Backup server module ( using RSYNC and cygwin )

Back up server module ( using RSYNC and cygwin )

 

 

On the linux server end

 

Apt-get install rsync

/etc/init.d/rsync start

 

Edit the  vi /etc/default/rsync

 Change RSYNC_ENABLE=false to true

 

sysv-rc-conf  –levels 1235 rsync on

 

Now we create a rsync.conf in /etc/

Vi /etc/rsyncd.conf

 

[agnellobackup]

path = /home/agnello/backup

comment = all agnello's backup

uid = agnello

gid = users

read only = false

auth user = agnello

secrets file = /etc/rsyncd.secrets

 

chown root:root /etc/rsyncd.conf

chmod 644 /etc/rsyncd.conf

 

 

Now we create the rsyncd.secrets in the /etc dir this is used for the windows client  for passwordless login  to the  linux server ( it  s in the format usename:password )  

vi /etc/rsyncd.secrets

 

agnello:agnello  

 

chown root:root /etc/rsyncd.secrets

chmod 600 /etc/rsyncd.secrets

 

 

Create user

Adduser agnello

 

Mkdir /home/agnello/backup

 

 

All data will be backed up in this directory

 

 

 

On the client side  ( windows xp ) ( make sure you are loged in as administrator )

 

Install cygwing on you windows machine

http://www.cygwin.com/              

 

at the time of installation it will give a option to install certain application install the following

Editors = Install nano for use as a simple text editor

 Net = install rsync for remote sync

 

Create a batch file with following

 

@cls
@echo off

rem Rsync job control file

C:\Cygwin\bin\rsync -vrtz --password-file=c:\cygwin\secret --delete "/cygdrive/c/Data"  agnello@192.168.0.244::agnellobackup

 

 

An explanation:

 

C:\Cygwin\bin\rsync    -    is the full path to ' rysync.exe'.

 

-vrtz    -    verbose (tell us what is being copied), recursive (descend into directories), transfer modification times, z (compress data).

 

--password-file=c:\cygwin\secret   -    Path to 'secret' file. (Note: Remember this is for backup to a Linux based Rsync Server; a Windows based Rsync Server cannot authenticate!)

 

--delete   -    delete remote files that are deleted locally.

 

/cygdrive/d/Data    -    in this example means D:\Data.

 

agnello@192.168..244::agnellobackup    -    is the user ID, hostname (can be IP address if over Local Network), and the module connection name (in this example 'modulename').

 

Now to create the password ( same as /etc/rsyncd.secrets ) on the windows client for passwordless login

 

Go to C:/cygwin/ run cygwin

 Go to cd /

Create a secret ( vi secret ) with content  agnello   give it 600 permission

 

 

Now create a  scheduled tals to rund every day  ( if you want to run it in minimized mode , create short cut of the batch file --- go to its properties ---- run minimized

 

 

END 



--
No comments:

Windows File Sharing (Samba )

Windows File Sharing (Samba ) module

 

apt-get install samba samba-client

 

add  a work group

 

Edit the smb.conf file:

vi /etc/samba/smb.conf

 

search for security and uncomment it to look like this

security = user

 

In the section [homes] change from  writable = no  to yes

 

/etc/init.d/samba restart

 

Adding Samba Shares

 

( share 1)

mkdir -p /home/shares/generalfolder

 

edit etc/samba/smb.conf append to the end of the line

 

[generalfolder]

  comment = All Users

  path = /home/shares/generalfolder

  valid users = @users

  force group = users

  writable = yes

 

adduser agnello  users

/etc/init.d/samba restart

 

#smbpasswd -a  agnello

 

 

(share 2 )

* This option is for the  technicalsupport dept users  

mkdir –p /home/share/technicalsupport

addgroup tecnicalsupport

 

edit etc/samba/smb.conf append to the end of the line

 

[technicalsupport]

  comment = only technicalsupport

  path = /home/shares/technicalsupport

  valid users = @technicalsupport

  force group = technicalsupport

  writable = yes

 

adduser Rodney  ( if user is not created )

useradd   rodney  -G technicalsupport

/etc/init.d/samba restart

 

 

sysv-rc-conf --level 235 samba on


for testing purpose
#testparm ( enter)
 
#smbclient -L //localhost -U swapnil
 

--
No comments:

Installing jabber chat server

Installing  jabber  chat server module

 

 

#apt-get install jabber

 

# /etc/init.d/jabber stop

 

 

configuration files are located inside the directory /etc/jabber

 

edit the file /etc/jabber/jabber.cfg to have your hostname

 

 

JABBER_HOSTNAME (which is then passed to jabberd in the -h switch)

JABBER_HOSTNAME=chatserver.quali.com

 

 

Now we can start the server up

 

# /etc/init.d/jabber start

 

The roster lists are all maintained upon the server side, in a directory beneath /var/lib/jabber named after the servers hostname.

 

To check the logs

 

tail -f /var/log/jabber/record.log

 

 

now install the chat client on a windows PC

 

http://jabberstudio.org/projects/exodus/releases/download.php?file=exodus_0.9.1.0.exe



--
No comments:

how to telnet localhost 143


test:~# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE ACL ACL2=UNION STARTTLS] Courier-IMAP ready. Copyright 1998-2005 Double Precision, Inc.  See COPYING for distribution information.
a login user2@mega.com user2
a OK LOGIN Ok.
a logout
 
hope this helps !!!!

--
No comments:

Good ebook site

http://www.itstudy8.org

--
No comments:

port forwarding to access internal pc from exteral network


if your computer is 10.0.0.5 and and it connects to a router for internet connection with eth1 ( 10.0.0.1 ) and eth0 ( 192.168.0.244 ) , and now you want to access the the PC 10.0.0.5 through remote access from a 192.168.0.X network on port 3389.. type the following command
iptables -t nat -A PREROUTING -p tcp -i eth0 -d 192.168.0.244 --dport 3389 -j DNAT --to 10.0.0.5:3389

iptables -A FORWARD -p tcp -i eth0 -d  10.0.0.5 --dport 3389 -j ACCEPT

/etc/init.d/iptables save

hope this helps all !!!


--

 
No comments:

how to block gtalk on gmail

In /etc/squid/special_url add the following
.chatenabled.mail.google.com
.talk.google.com
 
and in squid.conf add the following
 
acl special_url dstdomain "/etc/squid/special_url"
 
and deny acces to special_url
 
http_access deny  special_url

--
 
No comments:

ftp error: 500 invalid port connection


I am trying to access a ftp server . I am able to connect to it with the user name and password. However when i connect to the server and do a dir i get the following error. 
   
C:\Documents and Settings\Admin>ftp XXX.XXX.XXX.XXX
Connected to XXX.XXX.XXX.XXX
220 Microsoft FTP Service
User (XXX.XX.XXX.XXX:(none)): user-name
331 Password required for user-name
Password:
230 User user-name logged in.
ftp> dir
500 Invalid PORT Command.
150 Opening ASCII mode data connection for /bin/ls.
 
I got a fire wall running and i have opened port 21, The entry in the iptables is as follows .
 
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
 
Answer :
Passive ftp

A PORT command is again issued, but this time it is from the server to the client. The client connects to the server for data transfer. Since the connection is in the same sense as the original ftp connection,  passive ftp is inherently more secure than active ftp, but note that this time we know even less about the port numbers. Now we have a connection between almost arbitrary port numbers.

Enter the ip_conntrack_ftp module once more. Again, this module is able to recognize the PORT command and pick-out the port number. Instead of NEW in the state match for the OUTPUT chain, we can use RELATED. The following rules will suffice:

iptables -A INPUT     -p tcp --sport 1024: --dport 1024:  -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 1024: --dport 1024:  -m state --state ESTABLISHED,RELATED -j ACCEPT

add the following to the kernel  
 
modprobe ip_nat_ftp


--  
No comments:

restricting SSH or port 22 from external network

If you have a network like the following :

Eth0 =192.168.0.244 ( or public IP )   gateway 192.168.0.254

Eth1 =10.0.0.1

 

Client pc of network class 10.X should be able to access ssh but not from 192.168.0.X network  then do the following :

 

First check the /etc/services ---- >  look for port 22

 

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22  -j REDIRECT --to-port 3128

iptables -t nat -A PREROUTING -i eth0 -p udp --dport 22  -j REDIRECT --to-port 3128

 

all packets that come to eth0 get redirected to our squid application on the same server that works on port 3128 and  you need to configure the squid server to block port 22  

 Similarly you can block for various other ports !!!

 

No comments:

squid -- denying a specific sites and specific IP

 
line 1. acl special_client src 192.168.11.0 < type here ip ranage or single
ip address or multiple ip separted with single space )

line 2. acl special_url url_regex -i chat.yahoo.com ( type here webaddress
separated with | e.g. yahoo.com|rediff.com , last webaddress should not have
any | (pipe))

line 3 http_access deny special_client special_url

line 4 http_access allow marketing ( or whatever ip address range)


If any confusion while implementing these acl please feel free to contact us
any time

Cheers!


--
No comments:
Subscribe to: Posts (Atom)

Other Articles

Enter your email address: