24 Nov

SSL Certificate on Tomcat

Posted by bhaveshvala in Uncategorized. Leave a Comment

Meaning:-

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

To be able to create an SSL connection a web server requires an SSL Certificate. our web server then creates two cryptographic keys – a “Private Key” and a “Public Key”.

The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR). You should then submit the CSR, during the SSL Certificate application process, the Certification Authority will validate your details and issue an SSL sertificate containing your details and allowing you to use SSL.

Your web server will match your issued SSL Certificate to your Private Key, it it matches then it establish an encrypted link between the website and your customer’s web browser. Below are the steps for how to Generate a SSL certificate on Apache and Tomcat.

-: Generate SSL Certificate on Tomcat :-

1) Using the “java keytool” command line utility, the first thing you need to do is
create a keystore and generate the key pair. You can do the same with the
followingcommand.

SHELL> keytool -genkey -keysize 1024 -keyalg RSA -alias tomcat -keystore \
<mykey.keystore>

Here,

    The above command will generate a 1024 bit keystore with the RSA algorithem.

    After running the above command it will ask some of the question Which you will
    have to answer. The question are,

    Enter keystore password:
    Re-enter new password:
    What is your first and last name?
    [Unknown]: bhavesh.com
    What is the name of your organizational unit?
    [Unknown]: Information Technology
    What is the name of your organization?
    [Unknown]: Bhavesh Private Limited
    What is the name of your City or Locality?
    [Unknown]: Mumbai
    What is the name of your State or Province?
    [Unknown]: Maharastra
    What is the two-letter country code for this unit?
    [Unknown]: IN
    Is CN=bhavesh.com, OU=Information Technology, O=Bhavesh Private Limited, L=Mumbai,
ST=Maharastra, C=IN correct?
    [no]: yes

Enter key password for <tomcat>
(RETURN if same as keystore password):

2) Now with above generated keystore you need to create a generate new Certificate
Signing Request (CSR). To create a CSR run the below command at your command prompt.

SHELL> keytool -certreq -alias tomcat -file <yourdomain.csr> \
-keystore mykey.keystore

Here,
The new CSR is generated through KEYSTORE. The content of new generated cSR
(yourdomain.csr) looks like this,

—–BEGIN NEW CERTIFICATE REQUEST—–
MIICkjCCAk8CAQAwgYwxCzAJBgNVBAYTAklOMRMwEQYDVQQIEwpNYWhhcmFzdHJhMQ8wDQ
EwZNdW1iYWkxIDAeBgNVBAoTF0JoYXZlc2ggUHJpdmF0ZSBMaW1pdGVkMR8wHQYDVQQLEx
cm1hdGlvbiBUZWNobm9sb2d5MRQwEgYDVQQDEwtiaGF2ZXNoLmNvbTCCAbcwggEsBgcqhk
MIIBHwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8
y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHs
WhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoI
y7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMo
FnqLVHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegH
TDv+z0kqA4GEAAKBgGcfNIDo5ggOvrJILRlCLMjEyCzb9+qj3w+/sNgCBYwoWOEte1nzT0
z3EAVKQ2Oev/J6e4ENzTxlIjKagfbcIpSWiUZA1aTI9G0JzbjpRETC7z9sGEvN5YHSel+Z
qVnssBLzdQnJiow5LDu8VkOjaEo9tzmPrHM3oAAwCwYHKoZIzjgEAwUAAzAAMC0CFQCU16
Q7DGzcGblZe+nyNsGgIUNSrNd+VXZYke1MgE7XHj5T5ItHU=
—–END NEW CERTIFICATE REQUEST—–

3) Now you will need to purchase SSL certificate from the respective Certificate
   Authority like (godaddy.com or Geotrust or Verisign). Where you will get one
   account from which you can upload your CSR. After uploading CSR you will get
   one mail stating email verification where you will be getting the HTTP link from
   which you will approve the order, then after you will get your SSL certificate
   through email.

Now you have your SSL certificate, so run the below command to import the same on
you KEYSTORE file.

    SHELL> keytool -import -alias tomcat -keystore mykey.keystore -trustcacerts -file
           <yourdomain.crt>

Here,
    We have imported the SSL certificate to KEYSTORE.

4) Now add the below mentionedd line to “SSL/TLS Connector configuration” part of your
tomcat configuration file.

    keystoreFile=”/FOLDER/PATH/conf/mykey.keystore”
    keystorePass=”password”

Here,
    “keystorePass” will be the password which you have given while generating
    “mykey.keystore” file.

5) Let restart the Tomcat service and that’s it.

15 Sep

MySQL’s BLACKHOLE Storage Engine

Posted by bhaveshvala in Uncategorized. Tagged: blackhole, blackhole storage engine, MySQL, Storage Engine. 1 Comment

The BLACKHOLE storage engine is named as “black hole” because it accepts data and does not store it. If you wiil insert any record it will prompt you that tables are updated nut when you will hit a select query on same table, you will be return an empty result:

Below is the example,

The BLACKHOLE storage engine comes by default with in MySQL. If you build MySQL from source, then parse the –with-blackhole-storage-engine option.

When you create a BLACKHOLE table, only the .frm file is created, because it does not reuire to store data so no .MYD and .MYI file needed. You can check whether the BLACKHOLE storage engine is available by running below MySQL statement on mysql prompt.

Inserts into a BLACKHOLE table do not store any data, but if the binary log is enabled, the SQL statements are logged and replicated to slave servers.

If you run in a high volume production system where you may have one or more master databases for writes/updates/deletes and a whole bunch of slaves reading the log from that master which in short increase the network traffic, disk I/O, CPU power and others, this affect the performance of a Master Server.

So to solve this problem you can take a help of MySQL’s BLACKHOLE storage engine as shown on below example.

What you then have is the Master only replicating to one database, increasing the Master’s capacity to process transactions. The slaves consume the log file from the Blackhole server. It acts as a proxy at this point, with the benefit of freeing up resources on the Master’s server.

The master writes to its binary log. The “Blackhole” server acts as a proxy slave server, it does not actually store any data, so there is little processing overhead incurred and other SLAVE server will read a binary log from this server.

Other possible uses for the BLACKHOLE storage engine include:

* Verification of dump file syntax.
* Measurement of the overhead from binary logging, by comparing
performance using BLACKHOLE with and without binary logging
enabled.

3 Sep

MySQL storage engine Sphinx

Posted by bhaveshvala in Uncategorized. Tagged: External Engine, MySQL, Sphinx, Storage Engine. Leave a Comment

=> Sphinx Overview

Sphinx is MySQL storage engine which can be compiled with MySQL server 5.X version. It you want to compile with MySQL 5.0 series then you must have MySQL 5.0.22 or higher version, or MySQL 5.1.12 or higher in 5.1.x version.

Sphinx does not actually store any data itself. It is a built-in client which allows MySQL server to talk to searchd, run search queries, and obtain search results. All indexing and searching happen outside the MySQL.

=> Pre-Compile Package Requirements

You will need to install below package before compiling Sphinx

* autoconf
* automake
* libtool
* bison

=> Downloading, Installing and Compiling Sphinx

If you have already have an MySQL on you server then, there is no need to install it again just follow the “Installing Sphinx Add-On for already Installed MySQL”. But if you want to install a fresh copy of MySQl with Sphinx then follow the below stpes.

++ For MySQL 5.1 Series

1. Download the latest stable version of MySQL from “http://dev.mysql.com/downloads/” snd Sphinx from “http://sphinxsearch.com”

2. Untar the downloaded package.

3. In MySQL sources directory, create storage/sphinx directory and copy all files from Sphinx’s mysqlse directory to MySQL’s storage/sphinx folder. E.g,

4. In MySQL sources directory, run below command

5. Now configure MySQL with Sphinx engine on “/usr/local/mysql-5.1” path.

6. Build and Install MySQL with Sphinx

++ For MySQL 5.0 Series

1. Download the latest stable version of MySQL from “http://dev.mysql.com/downloads/” snd Sphinx from “http://sphinxsearch.com”

2. Untar the downloaded package.

3. For MySQL 5.0 series first you wiil have to apply an patach which will be found on path “/usr/local/src/sphinx-0.9.8.1/ysqlse/sphinx.5.0.37.diff”.

4. In MySQL sources directory, run below command

5. IN MySQL sources directory, create sql/sphinx directory in and copy all files in mysqlse directory from Sphinx sources there.

6. Now configure MySQL with Sphinx engine on “/usr/local/mysql-5.0” path.

7. Build and Install MySQL with Sphinx

++ Installing Sphinx Add-On for already Installed MySQL

* For MySQL 5.1 and MySQL 5.0 series skip 1st and 2nd steps, but make sure you have latest copy of Sphinx.

=> Checking Sphinx installation

To check whether Sphinx has been succesfully compiled into MySQL, run SHOW ENGINES query on MySQL SHELL. You should see a Sphinx to be present and “Support” column should contain “YES”.

29 Aug

Make Data unrecoverable after formating HDD

Posted by bhaveshvala in Uncategorized. Tagged: Data, Format, Hard Disk, HDD, Recovery. Leave a Comment

Every few months, a slow news day leads to somebody, somewhere, buying an old PC, hard drive, or flash memory card off ebay, and then writing a story about how they were able to restore all the files that the previous owner had tried to erase prior to selling.

If you want to sell hardware and you’re not sure how some people can recover data from supposedly-erased hard drives, this article is for you.

I’m going to use this diagram to explain the whole thing: It represents data stored on a PC filesystem, such as a hard drive or Flash memory such as you get in digital cameras. It’s hugely reduced in size (even a floppy disk would be more than 2000 times bigger than this!) to simplify the explanations, but it’s good enough to illustrate the principles:

a b c d e f g h i j k l m n o p q r s t u v w x y z

a 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
b 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
g 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
h 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
j 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
k 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
l 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
m 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
n 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
o 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
p 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
q 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
r 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
s 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
t 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
u 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
v 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
w 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
y 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
z 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

It’s currently a totally blank disk. Each zero represents one byte of data.

Now, no working disk drive looks like this, even when it’s empty. The first thing that a disk has is a partition table. Most Windows PCs only have one partition, very slightly smaller than the capacity of the hard drive. But you can have up to four partitions on a normal disk drive (or even more, depending on your operating system.)

So we partition our disk drive, and now the computer knows where it can store data:

a b c d e f g h i j k l m n o p q r s t u v w x y z

a p a r t i t i o n 1 = b a – z z 0 0 0 0 0 0 0 0 0 0
b 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
g 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
h 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
i 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
j 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
k 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
l 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
m 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
n 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
o 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
p 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
q 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
r 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
s 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
t 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
u 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
v 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
w 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
y 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
z 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

We’ve defined a single partition that occupies the disk from the start of the second row (ba) to the end of the last row (zz). We can’t start storing data before ‘ba’, because hard drives devote a certain amount of space to partition tables, and in our case, it’s the whole of the first row.

Next, we need to format our partition – in Windows, that means either NTFS or FAT. Other OSes use other filesystems. We’re going to use an imaginary one to keep things simple. (To save space, I’m not going to show all the empty lines in the following diagrams)

a b c d e f g h i j k l m n o p q r s t u v w x y z

a p a r t i t i o n 1 = b a – z z 0 0 0 0 0 0 0 0 0 0
b f o r m a t = c a – z z 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

Again, we’ve devoted a complete row, this time to information about our formatted partition. However, the remaining 24 lines of space are now ready for writing. With this particular filesystem, the first row of the partition tells the computer where the files’ contents are stored. We’re going to add a file “credit.txt”, a text file that holds our credit-card number.

a b c d e f g h i j k l m n o p q r s t u v w x y z

a p a r t i t i o n 1 = b a – z z 0 0 0 0 0 0 0 0 0 0
b f o r m a t = c a – z z 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c c r e d i t . t x t = d a – d s 0 0 0 0 0 0 0 0 0 0
d 1 2 3 4 – 3 2 1 2 – 3 4 5 6 – 5 4 3 2 0 0 0 0 0 0 0
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

The file and its location are now added (in green), and the contents (in orange) clearly visible from a simple scan of the disk.

Now this is where the problems start. We want to sell this drive, so we need to delete our credit card details from it. We delete the file, and this, we think, will delete the credit card details.

Right. . ?

Wrong. This is our filesystem after we delete the file:

a b c d e f g h i j k l m n o p q r s t u v w x y z

a p a r t i t i o n 1 = b a – z z 0 0 0 0 0 0 0 0 0 0
b f o r m a t = c a – z z 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
d 1 2 3 4 – 3 2 1 2 – 3 4 5 6 – 5 4 3 2 0 0 0 0 0 0 0
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

The file’s entry has been removed from row ‘c’ – The computer is presented with what it thinks is a blank disk. But the contents of the file are left untouched: Only row ‘c’ has been altered. The file has been logically deleted, because to the computer, the disk appears empty. But it has not been physically deleted: It’s still there.

Perhaps, instead, we should have simply deleted the whole partition? Let’s see what this would have achieved:

a b c d e f g h i j k l m n o p q r s t u v w x y z

a 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
b f o r m a t = c a – z z 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c c r e d i t . t x t = d a – d s 0 0 0 0 0 0 0 0 0 0
d 1 2 3 4 – 3 2 1 2 – 3 4 5 6 – 5 4 3 2 0 0 0 0 0 0 0
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

Oh dear, this is even worse! The partition is gone, but all the information about the formatted filesystem and its contents are still there. It’s very easy, with the data we’ve got, to simply re-create the partition table and restore all files within it. This makes it even easier for our malicious buyer to grab our credit card details!

The problem, in a nutshell, is that deleting never actually deletes the information. At best, it removes references to the information while leaving the information itself untouched.

In order to delete a file safely, what we really need to do is get at the actual contents. At this point, my bias starts to show through, because I think Linux users are considerably better off than Windows users here: Linux usually comes with a tool that does this very thing. It’s called shred. If you’re a Windows user, either get hold of a Linux LiveCD such as Knoppix, or look up a Windows-specific secure deletion program on Google. I’m going to continue by talking about shred, but the principles are the same whatever you use.

Shred and its brethen simply over-write file contents with random data. As an example, let’s see what would happen if we shred credit.txt

a b c d e f g h i j k l m n o p q r s t u v w x y z

a p a r t i t i o n 1 = b a – z z 0 0 0 0 0 0 0 0 0 0
b f o r m a t = c a – z z 0 0 0 0 0 0 0 0 0 0 0 0 0 0
c c r e d i t . t x t = d a – d s 0 0 0 0 0 0 0 0 0 0
d k 2 v @ ( j 5 Z £ ^ ! k a 8 * N 8 A , 0 0 0 0 0 0 0
e 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
f 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

That’s better! The file is still there, but the contents are of no use to anybody. Shred learned from the green row, ‘c’, that credit.txt’s data was located from ‘da’ to ‘ds’ and then wrote random data to that area of the disk. If we now delete the file as usual, we can be sure that this disk drive has no clue as to our credit card number.

But what if we had a file with our credit card details in it that we deleted several months ago? What if its contents are still there, somewhere?

The only way to make absolutely sure that no recoverable data is left on the disk at all is to shred the whole thing. This does what we really wanted to do right at the start: Removes absolutely everything from the disk. Because Windows locks the files that it is currently using, and all OSes tend to write to the disk from time to time, you can’t do this from within a normal OS. You need to use something that can function independantly: Knoppix is really handy at this point! Do, of course, bear in mind that what you’re doing here is permanently and irreversibly wiping a disk drive completely, so make sure you remove or at least unplug any drives that you don’t want wiped! Accidents do happen. . .

From within Knoppix, you would open up a terminal and use fdisk -l to tell you what disk drives it can detect. It should show you at least two: The CD you booted from, and the drive you want to wipe.

The naming system is a bit arcane if you’re used to Windows and “C:” and “D:” for the hard drive and CD-ROM, but it’s simple enough to follow. All hard drive names start with “/dev” which simply means “device” – all the PC’s hardware has a name beginning with “/dev”. Typically, a hard drive will be “hd” if it’s IDE, or “sd” if it’s SATA. It will also have a letter following it: The first hard drive will be “a”, the second “b”, and so on.

So if you have a simple IDE hard drive, it will be called “/dev/hda”. If you have a SATA drive with two partitions, the disk will be “/dev/sda” and the partitions will be “/dev/sda1” and “/dev/sda2”

Simple enough, once you get the hang of it.

So, if your hard drive is a standard IDE, it will be /dev/hda you want to erase, and you would issue the command shred /dev/hda and then go and find something else to do for a while, because this takes quite some time: There’s a lot of data to write. By default, shred will overwrite the whole drive 25 times! If you have a 100GB disk, that means writing 2500GB of data. To just do it once, you would type shred -n 1 /dev/hda, but bear in mind that this is less secure.

Eventually, shred will leave you with a filesystem that looks like this:

a b c d e f g h i j k l m n o p q r s t u v w x y z

a n # Y v C n $ } I / . ` b 0 J r n v 9 8 N % I : 3 ?
b = Y ` K c E b x x f W S p y \ g L l $ C ? ) , 8 k o
c O ! w | \ 7 2 v A i O I p w 5 v O k 1 \ I ` s T u a
d N g h j t y – 2 n c k m r 1 ( W 1 r . i < M _ L ‘ +
e @ } G L ^ ^ f ( t S = ] i ( D q ! r E 5 = K _ y 0 7
f % _ Z a o g I 2 . K v u O h D q q , A ` 2 0 E ” g ?
g K | k g 6 A ” j % S ? Z v a p t Z l x z < r P 3 D v
h > # n ( A e D * < _ [ N e x 7 i r T c a z f R t _ 3
i 9 M i # / K m E Z & k M ; m | C b * – > , _ * f i d
j | ( \ i m c o 3 k H & 5 G ; Q + ] m M w M 0 ) J E ?
k u ! T M r c ; 7 ` w < F , M \ 9 } a q # C j 0 Z u <
l O I p A : , D H } \ q 5 O 9 x z : C t { b > O ` G ;
m m V [ M p ` U p @ i C v n ‘ , s P | t I U Y T , / n
n h # h n i a J I R y b S y 0 A I W r U C 4 o F # b X
o – E ^ \ Q [ l U I + # u v { Y ( U _ @ = o ) h J _ m
p ^ L n t J # A ; V . ] m ! ] c a _ { , ” l m X \ o e
q % 6 n c g H x G 2 ^ , T ` ” ” / 0 > U X 8 % . 3 / 5
r ] f H f r h M ! c j W = 3 | I k | 6 J | X K f 3 T ,
s Y A > U / 0 Z $ y . C n T + & L } K o M m h { | s x
t _ o p L ] y g > _ N B & H 4 ; Y 3 B – j T m F . F o
u Q ? / F C ! Z j 3 : t E 9 s a o } _ H ” \ : q ] W #
v z ; w j W 2 : B * o P Q ! % 6 ” 9 L m z I t r 8 _ +
w = l V { h n 9 I t Y A r f r L d V H C $ s g ! { s J
x L ] I r E + q b Q \ y B & Q 3 I # $ W b , y x V Y t
y f $ ^ ‘ c O } @ 5 B _ 5 \ w 0 N Q j ( b – I w & ( ?
z ^ . y \ ” 2 F x ` V s # H 5 ; t ! } ! y 5 y ? e w #

If you’d rather it was returned to the pristine block of zeros we started with, add -z to the command: shred -z /dev/hda and the final pass of shred will write zeros instead of random data. We thus end up with this:

a b c d e f g h i j k l m n o p q r s t u v w x y z

And your disk is now about as safe as it can be, short of placing it in solvent and leaving it there until it dissolves. In theory, the data can still be recovered after multiple random over-writes, but you’d need very expensive forensic equipment to manage it: Not something the average ebayer is likely to have.

24 Jul

MySQL Inernals

Posted by bhaveshvala in Uncategorized. Tagged: Database, MySQL, MySQL Internals, Replication, Storage Engine, Table. 1 Comment

By April of 2000, with some encouragement and sponsorship from Slashdot, master-slave replication capability was added.The old nontransactional storage engine,ISAM, was reworked and released as MyISAM.

By early 2002 the MySQL/InnoDB combo was stable and instantly took MySQL to another level. Version 4.0 was finally declared production stable in March 2003.

One can identify the following modules in the server:

• Server Initialization Module
• Connection Manager
• Thread Manager
• Connection Thread
• User Authentication Module
• Access Control Module
• Parser
• Command Dispatcher
• Query Cache Module
• Optimizer
• Table Manager
• Table Modification Modules
• Table Maintenance Module
• Status Reporting Module
• Abstracted Storage Engine Interface (Table Handler)
• Storage Engine Implementations (MyISAM, InnoDB, MEMORY, Berkeley DB)
• Logging Module
• Replication Master Module
• Replication Slave Module
• Client/Server Protocol API
• Low-Level Network I/O API
• Core API

=> Interaction of the Core Modules

When the server is started on the command line, the Initialization Module takes control. It parses the configuration file and the command-line arguments, allocates global memory buffers, initializes global variables and structures, loads the access control tables, and performs a number of other initialization tasks. Once the initialization job is complete, the initialization Module passes control to the Connection Manager, which starts listening for connections from clients.

When a client connects to the database server, the Connection Manager performs a number of low-level network protocol tasks and then passes control to the Thread Manager, which in turn supplies a thread to handle the connection. Once the Connection Thread receives control, it first invokes the User Authentication Module. The credentials of the connecting user are verified, and the client may now issue requests.

The Connection Thread passes the request data to the Command Dispatcher. In MySQL server terminology, there are two types of client requests: a query and a command. A query is anything that has to go through the parser. A command is a request that can be executed without the need to invoke the parser.

The Command Dispatcher forwards queries to the Parser through the Query Cache Module. The Query Cache Module checks whether the query is of the type that can be cached, and if it is already exist ,then a previously computed cached result that is still valid will be displayed. If the Query Cache Module reports a miss, the query goes to the Parser, which will make a decision on how to transfer control based on the query type.

Select queries are forwarded to the Optimizer; updates, inserts, deletes, and table-creation and schema-altering queries go to the respective Table Modification Modules; queries that check, repair, update key statistics, or defragment the table go to the Table Maintenance module; queries related to replication go to the Replication Module; and status requests go to the Status Reporting Module.

At this point, each of the modules that will receive control from the Parser passes the list of tables involved in the query to the Access Control Module and then, upon success, to the Table Manager, which opens the tables and acquires the necessary locks. Now the table operation module is ready to proceed with its specific task and will issue a number of requests to the Abstracted Storage Engine Module for low-level operations such as inserting or updating a record, retrieving the records based on a key value, or performing an operation on the table level, such as repairing it or updating the index statistics.

If the low-level module has made a modification to the data in some way and if the binary update logging is enabled, the module will be responsible for asking the Logging Module to log the update event to the binary update log, sometimes known as the replication log, or, among MySQL developers and power users, the binlog.

Once the task is completed, the execution flow returns to the Connection Thread, which performs the necessary clean-up and waits for another query or command from the client. The session continues until the client issues the Quit command.

=> Replication

In addition to interacting with regular clients, a server may receive a command from a replication slave to continuously read its binary update log. This command will be handled by the Replication Master Module.

If the server is configured as a replication slave, the Initialization Module will call the Replication Slave Module, which in turn will start two threads, called the SQL Thread and the I/O thread. They take care of propagating updates that happened on the master to the slave. It is possible for the same server to be configured as both a master and a slave.

=> Server Initialization Module

• init_common_variables( )
• init_thread_environment( )
• init_server_components( )
• grant_init( ) in sql/sql_acl.cc
• init_slave( ) in sql/slave.cc
• get_options( )

=> Connection Manager

• handle_connections_sockets( )

=> Thread Manager

• create_new_thread( )
• start_cached_thread( )

=> Connection Thread

• handle_one_connection( )

=> User Authentication Module

• acl_check_host( )
• create_random_string( )
• check_user( )
• acl_getroot( )

=> Access Control Module

• check_grant( )
• check_table_access( )
• check_grant_column( )
• acl_get( )

=> Parser

• mysql_parse( )
• yyparse( )

=> Command Dispatcher

• do_command( )
• dispatch_command( )

=> Query Cache Module

• Query_cache::store_query( )
• Query_cache::send_result_to_client( )

=> Optimizer

• mysql_select( )
• JOIN::prepare( )
• JOIN::optimize( )
• JOIN::exec( )
• make_join_statistics( )
• find_best_combination( )
• optimize_cond( )

=> Table Manager

• openfrm( )
• mysql_create_frm( )
• open_table( )
• open_tables( )
• open_ltable( )
• mysql_lock_table( )

=> Table Modification Modules

• mysql_update( )
• mysql_multi_update( )
• mysql_insert( )
• mysql_create_table( )
• mysql_alter_table( )
• mysql_rm_table( )
• mysql_delete( )

=> Table Maintenance Module

• mysql_check_table( )
• mysql_repair_table( )
• mysql_backup_table( )
• mysql_restore_table( )
• mysql_optimize_table( )
• mysql_analyze_table( )

=> Status Reporting Module

• mysqld_list_processes( )
• mysqld_show( )
• mysqld_show_create( )
• mysqld_show_fields( )
• mysqld_show_open_tables( )
• mysqld_show_warnings( )
• show_master_info( )
• show_binlog_info( )

=> Storage Engine Implementations (MyISAM, InnoDB, MEMORY/HEAP, Berkeley DB, NDB)

=> Replication Master Module

• mysql_binlog_send( )

=> Replication Slave Module

• handle_slave_io( )
• handle_slave_sql( )

24 Jul

NIC Bonding

Posted by bhaveshvala in Uncategorized. Tagged: LAN, NIC, NIC Aggregating, NIC Bonding, NIC Teaming. 4 Comments

Meaning:-

The concept of NIC Bonding (or sometimes called NIC Teaming) is that you have two NICs bonded together to appear as if they are the same physical device. I.e. They will both present the same Hardware (MAC) address. This is accomplished through the ifenslave utility, which enables the kernel to see/use only one device.

NIC Bonding also be known as:

* “NIC Aggregation” (Mainly Linux world)
* “NIC Teaming” (Mainly Windows world)
* “Port Trunking” (Mainly hardware world)

It provides increased bandwidth by merging the bandwidth of the individual ports/NICs.It’s primary use _is_ to increase a network link speed beyond the limits of any one single cable or port. Although It can also be used for failover, if one link dies all traffic to and from the machine should be routed to the remaining links.

The “ifenslave” is a tool to attach and detach slave network interfaces to a bonding device. A bonding device will act like a normal Ethernet network device to the kernel, but will send out the packets via the slave devices using a simple round-robin scheduler. This allows you a simple load-balancing.

NIC Bonding Prerequiest :-

You must have an bonding support in your kernel, so you can check with following.

$ modprobe -l | grep bonding
/lib/modules/2.6.9-55.ELsmp/kernel/drivers/net/bonding/bonding.ko

$ cat /boot/config-2.6.9-55.EL | grep -i bonding
CONFIG_BONDING=m

NIC Bonding Configuration :-

(1) The “modprob.conf” file should include the followings 3 lines.

$ cat /etc/modprobe.conf

alias bond0 bonding
options bond0 max_bonds=2 miimon=100 mode=1
options bond1 miimon=100 mode=1

Here:
max_bonds = ” The number of bonding devices to create for this instance of the bonding driver e.g., if max_bonds is 3, and the bonding driver is not already loaded, then bond0,
bond1 and bond2 will be created. The default value is 1.”

miimon = ” Specifies the MII link monitoring frequency in milliseconds.This determines how often the link state of each slave is inspected for link failures. A value of zero
disables MII link monitoring. A value of 100 is a good starting point.”

mode = ” Specifies one of the bonding policies. The default is balance-rr (round robin).”
Possible values are:

0 = Round-robin policy: Transmit packets in sequential order from the first slave
through the last.

1 = Active-backup policy: Only one slave in the bond is active. A different slave
becomes active if, and only if, the active slave fails.

2 = Tries to balance traffic by splitting up outgoing packets between the adapters,
using the same one for each specific destination when possible.

3 = Broadcast policy: transmits everything on all slave interfaces. This mode
provides fault tolerance.

(2) You will have to add the following to do a working NIC Bonding.

$ vi /etc/sysconfig/network-scripts/ifcfg-bond0

## Now add the following things to the above file. ##

DEVICE=bond0
BOOTPROTO=none
ONBOOT=yes
NETWORK=
NETMASK=
IPADDR=
GATEWAY=
USERCTL=no

(3) Now just append the following lines to (eth0).

$ vi /etc/sysconfig/network-scripts/ifcfg-eth0

## nOW APPEND the following to the above file. ##

DEVICE=eth0
ONBOOT=yes
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
USERCTL=no

(4) Now just append the following lines to (eth1).

$ /etc/sysconfig/network-scripts/ifcfg-eth1

## nOW APPEND the following to the above file. ##

DEVICE=eth1
ONBOOT=yes
BOOTPROTO=none
MASTER=bond0
SLAVE=yes
USERCTL=no

24 Jul

Secure SHELL (SSH) Hardening

Posted by bhaveshvala in Uncategorized. Tagged: Shell, SSH, SSH Hardning, SSH Tuning. 2 Comments

(1) Change the default Port of ssh from (22) to other which is above (1024) and   the port must be free.
e.g:-
          Port 7824

(2) Change the PermitRootLogin setting to (no) . The default is yes.
e.g:-
PermitRootLogin no

(3) Change PermitEmptyPasswords setting to (no).
e.g:-
PermitEmptyPasswords no

(4) Change Protocol setting to “2” if it is “1”. The default value is “2”.
e.g:-
Protocol 2

(5) Change LoginGraceTime to lower number. The default is 120 (second).
e.g:-
LoginGraceTime 60

(6) Change OR Add the AddressFamily setting to “inet” (for IPv4 only) ,”inet6″ (for IPv6 only) and “any” (for both IPv4 and IPv6).
e.g:-
AddressFamily inet

(7) Add ListenAddress to sshd_config if you want to run the SSH services on particular address.
e.g:-
ListenAddress xxx.xxx.xxx.xxx

(8) Change MaxAuthTries to 3 ( any one you want ). It specifies the maximum number of authentication attempts permitted per connection. Once the number of failures reaches half this value, additional failures are logged. The default is 6.
e.g:-
MaxAuthTries 3

(9) Add Banner to config file if you want to give some Message to all user who connect to your server through ssh.
e.g:-
Banner /etc/issue.net

(10) Add or Change the AllowUsers , AllowGroups , DenyUsers and DenyGroups to make an access control list to allow or deny Login.

22 Sep

Samba on Ubuntu

Posted by bhaveshvala in Uncategorized. Tagged: Samba, Smbclient, Smbd, Ubuntu. Leave a Comment

Server

If you wish your computer to act as a Samba server (act as a file or printer server) then install, SAMBA by any method.

$ apt-get install samba

Variable	Definition
Client variables
`%a`	Client’s architecture (see Table 6-1)
`%I`	Client’s IP address (e.g., 172.16.1.2)
`%m`	Client’s NetBIOS name
`%M`	Client’s DNS name
User variables
`%u`	Current Unix username
`%U`	Requested client username (not always used by Samba)
`%H`	Home directory of `%u`
`%g`	Primary group of `%u`
`%G`	Primary group of `%U`
Share variables
`%S`	Current share’s name
`%P`	Current share’s root directory
`%p`	Automounter’s path to the share’s root directory, if different from `%P`
Server variables
`%d`	Current server process ID
`%h`	Samba server’s DNS hostname
`%L`	Samba server’s NetBIOS name
`%N`	Home directory server, from the automount map
`%v`	Samba version
Miscellaneous variables
`%R`	The SMB protocol level that was negotiated
`%T`	The current date and time
%$var	The value of environment variable `var`

Samba Server Manual Configuration : editing /etc/samba/smb.conf

The file *smb.conf* is divided in several sections:

* Global Settings
* Debugging/Accounting
* Authentication
* Printing
* File sharing
* Misc
* Share Definitions

First we will introduce three basic configuration options that can appear in
the [global] section of the smb.conf file:

1) Global Settings

[global]

=>      # "Server configuration parameters"
    netbios name = (Computer NAME)
    server string = (Short Details of PC)Samba %v on %L
    workgroup = (WORKGROUP)
    encrypt passwords = yes

      
=>        # "Networking configuration options"
     hosts allow = 192.168.220. 134.213.233.
    hosts deny = 192.168.220.102
     interfaces = 192.168.220.100/255.255.255.0 \
                134.213.233.110/255.255.255.0
    bind interfaces only = yes (bind above mentioned interface only)

=>      # "Virtual Server Configuration Options"
    netbios aliases = sales accounting admin ( used to give the Samba server
                                 more than one NetBIOS name)
     include = /usr/local/samba/lib/smb.conf.%L 


=>      # "Logging Configuration Options"
     log level = 2 (log levet 1 - 10 {As u select higher level u will get
                       more information.})
        log file = /var/log/samba.log.%m
        max log size = 50 (in KB)
        debug timestamp = yes/no
        debug timestamp = 2 ( numeric (0-10) ) 
        syslog only = yes/no (uses syslog entirely if yes )

=>      # "Authentication of Clients"
        security = (share/user/server/domain)
        


2) Share Definitions


 [data]
   path = /export/samba/data (Path to Share Folder)
   comment = Data Drive (Share Name)
   volume = Sample-Data-Drive (Any Name)
   read only = yes/no
       writable = yes /no

Client

If you want to connect to a samba server (Windows server or an Ubuntu server running samba) you have two options, you can use the smbclient command or you can directly mount the samba file system via “smbfs”.

(A) smbfs

This package allows clients to mount samba file shares allowing them to act as local disks and thus Most people will prefer this method. Install, by any method, “smbfs”

$ apt-get install smbfs

11 Aug

Mysql Replication

Posted by bhaveshvala in Uncategorized. Tagged: Master Slave Sync, MySQL Replication. Leave a Comment

# MySQL replication MASTER setting #

server-id = 1
log-bin = /var/log/mysql/binary/mysql-bin.log
binlog-do-db = student
binlog-ignore-db = mysql
log = /var/log/mysql/mysql.log

SHELL> mkdir /var/log/mysql/

SHELL> chown mysql:mysql -R /var/log/mysql/

SHELL> mysql -u root -p
Enter password:

Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 950
Server version: 5.0.45-community-log MySQL Community Edition (GPL)

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql> create database student;
Query OK, 1 row affected (0.03 sec)

mysql> use student;
Database changed

mysql> create table class ( rollno INT(5) NOT NULL PRIMARY KEY AUTO_INCREMENT , name VARCHAR(30) );
Query OK, 0 rows affected (0.32 sec)

mysql> INSERT INTO class VALUES (”, ‘Arun Bagul’);
Query OK, 1 row affected, 1 warning (0.01 sec)

mysql> INSERT INTO class VALUES (”, ‘Suhail Thakur’);
Query OK, 1 row affected, 1 warning (0.00 sec)

mysql> INSERT INTO class VALUES (”, ‘Bhavesh Vala’);
Query OK, 1 row affected, 1 warning (0.00 sec)

mysql> GRANT REPLICATION SLAVE ON *.* TO ‘replication’@’192.168.0.%’ IDENTIFIED BY ‘mypwd’;
Query OK, 0 rows affected (0.01 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.01 sec)

mysql>

mysql> SHOW PROCESSLIST\G;
*************************** 1. row ***************************
Id: 31
User: root
Host: localhost
db: NULL
Command: Query
Time: 0
State: NULL
Info: SHOW PROCESSLIST

1 row in set (0.00 sec)

mysql>

SHELL> /etc/init.d/mysql restart

Shutting down MySQL… [ OK ]
Starting MySQL [ OK ]

SHELL> cd /var/log/mysql/binary/

SHELL> ls
mysql-bin.000001 mysql-bin.index

# MySQL replication SLAVE setting #

server-id=3
master-port=3306
master-host=192.168.XXX.XXX
master-user=replication
master-password=mypwd
master-connect-retry=60
replicate-do-db=student

SHELL> mysqladmin create student -u admin -p
Enter password:

mysql> use student;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> show tables;
+——————-+
| Tables_in_student |
+——————-+
| class |
+——————-+
1 row in set (0.00 sec)

mysql>

mysql> CHANGE MASTER TO MASTER_HOST=‘192.168.XXX.XXX’, MASTER_USER=’replication’ , MASTER_PASSWORD=’mypwd’,MASTER_LOG_FILE=’mysql-bin.000004′,MASTER_LOG_POS=412;
Query OK, 0 rows affected (0.01 sec)

mysql> start slave;
Query OK, 0 rows affected (0.00 sec)

mysql> show slave status\G;

*************************** 1. row ***************************
Slave_IO_State: Waiting for 192.168.XXX.XXX
Master_Host: 192.168.XXX.XXX
Master_User: replication
Master_Port: 3306
Connect_Retry: 60
Master_Log_File: mysql-bin.000103
Read_Master_Log_Pos: 16995
Relay_Log_File: magnet-relay-bin.000001
Relay_Log_Pos: 4
Relay_Master_Log_File: mysql-bin.000103
Slave_IO_Running: No
Slave_SQL_Running: No
Replicate_Do_DB: auth,auth
Replicate_Ignore_DB:
Replicate_Do_Table:
Replicate_Ignore_Table:
Replicate_Wild_Do_Table:
Replicate_Wild_Ignore_Table:
Last_Errno: 0
Last_Error:
Skip_Counter: 0
Exec_Master_Log_Pos: 16995
Relay_Log_Space: 98
Until_Condition: None
Until_Log_File:
Until_Log_Pos: 0
Master_SSL_Allowed: No
Master_SSL_CA_File:
Master_SSL_CA_Path:
Master_SSL_Cert:
Master_SSL_Cipher:
Master_SSL_Key:
Seconds_Behind_Master: NULL

1 row in set (0.00 sec)

mysql> quit
Bye

SHELL> /etc/init.d/mysqld restart

Stopping MySQL: [ OK ]
Starting MySQL: [ OK ]

11 Aug

Flex 3 for Linux

Posted by bhaveshvala in Uncategorized. Tagged: Flex3, Flex3 How To. Leave a Comment

1) The entire install process consists of installing the following 2 meta packages:

=> eclipse and
=> flexbuilder_linux_install_a3_033108.bin
=> j2re1.4

2) Download the packages from the below mentioned link.

=> j2re1.4 (apt-get install j2re1.4)

=> Eclipse (download through Browser)

http://www.eclipse.org/downloads/download.php?file=/eclipse/downloads/drops/R-3.3.2-200802211800/eclipse-SDK-3.3.2-linux-gtk.tar.gz&url=http://download.eclipse.org/eclipse/downloads/drops/R-3.3.2-200802211800/eclipse-SDK-3.3.2-linux-gtk.tar.gz&mirror_id=1

=> Flex Builder 3 Alpha

http://download.macromedia.com/pub/labs/flex/flexbuilder_linux/flexbuilder_linux_install_a3_033108.bin

3) After installing the j2re1.4 package do the following steps

=> make directory Flex-Builder in /usr/local/

$ mkdir /usr/local/Flex-Builder

=> Untar the eclipse-SDK-3.3.2-linux-gtk.tar.gz to /usr/local/Flex-Builder

$ cd /usr/local/Flex-Builder

$ tar xvfz eclipse-SDK-3.3.2-linux-gtk.tar.gz

=> first make flexbuilder_linux_install_a3_033108.bin executables

$ chmod 755 flexbuilder_linux_install_a3_033108.bin

=> now run the flexbuilder_linux_install_a3_033108.bin

$ bash flexbuilder_linux_install_a3_033108.bin

=> follow the instructions and give path of (eclips installation path and path where to install flex-builder).

=> at last go to /usr/local/Flex-Builder and run the script Adobe_Flex_builder.sh

$ bash Adobe_Flex_builder.sh

=> Enjoy the flex on linux

Bhavesh Vala's Blog Just another WordPress.com weblog

SSL Certificate on Tomcat

MySQL’s BLACKHOLE Storage Engine

MySQL storage engine Sphinx

Make Data unrecoverable after formating HDD

MySQL Inernals

NIC Bonding

Secure SHELL (SSH) Hardening

Samba on Ubuntu

Server

Samba Server Manual Configuration : editing /etc/samba/smb.conf

(A) smbfs

Mysql Replication

Flex 3 for Linux

Search

Blog Stats

Archives

Flickr Photos