🦑Use For Learn, Its illegal to use Botnet For Stealing-exploite

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How can i change master boot records (mbr) to gpt in kali linux Full Tested
instagram.com/UndercOdeTestingCompany

🦑Steps :(Powered by Wiki Tested by UndercOde-on ubuntu)

1) terminology

1) Converting

2) Configuring (+ Dual boot)

🦑 Terminology

BIOS = Basic Input/Output System

(U)EFI = (Unified) Extensible Firmware Interface
MBR = Master Boot Record
GPT = GUID Partition Table
UEFI / EFI / BIOS = Firmware interface
MBR / GPT = How the computer knows (per hard disk) what partitions are on the drive and
how to boot from them.

1) UEFI / BIOS
A firmware interface is the way that the firmware (the software inside devices) and operating system interact. It initialises the hardware then runs the operating system and ensures that the operating system drivers can operate the hardware.

2) The BIOS has been the usual firmware interface that has been used. The UEFI is a newer interface that has several features, such as being faster, having a GUI and being able to start the network card and get an ip address. UEFI replaces EFI. (Those developing EFI saw that there were others doing something similar and so joined them, bringing the ideas of EFI with them. This then became UEFI).

3) A BIOS requires the bootloader to be at the start of the disk, however a UEFI uses a partition for this and can choose among multiple boot loaders to use.
MBR / GPT + GRUB

4) The MBR is a section of code at the start of the disk that contains a boot loader (for the BIOS), as well as the partition map and a unique disk identifier.

5) To install GRUB onto a disk with a MBR, GRUB places a small program in the MBR to load the rest of GRUB from another part of the disk. (This is done because the MBR is too small to contain all of GRUB). The space that is chosen is space between the MBR and the first partition, which usually exists.

6) GPT is a standard for how the partitons are specified. It does have a 'protective' MBR, however this is only for allowing BIOS based computers to boot and stop tools that only know about MBR from trying to trash GPT. It can have
(How GPT is handled depends on whether it is booting using a BIOS (or UEFI system in BIOS emulation mode) or UEFI. I will focus on UEFI as it relates to the question).
Boot loaders for operating systems are stored in a partion called EFI System Partiton, that is formatted (usually) with FAT32. This is where GRUB is installed.

🦑 Converting
First...

1) We are playing around with the partition table, so guaranteed safety is not possible. It is a risky operation. However, the method should not lose data.
Others coming across this: Do not use on Apple Macs.
Now...

2) You will need to do this on a live CD (or another linux installation installed to a different disk.)

3) When dealing with GPT disks, we need to use a GPT aware program. 'GPT fdisk' is a good tool to use and what I will be using. It can be called gptfdisk or gdisk depending on distribution (Ubuntu calles it gdisk). Parted (and Gparted) is also GPT aware, so can 'safely' be used with GPT disks.

🦑 To convert you need to:

1 Resize partitions to fit GPT data and EFI system partition.

2 Convert the disk and add partitions

3 Install GRUB to EFI system partition.

1) Resize partition
Use parted (command line) or gparted (GUI) to resize the first and last partition. The first partion should have about 200MiB before it, and the last partition should have 1MiB to 2MiB (either will do) taken off the end.
2) Convert the disk
Run
gdisk /dev/sdx
changing the device you want to convert is /dev/sdx.
It should tell you that it will convert the partiton table.
GPT fdisk (gdisk) version 0.6.14

Partition table scan:
MBR: MBR only
BSD: not present
APM: not present
GPT: not present


*******************************************************
Found invalid GPT and valid MBR; converting MBR to GPT format.
THIS OPERATION IS POTENTIALLY DESTRUCTIVE! Exit by typing 'q' if
you don't want to convert your MBR partitions to GPT format!
*******************************************************

Command (? for help):
Now add a new partition, making it of type 'EFI system'. It should find the free space at the beginning (I suggest some low sector number like 34) and automatically use all the free space.

The examples use a 4GB USB flash drive with 1 partition already on there, resized as per above.
Command (? for help): n
Partition number (2-128, default 2): 2
First sector (34-7831518, default = 34) or {+-}size{KMGTP}:
Information: Moved requested sector from 34 to 2048 in
order to align on 2048-sector boundaries.
Use 'l' on the experts' menu to adjust alignment
Last sector (2048-421887, default = 421887) or {+-}size{KMGTP}:
Current type is 'Linux/Windows data'
Hex code or GUID (L to show codes, Enter = 0700): L
0700 Linux/Windows data 0c01 Microsoft reserved 2700 Windows RE
...
You should now have the EFI partition.
Command (? for help): p
Disk /dev/sdd: 7831552 sectors, 3.7 GiB
Logical sector size: 512 bytes
Disk identifier (GUID): 669247F2-37F7-4797-98F9-9CE56F7EA8C8
Partition table holds up to 128 entries
First usable sector is 34, last usable sector is 7831518
Partitions will be aligned on 2048-sector boundaries
Total free space is 4029 sectors (2.0 MiB)

Number Start (sector) End (sector) Size Code Name
1 421888 7829503 3.5 GiB 0700 Linux/Windows data
2 2048 421887 205.0 MiB EF00 EFI System
Then exit gdisk
Command (? for help): w

Final checks complete. About to write GPT data. THIS WILL OVERWRITE EXISTING
PARTITIONS!!

Do you want to proceed, possibly destroying your data? (Y/N): y
OK; writing new GUID partition table (GPT).
The operation has completed successfully.
Now use Gparted (or command-line mkfs.vfat -F 32 /dev/partition) to format the partition as FAT32.

3) Install GRUB

1 Find your EFI partition; mount it in /boot/efi. Add this to /etc/fstab¹

2 Install the grub-efi package

3 Switch your BIOS boot priority from UEFI and Legacy to UEFI only (or a similar option)

You should work out which version of grub-efi to install with
ioreg -l -p IODeviceTree | grep firmware-abi
If it says EFI32 install the grub-efi-ia32 package, if it says EFI64 install the grub-efi-amd64 package. You can install the packages with
sudo apt-get install <package name>
This will probably only work if you have booted in EFI mode.
If it does not work, you could try these step by step instructions (under "Install GRUB2 in (U)EFI systems") once grub-efi is installed.
Configuring (+ Dual Boot)
If RAOK's instructions work, you should be able to add the following line to /etc/grub.d/40_custom
menuentry "Windows 7" {
set root='(hd0,gpt1)'
chainloader /EFI/microsoft/bootmgfw.efi
}

It assumes that Windows is recognised as hd0 by GRUB. It may need to be changed to hd1 in order to work.
Now run
update-grub
to update the config file.

ENJOY
Powered BY wiki
# Tested by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Booting Linux from EPROM Full by UndercOde :

A method for running Linux on an embedded system without a hard disk is provided. The application we are going to introduce is the Operator Interface on a monitor. Its display system was developed by Boeing Flight Test. The flying environment requires a mechanism that prevents sudden power outages. To meet this requirement, we decided to implement the Operator Interface on a system without a hard disk.
twitter.com/UndercOdeTc

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) The basic problem from the EPROM include a SSD (solid state disk) boot, the root file system from EPROM copied to a RAM disk, Operator Interface software is loaded from a client and executes it.

2) The hardware we chose was a

> VME-based single board computer with 16M RAM, a PC104 SSD capable of holding 4M EPROM, and some other PC104 boards. Its BIOS supports the use of SSD. The system uses a programmable keyboard and a standard VGA display card.

3) Operating system

at boot time we need to consider two options:

* Use loadlin under DOS (can be added to the Autoexec.bat file) to boot Linux

* install LILO boot Linux directly

benefit second option is slightly shorter boot time. We use the first solution because we use a programmable keyboard-software that programs the keyboard in DOS.

4) we need kernel-hacking. The Ramdisk.c code has been changed to load from any block device, not just from a floppy disk. In addition, we write a new block device driver from the EPROM device.

5) The first idea of ​​implementing EPROM device drivers is to generate a disk image in EPROM. This will give us a RAM disk of the same size as EPROM, in this case the size is 3.5M (the DOS partition of the SSD occupies 1 / 2M). To get a large RAM disk, we use a compressed disk image. The idea of ​​compression is simple. The same sector is stored once. The advantage is that the blank area of ​​the disk image does not occupy EPROM space.

6) In order to run the Operator interface program automatically, we need a program instead of getty.

> This program (dboot.c) should run the login program, which can set stdin, stdou and stderr for the specified virtual terminal.

🦑 The boot process is as follows:

for the memory test power l

l loading the DOS executes the AUTOEXEC.BAT

l keyboard application running

l LOADLIN-- running Linux kernel performs reading from the DOS partition

l by the linux kernel takes over

l from the EPROM disk loaded in RAM

L root file system to convert disk RAM

L reads the init inittab, inittab attention to the implementation of dboot instead of getty

L start Operator interface

development

task of the next phase is to EPROM disk content organization together. We

use the following auxiliary disks for this task:

* / dev / hda1 – 80M linux system

* / Dev / hda2-6M EPROM

* / dev / hda3-20M DOS partition

* Booting with Lilo

It takes time to program the EPROM directly. Therefore, most of our development is performed using spoke disks.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Booting Linux from EPROM Full by UndercOde Part 2 :
instagram.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

The development of a disk image first determines requirements. Complete a minimal system first, and then add the items required by the operator interface to the system. Since I am not a Unix expert, the completion of this minimal system is a trial and error process. I kept experimenting until the system was running normally.

1) The next step is to copy the contents of the Linux partition to the 6M partition, and then perform the following operations under DOS:

loadlin zimage root = / dev / hda2 ro

2) If the system is stable, load the 6M partition into the RAM disk. This is similar to loading from EPROM. In order to avoid programming the EPROM and testing the system, do the following under DOS:

> loadlin zimage root = / dev / hda2 ramdisk = 6144 ro

3) Because the ramdisk.c was modified, the / dev / hda2 disk image was loaded into RAM and The root partition is converted to a RAM disk. We need to continuously modify the disk image until it works properly.

4) Programming of EPROMs

first use tar to pack a small disk image, and then unzip the file to a clean system.

5) To pack the disk image. We boot from Linux and then load the 6M partition. Do not tar the proc file system. We use the following command:

mount –t ext2 / dev / hda2 / mnt

cd / mnt

tar –cpf /tmp/eprom.tar *

6) To generate a disk image, I used another computer with 6M RAM disk and the following command line:

dd if = / dev / zero of = / dev / ram count = 12288

mke2fs / dev / ram 6144

mount --t ext2 / dev / ram / mnt

cd / mnt

tar --xpf ~ / eprom.tar

dd if = / dev / ram of = ~ / eprom.dsk count = 12288

7) This generates an eprom.dsk File, we use the med.c program to write the disk image (eprom.dsk) to EPROMs (that is, to program EPROMs).

Med ~ / eprom.dsk ~ / eprom.img

8) Then the EPROM programmer will engrav the EPROM image into EPROM. The SSD function of the

DOS boot SSD
9) SBC helps us build a disk image. DOS SSD disk requires at least the following files: DOS boot file, command.com, autoexec.bat, keyboard loader, loadlin and zImage.

🦑 Conclusion The

development effort on the secondary disk is large, we need to take steps to reduce the workload. EPROM disk works very well in our application.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 2020 Password Breach Hunting & Email OSINT tool, locally or using premium services. Supports chasing down related email
pinterest.com/UndercOdeOfficial

𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ :

>pip3 install h8mail

manual :

1) git clone https://github.com/khast3x/h8mail

2) cd h8mail

3) python3 setup.py

4) usage: h8mail [-h] [-t USER_TARGETS [USER_TARGETS ...]]
[-u USER_URLS [USER_URLS ...]] [-q USER_QUERY] [--loose]
[-c CONFIG_FILE [CONFIG_FILE ...]] [-o OUTPUT_FILE]
[-bc BC_PATH] [-sk] [-k CLI_APIKEYS [CLI_APIKEYS ...]]
[-lb LOCAL_BREACH_SRC [LOCAL_BREACH_SRC ...]]
[-gz LOCAL_GZIP_SRC [LOCAL_GZIP_SRC ...]] [-sf]
[-ch [CHASE_LIMIT]] [--power-chase] [--hide] [--debug]
[--gen-config]

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Home Of Malwares 2020
>theZoo is a project created to make the possibility of malware analysis
pinterest.com/UndercOdeOfficial

🦑 𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ :

1) Clone the repository with git clone https://www.github.com/ytisf/theZoo. Go to the directory and run pip install --user -r requirements.txt. This should install all latest requirements needed. In total can be "scripted" like so:

git clone https://www.github.com/ytisf/theZoo

2) cd theZoo

3) pip install --user -r requirements.txt

4) Start by running the console:

python theZoo.py

5) You can call the program with the same command line arguments as before. The current default state of theZoo runtime is the CLI. The following files and directories are responsible for the application's behaviour.

/conf - The conf folder holds files relevant to the particular running of the program but are not part of the application. You can find the EULA file in the conf and more.

/imports - Contains .py import files used by the rest of the application

/malwares/Binaries - The actual malwares samples - be careful! These are very live.

/malware/Source - Malware source code.

> Malware under the folder Original is supposed to be (NO PROMISES!) the original source of the malware that leaked.

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Virus-malwares types
twitter.com/UndercOdetc

1) File viruses. Such viruses attach their own code to executable files (EXE, COM, BAT ...). A typical representative is " Black Friday ".

2) Guided virus . This type of virus inserts virus instructions into the boot sector , master boot record, or partition table of a hard disk . Typical representatives are cannabis virus , disk killer, etc.

3) Mixed viruses . Is a hybrid of the first two viruses, and quickly spread online through executable files .

4) Macro virus. In August 1995, Windows 95 was released, and it quickly became the mainstream operating system . Various viruses that had been under the DOS system for a while, gradually lost their vitality because they did not adapt to the new system. One new type of virus that has replaced it is one that also attacks executable files , such as the notorious CIH virus, and the other is macro viruses, which mainly infect macros defined by word processing software (such as Word) that is widely used daily . And thus spread rapidly. Melissa is the "outstanding" representative in this regard.

5) Network viruses . Network viruses spread through websites and emails . They are hidden in Java and ActiveX programs. If a user downloads a program with the virus, they immediately begin to disrupt activities. Due to the rapid spread of the Internet, this type of virus is even more harmful. Recently, activities have been rampant, and the destructive "love" virus belongs to this category.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Judge poisoning


1) security tools do not run

2) Online anti-virus web pages and files cannot be opened

3) Crashes with insufficient memory

4) Task manager, startup items are abnormal

5) Hard disk light, network card light flashing wildly

6) QQ, MSN, abnormal online game login

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Malwares controle :
>Because viruses cause serious damage to microcomputer resources, effective measures must be taken from both management and technical aspects to prevent virus intrusion.
T.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

In daily work, the main measures to prevent virus infection are:

1) First, and most importantly, choose and install an anti-virus software . As new viruses continue to appear (on average 13 a day), in today's highly shared and highly networked world, a computer must With anti-virus software installed, it is difficult to avoid virus attacks. Regularly check the microcomputers used, including the floppy disks and hard disks used, in order to detect viruses in time and prevent them before they occur.

2) Reduce the user's write power in the server. Keeping the power written in the server in the hands of as few people as possible can avoid unnecessary trouble and loss.

3) Prevent floppy disks and pirated optical disks of unknown origin. You should be extremely vigilant against floppy disks and pirated discs of unknown origin. Think carefully before you plug it into the drive. If you have to do so, first check the usb disk with anti-virus software and scan every file on the disk (not only Executable files only ), including compressed files . Similarly, when you give someone a dvd disk , write-protect the dvd disk in time so that viruses in other people's machines will not be transmitted to your dvd disk.

4) Scan the email before reading it . Some mail receiving software will automatically open the attachment after the user opens an email. Please turn off this function.

5) Be careful when downloading. Download files are one source of viruses.

Save the file in RTF or ASCII format. If you want to share some data with others on the network server , but do not want to know more about virus, then you better save the file as RTF or ASCII format, because these two file formats can avoid macro virus attacks .

6) Set up hard disk partitions reasonably and reserve remedial measures. Generally, the C drive should use FAT 32 format, and the capacity should be greater than 20 G. At this time, if the C drive is infected by a virus, more than 98% of the data can be recovered with the KV300, while using the FAT16 format, the C drive capacity is less than 20 G, and only 5% of the data can be recovered.
Use Ghost (clone) software and back up the hard disk to quickly restore the system.
or system windows settings

7) Upgrade anti-virus software in a timely manner and improve defense capabilities.

8) Important data and important files must be backed up- offline or cloud

9) check firewalls

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 CVSS Scores & Vulnerability Types windows server 2019 :
> The Common Vulnerability Scoring System (CVSS) is a free and open industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat.

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

CVSS Score 2.1

Confidentiality Impact Partial (There is considerable informational disclosure.)

Integrity Impact None (There is no impact to the integrity of the system)


Availability Impact None (There is no impact to the availability of the system.)

Access Complexity Low (Specialized access conditions or extenuating circumstances

do not exist. Very little knowledge or skill is required to exploit. )

Authentication Not required (Authentication is not required to exploit the vulnerability.)

Gained Access None

Vulnerability Type(s) Bypass a restriction or similar
CWE ID 20

🦑 Effects :

1) The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity.

2) The numerical score can then be translated into a qualitative representation (such as low, medium, high, and critical) to help organizations properly assess and prioritize their vulnerability management processes.

3) CVSS is a published standard used by organizations worldwide, and the SIG's mission is to continue to improve it.


@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Wordpress bruteforce :lastest tool
t.me/UndercOdeTesting

1) Brute Force via API, not login form bypassing some forms of protection

2) Can automatically upload an interactive shell

3) Can be used to spawn a full featured reverse shell

4) Dumps WordPress password hashes

5) Can backdoor authentication function for plaintext password collection

6) Inject BeEF hook into all pages

7) Pivot to meterpreter if needed

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) sudo apt install python3-pip python3-libtorrent python3-coloredlogs

2) git clone https://github.com/BlackArch/wordlistctl

3) cd wordlistctl

4) Open the requirements.txt file

> gedit requirements.txt
And remove the line from there

libtorrent

5) Then continue:

> sudo pip3 install -r requirements.txt

> python3 ./wordlistctl.py

🦑 In BlackArch, this program is in the standard repository – install directly

> sudo pacman -S wordlistctl

wordlistctl -S rus

--==[ wordlistctl by blackarch.org ]==--

[*] searching for rus in urls.json

[+] wordlist russian_users found: id=842
[+] wordlist rus_surnames_date099_fin found: id=1022
[+] wordlist rus_surnames_first_letter found: id=1046
[+] wordlist rus_surnames_fin found: id=1094
[+] wordlist rus_surnames_date19002020_fin found: id=1104
[+] wordlist rus_names_date099_fin found: id=1163
[+] wordlist rus_names_translit found: id=1185
[+] wordlist rus_cities_translit found: id=1206
[+] wordlist rus_names_date19002020_fin found: id=1209
[+] wordlist rus_eng found: id=1245
[+] wordlist rus_names_fin found: id=1278
[+] wordlist rus_mat found: id=1316
[+] wordlist rus_latin found: id=1323
[+] wordlist rus_names_kb_chage found: id=1324

6) mkdir wordlists

> And download to this folder (-d wordlists) a dictionary that has the identifier 1714 (-f 1714), unpack it and delete the original archive (-Xr):

>wordlistctl -f 1714 -d wordlists -Xr

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Tried on random ruso site to test it

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Apache-Team development environment setup: dhcp + apache + ftp + cvs + samba :
Let s introduce those therms :
instagram.com/UndercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> Many of these services are based on the fact that most development clients are still set by Windows. Each service provides a simple basic configuration demonstration. Including:

1) IP management (DHCP): management and analysis of server IP address (combined with SAMBA WINS service), development of client IP management; WEB service (APACHE): document sharing, CVS web interface browsing, forum tools, etc .;

2) FTP service (FTP): for file download / share;

version control (CVS): version control of program source code and documentation;

> File sharing (SAMBA): NETBIOS-based file sharing for easy access by Windows clients (such as the installation of some tools); Database server (MYSQL): a background database service for some applications; Backup mechanism (wget + rsync): Back up

3) many settings It is the default. In the bash environment and in the tcsh environment, some settings are not constant.

🦑 Server plan as follows:


Primary Server (Main) backup server (Backup)
__________________ _______________
| APACHE the WEB SERVER | | File Backup |
| SAMBA SHARE | | |
| the DHCP SERVER | | the DHCP Backup |
| CVS SERVER | | MySQL Server |
| GNATS SERVER | | |
| PHORUM SERVER | | |
| Database backup | | |
------------------ ---------------

4) Hardware Preparation : At least 2 servers

In theory, any system crash is only a matter of time, and no one can guarantee that the developer will not make a mistake

. The only solutions are: backup, backup, backup ... The

operating system prepares

5) FreeBSD or GNU / Liunx. When the system is installed, the configuration of this article Take RedHat as an example. Note: When installing, select the "Development Tools" category. Many of the following tools need to be compiled with GCC. Some application scripts use PERL. The two master servers use IP addresses 192.168.0.200 and 192.168.0.201, respectively.

Written by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Let s configure our apache server config :

<> dhcp + apache + ftp + cvs + samba :
twitter.com/UndercOdeTC/

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Services installed on both machines: SSH FTP DHCP service

SSH: Basic login service. For internal development, it is generally acceptable to use the default, but it is recommended to

2) change : PermitRootLogin yes in / etc / ssh / sshd_config PermitRootLogin no

3) FTP: If it is FREEBSD, it is recommended to use PROFTPD instead: http://www.proftpd.org/Install (if service down try later )

tar zxf proftpd-version.tar.gz
cd proftpd-version /
./configure
make
make install

4) Default configuration / usr /local/etc/proftpd.conf


> ServerName "ProFTPD"
ServerType standalone
DefaultServer on
AllowOverwrite on
Port 21
Umask 022 #Do
not reverse resolve the domain name of the login machine
UseReverseDNS off
MaxInstances 30
User nobody
Group nogroup

5) DHCP service: In order to more easily manage the developer's IP address and server IP address in the same LAN, the most It is good to arrange the server within a certain range of static IP (such as above 192.168.0.200), and provide a dynamic IP for the client of the development machine within the range of (192.168.0.10-200). Assume that our main server (192.168.0.200) and auxiliary development server (192.168.0.201) use static IP, and provide dynamic IP allocation services for 192.168.0.10-200 in the network segment. The DHCP service is installed on both servers.


6) One is the master DHCP service, which is used to provide 70% of the IP to the subnet IP pool, and the other is used for backup, which has 30% of the IP pool. In the example: 200 is responsible for 10-100 and 201 is responsible for 110-150. If dhcpd is not installed by default, find the DHCP software package from the installation disk or download the source file from http://www.isc.org and compile it (the installation location and configuration file may be different).

7) Default configuration: on the master server

ddns-update-style none;
default-lease-time 120000;
max-lease-time 920000;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option netbios-name-servers 192.168.0.200;
option routers 192.168 .0.1;
Option-name-Domain Servers 202.106.196.115,202.96.199.133;
; "the example.com" Option name-Domain

Subnet 192.168.0.0 Netmask 255.255.255.0 {
Range 192.168.0.10 192.168.0.100;
}

8) Note:

The default per IP leases for 2 days: default-lease-time 120000;

longest lease: max-lease-time 920000;

default subnet mask: option subnet-mask 255.255.255.0;

default broadcast address: option broadcast-address 192.168.0.255;

9) Enable the samba service on 192.168.0.200 to enable the WINS service: for internal domain name resolution: option netbios-name-servers 192.168.0.200;

Written by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Default Configuration should be in server
pinterest.com/UndercOdeOfficial

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) default gateway option routers 192.168.0.1;

2) default domain name server option domain-name-servers 202.106.196.115 , 202.96.199.133; The

3) default domain name option domain-name "example.com"; #A

4) default subnet setting:
subnet 192.168.0.0 netmask 255.255.255.0 {
# Dynamically allocate 0.10-100 IP
range 192.168. For the subnet 0.10 192.168.0.100;
} The

5) only difference on the secondary DHCP server is that the subnet is dynamically assigned an IP of 0.110-150, and the IP pools of the primary DHCP and the attached DHCP server cannot overlap each other


subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168 .0.110 192.168.0.150;
}

🦑 Application installation on the main server:

SAMBA service: used for file sharing and internal WINS analysis

Here is just a simple configuration for read-only sharing,


[global]
#Other people will see through "My Network Places" In the WORKGROUP group


1) Linux machine, the comment is: My Samba Server
workgroup = WORKGROUP
netbios name = linux
server string = My Samba Server #log

2) settings
log file = /var/log/samba/%m.log
max log size = 50 #Security

3) settings
security = share

#Use SAMBA's WINS service support, and use / etc / hosts for internal domain name resolution
wins support = yes
name resolve order = hosts lmhosts wins bcast
dns proxy = yes

[public] #A
shared setting
comment = Public Stuff
path = / home / share
public = yes
guest ok = yes
read only = yes
writable = no
printable = no

4) In order to let everyone use dev.example.com to access the main server (192.168.0.200) internally, I use DHCP to set the main server (192.168.0.200) as the internal WINS server, and in the 200 SAMBA service, WINS support is enabled, and WINS is set to use DNS for NETBIOS name resolution. In this way, if the DNS reads the settings in the / etc / hosts file, the hosts file can be used as the WINS domain name configuration file, which is set in / etc / hosts:


192.168.0.200 dev.example.com bbs.example. After com dev bbs
192.168.0.201 bak.example.com backup

, the intranet client that obtained the IP through DHCP can directly access the development server through: dev.example.com.

5) used abbreviations for all machine name prefixes: dev, bbs bak, etc. The reason is that the NMBD of samba is actually the resolution of the NETBIOS name, and the name length is limited to 16 characters (actually 15). Therefore, although 192.168.0.202 username.example.com is a legal DNS name resolution, because username.example.com is longer than 16 characters, it cannot be found through SAMBA WINS service resolution. dev.chedong.com is equivalent to a machine like dev.chedong.com. When I used SAMBA's WINS analysis, the client always couldn't ping test.chedong.com. This problem bothered me for a while.


Written by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 WEB service: APACHE-lastest config-usage... :
twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) It is mainly used for file WEB sharing and front-end browsing of some applications (CVSWEB GNATSWEB PHPMYADMIN, etc.). Apache, 1.3 is still used here, because many applications, such as PHP running on 2.0, are not complete.

Installation: http://httpd.apache.org Download the latest version:

2) Compile options: This allows all modules to be dynamically loaded through the configuration file, which is convenient for adding and removing other application modules later: ./configure --prefix = / home / apache --enable-shared = max --enable-module = most More installation instructions can refer to: APACHE installation notes

🦑 Document sharing tips:

1) For the sharing of documents, the autoindex module is very useful, let APACHE automatically index the directory by default Sort by file / directory name, and more than 40 characters of the file name are truncated. In order to display the complete file name, and like the Explorer, the directory is ranked first, and the file is ranked behind:

2)in the module settings :


#Add NameWidth option, and the file name length is * (Automatically adapted #should
be the longest file name in the current directory)
#Add FoldersFirst option, let the directory be listed in front (similar to Explorer)
#Added ScanHTMLTitles for HTML files TITLE do
the description of file #, and set the description length to * (the longest adaptive)
IndexOptions FancyIndexing + NameWidth = *
FoldersFirst S canHTMLTitles + DescriptionWidth = *

3) If it is CGI development, how to enable users to publish CGI programs in their own directory, such as: http://192.168.0.200/~chedong/cgi-bin/my_cgi: In the module settings, add a regular expression: ScriptAliasMatch ~ ([az] +) / cgi-bin /(.*) / home / $ 1 / cgi-bin / $ 2

means match ~ user_name / cgi-bin / cgi_name is automatically mapped to / home / user_name / cgi-bin / cgi- script name

version control: CVS

CVS default on almost all servers installed, as long as you can initialize the following steps:

in / etc / profile Lane:

master CVS repository resides settings:


Export CVSROOT = / Home / cvsroot

4) in other Settings in the development server:


export CVSROOT =: ext: $USER@192.168.0.200: / home / cvsroot
export CVS_RSH = ssh

and then initialize cvs init on the main server:

5) For the settings of CVSWEB, repeat the content of CVSWEB in the following CVS common command manual :

Download of CVSWEB: CVSWEB has evolved from the original version to a lot of richer functional interface versions. This is personally convenient to install and set up: http://www.spaghetti-code.de/software/linux/cvsweb/

6) Download Unpacking:


tar zxf cvsw eb.tgz

7) You can also customize the description information in the header of the conf. You can modify $ long_intro to the text you need. The first thing that CVS can put into the library is the installation documentation of the above system. For more extended applications of CVS, please refer to the CVSTRAC section of the CVS common command manual. Resource sharing between multiple services Generally can be resolved through links, for example: I want anonymous ftp shared content (such as in the / var / ftp / pub directory) can be published by WEB, ln -s / var / ftp / pub / home / apache / htdocs / pub

🦑
　　I hope that the documents in / usr / share / doc can be browsed through the WEB:


　　ln -s / usr / share / doc / home / apache / htdocs / doc

　　I hope that the content published by the WEB can also be accessed through the Windows network neighbors: suppose / home / share is the read-only share path published by samba.


　　ln -s / home / apache / htdocs / home / share

　　service starts automatically:

　　services already installed on the system can generally be configured to automatically start through the setup service configuration. Otherwise, it is located at / Add some startup scripts in etc / rc.local.


Written by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 example for writing the following script in the ROOT CRON of the main server
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

#time sync
0 5 * * 1 (/ usr / bin / rdate -s YOUR_DATE_TIME_SERVER)

#backup gnats
6 3 * * * (cd / home; tar cf
/home/backup/gnats.date + \% w.tar gnats) #backup

cvsroot
5 3 * * * (cd / home; tar cf
/home/backup/cvsroot.date + \% w .tar cvsroot)

#backup apache
8 3 * * * (cd / home; tar cf
/home/backup/apache.date + \% w.tar apache)

#gzip all backup
50 3 * * * (gzip -f / home / backup / *. tar)

#webalizer demo
3 5 * * * (/ usr / local / bin / webalizer -c /home/apache/conf/webalizer.conf
/ home / apache / logs / `date -d yesterday +
% w` / access_log)

#remove last week log
3 4 * * * (find / home / apache / logs / -name
access_log -mtime +6 -exec rm -f {};) In

🦑 this way, there will be weekly rotation training in the / home / backup directory 7 backups. Then by setting CRON on the secondary server, use the -m option of wget to mirror the / home / backup directory on the primary server or use rsync to synchronize. The next two are about the log statistics of the server using webalzier, and the logs of APACHE are rotated through cronolog. Please refer to the specific settings

Written by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁