Archive for 2004

« Older Entries
Newer Entries »

Lost Solaris password?

Monday, June 7th, 2004

If you forget your root password follow this procedure to erase the current password and specify a new one.

Let’s start by inserting the Solaris installation CD-ROM and then shutting down the system. Press…

Stop-A

This will bring you the OK prompt. Now type:

boot cdrom -s

and after a few minutes you will automatically be logged in as root in single user mode. It is possible that you get messages from your system claiming that some partitions were not cleanly unmounted. If this is the case check the partition as follows (assuming that your root partition is mounted on /dev/dsk/c0t0d0s0):

fsck -y /dev/dsk/c0t0d0s0

Now mount your root partition…

mount /dev/dsk/c0t0d0s0 /a

and edit /a/etc/shadow. Find root’s entry in this file and remove the second field (encrypted root password) so it looks like…

root::98765::::::

After making your change, save the file and reboot the system.

reboot

You are now able to log into the system without a password for root. So now use the passwd command to set root’s password.

Posted in Solaris | 1 Comment »

Anonymous posts blocked

Monday, May 31st, 2004

If you frequently visit KarKomaOnline, Geeklog based, you probably have noticed a lot of unwanted spam and porn related comments.

As I want to mantain this site clean I am forced to disable anonymous comments for now. If you find this site somehow useful, please take a couple of minutes and fill the form to become a member of KarKomaOnline.

Regards.
Karkoma.

Posted in General | 1 Comment »

Debugging Shell scripts

Monday, May 31st, 2004

You can set your shell script excution verbose mode either by adding line set -vx at the begining of script or sh -x script_name.

#!/bin/sh
set -vx
date

Posted in Tips and Tricks | No Comments »

Target architecture of a binary file

Friday, May 28th, 2004

If you want to know the targeted architecture of an executable file you can use the Gnu C Compiler, gcc.

The dumpfile debugging option prints the compiler’s target machine. Simply type:

gcc -dumpmachine

and you’ll get something like this:

i686-pc-linux-gnu

Posted in Tips and Tricks | No Comments »

Listing PCI devices

Tuesday, May 4th, 2004

To list PCI devices in GNU/Linux simply type:

/sbin/lspci

or for more info type…

/sbin/lspci -v
/sbin/lspci –help

Posted in Tips and Tricks | No Comments »

Gentoo Linux 2004.1 announced

Wednesday, April 28th, 2004

According to Gentoo

The Gentoo Linux Release Engineering team is proud to announce the release of Gentoo Linux 2004.1. Gentoo Linux 2004.1 highlights many bugfixes that enhance the usability and quality of all the release components. Much work has been done to improve the overall quality of the release, such as providing GPG signatures for security and online listings of what files are included in the installation stages, PackageCDs, and LiveCDs for each architecture. Additionally, Catalyst v1.0.7 [7], the Gentoo Linux release meta-tool, has undergone numerous improvements that have solidified its codebase.

For more information read the press release note.

Posted in General, Linux Gentoo | No Comments »

updating ~/.bashrc and /etc/profile files

Monday, April 26th, 2004

If you have made changes to ~/.bashrc or to /etc/profile, they will only be affective if you login again. You can use the following to avoid this:

source ~/.bashrc

or…

source /etc/profile

Posted in Tips and Tricks | No Comments »

Which kernel to load

Monday, April 26th, 2004

I have 3 kernels compiled on my machine and I can select which one to load in memory interactively. When you are in the grub menu select linux..option and then press edit. You will get option like this:

kernel /kernel-2.4.18-14 ro root=/dev/hda5

Now use the TAB key and select among the available kernels you have and press boot.

Posted in Tips and Tricks | No Comments »

Linux kernel vulnerability

Sunday, April 25th, 2004

According to NetSecurity

The ip_setsockopt() function code is a subroutine of the setsockopt(2) system call. This function allows manipulation of various options of the IP socket. The MCAST_MSFILTER option can be used to provide the kernel with a list of multicast addresses to be received on the socket. This code has been introduced with the 2.4.22/2.6.1 kernel releases. Proper exploitation of this vulnerability leads to local privilege escalation giving an attacker full super-user privileges. Unsuccesfull exploitation of the vulnerability may lead to a denial-of-service attack causing machine crash or instant reboot.

This bug has been fixed in the 2.4.26 and 2.6.4 kernel releases.

References:

Posted in Security | No Comments »

Apache as an open proxy?

Sunday, April 25th, 2004

If you have seen entries in your access.log file like this one…

a.b.c.d – - [24/Apr/2004:23:00:00 +0200] “GET http://www.google.com/” 200 46124

This means that a.b.c.d is trying to access www.google.com using your Apache as a proxy. As you can see the response status 200 indicates success and the data returned is 46124 bytes long.

If you don’t want your server to be used as a forward proxy make sure that ProxyRequests directive is set to Off, even better do not load mod_proxy module.

Despite the fact the entry shown in the previous example says that the request succeded, this is not necessarily true. Try the following to test your server:

telnet www.yoursite.com 80
GET http://www.google.com/

Watch the access.log file. If you see the code status 200, compare the bytes returned by Apache (the last field in the log entry) with your homepage size (your index.html). If they match, Apache is serving your homepage instead of forwarding the request to google. If they don’t, probably your Apache is an open forwarding proxy.

References:

Posted in Apache, Security | No Comments »

« Older Entries
Newer Entries »