shukko·cd romu olmayan servera centos kurmak icin usb flash stick hazirlamak için yorumlar kapalı

cd romu olmayan servera centos kurmak icin usb flash stick hazirlamak

1- http://www.chrysocome.net/dd

adresinden dd.exe nin en son surumu indirilir

2- http://mirror.centos.org/centos/5.1/os/x86_64/images/

adresinden diskboot.img dosyasi indirilir

3- USB disk bilgisayara takilir

4- cmd ile dd.exe nin bulundugu dizine gidilir

dd –list denerek usb diskin nerede mount edilmis oldugu bulunur.

5- asagidaki ornekde usb disk c: de mount edilmis.

buna gore diskboot.img dosyamizi c: de bulunan usb diskimize yazalim.

dd if=diskboot.img of=\\.\C: –progress

shukko·retry time not reached for any host after a long failure period için yorumlar kapalı


This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its recipients.

This is a permanent error.

The following address(es) failed: sdsaddsaasd@tofas.com.tr retry time not reached for any host after a long failure period

------ This is a copy of the message, including all the headers. ------

Return-path: Received: from apache by cokfena.supermailsunucusu.com with local (Exim 4.64)

(envelope-from ) id 1JqSkh-0002yK-K9 for sdsaddsaasd@tofas.com.tr; M

on, 28 Apr 2008 15:46:39 +0300 To: sdsaddsaasd@tofas.com.tr

Subject: sdsdds

X-PHP-Script: www.sahanebirdomain.com/webmail/index.php for 212.167.224.101

MIME-Version: 1.0 Date: Mon, 28 Apr 2008 15:46:39 +0300 From: Message-ID:

<55d2f57c7c883c51f38cb8eeb4e0fb64@localhost> X-Sender: mail@gonderen.com

User-Agent: ULTRA DELI Webmail/0.1-rc2 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit

sdds

EXIM Bir gun birden bire tum domainlere mail atarken 1 tek domaine mail atmamaya baslarsa

ve maili atar atmaz yukaridaki hata mesaji geri geliyorsa

ancak konsoldan patir patir smtp serverina baglanip islem yapilip

dns de en ufak sorun yok olup mx ler cillop gibiyse…

anlaki eximin /var/spool/exim/db altindaki

-rw-r—– 1 mail mail 12288 Apr 28 16:01 retry
-rw-r—– 1 mail mail 0 Apr 28 15:58 retry.lockfile
-rw-r—– 1 mail mail 12288 Apr 28 16:06 wait-remote_smtp
-rw-r—– 1 mail mail 0 Apr 28 15:58 wait-remote_smtp.lockfile

dosyalarina bir haller olmustur.

Emin ol corruption eninde sonunda hepimizin basina bir gun gelicektir.

Anti corrupt olmaya ne gerek var…

ne yapmak gerekir.

1-delete all under exim db folder

2- delete al queued msgs ( fuk them all)

3- delete all msg logs

4- delete yourself ( can you? ) YES I CAN ..

reboot et birde ciksin kokusu …

shukko·basic pfctl control için yorumlar kapalı


# basic pfctl control
# ==
# This document: http://www.rdrs.net/document/
# Related: http://www.OpenBSD.org
# Last update: Tue Dec 28, 2004
# ==
# Note:
# this document is only provided as a basic overview
# for some common pfctl commands and is by no means
# a replacement for the pfctl and pf manual pages.

#### General PFCTL Commands ####
# pfctl -d disable packet-filtering
# pfctl -e enable packet-filtering
# pfctl -q run quiet
# pfctl -v -v run even more verbose

#### Loading PF Rules ####
# pfctl -f /etc/pf.conf load /etc/pf.conf
# pfctl -n -f /etc/pf.conf parse /etc/pf.conf, but dont load it
# pfctl -R -f /etc/pf.conf load only the FILTER rules
# pfctl -N -f /etc/pf.conf load only the NAT rules
# pfctl -O -f /etc/pf.conf load only the OPTION rules

#### Clearing PF Rules & Counters ####
# pfctl -F all flush ALL
# pfctl -F rules flush only the RULES
# pfctl -F queue flush only queue's
# pfctl -F nat flush only NAT
# pfctl -F info flush all stats that are not part of any rule.
# pfctl -z clear all counters
# note: flushing rules do not touch any existing stateful connections

#### Output PF Information ####
# pfctl -s rules show filter information
# pfctl -v -s rules show filter information for what FILTER rules hit..
# pfctl -vvsr show filter information as above and prepend rule numbers
# pfctl -v -s nat show NAT information, for which NAT rules hit..
# pfctl -s nat -i xl1 show NAT information for interface xl1
# pfctl -s queue show QUEUE information
# pfctl -s label show LABEL information
# pfctl -s state show contents of the STATE table
# pfctl -s info show statistics for state tables and packet normalization
# pfctl -s all show everything

#### Maintaining PF Tables ####
# pfctl -t addvhosts -T show show table addvhosts
# pfctl -vvsTables view global information about all tables
# pfctl -t addvhosts -T add 192.168.1.50 add entry to table addvhosts
# pfctl -t addvhosts -T add 192.168.1.0/16 add a network to table addvhosts
# pfctl -t addvhosts -T delete 192.168.1.0/16 delete nework from table addvhosts
# pfctl -t addvhosts -T flush remove all entries from table addvhosts
# pfctl -t addvhosts -T kill delete table addvhosts entirely
# pfctl -t addvhosts -T replace -f /etc/addvhosts reload table addvhosts on the fly
# pfctl -t addvhosts -T test 192.168.1.40 find ip address 192.168.1.40 in table addvhosts
# pfctl -T load -f /etc/pf.conf load a new table definition
# pfctl -t addvhosts -T show -v output stats for each ip address in table addvhosts
# pfctl -t addvhosts -T zero reset all counters for table addvhosts

shukko·How to create a full backup of all accounts via the command line. için yorumlar kapalı

If your server is on it’s way to being full dead, or your license has expired, you can still create backups via the command line. To do so, run the following command:


echo "action=backup&local%5Fpath=%2Fhome%2Fadmin%2Fadmin%5Fbackups%32&owner=admin&type=admin&value=multiple&when=now&where=local&who=all" >> /usr/local/directadmin/data/task.queue

And make sure that the dataskq is running by checking /var/log/cron. If it isn’t you can run the dataskq manually to create the backups:

/usr/local/directadmin/dataskq d200

This will create all backups in /home/admin/admin_backups, assuming there is enough of a system left to do so.

shukko·Steps for changing server ip and creating images. için yorumlar kapalı


Steps for changing server ip and creating images.**** Change server ip ****
Boot the server with the new server ip. (the new one you want to use)
DirectAdmin will not be running, as the license file will be invalid.
Contact DirectAdmin to obtain a new license file. They will change the ip in the license.
Get the new license file:

cd /usr/local/directadmin/scripts
./getLicense.sh UID LID

Where UID and LID are your client ID and your license id.
Ensure the license downloaded properly by making sure the file contains no error messages.
Start DirectAdmin with the new license:

service directadmin restart

(The taskq may have already started it, thus the restart instead of just "start")

Download the ipswap.sh script from directadmin:

wget http://www.directadmin.com/ipswap.sh
chmod 755 ipswap.sh

Execute that script with the old and and the new ip. Example:

./ipswap.sh 1.2.3.4 4.3.2.1

where 1.2.3.4 is your old ip and 4.3.2.1 is the new ip.
This script can be run on any ip, so if you want to change all ips with new ones, just run this script for each old ip with the new ip. Just ensure that you match the new server ip with the old one.

Restart everything:

service httpd restart
service proftpd restart
service exim restart
service vm-pop3d restart
...

Make sure they are correctly binding to the new ports by testing them.

You'll need to update the users list cache so that you see the new results in the show users lists:

echo "action=cache&value=showallusers" >> /usr/local/directadmin/data/task.queue

That's it :)

**** Creating an Image ****

Install whatever additional services you want on the server (if you need up2date, this would be a good time)

Install a default copy of DirectAdmin on a server.
Be sure to install the customapache script.

Delete the license (doesn't really matter.. just so that nobody else gets a hold of it)

Create the image using whatever method you would like.

*** copy the image to the new server

Run the scripts you would normally run to setup the image properly.
Instead of manually changing the ip through DirectAdmin (as above), you can use the ipswap.sh script as decribed above to swap all instances of the IPs.

When you need to use the server, contact DirectAdmin, order a license using the new server's ip.
Once activated, use the getLicense.sh (see above) to download the license for this system.

Restart DirectAdmin and you should be up and running.

shukko·MIKROTIK ROUTER OS: DDOS: Send an attacked ip to TTNET BGP Blackhole Community… için yorumlar kapalı

Oncelikle en son yazimdan sonra is hayatimda pek cok yeni gelisme oldugunu yazayim.

Olan gelismelerden en onemlisi firmamin artik bir RIPE uyesi olmasi. Dolayisi ile kendime ait IP bloklarim ve bir AS numaram var 🙂

Butun bunlarin sebebide networkume yapilan saldirilarda Turk Telekomun sundugu BGP Blackhole Community hizmetinden faydalanabilmek.

Bu hizmetten faydalanabilmek icin kendi BGP anonslarimi kendim yapiyorum. Ve networkumde DDOS Saldirisi yiyen Ip adreslerini TTNET BGP Blackhole Communitye yonlendirerek networkun kalaninin huzur icinde calismaya devam etmesini sagliyorum.

Router olarak BGP anonslari icin Mikrotik Router OS kullandim.

Sistemin calismasi icin yapilan islemler su sekilde: ( Ip bloklari ve #AS numaralarini guvenlik nedeniyle Degistiriyorum)

1- http://wiki.mikrotik.com/wiki/BGP_Case_Studies_1 adresindeki Mikrotike nasil BGP kurulur makalesinden yola cikarak BGP tanimlamami yaptim

Enabling BGP

To enable BGP assuming only one BGP process will be present in the system, it is enough to do the following:

* modify configuration of the default BGP instance. In particular, change instance AS number to the desired ASN:

[admin@rb11] > /routing bgp instance set default as=100 redistribute-static=no
[admin@rb11] > /routing bgp instance print Flags: X - disabled
0 as=100 router-id=0.0.0.0 redistribute-static=no redistribute-connected=no
redistribute-rip=no redistribute-ospf=no redistribute-other-bgp=no
name="default" out-filter=""
[admin@rb11]>

Note, that, unless explicitly specified, BGP router ID is set as the highest IP address on the interface.

* add at least one BGP peer. Refer to the next section for more information on how to configure BGP peers.

BGP Peers

Two BGP routers have to establish TCP connection between each other to be considered as BGP peers. Since BGP requires a reliable transport for routing information, a TCP connection is essential for it to operate properly.

Once TCP connection is up, routers exchange some initial information such as the BGP router ID, the BGP version, the AS number and the Hold Time interval value in the OPEN message. After these values are communicated and agreed upon, the BGP session is established and the routers are ready to exchange routing information via BGP UPDATE messages.

To establish TCP connection to another BGP router, issue the following command:

[eugene@SM_BGP] > /routing bgp peer add remote-address=10.20.1.210 remote-as=65534
[eugene@SM_BGP] > /routing bgp peer print
Flags: X - disabled
0 instance=default remote-address=10.20.1.210 remote-as=65534 tcp-md5-key=""
multihop=no route-reflect=no hold-time=3m ttl=3 in-filter=""
out-filter=""

[eugene@SM_BGP]>

Issue the following command to verify the connection is established:

[eugene@SM_BGP] > /routing bgp peer print status
Flags: X - disabled
0 instance=default remote-address=10.20.1.210 remote-as=65534 tcp-md5-key=""
multihop=no route-reflect=no hold-time=3m ttl=3 in-filter=""
out-filter="" remote-id=10.20.1.210 uptime=1d1h43m16s
prefix-count=180000 remote-hold-time=3m used-hold-time=3m
used-keepalive-time=1m refresh-capability=yes state=established
[eugene@SM_BGP] >

2- BGP calisir hale geldikten sonra asagidaki olaylari gerceklestirdim.

In this scenario 91.99.16.5 and 91.99.16.33 Ips are under attack and needs to be send to ISP blackhole community – 9888:666

1- Add 91.99.16.0/21, 91.99.16.5/32 and 91.99.16.33 into Bgp Networks

[admin@Mikrotik] > /routing bgp network print
Flags: X - disabled, A - active
# NETWORK SYNCHRONIZE
0 A 91.99.16.0/21 no
1 A 91.99.16.5/32 no
2 A 91.99.16.33/32 no

2- After creating routing filters:


[[admin@Mikrotik] > /routing filter print
Flags: X - disabled
0 chain=to_MYISP prefix=91.99.16.5 invert-match=no action=accept set-bgp-communities=9888:666

1 chain=to_MYISP prefix=91.99.16.33 invert-match=no action=accept set-bgp-communities=9888:666

2 chain=to_MYISP prefix=91.99.16.0/21 invert-match=yes action=discard
3- final status of advertisements:

[admin@Mikrotik] > /routing bgp advertisements print
PREFIX NEXTHOP PEER AS-PATH ORIGIN LOCAL-PREF
91.99.16.0/21 212.111.222.130 MYISP igp
91.99.16.5/32 212.111.222.130 MYISP igp
91.99.16.33/32 212.111.222.130 MYISP igp

shukko·Using Windows Server 2008 as a SUPER workstation OS için yorumlar kapalı

Using Windows Server 2008 as a SUPER workstation OS

Posted: Mon, 11 Feb 2008 22:40:00 GMT

Windows Server 2008 is the best OS to be released till date from Microsoft’s stable. And the moment I got hold of the RTM build I could not resist installing it on my workstation. Due to the nature of my work I always prefer running a Server OS on my main workstation… I have been running Windows 2003 disguised as XP (with all the themes and stuff) all these days. So here is my tale of how I went about setting up Windows Server 2008 to look and fell like its desktop counterpart Windows Vista.

1. Enable Hardware Virtualization

My workstation is a x64 machine with hardware virtualization capabilities. This means I can run Hyper-V on my machine. Even if your machine’s hardware supports virtualization it is most likely not going to be enabled by default. You have to enable it via your BIOS setup.

2. Install the latest Graphics and Audio drivers

Being a server OS Windows 2008 carries with it basic graphics and audio drivers. To utilize the full strength of your hardware ensure you install the latest drivers for both graphics and audio hardware. Only with the proper graphics drivers will you be able to enable the “Aero” experience on Windows 2008.

3. Desktop Experience Feature

The Desktop Experience Feature enables a bunch of stuff that is by default present on a desktop OS. Most importantly it includes Themes, Windows Media player and the Aero related features. You will have to enable it form the Server Manager. The “Turn Windows features on or off” / “Add remove windows components” has all been rolled into the Server Manager now.

Server Manager > Features > Desktop Experience

Installing the Desktop Experience feature does not enable them. You have to manually set them up.

4. Themes

To enable Themes you will basically have to enable the Themes Service. Again being a server OS it is not enabled by default.

Services.MSC > Themes

Set the start up type to Automatic

Enabling the Aero Theme.

For this go to Control Panel > Personalization >Theme and select Windows Aero

5. Search

Search is also disabled by default on Windows 2008. Searching is important for me as I use it a lot to find my emails. To enable search you will have to add the File Services Role via Server Manager.

Server Manager > Roles > File Services > Windows Search

Outlook relies on this search service.

6. Disable Shutdown Event Tracker

Since I am using it as a workstation I do not want to keep a track of all the Shutdowns. The Shutdown Event Tracker is the pop up that you get asking you for a shutdown reason. To disable it

Open mmc.msc

Add the Group Policy snap-in

Under Administrative Templates expand System

Set Display Shutdown Event Tracer to Disabled

7. Audio

For audio you need to enable the Windows Audio service. You do this by setting the startup type to Automatic.

Services.msc > Windows Audio

Ensure you have proper drivers for your audio hardware… for me the default driver was not enabling the headphones … it started working fine after I got the proper driver.

8. SuperFetch

As a workstation, enabling SupertFetch will give you that additional bit of responsiveness. The SuperFetch services is disabled by default and when you try to enable it you will most likely get an error message “The operating system is not presently configured to run this application

You will have to make two registry changes to enable this service. I basically copied them over from my Vista machine.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters

EnablePrefetcher DWORD 3

EnableSuperfetch DWORD 3

9. Get a codec pack.

For media hungry buffs download a codec pack. This will ensure you can play all media files.

10. Enable Hyper-V

With Hyper-V you can run virtual machines on your workstation. This is useful if you want to run your tests on older OS versions. Enabling  Hyper-V is easy

Server Manager > Roles > Hyper-V

Remember you need a Hyper-V enabled Windows 2008 licence and also your hardware has to support virtualization.

Also If you are using an existing VHD it may ask you to re-Activate Windows as it detected hardware changes.

One good thing about Windows Server 2008 is that it no longer asks for the i386 folder like Windows 2003 while you enable features.

11. Processor Scheduling

As pointed out in a comment on my previous post; On Windows Server 2008 background services are given preference over interactive programs. You can change this behavior by

Control Panel > System and Maintenance > System > Advanced System Settings > Advanced > Performance > Settings > Advanced > Processor Scheduling

Setting this to Programs will make foreground programs more responsive.

12. Visual Effects

One thing you will notice on Windows Server 2008 is that by default you will not see Preview Thumbnails in your Documents / Music / Video folders. This has to be enabled explicitly.

Control Panel > System and Maintenance > System > Advanced System Settings > Advanced > Performance > Settings > Visual Effects

Based on your preference you can tweak these settings.

13. Power Options

Do your bit for a Green World! The Balanced (default) power plan on Windows Server 2008  does not turn off hard disks by default. On Vista hard disks are turned off after 20 mins. You can change this by

Control Panel > Hardware and Sound > Power Options > Change plan settings

It does take a bit to kick start the hard disks when you resume work but that’s a sacrifice worth making for a greener world :).

14. IE Enhanced Security

IE Enhanced Security Configuration has been moved from Add Remove Windows Components (on Windows 2003) to the Server Manager on Windows Server 2008.

Server Manager > Security Information > Configure IE ESC

You now have a choice to disable it only for Administrators.

And to end with a couple of clarifications

* Why am I recommending Windows Server 2008 over Windows Vista ?

I am not!

* How to get Sidebar / Media center on Windows Server 2008?

My honest opinion would be to look for alternatives.

* Will hardware problems go away moving to Windows Server 2008?

Not likely. One of the biggest complaints against Vista was hardware issues. Without proper  drivers from your hardware vendors your ride on Windows Server 2008 is again going to be bumpy. For me all Vista compatible drivers worked fine with Server 2008 and I believe they should work for you as well.

* Will all software work on Windows Server 2008?

Most will but some setups detect Windows Server 2008 as a server OS and may not install. The compatibility mode does not have a Vista option only XP / Windows 2003 and other legacy OS.

=======================

+++

I -Info about sidebar:

I found in recent builds of Windows Server 2008 folder named “Windows Sidebar” in Program Files and I was able to run it smoothly 🙂

II- – If – I – Not avaible

I have succesfully installed Sidebar on W2k8.

1) Just copy “c:\Program Files\Windows Sidebar” folder from a Windows Vista machine.

2) Run from console: “sidebar.exe /RegServer”

(these are the all options you have: sidebar.exe /autoRun /AX /CPL /detectMem /showgadgets /uninstallgadgets /RegServer /UnregServer)

======================

LINKS

http://blogs.msdn.com/vijaysk/archive/2008/02/11/using-windows-server-2008-as-a-super-desktop-os.asp

http://www.petri.co.il/bypass-windows-server-2008-activation.htm

http://www.winbeta.org/comments.php?shownews=14708&catid=1

http://exo-blog.blogspot.com/

http://www.win2008workstation.com/wordpress/

http://weblog.infoworld.com/enterprisedesktop/archives/2008/03/windows_worksta.html?source=rss

shukko·directadmin de resetlenmeyen aylik bandwidth için yorumlar kapalı

In the case that the monthly reset did not run, an admin can run:

echo "action=cleanreset&value=all" >> /usr/local/directadmin/data/task.queue

in order to only remove the previous months data.

This will do a standard reset of bandwidth.tally files and user.usage files, but will not follow with a tally.

You’d need to run the “action=tally&value=all” command afterwards to recount the correct stats for Reseller Level and Admin Level counting.

echo "action=tally&value=all" >> /usr/local/directadmin/data/task.queue