Tag Archives: configure

Configure Cisco switch from Mac OS X through console port

Recently, I was searching for rollover cable that use to connect your PC/laptop to your switch via console port. It took me for a while searching this kind of cable in Low Yat Plaza, KL. Here, you can find variety of electronics stuff from PC hardware to servers stuffs.

But, it was hard for me to find this cable. After several visit to Low Yat, I managed to find the cable together with DB9 to USB converter. As you know, the rollover cable is using serial to ethernet cable. So, this post will guide you on how to install the driver and connect your rollover cable to your switch from Mac OS X.

So, for the first step, you should have rollover cable that looks like this:

Rollover to DB9/serial cable

Rollover to DB9/serial cable

And the DB9 to USB 2.0 converter. The one that I’m using is like this:
http://www.vztec.com.my/?sec=product&type=connect&sub=5&id=13776589936053

For my Mac OS X version, I’m using Mac OS X Yosemite 10.10.5 on MacBook Pro (13-inch, Early 2011). You’ll need the driver for the cables that you can download at here:
http://www.prolific.com.tw/UserFiles/files/PL2303_MacOSX_1_6_1_20160309.zip

After you’ve done downloading and extracting the driver, just click at .pkg file and proceed to install the driver. Reminder, make sure you restarted you machine after installing the driver in order for system to take effect:

DB9 to USB Converter driver

DB9 to USB Converter driver

Then, connect/plug-in the rollover cable to DB9 to USB converter. Then connect the converter USB to you Mac. After all has been connected, click on Apple logo on top left menu bar, click About This Mac, on Overview tabs, click System Report. Ensure that you DB9 converter is connected:

Mac OS X System Info

Mac OS X System Info

After restart, you can verify if the driver has successfully installed and loaded to the system by using this command:

or

Now finally, you need an application which will talk to the serial port. We’ll using Terminal app on Mac OS X. On Mac, the file which maps to the port is /dev/cu.usbserial. Once all the cable has been connected, run this command to start connecting to you switch:

Fixing wp_termmeta doesn’t exist error

One day, I open my mailbox and see bunch of error mail written something like this:

Upon diving in Google ocean, I found this solution that may solve the problem:

Use this SQL query to add manually the wp_termmeta table in your WordPress database if there is the wp_termmeta table doesn’t exist in your DB.

Credit: http://zanca.it/tutorials/wp_termmeta-doesnt-exist-error-solved/

WordPress HTTP error on image upload (Nginx)

HTTP Error during image upload on wordpress

HTTP Error during image upload on wordpress

Recently, I’ve encountered this kind of problem. Maybe because it has been awhile I’m not uploading any images to my post. :p

Anyway, if you came out with this kind of error and using Nginx as your web engine, here how to solve it.

Add:

to your nginx .conf file.

For example, mine looks something like this:

Hope it helps. 🙂

Credit to aaronjholbrook

Disable IPv6 on Ubuntu

If you want to disable IPv6 on your server, below is the step to do it.

  1. Edit this file:

  1. Add these lines to the bottom of the file:

  1. Run this command on your terminal:

Done!

Enable graphical root login on ubuntu 12.04

In Ubuntu, user “root” won’t show up as an options to login, which you need to adjust the Ubuntu to allow login as “root”.

Run this command below in your terminal (as normal user with sudo):

Reboot and then you should be able to login as root using graphical user login.

Allow root login on FreeBSD

To allow root login via ssh on FreeBSD, edit sshd_config file:

Find this line:

and change it to:

Now Restart sshd

Restore grub without live CD on Linux

If you start your Ubuntu and it display a grub shell to you, you can run this command below to fix it:


* Ensure that you entered correct partition (e.g. hd0,1) for hdX,Y. If not, than your grub will be messed.

References :
http://superuser.com/questions/181733/how-can-i-restore-grub-without-a-live-cd1
http://www.linux.com/learn/tutorials/776643-how-to-rescue-a-non-booting-grub-2-on-linux

Installing Comodo Positive SSL Certs on Apache

Recently, I purchased Comodo Positive SSL for one of my web. Since this is my new experience on installing SSL onto Apache, I write this article so that anyone can refer to this step and also as my personal note.

  1. Before you install the certificates, you need to set up your virtual hosts and Apache configuration.
    In /etc/apache2/ports.conf add this line:

So the ports.conf will be something like this:

  1. Then in your vhost file which is usually located at /etc/apache2/sites-enabled/default-ssl, edit or make sure this line is there:

SSLCertificateFile
This is the actual SSL certificate. Comodo will name it after your domain e.g. www_your_domainname_org.crt. So just copy the file into the correct directory /etc/ssl/crt/ and make sure your vhost file points to it.

SSLCertificateKeyFile
When you first generated your CSR to send to the commercial SSL issuer you should have gotten a key file. You just need to move it into the same folder as your SSL cert if it’s not there already and point the line to your vhost config.

SSLCACertificateFile
Comodo sends you that zip file with 3 individual CRT files in it you need to combine a couple of them into one file. You can ignore the file named after your domain and just focus on the other two. You need to combine them into one file in a very specific order.

Run this command to generate a file that matches your vhost config, remembering to change the file names to whatever the SSL issuer has given you:

Then, restart your server:

Mac OS X – Can’t locate Switch.pm

Recently, I want to run some script using Perl. But I encountered this:

Can’t locate Switch.pm in @INC (@INC contains: /Library/Perl/5.16/darwin-thread-multi-2level /Library/Perl/5.16 /Network/Library/Perl/5.16/darwin-thread-multi-2level /Network/Library/Perl/5.16 /Library/Perl/Updates/5.16.2 /System/Library/Perl/5.16/darwin-thread-multi-2level /System/Library/Perl/5.16 /System/Library/Perl/Extras/5.16/darwin-thread-multi-2level /System/Library/Perl/Extras/5.16 .)

So, the solution is:

w00tw00t.at.blackhats.romanian.anti-sec – WTF!?

One day you may find a bunch of requests in a short period of time with unusual and suspicious user agent in your Apache web server’s logs. Something like Made by ZmEu @ WhiteHat Team – http://www.whitehat.ro or ZmEu and the requests may be made from Russia or China. Search and you’ll find that ZmEu is a bot that tries to find vulnerabilities in phpMyAdmin (usually looks for phpmyadmin/scripts/setup.php file) and other web applications.

It is kind of script attack in which attacker try to find the loopholes in phpmyadmin and php with Apache and try to manipulate through URL. This is how logs looked like:

Log from nginx access.log
[email protected]:~# grep -r w00t /var/log/nginx/*
/var/log/nginx/access.log:93.174.93.213 – – [23/Jul/2013:08:34:12 +0800] “GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1” 502 383 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:30 +0800] “GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1” 502 383 “-” “ZmEu”

Another log from nginx access.log
[email protected]:~# grep -r ZmEu /var/log/nginx/*
/var/log/nginx/access.log:93.174.93.213 – – [23/Jul/2013:08:34:12 +0800] “GET /phpMyAdmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:93.174.93.213 – – [23/Jul/2013:08:34:12 +0800] “GET /pma/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:93.174.93.213 – – [23/Jul/2013:08:34:12 +0800] “GET /phpmyadmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:93.174.93.213 – – [23/Jul/2013:08:34:12 +0800] “GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1” 502 383 “-” “ZmEu”
/var/log/nginx/access.log:93.174.93.213 – – [23/Jul/2013:08:34:12 +0800] “GET /myadmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:93.174.93.213 – – [23/Jul/2013:08:34:12 +0800] “GET /MyAdmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:30 +0800] “GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1” 502 383 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:30 +0800] “GET /scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:30 +0800] “GET /admin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:30 +0800] “GET /admin/pma/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:30 +0800] “GET /admin/phpmyadmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:31 +0800] “GET /db/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:31 +0800] “GET /dbadmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:31 +0800] “GET /myadmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:31 +0800] “GET /mysql/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:32 +0800] “GET /mysqladmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:32 +0800] “GET /typo3/phpmyadmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:32 +0800] “GET /phpadmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:32 +0800] “GET /phpMyAdmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:33 +0800] “GET /phpmyadmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:33 +0800] “GET /phpmyadmin1/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:33 +0800] “GET /phpmyadmin2/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:33 +0800] “GET /pma/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:34 +0800] “GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:34 +0800] “GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:34 +0800] “GET /web/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:34 +0800] “GET /php-my-admin/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”
/var/log/nginx/access.log:109.230.228.246 – – [23/Jul/2013:10:50:35 +0800] “GET /websql/scripts/setup.php HTTP/1.1” 404 142 “-” “ZmEu”

Dayuumm. You as*h**e run into my server with this so-called script.
You scan me server. Me block you long time. Come. Here I share with you how to mitigate this attack.

First, we install fail2ban on our server. For those who don’t know what is fail2ban, fail2ban is more advanced than DenyHosts as it extends the log monitoring to other services including SSH, Apache, Courier, FTP, and more.

Fail2ban scans log files and bans IPs that show the malicious signs — too many password failures, seeking for exploits, etc.

Generally Fail2Ban then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action could also be configured.

So, to install it, open up your terminal and type:
sudo apt-get install fail2ban

After that, create new file called w00tw00t.conf in /etc/fail2ban/filter.d/
nano /etc/fail2ban/filter.d/w00tw00t.conf

Put this code inside that file:
[Definition]
failregex = ^ .*”GET \/w00tw00t*

ignoreregex =

Edit /etc/fail2ban/jail.conf file:
nano /etc/fail2ban/jail.conf

At the last line of the file, put this code:
[w00tw00t-scans]

enabled = true
action = iptables-allports
sendmail-whois[name=SSH, dest=root, [email protected]]
filter = w00tw00t

##### set the log path ######
logpath = /var/log/nginx/access.log
maxretry = 1

###### ban for 24 hour ######
bantime = 86400

Restart fail2ban service:
/etc/init.d/fail2ban restart

Check fail2ban client status:

[email protected]:~# fail2ban-client status
Status
|- Number of jail: 2
`- Jail list: w00tw00t-scans, ssh

credit to:
http://sharadchhetri.com/2013/06/27/protect-from-w00tw00t-at-blackhats-romanian-anti-sec/
http://myatus.com/p/blocking-w00tw00t-scans/