admin Archives - Page 3 of 3 - ☩ Walking in Light with Christ - Faith, Computing, Diary ☩ Walking in Light with Christ

Posts Tagged ‘admin’

How rescue unbootable Windows PC, Windows files through files Network copy to remote server shared Folder using Hirens Boot CD

Saturday, November 12th, 2011

I'm rescuing some files from one unbootable Windows XP using a livecd with Hirens Boot CD 13

In order to rescue the three NTFS Windows partitions files, I mounted them after booting a Mini Linux from Hirens Boot CD.

Mounting NTFS using Hirens BootCD went quite smoothly to mount the 3 partitions I used cmds:

# mount /dev/sda1 /mnt/sda1 # mount /dev/sda2 /mnt/sda2 # mount /dev/sdb1 /mnt/sdb1

After the three NTFS file partitions are mounted I used smbclient to list all the available Network Shares on the remote Network Samba Shares Server which by the way possessed the NETBIOS name of SERVER 😉

# smbclient -L //SERVER/ Enter root's password: Domain=[SERVER] OS=[Windows 7 Ultimate 7600] Server=[Windows 7 Ultimate 6.1]

Sharename Type Comment
——— —- ——-
!!!MUSIC Disk
ADMIN$ Disk Remote Admin
C$ Disk Default share
Canon Inkjet S9000 (Copy 2) Printer Canon Inkjet S9000 (Copy 2)
D$ Disk Default share
Domain=[SERVER] OS=[Windows 7 Ultimate 7600] Server=[Windows 7 Ultimate 6.1]
Server Comment
——— ——-
Workgroup Master
——— ——-

Further on to mount the //SERVER/D network samba drive – (the location where I wanted to transfer the files from the above 3 mounted partitions):

# mkdir /mnt/D # mount //192.168.0.100/D /mnt/D #

Where the IP 192.168.0.100 is actually the local network IP address of the //SERVER win smb machine.

Afterwards I used mc to copy all the files I needed to rescue from all the 3 above mentioned win partitions to the mounted //SERVER/D

Tags: admin, admin c, boot cd, bootcd, Canon, canon inkjet, cd 13, Comment, copy, default, default share, Disk, domain, domain server, drive, hirens boot cd, ip, livecd, local network, location, machine, Master, Mini, mini linux, mnt, mount dev, music disk, nbsp, netbios, netbios name, network ip address, network shares, NTFS, os windows, partitions, password, printer canon, Printer Canon Inkjet S9000 Copy, Remote, remote admin, remote server, rescue, root, samba shares, sda, sdb, Server Comment, server os, server windows, Sharename, unbootable, Windows, windows files, windows pc
Posted in Everyday Life, Linux, System Administration, Windows | 1 Comment »

Stop contact form spam emails in Joomla, Disable “E-mail a copy of this message to your own address.” in Joomla

Friday, April 11th, 2014

email-copy-of-this-message-to-your-own-address_Contact_email_form
If you happen to have installed Joomla based website and setup a contact form and everything worked fine until recently but suddenly your server starts mysteriously acting as a spam relay – even though email server is perfectly secured against spam.
You probably have some issue with a website email contact form hacked or some vulnerability which allowed hackers to upload spammer php script.

I have a website based on Joomla and just until recently everything was okay until I noticed there are tons of spam flying out from my Qmail mail server (which is configured to check spam with Spamassassin has Bayesian Filtering, Distributed Checksum Claring House, Python Razor and plenty of custom anti-spam rules.

It was just yesterday I ended into that situation, then after evaluating all the hosted website, I've realized Spam issues are caused by an Old Joomla Website Contact form!

There were two issues in the form

in the contact form you have the field with a tick:

1. Well Known Joomla Form Vulnerability
Currently all Joomla (including 1.5.22 and 1.6 versions) are vulnerable to a serious spam relay problem as described in the official Joomla site.

There is a quick dirty workaround fix to contact form vulnerability – disable a Joomla Comonent in ../joomla/components/com_mailto/

To disable it I had to:

cd /var/www/joomla/components
mv com_mailto com_mailtoNOT_USED

Above solution was described under a post resolve joomla spam relay earlier by Anatoliy Dimitrov (after checking closely the website it happened he is a colleague at HP 🙂 )

2. Second issue causing high amount of spam sent over the email server
was: "E-mail a copy of this message to your own address." contact form tick, which was practically enabling any Spammer with a list to inect emails and spam via the form sending copies to any email out on the internet!

You would definitely want to disable "E-mail a copy of this message to your own address."
I wonder why ever any Joomla developer came up with this "spam form"??

joomla-disable-email-copy-of-this-message-to-your-own-address

Here is the solution to this:

1. Login to Joomla Admin with admin account
2. Goto Components -> Contacts -> Contacts
3. Click on the relevant Contact form
4. Under Contact Parameters go to Email Parameters
5. Change field E-mail Copy from Show to Hide and click Apply button

And Hooray the E-mail a copy of this message to your own address will be gone from contact form! 🙂

I've seen already plenty of problematic hacked servers and scripts before with Joomla in my last job in International University College – where joomla was heavy used, but I never experienced Joomla Security issues myself 'till know, in future I'm planning to never ever use joomla. Though it is an easy CMS system to setup a website its quite complicated to learn the menus – I remember when creating the problematic website it took me days until I properly setup all the menus and find all joomla components … besides these there is no easy way to migrate between different versions major releases in Joomla like in Wordperss, I guess this Mail Security Issue absolutely convinced me to quit using that piece of crap in future.

In mean Time another very serious Apache security flaw leaked on the Internet just few days ago – The OpenSSL Hearbleed Bug. Thanksfully I'm not running SSL anywhere on my website but many systems are affecting making most of your SSL communication with your Internet banking, E-mail etc. in danger. If you're running Apache with SSL make sure you test it for this vulnerability. Here is description of Heartbleed SSL Critical Vulnerability.

heartbleed_ssl_remote_vulnerability_logo

"The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users."

Tags: admin, Click, contact, copy, Disable E-mail, email, Email Parameters, form, International University College, Internet, Joomla, Joomla Admin, message, setup, solution, spam, SSL, Stop, vulnerability, website
Posted in System Administration, Web and CMS | 2 Comments »

Linux: Rename all files extension from upper to lower cases

Friday, February 14th, 2014

Lets say you're an admin involved in webhosting and due to a programmer's mistake, you end up with directory full with files with extension in upper cases but for actual version of website (all pictures are red only in lower cases), hence would like to transform these to lower cases.
To give an example, to illustrate what I mean, lets say you have in a directory files like;

filename.JPG, picture.PNG, new-picture.GIF

and you would like all files to be renamed to lower extension characters, i.e.:

filename.jpg, picture.png, new-picture.gif.

# find . -name '*.*' -exec sh -c 'a=$(echo {} | sed -r "s/([^.]*)\$/\L\1/"); [ "$a" != "{}" ] && mv "{}" "$a" ' \;

That's all enjoy 🙂

Tags: admin, directory, due, echo, end, JPG, Linux, Linux Rename, mistake, mv, picture, png, Rename
Posted in Linux, System Administration, Various | No Comments »

The last two weeks

Saturday, December 16th, 2006

Heya. Few weeks I can’t take the courage to write on the blog. But today I’m spiritually (Praise be to God!). So I was able to write that. The day passed away in a very traditional way. I went to the collage in 10:15 instead of 08:15 again I was not able to stand up from the bed. We had some International Law lectures up to 11:30, after that we drank coffee with Nomen. Smoked few cigarettes. Later on I had a Deutsch 12:30 to 15:45. We made a test the time between 14:15 – 15:45 ( I was not ready for that test ofcourse :] ). No matter price be to God I succeded to write stuff in the test. After that I spoke fo 1.5 h with the College Sys Admin we discussed mine idea to migrate some Windows 98 boxes to just dumb terminals connecting to a central Terminal Server. In monday maybe we’ll start doing the terminal server. Other things I saw Nomen and Habib in 17:10 in the college. Mitko give a promise to Malin to check something on his computer, so we had to go Malin’s home. So we went there nothing special their we put Habib in front of the Malin’s home door and he rang we with mitko hide and watched. Dori (The woman of Malin), went out looking shocked at Habib, she was possible wondering who is that strange (nigga like guy). Habib said: “Malin, Vkyshti” :]. Dori said: “Malin ne vkyshti” then we showed ourself and laughed;] We tried to fix the malin’s problem with the Audio Drivers but was not able the problem seemed to be a hardware one. After that we went to Mino’s coffee we saw Miro and Gosho with Zuio Kiro and Maya. We drinked some beer and went our homes. End of story. The last days were hard for me. I really have no idea where my life is going into nomatter I hope God will think about me a good way the best way. I had a big spiritual pain over the last days, and I said to God a lot of times I hope he will take me away, from this hellish earth. But I guess his plan is another for me. Will live and will see. Now God Even now you see me. Please help me fix the mess I am into and forgive me for all my awful deeds. Will go now. Blessings in the name of Jesus Christ.

Tags: admin, audio drivers, Beer, blog, boxes, cigarettes, coffee, collage, courage, door, Drivers, dumb terminals, earth, end, god, Gosho, habib, Heya, kiro, last days, Malin, Mino, Mitko, Monday, nigga, Praise, quot, something, spiritual pain, story, terminal, terminal server, test, time, windows 98, woman
Posted in Everyday Life | No Comments »

Troubled Day

Thursday, April 5th, 2007

It was a day full of waiting. The Admin/tech support personel in sofia is a real pain in the ass. I waited half a day for a simple debian base install. The guy installed debian over already installed freebsd on a server we sent destined for colocation in evolink. The machine is great dual 3ghz Xeon with 3 x 70 gb SCSI discs. In 4:00 o’clock I received a mail with username and password of the server, but the system was unaccessible for 1 more hour. I got really nervous I received tons of calls from the boss, our project Manager, Vladi the PHP programmer. I logged to the server in 5:00 and configured apache with mysql upto 10:00 o’clock then did a little walk with nomen in the central park and drinked one beer per capita. I had to meet Static and Amri in 6:00 o’clock but I was busy configuring the new rack so I missed a great oportunity to have fun with old friends. ORDER has to come back to Bulgaria, today or even he maybe is already in Varna. I’m quite impatient to see him! In the afternoon I went to some spiritual downfalls but now Thanks to God I’m alive and well. The pozvanete site already points to the new rack so I hope the machine would be able to serve it’s goal perfect. This will be made clear in the morning. Soon I’m going to bed. Glory be to God for fulfilling me with his love and sustaining my life and keeping me from evil! END—–

Tags: admin, apache, bed, Beer, capita, central park, clock, colocation, configured, end, freebsd, fun, gb scsi, glory be to god, half a day, love, machine, mail, nomen, old friends, oportunity, order, pain in the ass, password, personel, php programmer, programmer, rack, sofia, spiritual, Static, support, support personel, upto, username, x 70, Xeon
Posted in Everyday Life | No Comments »

How to add Joomla Menu link to point to external URL address

Tuesday, November 2nd, 2010

You need to simply follow this 3 easy steps:

1. Login with your joomla administrator

Point in your browser to http://yoursite.com/joomla/administrator/ or to url wherever your admin panel is located

2. Go to Menu Manager

Menus -> Menu Manager
3. Click the new button located on the right top side of the joomla admin panel

Next the Select Menu Item Type dialog will appear:

There you will need to select the External Link option

Now fill in your desired url that you desire your Menu link to point to and choose among the few possible options on how do you want the new external website to appear after clicked on the menus link.
And that's it now you will have it. Easy 🙂

Tags: admin, admin panel, administrator, browser, Button, Click, dialog, Easy, External, How to add Joomla Menu link to point to external URL address, Item, Joomla, link, link option, login, menu, menu link, menu manager, menus, new button, panel, right, Select, side, type, type dialog, url, url address, website
Posted in Joomla, Linux, Various | 4 Comments »

How to install and configure Jabber Server (Ejabberd) on Debian Lenny GNU / Linux

Wednesday, December 28th, 2011

Ejabberd server erlang logo hedgehog

I've recently installed a jabber server on one Debian Lenny server and hence decided to describe my installations steps hoping this would help ppl who would like to run their own jabber server on Debian . After some research of the jabber server softwares available, I decided to install Ejabberd

The reasons I choose Ejabberd is has rich documentation, good community around the project and the project in general looks like one of the best free software jabber servers available presently. Besides that ejabberd doesn't need Apache or MySQL and only depends on erlang programming language.

Here is the exact steps I followed to have installed and configured a running XMPP jabber server.

1. Install Ejabberd with apt

The installation of Ejabberd is standard, e.g.:

debian:~# apt-get --yes install ejabberd

Now as ejabberd is installed, some minor configuration is necessery before the server can be launched:

2. Edit /etc/ejabberd/ejabberd.cfg

Inside I changed the default settings for:

a) Uncomment%%override_acls.. Changed:

%%%% Remove the Access Control Lists before new ones are added.%%%%override_acls.

%% %% Remove the Access Control Lists before new ones are added. %% override_acls.

b) Admin User from:

%% Admin user {acl, admin, {user, "", "example.com"}}.

%% Admin user {acl, admin, {user, "admin", "jabber.myserver-host.com"}}.

c) default %% Hostname of example.com to my real hostname:

%% Hostname {hosts, ["jabber.myserver-host.com"]}.

The rest of the configurations in /etc/ejabberd/ejabberd.cfg can stay like it is, though it is interesting to read it carefully before continuing as, there are some config timings which might prevent the XMPP server from user brute force attacks as well as few other goodies like for example (ICQ, MSN , Yahoo etc.) protocol transports.

3. Add iptables ACCEPT traffic (allow) rules for ports which are used by Ejabberd

The minimum ACCEPT rules to add are:

/sbin/iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT /sbin/iptables -A INPUT -p tcp -m tcp --dport 5222 -j ACCEPT /sbin/iptables -A INPUT -p udp -m udp --dport 5222 -j ACCEPT /sbin/iptables -A INPUT -p tcp -m tcp --dport 5223 -j ACCEPT /sbin/iptables -A INPUT -p udp -m udp --dport 5223 -j ACCEPT /sbin/iptables -A INPUT -p tcp -m tcp --dport 5269 -j ACCEPT /sbin/iptables -A INPUT -p udp -m udp --dport 5269 -j ACCEPT /sbin/iptables -A INPUT -p tcp -m tcp --dport 5280 -j ACCEPT /sbin/iptables -A INPUT -p udp -m udp --dport 5280 -j ACCEPT /sbin/iptables -A INPUT -p tcp -m tcp --dport 4369 -j ACCEPT /sbin/iptables -A INPUT -p udp -m udp --dport 4369 -j ACCEPT /sbin/iptables -A INPUT -p tcp -m tcp --dport 53873 -j ACCEPT

Of course if there is some specific file which stores iptables rules or some custom firewall these rules has to be added / modified to fit appropriate place or chain.

4. Restart ejabberd via init.d script

debian:~# /etc/init.d/ejabberd restart Restarting jabber server: ejabberd is not running. Starting ejabberd.

5. Create ejabberd necessery new user accounts

debian:~# /usr/sbin/ejabberdctl register admin jabber.myserver-host.com mypasswd1 debian:~# /usr/sbin/ejabberdctl register hipo jabber.myserver-host.com mypasswd2 debian:~# /usr/sbin/ejabberdctl register newuser jabber.myserver-host.com mypasswd3 debian:~# /usr/sbin/ejabberdctl register newuser1 jabber.myserver-host.com mypasswd4 ... etc.

ejabberdctl ejabberd server client (frontend) has multiple other options and the manual is a good reading.

One helpful use of ejabberdctl is:

debian:~# /usr/sbin/ejabberdctl status Node ejabberd@debian is started. Status: started ejabberd is running

ejabberctl can be used also to delete some existent users, for example to delete the newuser1 just added above:

debian:~# /usr/sbin/ejabberdctl unregister newuser jabber.myserver-host.com

6. Post install web configurations

ejabberd server offers a web interface listening on port 5280, to access the web interface right after it is installed I used URL: http://jabber.myserver-host.com:5280/admin/

To login to http://jabber.myserver-host.com:5280/admin/ you will need to use the admin username previously added in this case:
admin@jabber.myserver-host.com mypasswd1

Anyways in the web interface there is not much of configuration options available for change.

7. Set dns SRV records

I'm using Godaddy 's DNS for my domain so here is a screenshot on the SRV records that needs to be configured on Godaddy:

GoDaddy DNS SRV records screenshot

In the screenshto Target is the Fually qualified domain hostname for the jabber server.

Setting the SRV records for the domain using Godaddy's DNS could take from 24 to 48 hours to propagate the changes among all the global DNS records so be patient.

If instead you use own custom BIND DNS server the records that needs to be added to the respective domain zone file are:

_xmpp-client._tcp 900 IN SRV 5 0 5222 jabber.myserver-host.com. _xmpp-server._tcp 900 IN SRV 5 0 5269 jabber.myserver-host.com. _jabber._tcp 900 IN SRV 5 0 5269 jabber.myserver-host.com.

8. Testing if the SRV dns records for domain are correct

debian:~$ nslookup > set type=SRV > jabber.myserver-host.com ... > myserver-host.com
If all is fine above nslookup request should return the requested domain SRV records.
You might be wondering what is the purpose of setting DNS SRV records at all, well if your jabber server has to communicate with the other jabber servers on the internet using the DNS SRV record is the way your server will found the other ones and vice versa.

DNS records can also be checked with dig for example

$ dig SRV _xmpp-server._tcp.mydomain.net

[…]

;; QUESTION SECTION:
;_xmpp-server._tcp.mydomain.net. IN SRV

;; ANSWER SECTION:
_xmpp-server._tcp.mydomain.net. 259200 IN SRV 5 0 5269 jabber.mydomain.net.

;; ADDITIONAL SECTION:
jabber.mydomain.net. 259200 IN A 11.22.33.44

;; Query time: 109 msec
;; SERVER: 212.27.40.241#53(212.27.40.241)
;; WHEN: Sat Aug 14 14:14:22 2010
;; MSG SIZE rcvd: 111

9. Debugging issues with ejabberd

Ejabberd log files are located in /var/log/ejabberd , you will have to check the logs in case of any issues with the jabber XMPP server. Here is the three files which log messages from ejabberd:

debian:~$ ls -1 /var/log/ejabberd/ ejabberd.log erl_crash.dump sasl.log

I will not get into details on the logs as the best way to find out about them is to read them 😉

10. Testing ejabberd server with Pidgin

To test if my Jabber server works properly I used Pidgin universal chat client . However there are plenty of other multiplatform jabber clients out there e.g.: Psi , Spark , Gajim etc.

Here is a screenshot of my (Accounts -> Manage Accounts -> Add) XMPP protocol configuration

Pidgin account configuration XMPP on debian Linux

Tags: admin, apache, best free software, brute force, cfg, com, configure, custom, default hostname, default settings, DNS, doesn, dport, ejabberd, ejabberdctl, exact steps, file, GNU, goodies, hostname, hosts, init, INPUT, Install, installation, Jabber, Linux, Lists, mypasswd, necessery, override, ports, ppl, programming language, Protocol, quot, quot quot, rich documentation, server, servers, software, tcp, transports, uncomment, User, xmpp
Posted in Linux, System Administration, Various | 8 Comments »

Sys Admin VIM Quick Cheat Sheet ! ;)

Wednesday, July 20th, 2011

Have you, ever thought of refreshing your VIM knowledge obtained back in the days reading the vimtutorial available straight in vim via the:
vimtutor comand?

I asked few vim related question today in #vim in irc freenode and I was referred to one mate to the following picture:

Vi VIM Tutorial Quick Cheat Sheet

VIM QUICK Tutorial Sheet Picture ! 😉 Nice ! Aint’t it? 🙂

Tags: admin, Aint, Cheat, cheat sheet, comand, freenode, guy, irc, knowledge, mate, picture, question, Quick, Sheet, sys, today, tutorial, vim, vimtutor, vimtutorial
Posted in Everyday Life, Linux, Programming, System Administration, Various | No Comments »

☩ Walking in Light with Christ – Faith, Computing, Diary

Posts Tagged ‘admin’

Stop contact form spam emails in Joomla, Disable “E-mail a copy of this message to your own address.” in Joomla

The last two weeks

Troubled Day

Daily Bible quote

GET ARTICLE UPDATES

Useful blog? Help it:

Links to Other Places

Recent Posts

Ads

Categories

About Myself

Recent Comments

Top Post Views

blogtopsites