How to reset the ROOT password?

missed a ROOT password now what :(

You can reset the root password if you have physical access to your machine some of the distributions allow you to login in single user mode and once you are logged in you can change the password but what about the distributions which asks me to enter password while logging in the single user mode? eg SUSE is there a solution. yes there is follow the simple steps below to reset your password

[ad#460]

Step 1 ) Boot the system and select the normal boot menu from the list. Once selected, in the "Boot Options" box type

    "init=/bin/bash" if you are using GRUB Boot loader

    "linux init=/bin/bash" if you are using LILO Boot Loader

This will give you access to the bash without asking for the password.

Step2 )
Mount your filesystem using the following command

    # mount

Step 3) Make the file system read write if its not already using the following command

    # mount -o remount,rw /

Step 4) If you are lucky enough you can use the passwd command and change the password if it doesnot happen follow the steps mentioned next

Step 5) Edit the passwd and shadow files as follows

# vi /etc/passwd

Scroll down to the "root" line in the passwd file look for root line (something like):

root:x:0:0:root:/root:/bin/bash

Delete the "x" after "root:" leave the colons! Note: After the modification above line should look like this: root::0:0:root:/root:/bin/bash

Save file and exit. Remember [:wq]

# vi /etc/shadow

Change (something like) this -->
root:$1$42aXWP89$zcVaoeRnNVCKu4mOgJ6zt.:14289::::::


to --> root::::

Note four colons left!
Save the file and exit. Remember [:wq]
use :wq! if :wq doesnot saves it for you

Step 6) Reboot, login as a normal user change the user to root using su then than change the password using passwd

use the commands specified in this blog on your own risk.

[ad#460]


GNUnify 09

GNUnifyGNUnify is one of the biggest FOSS event which is completely managed and organized by the students of Symbiosis Institute of Computer Studies & Research. Each batch of MSc (CA) only gets one opportunity to organize it last time we "RESPAWN" organized and the tradition continued with the current batch which organized the 7th GNUnify. It was sponsored by Mozilla, they also presented a few talks this year which were great. I also got an opportunity to conduct a workshop this year which  went on well the participants were able to create websites on their local machines atleast :) this was the second time when i got the opportunity to be a speaker @ gnunify.

This year we had more then 50 speakers covering topics in various areas of software development, administration the new addition this year was the FOSS in academics Track where in teachers from various colleges came up and discussed about FOSS.
[ad#460]

top scheduling...

tasks tasks and tasks... you always need to monitor them but how to schedule this monitoring so that i can get a file generated say every hour or four hours. You normally use the following command to transfer the output of top to a file

$ top > filename

and this works fine for you have you ever tried to add this entry as a cron job believe me it wont work i struggled a lot with it so finally whats the solution to schedule it The answer is use cron job, but i just said it wont work :) yes this wont work directly you need to add certain flags hey dont work you need not search them, below is the line which you can add as your cron job

17 15 * * * root /usr/bin/top c n 1 b >/home/abhishek/topfile_$(date +\%Y-\%m-\%d-\%H-\%M) if this doesnot work in your case the following would surely work 17 15 * * * root /usr/bin/top c n 1 b >/home/abhishek/topfile_`date +\%Y-\%m-\%d-\%H-\%M`

the above statement will make a cron run every day at 17:15 which would create a file in /home/abhishek/topfile_somedatetime  containing the required information. Hey you can change this to any time or frequency or any format of file name you need just use study cron or have a look to my earlier post on cron jobs.

PXE : making your admins life easier

Need to setup a lab/office with 200+ computers, very tiring job but look if you have machines identical in configuration why are you installing each of them why not install one and replicate it to others this will save a lot of time, But how will i do this?????????? Its very very simple you can do a dd of the source to all destination but this would be even difficult and a bit geeky, hey dont worry we have a solution for it use PXE. 

Now what is this PXE??

Wikipedia "The Preboot eXecution Environment (PXE, also known as Pre-Execution Environment, or 'pixie') is an environment to boot computers using a network interface independently of available data storage devices (like hard disks) or installed operating systems."

But how does it help?? :)

there can be different situations of installation for eg u only need to install one operating system on a machine this can be easily dome by using an image which is already stored on PXE server as i call it. or u might have a whole list of OS and other softwares which are  required to be installed/configured on every machine in the environment now how do i achieve this. The solution is configure once machine with all the required softwares into it and replicate this using pxe. its very simple just setup a PXE server which provides a sender-receiver mechanism i.e which can make once machine as sender and others receiver once its done you can relax and have your whole environment setup within 30mins or so, time would very on various issues including Network and Disk Size.

But how to design a PXE Server??

I would not write a how to as its already available on Internet i just don't want to duplicate things so you can now move to http://udpcast.linux.lu (this is really a gr8 open-source project) or https://wiki.koeln.ccc.de/index.php/Ubuntu_PXE_Install and configure your own PXE server just for an hint u need to install the following on services 1) tftp-hpa 2) dhcp3-server (u can use another machine as a dhcp server as well) 3) netkit-inetd 4) You might need to recompile the kernel to suit your requirements in case of any problems you can write to me :) this PXE system has helped me a lot many times, i have configured one such system today which worked on fine so i strongly recommend this but use it on your own risk a single mistake can wipe out your entire data or do something which you have never expected so it on your own risk

Tips by an Admin-Developer

WebApps we have been developing since long we code with utmost attention, we code securely. Here are certain tips which might prevent us from a few attacks, they cannot save us completely, if they could why will be need security experts

  • Always create an index.html or index.php in each directory which is publicly accessible. We generally create folders like config, includes etc but dont create an index file in these due to which a Directory listing is shown which shows all files under the directory, so make a habit to create index.html leave it blank no probs or i would suggest that write a redirecting script in it so that if by chance a normal user goes to the directory he is redirected without seeing any of your files. Hey even Wordpress Drupal Joomla subdirectories should be checked they dont contain index.html as a result u can view http://<yourblog>/wp-content/plugins easily if its a wordpress go go and create index.html there
  • Dont keep backups on the live server i.e on publicly accessible folders.
  • Turn Server Signature Off if you can do generally in shared hosting you cant do this.
  • Create a connector file to store db name and password do not put these in each of your files.
  • Dont make unnecessary directories on web servers.
  • Keep the database and files separately.

Enjoy

[ad#460]

Wi-fi Security

Desclaimer:  The views expressed here are of the author alone, you may agree or disagree on any of them, code/commands given in the posts worked fine for the author please use them on your own risks they may damage your system.

I am in Pune since more than a year now have attended countless conferences, un-conferences, camps and what not, learnt a lot and atleast i am able to blog, in almost every event security is one of the leading topics is it that big, oh YES !!!, i would like to quote Rohit's statement "Click one centimetre below then what you use to click you would be much more secure".


With regards to Wi-fi i have heard many speakers discouraging the use of Open and WEP type of connection for home as well as corporate use, i truly agree after seeing the WEP crack in Club Hack 2008 i have also included the steps to crack WEP in this post later.

WPA2/802.1x hopefully is the most secure type of connection available today, but for how much time nobody  can comment, it would be cracked that is for sure but currently its the best.

We have seen incidences where in an attacker used an open wifi and send some of the threatening emails, we have also seen occasion when the attacker have stolen crucial data, the problem i see is lack of awareness among the users and the desire to use PLUG n PLAY devices the problem with PLUG n PLAY is you get something configured which is very generic and a common man don't dare to change it i.e don't dare to "click one centimetre below"

Personally i don't believe in PLUG n PLAY devices if i use them them i always manually configure it but its not the case with the normal public how can we ensure security to them when The Engineer from ISP comes and configures  AP in Open Mode? The need is to train our support persons on this. Recently i read an article saying that Cops in Mumbai would help users ensure that there Wifi is secure this is a very welcome step but when will this happen in other cities, when will the government be able to issue a check-list for a generic as well as for the corporate stating if you have done this a,b,c then you have done your part, i trust you.


I strongly believe that the person coming to your home for Internet Connection should configure your AP with WPA2 enabled and discourage using Open/WEP connection, the case is just reverse here hopefully this would improve very soon :)


Recommendations:

  • Never use an Open/WEP Connection
  • Never user Connection such as "Public Free Wi-fi" they may be dangerous
  • Always use WPA or WPA2 enabled connection
  • Home users should turn off AP when not in use
  • Atleast change the router password once a month, dont use admin admin please.
  • Change the default setting of your Access Point
  • Limit the DHCP allocation, recommended is bind with MAC if you have a few machines to use.
  • Always keep a log


Cracking a WEP password

Step 0 ) Use Backtrack with a supported wifi card
Step 1 ) airmon-ng start eth0
Step 2 ) airodump-ng -w capture -c 6 ath0
Step 3 ) aireplay-ng –arpreplay -b 00:11:22:33:44:55 -h 66:77:88:99:00:AA eth0
Step 4 ) aircrack-ng capture-01.cap


Detailed Guide available at http://mtaram.wordpress.com/2008/12/25/cracking-wep-in-4-steps use this at your own risk, the intention is not to teach any kind of hacking but to show that WEP is very weak.

Web Hosting

Websites Websites & Websites i am hosting since 8 years now my hosting plan is near expiry,so looking for some good deals available, in general i am not willing to move to a different hosting provider as this one is fine satisfy my hosting needs,and secondy if i change  i will have to shift all the data i am very lazy in doing this, but still i am open for change if i get some attractive offer today i searched around to find some of the plans discussed with my friends and came to a conclusion that i can stick to my current plan or go for Dream host, dreamhost would be a bit expensive still i can go for it they are providing some great services. lets see how this works out any ways i have to buy something either renew or shift to a new service. [ad#460]

Solah Sanskars

Enough of Technical Topics in this blog so thought of putting something non techie from Hindu Mythology.

Sanskaars (Sacraments)


Garbhadhaan Punsavanam Seemanto jaatkarm cha,
Naamkiiyaa Nishkramane annaashanam wapanakriyaa Karnavedho Brataadesho
Vedaarambhakriyaavidhih Keshaantam snaanmuddaho Vivaahagniparigrahah
Tretaagnishangrahacheti Sanskaaraa Shodasha smritaah


1. Grabhaadhan: Conception

2. Punsavana: Fetus protection

3. Simanta: Satisfying wishes of the pregnant Mother

4. Jaat-Karmaa: Child Birth

5. Naamkarma: Naming Child

6. Nishkramana: Taking the child outdoors

7. Annaprashana: Giving the child solid food.

8. Mundan or Choula: Hair cutting.

9. Karnavedh: Ear piercing

10. Yagyopaveet: Sacred thread

11. Vedarambh: Study of Vedas and Scriptures

12. Samaavartana: Completing education

13. Vivaah: Marriage

14. Sarvasanskaar: Preparing for Renouncing

15. Sanyas (Awasthadhyan): Renouncing

16. Antyeshti: Last rite, or funeral rites

[ad#460]

Installing PostgreSQL on Ubuntu Intrepid (8.10)



Installing majority of softwares on Ubutu is just a like away same is the case with PostgreSQL

Installing PostgreSQL (8.3)

$ sudo apt-get install postgresql


Setting the password for the postgres user

$ sudo -u postgres psql template1

ALTER USER postgres WITH PASSWORD 'password-u-need';
\q


this installs and configues the password for the postgreSQL

is this not easy with ubuntu

and yes if you need to use postgreSQL with PHP on your apache server the install the php5-pgsql module using the following

$ sudo apt-get install php5-pgsql

 

How to TTF Fonts in Ubuntu

[ad#460]
Simple steps to install TTF fonts on your Ubuntu Machine
  1. Move all your fonts to the ~/ Directory. The ~/ Directory is your home folder. So if you were logged in as abhishek, the directory would be /home/abhishek/ . This step is done only to ease the process you can use any directory for this matter.
  2. Open up the terminal. I'm assuming you've already extracted the font to the ~/ directory. Type: "cd /usr/local/share/fonts/truetype" without the quotes (the path is "/usr/share/fonts/truetype" on some distros). What this does is changes the directory to the truetype fonts directory.
  3. Type in "sudo mkdir myfonts" also without quotes. Assuming you're not logged in as root, this will ask you for your password. Anything you type will not be seen, but it is there. Just type in your password, press enter, and the directory 'myfonts' will be created.
  4. Type in "cd myfonts" . Then type in "sudo cp ~/fontname.ttf ."  These will get your font in the /myfonts directory.
  5. In order to install the font, ownership has to belong to root it would be done automatically as u copied using sudo if its not done  use "sudo chown root.root fontname.ttf" and after that "sudo mkfontdir" (this is important)which makes a directory for your font.
  6. Now your font is installed, but it will disappear the next time ubuntu starts up, so you just need to type "cd .." and after that "fc-cache" .
[ad#460]