Friday, February 26, 2016

Fail2BAN Test

Add configure to /etc/fail2ban/jail.local
========================

[http-get-dos]
enabled = true
port = http,https
filter = http-get-dos
logpath = /var/log/apache2/access.log
# maxretry is how many GETs we can have in the findtime period before getting narky
maxretry = 300
# findtime is the time period in seconds in which we're counting "retries" (300 seconds = 5 mins)
findtime = 300
# bantime is how long we should drop incoming GET requests for a given IP for, in this case it's 5 minutes
bantime = 300
action = iptables[name=HTTP, port=http, protocol=tcp]



Create Filter file /etc/fail2ban/filter.d/http-get-dos.conf
=======================================

[Definition]

# Option: failregex
# Note: This regex will match any GET entry in your logs, so basically all valid and not valid entries are a match.
# You should set up in the jail.conf file, the maxretry and findtime carefully in order to avoid false positives.

failregex = ^<HOST> -.*"(GET|POST).*

# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =

@start service

/etc/init.d/fail2ban start
/etc/init.d/fail2ban stop



 Connect Load test from client (192.168.1.14)
================================
[root@Client-01 ~]# ab -n 100 -c 10 http://192.168.1.191/
This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright 2006 The Apache Software Foundation, http://www.apache.org/

Benchmarking 192.168.1.191 (be patient)
Completed 100 requests
Completed 200 requests
Finished 300 requests


Server Software:        Apache/2.4.10
Server Hostname:        192.168.1.191
Server Port:            80

Document Path:          /
Document Length:        11321 bytes

Concurrency Level:      10
Time taken for tests:   0.80254 seconds
Complete requests:      300
Failed requests:        0
Write errors:           0
Total transferred:      3495887 bytes
HTML transferred:       3413139 bytes
Requests per second:    3738.13 [#/sec] (mean)
Time per request:       2.675 [ms] (mean)
Time per request:       0.268 [ms] (mean, across all concurrent requests)
Transfer rate:          42527.47 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    0   0.3      0       1
Processing:     1    1   1.1      2       4
Waiting:        0    0   0.8      1       2
Total:          1    2   0.6      2       4
WARNING: The median and mean for the waiting time are not within a normal deviation
        These results are probably not that reliable.

Percentage of the requests served within a certain time (ms)
  50%      2
  66%      2
  75%      2
  80%      2
  90%      3
  95%      3
  98%      3
  99%      4
 100%      4 (longest request)

BAN!!!

=====
[root@Client-01 ~]# ab -n 300 -c 10 http://192.168.1.191/
This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright 2006 The Apache Software Foundation, http://www.apache.org/

Benchmarking 192.168.1.191 (be patient)
apr_socket_recv: Connection refused (111)



@SERVER site check iptables
======================

root@IDP-Server:~# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
f2b-HTTP   tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80
f2b-sshd   tcp  --  0.0.0.0/0            0.0.0.0/0            multiport dports 2                    2

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain f2b-HTTP (1 references) <--------------------AUTO Add from Fail2BAN
target     prot opt source               destination
REJECT     all  --  192.168.1.14         0.0.0.0/0            reject-with icmp-p                    ort-unreachable
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

Chain f2b-sshd (1 references)
target     prot opt source               destination
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

root@IDP-Server:~# tail -f fail2ban.log

2016-02-25 12:56:06,749 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,749 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,749 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,750 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,750 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,751 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,751 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,752 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,752 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,752 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,753 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,753 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,754 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,754 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,755 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,755 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,755 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,756 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,756 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,757 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,757 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,758 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,758 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,758 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,759 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,759 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,760 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,760 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,761 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,761 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,762 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,762 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,762 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,763 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,763 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,764 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:06,764 fail2ban.filter         [3504]: INFO    [http-get-dos] Found 192.168.1.14
2016-02-25 12:56:07,443 fail2ban.actions        [3504]: NOTICE  [http-get-dos] Ban 192.168.1.14

UNBAN
======
@Server site :
iptables -L -n

Chain f2b-HTTP (1 references)
target     prot opt source               destination
REJECT     all  --  192.168.1.14         0.0.0.0/0            reject-with icmp-port-unreachable
RETURN     all  --  0.0.0.0/0            0.0.0.0/0

@check rules name :

root@IDP-Server:~# fail2ban-client status
Status
|- Number of jail:      2
`- Jail list:   http-get-dos, sshd

@set UNBAN

root@IDP-Server:~# fail2ban-client set http-get-dos unbanip 192.168.1.14
192.168.1.14

@LOG :
root@IDP-Server:~# tail -f fail2ban.log
2016-02-25 12:56:07,443 fail2ban.actions        [3504]: NOTICE  [http-get-dos] Ban 192.168.1.14
2016-02-25 13:00:56,160 fail2ban.actions        [3504]: NOTICE  [http-get-dos] Unban 192.168.1.14








Wednesday, February 10, 2016

ORA-39700: database must be opened with UPGRADE option

set ORACLE_SID=<SID>
sqlplus "/as sysdba"
startup upgrade;
@$ORACLE_HOME\rdbms\admin\catalog.sql;
@$ORACLE_HOME\rdbms\admin\catproc.sql;

Thursday, January 28, 2016

Install Oracle database 11g on Windows server 2008 r2 x64

Add privilege administrator to ' ORACLE user '

Fix IP address

set c:\windows\system32\drivers\etc\host
127.0.0.1     localhost
192.168.1.10    hostname ;ex

set all Everonment Variable in 'System variables'

ORACLE_BASE
ORACLE_HOME
ORACLE_UNQNAME

set region in control panel (system locale)

Administrative-> Langauge for non-Unicode Program -> English

Wednesday, January 27, 2016

OracleMTS Recovery Service error

OracleMTS Recovery Service error

"Windows could not start the OracleMTSRecoverService service on Local Computer. Error 1: Incorrect function.

HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE\OracleMTSRecoveryService\Protid_0

set key  host to-->  localhost

Saturday, December 19, 2015

DUPLICATE Oracle database and set new SID from RMAN Full backup

@target

- full backup rman (controlfile,datafile,archivelog)

- create pfile='initNEW_SID.ora' from spfile;
- change current_instance_name to new_instance_name in pfile
- add *.LOG_FILE_NAME_CONVERT and *.DB_FILE_NAME_CONVERT to last line in pfile

exp:
*.LOG_FILE_NAME_CONVERT='/u01/old_log_file_path','/u02/new_log_file_path'
*.DB_FILE_NAME_CONVERT='/u01/old_data_file_path','/u02/new_data_file_path'


**** for Multiple path Oracle datafile
*.LOG_FILE_NAME_CONVERT='/data1/oradata/ORCLG','/data1/oradata/DUPDB',
                    '/data2/oradata/ORCL','/data2/oradata/DUPDB',
                    '/data3/oradata/ORCL','/data3/oradata/DUPDB'



*.DB_FILE_NAME_CONVERT='/data1/oradata/ORCL','/data1/oradata/DUPDB',
                    '/data2/oradata/ORCL','/data2/oradata/DUPDB',
                    '/data3/oradata/ORCL','/data3/oradata/DUPDB',
                    '/data4/oradata/ORCL','/data4/oradata/DUPDB',
                    '/data5/oradata/ORCL','/data5/oradata/DUPDB',
                    '/data6/oradata/ORCL','/data6/oradata/DUPDB'

- create folder datafile and logfile for new_instance_name

@auxiliary

- startup pfile='initNEW_SID.ora' nomount;
- connect to RMAN by command 'rman auxiliary /'



duplicate database to "newSID" backup location '/backup_rman/oldSID';


trick-2:
create auxiliary by dbca and set new datafile + log file path for newSID

- connect rman as auxiliary  using command

duplicate database to "newSID" nofilenamecheck  backup location '/backup_rman/oldSID';

Wednesday, December 16, 2015

Enabling Oracle HTTP Server to Run as Root for Ports Set to Less Than 1024 (UNIX Only)

Go to $ORACLE_HOME/ohs/bin
chown root .apachectl
chmod 6750 .apachectl

check $ORACLE_INSTANCE/config/OHS/ohs1/httpd.conf
section:
User oracle
Group group_to_start_apache

set port 
section:
Listen < 1024

Wednesday, November 25, 2015

SSH Login without Password : Solaris 10, Linux

:ON Solaris 10

ssh-keygen -t rsa
- id_rsa
- id_rsa.pub
@ ~/.ssh
copy id_rsa.pub to remoteHost

scp /export/home/test/.ssh/id_rsa.pub testuser@remotehost:/home/testuser/.ssh

login to remotehost
cat ~/.ssh/id_rsa.pub >> authorized_keys


@server

ssh testuser@remotehost
scp xxx.file testuser@remotehost

:ON LINUX Server

ssh-keygen

ssh-copy-id user@remotehost

ssh user@remotehost

ALCATEL 6900

write memory copy running certified reload from working no rollback-timeout