Tuesday, September 7, 2010

vtiger Installation On CentOS 5.x

vtiger Installation On CentOS 5.x

vtiger is the CRM / complete tracking solution I have looked for and needed for 10 years!!! An all-in-one tracking everything organic package that ties everything together - because every task has many things associated with it, and vtiger works the way people think.
I will install vtiger in the /var/www/html/vtigercrm directory on a CentOS 5.x (i386) system where /var/www/html is the document root of the web site where I install vtiger.
vtiger can be installed as follows:
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
yum install php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mapserver php-mbstring php-mcrypt php-mssql php-snmp php-soap php-tidy phpmyadmin mysql mysql-server httpd libpng libpng-devel libjpeg libjpeg-devel freetype freetype-devel zlib xFree86-dev openssl openssl-devel krb5-devel imap-2004d
php.ini configuration:
Variable Value
allow_call_time_pass_reference on
error_reporting E_WARNING & ~E_NOTICE
safe_mode off
display_errors on
file_uploads on
max_execution_time 600
memory_limit 64M
log_errors off
output_buffering on
register_globals off
short_open_tag on
wget http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%205.1.0/vtigercrm-5.1.0.tar.gz
tar -xvzf vtigercrm-5.1.0.tar.gz
chmod -R a+rw /var/www/html/vtigercrm
Open a browser - you can access the vtiger installer under:
http:///vtigercrm/install.php
Click to enlarge

Click to enlarge

Click to enlarge

Click to enlarge

Click to enlarge

Click to enlarge

Click to enlarge

Click to enlarge

Click to enlarge

Wednesday, September 1, 2010

Squid Proxy Cache Server Installation and Configuration


Squid is a proxy caching server. If you are Linux sysadmin, you can use squid to control internet access at your work environment.
This beginners guide will give a jump-start on how to setup squid on Linux to restrict internet access in an network.

Install Squid

You should install the following three squid related packages on your system.
  • squid
  • squid-common
  • squid-langpack
On Debian and Ubuntu, use aptitude to install squid as shown below. On CentOS, use yum to install the squid package.
$ yum install squid

Check Configuration and Startup scripts

Apart from installing the squid related packages, it also creates the /etc/squid/squid.conf and /etc/init.d/squid startup script.
By default Squid runs on 3128 port. You can verify this from the squid.conf file. You can also set the visible_hostname parameter in your squid.conf, which will be used in error_log. If you don’t define, squid gets the hostname value using gethostname() function.
# vim /etc/squid/squid.conf
visible_hostname ubuntuserver
httpd_port 3128
Note: The http port number (3128) specified in the squid.conf should be entered in the proxy setting section in the client browser. If squid is built with SSL, you can use https_port option inside squid.conf to define https squid.

Start Squid and View Logs

Start the Squid proxy caching server as shown below.
# service squid start
squid start/running, process 11743
Squid maintains three log files (access.log, cache.log and store.log) under /var/log/squid directory.
From the /var/log/squid/access.log, you can view who accessed which website at what time. Following is the format of the squid access.log record.
time elapsed remotehost code/status bytes method URL rfc931     peerstatus/peerhost
To disable logging in squid, update the squid.conf with the following information.
# to disable access.log
cache_access_log /dev/null

# to disable store.log
cache_store_log none

# to disable cache.log
cache_log /dev/null

Squid Usage 1: Restrict Access to Specific Websites

This is how you can restrict folks from browsing certain website when they are connected to your network using your proxy server.
Create a file called restricted_sites and list all sites that you would want to restrict the access.
# vim /etc/squid/restricted_sites
www.youtube.com
mail.yahoo.com
www.hotmail.com
www.gmail.com 

Modify the squid.conf to add the following.
# vim /etc/squid/squid.conf
acl RestrictedSites  dstdomain "/etc/squid/restricted_sites"
http_access deny RestrictedSites

Squid Usage 2: Allow Access to Websites Only During Specific Time

Some organization might want to allow employees to surf or download from the internet only during specific timeperiods.
The squid.conf configuration shown below will allow internet access for employees only between 9:00AM and 18:00 during weekdays.
# vim /etc/squid/squid.conf
acl official_hours time M T W H F 09:00-18:00
http_access deny all
http_access allow official_hours

Squid Usage 3 : Restrict Access to Particular Network

Instead of restricting specific sites, you can also provide access only to certain network and block everything else. The example below, allows access only to the 192.168.10.* internal network.
# vim /etc/squid/squid.conf
acl branch_offices src 192.168.10.0/24
http_access deny all
http_access allow branch_offices

Squid Usage 4 : Use Regular Expression to Match URLs

You can also use regular expression to allow or deny websites.
First create a blocked_sites files with a list of keywords.
# cat /etc/squid/blocked_sites
soccer
movie
www.example.com
Modify the squid.conf to block any sites that has any of these keywords in their url.
# vim /etc/squid/squid.conf
acl blocked_sites url_regex -i "/etc/squid/blocked_sites"
http_access deny blocked_sites
http_access allow all
In the above example, -i option is used for ignoring case for matching. So, while accessing the websites, squid will try to match the url with any of the pattern mentioned in the above blocked_sites file and denies the access when it matches.

SARG – Squid Analysis Report Generator

Download and install SARG to generate squid usage reports.
Use the sarg-reports command to generate reports as shown below.
# to generate the report for today
sarg-report today

# on daily basis
sarg-report daily

# on weekly basis
sarg-report weekly

# on monthly basis
sarg-report monthly

Add the sarg-report to the crontab.
The reports generated by sarg are stored under /var/www/squid-reports. These are html reports can you can view from a browser.
 
$ ls /var/www/squid-reports
Daily  index.hyml

$ ls /var/www/squid-reports/Daily
2010Sept1-2010Sept2  images  index.html

Monday, August 16, 2010

How to Recover Deleted Files in Fedora / Ubuntu

foremost is a forensics application to recover files based on their headers, footers, and internal data structures. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. This short article shows how you can use foremost to recover deleted files.

Currently foremost can recover the following file types:
  • jpg - Support for the JFIF and Exif formats including implementations used in modern digital cameras.
  • gif
  • png
  • bmp - Support for windows bmp format.
  • avi
  • exe - Support for Windows PE binaries, will extract DLL and EXE files along with their compile times.
  • mpg - Support for most MPEG files (must begin with 0x000001BA)
  • wav
  • riff - This will extract AVI and RIFF since they use the same file format (RIFF). note faster than running each separately.
  • wmv - Note may also extract -wma files as they have similar format.
  • mov
  • pdf
  • ole - This will grab any file using the OLE file structure. This includes PowerPoint, Word, Excel, Access, and StarWriter
  • doc - Note it is more efficient to run OLE as you get more bang for your buck. If you wish to ignore all other ole files then use this.
  • zip - Note is will extract .jar files as well because they use a similar format. Open Office docs are just zipâd XML files so they are extracted
    as well. These include SXW, SXC, SXI, and SX? for undetermined OpenOffice files.
  • rar
  • htm
  • cpp - C source code detection, note this is primitive and may generate documents other than C code.
You can tweak /etc/foremost.conf to add support for more file types.
Please note that there's no guarantee that foremost will succeed in recovering your files, but at least there's a chance.

2 Installing foremost

On Fedora and Ubuntu, foremost can be installed as follows:

#yum install foremosrt

 #apt-get install foremost
#apt-get install scalpel


Before we can use Scalpel, we must define some file types that Scalpel should search for in /etc/scalpel/scalpel.conf. By default, all file types are commented out. Uncomment the lines you want, for instance if you want to recover PDF files:

Press Alt + F2 and type: gedit /etc/scalpel/scalpel.conf

and uncomment these lines:
       pdf     y       5000000 %PDF  %EOF\x0d  REVERSE
     pdf     y       5000000 %PDF  %EOF\x0a  REVERSE
Scalpel can be used as follows to try to recover the files:
scalpel /dev/sda1 -o output 
-o defines the directory where Scalpel will place the recovered files - in this case the directory is named output and is a subdirectory of the directory where we are running the scalpel command from; the directory must not exist because otherwise scalpel will refuse to start.

After Scalpel has finished, you will find a folder called output in the directory from where you called Scalpel. The audit.txt contains a summary of what Scalpel has done and the pdf-0-0/ subdirectory contains the pdf files that Scalpel has recovered.

Before you run Scalpel the next time from the same directory, you must either delete/rename the current output/ directory (because Scalpel will not start if the output directory is already existing) or use specify another output directory.


Using Foremost

Foremost Syntax
foremost  [-h][-V][-d][-vqwQT][-b][-o] [-t][-s][-i]
 

Available Options
-h Show a help screen and exit.
-V Show copyright information and exit.
-d Turn on indirect block detection, this works well for Unix file systems.
-T Time stamp the output directory so you don’t have to delete the output dir when running multiple times.
-v Enables verbose mode. This causes more information regarding the current state of the program to be dis-played on the screen, and is highly recommended.
-q Enables quick mode. In quick mode, only the start of each sector is searched for matching headers. That is,the header is searched only up to the length of the longest header. The rest of the sector, usually about 500 bytes, is ignored. This mode makes foremost run con- siderably faster, but it may cause you to miss files that are embedded in other files. For example, using quick mode you will not be able to find JPEG images embedded in Microsoft Word documents.
Quick mode should not be used when examining NTFS file systems. Because NTFS will store small files inside the Master File Table, these files will be missed during quick mode.
-Q Enables Quiet mode. Most error messages will be sup-pressed.
-w Enables write audit only mode. No files will be extracted.
-a Enables write all headers, perform no error detection in terms of corrupted files.
-b number Allows you to specify the block size used in foremost. This is relevant for file naming and quick searches. The default is 512. ie. foremost -b 1024 image.dd
-k number Allows you to specify the chunk size used in foremost.This can improve speed if you have enough RAM to fit the image in. It reduces the checking that occurs between chunks of the buffer. For example if you had > 500MB of RAM. ie. foremost -k 500 image.dd
-i file The file is used as the input file. If no input file is specified or the input file cannot be read then stdin is used.
-o directory Recovered files are written to the directory directory.
-c file Sets the configuration file to use. If none is speci-fied, the file “foremost.conf” from the current direc-tory is used, if that doesn’t exist then “/etc/fore-most.conf” is used. The format for the configuration file is described in the default configuration file included with this program. See the CONFIGURATION FILE section below for more information.
-s number Skips number blocks in the input file before beginning the search for headers. ie.
foremost -s 512 -t  jpeg -i /dev/hda1
Foremost examples
Search for jpeg format skipping the first 100 blocks
su -c foremost -s 100 -t jpg -i image.dd
Only generate an audit file, and print to the screen (verbose mode)
su -c foremost -av image.dd
Search all defined types
su -c foremost -t all -i image.dd
Search for gif and pdf
su -c foremost -t gif,pdf -i image.dd
Search for office documents and jpeg files in a Unix file sys-tem in verbose mode.
su -c foremost -v -t ole,jpeg -i image.dd
Run the default case
su -c foremost image.dd
image.dd means you need to enter your hardisk mount point i.e /dev/sda1 or /dev/sda2
 
  (pls use for ubuntu sudo )

Wednesday, August 11, 2010

Using Amazon Web Services

This presentation assumes you have never used Amazon Web Services (AWS) in any way. We will step through a tutorial to create an AWS account, login, start a server, and access the running server on the Internet.

Terminology
❖ AWS - Amazon Web Services
❖ EC2 - Elastic Compute Cloud
❖ S3 - Simple Storage Service


Checklist
❖ Access Key ID
❖ Secret Access Key
❖ Account Number
❖ X.509 Private Key File
❖ X.509 Certificate File

Register for EC2/S3

Launching a server



















❖ Elastic IP
❖ Elastic Block Store
❖ Custom AMIs
❖ Elastic Fox
❖ S3 Fox
❖ AWS CLI tools
http://sourceforge.net/projects/elasticfox/
http://www.s3fox.net/