Category: Information Technology

Setting up a FUNCTIONING LAMP Stack on Ubuntu Server 10.4

This is a quick tutorial *notes* for me as I constantly have to look for these simple things every time I have to install a lamp server on a nix box.
If you do this kind of stuff to this list might come in handy

  1. install Ubuntu 10.4 LTS
  2. install ssh server [ sudo apt-get install openssh-server ]
  3. install text editor [ sudo apt-get install vim ]
  4. install lamp stack [ sudo apt-get install lamp-server^ ]
  5. install ftp server [ sudo apt-get install vsftpd ]
  6. install phpmyadmin [ sudo apt-get install phpmyadmin ]
  7. install mail server [ sudo aptitude install postfix ]

This should pretty much set you up with a complete/working dev nix box.
You might also need this in some cases…

  1. cURL PHP module [ sudo apt-get install php5-curl ]
  2. IMAP PHP module [ sudo apt-get install php5-imap ]

If you experience any problems hit me up.

Bonding Network Cards & Load Balancing in Ubuntu Server 10.4 LTS

Afters a couple of hours wasted looking online for the answers I ended up coming up with my own. I use vim as my text editor sooooo… if you use nano or whatever just use that.

The Following configuration is ideal for Load Balancing scenarios, you can find our more about different bond modes at the bottom of the post.

 

Lets install the correct software to support the bonding…
sudo apt-get install ifenslave 

 

open up a shell/terminal window and edit…
sudo vim /etc/network/interfaces

 

Copy this info, replacing the ip’s provided with your own…

#The Loopback Network Interface

auto lo
iface lo inet loopback

#The Primary Network Interface

iface eth0 inet manual
iface eth1 inet manual
auto bond0

iface bond0 inet static
bond_miimon 100
bond_mode balance-rr
address 192.168.1.x <——————- USE YOUR OWN LOCAL IP (ASSIGN IT ONE)
netmask 255.255.255.0 <—————- USE YOUR OWN LOCAL SUBNET
gateway 192.168.1.1 <——————- USE YOUR OWN LOCAL GATEWAY IP
up ifenslave bond0 eth0 eth1
down ifenslave -d bond0 eth0 eth1


Save and exit

 

now open aliases.conf…
sudo vim /etc/modprobe.d/aliases.conf

 

copy this…

alias bond0 bonding
options bonding mode=0 miimon=100 downdelay=200 updelay=200

 

Save, Exit and Reboot your computer…
sudo reboot

 

This is tested and working in a live environment with dual GB nics, if you have any problems or would like to bond more then 2 nics leave a comment as the topic is beyond this quick post.

 

MODE INDEX

mode=0 (balance-rr) Round-robin policy: Transmit packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance.

mode=1 (active-backup) Active-backup policy: Only one slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond’s MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. This mode provides fault tolerance. The primary option affects the behavior of this mode.

mode=2 (balance-xor) XOR policy: Transmit based on [(source MAC address XOR’d with destination MAC address) modulo slave count]. This selects the same slave for each destination MAC address. This mode provides load balancing and fault tolerance.

mode=3 (broadcast) Broadcast policy: transmits everything on all slave interfaces. This mode provides fault tolerance.

mode=4 (802.3ad) IEEE 802.3ad Dynamic link aggregation. Creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification.

  • Pre-requisites:
  • Ethtool support in the base drivers for retrieving the speed and duplex of each slave.
  • A switch that supports IEEE 802.3ad Dynamic link aggregation. Most switches will require some type of configuration to enable 802.3ad mode.

mode=5 (balance-tlb) Adaptive transmit load balancing: channel bonding that does not require any special switch support. The outgoing traffic is distributed according to the current load (computed relative to the speed) on each slave. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed receiving slave.

* Prerequisite: Ethtool support in the base drivers for retrieving the speed of each slave.

mode=6 (balance-alb) Adaptive load balancing: includes balance-tlb plus receive load balancing (rlb) for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts the ARP Replies sent by the local system on their way out and overwrites the source hardware address with the unique hardware address of one of the slaves in the bond such that different peers use different hardware addresses for the server.


Lost connection to MySQL server at ‘reading initial communication packet’, system error: 111 – ERROR FIXED!

 

So I finally decided to document this little issue I seem to have every time I need to set up a lamp server. The error Lost connection to MySQL server at ‘reading initial communication packet’, system error: 111can be a pain in the butt if your unfamiliar with linux lamp servers.
To quickly ellaborate on the problem, the problem is 99.9% usually caused because of the following:

  1. Forgot to open/forward your mysql port (default 3306)
  2. Your forgot to edit your my.cnf and update your bound address (default 127.0.0.1/localhost)
  3. Your hosts.allow is not setup to allow in any incoming connections to the server. ( mysqld: ALL: ALLOW )
  4. Correct user privileges have not been set to the remote user account in MYSQL.

This problem typically happens when you have 2 servers trying to communicate across the net. both servers are behind firewalls. The MYSQL Server by default comes bound with the localhost address (127.0.0.1). Which becomes a problem when your local network is trying to forward sql packets to your server. Since your MYSQL server is bound to 127.0.0.1 it will ignore any packet requests outside of its bound address.

To fix this issue simply check your LAN ip using your console/terminal.

Once you have your LAN ip you will want to go to your my.cnf (mysql config file) and edit the bound ip to your local LAN address (in some cases 192.168.1.x or 10.10.1.x etc…)

Run a second terminal window and sudo reboot your box.
once rebooted make sure you have created a mysql user with the correct remote access/permissions and log in.
At this point you should not be getting the error anymore. If you are check and make sure your scripts are using the correct credentials and selecting the correct database.

If you have any questions or require further assistance comment below.

“Remember Remember The 5th Of November… We Are Legion, Expect Us!” – Anonymous

Its been a couple of months now since Anonymous made their plans public, to destroy Facebook on the 5th of November.
I for one can’t wait to see what happens, as a network engineer I can say it’s totally possible.
How is it possible might you ask? There are actually many ways what will be particularly interesting to me is which one they use. Some methods will only disrupt service, some can actually destroy it.
For the most part I agree with their actions, government is out of control mechanizing every aspect of life, and becoming extremely intrusive under the guise of “security”. What does Facebook actually have do with government right? EVERYTHING…

 

If we look back to January 2011 when Goldman Sachs announced their investment into Facebook – 450 Million to be exact ( One of Many Sources ). Why would Goldman Sachs invest into Facebook? because of Facebook advertising revenues?
One thing is for sure I don’t trust Goldman Sachs, they don’t seem to have a good history, especially in the past couple of years. Maybe it’s because they wanted control or access information they could monetize ( One of Many Sources ).
Clandestine Agencies could use this data to generate massive databases with physiological profiles of every person in the world. In fact this surely has already begun years ago ( Project In-Q-Tel ). How you might ask? Easy, by creating logical algorithmic bots that makes/processes decisions based on calculation, for example:

 

  1. A Bot (or in some ways AI Software) setup on a computer can go to any Facebook profile/fan page.
  2. The bot begins to scrape all the page data and categorizes by relation/type and stores it.
  3. After Storing, the Bot begins to go though all the followers/likes/subscribers/friends, meticulously categorizing them by predetermined psychological/physiological values. Everyone in someway is connected or exploited into giving up their personal information.
  4. After accessing all your relationships it begins creating physiological profiles about you, what you typically do, act and why you do the things you do. Where you live and you visit the most, what time of the year you might typically be gone… you get the picture.
  5. Now we have all these advertisements in our faces about things you might have been subliminally thinking about getting. All suggested by a mathematical calculation of your personal data. This already happens, Gmail is a great example of this. When you log in for the first time into your Gmail account you get some random ad but as you continue to use it receiving and sending emails the adds become more personal. This is done by reading your email then analyzing it for any suggestions of wants or needs, popular topics etc…

 

Weaponization of Social Networks has already been done, by using social networks to sway/steer public opinion or create Fan pages used to capture potential political activists, an already known fact ( one of many sources )

Imagine the power any Clandestine agency would have with this kind of knowledge. What if Facebook has been selling it to them to capitalize on an until recently – actual business model. If you recall until Facebook started their marketing platform they really didn’t generate any money. Sustaining a 200-500 Million Network isn’t cheap, being innovative isn’t either. Whatever happens I hope its for the good but if it’s one day discovered that Facebook was purposely selling private information, it will destroy them.

 

What do you think? Is it right or wrong? do you agree or disagree?

Removing Facebook ‘like’ feature to protect anonymity.

I Decided to remove the Facebook ‘like’ feature from my blog and company blog. I didn’t want any government tracking being done based on any similar opinions someone might have. Although I do believe in security I still believe people should have the right to be anonymous and still share their opinion. Also Facebook is getting old and as a professional the look and feel of Facebook does not fit business. Aside from privacy issues, any person can go through the process of socially engineering its victim into accepting a stalkers invite (A living nightmare). Imagine what you could learn about someone right away by simply looking into their profile and relationships, after all you are who you hang out with. This is already being done, redundant databases are being generated about any living person based oh a physiological profile. Guess who is helping with this large task? Facebook fits the perfect model for any intelligence agency, Facebook generates databases based on self inputted user data, some of your most private facts can be found in one way or another on Facebook. Lets not mention all your relationships and their psychological profles, all this information used to create a calculated profile about you. Now imagine a very dangerous person after you and he knows everything about you and who you hang out with. All this only because you decided to share your opinion.
At this point in time I would rather give any visitor the choice of privacy.
For business I will remain using Facebook but only as a marketing node used to direct traffic.

Visual Fox Pro x64 ODBC Drivers NOT GONNA HAPPEN… Instead try this :)

OK so the story goes a little like this… At our company we use a client record management system called American Contractor (Maxwell). We have employees who needed to access the AC database in order to generate reports through Crystal Reports. The problem was that we could not find x64 drivers because according to the multitude of MSDN forums good old microsoft decided it would abandon any support for the dinosaur database type (visual fox pro… duh? :P). So i began to look and look for any possible 3rd party drivers but got no luck… then after about an hour of digging I was able to find some information…
If you have a Windows Vista, 7 or any type of x64 workstation you need to:

1) First understand that their is no x64 version of VFP driver, that being said you can definately run a x86 driver in a x64 OS.

2) Download the x86 Visual Fox Pro ODBC Driver here http://msdn.microsoft.com/en-us/vfoxpro/bb190233 (or Google “Visual Fox Pro ODBC Driver”)

3) In any x64 you cannot access the x86 ODBC Control Panel by navigating to the native START>CONTROL PANEL>ADMINISTRATIVE TOOLS>DATA SOURCES (ODBC), You must access the x86 Data Source Panel.

4) To access your 32bit Data Sources Panel Navigate to C:\WINDOWS\SysWOW64/odbcad32.exe and run it.

5) Run and Install what you need. If you still don’t see the VFP Drivers make sure you’ve already installed them :) (doi! :P)

6) Go tell your boss your a genius… muahahahah

I hope this helps anyone who experienced this problem.

HP Proliant DL380 on Windows Server 2008, Driver Install… Epic FAIL!

I recently was hired as Manager of Information Technology for one of California’s largest importers and exporters of exotic rock; granite, marble and what not. After looking at our current infrastructure I knew I was going to have to bring some of my personal equipment. After the first week I decided we would begin the process of changing server operating systems over to windows 2008 server as rebuilding the entire network was going to be necessary. As I began the process I decided I would install windows 2008 server on my HP Proliant DL380 which was perfect for the new application server role. Windows 2008 installed perfectly with no problem until of course it came to installing the network utility drivers. I spent a good 2 hours looking for help on HP forums, Google and anything else we normally use as information specialists but ended up with nothing. I decided to continue looking for help and found nothing so I decided that I would simply try to run the driver installation in compatibility mode. After a bit of playing I was able to determine that Windows 2008 Server and 2008 Server R2 are somewhat considered different versions, after all the drivers would not install on regular R2 mode but had to dumb down the compatibility to Regular windows 2008 server. After this everything installed with no problem so I suggest if you’re installing Server 2008 R2 as an operating system make sure you install drivers as regular 2008 server through compatibility mode or else you will get the “this install could not complete because the correct operating system was not found” prompt.

Can’t Map Windows Server 2003 Network Drive on Windows 7, Enter Network Password Error :(

OK so I kept having this issue with a clients Windows 7 Ultimate PC, every time I would try to map a network drive it would ask me for 2 pairs of credentials. The Regular credentials and then the dreaded “enter network password” credential. Keep in mind that this is a business network so no clients have home groups setup.

Troubleshooting Steps: – Went to Control Panel\Network and Internet\Network and Sharing Center\Advanced sharing settings and made sure “Password Protected Sharing” was OFF.

– Still didn’t work. – This time I had to check our credentials manager and remove all old credentials it may have stored ( Control Panel\All Control Panel Items\Credential Manager )

– Still Didn’t work WTF! right? At this point I was kinda annoyed and I decided to check the Network Policies on the local computer, TADAAAAAAAA :P

THE SOLUTION:

Start Menu Type run or cmd in search box

Type: secpol.msc

Go to Local Policies | Security Options and choose the “Network Security: LAN Manager Authentican Level” item Set it to “Send LM & NTLM use NTLMv2 session security if negotiated”

Reboot, Remap and everything should be good, enjoy :)

Hello To The Regulated Internet, The Death of Social Media

People now days have no idea that there is a storm coming. This storm is one that very few people know about and its coming fast. Laws are currently being presented and passed that is breaking down the very fabric which makes the internet so powerful. These laws are presented to us as part of “security” precautions but are really a double edged sword.

It is important that we do not let the government regulate the internet, in doing so we will give them the power to control our history our time and lives. Once a government controls the flow of information what will stop it from censoring it? What will stop it from controlling the truths and lies? Who will want to speak their mind, people will lose in the end as speaking out will become a possible crime. It’s a sad reality which every day seems to draw nearer. I still sit and ponder how people all around the US have no Idea that this is going on. They are too busy distracted by just about everything designed to distract them and its working.

So what will happen in the end? Will we be induced back to the monotheistic concept or will we be told once again the world is flat? The idea of controlled information is daunting and with great reason, If anyone can control information they control the histories of the world and as I have noticed, there is something wrong with them too.
Social media will be like being at a local bar with police officers at every table, and the bartender… you guessed it another police officer, for security purposes of course :P

Phishing Scams, Thank You Facebook Apps?

I’ve been around for a very long time. Phishing is one of the oldest traits on the www, using shady methods to obtain user info. In recent weeks I have noticed a escalation in Malicious Facebook Applications. Although this has a positive side it also has a negative, the negative sometimes being your information is stolen through a fake app designed to scrape your personal information. Who would want your person information right? How about data providers… who else could find a way to monetize user information, why not sell it to marketers? Marketers need an audience even though sometimes they aren’t listening. Large repositories of information are always sold online to buyers who need an target audience or demographic.

The Facebook App hack seems to work like this:

  • First you create a fake app through an account.
  • Once the App is completed you deploy it from the compromised account
  • A compromised account can be successfully harvested within 10 minutes at your local coffee shop
  • With the compromised account create an attractive Wall post; Want To Know Who Is Stalking Your Profile? Install this App Find Out Who!
  • Once a user installs the app, all there personal information has been scraped and possibly account hacked

      • This technique along with good bots can make quite the successful harvesting.

      Make sure you don’t just install an App because your friend installed it and has a wall post promoting it. Make sure you know enough about any app before installing it.
      Or else you will end up with lot’s of spam in your inbox and possibly your account suspended.