Friday, 20 September 2013

How to Reset "root" Password Using Single User Mode in Ubuntu

While your system booting hold the Shift Key. You will get the GRUB screen like below


Select the first Grub entry and press e to edit the the Grub entry that splash screen like below



Find and change the line 

linux /boot/vmlinuz-3.2.0-23-generic-pae root=UUID=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx ro  quiet splash to linux /boot/vmlinuz-3.2.0-23-generic-pae root=UUID=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx rw init=/bin/bash


After changed above line Press crtl+x or F10 to boot. Now you logged in without password



Now you can able to reset the root password using following command



Enjoy....

Thursday, 5 September 2013

Emerging Threats rules for Snort

First i was using Snort Registered user rule from official snort website ( snort.org) after that i found Emerging Threats rule from my friend blog.

You can download Emerging Threats rule depends upon the snort version. You will use below link


I was using Snort 2.9. So i download ET rule using below link

   [root@snort_install]# wget http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz

[root@snort_install]# tar -zxvf emerging.rules.tar.gz

Copy all the rules from rules directory to /etc/snort/rules

[root@snort_install]# mv rules/* /etc/snort/rules/

Now we need to change rules path settings in snort.conf file

[root@iitb-st snort_install]# vim /etc/snort/snort.conf


################################################### # Step #7: Customize your rule set # For more information, see Snort Manual, Writing Snort Rules # # NOTE: All categories are enabled in this conf file ################################################### # site specific rules include $RULE_PATH/local.rules include $RULE_PATH/emerging-ftp.rules include $RULE_PATH/emerging-policy.rules include $RULE_PATH/emerging-trojan.rules include $RULE_PATH/emerging-games.rules include $RULE_PATH/emerging-pop3.rules include $RULE_PATH/emerging-user_agents.rules ##include $RULE_PATH/emerging-activex.rules #include $RULE_PATH/emerging-rpc.rules include $RULE_PATH/emerging-attack_response.rules include $RULE_PATH/emerging-icmp.rules include $RULE_PATH/emerging-scan.rules include $RULE_PATH/emerging-scada.rules #include $RULE_PATH/emerging-voip.rules include $RULE_PATH/emerging-chat.rules #include $RULE_PATH/emerging-icmp_info.rules ##include $RULE_PATH/emerging-shellcode.rules include $RULE_PATH/emerging-web_client.rules include $RULE_PATH/emerging-imap.rules include $RULE_PATH/emerging-web_server.rules #include $RULE_PATH/emerging-current_events.rules ##include $RULE_PATH/emerging-inappropriate.rules include $RULE_PATH/emerging-smtp.rules ##include $RULE_PATH/emerging-web_specific_apps.rules ##include $RULE_PATH/emerging-deleted.rules include $RULE_PATH/emerging-malware.rules include $RULE_PATH/emerging-snmp.rules #include $RULE_PATH/emerging-worm.rules #include $RULE_PATH/emerging-dns.rules #include $RULE_PATH/emerging-misc.rules include $RULE_PATH/emerging-sql.rules #include $RULE_PATH/emerging-dos.rules #include $RULE_PATH/emerging-netbios.rules include $RULE_PATH/emerging-telnet.rules include $RULE_PATH/emerging-exploit.rules #include $RULE_PATH/emerging-p2p.rules #include $RULE_PATH/emerging-tftp.rules include $RULE_PATH/emerging-mobile_malware.rules include $RULE_PATH/emerging-info.rules #include $RULE_PATH/emerging-botcc.rules #include $RULE_PATH/emerging-botcc-BLOCK.rules include $RULE_PATH/emerging-compromised.rules #include $RULE_PATH/emerging-compromised-BLOCK.rules #include $RULE_PATH/emerging-drop.rules #include $RULE_PATH/emerging-drop-BLOCK.rules #include $RULE_PATH/emerging-dshield.rules #include $RULE_PATH/emerging-dshield-BLOCK.rules #include $RULE_PATH/emerging-rbn.rules #include $RULE_PATH/emerging-rbn-malvertisers.rules #include $RULE_PATH/emerging-rbn-BLOCK.rules #include $RULE_PATH/emerging-rbn-malvertisers-BLOCK.rules #include $RULE_PATH/emerging-tor.rules #include $RULE_PATH/emerging-tor-BLOCK.rules #include $RULE_PATH/emerging-ciarmy.rules

:wq

This above rules set up depends upon your server needs.

Now you will go and check your rules (/etc/snort/rules). Here also you will customize the rules depends upon your server needs.

I hope, it will helps...

Monday, 2 September 2013

How to install php-pecl-solr on Centos

You can download php-pecl-solr from this link https://github.com/ecaron/php-pecl-solr and Extract that file.

           [root@manivel ]# unzip php-pecl-solr-master.zip

Go to php-pecl-solr-master directory

           [root@manivel ]# cd php-pecl-solr-master/

You need to install some package before install the php-pecl-solr

           [root@manivel ]# yum install curl curl-devel
           [root@manivel ]# yum install libxml2-devel
          [root@manivel ]# yum install php-devel

The phpize command is used to prepare the build environment for a PHP Extension

          [root@manivel php-pecl-solr-master]# phpize 
          Configuring for:
          PHP Api Version:         20090626
          Zend Module Api No:      20090626
          Zend Extension Api No:   220090626

 Run these command to compile and install the php-pecl-solr

          [root@manivel php-pecl-solr-master]# ./configure 

          [root@manivel php-pecl-solr-master]# make 

          [root@manivel php-pecl-solr-master]# make install

A successful install will have created solr.so and You need to add extension=solr.so in php.ini file

         [root@manivel php-pecl-solr-master]# vi /etc/php.ini

               extension=solr.so

           :wq

After that restart the httpd service

          [root@manivel php-pecl-solr-master]# service httpd restart

I hope and it helps.....