How to Mount and ISO Image in Solaris and Linux

Why Bother Mounting an ISO Image?

Sometimes you find yourself in a situation where you need to take an ISO image and utilize it like a CD or DVD. The popularity of virtual machines and the ability to manipulate larger files over high speed Internet increase the chances that you’ll have to work with an ISO image from time to time. Being able to mount an ISO image as though it were an inserted CD/DVD can make manipulating these kinds of files a bit easier– especially if your computer doesn’t have a CD/DVD ROM drive installed.

In Solaris

Let’s say you have a third party program you need to install, but the vendor only gives you an ISO file. Let’s say the name of the file is thirdparty.iso and you have downloaded that file to /export/home/myhome. Here’s an easy way to utilize this file under Solaris: Continue reading How to Mount and ISO Image in Solaris and Linux

Amazon Web Services : RHEL 6.4 Setup

Although most of my test servers are registered with RackSpace, I thought that it would be a good idea to review AWS for some of my less technical colleagues that are interested in gently stepping into the Cloud Server arena. AWS offers a free tier service for 12 months using the t1.micro instance for 750 hours. However, a credit card will be required to setup an account so they may easily charge you if you decide to upgrade to another service level. Although this straightforward 25 step process will help you get up running with a RHEL 6.4 server, you should read the AWS documentation and FAQs to understand how the system works and pricing levels.

1. Go to the Amazon website and click “Get Started for Free“,

  http://aws.amazon.com/free/

aws1 Continue reading Amazon Web Services : RHEL 6.4 Setup

How to Sub-Delegate Reverse DNS Records Part 2

From the Service Provider’s Perspective

In part one of this topic, we discussed how to manage a sub-delegation for reverse DNS records once your ISP provides this service for you. Here in part two, we’ll discuss how to provide the sub-delegation of a reverse DNS range to another user. So in this situation, think of yourself as the provider offering the service for a customer or end user.

What You’ll Need

After you have received the request from the customer, you will need to confirm that they have created the proper zone for the Continue reading How to Sub-Delegate Reverse DNS Records Part 2

A Brief Introduction to SQL using MySQL

I. Lab Setup

In order to setup this lab for your local users, you will need to install and configure mysql with the appropriate accounts and access. We are going to use the sample database file provided by the O’Reilly book, Learning SQL by Alan Beaulieu. Now, let’s install the mysql utilities and server,

[root@localhost]# yum install mysql
[root@localhost]# yum install mysql-server

Start the daemon and verify the process is running,

[root@localhost]# service mysqld start
[root@localhost]# pgrep -l mysql

Connect to the mysql database, set the root password and verify it is working correctly,

[root@localhost]# mysql -u root
mysql> set password for root@localhost=password('mysecret');
mysql> select user,host,password from mysql.user;
mysql> exit
[root@localhost]# mysql -u root -p
Enter password: Continue reading A Brief Introduction to SQL using MySQL 

An Introduction to BGP – Border Gateway Protocol

Border Gateway Protocol-

BGP is the routing protocol of the internet. It is non-proprietary and has the ability to run on many different networking devices. This is typically ran on higher end routers, or even layer 3 switches. This is what the internet backbone routers use to make routing decisions for traffic traversing the internet.

BGP specifies how routers communicate with each other and share information which dictates the possible paths for traffic to take going in or out of a network.BGP is a path vector protocol, which means that its routing decisions are based on path, policies, and/or rule sets. Continue reading An Introduction to BGP – Border Gateway Protocol

How to Sub-Delegate Reverse DNS Records Part 1

The Purpose of DNS Sub-Delegation

Let’s say you have acquired a static IP range from your ISP. Now that you have that range, you decide you also want to control the PTR records for these addresses as well. But, PTR records typically belong to the ISP. However, you do not want to depend on the ISP for each change you’d like to make; you want more control. How can your gain more control over those PTR records?

The way to gain this control is through DNS Sub-Delegation. DNS Sub-Delegation is when your ISP forwards PTR requests to your name server so that you can have control over your record updates. In other words, the ISP delegates their authority over their PTR records to your DNS server.

Prerequisites

If you understood the implications of that last sentence, you’ll realize that you will need your own local DNS service that controls your domain. After all, if you don’t control your own domain, how are you going to control the PTR records once they are delegated to you? In this post, we’ll assume that you will manage your PTR records with your own DNS server. Continue reading How to Sub-Delegate Reverse DNS Records Part 1

Cracking Cisco Type 7 passwords by hand

Although you should be using MD5 or SHA256 for password security, Type 7 passwords are still in use and so I thought this would be a fun learning exercise.

The ‘service password-encryption‘ or Type 7 password is based on a known proprietary weak encryption algorithm using XOR and can be recognized in the configuration file as,

password 7 030752180500

Note: Type 5 uses MD5 and looks similar to this,

enable secret 5 $1$OB1J$tNsFgEZ4kD1qituaAeYfa0

There are plenty of scripts or websites that can crack Type 7 passwords in less than a second, including one on Cisco’s website. This example will show how this can be done with just pen and paper. Continue reading Cracking Cisco Type 7 passwords by hand

Basic Cisco ASA firewall setup

There are many different firewall options out there, but one of the most prevalent seems to be the Cisco ASA. This post is a basic configuration outline of the general setup of an ASA firewall that has basic connectivity, as well as dynamic and static NAT functions. While there are many different services an ASA can provide, this post centers on an ASA configuration running on the 8.x code version doing only basic functions. This particular setup is on a firewall in routed mode, that is used for NAT/PAT with only an inside and outside interface setup.

The first config settings to enter on an ASA, or most any other Cisco networking devices is the hostname of the device, domain name, and the enable password for logging into privileged exec mode.


config t
hostname LabASA1
domain-name labasa1.yourdomain.com
enable password Secret1 Continue reading Basic Cisco ASA firewall setup 

How to Setup a TFTP Server Under CentOS/RHEL 6

Why bother with tftp?

Many network devices such as Cisco routers and switches use tftp in order to download their IOS config updates. tftp can also be used for network based installs or for booting up diskless systems. Knowing how to setup a tftp server comes in quite handy when circumstances like these arise.

Getting started . . .

The Network Topology

Let’s say we’re dealing with a private network– 192.168.100.0/24. We’ll designate our tftp server and tftp test client as 192.168.100.5 and 192.168.100.105 respectively. You will need superuser privileges on both your server and client in order to successfully perform all of these commands.

Get the Necessary Packages

Log on to 192.168.100.5 and download the necessary programs; make sure they survive reboots:


# yum install tftp-server xinetd
# chkconfig tftp on Continue reading How to Setup a TFTP Server Under CentOS/RHEL 6 

ipfilter and ipv6

For people running older versions of Solaris, like 8/9, the firewall of choice to install was ipfilter. Now, with Solaris 10 it has become the default, built-in with the OS. I wanted to do a short post about adding configuration settings for ipv6 and plan to cover ipv4 in detail in a later post.

One thing to note is that ipfilter must run it’s ipv6 rules under a separate file. In Solaris 10, the default location for the filter rules is in /etc/ipf and the firewall rules are located in the files ipf.conf and ipf6.conf for ipv4 and ipv6 respectfully. Here is a sample of the current file on one of my servers,


#
# ipf6.conf
#
# IPv6 Filter rules to be loaded during startup
#
# See ipf(4) manpage for more information on
# IP Filter rules syntax. Continue reading ipfilter and ipv6