How to install 32 bit and 64 bit applications on 64 bit Ubuntu OS

Earlier, with Drapper Drake , you only had to install ia32libs. But after that, may be they decided not to release for future versions, no more release. Hackers always find a way round to get their thing done and that exactly what happened with this as well. A bash file was written and released to the public available at http://frozenfox.freehostia.com/cappy/

I recently had to use this frequently and thought about mentioning it. In last two days, I had two such requirements as well. Here in India, Tata Docomo’s USB installation binary, will work only on i386 linux boxes. I would admit that that itself is an achievement But I had to get it working on a x64 architecture as well. And it was complaining about libqt and a few other 32 bit packages. dkpg’s –force-architecture option was also not working because of dependency issue.

This also helped me install a Task Management Software as well, http://codea-dev.com/gtd/download/linux/

Below text is copied from Ubuntu Forum’s. Author’s original post can be found at http://ubuntuforums.org/showthread.php?t=474790

getlibs works on:

• All Ubuntu and Debian systems
• Debian or Ubuntu based distributions (best to use the package name)

Tip: To install a 32-bit debian package for a program (not a library!) use

sudo dpkg -i --force-all package_name.deb

Usage Examples:

getlibs on a program to download all missing libraries:

getlibs /usr/bin/skype

—–

Use getlibs to install a 32-bit library using the library name:

getlibs -l libogg.so.0 libSDL-1.2.so.0

—–

Use getlibs to install a 32-bit library using the package name:

getlibs -p libqt4-core libqt4-gui

—–

Install a 32-bit library file (.deb):

getlibs -i ~/i386_library_1.deb

—–

Download and install a 32-bit library file (.deb):

getlibs -w http://mirrors.kernel.org/ubuntu/pool/main/s/sdl-image1.2/libsdl-image1.2_1.2.5-3_i386.deb

Joomla in IIS 7 : SEO Friendly URLs not working

Scenario

A Joomla website hosted in Linux server is migrated to Windows. Several compatibility issues will be reported. The rules in .htaccess file will not work in Windows Servers which will cause malfunctioning of the website. Here are the steps on how to deal with these issues.

Solution

For this to work in IIS, a web.config file should be created and the corresponding rules in .htaccess should be imported to the same file. Here is a sample web.config file. Copy the entire content.

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
 <system.webServer>
 <rewrite>
 <rules>
 <rule name="Security Rule" stopProcessing="true">
 <match url="^(.*)$" ignoreCase="false" />
 <conditions logicalGrouping="MatchAny">
 <add input="{QUERY_STRING}" pattern="mosConfig_[a-zA-Z_]{1,21}(=|\%3D)" ignoreCase="false" />
 <add input="{QUERY_STRING}" pattern="base64_encode.*\(.*\)" ignoreCase="false" />
 <add input="{QUERY_STRING}" pattern="(\&lt;|%3C).*script.*(\>|%3E)" />
 <add input="{QUERY_STRING}" pattern="GLOBALS(=|\[|\%[0-9A-Z]{0,2})" ignoreCase="false" />
 <add input="{QUERY_STRING}" pattern="_REQUEST(=|\[|\%[0-9A-Z]{0,2})" ignoreCase="false" />
 </conditions>
 <action type="CustomResponse" url="index.php" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
 </rule>
 <rule name="SEO Rule">
 <match url="(.*)" ignoreCase="false" />
 <conditions logicalGrouping="MatchAll">
 <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" pattern="" ignoreCase="false" />
 <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" pattern="" ignoreCase="false" />
 <add input="{URL}" negate="true" pattern="^/index.php" ignoreCase="false" />
 <add input="{URL}" pattern="(/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$" />
 </conditions>
 <action type="Rewrite" url="index.php" />
 </rule>
 </rules>
 </rewrite>
 </system.webServer>
</configuration>

So, the file web.config is ready. Now the rules in .htaccess has to be converted in accordance with IIS. In IIS6, you can make use of the ISAPI_REWRITE module. Go to http://www.isapirewrite.com/ for downloading it.

If you are having IIS7, here are the steps involved in converting those rules.

The x86 version of URL Rewrite module can be downloaded here : http://go.microsoft.com/?linkid=9722533

The x64 version of URL Rewrite module can be downloaded here : http://go.microsoft.com/?linkid=9722532

Install the module, restart the IIS manager. Choose the website in which you have to convert the rules (under Sites category). You will see the ‘URL Rewrite’ module in IIS.

Open it. Since the web.config file is already created with some predefined rules, you will see it as Inbound rules (by the Names – Security Rule and SEO Rule).

You can convert the rules in .htaccess file by accessing the ‘Import Rules’ under Inbound Rules category in the Actions pane.

Choose the .htaccess file and click Import. You will see the rules in ‘Rewrite Rules’ section and the converted rules in ‘Converted Rules’ option. Click Apply on the  Actions pane on the right hand side to save these rules to the web.config file (If a web.config file was not created as mentioned earlier, that file will be newly created). Make sure there are no conflicts in the conversion. Watch the Summary on the bottom end. There was a conflict when we did it, its shown here. In such cases, remove any unsupported rules and then click Apply.

Converting PHP to FastCGI

We have do it from Plesk control panel. If you don’t have the administrator access, you may need to contact your Administrator. Others (Gods !) read on

Select the Domain, go to Web Hosting Settings.

Scroll down to Services. Choose PHP support to run as FastCGI application.

Final Steps

Go to Joomla Administrator interface. Access Global Configuration from the main menu. Under SEO Settings, make sure the following are set to Yes

Search Engine Friendly URLs : Yes

Use Apache mod_rewrite : Yes

Done, From now your Joomla website shoule work as smooth as it were in the Linux server. Sit back and Enjoy !

DDoS, prevention, cure! – Part 1

DDoS – Distributed Denial Of Service  Wiki : http://en.wikipedia.org/wiki/Denial-of-service_attack

DDoS is an attack on a computer/server or its resources and thereby making it unavailable to intended users.

Web-hosts must be familiar with this term and will be a victim at-least once. The intention of this post is to give  a brief description about DDoS, its prevention and cure if effected. Please note that this will not server as a perfect guide to the mentioned “Subject-line”, but a “tip-note”.

Understanding DDoS:

The four commonly used programs used by attackers to launch DDoS attacks are

1. Trinoo
2. TFN
3. TFN2K
4. Stacheldraht

Symptoms of DDos:

1. Unusually slow network performance (opening files or accessing web sites)
2. Unavailability of a particular web site
3. Inability to access any web site
4. Dramatic increase in the number of spam emails received—(this type of DoS attack is considered an e-mail bomb)
5. Packet loss for pings to IP/Domain

How DDoS is done:

Pictorial representation of Stacheldraht DDoS attack.

In Stacheldraht DDoS attack, the attacker uses a client program to connect handlers which is a set of compromised machines that issues commands to the agents which in-turn facilitate the DDoS attack. The agents are another set of machines which is compromised using handlers by the attacker. Each handler can control thousands of agents  and all these widely distributed agents floods the target server and thereby increasing the impact of attack.

DoS and DDoS are not the same:

If the attacker initiates an attack from a single host, it is classified as a DoS  as it is not ‘distributed’. In fact, any attack against availability would be classed as a Denial of Service attack. On the other hand, if an attacker uses a thousand systems to simultaneously launch smurf attacks against a remote host, this would be classified as a DDoS attack.

Then what is DRDoS? DRDoS is Distributed Refected Denial of Service. These attacks forge the source address of the IP packets with the victim’s IP and send pings/packets to intermediate hosts. When the intermediate sends back the reply to these pings , it is sent to the victims IP thereby flooding the victim.

Some other types/methods of DDoS/DRDoS/Dos attacks are :

Reflective ICMP attack: The reflective ICMP attack uses public sites like google.com that responds to ICMP ping requests to that of victims IP. The attacker spoofs the victims IP and send requests to the Public servers which will then reply to the actual IP.

TCP SYN flood attack : The attacker sends a packet with SYS bit set of the well known TCP three way handshake. The victim responds to the request by sendong a reply packet with SYN_ACK bit set, but the attackr never responds and thereby increasing the TCP receive queues and denying new TCP connetions. But modern  UNIX and Windows fixed this by increasing the queue qize and limited the number of TCP SYS packets allowed.

UDP attacks : The UDP is one of the most effective way of DDos/DoS attacks. UDP is a stateless protocol and does not have any acknowledgement mechanism by design. PROTOS,the SNMP test suite, and other SNMP tools have been used successfully to launch application level DoS attacks. The Slammer worm was extremely fast because it did not require a response from the compromised computer.

TTL Expiration : The attacker forges the victims IP and send packets with low TTL set to it so that it will expire in the transmit at high speed router. When the TTL reaches zero, the router drops the packet and sends an ICMP TTL expired message to the source address, ie the Victim IP. This attack could be lowered by rate limiting ICMP to all routers in the service provider’s network.

Permanent DoS attacks (PDoS) :  PDoS is an attack that damages the system so badly that it needs the hardware to be replaced or reinstalled. The PDoS is purely a hardware targeted attack in which the attacker modifies the devide fireware by the legitimate method caled flashing. The attacker replaces the hardware firmware with his own modified version which will make the device unstable and render it from the original purpose for which it is made or designed for. The is done by exploiting the hardware security flaws which will allow remote administration of devices such as routers, printers and other networking hardwares.

Degradation Of Service Attacks : The compromised computers are used by the atackers to launch short-lived flooding on victims website which will slow down the website rather than crashing it. This is degradation of service rather than deniel of service and is more seriver than DoS as this is pretty difficult to detect and resolve.

Un-intentional Denial Of Services :  Sudden spike in popularity for a website is the major cause for this. This happens when an extremely popular wesite posts a link to a second site as a part of referrence for news or article. This will lead significant increase in traffic to the secondary website which will result in crashing or server/services. An example for this hapened when Michael Jackson died in 2009 which took down sites like Google and Twitter. (In this case you cant just blame someone )

Blind Denial Of Service : In Blind Deniel of Service, the attacker must be able to receive traffic from the victim, then the attacker must either subvert the routing fabric or use the attacker’s own IP address. Either provides an opportunity for the victim to track the attacker and/or filter out his traffic. With a blind attack the attacker uses a forged IP addresses, making it extremely difficult for the victim to filter out those packets. The TCP SYN flood attack is an example of a blind attack. Designers should make every attempt possible to prevent blind denial of service attacks.

How to setup Google Apps on your domain with cPanel and create upto 50 custom email accounts for FREE – Part (2)

Step V : Setting Up Your E-mail Server.

The next step is to set up the URL you want to use to access Webmail. In most cases, this is either webmail.example.com or simply mail.example.com. To make this change, click on the ‘Service Settings‘ tab in the top menu of the dashboard. Then, click ‘Email‘. From there, specify that you want to use a custom URL, and enter the appropriate subdomain for your domain.

Submit that form, and Google will then provide you with information about adding a CNAME entry for your new subdomain. You should make corresponding entries in the DNS zone to implement this. For example if the URL with which you wish to access your mail is webmail.example.com then you must give a CNAME record ‘ ghs.google.com. ‘ in the DNS zone for webmail. This is shown below :

Step VI : MX Record Changes

Once you have finished creating all of the users, you can return to the dashboard and click ‘Activate email‘  and follow the MX change instructions provided by Google. If you are lucky enough to use one of the hosts included in the dropdown menu there, you should be able to get clear, specific instructions explaining how to make the changes in your domains control panel.

Google will have you add seven new MX records to your DNS zone file. Those entries will probably look like:

MX Server address                                  Priority

ASPMX.L.GOOGLE.COM.                 10
ALT1.ASPMX.L.GOOGLE.COM.       20
ALT2.ASPMX.L.GOOGLE.COM.       20
ASPMX2.GOOGLEMAIL.COM.         30
ASPMX3.GOOGLEMAIL.COM.         30
ASPMX4.GOOGLEMAIL.COM.         30
ASPMX5.GOOGLEMAIL.COM.         30

It’s important that you copy and paste those addresses exactly as they appear in the Google instructions. They all include dots at the end of the addresses, and that dots need to be included. I am attaching a screenshot below which will hopefully give you an idea on how it should be entered.

Your new entries will need to look similar to:

your-domain.com    14400    IN    MX    10    ASPMX.L.GOOGLE.COM.

Where your-domain.com is your domain name, the second spot is the TTL or Time To Live (which can be left blank if required), the word ‘IN‘ is in the third spot, the fourth spot is filled with ‘MX‘ , the fifth spot is the ‘Priority‘ and the last spot includes the address provided by Google.

Also, in most of the cases you can only add four or five entries to the zone file at a time, so you’ll have to add this first, save the file, and then add the rest.
Once you’ve made those changes, click the  ‘I’ve made these changes‘ button in the Google Apps window.
Finally you can return to dashboard and click on the ‘Activate email‘ tab which you will find right below the ‘Email‘ option. See below :

The last and most difficult Step : Waiting.

At this point, you’re pretty much done. You now simply have to wait because It can take anywhere from one hour to 48 hours before the changes are complete.

Once the changes have completed, though, you can set up your e-mail client (Outlook, Thunderbird etc.) to check your e-mail. The Gmail IMAP settings are fairly simple. They are as follows:

IMAP (incoming) mail:
Server: imap.gmail.com
Port: 993
Encryption: SSL

SMTP (outgoing) mail:
Server: smtp.gmail.com
Port: 465 or 587
Encryption: TLS

***********************************************************************************************************

How to setup 50 free Google powered email accounts for your domain with cPanel – Part (1)

This article is on how to setup Google Apps to work on your domain with 6 easy steps. When you purchase a domain (e.g. your-domain.com) for your website from any of the domain registrars such as Godaddy , you normally get a single free email account that includes limited storage space. This is where Google apps comes in for your rescue. By using this feature, provided to you by Google, you can use Google mail servers for transferring your mails and that too from your very own domains. The advantages are plenty, as we all know Gmail has proven over the years that it provides the most reliable e-mail service. How many times have you moved your domain to a new server and been frustrated by the fact that you lost all of your e-mail messages? If you switch over to Google Apps, you never have to worry about that again. Again the service and support provided by google is without doubt the best and uncomparable with your hosting companie’s or your service provider’s. Another advantage is that the server limits of your account will not affect the number of mails that you can sent or recieve if you use the Google apps. I have only mentioned a few above but the list goes on and on.

The praises can be sung without a pause but its better I stop the boasts here and get down to the original topic.  I’m going to explain, step-by-step, on how to accomplish this task. It’s actually very simple, but it might take quite some time depending on how good a techy you are. To begin with, head on over to Google and sign up for an account. I am siting the link below where you can do this :

http://www.google.com/apps/intl/en/business/index.html

In the above page click on the ‘ Apps Editions ‘ tab and you will be able to view different schemes they offer, from which you will be able to select the one which suits you the most. For most of us, the standard edition offered by Google is more than enough. However, they do offer a “Premier edition” if your needs exceed the services of the free accounts. In addition to the Standard edition and Premier edition there are  Educational schemes, Govermental schemes etc etc. Once you choose the package required you will be directed to a page with a blue colored ‘ Get started ‘ tab on the right most top corner of the page. This is your key, click on it and you are on your way to setting Google apps for your domain. I am going to list  everything step by step from here on in a detailed manner.

Step I : Tell them your registered Domain name.

In the very first step you need to provide your domain name as prompted. Obviously enough you should possess a registered domain or you can buy a new domain name through Google which automatically sets everything up for you. You also need to verify that you own the domain or if you are a member of the domain.

Step II : Tell them who you are.

Fill in all of your contact information. At least make sure that you fill in all the boxes which have an aestrics symbol (*) to the right of the label with proper and valid information. If you don’t provide the required information, you will receive an error when you submit the form.
An important thing that you should be absolutely sure of before filling up the form is that you are able to edit your server’s DNS zone files. If you cannot edit your DNS zone files, do not proceed. You will have to enter MX records pointing to the Google mail servers in your DNS configuration. Signing up for the Google Apps account is useless if you’re not going to be able to modify your server appropriately to have the e-mail go where it’s intended.

The screenshot above was limited by my monitor boundaries, but you will be able to see the ‘ Continue ‘ tab at the bottom of your screen. Click this and you are on step III.

Step III : Create your first administrator account.

Create your first e-mail account. This e-mail account will be used as the administrative account for the Google Apps services.

Below this you will be able to see the terms and conditions, which mostly contains the usual stuff but still worth a read, where you should click on the ‘ I accept. Continue with setup ‘ tab to proceed to the next step.

Step IV : Verify Domain Ownership.

The next step in the process is to prove to Google that you own and have administrative rights to the domain you chose.

Here you will have an option to do it later, but sooner the better. Once you choose the option to continue you will be prompted for the password you chose in the previous step.
You have three options to prove that you own the domain. The first option is to modify your DNS entries to add a unique CNAME record. Next option is to add a meta tag to your site’s home page.  The last option is to simply create and upload an HTML file to your Web server. Okay now there is no reason for you to panic from hearing all the complex terms, all you need to do is click on these options and viola, all the information you need on ‘How to’ gets detailed (or rather spoon fed) right on the screen.

As you can see the screenshot above you will have a drop down menu for a list of domain registrars among which you can choose yours and do as instructed. Otherwise you can simply choose the ‘ Others ‘ option from the drop down menu and follow the simple set of instructions which gets listed.
This will look somewhat like the following :

<<

A TXT record is an entry within the Domain Name System (DNS) that provides supplemental information about your domain. You can create a TXT record that proves to Google that you own the domain.

1. Add the TXT record below to the DNS configuration for your-domain.com.
google-site-verification=Zy5aERjpb4-T1S0Ig36pGuHDOE5MycRBGsVmCtVeTLY
2. Click verify below.
When Google finds this DNS TXT record, we’ll make you a verified owner of the domain. (Note: DNS changes may take some time. If we don’t find the record immediately, we’ll check for it periodically.)
Leave the TXT record in place even after verification succeeds.

>>

For adding the TXT record in the DNS zone log into your domain control panel and choose the edit DNS zone option. The name of the option might vary between control panels, but they provide the same functionalities. I am pasting yet another screenshot which might help you through this simple process.

NOTE : For the rest of the article I will be siting examples and providing screenshots only from, and in reference to, the cPanel. But it will not be difficult to figure out how it is done in other control panels once you get an idea on what we are doing here.

You can see that I simply pasted the text mentioned in the instructions. After doing this you can click on ‘Verify‘ which will, quite obviously, verify if the entry is made and thereby confirming your authority over the domain.