Septiembre 30

Installing SAV Dynamic Interface (SAVDI) on servers running Sophos Anti-Virus for Unix/Linux Version 9

pplies to the following Sophos product(s) and version(s)

SAV Dynamic Interface

What To Do

Create symbolic links for libsavi.so.3 and libssp.so.0

You need to create links so that SAVDI can locate these libraries during installation.

32-bit servers

The link for libsavi.so.3 is created by the Sophos Anti-Virus Version 9 installer, so you only need to create a link for libssp.so.0. Open a terminal with root privileges and run the below command:

ln -s /opt/sophos-av/lib/libssp.so.0 /usr/local/lib/libssp.so.0

Note: If you have installed Sophos Anti-Virus to a non-default location then change the source path to this location.

64-bit servers

Open a terminal with root privileges and run the below commands:

<code>ln -s /opt/sophos-av/lib64/libsavi.so.3 /usr/local/lib/libsavi.so.3</code>
<code>ln -s /opt/sophos-av/lib64/libssp.so.0 /usr/local/lib/libssp.so.0</code>

Note: If you have installed Sophos Anti-Virus to a non-default location then change the source path to this location.

Install SAV Dynamic Interface (SAVDI)

You are now ready to install SAVDI.

  1.  Install SAVDI as documented in the startup guide
  2. The below warning is reported because the virus data is detected in a non-default directory:
    Warning: Virus data found at /opt/sophos-av/lib/sav

Configure the virus data directory within savdid.conf

  1. Open the SAVDI configuration file:
    /usr/local/savdi/savdid.conf
  2. Locate the below entries:
    #virusdatadir: /var/sav/vdbs
    
    #idedir: /var/sav/vdbs
  3. Change these to:
    <code>virusdatadir: /opt/sophos-av/lib/sav
    
    idedir: /opt/sophos-av/lib/sav</code>

    Note: The ‘#‘ comment character needs to be removed from each entry

Start SAVDI

/etc/savdid.conf

pidfile: /var/tmp/savdi/new.pid
user: amavis
group: amavis
threadcount: 30
maxqueuedsessions: 2
virusdatadir: /opt/sophos-av/lib/sav
idedir: /opt/sophos-av/lib/sav
onexception: REQUEST
onrequest: REQUEST
log {
 type: FILE
 logdir: /var/log/savdid/log
 loglevel: 2
}
channel {
 logrequests: YES
 commprotocol {
 type: IP
 address: 0.0.0.0
 port: 4020
 requesttimeout: 120
 sendtimeout: 2
 recvtimeout: 10
 }
 service {
 name: sophos
 type: avscan
 scanprotocol {
 type: ICAP
 version: 1.02
 keepalive: YES
 }
 scanner {
 type: SAVI
 inprocess: YES
 savists: enableautostop 1
 savigrp: grpsuper 1
 }
 }
}
channel {
 commprotocol {
 type: IP
 address: 127.0.0.1
 port: 4010
 requesttimeout: 120
 sendtimeout: 2
 recvtimeout: 5
 }
 scanprotocol {
 type: SSSP
 allowscanfile: SUBDIR
 allowscandata: YES
 maxscandata: 500000
 maxmemorysize: 250000
 tmpfilestub: /var/amavis/
 }
 scanner {
 type: SAVI
 inprocess: YES
 maxscantime: 3
 maxrequesttime: 10
 deny: /home
 savigrp: GrpArchiveUnpack 0
 savigrp: GrpInternet 1
 savists: Xml 1
 }
}

 

/opt/savdid/savdid -l -c /etc/savdid.conf -d

nano /etc/amavis/conf.d/15-av_scanners

 

['Sophos-SSSP',
 \&ask_daemon, ["{}", 'sssp:/var/run/savdid/savdid.sock'],
# or: ["{}", 'sssp:[127.0.0.1]:4010'],
 qr/^DONE OK\b/m, qr/^VIRUS\b/m, qr/^VIRUS\s*(\S*)/m ],

 

 

Category: Uncategorized | Los comentarios están deshabilitados en Installing SAV Dynamic Interface (SAVDI) on servers running Sophos Anti-Virus for Unix/Linux Version 9
Septiembre 30

How To Install Linux, Apache, MySQL, PHP (LAMP)

LAMP stack is a group of open source software used to get web servers up and running. The acronym stands for Linux, Apache, MySQL, and PHP. Since the virtual private server is already running Debian, the linux part is taken care of. Here is how to install the rest.

Set Up

Before running through the steps of this tutorial, make sure that all of your repositories are up to date:

apt-get update

With that completed, go ahead and start installing the LAMP server.

Step One—Install Apache

Apache is a free open source software which runs over 50% of the world’s web servers.

To install apache, open terminal and type in these commands:

apt-get install apache2

That’s it. To check if Apache is installed on your VPS, direct your browser to your server’s IP address (eg. http://12.34.56.789). The page should display the words “It works!” likethis.

How to Find your Server’s IP address

You can run the following command to reveal your VPS’s IP address.

ifconfig eth0 | grep inet | awk '{ print $2 }'

Step Two—Install MySQL

MySQL is a widely-deployed database management system used for organizing and retrieving data.

To install MySQL, open terminal and type in these commands:

apt-get install mysql-server

During the installation, MySQL will ask you to set a root password. If you miss the chance to set the password while the program is installing, it is very easy to set the password later from within the MySQL shell.

Finish up by running the MySQL set up script:

 mysql_secure_installation

The prompt will ask you for your current root password.

Type it in.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Then the prompt will ask you if you want to change the root password. Go ahead and choose N and move on to the next steps.

It’s easiest just to say Yes to all the options. At the end, MySQL will reload and implement the new changes.

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y                                            
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

Once you’re done with that you can finish up by installing PHP on your virtual server.

Step Three—Install PHP

PHP is an open source web scripting language that is widely use to build dynamic webpages.

To install PHP, open terminal and type in this command. UPDATE: If you are on Debian 7, exclude php5-suhosin from that list as it was removed.

 apt-get install php5 php-pear php5-suhosin php5-mysql

After you answer yes to the prompt twice, PHP will install itself.

Finish up by restarting apache:

service apache2 restart

Congratulations! You now have LAMP stack on your droplet!

Step Four—RESULTS: See PHP on your Server

Although LAMP is installed, we can still take a look and see the components online by creating a quick php info page

To set this up, first create a new file:

 nano /var/www/info.php

Add in the following line:

<?php
phpinfo();
?>

Then Save and Exit.

Category: APACHE | Los comentarios están deshabilitados en How To Install Linux, Apache, MySQL, PHP (LAMP)
Septiembre 26

Linux File System Read Write Performance Test

The Simplest Performance Test Using dd command

The simplest read write performance test in Linux can be done with the help of dd command. This command is used to write or read from any block device in Linux. And you can do a lot of stuff with this command. The main plus point with this command, is that its readily available in almost all distributions out of the box. And is pretty easy to use.

With this dd command we will only be testing sequential read and sequential write.I will test the speed of my partition /dev/sda1 which is mounted on “/” (the only partition i have on my system)so can write the data to any where in my filesystem to test.

1
2
3
4
5
[root@slashroot2 ~]# dd if=/dev/zero of=speetest bs=1M count=100
100+0 records in
100+0 records out
104857600 bytes (105 MB) copied, 0.0897865 seconds, 1.2 GB/s
[root@slashroot2 ~]

In the above command you will be amazed to see that you have got 1.1GB/s. But dont be happy thats falsecheeky. Becasue the speed that dd reported to us is the speed with which data was cached to RAM memory, not to the disk. So we need to ask dd command to report the speed only after the data is synced with the disk.For that we need to run the below command.

1
2
3
4
[root@slashroot2 ~]# dd if=/dev/zero of=speetest bs=1M count=100 conv=fdatasync
100+0 records in
100+0 records out
104857600 bytes (105 MB) copied, 2.05887 seconds, 50.9 MB/s

As you can clearly see that with the attribute fdatasync the dd command will show the status rate only after the data is completely written to the disk. So now we have the actual sequencial write speed. Lets go to an amount of data size thats larger than the RAM. Lets take 200MB of data in 64kb block size.

1
2
3
4
[root@slashroot2 ~]# dd if=/dev/zero of=speedtest bs=64k count=3200 conv=fdatasync
3200+0 records in
3200+0 records out
209715200 bytes (210 MB) copied, 3.51895 seconds, 59.6 MB/s

 

as you can clearly see that the speed came to 59 MB/s. You need to note that ext3 bydefault if you do not specify the block size, gets formatted with a block size thats determined by the programes like mke2fs . You can verify yours with the following commands.

tune2fs -l /dev/sda1

dumpe2fs /dev/sda1

For testing the sequential read speed with dd command, you need to run the below command as below.

1
2
3
4
[root@myvm1 sarath]# dd if=speedtest of=/dev/null bs=64k count=24000
5200+0 records in
5200+0 records out
340787200 bytes (341 MB) copied, 3.42937 seconds, 99.4 MB/s

Performance Test using HDPARM

Now lets use some other tool other than dd command for our tests. We will start with hdparm command to test the speed. Hdparm tool is also available out of the box in most of the linux distribution.

1
2
3
4
5
[root@myvm1 ~]# hdparm -tT /dev/sda1
 
/dev/sda1:
 Timing cached reads:   5808 MB in  2.00 seconds = 2908.32 MB/sec
 Timing buffered disk reads:   10 MB in  3.12 seconds =   3.21 MB/sec

 

There are multiple things to understand here in the above hdparm results. the -t Option will show you the speed of reading from the cache buffer(Thats why its much much higher).

The -T option will show you the speed of reading without precached buffer(which from the above output is low 3.21 MB/sec as shown above. )

the hdparm output shows you both the cached reads and disk reads separately. As mentioned before hard disk seek time also matters a lot for your speed you can check your hard disk seek time with the following linux command. seek time is the time required by the hard disk to reach the sector where the data is stored.Now lets use this seeker tool to find out the seek time by the simple seek command.

1
2
3
4
5
6
7
8
[root@slashroot2 ~]# seeker /dev/sda1
Seeker v3.0, 2009-06-17, http://www.linuxinsight.com/how_fast_is_your_disk.html
Benchmarking /dev/sda1 [81915372 blocks, 41940670464 bytes, 39 GB, 39997 MB, 41 GiB, 41940 MiB]
[512 logical sector size, 512 physical sector size]
[1 threads]
Wait 30 seconds..............................
Results: 87 seeks/second, 11.424 ms random access time (26606211 < offsets < 41937280284)
[root@slashroot2 ~]#

its clearly mentioned that my disk did a 86 seeks for sectors containing data per second. Thats ok for a desktop Linux machine but for servers its not at all ok.

Read Write Benchmark Test using IOZONE:

Now there is one tool out there in linux that will do all these test in one shot. Thats none other than “IOZONE”. We will do some benchmark test against my /dev/sda1 with the help of iozone.Computers or servers are always purchased keeping some purpose in mind. Some servers needs to be highend performance wise, some needs to be fast in sequencial reads,and some others are ordered keeping random reads in mind. IOZONE will be very much helpful in carrying out large number of permance benchmark test against the drives. The output produced by iozone is too much brief.

The default command line option -a is used for full automatic mode, in which iozone will test block sizes ranging from 4k to 16M and file sizes ranging from 64k to 512M. Lets do a test using this -a option and see what happens.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
[root@myvm1 ~]# iozone -a /dev/sda1
             Auto Mode
        Command line used: iozone -a /dev/sda1
        Output is in Kbytes/sec
        Time Resolution = 0.000001 seconds.
        Processor cache size set to 1024 Kbytes.
        Processor cache line size set to 32 bytes.
        File stride size set to 17 * record size.
                                                            random  random    bkwd   record   stride
              KB  reclen   write rewrite    read    reread    read   write    read  rewrite     read   fwrite frewrite   fread  freread
              64       4  172945  581241  1186518  1563640  877647  374157  484928   240642   985893   633901   652867 1017433  1450619
              64       8   25549  345725   516034  2199541 1229452  338782  415666   470666  1393409   799055   753110 1335973  2071017
              64      16   68231  810152  1887586  2559717 1562320  791144 1309119   222313  1421031   790115   538032  694760  2462048
              64      32  338417  799198  1884189  2898148 1733988  864568 1421505   771741  1734912  1085107  1332240 1644921  2788472
              64      64   31775  811096  1999576  3202752 1832347  385702 1421148   771134  1733146   864224   942626 2006627  3057595
             128       4  269540  699126  1318194  1525916  390257  407760  790259   154585   649980   680625   684461 1254971  1487281
             128       8  284495  837250  1941107  2289303 1420662  779975  825344   558859  1505947   815392   618235  969958  2130559
             128      16  277078  482933  1112790  2559604 1505182  630556 1560617   624143  1880886   954878   962868 1682473  2464581
             128      32  254925  646594  1999671  2845290 2100561  554291 1581773   723415  2095628  1057335  1049712 2061550  2850336
             128      64  182344  871319  2412939   609440 2249929  941090 1827150  1007712  2249754  1113206  1578345 2132336  3052578
             128     128  301873  595485  2788953  2555042 2131042  963078  762218   494164  1937294   564075  1016490 2067590  2559306

           

Category: STORAGE | Los comentarios están deshabilitados en Linux File System Read Write Performance Test
Septiembre 25

Activate ASDM as GUI Interface for Cisco ASA/PIX Firewall

pixfirewall> enable
Password:
pixfirewall# configure terminal
pixfirewall(Config)# interface ethernet1
pixfirewall(Config-if)# nameif inside
pixfirewall(Config-if)# ip address 192.168.1.1 255.255.255.0
pixfirewall(Config-if)# no shutdown
pixfirewall(Config-if)#

Activate ASDM and enable http server.

pixfirewall(Config)# asdm image flash:/asdm.bin.
pixfirewall(Config)# http server enable.

Open a connection for your PC. Example your pc IP address is 192.168.1.2

pixfirewall(Config)# http 192.168.1.2 255.255.255.255 inside

Make sure all your config running properly.

pixfirewall(Config)# show running http
http server enabled
http 192.168.1.2 255.255.255.255 inside
pixfirewall(Config)#

Now your Cisco ASA/PIX can be access from your PC.
Make sure your PC and Firewall has connected and open your web browser then enter this address
https://192.168.1.1/admin

Category: CISCO | Los comentarios están deshabilitados en Activate ASDM as GUI Interface for Cisco ASA/PIX Firewall
Septiembre 25

How To Upgrade Cisco ASA Software And ASDM

Download the software

First things first. In order to upgrade the software, you’re going to actually acquire the software. As long as you have a valid service contract, you should be able to login to cisco.com and download it (unless Cisco’s doing something stupid again). If you don’t have the ability to download it from Cisco, well, you’re on your own.

Check for free space

Depending on your ASA hardware version (and what you already have saved in there), the amount of flash memory you have available will vary. Before proceeding, you’ll want to verify that you have enough space available to hold the ASA software (and ASDM, if you’re going to upgrade that too).

ciscoasa# <strong>show flash: | include free</strong>
127111168 bytes total (93192192 bytes free)

Here, I have a little over 93 MB available which is plenty. If you don’t have enough free space, you’ll need to delete some other crap you’re hoarding there in order to make enough space.

Dump the software on a TFTP server

I’ll be copying the software over from a TFTP server and I’ve already made it available there. If you don’t have a TFTP server available it’s also possible to put it on a web server and use HTTP or HTTPS to transfer it to your ASA.

As last resorts, you can also copy it from a Windows fileshare (using SMB/CIFS) or, $deity forbid, Xmodem.

Do the needful

Alright, now we’re to the good part.

ciscoasa# <strong>show version | include image</strong>
System image file is "disk0:/asa822-k8.bin"
ciscoasa# <strong>show asdm image</strong>
Device Manager image file, disk0:/asdm-635.bin
ciscoasa#

As you can see, this ASA is currently running version 8.2(2) along with ASDM version 6.3.5. Because Cisco recommends that you stay within the same major version (unless you need the features introduced in newer major versions), I’m going to upgrade to 8.2(5). We’ll also upgrade ASDM to version 6.4.5 as well.

For example, here’s the information we need to complete the upgrade process:

  • TFTP server IP address: 198.18.42.125
  • ASA 8.2(5) filename: asa825-k8.bin
  • ASDM 6.4.5 filename: asdm-645.bin

Here we go!

ciscoasa# <strong>copy tftp flash</strong>

Address or name of remote host []? <strong>198.18.42.125</strong>

Source filename []? <strong>asa825-k8.bin</strong>

Destination filename [asa825-k8.bin]? 

Accessing tftp://198.18.42.125/asa825-k8.bin...!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!
Writing file disk0:/asa825-k8.bin...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
15390720 bytes copied in 42.870 secs (366445 bytes/sec)
ciscoasa#

Perfect. Now, let’s copy over the updated version of ASDM as well.

ciscoasa# <strong>copy tftp flash</strong>

Address or name of remote host [198.18.42.125]? 

Source filename [asa825-k8.bin]? <strong>asdm-645.bin</strong>

Destination filename [asdm-645.bin]? 

Accessing tftp://198.18.42.125/asdm-645.bin...!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!
Writing file disk0:/asdm-645.bin...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
16280544 bytes copied in 46.120 secs (353924 bytes/sec)
ciscoasa#

Tell the ASA which software you want to run

If the ASA and ASDM software that you just transferred to your ASA are the only copies in flash then the below steps aren’t completely necessary. Any time you have more than one copy in flash, however, it’s a good idea to explicitly specify which software you want the ASA to actually run.

If you don’t specify, it will use the first version that it finds in flash which may — or may NOT — be the one you want it to.

For good measure, let’s explicitly specify that we want to use the new versions that we just copied onto flash.

ciscoasa# <strong>configure terminal</strong>
ciscoasa(config)# <strong>boot system flash:/asa825-k8.bin</strong>
INFO: Converting flash:/asa825-k8.bin to disk0:/asa825-k8.bin
ciscoasa(config)# <strong>asdm image flash:/asdm-645.bin</strong>
ciscoasa(config)#

Easy enough, right?

Reload

At this point, the only thing that remains to do is to save your changes and reload your ASA so that it will boot into the new version of the software (and make use of the new version of ASDM).

ciscoasa(config)# <strong>end</strong>
ciscoasa# <strong>write memory</strong>
Cryptochecksum: aaaa08ce ccde38f2 19c42e08 dea24cbd 

2713 bytes copied in 1.450 secs (2713 bytes/sec)
[OK]
ciscoasa# <strong>reload</strong>
Proceed with reload? [confirm]

Once the ASA comes back up, verify that it did, in fact, boot from the new software.

ciscoasa# <strong>show version | include image</strong>
System image file is "disk0:/asa825-k8.bin"
ciscoasa# <strong>show asdm image</strong>
Device Manager image file, disk0:/asdm-645.bin

Success!

 

Category: CISCO | Los comentarios están deshabilitados en How To Upgrade Cisco ASA Software And ASDM
Septiembre 16

Howto Convert a ESXv5 to ESXv4 VM

This details the steps needed to convert a machine from ESXv5 to ESXv4

Convert OVA to VMX

  1. On ESXv5 Machine, Export the VMWare ESX5 Machine to OVF (File -> Export -> Export OVF Template)
  2. Download ovftool
  3. Convert ova to vmx (ignoring manifest errors)
ovftool sourefile.ova destfile.vmx (make sure filename [without extension] is different)
  1. Modify the vmx file

Change

virtualhw.version = "8"

to:

virtualhw.version = "7"

Convert back to OVF

(this takes awhile because 9 is max compression)

 

ovftool --compress=9 destfile.vm destfile_converted.ovf

Deploy OVF on your ESXv4 Machine

Import OVF like normal on your ESXv4 machine

Category: VMWARE | Los comentarios están deshabilitados en Howto Convert a ESXv5 to ESXv4 VM