Open Source and Tech | Where I Learn and Share

Mazuhan dot com kembali online

admin — Fri, 24 Oct 2008 03:14:07 +0000

Sudah lama blog ini terbengkalai disebabkan oleh masalah teknikal yang tidak dapat dielakkan.

Pertamanya saya sudah beralih kerjaya dimana sebelum ini sebagai pengurus teknikal disebuah IT firm dan dikini sepenuh masa bekerja dari rumah.

Kedua ruang ligkup dan kerjaya masih sama cuma fokus sekarang lebih kepada pemasaran internet. Inilah kerjaya yang diangankan-angankan sudah sekian lama.

Sudah semestinya arah tuju blog ini juga akan bebeza dari segi kandungan, tema, bahasa dan niche dan tak lupa juga blog ini sekarang sudah dipindahkan ke server baru dan juga data center yang baru iaitu di AIMS.

MySql Error (1250) : Client does not support authentication protocol

admin — Sun, 11 May 2008 18:05:20 +0000

Starting from version 4.1.x of MySQL and above, an authentication protocol based on a password hashing algorithm that is incompatible with that used by older MySql clients.

So the older mysql clients cannot talk to the newer MySql servers because of the disparity in authentication methods.

Any attempts to connect to it with an older client may fail with the following message:

Error (1250) : Client does not support authentication protocol requested by server; consider upgrading MySQL client

I don’t want to recompiling php with the new mysql client libraries but what I did is reset the password to pre-4.1 style for each user that needs to use a pre-4.1 client program. This can be done using the SET PASSWORD statement and the OLD_PASSWORD() function:

# mysql -u root -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
mysql> UPDATE mysql.user
    -> SET password=OLD_PASSWORD('yourpasswd')
    -> WHERE user='root'
    -> AND host='localhost';
Query OK, 1 row affected (0.07 sec)
Rows matched: 1  Changed: 1  Warnings: 0

mysql> flush privileges;
Query OK, 0 rows affected (0.04 sec)

qmail-smtpd Listen On 2 Different Ports

admin — Tue, 25 Mar 2008 21:54:41 +0000

My previous posting regarding smtp port 25 blocked by tmnet where TM will block OUTBOUND Simple Mail Transfer Protocol (SMTP) traffic or port 25 for all outgoing e-mails from streamyx dynamic IP addresses.

For those running qmail server, this is the way how to configure qmail-smtpd to listen on another port 587 instead of default port 25. In other word qmail-smtpd will listen on 2 different ports, 25 and 587.

First we copy /var/qmail/supervise/qmail-smtpd to /var/qmail/supervise/qmail-smtpd2 and edit the run script located in the qmail-smtpd2 directory and change the smtp port to 587.

# cd /var/qmail/supervise
# cp -rf qmail-smtpd qmail-smtpd2
# cd qmail-smtpd2
# vi run

(more…)

Google Apps - A Google solution for email.

admin — Sun, 23 Mar 2008 06:11:04 +0000

Do you know you can have a webmail for your own domain name which interface similar like gmail?
It’s powered by Google where email is more intuitive, efficient and useful.

To register : http://www.google.com/a/cpanel/domain/new and follow this instructions how to migrate from your existing boring webmail system to gmail like webmail.

Step 1: Choose a domain name, I use mazuhan.com as I sign up for my domain

Step 2: Sign up for Google Apps Standard Edition

To get started with Google Apps Standard Edition, you will need to fill out a few details about number of users, account administrator details and organization info.

(more…)

How To Install Awstats In Centos/RedHat/Fedora

admin — Sun, 20 Jan 2008 13:42:38 +0000

By default Centos 4 doesn’t have awstats.

Running yum install awstats, unable to detect awstats installation as it’s not default base and updates repositories from Centos.
In order to overcome this issue, I installed another repositories which is RPMForge.

Installing RPMForge is quite easy. In this case my Centos distro is Centos 4 version.

First we have to install yum-plugin-priorities

# yum install yum-plugin-priorities

To be able to use this plugin, we must enable plugins in our /etc/yum.conf file.

(more…)

Sync Linux Server Time with NTP Daemon

admin — Mon, 07 Jan 2008 05:10:42 +0000

I have web server which serving forum service and it’s powered with few linux web server boxes.

Time accuracy for the forum posting for each server is quite critical. If not, all posting from different server will be mess up.

To keep server time in sync for all servers I install NTP daemon and here is what the step taken on my Linux box :

Install the ntp service if it’s not already installed.
```
# yum install ntp
```
Both UDP port 123 have to be open for incoming and outgoing on the firewall.
Find a reliable close ntp pool server. For default installation ntp server should be
```
server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
```

(more…)

Quickest and Easy Method Securing Your SSHD

admin — Wed, 02 Jan 2008 07:34:44 +0000

OpenSSH is a FREE version of the SSH and often it’s default ssh server for most linux distros.

To enhance sshd security, you can follow these quickest and easy method to better protect your linux box.

1. Secure your sshd_config

First of all you want to further secure your sshd_config file and can be found in /etc/ssh/ directory.

#cd /etc/ssh
#vi sshd_config

Disable root login:
Never login as a root and instead use normal user to login then become as root by issuing su command.

Now find the line PermitRootLogin , and if it’s says PermitRootLogin no then you already safe from root login, otherwise change from yes to no.

Change sshd port number:
Default sshd port number is 22. You can change it to any random 4 or 5 digit number. Example change to 2925

Find where it says: Port 22 and change it to Port 2925.

Binding to SSH version 2:
Find this line Protocol 2,1 and change it to Protocol 2 to allow access to ssh version 2. It’s more secure than ssh version 1.

Save the new changes and make it effect by issue this command

# /etc/rc.d/init.d/sshd restart

2. Use tcp wrappers

Second method is using tcp wrappers hosts.allow and hosts.deny files in /etc directory to only allow from trusted host to access ssh server.

Lets say your trusted host is 192.168.2.5, then your hosts.deny/hosts.allow example :

# vi /etc/hosts.allow
sshd: 192.168.2.5

#vi /etc/hosts.deny
sshd: ALL

Your can replace this with your specific ip or your trusted host ip. Save the changes you have made.

By implementing these methods, at least your sshd can be more protected instead of leaving you sshd server default installation wide open to outsider.

Automatically Start Linux Daemons and Services

admin — Wed, 26 Dec 2007 09:18:34 +0000

Normally after I finish installing the Linux OS in my machine, the first sport check I often go through is checking what are service daemons to be enable or disable during boot time. It’s due to Red Hat / Centos come with a lot of services that are pre-configured to run at boot. It’s also to determine that I’m not running unnecessary services that are simply sucking up my precious CPU time and my server resources.

To enable or disable linux daemons and services at boot time on Red Hat/Centos, in your linux console ( after become a su ), I just issue this command :

[root@xxxx xxxx]# setup

From Choose a Tool menu, select the System services –> Run Tool to access the Services menu as below.

The following is a list based on one of my testing machine and some of the services may not listed here.

(more…)

What Blogs I Regularly Visit

admin — Mon, 24 Dec 2007 02:27:18 +0000

What are blogs you regularly visit? As making online money is major concern for problogger or semiproblogger, here is the list of blogs I read and visit them regularly.

If you know any good blog, please post a comment ..

Email Server with Linux and Qmail

admin — Sun, 16 Dec 2007 17:38:11 +0000

Web hosting preview for email solution
Email services in todays ICT world is one of must have for every company regardless of small, medium or enterprise the company is.

Linux and open source software is one of the best option in term of software costing, stability and reliability. Mail transfer agent (MTA) like Qmail, Sendmail, Posfix or Exim is among the popular one and I prefer to use qmail to powered my email servers.

Why qmail?
Qmail is a sendmail replacement and is among the five most popular Unix mail servers on the Internet.

As the nature of open source, email server solution come with another handy software packages to complement with the qmail and it’s free of charge.

Qmail Ingredient
The installation and setup of a qmail based mail server requires list of softwares to work together and once again I remind you, all of the software listed below is free from software licensing fees.

(more…)