen out he signed me up for a fight in Feb. since I never knew the date but was shocked that the promoter texted me this week asking me to still fight and even train at his place......Ive been so bizzy with work and school I've barely had the time for any thing else. I would have loved to fight heavy weight next month but after my last fight i have a few things to work on......good news tho im going to fight again in may. So by then most of my flaws should be perfected til next time...

Stay free (as in beer)

-Loafy

posted from Bloggeroid

Just checking In!

Happy new years!!!

I'm just checking since i really haven't been posting like i should. I've been busy trying to build my business and just enjoy the holidays with family and friends. Since everyone already stated there new years revolution to the world I might as well follow suit:

1. Make it a point to be down right thankful for my family and what i have cause it could always be worst.

2. Spend less time chasing a buck and more time developing my skill set.

3. Teach my family what I now and Incorporate technology into family time.

4. Go to more IT events (SELF2012, OLF, DEATHCON etc....)

5. Become great with at least 2 programming languages

6. Stop letting MySql kick my behind.

7. Repeat numbers one-six

That's it for now, time to start on one of my many projects getting "Deb Squeeze" onto my Samsung galaxy s!

Be safe and stay free (as in beer)

-Loafy

posted from Bloggeroid

How to Reset "MySql" Root Password (CentOS 5)

Evening all,

Ran into a problem a few weeks ago that I finally set down and solved after visiting a couple of forums. These steps are pieced together from many places. Special thinks to all the forums that helped me reset my database password. *Note* Every thing in blue is what you type. *Where you see "whatever password you want" means just that but keep it inside the parentheses () and quotations.

Stop the MySQL daemon : service mysqld stop
Start MySQL in safe mode with the –skip-grant-tables and -u root options in background : mysqld_safe –skip-grant-tables -u root &
Start the command line client as root : mysql -u root
Issue the MySQL command to reset the root password : UPDATE mysql.user SET Password=PASSWORD(‘whatever password you want’) WHERE User=’root’;
Issue the flush privileges command : FLUSH PRIVILEGES;
Quit the command line tool : quit
Find MySQL Process ID: ps aux | grep mysqld
Stop the MySQL process : kill process id goes here `cat /var/run/mysqld/mysqld.pid`
Restart the MySQL daemon : service mysqld start
Log in as root to make sure the new password is active : mysql -u root -p
Type the new password at the prompt

YOUR IN, DON'T FORGET IT NEXT TIME!!!!!

Port Knocking (fwknop) for Fedora 13, 14

Greatings All,

This tutorial is and How to Guide for "Port Knocking" using "FWKNOP" on Fedora 13 and 14 , courtesy of " Ubersec"

fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter (fwknop supports both iptables on Linux systems and ipfw on FreeBSD and Mac OS X systems) and libpcap. SPA is essentially next generation port knocking.

Please download the following packages:

#yum install -y wget

#yum install openssh-server (If the server is not installed already)

#yum -y install system-config-services

#yum install setools-gui.i686 (To install SELinux if you don't have it already)

#yum -y install policycoreutils-gui.i686 (To install SELinux Management if you don't have it already)

#yum install -y nmap (installing network mapper)

#yum -y install perl-HTML-Entities-Numbered.noarch

#yum -y install perl-HTML-Parser.i686

#yum -y install perl-SOAP-Lite.noarch

#yum -y install perl-ExtUtils-AutoInstall.noarch

Download perlmod from the following website http://sourceforge.net/projects/perlmod/

#perlmod -i IPC::Shareable

#yum install fwknop (Install the port-knocking service)

Disable SELINUX and establish successful SSH session.

Check if SELINUX is running by typing: # sestatus –v | less OR type the following to see if SELinux is disabled on your PC #/usr/sbin/getenforce

If SELinux is enabled please disable it on your system through the GUI by going to System --> Administration --> SELinux Administratoin and restart your PC.

Type the following command to start SSHD server #service sshd stop && service sshd start

TIP:

Also go through the GUI to services and assure that you enable SSH to start next startup.

Type the following command to check your ssh session #ssh localhost

Now type #nmap -p 22 Check to see if port 22 is

open.

TIP:

It should return open. If not your sshd service is not running.

For Example:

[root@ittlabusr fwknop]# nmap -p 22 localhost

Starting Nmap 5.21 ( http://nmap.org ) at 2011-04-08 12:23 EDT

Nmap scan report for localhost (127.0.0.1)

Host is up (0.00019s latency).

rDNS record for 127.0.0.1: localhost.localdomain

PORT STATE SERVICE

22/tcp open ssh

Configure IPTABLES

#sudo iptables-save -c > /etc/iptables-save

#cat /etc/iptables-save | sudo iptables-restore –c

Type #ifconfig to find out which interface you Linux is listening on. You will need to add it to the firewall.sh script below.

Now create the following file firewall.sh and add the followings:

#!/bin/sh

IPTABLES=/sbin/iptables

$IPTABLES -F

$IPTABLES -F -t nat

$IPTABLES -X

$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

$IPTABLES -t nat -A POSTROUTING -s 192.168.1.0/24 -o -j MASQUERADE

$IPTABLES -A INPUT -j LOG --log-prefix "DROP "

$IPTABLES -A INPUT -j DROP

$IPTABLES -A INPUT -p tcp --syn --dport 22 -j LOG --log-prefix "SSH SYN "

$IPTABLES -A INPUT -p tcp --syn --dport 22 -j LOG --log-prefix "DROP "

$IPTABLES -A FORWARD -j LOG --log-prefix "DROP "

$IPTABLES -A FORWARD -j DROP

echo 1 > /proc/sys/net/ipv4/ip_forward

echo "[+] EnGarde Secure Linux iptables policy activated"

exit

Save the file and then change the permission to execute: chmod +x firewall.sh

Now run it by typing #./firewall.sh

Now type #iptables -L to check that your iptables contain the new rules.

For Example,

It should show the followings:

[root@ittlabusr ~]# iptables -L

Chain INPUT (policy ACCEPT)

target prot opt source destination

ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED

LOG all -- anywhere anywhere LOG level warning prefix `DROP '

DROP all -- anywhere anywhere

LOG tcp -- anywhere anywhere tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN LOG level warning prefix `SSH SYN '

LOG tcp -- anywhere anywhere tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN LOG level warning prefix `DROP '

Chain FORWARD (policy ACCEPT)

target prot opt source destination

ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED

LOG all -- anywhere anywhere LOG level warning prefix `DROP '

DROP all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

Now type the following command to assure that you save the rules in IPTABLES #/sbin/iptables-save > /etc/sysconfig/iptables

Now restart your computer by typing #shutdown –r now

Now run nmap again to assure that IPTAB

For example,

#nmap -p 22 Check to see if port 22 is filtered

[root@ittlabusr fwknop]# nmap -p 22 localhost

Starting Nmap 5.21 ( http://nmap.org ) at 2011-04-08 12:25 EDT

Nmap scan report for localhost (127.0.0.1)

Host is up.

rDNS record for 127.0.0.1: localhost.localdomain

PORT STATE SERVICE

22/tcp filtered ssh

Nmap done: 1 IP address (1 host up) scanned in 2.10 seconds

Setup and configuring fwknop port-knocking application.

#gedit or nano /etc/fwknop/fwknop.conf

Change the line #ALERTING_METHODS ALL; (TO) --> ALERTING_METHODS noemail;

Change the line #shCmd /bin/sh; (TO) --> shCmd /bin/bash;

Change the line PCAP_INTF eth1; to assure that you are set to the correct interface!!!!!

TIP

Type ifconfig /all in another terminal to check your current interface.

Change the line #ENABLE_SPA_PACKET_AGING Y; (TO) --> ENABLE_SPA_PACKET_AGING N;

#gedit or nano /etc/fwknop/access.conf

Change the line #KEY: __CHANGEME__; to KEY: whatever you want; (The key must be 8 characters long at the least)

Add the line DATA_COLLECT_MODE: PCAP;

Unmark or add the line FW_ACCESS_TIMEOUT: 30; (time is in sec)

Stop and start fwknop service

#service fwknop stop

#service fwknop start

#netstat -anlp | grep fwknop (to check if fwknop is listening)

unix 2 [ ACC ] STREAM LISTENING 42445 7317/perl /var/run/fwknop/knoptm_ip_timeout.sock

OR

#service fwknop status

knoptm (pid 7317) is running...

fwknopd (pid 7314) is running...

knopwatchd (pid 7319) is running...

On the server side type the following to see logs coming in:

#tail -f /var/log/messages

On the other Linux client side type:

#fwknop -A -a -D

For example,

#fwknop -A tcp/22 -a 127.0.0.1 -D 10.75.3.232

OR

Download fwknop for Windows from

http://www.cipherdyne.org/fwknop/download/ and run fwknop for windows

College Graduation

The date is set!!!!!!!!!!!!!! Graduation for ITT Tech. Apr. 5, 7:00 pm (est), Chesapeake Conference center!!!! goto my twitter page for details " http://twitter.com/itt_tech "

Drupal6.16 Notes

Quick notes for those trying to install and setup Drupal on an Debian machine:

For those trying to install #drupal6 in #debain-lenny use synaptic and do a packet force to get #drupal6.16 from backports

**Note in #debain-lenny the default files are not in /var/www/ there in /usr/share/drupal6/


Once installed from #synaptic restart apache then goto (from web browser) localhost/drupal6/install.php

My Crossroads

Long time,
Well a lot has changed for me since my last post, where do I began........I've switched 9-5's yet again (job markets' ruff) currently I'm unloading trucks from 4-1am (7.65/hr). My business has slowed due to time constraints. I don't have the time to really advertise anymore. I'm in my last sem. for my AAS degree @ ITT-Tech (March Grad). And I'm at a crossroads on my career path. At this time one thing is for certain I want to have a career in Linux/Unix. Ive spent the last 12 months learning Asterisk from the ground up. I'm no guru yet but not to far from it. Ive also been reading off and on O'Reily's "LPI cert in a nutshell". This book is good for studying if you already have some what a back round working with Linux (1yr or better). I didn't set the usual new years resolution. I just set short term goals to accomplish. I'm not getting any younger and its time to choose a path for my life and run for it. My first goal is to grad from school. Second to build my brand. Third to take a cert and Pass it. Fourth learn a programming language. Fifth to work in the IT field full time. I know I've said this in the past but my blogs will become more frequent and more techie. My goal is to write every time i learn something new. I want to do this not only to keep track of new items but to also help those seeking answers to some of the problems that may or may not be so common to some geeks. In closing happy new years to all and until next time "RTFO" (rock the f...on)