Posts Tagged ‘consequence’

How to install and configure NTP Server (ntpd) to synchronize Linux server clock over the Internet on CentOS, RHEL, Fedora

Thursday, February 9th, 2012

Every now and then I have to work on servers running CentOS or Fedora Linux. Very typical problem that I observe on many servers which I have to inherit is the previous administrator did not know about the existence of NTP (Network Time Protocol) or forgot to install the ntpd server. As a consequence the many installed server services did not have a correct clock and at some specific cases this caused issues for web applications running on the server or any CMS installed etc.

The NTP Daemon is existing in GNU / linux since the early days of Linux and it served quite well so far. The NTP protocol has been used since the early days of the internet and for centuries is a standard protocol for BSD UNIX.

ntp is available in I believe all Linux distributions directly as a precompiled binary and can be installed on Fedora, CentOS with:

[root@centos ~]# yum install ntp

ntpd synchronizes the server clock with one of the /etc/ntp.conf defined RedHat NTP list

server 0.rhel.pool.ntp.org
server 1.rhel.pool.ntp.org
server 2.rhel.pool.ntp.org

To Synchronize manually the server system clock the ntp CentOS rpm package contains a tool called ntpdate :
Hence its a good practice to use ntpdate to synchronize the local server time with a internet server, the way I prefer to do this is via a government owned ntp server time.nist.gov, e.g.

[root@centos ~]# ntpdate time.nist.gov
8 Feb 14:21:03 ntpdate[9855]: adjust time server 192.43.244.18 offset -0.003770 sec

Alternatively if you prefer to use one of the redhat servers use:

[root@centos ~]# ntpdate 0.rhel.pool.ntp.org
8 Feb 14:20:41 ntpdate[9841]: adjust time server 72.26.198.240 offset 0.005671 sec

Now as the system time is set to a correct time via the ntp server, the ntp server is to be launched:

[root@centos ~]# /etc/init.d/ntpd start
...

To permanently enable the ntpd service to start up in boot time issue also:

[root@centos ~]# chkconfig ntpd on

Using chkconfig and /etc/init.d/ntpd cmds, makes the ntp server to run permanently via the ntpd daemon:

[root@centos ~]# ps ax |grep -i ntp
29861 ? SLs 0:00 ntpd -u ntp:ntp -p /var/run/ntpd.pid -g

If you prefer to synchronize periodically the system clock instead of running permanently a network server listening (for increased security), you should omit the above chkconfig ntpd on and /etc/init.d/ntpd start commands and instead set in root crontab the time to get synchronize lets say every 30 minutes, like so:

[root@centos ~]# echo '30 * * * * root /sbin/ntpd -q -u ntp:ntp' > /etc/cron.d/ntpd

The time synchronization via crontab can be also done using the ntpdate cmd. For example if you want to synchronize the server system clock with a network server every 5 minutes:

[root@centos ~]# crontab -u root -e

And paste inside:

*/5 * * * * /sbin/ntpdate time.nist.gov 2>1 > /dev/null

ntp package is equipped with ntpq Standard NTP Query Program. To get very basic stats for the running ntpd daemon use:

[root@centos ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
======================================================
B1-66ER.matrix. 192.43.244.18 2 u 47 64 17 149.280 41.455 11.297
*ponderosa.piney 209.51.161.238 2 u 27 64 37 126.933 32.149 8.382
www2.bitvector. 132.163.4.103 2 u 1 64 37 202.433 12.994 13.999
LOCAL(0) .LOCL. 10 l 24 64 37 0.000 0.000 0.001

The remote field shows the servers to which currently the ntpd service is connected. This IPs are the servers which ntp uses to synchronize the local system server clock. when field shows when last the system was synchronized by the remote time server and the rest is statistical info about connection quality etc.

If the ntp server is to be run in daemon mode (ntpd to be running in the background). Its a good idea to allow ntp connections from the local network and filter incoming connections to port num 123 in /etc/sysconfig/iptables :

-A INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 123 -j ACCEPT
-A INPUT -s 127.0.0.1 -m state --state NEW -p udp --dport 123 -j ACCEPT
-A INPUT -s 0.0.0.0 -m state --state NEW -p udp --dport 123 -j DROP

Restrictions on which IPs can be connected to the ntp server can also be implied on a ntpd level through /etc/ntp.conf. For example if you would like to add the local network IPs range 192.168.0.1/24 to access ntpd, in ntpd.conf should be added policy:

# Hosts on local network are less restricted.
restrict 192.168.0.1 mask 255.255.255.0 nomodify notrap

To deny all access to any machine to the ntpd server add in /etc/ntp.conf:

restrict default ignore

After making any changes to ntp.conf , a server restart is required to load the new config settings, e.g.:

[root@centos ~]# /sbin/service ntpd restart

In most cases I think it is better to imply restrictions on a iptables (firewall) level instead of bothering change the default ntp.conf

Once ntpd is running as daemon, the server listens for UDP connections on udp port 123, to see it use:

[root@centos ~]# netstat -tulpn|grep -i ntp
udp 0 0 10.10.10.123:123 0.0.0.0:* 29861/ntpd
udp 0 0 80.95.28.179:123 0.0.0.0:* 29861/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 29861/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 29861/ntpd

 

Bulgaria silently signs for ACTA / Why ACTA, SOPA and PIPA are bad for our freedom

Thursday, February 2nd, 2012

r freedomYesterday silently with zero publicity, Bulgarian representatives ratified the ACTA (Trade agreement for fighting counterfeit.)
The name sounds really good, but it has not much to do with what ACTA is about, when applied to digital medias and data sharing.
The ACTA legislation has been ratified in Tokyo last week, where 22 of the European Union membership countries signed in favour of these "malicious" treaty.

The basic idea of ACTA looks tempting as it gives more freedoms to copyright holders, however if you look closely you will understand actually this copyright infringement clauses are not so in favour of us the users but mostly in favour of multinational corporations.
For all those who have not heard about ACTA and SOPA in short this is anti freedom of speech treaty, which if put in action could lead to serious filtering of the internet.
The ACTA 's controversial treaty has already raised an outcry from dozens of computer literated individuals who daily use the internet. Unfortunately, ACTA is less known among non-tech guys … and hence most people on the internet have no about its existence.

If ACTA is ratified and set to be valid as a legislation to Bulgaria, this could lead to total Internet censorship in BG (more or less like it is in china now).
ACTA legislation will make sharing files via torrents and other P2P community file sharing networks a criminal activity.
Another effect of ACTA is that practically free software which reads a proprietary formats like DVD becomes illegal in Europe (like it is currently in America) and I will become guilty for just reading the non-free format..
As a result of ACTA our ISP (Internet Service Providers) will be forced to log and keep all traffic flowing through their (Routering servers). Filters on a local ISP level that will be censoring free speech could also become totally lawful…
Already there are plenty of ANTI-ACTA and ANTI-SOPA propaganda website which are trying to bring some more awareness to the public for the issue… Once an individual is suspected, to fraudulent activity or anything that breaks what is in ACTA is he is presumed to be guilty of crome …
Just watch the two videos below and you will see how terrible the consequence could be if this legislation is integrated with todays Bulgarian government laws. If you're hearing for ACTA for a first time and you live in a country which has still not rafitied ACTA as a local country legislation, make sure you spread the word and let all your friends about the bad impact of this anti-human legislation. We have to really stand up and protest to retain our digital freedom !

The Internet can be censored if Protect IP ACT (PIPA) and Stop Online Piracy Act (SOPA) are put in action !

ANTI-ACTA – Hmmm But What can you do??
 

How to fix wrongly configured timezone in Debian GNU/Linux and Ubuntu

Wednesday, August 3rd, 2011

During the install of a new Debian GNU/Linux server I was in a real hurry, so I mistakenly choose a wrong timezone of US/Pacific

As a consequence the server date and time was incorrect and I had to fix that to adjust to the proper server location which of this case was:Europe/London

Here is the quick fix:

debian:~# dpkg-reconfigure tzdata

Next I choose my timezone from the ncurses interface navigating with arrow keys and used ntpdate to synchronize the time for the server like so:

debian:~# ntpdate time.nist.gov
3 Aug 16:02:26 ntpdate[26658]: adjust time server 192.43.244.18 offset 0.000802 sec

Done 😉

How to fix wicd 1.7.0+ds1-5 Connection Failed: Bad Password on Ubuntu 10.10 (Maverick Merkaaat)

Tuesday, May 3rd, 2011

I’ve been struggling with fixing a nasty error with wicd network manager for about 2 hours.
The exact error message I faced was:

Connection Failed: Bad Password

The issue occured after some suggested updates from the Ubuntu graphical update tool.
The wireless network to which it was connected was a WPA-PSK (WPA2) Passphrase authentication.
The network key was properly typed in and was working well on another system so the error Connection Failed: Bad Password made no sense.

There was nothing unusual in /var/log/wicd/wicd.log , that made me even more curious about what might be causing the error.After a lot of try outs and a lot of readings and tests I finally got the cause of the weird Bad Password errors produced by wicd

Weirdly enought, somehow the Ubuntu package update tool has installed the default gnome network-manager package.
The installed network-manager package has mismatched somehow the way wicd connects to wireless networks and as a cause the wpa_supplicant binary was not properly invoked.

As a consequence of the network-manager being present on the system the wpa_supplicant process which made the exact connection to the wireless network was not launching in, the exact wpa_supplicant invocation missing was:

wpa_supplicant -B -i wlan0 -c /var/lib/wicd/configurations/0022b0aa424a -D wext

Luckily the solution to the notebook wireless device unable to connect to the Wireless network was simple.

All I had to do is completely remove all occurance of network-manager packages installed on the Ubuntu system, by issuing the commands:

ubuntu:~# apt-get remove --yes network-manager
ubuntu:~# dpkg --purge network-manager-pptp-gnome network-manager-pptp network-manager

The reason for issuing the a dpkg –purge command was my desire to completely get rid of all kind of network-manager related configurations.

Now after re-connecting with wicd wireless manager, it worked fine 😉

Computers Technology use, Internet, Mobile Phones and all kind of technical screen based equipment alters negatively the human brain

Tuesday, April 26th, 2011

Computers Internet and Technology evil terminator picture

According to latest scientific research conducted in Stanford University USA .

People who actively use computers and internet has been the object of the research in 2009.

Social Networks, Tablets Smartphones etc. provides more and more possibilities for us to access information.

Most of modern people today tend to loose approximately between 8 and 10 hours a day either using Internet, a PC, Word-excel, their mobile phone or some kind of other mobile gadget like let’s say IPAD.

Most of today’s technologic goods we use to make our lives easier are multitasking.
The brain itself is not adjusted to work in such a multi-tasking mode as a direct consequence of being in contact with this multi-tasking for a long periods of time it gets altered.
Suddenly it starts being multitasking, or in other words starts processing information in parallel.

As the amount of information is constantly increasing online and we’re in contact with more and more information and moreover the altered way of our brains which starts working in multi-tasking the brain-overflows or (information brain overlow) is starting being more and more occuring event.

The consequence of this complexity is starting to impact us seriously as we tend to get addicted to technology usage and day by day it seems that the amount of information our brains are able to process is decreasing.

Logically enough the long-term consequence of a an internet addiction or any kind of technology addiction, plus the tremendous amounts of information we do think over daily is starting to show up the negative consequences on our psyche and (soul)

The brain starts changing the way it gets information as it adapts itself to “not remember”, as the information to be processed daily is so much that it couldn’t really comprehend it.

A good example for multi-tasking which if not all most of the users on the Internet today use daily is one of terriblest things ever created facebook, in my of my previous articles I’ve blogged about why social networks are big evil read it here and it seems this new information about brain altering caused bhy multi-tasking is just another supporting reason on why it’s better not to use social networks like facebook and twitter.

The endless amount of information according to the Stanford University research has prooven that the endless amount of information is pernicioufor our (brains) minds and is in many ways similar to the excessive amount of sugar in the body.

The scientiests which conducted the research does recommend to heavy computer and tech users (like me), to self-control themselves and be on a tech-diet (e.g. not use technology completely for at least 1 or 2 days every week).

Another serious damage which was prooven according to Stanford’s scientiests research was that people’s brains who have a severe exposure to internet or phone usage tend to have very serious problems with contentration and are very easily distracted.
This in a long term surely leads to a chaotic way of living obviously.
Suddenly it seems technology to be slowly becoming even more deadly and destructive than drugs.

Many people would say this kind of research is not true, but I can confirm that for instance many of the proven facts are things I have experiences myself in my daily life, so I believe what the research has prooven is mostly true.

This research was just another one after a month before other scientiests has prooven that Mobile Phone use leads to alteration of the brain chemistry
Apart from all the said negative consequences of use of technology for human brain is the problem with technology today heavily used as a way to spy on personal privacy I wonder be glad to hear in the comments section for other people like me who have problems with concentration and have a very short time memory (I myself have serious problem with that one).