To access the iLo port on a Lefthand NSM 2120 using the HP DL320S hardware use the following credentials.
username – sanmon
password – sanmon
https://nodeIP:2381
Month: July 2009
To login (from unix shell) use -h only if needed.
[mysql dir]/bin/mysql -h hostname -u root -p
Create a database on the sql server.
create database [databasename];
List all databases on the sql server.
show databases;
Switch to a database.
use [db name];
To see all the tables in the db.
show tables;
To see database’s field formats.
describe [table name];
To delete a db.
drop database [database name];
To delete a table.
drop table [table name];
Show all data in a table.
SELECT * FROM [table name];
Returns the columns and column information pertaining to the designated table.
show columns from [table name];
Show certain selected rows with the value “whatever”.
SELECT * FROM [table name] WHERE [field name] = “whatever”;
Show all records containing the name “Bob” AND the phone number ‘3444444’.
SELECT * FROM [table name] WHERE name = “Bob” AND phone_number = ‘3444444’;
Show all records not containing the name “Bob” AND the phone number ‘3444444’ order by the phone_number field.
SELECT * FROM [table name] WHERE name != “Bob” AND phone_number = ‘3444444’ order by phone_number;
Show all records starting with the letters ‘bob’ AND the phone number ‘3444444’.
SELECT * FROM [table name] WHERE name like “Bob%” AND phone_number = ‘3444444’;
Use a regular expression to find records. Use “REGEXP BINARY” to force case-sensitivity. This finds any record beginning with a.
SELECT * FROM [table name] WHERE rec RLIKE “^a$”;
Show unique records.
SELECT DISTINCT [column name] FROM [table name];
Show selected records sorted in an ascending (asc) or descending (desc).
SELECT [col1],[col2] FROM [table name] ORDER BY [col2] DESC;
Return number of rows.
SELECT COUNT(*) FROM [table name];
Sum column.
SELECT SUM(*) FROM [table name];
Join tables on common columns.
select lookup.illustrationid, lookup.personid,person.birthday from lookup left join person on lookup.personid=person.personid=statement to join birthday in person table with primary illustration id;
Switch to the mysql db. Create a new user.
INSERT INTO [table name] (Host,User,Password) VALUES(‘%’,’user’,PASSWORD(‘password’));
Change a users password.(from unix shell).
[mysql dir]/bin/mysqladmin -u root -h hostname.blah.org -p password ‘new-password’;
Change a users password.(from MySQL prompt).
SET PASSWORD FOR ‘user’@’hostname’ = PASSWORD(‘passwordhere’);
Allow the user “bob” to connect to the server from localhost using the password “passwd”
grant usage on *.* to bob@localhost identified by ‘passwd’;
Give user privilages for a db.
grant all privileges on databasename.* to username@localhost;
To update info already in a table.
UPDATE [table name] SET Select_priv = ‘Y’,Insert_priv = ‘Y’,Update_priv = ‘Y’ where [field name] = ‘user’;
Delete a row(s) from a table.
DELETE from [table name] where [field name] = ‘whatever’;
Update database permissions/privilages.
FLUSH PRIVILEGES;
Delete a column.
alter table [table name] drop column [column name];
Add a new column to db.
alter table [table name] add column [new column name] varchar (20);
Change column name.
alter table [table name] change [old column name] [new column name] varchar (50);
Make a unique column so you get no dupes.
alter table [table name] add unique ([column name]);
Make a column bigger.
alter table [table name] modify [column name] VARCHAR(3);
Delete unique from table.
alter table [table name] drop index [colmn name];
Load a CSV file into a table.
LOAD DATA INFILE ‘/tmp/filename.csv’ replace INTO TABLE [table name] FIELDS TERMINATED BY ‘,’ LINES TERMINATED BY ‘n’ (field1,field2,field3);
Dump all databases for backup. Backup file is sql commands to recreate all db’s.
[mysql dir]/bin/mysqldump -u root -ppassword –opt >/tmp/alldatabases.sql
Dump one database for backup.
[mysql dir]/bin/mysqldump -u username -ppassword –databases databasename >/tmp/databasename.sql
Dump a table from a database.
[mysql dir]/bin/mysqldump -c -u username -ppassword databasename tablename > /tmp/databasename.tablename.sql
Restore database (or database table) from backup.
[mysql dir]/bin/mysql -u username -ppassword databasename < /tmp/databasename.sql
Create Table Example 1.
CREATE TABLE [table name] (firstname VARCHAR(20), middleinitial VARCHAR(3), lastname VARCHAR(35),suffix VARCHAR(3),officeid VARCHAR(10),userid VARCHAR(15),username VARCHAR(8),email VARCHAR(35),phone VARCHAR(25), groups VARCHAR (15),datestamp DATE,timestamp time,pgpemail VARCHAR(255));
Create Table Example 2.
create table [table name] (personid int(50) not null auto_increment primary key,firstname varchar(35),middlename varchar(50),lastname varchar(50) default ‘bato’);
Here’s a list of the commands to control mysql:
service mysqld restart
service mysqld status
service mysqld stop
service mysqld start
UPDATE: See BackTrack 4 Pre-Release Hard Disk Install for updated instructions for the newer BackTrack 4 Beta.
Backtrack 4 does not contain an installer, so we wrote this step by step guide based on muts cookbook on how to install Backtrack 4 on our hard disk drive.
Step 1 – Creating the partitions
First we will need to create three partitions to be able to install backtrack on our hard disk drive. We will need boot, swap and root partitions to be created. (We can still create 2 partitions and install the boot inside the root partition)
fdisk /dev/sda
Creating the partitions
Enter ‘n‘ for new partition.
Enter ‘p‘ for primary.
Partition number ‘1‘.
Press Enter to accept default First cylinder.
Enter Size: ‘+256M‘
Enter ‘n‘ for new partition.
Enter ‘p‘ for primary.
Partition number ‘2‘.
Press Enter to accept default First cylinder.
Enter Size: ‘+1024M‘
Enter ‘n‘ for new partition.
Enter ‘p‘ for primary.
Partition number ‘3‘.
Press Enter to accept default First cylinder.
Enter Size: ‘+32G‘ NOTE: I used 32GB, you can use a size you prefer.
NOTES:
– Select ‘p’ to print the partition table and verify newly created partitions.
Type ‘w‘ to write changes and exit fdisk.
Activate Boot Partition & Specify Swap
Step 2 – Format the file systems
I formated my file system with mkreiserfs for root partition, ext2 for boot and swap for the swap partition.
mkfs.ext2 /dev/sda1
prepare swap using:
mkswap /dev/sda2
swapon /dev/sda2
mkfs.reiserfs /dev/sda3
Step 3 – Mount and Copy Directories
Now its time to copy over the backtrack files to the hard drive and configure it to run the backtrack on boot.
Mount and Copy the Directory Structure using:
mkdir /mnt/bt4
mount /dev/sda3 /mnt/bt4/
mkdir /mnt/bt4/boot
mount /dev/sda1 /mnt/bt4/boot/
cp –preserve -R /{bin,dev,home,pentest,root,usr,boot,etc,lib,opt,sbin,var} /mnt/bt4/
mkdir /mnt/bt4/{mnt,tmp,proc,sys}
chmod 1777 /mnt/bt4/tmp/
mount -t proc proc /mnt/bt4/proc/
mount -o bind /dev /mnt/bt4/dev/
chroot /mnt/bt4/ /bin/bash
NOTE: The copy operation will take some time so be patient until it finish
Step 4 – Configure Bootloader
nano /etc/lilo.conf
We will need to configure /etc/lilo.conf and define the boot and root partition so we will be able to boot into backtrack. In case we do not correctly define the root partition we will get an error “Kernel panic: no init found”.
Configure fstab
Edit /etc/fstab and append the following lines:
/dev/sda3 / reiserfs defaults 0 0 # AutoUpdate
/dev/sda2 none swap sw 0 0
Execute lilo -v
NOTE: lilo may not be installed, if not make sure you are connected to the Internet (use ifconfig to view IP address, etc., and dhclient to renew IP address if necessary). Once connected run the following to install lilo.
apt-get install lilo
You will receive the message, “LILO configuration
It seems to be your first LILO installation. It is absolutely necessary to run liloconfig(8) when you complete this process and execute /sbin/lilo after this.
LILO won’t work if you don’t do this.
So, select OK then run liloconfig, then /sbin/lilo. If you get the message, “fatal: cannot open: /etc/lilo.conf” you are basically screwed and need to search for a solution.
Execute lilo -v and reboot
Reference: http://www.offensive-security.com/documentation/bt4install.pdf
BackTrack links
- How to Start Networking in BackTrack 4
- BackTrack 4 (Pre-Release) Hard Disk Install
- HowTo: Crack WPA with Backtrack 3
- HowTo: Crack WEP with BackTrack 3
- How To Install Backtrack4 Using Grub On Ubuntu
- How to install BT4 dualboot xp on your HDD without vmware or dvd disks
- Backtrack 4 – USB/Nessus Boot with Persistent Changes
- How to make Backtrack 4 boot from USB
- Installing Backtrack 3 to a harddrive
- Installing Backtrack 3 to a harddrive
- BT4 Install: Simplest way to install BackTrack4
Keywords:
install bt4 final to the hard disk hdd
backtrack 4 no clients
make persistent hard drive install
install backtrack 4 from usb to hard drive
bt4 manual
backtrack 4 hdd image
NAME
iwconfig – configure a wireless network interface
SYNOPSIS
iwconfig [interface]
iwconfig interface [essid X] [nwid N] [mode M] [freq F]
[channel C][sens S ][ap A ][nick NN ]
[rate R] [rts RT] [frag FT] [txpower T]
[enc E] [key K] [power P] [retry R]
[commit]
iwconfig –help
iwconfig –version
DESCRIPTION
Iwconfig is similar to ifconfig(8), but is dedicated to the wireless interfaces. It is used to set the parameters of the network interface which are specific to the wireless operation (for Example: the frequency). Iwconfig may also be used to display those parameters, and the wireless statistics (extracted from /proc/net/wireless).
All these parameters and statistics are device dependent. Each driver will provide only some of them depending on hardware support, and the range of values may change. Please refer to the man page of each device for details.
PARAMETERS
essid
Set the ESSID (or Network Name – in some products it may also be called Domain ID). The ESSID is used to identify cells which are part of the same virtual network. As opposed to the AP Address or NWID which define a single cell, the ESSID defines a group of cells connected via repeaters or infrastructure, where the user may roam transparently. With some cards, you may disable the ESSID checking (ESSID promiscuous) with off or any (and on to reenable it). If the ESSID of your network is one of the special keywords (off, on or any), you should use — to escape it.
Examples:
iwconfig eth0 essid any
iwconfig eth0 essid “My Network”
iwconfig eth0 essid — “ANY”
nwid/domain
Set the Network ID (in some products it may also be called Domain ID). As all adjacent wireless networks share the same medium, this parameter is used to differenciate them (create logical colocated networks) and identify nodes belonging to the same cell. This parameter is only used for pre-802.11 hardware, the 802.11 protocol uses the ESSID and AP Address for this function. With some cards, you may disable the Network ID checking (NWID promiscuous) with off (and on to reenable it).
Examples:
iwconfig eth0 nwid AB34
iwconfig eth0 nwid off
freq/channel
Set the operating frequency or channel in the device. A value below 1000 indicates a channel number, a value greater than 1000 is a frequency in Hz. You may append the suffix k, M or G to the value (for example, “2.46G” for 2.46 GHz frequency), or add enough ’0’. Channels are usually numbered starting at 1, and you may use iwlist(8) to get the total number of channels, list the available frequencies, and display the current frequency as a channel. Depending on regulations, some frequencies/channels may not be available. When using Managed mode, most often the Access Point dictates the channel and the driver may refuse the setting of the fre-
quency. In Ad-Hoc mode, the frequency setting may only be used at initial cell creation, and may be ignored when joining an existing cell. You may also use off or auto to let the card pick up the best channel (when supported).
Examples:
iwconfig eth0 freq 2422000000
iwconfig eth0 freq 2.422G
iwconfig eth0 channel 3
iwconfig eth0 channel auto
sens
Set the sensitivity threshold. This is the lowest signal level for which the hardware will consider receive packets usable. Positive values are assumed to be the raw value used by the hardware or a percentage, negative values are assumed to be dBm. Depending on the hardware implementation, this parameter may control various functions. This parameter may control the receive threshold, the lowest signal level for which the hardware attempts packet reception, signals weaker than this are ignored. This may also controls the defer threshold, the lowest signal level for which the hardware considers the channel busy. Proper setting of those thresholds prevent the card to waste time receiving background noise. Modern designs seems to control those thresholds automatically. On modern cards, this parameter may control handover/roaming threshold, the lowest signal level for which the hardware remains associated with the current Access Point. When the signal level goes below this threshold the card starts looking for a new/better Access Point.
Example:
iwconfig eth0 sens -80
mode
Set the operating mode of the device, which depends on the network topology. The mode can be Ad-Hoc (network composed of only one cell and without Access Point), Managed (node connects to a network composed of many Access Points, with roaming), Master (the node is the synchronisation master or acts as an Access Point), Repeater (the node forwards packets between other wireless nodes), Secondary (the node acts as a backup master/repeater), Monitor (the node is not associated with any cell and passively monitor all packets on the frequency) or Auto.
Example:
iwconfig eth0 mode Managed
iwconfig eth0 mode Ad-Hoc
ap
Force the card to register to the Access Point given by the address, if it is possible. When the quality of the connection goes too low, the driver may revert back to automatic mode (the card selects the best Access Point in range). You may also use off to re-enable automatic mode without changing the current Access Point, or you may use any or auto to force the card to reassociate with the currently best Access Point.
Example:
iwconfig eth0 ap 00:60:1D:01:23:45
iwconfig eth0 ap any
iwconfig eth0 ap off
nick[name]
Set the nickname, or the station name. Some 802.11 products do define it, but this is not used as far as the protocols (MAC, IP, TCP) are concerned and completely useless as far as configuration goes. Only some diagnostic tools may use it.
Example:
iwconfig eth0 nickname “My Linux Node”
rate/bit[rate]
For cards supporting multiple bit rates, set the bit-rate in b/s. The bit-rate is the speed at which bits are transmitted over the medium, the user speed of the link is lower due to medium sharing and various overhead.
You may append the suffix k, M or G to the value (decimal multiplier : 10^3, 10^6 and 10^9 b/s), or add enough ’0’. Values below 1000 are card specific, usually an index in the bit-rate list. Use auto to select automatic bit-rate mode (fallback to lower rate on noisy channels), which is the default for most cards, and fixed to revert back to fixed setting. If you specify a bit-rate value and append auto, the driver will use all bitrates lower and equal than this value.
Examples :
iwconfig eth0 rate 11M
iwconfig eth0 rate auto
iwconfig eth0 rate 5.5M auto
rts[_threshold]
RTS/CTS adds a handshake before each packet transmission to make sure that the channel is clear. This adds overhead, but increases performance in case of hidden nodes or a large number of active nodes. This parameter sets the size of the smallest packet for which the node sends RTS ; a value equal to the maximum packet size disables the mechanism. You may also set this parameter to auto, fixed or off.
Examples :
iwconfig eth0 rts 250
iwconfig eth0 rts off
frag[mentation_threshold]
Fragmentation allows to split an IP packet in a burst of smaller fragments transmitted on the medium. In most cases this adds overhead, but in a very noisy environment this reduces the error penalty and allow packets to get through interference bursts. This parameter sets the maximum fragment size ; a value equal to the maximum packet size disables the mechanism. You may also set this parameter to auto, fixed or off.
Examples :
iwconfig eth0 frag 512
iwconfig eth0 frag off
key/enc[ryption]
Used to manipulate encryption or scrambling keys and security mode.
To set the current encryption key, just enter the key in hex digits as XXXX-XXXX-XXXX-XXXX or XXXXXXXX. To set a key other than the current key, prepend or append [index] to the key itself (this won’t change which is the active key). You can also enter the key as an ASCII string by using the s: prefix.
Passphrase is currently not supported. To change which key is the currently active key, just enter [index] (without entering any key value).
off and on disable and reenable encryption.
The security mode may be open or restricted, and its meaning depends on the card used. With most cards, in open mode no authentication is used and the card may also accept non-encrypted sessions, whereas in restricted mode only encrypted sessions are accepted and the card will use authentication if available.
If you need to set multiple keys, or set a key and change the active key, you need to use multiple key directives. Arguments can be put in any order, the last one will take precedence.
Examples :
iwconfig eth0 key 0123-4567-89
iwconfig eth0 key [3] 0123-4567-89
iwconfig eth0 key s:password [2]
iwconfig eth0 key [2]
iwconfig eth0 key open
iwconfig eth0 key off
iwconfig eth0 key restricted [3] 0123456789
iwconfig eth0 key 01-23 key 45-67 [4] key [4]
power
Used to manipulate power management scheme parameters and mode. To set the period between wake ups, enter period ???value???. To set the timeout before going back to sleep, enter timeout ???value???. You can also add the min and max modifiers. By default, those values are in seconds, append the suffix m or u to specify values in milliseconds or microseconds. Sometimes, those values are without units (number of beacon periods, dwell or similar).
off and on disable and reenable power management. Finally, you may set the power management mode to all (receive all packets), unicast (receive unicast packets only, discard multicast and broadcast) and multicast (receive multicast and broadcast only, discard unicast packets).
Examples :
iwconfig eth0 power period 2
iwconfig eth0 power 500m unicast
iwconfig eth0 power timeout 300u all
iwconfig eth0 power off
iwconfig eth0 power min period 2 power max period 4
txpower
For cards supporting multiple transmit powers, sets the transmit power in dBm. If W is the power in Watt, the power in dBm is P = 30 + 10.log(W). If the value is postfixed by mW, it will be automatically converted to dBm.
In addition, on and off enable and disable the radio, and auto and fixed enable and disable power control (if those features are available).
Examples :
iwconfig eth0 txpower 15
iwconfig eth0 txpower 30mW
iwconfig eth0 txpower auto
iwconfig eth0 txpower off
retry
Most cards have MAC retransmissions, and some allow to set the
behaviour of the retry mechanism.
To set the maximum number of retries, enter limit ???value???. This
is an absolute value (without unit). To set the maximum length
of time the MAC should retry, enter lifetime ???value???. By
defaults, this value in in seconds, append the suffix m or u to
specify values in milliseconds or microseconds.
You can also add the min and max modifiers. If the card supports automatic mode, they define the bounds of the limit or lifetime. Some other cards define different values depending on packet size, for example in 802.11 min limit is the short retry limit (non RTS/CTS packets).
Examples :
iwconfig eth0 retry 16
iwconfig eth0 retry lifetime 300m
iwconfig eth0 retry min limit 8
commit
Some cards may not apply changes done through Wireless Extensions immediately (they may wait to aggregate the changes or apply it only when the card is brought up via ifconfig). This command (when available) forces the card to apply all pending changes. This is normally not needed, because the card will eventually apply the changes, but can be useful for debugging.
DISPLAY
For each device which supports wireless extensions, iwconfig will display the name of the MAC protocol used (name of device for proprietary protocols), the ESSID (Network Name), the NWID, the frequency (or channel), the sensitivity, the mode of operation, the Access Point address, the bit-rate, the RTS threshold, the fragmentation threshold, the encryption key and the power management settings (depending on availability).
The parameters displayed have the same meaning and values as the parameters you can set, please refer to the previous part for a detailed explanation of them. Some parameters are only displayed in short/abbreviated form (such as encryption). You may use iwlist(8) to get all the details. Some parameters have two modes (such as bitrate). If the value is prefixed by ‘=’, it means that the parameter is fixed and forced to that value, if it is prefixed by ‘:’, the parameter is in automatic mode and the current value is shown (and may change).
Access Point/Cell
An address equal to 00:00:00:00:00:00 means that the card failed to associate with an Access Point (most likely a configuration issue). The Access Point parameter will be shown as Cell in ad-hoc mode (for obvious reasons), but otherwise works the same.
If /proc/net/wireless exists, iwconfig will also display its content.
Note that those values will depend on the driver and the hardware specifics, so you need to refer to your driver documentation for proper interpretation of those values.
Link quality
Overall quality of the link. May be based on the level of contention or interference, the bit or frame error rate, how good the received signal is, some timing synchronisation, or other hardware metric. This is an aggregate value, and depends totally on the driver and hardware.
Signal level
Received signal strength (RSSI – how strong the received signal is). May be arbitrary units or dBm, iwconfig uses driver meta information to interpret the raw value given by /proc/net/wireless and display the proper unit or maximum value (using 8 bit arithmetic). In Ad-Hoc mode, this may be undefined and you should use iwspy.
Noise level
Background noise level (when no packet is transmitted). Similar comments as for Signal level.
Rx invalid nwid
Number of packets received with a different NWID or ESSID. Used to detect configuration problems or adjacent network existence (on the same frequency).
Rx invalid crypt
Number of packets that the hardware was unable to decrypt. This can be used to detect invalid encryption settings.
Rx invalid frag
Number of packets for which the hardware was not able to prop erly re-assemble the link layer fragments (most likely one was missing).
Tx excessive retries
Number of packets that the hardware failed to deliver. Most MAC protocols will retry the packet a number of times before giving up.
Invalid misc
Other packets lost in relation with specific wireless operations.
Missed beacon
Number of periodic beacons from the Cell or the Access Point we have missed. Beacons are sent at regular intervals to maintain the cell coordination, failure to receive them usually indicates that the card is out of range.
FILES
/proc/net/wireless
SEE ALSO
ifconfig, iwspy, iwlist, iwevent, iwpriv, wireless.
dhclient -r eth0
dhclient eth0
Create a file called file.vbs, then copy and past the content below
the pound signs w/ appropriate information to map network printers
Reference it in the user account after placing it under %NETLOGON%
##############################################
on error resume next
Set WshNetwork = Wscript.CreateObject(“Wscript.Network”)
wshNetwork.AddWindowsPrinterConnection “\serverprintershare”
WSCript.Quit
MOD_REWRITE OVERVIEW
http://www.sitepoint.com/article/guide-url-rewriting
http://www.jeffdarlington.com/tag/mod_rewrite/
LINUX SECURE CONFIG
http://aymanh.com/tips-to-secure-linux-workstation
PHP SECURE CONFIG
http://aymanh.com/checklist-for-securing-php-configuration
MOD_REWRITE SCRIPTS FOR APACHE
SIMPLEST SET OF RULES
==================================================================
#Turn on mod_rewrite
RewriteEngine On
RewriteOptions inherit
RewriteLog “/var/log/httpd/rewrite_log”
# Prevent harmful binary execution through injection
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)chmod(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)chown(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)wget(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)cmd(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)cd%20(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)scp(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)curl(.*) [OR]
# Disable TRACE & TRACK methods
RewriteCond %{REQUEST_METHOD} TRACE [OR]
RewriteCond %{REQUEST_METHOD} TRACK [OR]
# Redirect objectional persons to the bit bucket
RewriteRule ^.* – [F,L]
#Turn on mod_rewrite
RewriteEngine On
RewriteOptions inherit
RewriteLog w3g_rewrite_log
#Disable command line hacks via XSS scripting w/ vulnerable PHP options & includes
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)chmod(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)chown(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)wget(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)cmd(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)cd%20(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)scp(.*) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)curl(.*) [OR]
#Disable TRACE & TRACK methods
RewriteCond %{REQUEST_METHOD} TRACE [OR]
RewriteCond %{REQUEST_METHOD} TRACK [OR]
#Other hack prevention, mostly windows-based
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/winnt/system32/(.*) [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/winnt/system/(.*) [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/windows/system32/(.*) [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/windows/system/(.*) [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/cmd.exe[$|?(.*)] [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/scripts/root.exe[$|?(.*)] [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/msadc/root.exe[$|?(.*)] [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)\..(.*) [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/admin.dll[$|?(.*)] [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/msadcs.dll[$|?(.*)] [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/ext.dll[$|?(.*)] [NC,OR]
RewriteCond %{REQUEST_URI} (.*)/.(.*) [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)/php.exe[$|?(.*)] [NC,OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} (.*)|(.*) [OR]
RewriteCond %{REQUEST_URI} (.{255,}) [OR]
RewriteCond %{QUERY_STRING} (.{127,}) [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} [x00-x1f]+ [OR]
RewriteCond %{REQUEST_URI}?%{QUERY_STRING} [x7f|xff]+
#Rewrite offending persons to forbidden page
RewriteRule (.*) [F]
# Stop bad bots/spiders
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC Web Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web Image Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* – [F,L]
Change hostname linux
If your change is only temporary, or you want to make it without rebooting, you just need to use the hostname command, which can be found at /bin/hostname. Running it without arguments just outputs the current hostname. To change it, su to root and run hostname newhostname.
You need to look at the value for hostname in /etc/sysconfig/network
The contents will look something like this:
NETWORKING=yes
HOSTNAME=oldname
GATEWAY=10.10.1.1
Change the HOSTNAME= parameter value to the proper hostname
NETWORKING=yes
HOSTNAME=fancynewname
GATEWAY=10.10.1.1
…and save the file
Make sure that /etc/hosts has the new hostname properly referenced in it
Then restart the network service (this will not take the box down)
service network restart
If that doesn’t do it, you can modify /proc/sys/kernel/hostname to modify it on the fly.
If that doesn’t do it, reboot the machine after making those changes and it should come back up with the new hostname.
Must telnet to port 25 of the mail server first
—————————————————
ehlo test
mail from:
rcpt to:
data
subject: test via telnet
test via telnet to jim b – should create a log entry
.
Introduction
This document how to allow remote access VPN connections to the ASA from the Cisco AnyConnect 2.0 client.
Prerequisites
Requirements
Ensure that you meet these requirements before you attempt this configuration:
*
Basic ASA configuration that runs software version 8.0
*
ASDM 6.0(2)
Components Used
The information in this document is based on these software and hardware versions:
* Cisco ASA 8.0(2), ASDM 6.0 (2)
* Cisco AnyConnect 2.0
Background Information
The Cisco AnyConnect 2.0 client is an SSL-based VPN client. The AnyConnect client can be utilized and installed on a variety of operating systems, such as Windows 2000, XP, Vista, Linux (Multiple Distros) and MAC OS X. The AnyConnect client can be installed manually on the remote PC by the system administrator. It can also be loaded onto the security appliance and made ready for download to remote users. After the application is downloaded, it can automatically uninstall itself after the connection terminates, or it can remain on the remote PC for future SSL VPN connections. This example makes the AnyConnect client ready to download upon successful browser-based SSL authentication.
For more information on the AnyConnect 2.0 client, refer to AnyConnect 2.0 Release Notes.
Note: MS Terminal Services is not supported in conjunction with the AnyConnect client. You cannot RDP to a computer and then initiate an AnyConnect session. You cannot RDP to a client that is connected via AnyConnect.
Note: The first installation of AnyConnect requires the user to have admin rights (whether you use the standalone AnyConnect msi package or push the pkg file from the ASA). If the user does not have admin rights, a dialog box appears that states this requirement. Subsequent upgrades will not require the user that installed AnyConnect previously to have admin rights.
Configure
Step 1. Configure a Self-Issued Certificate
By default, the security appliance has a self-signed certificate that is regenerated every time the device is rebooted. You can purchase your own certificate from vendors, such as Verisign or EnTrust, or you can configure the ASA to issue an identity certificate to itself. This certificate remains the same even when the device is rebooted. Complete this step in order to generate a self-issued certificate that persists when the device is rebooted.
ASDM Procedure
1.
Click Configuration, and then click Remote Access VPN.
2.
Expand Certificate Management, and then choose Identity Certificates.
3.
Click Add, and then click the Add a new identity certificate radio button.
4.
Click New.
5.
In the Add Key Pair dialog box, click the Enter new key pair name radio button.
6.
Enter a name to identify the keypair.
This example uses sslvpnkeypair.
7.
Click Generate Now.
8.
In the Add Identity Certificate dialog box, ensure the newly created key pair is selected.
9.
For Certificate Subject DN, enter the fully qualified domain name (FQDN) that will be used to connect to the VPN terminating interface.
CN=sslvpn.cisco.com
10.
Click Advanced, and enter the FQDN used for the Certificate Subject DN field.
For example, FQDN: sslvpn.cisco.com
11.
Click OK.
12.
Check the Generate Self Signed Certificate check box, and click Add Certificate.
13.
Click OK.
14.
Click Configuration, and then click Remote Access VPN.
15.
Expand Advanced, and choose SSL Settings.
16.
In the Certificates area, choose the interface that will be used to terminate the SSL VPN (outside), and click Edit.
17.
In the Certificate drop-down list, choose the self-signed certificate that you generated earlier.
18.
Click OK, and then click Apply.
Step 2. Upload and Identify the SSL VPN Client Image
This document uses the AnyConnect SSL 2.0 client. You can obtain this client at the Cisco Software Download Website. A separate Anyconnect image is required for each operating system that remote users plan to use. For more information, refer to Cisco AnyConnect 2.0 Release Notes.
Once you obtain the AnyConnect client, complete these steps:
ASDM Procedure
1.
Click Configuration, and then click Remote Access VPN.
2.
Expand Network (Client) Access, and then expand Advanced.
3.
Expand SSL VPN, and choose Client Settings.
4.
In the SSL VPN Client Images area, click Add, and then click Upload.
5.
Browse to the location where you downloaded the AnyConnect client.
6.
Select the file, and click Upload File.
Once the client uploads, you receive a message that states the file was uploaded to flash successully.
7.
Click OK.
A dialog box appears to confirm that you want to use the newly uploaded image as the current SSL VPN client image.
8.
Click OK.
9.
Click OK, and then click Apply.
10.
Repeat the steps in this section for each operating system-specific Anyconnect package that you want to use.
Step 3. Enable Anyconnect Access
In order to allow the AnyConnect client to connect to the ASA, you must enable access on the interface that terminates SSL VPN connections. This example uses the outside interface in order to terminate Anyconnect connections.
ASDM Procedure
1.
Click Configuration, and then click Remote Access VPN.
2.
Expand Network (Client) Access, and then choose SSL VPN Connection Profiles.
3.
Check the Enable Cisco AnyConnect VPN Client check box.
4.
Check the Allow Access check box for the outside interface, and click Apply.
Step 4. Create a new Group Policy
A group policy specifies the configuration parameters that should be applied to clients when they connect. This example creates a group policy named SSLClientPolicy.
ASDM Procedure
1.
Click Configuration, and then click Remote Access VPN.
2.
Expand Network (Client) Access, and choose Group Policies.
3.
Click Add.
4.
Choose General, and enter SSLClientPolicy in the Name field.
5.
Uncheck the Address Pools Inherit check box.
6.
Click Select, and then click Add.
The Add IP Pool dialog box appears.
7.
Configure the address pool from an IP range that is not currently in use on your network.
This example uses these values:
*
Name: SSLClientPool
*
Starting IP Address: 192.168.25.1
*
Ending IP Address: 192.168.25.50
*
Subnet Mask: 255.255.255.0
8.
Click OK.
9.
Choose the newly created pool, and click Assign.
10.
Click OK, and then click More Options.
11.
Uncheck the Tunneling Protocols Inherit check box.
12.
Check SSL VPN Client.
13.
In the left pane, choose Servers.
14.
Uncheck the DNS Servers Inherit check box, and enter the IP address of the internal DNS server that the AnyConnect clients will use.
This example uses 192.168.50.5.
15.
Click More Options.
16.
Uncheck the Default Domain Inherit check box.
17.
Enter the domain used by your internal network. For example, tsweb.local .
18.
Click OK, and then click Apply.
Configure Access List Bypass for VPN Connections
When you enable this option, you allow the SSL/IPsec clients to bypass the interface access list.
ASDM Procedure
1.
Click Configuration, and then click Remote Access VPN.
2.
Expand Network (Client) Access, and then expand Advanced.
3.
Expand SSL VPN, and choose Bypass Interface Access List.
4.
Ensure the Enable inbound SSL VPN and IPSEC Sessions to bypass interface access lists check box is checked, and click Apply.
Step 6. Create a Connection Profile and Tunnel Group for the AnyConnect Client Connections
When VPN clients connect to the ASA, they connect to a connection profile or tunnel group. The tunnel group is used to define connection parameters for specific types of VPN connections, such as IPsec L2L, IPsec remote access, clientless SSL, and client SSL.
ASDM Procedure
1.
Click Configuration, and then click Remote Access VPN.
2.
Expand Network (Client) Access, and then expand SSL VPN.
3.
Choose Connection Profiles, and click Add.
4.
Choose Basic, and enter these values:
*
Name: SSLClientProfile
*
Authentication: LOCAL
*
Default Group Policy: SSLClientPolicy
5.
Ensure the SSL VPN Client Protocol check box is checked.
6.
In the left pane, expand Advanced, and choose SSL VPN.
7.
Under Connection Aliases, click Add, and enter a name to which users can associate their VPN connections. For example, SSLVPNClient.
8.
Click OK, and then click OK again.
9.
At the bottom of the ASDM window, check the Allow user to select connection, identified by alias in the table above at login page check box, and click Apply.
Step 7. Configure NAT Exemption for AnyConnect Clients
NAT exemption should be configured for any IP addresses or ranges you want to allow the SSL VPN clients to access. In this example, the SSL VPN clients need access to the internal IP 192.168.50.5 only.
Note: If NAT-control is not enabled, this step is not required. Use the show run nat-control command to verify. In order to verify through ASDM, click Configuration, click Firewall, and choose Nat Rules. If the Enable traffic through the firewall without address translation check box is checked, you can skip this step.
ASDM Procedure
1.
Click Configuration, and then click Firewall.
2.
Choose Nat Rules, and click Add.
3.
Choose Add NAT Exempt Rule, and enter these values:
*
Action: Exempt
*
Interface: inside
*
Source: 192.168.50.5
*
Destination: 192.168.25.0/24
*
NAT Exempt Direction: NAT Exempt outbound traffic from interface ‘inside’ to lower security interfaces (Default)
4.
Click OK, and then click Apply.
Step 8. Add Users to the Local Database
If you use local authentication (the default), you must define user names and passwords in the local database for user authentication.
ASDM Procedure
1.
Click Configuration, and then click Remote Access VPN.
2.
Expand AAA Setup, and choose Local Users.
3.
Click Add, and enter these values:
*
Username: matthewp
*
Password: p@ssw0rd
*
Confirm Password: p@ssw0rd
4.
Select the No ASDM, SSH, Telnet or Console Access radio button.
5.
Click OK, and then click Apply.
6.
Repeat this step for additional users, and then click Save.
Verify SSL VPN Client Connections
Use the show vpn-sessiondb svc command in order to verify connected SSL VPN clients.
ciscoasa(config-group-policy)#show vpn-sessiondb svc
Session Type: SVC
Username : matthewp Index : 6
Assigned IP : 192.168.25.1 Public IP : 172.18.12.111
Protocol : Clientless SSL-Tunnel DTLS-Tunnel
Encryption : RC4 AES128 Hashing : SHA1
Bytes Tx : 35466 Bytes Rx : 27543
Group Policy : SSLClientPolicy Tunnel Group : SSLClientProfile
Login Time : 20:06:59 UTC Tue Oct 16 2007
Duration : 0h:00m:12s
NAC Result : Unknown
VLAN Mapping : N/A VLAN : none
ciscoasa(config-group-policy)#
The vpn-sessiondb logoff name username command logs off users by user name. An Administrator Reset message is sent to the user when disconnected.
ciscoasa(config)#vpn-sessiondb logoff name matthewp
Do you want to logoff the VPN session(s)? [confirm]
INFO: Number of sessions with name “matthewp” logged off : 1
ciscoasa(config)#