Tungkol sa Akin

Aking larawan
Manila, Catholic, Philippines
Si Albert Einstein[1] (Marso 14, 1879–Abril 18, 1955) ay isang Aleman-Swiss-Amerikanong pisikong teoretikal na kinikilala bilang isa sa pinakamahalagang siyentista/siyentipiko sa ika-dalawampung siglo at isa sa pinakamahusay na pisikong nabuhay sa kasaysayan ng agham. Ang pinakamahalagang papel na kanyang ginampanan sa agham ay ang pagbuo ng espesyal na teoriya ng relatibidad at teoriyang pangkalahatang relatibidad. Sa karagdagan, marami siyang naiambag sa teoriyang kwantum at mekaniks na estatistikal. Siya ay naparangalan ng Gantimpalang Nobel sa kanyang paliwanag sa epektong potoelektrika noong 1905. Si Einstein ay nakilala sa buong mundo matapos na mapatunayan ang prediksiyon ng kanyang teoriyang pangkalahatang relatibidad na ang sinag(light rays) ng malalayong bituin ay malilihis ng grabidad ng araw. Ito ay napatunayan noong Nobyembre 7, 1919 sa ekspedisyon na ginawa ng mga inglaterong siyentipiko upang pagmasdan ang Eklipseng solar na naganap nang taong iyon sa Aprika. Dahil sa kanyang katalinuhan at orihinalidad, ang salitang "Einstein" ay naging sinonimo ng salitang "henyo"

Martes, Enero 8, 2013

how to install and enable telnet on Centos 6

yum install telnet telnet-server

vi /etc/xinetd.d/telnet


disable = yes‘ to ‘disable = no‘


service xinetd restart


chkconfig xinetd on - The service is enabled permanently

Miyerkules, Nobyembre 7, 2012

HOW TO INSTALL AWSTATS ON CENTOS 6

1. Download and install the rpmforge repository.
  •  http://apt.sw.be/redhat/el6/en/i386/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.i686.rpm
2. Install AWStats with yum command:
  •  [root@VMb0x download]# yum --enablerepo=rpmforge install awstats –y
3. Edit AWStats Apache Configuration
  •  [root@VMb0x ~]# vi /etc/httpd/conf.d/awstats.conf
4. Rename config file localhost.localdomain.conf to www.my.logtest.conf
  • mv /etc/awstats/awstats.localhost.localdomain.conf /etc/awstats/awstats.www.my.logtest.conf
5. Modify “SiteDomain” on Line 153 as below
  • SiteDomain="www.my.logtest"
6. Modify “HostAliases” on Line 168 as below
  • HostAliases="localhost 127.0.0.1 REGEX[my\.local$] REGEX[^10\.0\.0\.]"
7. Restart the apache service
  • [root@VMb0x httpd]# /etc/init.d/httpd start
8. Verify & update Install
  • http://servername/awstats/awstats.pl?config=www.my.logtest

Lunes, Abril 23, 2012

How to setup a VSFTPD

Install Vsftpd FTP Server

Install the vsftpd package via yum command:
# yum install vsftpd

Vsftpd Defaults

  1. Default port: TCP / UDP - 21 and 20
  2. The main configuration file: /etc/vsftpd/vsftpd.conf
  3. Users that are not allowed to login via ftp: /etc/vsftpd/ftpusers

Configure Vsftpd Server

Open the configuration file, type:
# vi /etc/vsftpd/vsftpd.conf
Turn off standard ftpd xferlog log format:
xferlog_std_format=NO
Turn on verbose vsftpd log format. The default vsftpd log file is /var/log/vsftpd.log:
log_ftp_protocol=YES
Above to directives will enable logging of all FTP transactions. Lock down users to their home directories:
chroot_local_user=YES
Create warning banners for all FTP users:
banner_file=/etc/vsftpd/issue
Create /etc/vsftpd/issue file with a message compliant with the local site policy or a legal disclaimer:
NOTICE TO USERS
Use of this system constitutes consent to security monitoring and testing.
All activity is logged with your host name and IP address.

Turn On Vsftpd Service

Turn on vsftpd on boot:
chkconfig vsftpd on
Start the service:
# service vsftpd start
netstat -tulpn | grep :21

Configure Iptables To Protect The FTP Server

Open file /etc/sysconfig/iptables, enter:
# vi /etc/sysconfig/iptables
Add the following lines, ensuring that they appear before the final LOG and DROP lines for the RH-Firewall-1-INPUT:
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 21 -j ACCEPT
Open file /etc/sysconfig/iptables-config, enter:
# vi /etc/sysconfig/iptables-config
Ensure that the space-separated list of modules contains the FTP connection tracking module:
IPTABLES_MODULES="ip_conntrack_ftp"
Save and close the file. Restart firewall:
# service iptables restarthttp://www.cyberciti.biz/tips/rhel-fedora-centos-vsftpd-installation.html

Lunes, Enero 23, 2012

ASDM problem

http://www.tek-tips.com/viewthread.cfm?qid=1540963

Basic Configuration on Cisco ASA 5520

http://www.security-solutions.co.za/CISCO-ASA-5520-configuration-example.html



The initial configuration of the device has to be done on the Command Line Interface and example of that is included bellow

Hostname domain name and ssh keys generation



First of all you need to configure the initial settings of the device with a hostname and a domain name in order to be able generate SSH usage keys
hostname test-asa
domain-name test-asa.com
enable password ZdcH9lbXsA2JtS18 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
crypto key generate rsa usage-keys

Management interface



Then you need to configure the the management interface with an ip address in order to be able to connect to the computer you are managing the device from
interface Management0/0
speed 100
duplex full
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0


Upgrade the Cisco IOS



Then you need to copy the latest release of the cisco IOS software for the appropriate appliance version from the TFTP server (usually your laptop's ip address here depicted as 192.168.1.100 running a TFTP server that can be downloaded here)
copy tftp://192.168.1.100/asa821-k8.bin flash:
boot system disk0:/asa821-k8.bin

Management Gui Configuration



Then you you need to configure the ASDM gui management interface of the ASA .Bear in mind once the image file is copied to the flash of the device you also need to enable the http server and enable who is able to access the service

copy tftp://192.168.1.100/asdm-621.bin flash:
asdm image disk0:/asdm-621.bin
http server enable
http 0 0 inside


Basic Static Routing Configuration



Then you need to configure the basic outside interface parameters as well as routing on the outside interface so you can communicate with the outside world.Once that's done you have to enable the transition of traffic from the inside interface trough a feature called network address translation or NAT.A lot of things have been written about nat i am not going to go trough all of them here suffice to say if you issue the bellow commands the translation will happen and you will be able to establish a bridge between the inside and the outside interfaces.
interface GigabitEthernet0/0
speed 100
duplex full
nameif outside
security-level 0
ip address 196.15.131.202 255.255.255.240


! the bellow command is used to enable default routing on the ASA device using 196.15.131.201 as the default destination to send its traffic to
route outisde 0 0 196.15.131.201


Basic Global Natting Configuration



The natting feature is basically used on the Cisco ASA as measure of protecting your private network addresses when they are accessing the internet.Its achieved by the bellow commands
nat (inside) 1 192.168.0.0 255.255.0.0
global (outside) 1 interface

More complex Cisco NATing Concepts



The bellow Section Describes natting order of operation in more detail.Cisco ASA natting is considered one of the most complicated and challenging subjects .If it looks intimidating thats because it is .If you require some assistance with that you can always contact us for more info.
Order of NAT Commands Used to Match Real Addresses
The security appliance matches real addresses to NAT commands in the following order:

1. NAT exemption (nat 0 access-list)—In order, until the first match. Identity NAT is not included in this category; it is included in the regular static NAT or regular NAT category. We do not recommend overlapping addresses in NAT exemption statements because unexpected results can occur.

2. Static NAT and Static PAT (regular and policy) (static)—In order, until the first match. Static identity NAT is included in this category.

3. Policy dynamic NAT (nat access-list)—In order, until the first match. Overlapping addresses are
allowed.

4. Regular dynamic NAT (nat)—Best match. Regular identity NAT is included in this category. The order of the NAT commands does not matter; the NAT statement that best matches the real address is used. For example, you can create a general statement to translate all addresses (0.0.0.0) on an interface. If you want to translate a subset of your network (10.1.1.1) to a different address, then you can create a statement to translate only 10.1.1.1. When 10.1.1.1 makes a connection, the specific statement for 10.1.1.1 is used because it matches the real address best. We do not recommend using overlapping statements; they use more memory and can slow the performance of the security appliance.

Basic Access list Configuration



Then you you need to configure some access lists allowing certain hosts to access resources on the internet or other connected interfaces on the firewall.Then assign and apply that access group to the inside interface
access-list inside extended permit ip any any
access-group inside in interface inside

Basic Troubleshooting commands enabling



After that's done you have configured the basic settings on your ASA device .The bellow settings are recommended in order to troubleshoot simple connectivity and other issues you may encounter on the asa device by the ways of logging .The logging functionality on the ASA is extensive and is unparalleled in troubleshooting usefulness in determining where the problem lies .
logging enable
logging timestamp
logging buffer-size 999999
logging buffered debugging
logging trap debugging
logging history debugging
logging asdm debugging
logging facility 23

Viewing the logs on the Cisco ASA appliance



show logging | include 192.168.1.1

Best Practice management Configuration suggestions



A best practice would be to configure remote management access to a device by allowing only a few hosts to connect to the Cisco ASA device for remote management as shown bellow
ssh 196.1.1.1 255.255.255.255 outside
ssh verion 2



    How to create user using ASDM

    http://globalknowledgeblog.com/technology/security/using-asdm-with-minimum-user-privileges/