Unflappings

Bold indicates a button clicked or key pressed.
“quotes” indicates a value which has been entered.

Grey block quote is a command typed directly into the console.

If you happen to come across the following error:

Joined ‘LOCALHOST’ to realm ‘test.lcl’
[2010/03/04 14:39:39,     0] utils/net_ads.c:1080(net_update_dns_internal)   net_update_dns_internal: Failed to connect to our DC!
DNS update failed!

This simply means that your FQDN entry for the Linux system you are trying to join is incorrect as far as AD is concerned. In this case the box LOCALHOST.LOCAL.LCL was trying to join the domain TEST.LCL and there was an obvious mismatch. However not quite as obvious of an error message. Update this information in your /etc/hosts file and you should be set!

Bold indicates a button clicked or key pressed.
“quotes” indicates a value which has been entered.

Grey block quote is a command typed directly into the console.

Purpose

The following steps allow you to convert a PFX certificate file in Windows Server to a PEM file. This is important since most Linux/Unix systems prefer a PEM format for certificate use, especially something like an Apache web server.

1. Download and install the Win32 OpenSSL (v0.9.8i) package from http://www.slproweb.com/products/Win32OpenSSL.html
2. Create the folder C:\certs and copy your exported PFX certificate file inot the C:\certs folder. The name yourcert.pfx is used in this example.
3. Go to Start, then click Run and type in “cmd” and press enter. This should bring up a command prompt which you can use to change into the OpenSSL bin directory.

cd %homedrive%\OpenSSL\bin

openssl pkcs12 -in C:\certs\yourcert.pfx -out c:\certs\newcertname.pem -nodes

4. This should convert the file from a PFX format to a PEM format, feel free to substitute your own name instead of “newcertname.pem”. Also be sure this command is entered as one line, regardless of how it appears on this site. When prompted, enter the password you used when exporting the PFX file from the Windows certificate store. You should then receive the message “MAC verified OK”.
5. Open “newcertname.pem” in notepad, and cut out the private key into C:\OpenSSL\bin\private\privatekey.pem (or another path and name as you see fit).
6. Also cut out the CA Certificate into C:\OpenSSL\bin\cacert.pem
7. Modify c:\OpenSSL\bin\openssl.cfg configuration file and change the [alt_names] to whichever alternative names you wish.
8. Create a new request, by typing the following commands.

openssl req -new -nodes -keyout privatekey.pem -out cert-request.pem

openssl ca -out issued-cert -in cert-request.pem

9. This should have created a new request and signed it with the CA’s private key. Keep in mind the path to these certificate files are not included here so make sure you are in the proper directory (i.e. the same directory) for those files.
10. If you get errors during this procedure, clear the index.txt and serial files within the OpenSSL directory to be sure it is working with a fresh batch. Below is the configuration file for OpenSSL and is to be used as reference. Not all of the configuration is the same, so be sure to double check names of certificates and paths.

Continue Reading »

Bold indicates a button clicked or key pressed.
“quotes” indicates a value which has been entered.

Grey block quote is a command typed directly into the console.

Manual Backup of Zimbra

1.Gain root shell access to the Zimbra box

#su

#’Your Password’

Stop Zimbra Services from running in order to perform a cold backup. This is necessary so the database and ZCS stay synced. Depending on your installation size,  your server may be down for up to 10 minutes. Generally, for a decent sized install with approximately 150 users, the server will only be down for 4-6 minutes.

#sudo -u zimbra /opt/zimbra/bin/zmcontrol stop

3.Make a backup directory and Sync Zimbra Directory to backup directoy

#cd /
#mkdir backup
#cd backup
#mkdir zimbra
#rsync -avHK /opt/zimbra/ /backup/zimbra

4.Restart Zimbra services

#sudo -u zimbra /opt/zimbra/bin/zmcontrol start

5.Create archived backup for offsite transfer via FTP

#tar -zcvf /tmp/mail.backup.gz -C /backup/zimbra .

6.Finally, send the archive backup to an FTP backup server. The username and password should be entered without any quotes.  In addition, replace IPADDRESS with your ftp server.

#ncftpput -u ’username -p ’password’ IPADDRESS /mail /tmp/mail.backup.gz

Bold indicates a button clicked or key pressed.
“quotes” indicates a value which has been entered.

Grey block quote is a command typed directly into the console.

Purpose

If an 802.11 wireless network ever employs a MAC access list, this is a simple solution for easily defeating this terrible security measure. This already assumes you have BackTrack loaded and a wireless card capable of monitor mode.

Procedures

1.  In a terminal brought up the wireless interface, and turn on airmon as show in Figure 1

Figure 1: Starting card up in monitor mode.

2. Started airodump-ng to collect a valid MAC address of a collected client as seen in Figure 2.

Figure 2: Locating an assocated station to mimic.

3.  Copy out a valid MAC address and apply it to the the current wireless interface as seen in Figure 3.

Figure 3: Mimic the stolen station MAC address.

4. Use this wireless interface to associate to the MAC filtering network with success. If you experience intermittent connection issues, this is because you are sharing a MAC address with another associated client and this can cause unexpected results.

Bold indicates a button clicked or key pressed.
“quotes” indicates a value which has been entered.

Grey block quote is a command typed directly into the console.

Procedures

1. Log in as root or an administrative user.

#apt-get install tftpd
#mkdir /tftpboot
#chmod 777 /tftpboot

2. Edit /etc/inetd.conf, change /srv/tftp to /tftpboot under the tftp section. This is a matter of personal choice, however many programs use the /tftpboot directory as their base of operations for TFTP transactions.

#/etc/init.d/openbsd-inetd restart