Category Archives: Linux

virtualbox shared folder – another way mounting shared folder using samba

Published by:

my host is slackware.
the virtual machine is windows xp.
I am going to add the folder in my slackware into the windows using samba in the slackware.

first setting the samba in the slackware. I think I have another post about samba in this blog. Then in the virtualbox, set the network setting into two nic. The first nic as bridge adapter and the other as nat.

Later in the virtual machine, we will see the lan address of the bridge. Then set it manually to the same network address as host. If the host is 192.168.1.1 then the bridge is 192.168.1.2

Next, through the network browser file manager in windows, browse to 192.168.1.1, we will see the samba share right over there.

github – free repository – free safety box for your code

Published by:

Saya sudah mengenal github cukup lama, tapi karena awalnya bukan programer, jadi tidak terlalu tertarik menggunakannya. Nah sekarang saya nyemplung jadi programer, web programmer tepatnya. Jadi rasa-rasanya jiwa ini sudah tergelitik untuk menyimpan code-code hasil karya saya dan share ke orang yang membutuhkan. Github bisa menjadi salah satu sarananya.

Pertama, buat akun di github. jreng-jreng. Beres.
Di dashboard github buatlah New Repository. Berikan ‘nama” apa saja sesuai projek kita.Maka github akan memprint di layar komputer kita tentang bagaimana kita mengupload file-file code kita.

Nah disini pembelajaran di mulai. Saya menggunakan linux ubuntu untuk pekerjaan saya sehari-hari. Otomatis code saya ditulis di notebook ini. Dan kebetulan proyek pertama saya adalah proyek web programming, menggunakan engine xampp. File-filenya berada di /opt/lampp/htdocs/

Jadi saya akan meng-clone proyek saya disana ke github langsung. Kurang wise sih. Tapi menghemat space harddisk saya kalau saya buat direktori baru. Oke untuk caranya, setelah googling, saya menggunakan terminal/console.

cd /opt/lampp/htdocs/proyek
git init
git add *git commit -m “pesan atau keterangan tentang versi proyek saya”
git remote add origin https://github.com/sugi76/nama
git push -u origin master

Sewaktu proses push, maka akan tampil pertanyaan tentang username github dan passwordnya. Isikan saja. Jika berhasil, di github dashboard sudah terpampang list file dan directory proyek kita.

Nah pembelajaran satu lagi, setting git di /opt/lampp/htdocs/proyek sebaiknya jangan dihapus. Ini bermanfaat jika kita akan update file/ proyek kita ini. Saya nyesel juga karena saya menghapusnya. Jadi error.

Saya ulang lagi dari awal, tapi ketika hendak push, tetep error. Jadi harus menggunakan parameter force (-f)

git push -f origin master

Nah sekian.

CPU Frequency Scaling Monitor cool down my Slackware notebook

Published by:

For years I wonder why my cpu is hotter when using linux. Cooler when using windows.
Tonight, accidentally I learn about cpu frequency. The hot comes from the hard work of the cpu. So if the system can lower it, it will cooler.

Check on which frequency the cpu is  working by command : cpufreq-info

If the result show to the max number then we need to lower it down.

Here is how

Add these line in /etc/rc.d/rc.local

cpufreq-set --cpu 0 --governor conservative
cpufreq-set --cpu 1 --governor conservative

then restart. Or do these command

echo "conservative" > /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor
echo "conservative" > /sys/devices/system/cpu/cpu1/cpufreq/scaling_governor

Next the computer reboot, check the cpufreq-info again. It will show the freq number to the lowest one.

And you know what, my notebook is no longer hot like before. The movie played by vlc also run smooth.

My cpufreq-info

cpufrequtils 008: cpufreq-info (C) Dominik Brodowski 2004-2009
Report errors and bugs to cpufreq@vger.kernel.org, please.
analyzing CPU 0:
driver: acpi-cpufreq
CPUs which run at the same hardware frequency: 0 1
CPUs which need to have their frequency coordinated by software: 0
maximum transition latency: 10.0 us.
hardware limits: 1000 MHz – 2.17 GHz
available frequency steps: 2.17 GHz, 1.67 GHz, 1.33 GHz, 1000 MHz
available cpufreq governors: conservative, ondemand, userspace
current policy: frequency should be within 1000 MHz and 2.17 GHz.
The governor “conservative” may decide which speed to use
within this range.
current CPU frequency is 1000 MHz.
analyzing CPU 1:
driver: acpi-cpufreq
CPUs which run at the same hardware frequency: 0 1
CPUs which need to have their frequency coordinated by software: 1
maximum transition latency: 10.0 us.
hardware limits: 1000 MHz – 2.17 GHz
available frequency steps: 2.17 GHz, 1.67 GHz, 1.33 GHz, 1000 MHz
available cpufreq governors: conservative, ondemand, userspace
current policy: frequency should be within 1000 MHz and 2.17 GHz.
The governor “conservative” may decide which speed to use
within this range.
current CPU frequency is 1000 MHz.

listing the directory only

Published by:

I am happy because I knew Linux I uncovered all the possible command in the terminal mode. Small program but it can be deadly.
I am not going to discuss about how deadly it is but just want to share how to list directory in terminal mode.

To list a file we simply using :
#ls -l
#ls -la
#ls -lha

Everything will be displayed on the screen. But if we want to display the directory instead of files, this is how
#ls -ld */
#tree -dL 1

The command tree without any option will display all the directory structure available in the current position to below.

Happy linuxing.

 

Menghindari scanning nmap di Mikrotik

Published by:

Nmap adalah tools umum yang digunakan oleh administrator server untuk menscanning port yang terbuka di sebuah komputer atau server. Dengan demikian seorang administrator akan mengetahui port apa saja yang digunakan, yang bersifat umum maupun bersifat berbahaya.
Nmap sendiri bekerja dengan “menggunakan paket IP raw dalam cara yang canggih untuk menentukan host mana saja yang tersedia pada jaringan, layanan (nama aplikasi dan versi) apa yang diberikan, sistem operasi (dan versinya) apa yang digunakan, apa jenis firewall/filter paket yang digunakan, dan sejumlah karakteristik lainnya.”
Kadangkala server menjadi rentan terhadap serangan jika nmap berhasil mengenali informasi-informasi server tersebut. Untuk itu seorang administrator akan mencoba memblokir scanning dengan nmap ini.
Salah satu caranya yaitu dengan mengatur firewall dari si server. Saya belajar dari sebuah site tentang mikrotik, firewall apa yang harus digunakan pada server untuk mencegah scanning nmap.
Berikut adalah perintahnya

ip firewall filter

add chain=input protocol=tcp psd=21,3s,3,1 action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”Port scanners to list ” disabled=no

add chain=input protocol=tcp tcp-flags=fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”NMAP FIN Stealth scan”

add chain=input protocol=tcp tcp-flags=fin,syn action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”SYN/FIN scan”

add chain=input protocol=tcp tcp-flags=syn,rst action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”SYN/RST scan”

add chain=input protocol=tcp tcp-flags=fin,psh,urg,!syn,!rst,!ack action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”FIN/PSH/URG scan”

add chain=input protocol=tcp tcp-flags=fin,syn,rst,psh,ack,urg action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”ALL/ALL scan”

add chain=input protocol=tcp tcp-flags=!fin,!syn,!rst,!psh,!ack,!urg action=add-src-to-address-list address-list=”port scanners” address-list-timeout=2w comment=”NMAP NULL scan”

add chain=input src-address-list=”port scanners” action=drop comment=”dropping port scanners” disabled=no

Dengan bahasa firewall iptables yang sama, maka dapat diterapkan pula pada server berbasis non mikrotik. Lengkapnya akan saya pelajari dulu.

Nah ini dia perintah iptablesnya

#!/bin/sh
#
# copyright (c) the KMyFirewall developers 2002-2005
# PLease reprt bugs to: Christian Hubinger
#
# This program is distributed under the terms of the GPL v2
#
# KMyFirewall v1.0.1
# This is an automatic generated file DO NOT EDIT
#

startFirewall() {

echo -n “Starting iptables (created by KMyFirewall)… ”
if [ “$verbose” = “1” ]; then
echo -n ”
Loading needed modules… ”
fi

$MOD ip_tables
$MOD ip_conntrack
$MOD ipt_LOG
$MOD ipt_limit
$MOD ipt_state
$MOD ip_conntrack_ftp
$MOD ip_conntrack_irc

$MOD iptable_filter
$MOD iptable_nat
$MOD iptable_mangle
if [ “$verbose” = “1” ]; then
echo “Done.”
fi

# Define all custom chains
if [ “$verbose” = “1” ]; then
echo -n “Create custom chains… ”
fi

if [ “$verbose” = “1” ]; then
echo ” Done.”
fi

# Rules:
if [ “$verbose” = “1” ]; then
echo “Settup Rules in Table FILTER:”
fi

# Define Rules for Chain: INPUT
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: INPUT”
fi

$IPT -t filter -A INPUT –match limit –limit 5/second –limit-burst 5 -p icmp –icmp-type echo-request -j ACCEPT || { status=”1″; echo ” Setting up Rule: ICMP FAILED! “; exit 1; }

$IPT -t filter -A INPUT –match limit –limit 1/second -p tcp –destination-port 22 -j LOG –log-prefix “Rule SSH_tcp: ”
$IPT -t filter -A INPUT –match limit –limit 1/second -p tcp –destination-port 22 -j ACCEPT || { status=”1″; echo ” Setting up Rule: SSH_tcp FAILED! “; exit 1; }

$IPT -t filter -A INPUT –match multiport –destination-ports 137,138,139 -j ACCEPT || { status=”1″; echo ” Setting up Rule: SMB_tcp FAILED! “; exit 1; }

$IPT -t filter -A INPUT –match state –state RELATED,ESTABLISHED -j ACCEPT || { status=”1″; echo ” Setting up Rule: CONNTRACK FAILED! “; exit 1; }

$IPT -t filter -A INPUT -j LOG –log-prefix “KMF: ” || { status=”1″; echo ” Setting up Rule: Chain: INPUT Drop Logging FAILED! “; exit 1; }

$IPT -t filter -P INPUT DROP || { status=”1″; echo ” Setting up Rule: Chain: INPUT Default Target FAILED! “; exit 1; }

# Define Rules for Chain: OUTPUT
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: OUTPUT”
fi

$IPT -t filter -P OUTPUT ACCEPT || { status=”1″; echo ” Setting up Rule: Chain: OUTPUT Default Target FAILED! “; exit 1; }

# Define Rules for Chain: FORWARD
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: FORWARD”
fi

$IPT -t filter -P FORWARD ACCEPT || { status=”1″; echo ” Setting up Rule: Chain: FORWARD Default Target FAILED! “; exit 1; }

if [ “$verbose” = “1” ]; then
echo “Settup Rules in Table NAT:”
fi

# Define Rules for Chain: OUTPUT
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: OUTPUT”
fi

$IPT -t nat -P OUTPUT ACCEPT || { status=”1″; echo ” Setting up Rule: Chain: OUTPUT Default Target FAILED! “; exit 1; }

# Define Rules for Chain: PREROUTING
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: PREROUTING”
fi

$IPT -t nat -P PREROUTING ACCEPT || { status=”1″; echo ” Setting up Rule: Chain: PREROUTING Default Target FAILED! “; exit 1; }

# Define Rules for Chain: POSTROUTING
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: POSTROUTING”
fi

$IPT -t nat -P POSTROUTING ACCEPT || { status=”1″; echo ” Setting up Rule: Chain: POSTROUTING Default Target FAILED! “; exit 1; }

if [ “$verbose” = “1” ]; then
echo “Settup Rules in Table MANGLE:”
fi

# Define Rules for Chain: INPUT
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: INPUT”
fi

$IPT -t mangle -P INPUT ACCEPT || { status=”1″; echo ” Setting up Rule: Chain: INPUT Default Target FAILED! “; exit 1; }

# Define Rules for Chain: OUTPUT
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: OUTPUT”
fi

$IPT -t mangle -P OUTPUT ACCEPT || { status=”1″; echo ” Setting up Rule: Chain: OUTPUT Default Target FAILED! “; exit 1; }

# Define Rules for Chain: FORWARD
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: FORWARD”
fi

$IPT -t mangle -P FORWARD ACCEPT || { status=”1″; echo ” Setting up Rule: Chain: FORWARD Default Target FAILED! “; exit 1; }

# Define Rules for Chain: PREROUTING
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: PREROUTING”
fi

$IPT -t mangle -P PREROUTING ACCEPT || { status=”1″; echo ” Setting up Rule: Chain: PREROUTING Default Target FAILED! “; exit 1; }

# Define Rules for Chain: POSTROUTING
if [ “$verbose” = “1” ]; then
echo “Create Rules for Chain: POSTROUTING”
fi

$IPT -t mangle -P POSTROUTING ACCEPT || { status=”1″; echo ” Setting up Rule: Chain: POSTROUTING Default Target FAILED! “; exit 1; }

if [ “$verbose” = “1” ]; then
echo -n “Enable IP Forwarding. ”
fi

echo 1 > /proc/sys/net/ipv4/ip_forward
if [ “$verbose” = “1” ]; then
echo “Done.”
fi

if [ “$verbose” = “1” ]; then
echo -n “Disable Reverse Path Filtering ”
fi

for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
echo 0 > $i
done
if [ “$verbose” = “1” ]; then
echo “Done.”
fi

if [ “$verbose” = “1” ]; then
echo -n “Disable log_martians (logging). ”
fi

for i in /proc/sys/net/ipv4/conf/*/log_martians ; do
echo 0 > $i
done
if [ “$verbose” = “1” ]; then
echo “Done.”
fi

if [ “$verbose” = “1” ]; then
echo -n “Enable Syn Cookies. ”
fi

echo 1 > /proc/sys/net/ipv4/tcp_syncookies
if [ “$verbose” = “1” ]; then
echo “Done.”
fi

echo Done.
}

stopFirewall() {
echo -n “Clearing iptables (created by KMyFirewall)… ”

$IPT -t filter -F || status=”1″
$IPT -t filter -X || status=”1″
$IPT -t filter -P INPUT ACCEPT || status=”1″
$IPT -t filter -P OUTPUT ACCEPT || status=”1″
$IPT -t filter -P FORWARD ACCEPT || status=”1″

$IPT -t nat -F || status=”1″
$IPT -t nat -X || status=”1″
$IPT -t nat -P OUTPUT ACCEPT || status=”1″
$IPT -t nat -P PREROUTING ACCEPT || status=”1″
$IPT -t nat -P POSTROUTING ACCEPT || status=”1″

$IPT -t mangle -F || status=”1″
$IPT -t mangle -X || status=”1″
$IPT -t mangle -P INPUT ACCEPT || status=”1″
$IPT -t mangle -P OUTPUT ACCEPT || status=”1″
$IPT -t mangle -P OUTPUT ACCEPT || status=”1″
$IPT -t mangle -P PREROUTING ACCEPT || status=”1″
$IPT -t mangle -P POSTROUTING ACCEPT || status=”1″

echo “Done.”

}

IPT=”/usr/sbin/iptables”
MOD=”/usr/sbin/modprobe”
status=”0″
verbose=”0″
action=”$1″
if [ “$1” = “-v” ]; then
verbose=”1″
fi

if [ “$1” = “–verbose” ]; then
verbose=”1″
fi

if [ “$verbose” = “1” ]; then
if [ “$2” = “” ]; then
echo “Usage: sh kmyfirewall.sh [-v|–verbose] { start | stop | restart }”
exit 1
fi
action=”$2″
fi

case $action in
start)
stopFirewall
startFirewall
;;
stop)
stopFirewall
;;
restart)
stopFirewall
startFirewall
;;
*)
echo “Invalid action!
Usage: sh kmyfirewall.sh [-v|–verbose] { start | stop | restart }”
;;
esac

if [ “$status” = “1” ]; then
exit 1
else
exit 0
fi

backup data with rsync and ssh

Published by:

I have computer1 as a data source and computer2 as a backup machine, computer1 and computer2 is also an example username on both machine. I want to create a backup function using rsycn and ssh without using password so it can run in cronjob automatically on the date I command to.

First let’s work in the computer1.
Create a public ssh key
#ssh-keygen -t rsa
Press enter if it asking for the place to put id-rsa
And Press enter twice to pass the passphrase. It means it will no ask for password.

Add the /home/computer1/.ssh/id-rsa.pub to computer2 .ssh/authorized-keys
Simply do this
#ssh-copy-id computer2@xxx.xxx.xxx.xxx
enter the password of the computer2

Let’s check computer2. It should be a file called authorized-keys on .ssh folder.
Back to computer1, now time for backup.
#rsync -avzp –exclude-from=myexclude -e ssh /mnt/mydir/file* computer@xxx.xxx.xxx.xxx:/mnt/backupdir/
-avzp means archive, verbose, compressed, show progress
–exclude-from=myexclude is the file that I create to pass some directory or types of file that I don’t want to backup.
The myexclude file is :
Myfirstdir
*.jpg
Myseconddir

Test the rsync command in the terminal first before we put it in the cron job.

To put it a cron, let’s do this
#crontab -e
0 5 /1 * * /home/computer1/rsync-command
Type :wq to save and exit.

The rsync-command is
rsync -avzp –exclude-from=myexclude -e ssh /mnt/mydir/file* computer@xxx.xxx.xxx.xxx:/mnt/backupdir/

It works for me.

Another option for rsync is -P means progress copy is displayed in our screen.
source : ubuntuforum

Chrome Plugin – Twerk

Published by:

Nah ternyata chrome mengenal plugin yang cukup banyak. Kemaren saya sudah mencoba plugin LINE. Jadi saya bisa akses LINE account dari pc melalui chrome. Kali ini plugin mengenai android run time application atau kita sebut saja android emulator. Namanya Twerk.

Twerk dapat di download di chrome app store.

twerk

http://cdn.makeuseof.com

Dan seperti itulah tampilannya. Hanya saja di pc saya, ketika menjalankan twerk, chrome membutuhkan satu lagi plugin. Yaitu ARC atau App Runtime for Chrome. Namun ketika saya coba install, ternyata gagal dengan pesan “download interrupt”. Dan ternyata file extension yang hendak di download sudah tidak ada.

Ya sudah tidak jadi deh jalanin Twerk

Chrome Plugin – Twerk

Published by:

Nah ternyata chrome mengenal plugin yang cukup banyak. Kemaren saya sudah mencoba plugin LINE. Jadi saya bisa akses LINE account dari pc melalui chrome. Kali ini plugin mengenai android run time application atau kita sebut saja android emulator. Namanya Twerk.

Twerk dapat di download di chrome app store.

twerk

http://cdn.makeuseof.com

Dan seperti itulah tampilannya. Hanya saja di pc saya, ketika menjalankan twerk, chrome membutuhkan satu lagi plugin. Yaitu ARC atau App Runtime for Chrome. Namun ketika saya coba install, ternyata gagal dengan pesan “download interrupt”. Dan ternyata file extension yang hendak di download sudah tidak ada.

Ya sudah tidak jadi deh jalanin Twerk