tom’s blog

Getestet mit FRITZ!Box Fon WLAN 7170 & Firmware-Version 29.04.70
 
Wenn man etwas sucht, findet man schon einige Anleitungen, daher hier nur die Kurzfassung..
 
Telnet-Server auf der FRITZ!Box aktivieren (via Telefon):
#96*7* -> telnetd an
 
Via telnet konnektieren und mit dem Kennwort der Weboberfläche einloggen.
In der Konsole in das Verzeichnis /var/flash/ wechseln und mit nvi die Datei ar7.cfg bearbeiten.
Hier gibt es (bei meiner Box vier) Einträge für overwrite_dns.
Diese entsprechend anpassen (z.B. für OpenDNS):
  overwrite_dns1 = 208.67.220.220;
  overwrite_dns2 = 208.67.222.222;
 
Speichern, beenden und anschliessend die Box mit reboot neustarten.
 
Aus Sicherheitsgründen Telnet-Server auf der Box wieder deaktivieren:
#96*8* -> telnetd aus
 
Ob das ganze geklappt hat, sieht man bei OpenDNS z.B. beim Aufruf der Startseite.
Hier sollte jetzt ein Hinweis “You’re using OpenDNS!” angezeigt werden.
 
PS: Basics über den Texteditor vim (oder dessen Ableger) sollten vorhanden sein.

Found at http://www.youtube.com/watch?v=_QyYaPWasos

I wanted to replicate a MySQL-Database using the integrated Master -> Slave mechanism.

Master-System:   openSUSE 10.2, MySQL 5.0.26
The Slave-Setup: openSUSE 11.1, MySQL 5.0.67

This is quite easy to setup usually. This time, I almost had a nervous breakdown.
On the slave side the replication just didn’t start. The logfile showed these errors:

090421 20:49:28 [ERROR] Slave: Error 'Duplicate entry '790233' for key 1' on query.
...
090421 20:49:28 [ERROR] Error running query, slave SQL thread aborted. Fix the problem, and restart the slave SQL thread with "SLAVE START". We stopped at log 'mysql-bin.000008' position 30408893


As checking the database and making sure that there were no “duplicate entries”,
did not bring up any results, I found something curious (after hours and hours).

On the Master-System:

mysql> SHOW MASTER STATUS;
+- - - - - - - - + - - - - - + - - - - - - - + - - - - - - - - -+
| File           | Position  | Binlog_Do_DB  | Binlog_Ignore_DB |
+- - - - - - - - + - - - - - + - - - - - - - + - - - - - - - - -+
| mysql-bin.0001 |    10034  | mydb,mydb     |                  |
+- - - - - - - - + - - - - - + - - - - - - - + - - - - - - - - -+

Why is the database listed two times? In the configuration it’s only used one time:
 
binlog-do-db = mydb

 
After spending some time on google, I found the reason:
http://bugs.mysql.com/bug.php?id=20748
It’s a bug : / MySQL (in that version) is reading the configuration file twice.
 
If installing a newer version is not possible, you can use this workaround:
Start MySQL with the option --defaults-file=/etc/my.cnf
This advices MySQL to ONLY use this config file.

 
Found at http://pics.nase-bohren.de

When checking logfiles, I often can see brute force attacks – especially against the ssh daemon.
Of course, best way would be to block all ssh traffic except from your office/home ip.
If this is not possible for various reasons, you can make life a little harder for “intruders” using iptables.
 
Aim:
If there are more than three connection attemps within 120 seconds,
all traffic from potential attacker to ssh port (tcp, 22) shall be blocked temporarily.
 

#!/bin/bash
#
IPTABLES=`which iptables`
#
### if more than three new connections in 120 sec -> log
$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent \
--rcheck --seconds 120 --hitcount 3 --rttl --name SSH -j LOG --log-level 7 \
--log-prefix "Possible SSH breakin attemp: "
#
### if more than three new connections in 120 sec -> drop requests
$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent \
--update --seconds 120 --hitcount 3 --rttl --name SSH -j DROP
#
### remember new, established connections
$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent \
--set --name SSH -j ACCEPT
#
### generally allow ssh connections
$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
#
# ---
# -I INPUT .. -> iptables chain
# -i eth0 ... -> interface to apply rule to
# -p tcp .... -> use tcp port
# --dport ... -> destination port 22 (SSH)
# -m recent . -> matching state
# --state ... -> can be NEW, ESTABLISHED, RELATED or INVALID
# -rcheck ... -> will check if the source address of the packet is currently in the list
# ---

 
 
If it works, you should see entries like this in your firewall log
(i.e. in /var/log/firewall [ openSuSE ]):
 

Feb 28 15:14:20 cypher kernel: Possible SSH breakin attemp: IN=eth0 OUT= MAC=00:0c:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=123.xxx.xxx.xxx DST=223.xxx.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=59 ID=52858 DF PROTO=TCP SPT=38220 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0


 
Found at http://pics.nase-bohren.de

Because I did not found a tool to create graphs (the way I want it)
from exim logs, I wrote a little bash script that suits my needs.
 
Example graph:
 

 
Download: exim_rrd-0.9.5.1 (updated 2009-03-07 [bugfix])
 
I’m not a programmer, so the script can be improved – no question : )
If you have any hints, please tell me.
 
 
Usage: run as cronjob, i.e.
# mail statistic
*/5 * * * * /usr/local/bin/exim_rrd > /dev/null 2> /dev/null
 
 
dependencies:
rrdtool [ http://oss.oetiker.ch/rrdtool/ ] ^ thanks to Tobias Oetiker
(e)grep
- – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – - – -
tested with:
rrdtool 1.2.23, rrdtool 1.2.27
openSUSE 10.3 (i586), exim 4.69 main log
openSUSE 11.0 (i586), exim 4.69 main log

Wow!
I just found Proxmox Virtual Environment (v1.1) which is kind of combination between VMware and OpenVZ.
There is the possibility to run Virtual “chrooted” Appliances and “real” Virtual Machines.
That means, you have your Linux boxes (OpenVZ style) and Windows machines (KVM virtualization).
-> (Almost) NO overhead, when running linux clients (because of chrooted environment)
-> Possibility to run Windows machines, etc., too

Features:
- Out-of-the-box installation (insert CD, [Enter], [Enter], ready)
- Web based management
- Cluster functionality
- Live migration
- Install clients from ISO files (full virtualization)
- Run (OpenVZ) templates (container virtualization)
- Backup / Restore (via LVM snapshots)
- Testing Proxmox VE in VMware
- ….

I think it’s worth to have a look at …

Note: 64bit CPU required; for full (KVM) virtualization, you need Intel VT / AMD-V support.

Nice!
At ScRiBLink you’ll find a free, powerful whiteboard where you and your colleagues can work on your ideas together.
No registration is required : )
 
Additional features like
- picture upload
- chat
- math functions
- multiple users
- ….
give you a good base to start sharing concepts online, etc..
 
Note: Maybe it’s not working behind corporate firewalls because it uses additional tcp ports.
 
 

 
If you know about alternatives, please comment.

An ancient computer from Greek technology has been recreated in London.
The scientists were able to rebuild the Antikythera mechanism.
__
more to read and found at newscientist.com