This script can be used from the command line as a ‘no questions asked’ method of uploading one or many files with a single command. Additionally, you can call this script from batch files to perform automated file uploads. A few uses for this include (but, of course, not limited to):

* Include in backup scripts to send data offsite.
* Upload html/php/etc. files to a web server with a single command.
* Create shortcuts to send a common group of files (such as a web site’s source pages).

Configuration

The only configuration required is to set the FTP server connection information. Under the “Connection information” line, set the following:

* Server – The FTP Server you are uploading to. You can either enter the DNS name (ftp.myserver.com) or IP address (1.2.3.4).
* UserName – Your user name for connecting to FTP server.
* Password – Your password for connecting to the FTP server.

Depending on your firewall settings, the first time you run this script you may be prompted to allow FTP to connect to the Internet. Setting this to never prompt you again should remove future warnings.
The Script

@ECHO OFF
ECHO Upload to FTP
ECHO Written by: Jason Faulkner
ECHO SysadminGeek.com
ECHO.
ECHO.

REM Usage:
REM UploadToFTP [/L] FileToUpload
REM
REM Required Parameters:
REM FileToUpload
REM The file or file containing the list of files to be uploaded.
REM
REM Optional Parameters:
REM /L When supplied, the FileToUpload is read as a list of files to be uploaded.
REM A list of files should be a plain text file which has a single file on each line.
REM Files listed in this file must specify the full path and be quoted where appropriate.

SETLOCAL EnableExtensions

REM Connection information:
SET Server=
SET UserName=
SET Password=

REM —- Do not modify anything below this line —-

SET Commands=”%TEMP%\SendToFTP_commands.txt”

REM FTP user name and password. No spaces after either.
ECHO %UserName%> %Commands%
ECHO %Password%>> %Commands%

REM FTP transfer settings.
ECHO binary >> %Commands%

IF /I {%1}=={/L} (
REM Add file(s) to the list to be FTP’ed.
FOR /F “usebackq tokens=*” %%I IN (“%~dpnx2″) DO ECHO put %%I >> %Commands%
) ELSE (
ECHO put “%~dpnx1″ >> %Commands%
)

REM Close the FTP connection.
ECHO close >> %Commands%
ECHO bye >> %Commands%

REM Perform the FTP.
FTP -d -i -s:%Commands% %Server%

ECHO.
ECHO.

REM Clean up.
IF EXIST %Commands% DEL %Commands%

ENDLOCAL

LinksThis Article is taken from

‘When you are forwarding ports through a tunnel, either locally or remotely (i.e., with the -L or -R switches), you can modify the session real-time. The way that you do this is after you start the session, you press SHIFT + ` + c (The ` key also has a ~ in it, which is the actual keypress sent to the session). If it doesn’t work the first time, press ENTER a couple of times and try it again. Once you get the “ssh>” prompt, type “?” for the commands you can put in. Here’s an example session:

[0908][scott@dev:~]$ ssh -R 8080:suseblog.com:8080 scott@suseblog.com
Password:
Last login: Thu Oct 15 11:59:43 2009 from 67.214.232.162
Have a lot of fun…
[1109][scott@mail:~]$ [PRESS SHIFT + ` + c HERE]
ssh> ?
Commands:
-L[bind_address:]port:host:hostport Request local forward
-R[bind_address:]port:host:hostport Request remote forward
-KR[bind_address:]port Cancel remote forward
[PRESS ENTER HERE]
[1110][scott@mail:~]$ [PRESS SHIFT + ` + c HERE]
ssh> -R8080:letslearnlinux.com:1080
Forwarding port.

[1110][scott@mail:~]$’

This week I want to share a configuration file that I’ve used for years and other people might find useful. My Linux setup at home, currently running Fedora, uses two cheap LCD screens from Hanns-G. The model name is HW191D, and while the image quality is fine, they’re a complete pain to get running in tandem using the DVI connectors. It isn’t inux to blame either, I’ve had the same problem getting them to work with OS X and Windows XP, and gave up with the over-protective Windows 7. The problem seems to be that the EDID data provided by the screens, when connected digitally, is inaccurate, giving the OS the false impression that they’re only capable of 1024×768 when they’re much happier at a native 1440×900.

This solution is only going to work for people using Nvidia’s proprietary graphics drivers, but I was able to get around the problem by injecting a working EDID file into the old xorg.conf file, and manually creating Monitor entries, as well as creating a TwinViewXinerama display so that both screens could be used side-by-side. This has worked for Ubuntu, Mandriva, OpenSUSE and Fedora, as they’ve each been installed on my machine. But you’ll probably still need to change things like the mouse and keyboard configuration to suite your own hardware.

Here’s the xorg.conf file: xorg.conf (just place it in /etc/X11).
and here’s the EDID binary: edid.bin (which I’ve placed in /root).

There are few tools that can be used to compress LZMA (like P7ZIP archiver), but I chose [url=http://tukaani.org/lzma/[/url]LZMA Utils[/url] because it has a command line compatible with gzip and bzip2, so replacing them with LZMA is simple. The command is called lzma and produces .lzma files by default.

Comparison

First thing I used LZMA for was compressing my mail archive. The spam file (mail in mbox format) I chose is 528MB big and I will use maximum compression ratio. During compression the lzma process was 370MB big, that’s much bzip2 was below 7MB. It took almost 15 minutes to compress the file by lzma and less than 4 minutes by bzip2. Compression ration was very similar: output file is 373MB for bzip2 and 370MB for lzma. Decompression time is 1m12s for lzma and 1m48s for bzip2.

Not very impressive, but compressing text files is easy. Everyone who tried to implement or invent a simple compression algorithm can achieve good results with text files, so what about binary data? I’ve created a tar archive from /usr/bin directory on my laptop. It’s 308MB big. Bzip2 file is 127MB big (59% ratio) and LZMA is 83MB (73% ratio). This is a real difference!

Integration with software

Since my mail archive is now lzma compressed because of faster access time I has a need to teach mutt to open such mailboxes. This was simple, just copy & paste support for gzip archives into ~/.muttrc because lzma command line is the same:

open-hook \\.lzma$ “lzma -cd ‘%f’ > ‘%t’”
close-hook \\.lzma$ “lzma -c ‘%t’ > ‘%f’”
append-hook \\.lzma$ “lzma -c ‘%t’ >> ‘%f’”

Fresh versions of tar archiver (from 1.20 version) also have –lzma switch.

The exact specs of the wireless card, as listed by ‘lspci -v’ are:

0c:00.0 Network controller: Broadcom Corporation BCM94311MCG wlan mini-PCI (rev 01)
Subsystem: Dell Unknown device 0007
Flags: bus master, fast devsel, latency 0, IRQ 17
Memory at ecffc000 (32-bit, non-prefetchable) [size=16K]
Capabilities: [40] Power Management version 2
Capabilities: [58] Message Signalled Interrupts: Mask- 64bit- Queue=0/0 Enable-
Capabilities: [d0] Express Legacy Endpoint IRQ 0
Capabilities: [100] Advanced Error Reporting
Capabilities: [13c] Virtual Channel

That’s the bad boy that we’re going to get set up with wireless in this very article on an openSUSE 10.3 laptop. Let’s have a moment of silence.

A basic outline of what we’ll cover: 1) First, determine the driver currently running the wireless card. We will then instruct the system never to load that driver ever again (and make a few threats just in case). 2) Second, we are then going to set up ndiswrapper to run the card. 3) Third and finally, we will set up the system so that when we reboot the machine, ndiswrapper is automatically loaded and we can hop on our wireless connection easily.
Out With the Bad

The kernel module that serves as the device driver for this wireless card is called ‘bcm43xx’. As root, remove it from memory, as in this example:

[2338][scott@laptop:~]$ su
Password:
laptop:/home/scott # rmmod bcm43xx

Now, we have to politely instruct the system to refrain from loading this module ever again. To do this, we are going to ‘blacklist’ the module. As root, edit /etc/modprobe.conf.local . Add this line to tell it to never load the bcm43xx module:

blacklist bcm43xx

In With the Good

Ndiswrapper is a way to use a Windows driver in Linux. Thusly, the first thing you need to do is grab said Windows driver from this link. Download it to somewhere that you will remember. When it is done, go there, and extract the file (can be done as regular user):

[2339][scott@laptop:~]$ tar -jxvf bcmwl5.tar.bz2
bcmwl5/
bcmwl5/bcmwl5.inf
bcmwl5/bcmwl5.sys
[2339][scott@laptop:~]$

Next, as root, let’s install ndiswrapper using YAST with this simple command:

[2340][scott@laptop:~]$ su
Password:
laptop:/home/scott # yast -i ndiswrapper

Now we need to get ndiswrapper to run the wireless card. This is done as root as in this example:

[2341][scott@laptop:~]$ su
Password:
laptop:/home/scott # ndiswrapper -i /path/to/bcmwl5.inf

You can use ndiswrapper to make sure it worked like this:

[2342][scott@laptop:~]$ su
Password:
laptop:/home/scott # ndiswrapper -l
bcmwl5 : driver installed
device (14E4:4311) present

If you see something like that, you are golden.

Next, we need to write a config file for ndiswrapper. This is done with the following command (as root):

[2342][scott@laptop:~]$ su
Password:
laptop:/home/scott # ndiswrapper -m

Remove all CAT-5 cables from your machine, and then let’s start up ndiswrapper (as root):

[2342][scott@laptop:~]$ su
Password:
laptop:/home/scott # modprobe ndiswrapper

It’s just about set up. Now, we need to make sure it will work properly when we reboot. We also need to put in the wireless networking configuration for this adapter.
Make It Work Automatically on Reboot

Now obviously, when the machine reboots, we want to ensure that ndiswrapper is loaded and used to run this wifi card. To do this is absolute cake. Go into YAST, go into the Network Devices, and then into the Network Card. Select the Broadcom wifi card in the list of adapters. Click CONFIGURE. In the HARDWARE tab, there is a drop-down box called “Module Name”. Type ‘ndiswrapper‘ in there. Click NEXT to configure your wireless network settings for this adapter.

If you have set up the wireless access point, you should know all the configuration details that should be entered into this screen. If you don’t, you can ask your system administrator to help you figure it out. In any case, fill out this screen with all the appropriate information.

Click NEXT again, and then FINISH.

While Conficker is not a new worm it has been getting much press lately. Even though Redmond released a patch late October it is estimated that 5 to 10 million PC have been infected. The industry has been aware of this worm for some time and has mounted a fairly impressive counter attack. Microsoft issued a 250K dollar bounty for developers of Conficker, major anti-virus vendors have added definitions for detection and removal of the worm, OpenDNS introduces a feature that aid sysadmins in detecting infected machines and today with the help of HoneyNet Project security researches discovered Conficker’s fingerprint which makes it possible for tool such as Nmap, Nessus to detect the worm remotely. This discovery come just in time as the latest variant of the worm “Conficker C” is programmed to lay dormant unlike the previous generations where identification of the worm was possible by monitoring outbound traffic.

Why just in time you may ask? Well because the worm is said to become active on April 1st. It is unknown if all infected PC will be used for bad deeds. I’m sure no one needs a reminder of the SQL Slammer worm of 2003/2004 where 5 of the 11 root DNS servers went down, ATM’s where knocked offline due to massive DDOS attacks. I understand the symbolism of April 1st being April fools day, but as the doctor always says: It’s far easier to prevent then to treat.

Using the latest development version of Nmap one would run a command to scan systems for Conficker signature.
nmap -PN -T4 -p139,445 -n -v –script=smb-check-vulns –script-args safe=1 [targetnetworks]

Or by updating your Nessus server’s plugins nessus-update-plugins create and run a scan that includes plugin id #36036 (if you don’t pay for Nessus Professional feed you will have to wait 7 days to receive the plugin)

If you are using a shared server, or just have a limited account on your company servers, you might not have access to your php configuration file php.ini (this is usually found under /etc/php.ini in rhel/centos and /etc/php5/apache2/php.ini in debian/ubuntu). Still, in many situations it might be needed to enable php errors in the browser so you can see what is the actual problem instead of an empty page (if the server has error reporting disabled as most production systems should have).

In order to enable error reporting for your php script or application include inside your code the following lines:
error_reporting(E_ALL);
ini_set(“display_errors”, 1);
and this will result in displaying in the browser any errors your application might have.

ps: once you are done with this and fixed the issue, don’t forget to remove the error reporting lines, as we don’t want our users/clients to see errors in the browser in case something went wrong.

A mutation will cause Nikto to combine tests or attempt to guess values. These techniques may cause a tremendous amount of tests to be launched against the target. Use the reference number to specify the type, multiple may be combined.

1.

Test all files with all root directories. This takes each test and splits it into a list of files and directories. A scan list is then created by combining each file with each directory.
2.

Guess for password file names. Takes a list of common password file names (such as “passwd”, “pass”, “password”) and file extensions (“txt”, “pwd”, “bak”, etc.) and builds a list of files to check for.
3.

Enumerate user names via Apache (/~user type requests). Exploit a misconfiguration with Apache UserDir setups which allows valid user names to be discovered. This will attempt to brute-force guess user names. A file of known users can also be supplied by supplying the file name in the -mutate-options parameter.
4.

Enumerate user names via cgiwrap (/cgi-bin/cgiwrap/~user type requests). Exploit a flaw in cgiwrap which allows valid user names to be discovered. This will attempt to brute-force guess user names. A file of known users can also be supplied by supplying the file name in the -mutate-options parameter.
5.

Attempt to brute force sub-domain names. This will attempt to brute force know domain names, it will assume the given host (without a www) is the parent domain.
6.

Attempt to brute directory names. This is the only mutate option that requires a file to be passed in the -mutate-options parameter. It will use the given file to attempt to guess directory names. Lists of common directories may be found in the OWASP DirBuster project.

A mutation will cause Nikto to combine tests or attempt to guess values. These techniques may cause a tremendous amount of tests to be launched against the target. Use the reference number to specify the type, multiple may be combined.

1.

Test all files with all root directories. This takes each test and splits it into a list of files and directories. A scan list is then created by combining each file with each directory.
2.

Guess for password file names. Takes a list of common password file names (such as “passwd”, “pass”, “password”) and file extensions (“txt”, “pwd”, “bak”, etc.) and builds a list of files to check for.
3.

Enumerate user names via Apache (/~user type requests). Exploit a misconfiguration with Apache UserDir setups which allows valid user names to be discovered. This will attempt to brute-force guess user names. A file of known users can also be supplied by supplying the file name in the -mutate-options parameter.
4.

Enumerate user names via cgiwrap (/cgi-bin/cgiwrap/~user type requests). Exploit a flaw in cgiwrap which allows valid user names to be discovered. This will attempt to brute-force guess user names. A file of known users can also be supplied by supplying the file name in the -mutate-options parameter.
5.

Attempt to brute force sub-domain names. This will attempt to brute force know domain names, it will assume the given host (without a www) is the parent domain.
6.

Attempt to brute directory names. This is the only mutate option that requires a file to be passed in the -mutate-options parameter. It will use the given file to attempt to guess directory names. Lists of common directories may be found in the OWASP DirBuster project.

function pass_gen($len) { $pass = ”; srand((float) microtime() * 10000000); for ($i = 0; $i < $len; $i++) { $pass .= chr(rand(33, 126)); } return $pass; }

By default root account is locked under Ubuntu Linux. Therefore, you cannot login as root or use ‘su -’ command to become a superuser. To run all administrative command use sudo command. sudo allows a permitted user to execute a command as the superuser or another user. Ubuntu setup your default account (the one created during installation) to run all administrative commands.

For example create a new user called bar, you need to type sudo command as follows:
$ sudo adduser bar
Password:

When sudo asks for a password, you need to supply YOUR OWN password. In other words a root password is not needed. Here are few more examples.

Task: Start / stop / restart services stored in /etc/init.d/ directory

$ sudo /etc/init.d/ssh stop
$ sudo /etc/init.d/networking restart

Task: Avoid typing sudo each and every time

Note that this is not recommended until and unless you are an expert and aware of what you are typing:
$ sudo -i

Above command will start /bin/bash as a root shell so that you can enter a root user command without using sudo command.

How do I login as root user?

Open terminal and simply type the following command:
$ sudo bash
OR
$ sudo -s
Supply your password and you will become a root user.

FreeBSD comes with Nginx startup script located at /usr/local/etc/rc.d directory.
Update /etc/rc.conf

All you have to do is add following line to your /etc/rc.conf file:

nginx_enable=”YES”
Once added use the following command to control nginx web server. You must be root user to control nginx.
Start Nginx Web Server Command

# /usr/local/etc/rc.d/nginx start
Stop Nginx Web Server Command

# /usr/local/etc/rc.d/nginx stop
Restart Nginx Web Server Command

# /usr/local/etc/rc.d/nginx restart
Test Nginx config file for errors

The -t option will just test the configuration file. nginx checks configuration for correct syntax and then try to open files referred in configuration.
# nginx -c /usr/local/etc/nginx/nginx.conf -t

Once statisfied, restart / start Nginx:
# /usr/local/etc/rc.d/nginx start
The -c /path/to/config/file specifies which configuration file Nginx should use instead of the default.

The GIMP is the GNU Image Manipulation Program. It is used to edit and manipulate images. It can load and save a variety of image formats and can be used to convert between formats.

Gimp can also be used as a paint program. It features a set of drawing and painting tools such as airbrush, clone, pencil, and paint brush. Painting and drawing tools can be applied to an image with a variety of paint modes. It also offers an extensive array of selection tools like rectangle, ellipse, fuzzy select, bezier select, intelligent scissors, and select by color.

Gimp offers a variety of plugins that perform a variety of image manipulations. Examples include bumpmap, edge detect, gaussian blur, and many others.

In addition, Gimp has several scripting extension which allow for advanced non-interactive processing and creation of images.
OPTIONS
The gimp accepts the following options:

-h, –help
Display a list of all commandline options.
-v, –version
Output the version info.
-b, –batch
Execute the set of non-interactively. The set of is typically in the form of a script that can be executed by one of the Gimp scripting extensions.
-g, –gimprc
Use an alternative gimprc instead of the default one. Useful in cases where plugins paths or machine specs may be different.
-i, –no-interface
Run without a user interface.
-r, –restore-session
Try to restore saved session.
-d, –no-data
Do not load patterns, gradients, palettes, or brushes. Often useful in non-interactive situations where startup time is to be minimized.
–verbose
Show startup messages.
–no-shm
Do not use shared memory between GIMP and its plugins. Instead of using shared memory, GIMP will send the data via pipe. This will result in slower performance than using shared memory.
–no-xshm
Do not use the X Shared Memory extension. If GIMP is being displayed on a remote X server, this probably needs to be enabled. Also useful for any X server that doesn’t properly support the X shared memory extension. This will result in slower performance than with X shared memory enabled.
–display display
Use the designated X display.
-s, –no-splash
Do not show the splash screen.
-S, –no-splash-image
Do not show the splash screen image as part of the splash screen.
–debug-handlers
Enable debugging signal handlers.
-c, –console-messages
Do not popup dialog boxes on errors or warnings. Print the messages on the console instead.
–enable-stack-trace {never|query|always}
If a stack-trace should be generated in case of fatal signals.
–system-gimprc
Use an alternate system gimprc file.

“When grep and sed aren’t enough, gawk may provide the extra horsepower that you need. The following tip contains a sampling of some of the things one might do with gawk.

Extract the last column from a text file, whitespace-separated:

cat myfile | gawk ‘{print $NF}’

or:

gawk ‘{print $NF}’ myfile

List counts of files owned by each user in the current directory:

/bin/ls -l | \
gawk ‘NR > 1 {counts[$3]++;}
END {for (s in counts) {
printf(” %-15s : % 5d\n”,
s, counts[s]);}}’ | \
sort

Kill your processes (one use is to kill a hung login if you can remotely log in to the workstation from another machine):

ps -elf | \
gawk -v me=”$USER” ‘$3 == me {print $4}’ | \
egrep -v $$ | \
xargs -i@@ kill -9 @@; kill -9 $$
” linuxjournal.com

This document provides instructions and notes on upgrading to Ubuntu 9.10 (code name “Karmic Koala”), the most recent release of Ubuntu, released on the 29th of October 2009.

Before You Start

• You can only directly upgrade to Ubuntu 9.10 from Ubuntu 9.04 (see UpgradeNotes).
• Be sure that you have all updates applied to Ubuntu 9.04 before you upgrade.
• Before upgrading it is recommended that you read the release notes for Ubuntu 9.10, which document caveats and workarounds for known issues in this version.

If you have a version of Ubuntu which was released before Ubuntu 9.04, please see UpgradeNotes for information on how to upgrade.

Network Upgrade for Ubuntu Desktops (Recommended)

You can easily upgrade over the network with the following procedure:

1. Start System/Administration/Update Manager.
2. Click the Check button to check for new updates.
3. If there are any updates to install, use the Install Updates button to install them, and press Check again after that is complete.
4. A message will appear informing you of the availability of the new release.
5. Click Upgrade.
6. Follow the on-screen instructions.

Network Upgrade for Kubuntu Desktops (Recommended)

Direct upgrades to Kubuntu 9.10 are supported from either Kubuntu 9.04 or Kubuntu 8.04.

Upgrade Kubuntu 9.04 to 9.10

Upgrade Kubuntu 8.04 to 9.10

Network Upgrade for Ubuntu Servers (Recommended)

1. Install update-manager-core if it is not already installed:

   sudo apt-get install update-manager-core

2. Launch the upgrade tool:

   sudo do-release-upgrade

3. Follow the on-screen instructions.

Upgrading Using the Alternate CD/DVD

Use this method if the system being upgraded is not connected to the Internet.

1. Download the alternate installation CD
2. Burn the ISO to a CD and insert it into the CD-ROM drive of the computer to be upgraded.
   • If the ISO file is on the computer to be upgraded, you could avoid wasting a CD by mounting the ISO as a drive with a command like:

     sudo mount -o loop ~/Desktop/ubuntu-9.10-alternate-i386.iso /media/cdrom0

3. A dialog will be displayed offering you the opportunity to upgrade using that CD.

1. Follow the on-screen instructions.

If the upgrade dialog is not displayed for any reason, you may also run the following command using Alt+F2:

gksu "sh /cdrom/cdromupgrade"

Or in Kubuntu run the following command using Alt+F2:

kdesudo "sh /cdrom/cdromupgrade"

Upgrading from a Torrent

If you’re familiar with torrents and have an ISP that doesn’t limit them, you can download the upgrade much more quickly. You’ll also be sharing your bandwidth with other Ubuntu users and helping to reduce the load on the servers, which is especially beneficial on release days when the server overload causes problems.

Just visit http://releases.ubuntu.com/karmic/, and download the appropriate torrent file for the alternate installation CD, found in the list towards the bottom of the page. (It will have a filename like ubuntu-9.10-alternate-i386.iso.torrent.) Load it into your BitTorrent client, and after it is done downloading the ISO, follow the alternate CD upgrade instructions.