Thursday, July 23, 2009

VNC & XDMP Configuration in OpenSolaris

My requirement was to be able to connect my VNC client to a system running OpenSolaris 2009.06 and to be able to login as root.

1. Check that the VNC Server is Installed

This should be present as it is part of the 2009.06 binary distribution, but I checked anyway.


# pkg info SUNWxvnc
Name: SUNWxvnc
Summary: X11/VNC server
State: Installed
Authority: opensolaris.org (preferred)
Version: 4.1.3
Build Release: 5.11
Branch: 0.111
Packaging Date: Fri Jun 13 17:49:25 2009
Size: 3.66 MB
FMRI: pkg:/SUNWxvnc@4.1.2,5.11-0.91:20080613T174925Z

2. Add this line to /etc/services

vnc-server 5900/tcp # Xvnc

3. Edit /etc/X11/gdm/custom.conf as below

[xdmcp]
Enable=true
[security]
DisallowTCP=false
AllowRoot=true
AllowRemoteRoot=true

4. Enable the Services

# svcadm enable xvnc-inetd
# svcs xvnc-inetd
STATE STIME FMRI
online 16:22:30 svc:/application/x11/xvnc-inetd:default
# svcadm enable gdm
# svcs gdm
STATE STIME FMRI
online 14:43:13 svc:/application/graphical-login/gdm:default

5. Connect to the Display with a VNC Client


You should now be able to connect to :5900 and you should see the gdm login screen.


If you cannot connect, try stopping & starting the services:

# svcadm disable xvnc-inetd gdm
# svcadm enable xvnc-inetd gdm

6. Making the Session Persist

This may or may not be desirable for you, but if you want the VNC session to persist if you exit the VNC client then do the following:

# svccfg -s xvnc-inetd

svc:/application/x11/xvnc-inetd> editprop

This take you into a vi session. Look for the line...

#setprop inetd/wait = boolean: false

Copy the line, uncomment it and set it to true. Save the file, exit svccfg and run the command...

# svcadm refresh xvnc-inetd

7. To set the VNC password just use the vncpasswd command:

pfexec vncpasswd /etc/X11/.vncpasswd


Then

Stop and restart the service:

svcadm disable xvnc-inetd gdm
svcadm enable xvnc-inetd gdm


Connect again with you VNC client. Now, when you exit/kill the VNC client, the session on the server will persist and you will be able to connect to it again.

Sunday, June 28, 2009

Using ClamAV and It's GUI in Linux SUSE

Clam AntiVirus is a GPL package of anti-virus tools for UNIX systems. The package provides a daemon
for multi-thread flexible and scalable, a command line scanner and a tool for automatic updating via the
Internet, each with many configurable options. The programs are based on a shared library distributed with
the Clam AntiVirus package, which we use in our own programs (libclamav). And what is even more
important, the virus database is kept updated daily.

Features:
Command-line scanner.
Fast multi-daemon thread.
M ilt interface for sendmail and support for many mail servers.
Database updater with support for digital signatures
Library C virus scanning.
Analysis according to Access (Linux ® and FreeBSD ®).
M ultiple daily updates of the database of virus (see main page for the total number of signatures).
Embedded support for RAR (2.0), Zip, Gzip, Bzip2, Tar, M S OLE2, M S Cabinet files, M S CHM
(Compressed HTM L), M S SZDD.
Embedded support for mbox, M aildir and mail files in raw form.
Support for embedded executable files compressed with UPX, FSG, and Petite.
NO Supports disinfection (You must make use of outside programs Clamamav like f-prot).
Database of virus-free and open.
Supports cards NodalCore (maximum performance).
In this article we try installing (A level user, not root) and use of basic form for the detection of viruses on
your computer. We will also show how to use it remotely via a one or more ports.

Reasons to use free antivirus on Linux systems
M any people know or ignore the use of antivirus systems on GNU / linux, with the premise that there is
no virus for this system. We will list some of the main reasons that we may be interested in installing an
antivirus on our GNU / Linux:
Free Antivirus and have a transparent alternative to commercial solutions.
To have a database of virus-free, non-industry participants. A database that anyone can view and
participate in its improvement.
Able to use an antivirus system on GNU / Linux scan for viruses on hard drives with Windows, because
once an infected disk, it is not advisable to switch to clean it as soon as possible from another operating
system (which is on another partition or disk) so avoid infection, dissemination and data loss.
To be able to use as mail server or SAM BA servers (NetBIOS), which provide services to Windows
machines.
Phising for detecting attacks, which is independent of operating system.
It is very useful and use on web servers to the subject matter rootkits
Can find and upload new virus signatures for the common good, but we find it does not affect our operating
system.
It allows friends and contacts alerting messaging service on their systems from potential infections.

What kind of files supports clamav?
* Run normal and obscured by these applications:
UPX
FSG (1.3, 1.31, 1.33, 2.0)
Petite (2.x)
NsPack
wwpack32 (1.20)
M EW
Upack
SUE
Y0da Cryptor (1.3)
* Emails
* Compressed Files:
Zip (+ SFX)
RAR (+ SFX)
Tar
Gzip
Bzip2
M S OLE2
M S Cabinet Files (SFX +)
M S CHM (Compiled HTM L)
M S compression format SZDD
BinHex
SIS (SymbianOS packages)
* Documents:
M S Office files and M acOffice
RTF
PDF
HTM L
* Types of files obfuscated:
JPEG (exploit detection)
RIFF (exploit detection)
uuencode
ScrEnc obfuscation
CryptFF

Installing Clamav-level user (not system).
With this type of installation can be targeted to be used by an unprivileged user, no need to create user and
group specific (- disable-clamav). Everything will be in a directory you choose, in this case our home.
Download: http://www.clamav.org/download/sources
Install (compile):
$ ./conf igure --pref ix=/home/***/clamav --disable-clamav
$ make
# make install
NOTE: If we install the mail scanner for sendmail clamav own use - enable-milt, which will create the
executable "clamav-milt.
Install Manual (man):
# mv /home/busi/clamav /share/man/man8/* /usr/man/man8/
# mv /home/busi/clamav /share/man/man1/* /usr/man/man1/
# mv /home/busi/clamav /share/man/man5/* /usr/man/man5/
NOTE: The directory may vary depending on your distro. This provides manuals: clamd, clamconf,
clamdscan, clamscan, freshclam, sigtool, clamd.conf, freshclam.conf, clamav-milt in the command line ($
man clamd.conf, $ clamscan man, ..)

To access the commands in Clamav PATH:
# ln -s $HOME/clamav /bin/* /usr/bin
# ln -s $HOME/clamav /sbin/* /usr/bin
NOTE: This step is necessary for the proper functioning of the GUI for clamav (ClamTK)


Clamav files and directories:
PLAIN TEXT
clamav
| - Bin
| | - Clamav-config *
| | - Clamconf *
| | - Clamdscan *
| | - * Clamscan
| | - * Freshclam
| `- Sigtool *
| - Etc
| | - Clamd.conf
| `- Freshclam.conf
| - Log
| | - Clamd.log
| `- Freshclam.log
| - Sbin
| `- Clamd *
`- Share
| - Clamav
| - Daily.cvd
| - M ain.cvd
`- M irrors.dat
Executable (bin / sbin and /)
[*]:

clamav-config
Displays information about installation options and directories used in it.
$ clamav -conf ig --cf lags --libs --pref ix
-I/home/busi/clamav /include -g -O2
-L/home/busi/clamav /lib -L/usr/local/lib -lz -lbz2 -lgmp
/home/busi/clamav
clamconf
Displays information about the various options for the configuration files (/ etc): clamd.conf /
freshclam.conf. Very useful to avoid having to get into the files and see our setup.
clamdscan Clamdscan is a simple clamd client daemon can be used as a clamscan replacement. Accepts all
the options implemented in clamscan but shall be considered due to its ability to scan only depend on
clamd and configuration (etc / clamd.conf) to boot. It really is like using clamscan giving all parameters in the command line, only the parameters (options are clamd.conf) are already in memory through clamd daemon.
clamscan is the program to scan, completely ignores the clamd daemon. Its use is like the clamdscan just that instead of using the devil with your configuration, we must pass parameters in command line:

$ clamscan --max-ratio=**** --no-pdf --no-html --block-encry pted

With this command you saying we do not scan dicheros html or pdf. Virus be considered as compressed files and encrypted viruses that are also considered any compressed file over ***. It has many options ($ clamscan - h), but will use in the article by the demon, which makes use of the same options but marked in a configuration file (clamd.conf).
When a virus is found clamscan chains "filename" and "FOUND." To redirect the output to stdout clamscan can use the option "- stdout".

freshclam
This executable is intended to update the virus database (daily.cvd and main.cvd). It connects to a server setup, if possible in our country and update the registration of new viruses known. Can run in daemon mode and like clamd has its own configuration file $ HOME / clamav / etc / freshclam.conf which we'll adapt to our needs. But we can also use the option without a server (daemon), but we have to pass the parameters by hand (as happens with clamscan and clamdscan).

sigtool
This tool is used to make inter alia the virus and be added to the database. Not covered in the article, but show an example of its usefulness, we'll add the signature of a virus and then of course be used to detect

clamav as proof of concept:
* Example usage sigtool:
$ clamscan CPUInf o.exe
CPUInf o.exe: OK
-------------------------------------- SCAN SUMMARY -----------
Known v iruses: 174511
Engine v ersion: 0.91.2
Scanned directories: 0
Scanned f iles: 1
Inf ected f iles: 0
Data scanned: 1.67 MB
Time: 5.348 sec (0 m 5 s)
5348 $ clamscan CPUInf o.exe
CPUInf o.exe: OK
-------------------------------------- SCAN SUMMARY -----------
Known v iruses: 174511
Engine v ersion: 0.91.2
Scanned directories: 0
Scanned f iles: 1
Inf ected f iles: 0
Data scanned: 1.67 MB
Time: 5.348 sec (0 m 5 s)
$ sigtool --md5 CPUInf o.exe > prueba.hdb
$ cat prueba.hdb
ec651f 8d771cf c57cd1834ae43d0784c:325120:CPUInf o.exe
$ clamscan -d prueba.hdb CPUInf o.exe
CPUInf o.exe: CPUInf o.exe FOUND
-------------------------------------- SCAN SUMMARY -----------
Known v iruses: 1
Engine v ersion: 0.91.2
Scanned directories: 0
Scanned f iles: 1
Inf ected f iles: 1
Data scanned: 0.31 MB
Time: 0.007 sec (0 m 0 s)

clamd
This is the daemon and the clamav configuration file clamd.conf active. As we discussed this service makes use clamdscan, which has the same functionality as clamscan (Without the "d"), except that the options are in-memory scanning daemon clamd. As we shall see later clamd can be used on which listens on a specified port and can be controlled remotely.
NOTE: To remove viruses and infected files found by clamav (clamav already commented that not disinfected), must have write permissions in NTFS, which as we know, we can use ntfs-3g.

Extension CVD
CVD (ClamAV Virus Database) is a digitally signed file that contains one or more databases. The header is 512 bytes long chain, separated by two fields:
First Course: ClamAV-VDB: build time: version: number of signatures: functionality
Second Field: level required: M D5 checksum: digital signature: builder name: build time (sec)

To view information on these files must use sigtool.
$ sigtool -i $HOME/clamav /share/clamav /main.cv d
####### Primer campo #######
Build time: 10 Dec 2009 11:50 +0000
Version: 59
Signatures: 169676
Functionality
###### Segundo campo ######
lev el: 21
Builder: sv en
MD5: b35429d8d5d60368eea9630062f 7c75a
Digital signature: dxsusO/HW3/GY wVsE9b+tCk+tPN6Oy jVF/U8JVh4Ni6l6/CEKY Y h
Verif ication OK.

Basic Configuration of clamav ($ HOME / clamav / etc / clamd.conf):
PLAIN TEXT
Commenting on the # next line is already operational clamd.conf.
Example #
# Archive logs clamav
LogFile / home / Business / clamav / log / clamd.log
# Log file size (megabytes).
LogFileM axSize 5M
# Display the time the messages.
LogTime yes
# Clean up the log file when it exceeds its maximum size.
# LogClean yes
Log # Complete.
LogVerbose yes
# Archive. PID that identifies the server clamd.
PidFile $ HOM E / clamav / clamd.pid
# Diretório where clamd socket sets (Delete if not start clamd).
LocalSocket / tmp / clamd.socket
# Remove the socket (LocalSocket) to finish (Recommended).
FixStaleSocket yes
# Port (TCP) socket.
TCPSocket 3310
# Interface to listen on clamd.
TCPAddr 192.168.1.33
# Default time that holds the socket without parameters (120s by default).
ReadTimeout 600
# M aximum depth (Subfolders) scan.
M axDirectoryRecursion 20
# Follow symbolic links
FollowDirectorySymlinks yes
# Run a command to locate a virus.
VirusEvent mutt-s "VIRUS ALERT:% v" "busi@busindre.is-a-guru.com"-a "$ HOM E / clamav / log /
clamd.log" <$ HOM E / clamav / log / clamd.log # Scan Pdf files. ScanPDF yes # Consider encrypted archives as viruses. ArchiveBlockEncrypted yes NOTE: With this configuration clamdscan tell that to find a virus to send us a mail busi@busindre.is- a-guru.com to tell, of course we can put the command that is, play a sound using mplayer or whatever it is It happens. Over time it may remain an option obselota in that case we would see warnings / errors like this: ERROR: Missing argument f or option at line XX WARNING: Ignoring deprecated option XXXXXXX at line XX
Basic configuration of upgrades ($ HOME / clamav / etc / freshclam.conf)

PLAIN TEXT
# Log files
UpdateLogFile / home / Business / clamav / log / freshclam.log
# Server database Virus (In our case we change "XY" with "is")
DatabaseM irror db.es.clamav.net
# Server backup fails if the previous
DatabaseM irror database.clamav.net
# Number of attempts to connect to the mirror
M axAttempts 5
# Number of times a day for an update the virus database (default is 2 hours each = 12)
Checks 7
# So that after each update of the database are the daemon clamd restart.
NotifyClamd / home / Business / clamav / etc / clamd.conf
# Execute a command to upgrade successfully
OnUpdateExecute clamavupdate
# Execute a command when trying to date and fail
OnErrorExecute clamaverror
NOTE: To view the lyrics of our country: http://www.iana.org/root-whois/index.html (In the example
selected Spain "is"). Clamaverror and clamavupdate two scripts are manufactured by us so that we
display a message on the screen when upgrading to a successful (green) or incorrect (red), the virus
database. Of course this is optional.

Creating files clamaverror and clamavupdate
* Content of / usr / bin / clamaverror (You must have execute permissions)
xterm -geometry 60x3+1+1 -bg black -f g red -cc 2 -e "echo 'CLAMAV ERROR actualizando base de v irus :-(' && sleep 5"
* Content of / usr / bin / clamavupdate (You must have execute p ermissions)
xterm -geometry 60x3+1+1 -bg black -f g green -cc 2 -e "echo 'CLAMAV: Base de datos de VIRUS actualizada con exito %v
:-)' && sleep 5"
NOTE: These ads show a black console with a small fund, with the text in red (Error) and green (success) in
the upper left corner of the screen.
Once you have everything configured to automate the process is good to use a script to our directory of
demons / etc / rc.d / or / etc / init.d used depends on the distro, allowing use as a daemon most of the
system. A simple but useful script could read:
Example: / etc / rc.d / rc.clamd or / etc / init.d / clamd
PLAIN TEXT
#! / bin / bash
Color #
RED = '\ e [1; 31m';
NC = '\ e [0m';
CR = '\ e [0; 32m';
# Programs
FOO_BIN = / home / Business / clamav / sbin / clamd
FOO_BIN2 = / home / Business / clamav / bin / freshclam
test-x $ FOO_BIN | | exit 5
case "$ 1" in
start)
echo-e "Starting $ FOO_BIN` V-`[$ (GR) OK $ (NC)]";
$ FOO_BIN
$ FOO_BIN2-d
;;
stop)
echo-e "Stopping FOO_BIN-` $ V `[$ (GR) OK $ (NC)]"
killall $ FOO_BIN
killall $ FOO_BIN2
;;
restart)
$ 0 stop
$ 0 start
;;
*)
echo-e "[$ (RED) Error $ (NC)]"
echo "Syntax: $ 0 (start | stop | restart)"
exit 1
;;
esac
File to download: http://www.busindre.com/wp-content/uploads/2007/07/rc.clamd
* How to use:
/ etc / rc.d / rc.clamd start -> Start the clamd daemon and freeclam
/ etc / rc.d / rc.clamd stop -> For the clamd daemon and freeclam
/ etc / rc.d / rc.clamd restart -> Reboot and clamd daemons freeclam
NOTE: It depends on the permissions that we want to give control to users with respect to clamav.

Clamav of using remotely
One of the potential mode daemon clamav (clamd) is able to interact with using telnet from a remote machine, as discussed in Definitions. In the configuration options TCPAddr clamd.conf TCPSocket and must be correctly placed. Once configured and started clamd we will see what options we show through the socket, to connect to a port, as always use "telnet."

Clamd commands:

SESSION -> Allows you to enter more than one command without closing the connection
PING -> Be PONG, means that this operation
VERSION -> Displays the version of clamav running on the server.
RELOAD -> Reload the database
SCAN -> Scan recursively, but ends up finding a virus scan (include full path).
CONTSCAN -> recursively scanning does not end when you find a virus (include full path).
STREAM -> Requests the server to a new port that can connect.
M ultiScan -> As CONTSCAN but using multiple threads, improving performance on SM P machines.

Example:
$ telnet www.busindre.com 3310
Try ing 192.168.2.33...
Connected to 192.168.2.33.
Escape character is '^]'.
SESSION
PING
PONG
VERSION
ClamAV 0.91.2/5066/Mon Dec 10 00:50:28 2007
RELOAD
RELOADING
SCAN /home/busi/amsn_receiv ed/v irus
/home/busi/amsn_receiv ed/v irus/dtprohlp.dll: Adware.WhenU-3 FOUND
CONTSCAN /home/busi/amsn_receiv ed/v irus
/home/busi/amsn_receiv ed/v irus/dtprohlp.dll: Adware.WhenU-3 FOUND
/home/busi/amsn_receiv ed/v irus/IMG0024.zip: Trojan.Delf -1491 FOUND
/home/busi/amsn_receiv ed/v irus/hotbar.exe: Adware.Hotbar-2 FOUND
/home/busi/amsn_receiv ed/v irus/PRIVATE-IMAGES.COM: Trojan.Delf -1491 FOUND
STREAM
PORT 1653 00:50:28

$ telnet www.busindre.com 3310
Try ing 192.168.2.33...
Connected to 192.168.2.33.
Escape character is '^]'.
SESSION
PING
PONG
VERSION
ClamAV 0.91.2/5066/Mon Dec 10 00:50:28 2007
RELOAD
RELOADING
SCAN /home/busi/amsn_receiv ed/v irus
/home/busi/amsn_receiv ed/v irus/dtprohlp.dll: Adware.WhenU-3 FOUND
CONTSCAN /home/busi/amsn_receiv ed/v irus
/home/busi/amsn_receiv ed/v irus/dtprohlp.dll: Adware.WhenU-3 FOUND
/home/busi/amsn_receiv ed/v irus/IMG0024.zip: Trojan.Delf -1491 FOUND
/home/busi/amsn_receiv ed/v irus/hotbar.exe: Adware.Hotbar-2 FOUND
/home/busi/amsn_receiv ed/v irus/PRIVATE-IMAGES.COM: Trojan.Delf -1491 FOUND
STREAM
PORT 1653
NOTE: It would open the port on the router and TCP / IP and IP mapearlo our power to make use of our anti-virus from any remote location.
If we encontrarmos with such an error when scanning, no worry, solution is easy:

Error:
$ clamscan -i *
LibClamAV Error: cli_untgz: Cannot close f ile /home/****/tmp/clamav -f 34bf 34c87 ad368e26f 5999d30b725d0/main.db
LibClamAV Error: cli_cv dload(): Can't unpack CVD f ile.
LibClamAV Error: Can't load /home/****/clamav /share/clamav /main.cv d: CVD extraction f ailure

ERROR: CVD extraction f ailure Can not
$ clamscan -i *
LibClamAV Error: cli_untgz: Cannot close f ile /home/****/tmp/clamav -f 34bf 34c87 ad368e26f 5999d30b725d0/main.db
LibClamAV Error: cli_cv dload(): Can't unpack CVD f ile.
LibClamAV Error: Can't load /home/****/clamav /share/clamav /main.cv d: CVD extraction f ailure

ERROR: CVD extraction f ailure Can not
$ clamscan -i *
LibClamAV Error: cli_untgz: Cannot close f ile /home/****/tmp/clamav -f 34bf 34c87 ad368e26f 5999d30b725d0/main.db
LibClamAV Error: cli_cv dload(): Can't unpack CVD f ile.
LibClamAV Error: Can't load /home/****/clamav /share/clamav /main.cv d: CVD extraction f ailure

ERROR: CVD extraction f ailure Can not
$ clamscan -i *
LibClamAV Error: cli_untgz: Cannot close f ile /home/****/tmp/clamav -f 34bf 34c87 ad368e26f 5999d30b725d0/main.db
LibClamAV Error: cli_cv dload(): Can't unpack CVD f ile.
LibClamAV Error: Can't load /home/****/clamav /share/clamav /main.cv d: CVD extraction f ailure

ERROR: CVD extraction f ailure
S olution (for the route in this example):
$ rm -r $HOME/tmp/*
NOTE: We only have to delete the temporary, which are configured are configured, we need to look at the line 'LibClamAV Error: cli_untgz: Can not close file "to identify the route of the temporary and can delete them.


Installing ClamTK (clamav GUI)
Download Gui the Clamav (ClamTK): http://sourceforge.net/project/platformdownload.php?group_id=131278
ClamTk is a graphic front-end for ClamAV using gtk2-perl, can also be used klamav if we are lovers of KDE, but will not be discussed here in the article. It has a simple interface and the end of the article left a manual in pdf if someone is resisting. Let's see how to use and solve some problems with ClamTk. Link of interest: Videotutorial use Klamav

Using ClamTK (no compilation required)
$ tar -zxv f clamtk-3.04.tar.gz
$ perl clamtk
ClamTk GNU / Linux
NOTE: The log directory used by your choice ClamTK and keeping virus ClamTK (Not used in
clamav.conf), are by default in $ HOM E / .clamatk. Now let's see what we can find some errors when
running clamtk first.
Error 1:
$ perl clamtk
Can't locate File/Find/Rule.pm in @INC (@INC contains: /usr/lib/perl5/5.8.7/i486-linux /usr/lib/perl5/5.8.7 /usr/lib/perl5
/site_perl/5.8.7/i486-linux /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl .) at clamtk line 11.
BEGIN f ailed--compilation aborted at clamtk line 11. Can not
$ perl clamtk
Can't locate File/Find/Rule.pm in @INC (@INC contains: /usr/lib/perl5/5.8.7/i486-linux /usr/lib/perl5/5.8.7 /usr/lib/perl5
/site_perl/5.8.7/i486-linux /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl .) at clamtk line 11.
BEGIN f ailed--compilation aborted at clamtk line 11.
S olution:
$ wget http://search.cpan.org/CPAN/authors/id/R/RC/RCLAMP/File-Find-Rule-0.30.tar.gz
$ tar -zxv f File-Find-Rule-0.30.tar.gz
$ cd File-Find-Rule-0.30
$ perl Makef ile.PL
$ make
# make install
Error 2:
Can't locate Text/Glob.pm in @INC (@INC contains: /usr/lib/perl5/5.8.7/i486-linux /usr/lib/perl5/5.8.7 /usr/lib/perl5/site_perl
/5.8.7/i486-linux /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl .) at /usr/lib/perl5/site_perl/5.8.7/File/Find/Rule.pm line 7.
BEGIN f ailed--compilation aborted at /usr/lib/perl5/site_perl/5.8.7/File/Find/Rule.pm line 7.
Compilation f ailed in require at clamtk line 11.
BEGIN f ailed--compilation aborted at clamtk line 11. Can not Can't locate Text/Glob.pm in @INC (@INC contains: /usr/lib
/perl5/5.8.7/i486-linux /usr/lib/perl5/5.8.7 /usr/lib/perl5/site_perl/5.8.7/i486-linux /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5
/site_perl .) at /usr/lib/perl5/site_perl/5.8.7/File/Find/Rule.pm line 7.
BEGIN f ailed--compilation aborted at /usr/lib/perl5/site_perl/5.8.7/File/Find/Rule.pm line 7.
Compilation f ailed in require at clamtk line 11.
BEGIN f ailed--compilation aborted at clamtk line 11.
S olution:
$ wget http://search.cpan.org/CPAN/authors/id/R/RC/RCLAMP/Text-Glob-0.08.tar.gz
$ tar -zxv f Text-Glob-0.08.tar.gz
$ cd Text-Glob-0.08
$ perl Makef ile.PL
$ make
# make install
Error 3:
Can't locate Number/Compare.pm in @INC (@INC contains: /usr/lib/perl5/5.8.7/i486-linux /usr/lib/perl5/5.8.7 /usr/lib/perl5
/site_perl/5.8.7/i486-linux /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl .) at /usr/lib/perl5/site_perl/5.8.7/File/Find
/Rule.pm line 8.
BEGIN f ailed--compilation aborted at /usr/lib/perl5/site_perl/5.8.7/File/Find/Rule.pm line 8.
Compilation f ailed in require at ./clamtk line 11.
BEGIN f ailed--compilation aborted at ./clamtk line 11. Can not
Can't locate Number/Compare.pm in @INC (@INC contains: /usr/lib/perl5/5.8.7/i486-linux /usr/lib/perl5/5.8.7 /usr/lib/perl5
/site_perl/5.8.7/i486-linux /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl .) at /usr/lib/perl5/site_perl/5.8.7/File/Find
/Rule.pm line 8.
BEGIN f ailed--compilation aborted at /usr/lib/perl5/site_perl/5.8.7/File/Find/Rule.pm line 8.
Compilation f ailed in require at ./clamtk line 11.
BEGIN f ailed--compilation aborted at ./clamtk line 11.
S olution:
$ wget http://search.cpan.org/CPAN/authors/id/R/RC/RCLAMP/Number-Compare-0.01.tar.gz
$ tar -zxv f Number-Compare-0.01.tar.gz
$ cd Number-Compare-0.01
$ perl Makef ile.PL
$ make
# make install
Error 4:
Can't locate Date/Calc.pm in @INC (@INC contains: /usr/lib/perl5/5.8.7/i486-linux /usr/lib/perl5/5.8.7 /usr/lib/perl5/site_perl
/5.8.7/i486-linux /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl .) at clamtk line 13.
BEGIN f ailed--compilation aborted at clamtk line 13. Can not
Can't locate Date/Calc.pm in @INC (@INC contains: /usr/lib/perl5/5.8.7/i486-linux /usr/lib/perl5/5.8.7 /usr/lib/perl5/site_perl
/5.8.7/i486-linux /usr/lib/perl5/site_perl/5.8.7 /usr/lib/perl5/site_perl .) at clamtk line 13.
BEGIN f ailed--compilation aborted at clamtk line 13.
S olution:
$ wget http://search.cpan.org/CPAN/authors/id/S/ST/STBEY /Date-Calc-5.4.tar.gz
$ tar -zxv f Date-Calc-5.4.tar.gz
$ cd Date-Calc-5.4
$ perl Makef ile.PL
$ make
# make install
Error 5:
Can't locate Conf ig/Tiny .pm in @INC (@INC contains: /usr/lib/perl5/5.8.8/i386-linux /usr/lib/perl5/5.8.8 /usr/lib/perl5
/site_perl/5.8.8/i386-linux /usr/lib/perl5/site_perl/5.8.8 /usr/lib/perl5/site_perl /usr/lib/perl5/v endor_perl/5.8.8/i386-linux /usr/lib
/perl5/v endor_perl/5.8.8 /usr/lib/perl5/v endor_perl/5.8.7 /usr/lib/perl5/v endor_perl/5.8.7/i386-linux /usr/lib/perl5/v endor_perl
/5.8.6 /usr/lib/perl5/v endor_perl .) at ./clamtk line 16.
BEGIN f ailed--compilation aborted at ./clamtk line 16. Can not Can't locate Conf ig/Tiny .pm in @INC (@INC contains:
/usr/lib/perl5/5.8.8/i386-linux /usr/lib/perl5/5.8.8 /usr/lib/perl5/site_perl/5.8.8/i386-linux /usr/lib/perl5/site_perl/5.8.8 /usr/lib
/perl5/site_perl /usr/lib/perl5/v endor_perl/5.8.8/i386-linux /usr/lib/perl5/v endor_perl/5.8.8 /usr/lib/perl5/v endor_perl/5.8.7
/usr/lib/perl5/v endor_perl/5.8.7/i386-linux /usr/lib/perl5/v endor_perl/5.8.6 /usr/lib/perl5/v endor_perl .) at ./clamtk line 16.
BEGIN f ailed--compilation aborted at ./clamtk line 16.
S olution:
$ wget http://search.cpan.org/CPAN/authors/id/A/AD/ADAMK/Conf ig-Tiny -2.12.tar.gz
$ tar -zxv f Date-Calc-5.4.tar.gz
$ cd Date-Calc-5.4
$ perl Makef ile.PL
$ make
# make install
Error 6:
Some distributions do not automatically edit
f reshclam.conf and clamd.conf under /etc.
Please edit those bef ore attempting signature updates
S olution:
This occurs when clamtk search configuration files in / etc, we can make symbolic links if we have installed
on another route configuration files clamav:
# ln -s /home/***/clamav /etc/f reshclam.conf /etc
# ln -s /home/***/clamav /etc/clamd.conf /etc
How to report a new virus or Clamav false positive?
Typically found in certain environments with a virus that has not yet been identified by the antivirus program used. As a Project Free Clamav encourages its users to improve it and if by chance we find something that we should detect clamav send for consideration as soon as possible and added to the database. The virus database is very large and is on par with those used by large companies antivirus systems. Is updated with the help of the user community, which is very large and growing every day. If we find a new virus that has not been detected by ClamAV must fill out a form to send the team Clamav and is added to the database after being tested by the team of "signatures." Given the high number of shipments, is requested from the project would not send more than two files per day. If we intend to send a large amount of new virus should contact the team via email clamav. In closing let some links that may be of interest.


Manual how to report errors Clamav: http://www.clamav.org/bugs/lang-pref/es/
Manual of Clamtk: http://www.busindre.com/wp-content/uploads/2007/07/ClamTK_Howto.pdf
Using Postfix with clamav: http:/memberwebs.com/nielsen/software/clamsmtp/
Clamav Manual (English): http://www.clamav.org/doc/latest/html/node23.html

Thursday, March 26, 2009

FTP Configuration for Linux

Today I tried the FTP server in my SUSE server. It is a great experience to use my configured FTP by command line and FTP clients as well. There are many FTP server available for linux, some important are--
  1. ProFTPd This server, http://proftpd.org, is one of the more popular of the very complex FTP servers. It ships with most major Linux distributions. Its configuration file is modeled after that of Apache, and the server supports many advanced features.
  2. vsftpd This server aims to excel at security, stability, and speed. In doing so, its developers have chosen to ignore some of the more advanced features of servers such as ProFTPd and WU-FTPD. If you don’t need those features, this tradeoff may be more than acceptable. You can learn more from its website, http://vsftpd.beasts.org.
  3. WU-FTPD The Washington University FTP Daemon (WU-FTPD) is an old standard in the Linux world. Unfortunately, it’s collected more than its fair share of security problems and isn’t the speediest FTP server available. For these reasons, it ships with fewer Linux distributions today than in years past. Its main website is http://www.wu-ftpd.org.
  4. PureFTPd This server, headquartered at http://www.pureftpd.org, is another FTP server that emphasizes security. SuSE ships with a version of this server.
  5. oftpd This server is unusual because it’s designed to function only as an anonymous FTP server; it doesn’t support logins using ordinary user accounts. This feature can be appealing if you only want to run an anonymous server, but it makes this server unsuitable for many other purposes. It’s available from http://www.time-travellers.org/oftpd/.
I picked up the vsftpd for speed, security and to avail the facility of virtual users.

First of all, I installed the vsftpd daemon using yast. one can install it by installing the respective packages in their servers.

Second install PAM 1.0 if not available there. In my case it is already installed.

Third install DB43 or compat-DB for converting password text file to DB file(hash).

Now come the configuration....

1:- The PAM is already install in the SUSE machine. It is basically used for authorization and authentication purpose. Go /etc/pam.d and edit vsftpd to look like this--

#%PAM-1.0

# Uncomment this to achieve what used to be ftpd -A.
# auth required pam_listfile.so item=user sense=allow file=/etc/ftpchroot onerr=fail
session optional pam_keyinit.so force revoke
auth required /lib/security/pam_userdb.so db=/etc/vftpusers
account required /lib/security/pam_userdb.so db=/etc/vftpusers

#Uncomment the following line for anonymous ftp.
#auth sufficient pam_ftp.so
#auth required pam_shells.so
#auth include common-auth
#account include common-account
#password include common-password
#session required pam_loginuid.so
#session include common-session

2:- Now create a file vftpusers.txt in /etc directory contating the user name and password like--

testing
12345
username2
password2
username3
password3
....
....

save it.

3:- Now convert the text file to the db file using command

db_load -T -t hash -f /etc/vftpusers.txt /etc/vftpusers.db

In case of users using DB42 module, use command

db42_load -T -t hash -f /etc/vftpusers.txt /etc/vftpusers.db

and set mod to 644.


4:- Now create a directory in the '/home' with name virtualftp

5:- Create a user virtualftp by using the command

useradd -d /home/virtualftp/ virtualftp

6:- Make the owner of virtualftp folder to virtualftp using command

chown -R /home/virtualftp virtualftp

7:- Change the mode of folder to 755 using

chmod 755 /home/virtualftp

8:-Now login as virtualftp user and create the folder "testing" in /home/virtualftp/. This is for virtual user 'testing' home ( storage area).

After this lets configure the vsftpd.conf file which handles the configuration of vsftp inside /etc/.

9:- The vsftpd.conf file should look like this--

write_enable=YES
dirmessage_enable=YES
ftpd_banner="Welcome to MY FTP service."
local_enable=YES
local_umask=022
chroot_local_user=YES
anonymous_enable=YES
anon_upload_enable=YES
anon_umask=022
anon_mkdir_write_enable=YES
anon_other_write_enable=YES
xferlog_enable=YES
xferlog_std_format=YES
xferlog_file=/var/log/vsftpd.log
connect_from_port_20=YES
pam_service_name=vsftpd
listen=YES
pasv_min_port=30000
pasv_max_port=31000
idle_session_timeout=900
max_clients=20
max_per_ip=3
user_sub_token=$USER
local_root=/home/virtualftp/$USER
guest_enable=YES
guest_username=virtualftp
userlist_enable=YES


After configuration you can see the file without commnets by using--

sed '/^ *#/d;s/#.*//' /etc/vsftpd.conf

10:- Now restart the service by using command

service vsftpd restart

11:- Test the FTP

abhimanyu@GLC001:~/Desktop> ftp 192.168.100.167
Connected to 192.168.100.167.
220 "Welcome to MY FTP service."
Name (192.168.100.167:abhimanyu): testing
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
229 Entering Extended Passive Mode (|||30333|)
150 Here comes the directory listing.
-rw-r--r-- 1 1001 100 8368115 Mar 26 16:38 mail
226 Directory send OK.
ftp>


Note :- You should keep your firewall in shut state to test this setting.

After configuration, you can allow port 21, 20 and higher port for passive mode 30000 - 31000 in firewall or directly editing the iptables file.

To create user by script, I used below script with user 'root'

#!/bin/bash
# Name: Createuser.sh
# Description: Add users to /etc/vftpusers.txt and recreate the database
# Author: Abhimanyu
# Special: abhimanyu.ald@gmail.com
# Version: 1.0
# Arguments: $1=Username $2=Password
if [ $# -ne 2 ]
then
echo “Username and Password needed as argument !”
else
echo $1 >> /etc/vsftpusers.txt
echo $2 >> /etc/vsftpusers.txt
db_load -T -t hash -f /etc/vsftpusers.txt /etc/vsftpusers.db
mkdir /home/virtualftp/$1
chown /home/virtualftp/$1 virtualftp
fi


Test it and post your experience...

Have fun..............

Wednesday, March 18, 2009

कंप्यूटर में हिन्दी में लिखना सीखे

aaj maine kampyootar me, hindii me likhanaa siikhaa aaeeye kuchh baate kampyootar me, hindii likhane ke baare me

The most important thing in computer is WEB and Internet. So I decided to start using hindi with web browser.

I downloaded the Mozilla Firefox browser and install the Indic input extension add-on in it for typing in hindi. It is very easy to type hindi with this add-on.

There are three types of input methods--
1. RTS (Rice Transliteration Scheme)--- Intuitive to learn and like writing the SMS in mobile.
2. WX--- this is based on the WX notation. Find WX notation from google.
3. Inscript--- it is the basic and approved keyboard layout form indian authorities. To get keyboard layout click this.

I also tested the lipikaar but it is same as above extension and tested by Mozilla. but typing in the google's transliterate is much easy because of machine learning and hindi dictionary.

There are note pads available to type in hindi like Hindipad,etc.