|
||||||
|
To start asterisk server To stop asterisk server To reload asterisk server To restart asterisk server asterisk –rx “stop now” To show version asterisk -rx “core show version”
asterisk –rx “core show translation” asterisk –rx “core show codecs”
Setup Local YUM Server in CentOS 6.x / RHEL 6.x (Yum) is a software package manager that installs, updates and removes packages on RPM-based Linux distributions. Yum makes it easier to maintain groups of machines without having to manually update each one using rpm. Features: Support for multiple repositories. Install CentOS 6.3 as a physical or virtual machine. I have already covered a topic how to install Redhat Enterprise Linux 6.0 earlier in this blog. Those steps are damn similar to CentOS 6.x and Scientific Linux 6.x installation. So just follow the steps exactly to install CentOS 6.3. In this example the hostname of the server is rmohan.com and IP Address is 192.168.56.101. Login to your system and Mount the contents of your CentOS 6.3 DVD in the /mnt directory or wherever you want. In the Terminal window, type the following command: Install vsftpd package, so that we can use this as a FTP server to share our repository in the client systems. Start the FTP Service: Install createrepo package if it is not installed. This is package is used to create our local repository. Then install the another one: Now install the createrepo package: Create a folder called localyumserver (You can use your own) in /var/ftp/pub directory to save all the packages from the CentOS DVD. Copy all the files in the Packages folder from the DVD to /var/ftp/pub/localyumserver folder: It will take a while to copy all the packages in the DVD. Please be patient. After all packages are copied, create a repo file called localyumserver.repo in /etc/yum.repos.d/ directory. Type the following entries and save the file (CTRL+O to save and CTRL+X to exit): Where, Now it is time to create our repository. Enter the following command in the Terminal: Note: Delete or rename all the other repo files except the newly created repo file i.e in our example it is localyumserver.repo. Next update the repository: Client side configuration: Create a repo file in your client system as mentioned above in the /etc/yum.repos.d/ directory and remove or rename the existing repositories. Then modify the baseurl as mentioned below: [localyumserver] [localyumserver] Thats it. Start using Yum. Enjoy!! Setup DNS Server step by step in CentOS 6.3 / RHEL 6.3 DNS (Domain Name System) is the core component of network infrastructure. The DNS service resolves hostname into ip address and vice versa. For example if we type http://www.rmohan.com in browser, the DNS server translates the domain name into its corresponding ip address. So it makes us easy to remember the domain names instead of its ip address. DNS Server Installation in CentOS 6.3: This how-to tutorial will shows you how to install and configure DNS server. In this scenario my dns server FQDN (Fully Qualified Domain Name) and Prerequisites: Before proceed, check the following properly. 1. Check FQDN (Fully Qualified Name) of the server. [root@webserver ~]# hostname [root@webserver ~]# ifconfig eth0 [root@webserver ~]# nano /etc/resolv.conf [root@webserver ~]# service iptables stop Set SELINUX=disabled to disable the Selinux in the /etc/selinux/config file.. 6.Check Firewall and Selinux Status: [root@webserver ~]# service iptables status [root@webserver ~]# yum install bind* The main configuration of the DNS will look like below. Edit and add the entries below which are marked as bold in this configuration files. [root@webserver ~]# nano /etc/named.conf Now we should create forward and reverse zone files which we mentioned in the /etc/named.conf file. Create fwd.rmohan.com file in the /var/named directory and add the entries for forward zone as shown below. [root@webserver ~]# nano /var/named/fwd.rmohan.com Create Reverse Zone: Create rev.rmohan.com file in the /var/named directory and add the entries for reverse zone as shown below. [root@webserver ~]# nano /var/named/rev.rmohan.com Start the bind service. [root@webserver ~]# service named start [root@webserver ~]# dig webserver.rmohan.com Thats it. Have a good day!!! Enable DB2 service ports for remote connections. To enable outside users to get to your DB2 databases, you’ll need to set up the DB2 service port, as it is not configured by the Synaptic installation process. As the regular user, run sudo vi /etc/services and add this line to the end of the file and save the changes:
Then, as the DB2 instance owner (db2inst1 by default), run these commands: db2 update dbm cfg using SVCENAME db2c_db2inst1
db2set DB2COMM=tcpip
db2stop
db2start
Block IP traffic from an specific IP or Network. Block from an IP If you want to block only on an specific NIC Or an specific port Using a Network and not only one IP Block traffic from a specific MAC address Suppose you want to bloc traffic some a MAC address instead of an IP address. This is handy if a DHCP server is changing the IP of the maching you want to protect from. Block a specific port If all you want is to block a port, And you can block incoming or outgoing traffic. Block incoming traffic to a port Suppose we need to block port 21 for incoming traffic: But if you have two-NIC server, with one NIC facing the Internet and the other facing your local private Network, and you only one to block FTP access from outside world. In this case I’m assuming eth1 is the one facing the Internet. You can also block a port from a specific IP address: Or even block access to a port from everywhere but a specific IP range. Block outgoing traffic to a port If you want to forbid outgoing traffic to port 25, this is useful, in the case you are running a Linux firewall for your office, and you want to stop virus from sending emails. I’m using FORWARD, as in this example the server is a firewall, but you can use OUTPUT too, to block also server self traffic. Log traffic, before taking action If you want to log the traffic before blocking it, for example, there is a rule in an office, where all employees have been said not to log into a given server, and you want to be sure everybody obeys the rule by blocking access to ssh port. But, at the same time you want to find the one who tried it. You will be able to see which IP tried to access the server, but of course he couldn’t. Tips and TricksBecause List rules with numbers This is going to list all your rules with numbers preceding the rules. Determine where you want the inserted rule and write: List specific chains Will list all INPUT rules. Will list all OUTPUT rules Insert rules That is going to add a rule in position 3 of the “array” Delete rules That is going to remove the rule inserted above. You can also remove it, by matching it. Delete flush all rules and chains This steps are very handy if you want to start with a completely empty and default tables: NOTE: do not execute this rules if you are connected via ssh or something similar, you may get locked out Simple scripts for specific needsHow to stop brute force attacks You can also use How to NAT with
To configure a NAT router, you will be better with a server with two NICs, let’s suppose you have:
Now configure NAT to forward all traffic from 10.1.1.0 network through eth0 IP. You may want to empty all tables and start with a fresh chains and tables (see how above). That is it, you only have to enable kernel forwarding now: Today I needed to relay/forward all Email from one Server (Server A) to another Server (Server B). Server A is running Qmail (on CentOS). Server B is running company smartermail. After googling and searching, I found a site teaches “forwarding Email to another host” using Qmail. I tried, as the article recommends setting up a Qmail config file (which didn’t existed): /var/qmail/control/smtproutes Containing a Qmail Email domain forwarding rule:
So If you are running Plesk Parallel Panel, Qmail was being run with virtual domain support and spotted a Qmail config file: /var/qmail/control/virtualdomains This config file contained the name of the domain I was trying to forward followed by a colon and a number, Must remove the line containing the domain name trying to forward, then restart the Qmail. These are what you need to do, the process are: #1. Back up all your current, working config files and if at all possible, do this using a test domain or sub-domain name so if you make mistakes you have a backup! #2. Set up your destination Email Server to receive Email for the relevant (sub)domain and Email account(s). #3. Ensure that the domain name you are trying to forward Email for is in the Qmail config file /var/qmail/control/rcpthosts (this ensures that Qmail will handle Email for the domain). #4. A necessary to create the Qmail config file /var/qmail/control/smtproutes.
If you want to forward all Email for all domains handled by your Qmail Server, you can use a wildcard config which means you omit the source domain name e.g.:
#5. Now you can restart Qmail: $ /etc/rc.d/init.d/qmail restart #6. Check your destination Email Server which should now be receiving Email sent to Server A for the source domain. This worked fine for me using (source server) Centos/Fedora/Plesk 8,10,11/Qmail and destination server smartermail/Postfix. If you’ve forgotten your MySQL root password (or are involved with some nefarious activity), here is how you can reset that password on a Red Hat (RHEL) system or a CentOS system: Stop MySQL:
Start MySQL in safe mode:
Log into MySQL as root:
Reset the password:
Log out of MySQL and stop the Safe Mode:
Start MySQL in the normal mode:
Log into MySQL with your new password:
zip is a nice, cross-platform compression software, similar in purpose to WinZip or GZip. &zip can create and extract those .zip and .gz (and tar.gz) files, but it uses LZMA for its own native compression, which is a much more modern compression format. (if you’re using .rar, please stop already). Use 7zip to create a password-protected file of a list of files and directories; note the flags -p -mhe which are REQUIRED for the password part to function! 7zip uses AES encryption with 256-bit keys, so this encryption isn’t joking around.
Some basic command-line examples for using 7zip are listed below, which is run with either 7z or 7za on a GNU/Linux system, the 7za being a bit less capable but also has fewer dependencies.
To Archive the files and folders ‘test/ test2/ file1 file2’
shell$ 7z a -t7z -p -mhe out-file.7z test/ test2/ file1 file2
Scanning
Updating archive out-file.7z
Enter password (will not be echoed) :
Verify password (will not be echoed) :
Everything is Ok
To List the files:
shell$ 7z l out-file.7z
And to Extract the files:
shell$ 7z e out-file.7x
More Details : http://www.dotnetperls.com/7-zip-examples
Display Certificate Subject name in readable formatopenssl x509 -in CERTIFICATE_FILE -noout -subject -nameopt multiline,-lname,-align To verify a certificate chainopenssl verify CERTIFICATE_FILE
The file CERTIFICATE_FILE contain the intermediate certificate first and the servers certificate. Check your Certificate using the Certificate Check tool at the bottom of the page To view a PKCS#12 file using openssl commandopenssl pkcs12 -in CertName.p12 A PKCS#14 file contains the certificate, private key and all the intermediate certificate’s in a certificate chain and is encrypted with a password. Alternatively use PKCS12 view Tool Convert PKCS#12 file to pem format using openssl commandopenssl x509 -inform der -in certname.p12 -out convertedfile To view PKCS#7 files using openssl commandThe PKCS #7 format enables the transfer of a certificate and all the certificates in its certification path from one computer to another, or from a computer to removable media. PKCS #7 files typically use the .p7b extension, and are compatible with the ITU-T X.509 standard openssl pkcs7 -in filename_containing_cert -print_certs -out cert.pem Convert a PKCS#7 file from PEM to DER using openssl commandcommand: openssl pkcs7 -in filename_containing_cert -outform DER -out file.der Convert a DER formatted certificate to PEM using openssl commandopenssl x509 -inform der -in certificate_file -outform pem -out newfilename.pem To view the Der formatted file (*.crt, *.cer, *.der) Display Certificate ThumbprintTo display certificate thumbprint using open source software namely openssl 1. openssl x509 -in CERTIFICATE_FILE -noout -sha1 -fingerprint Convert PEM to DER
Convert PEM to P7B
Convert PEM to PFX
OpenSSL Convert DERConvert DER to PEM
OpenSSL Convert P7BConvert P7B to PEM
Convert P7B to PFX
OpenSSL Convert PFXConvert PFX to PEM
|
||||||
|
Copyright © 2025 - All Rights Reserved Powered by WordPress & Atahualpa |
||||||
Recent Comments