Saturday/ Sunday Batch
10,000 Rs Only
Contact :- 9892604386
Hanumant Fadarte Clear CCA Exam | Zaheed Baig Clears CCA Exam | Jasmin Nakar Clears CCA Exam|Tushar Shah Clears VCP Exam|Vishal Bhat Clears VCP Exam | Satntosh Yadav Clears VCP Exam

Citrix XenApp

Your Journey towards cloud.

Virtualization Picking up Speed

Are your Skills keeping up? Skill up. Be Relevant

Are you a System Admin

Learn Citrix XenApp, Its future.

Citrix XenApp

Industry-leading virtualization platform for building cloud.

Cloud Computing in Demand

Learn how to build cloud on Citrix XenApp.

Saturday, 21 July 2012

Squid Password Authentication Using PAM

11:01  , ,  

We’ll be using the pam_auth module. This will allow anyone who has a shell account to also be able to use the Squid server. 

Search for the auth_param section in the config and add these lines:
auth_param basic program /usr/lib/squid/pam_auth
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

Next search for this line and uncomment it:
acl password proxy_auth REQUIRED

Now create a pam module called /etc/pam.d/squid that contains:
auth required /lib/security/pam_unix.so
account required /lib/security/pam_unix.so

Restart the squid and you are done.

Read More

Friday, 20 July 2012

Configure Squid to use other Proxy (cache)

11:01  , ,  

If you want Squid to be part of a hierarchy of proxies or want Squid to fetch content from another proxy
cache_peer proxy.isp.com parent 8080 0 no-query no-digest ever_direct allow all

For Multiple parent
cache_peer proxy.isp1.com parent 8080 0 no-query no-digest default
cache_peer proxy.isp2.com parent 8080 0 no-query no-digest


Multiple parents with weight:
cache_peer proxy.isp1.com parent 8080 0 no-query no-digest weight=1 
cache_peer proxy.isp2.com parent 8080 0 no-query no-digest weight=2


Multiple parents with round-robin:
cache_peer proxy.isp1.com parent 8080 round-robin no-query
cache_peer proxy.isp2.com parent 8080 round-robin no-query
cache_peer proxy.isp3.com parent 8080 round-robin no-query

In above examples proxy.isp1.com, proxy.isp2.com and proxy.isp2.com are other cache servers

Read More

Thursday, 19 July 2012

HowTo do Transparent proxy with Squid

11:01  , ,  

Modify or add following to squid configuration file (/etc/squid/squid.conf):

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
acl lan src 192.168.1.1 192.168.2.0/24
http_access allow localhost
http_access allow lan

Added following rules to forward all http requests (coming to port 80) to the Squid server port 3128 :

[eth0 connected to internet and eth1 connected to local lan]

iptables -t nat -A PREROUTING -i eth1 -p tcp –-dport 80 -j DNAT –to 192.168.1.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp –-dport 80 -j REDIRECT –-to-port 3128

Read More

Wednesday, 18 July 2012

Forward Squid traffic to secure tunnel (SSH)

11:01  , ,  

When Squid is installed and running, it uses port 3128 by default. 
You should test it manually by setting your HTTP proxy to the server that runs Squid. 
For instance, in Firefox to go Tools -> Options -> Advanced -> Network -> Settings and enter the IP address or host of the Squid proxy (e.g. 192.168.0.100) and 3128 for the port. 
Try to load any web page. If you see an access denied error, check out the http_access configuration in the squid configuration file.

Once Squid is all set and ready to go, you need to forward your connection to it over SSH. 
 
To set the tunnel up on your Windows 
download Plink, a command-line version of Putty SSH client, 
and run this command:

plink.exe -batch -N -l UserName -pw Password -L 3128:localhost:3128 SSH_Server

On Unix-based systems, simply run this command:

ssh -L 3128:localhost:3128 SSH_Server -f -N

Finally, tell your browser to use the SSH tunnel as a proxy. Basically you need to change the host to localhost and the port number to 3128 (See below).

Read More

Tuesday, 17 July 2012

Setting up squid proxy server on Ubuntu

11:01  , ,  

Install Squid
Open up the terminal and type the following command to install squid:
sudo apt-get install squid

Squid Configuration
Open the squid.conf file for editing using command:
gksudo gedit /etc/squid/squid.conf

Find the http_port tag, By default it reads
# http_port 3128

This is the default port that Squid will listen on for requests. If you want to change it, uncomment the line and set the correct port. If you want Squid to listen only on one specific NIC, you can also change the IP address – for example : 192.168.1.5:3128

Next, find the http_access section Uncomment these 2 lines:
acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks

NOTE: You'll need to change 192.168.1.0/24 to match your network. Unless you have a second subnet you can delete 192.168.2.0/24

With above change, the basic squid configuration is done, you can now start/stop the squid server using command: sudo /etc/init.d/squid start|restart|stop

Configuring squid Clients
To configure any application including a web browser to use squid, modify the proxy setting with the IP address of the squid server and the port number that you have specified in the squid configuration file 
(default 3128).

Below example showing the Firefox configuration for using squid proxy server running on ip address 192.168.1.2 and port 3128.


Read More

Sunday, 15 July 2012

How to mount samba share on Linux client

06:04  , ,  

Samba can be used to allow connectivity between Linux and Windows. Samba can be used to share printers, share directories, connect to an windows domain, and many other useful features.

In order to mount your samba share to your Linux client open up the /etc/fstab file and insert the following line into this file

//172.19.12.137/Music /mnt/samba cifs credentials=/etc/accessfile 0 0

Now create a new file: /etc/accessfile with following contents
username=Suhail
password=some_password
Save the above file and restart your Linux client (or type command mount -a),
after restart you should now able to access the share content from the samba server
under /mnt/samba directory.

This is preferred over having passwords in plaintext in a shared file, such as /etc/fstab. Be sure to protect any credentials file properly and also note that there should not be any extra space in this file.

It there are any space in this credentials file you might get the following error on trying to mount the file system
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)

Read More

Saturday, 14 July 2012

How to Convert smbpasswd to tdbsam on Samba

06:01  , ,  

The latest release of Samba offers many new features including new password database backends not previously available. Samba version 3.0.0 fully supports all databases used in previous versions of Samba. However, although supported, many backends may not be suitable for production use.

The tdbsam backend provides an ideal database back-end for local servers, servers that do not need built-in database replication, and servers that do not require the scalability or complexity of LDAP. The tdbsam back-end includes all of the smbpasswd database information as well as the previously-excluded SAM information. The inclusion of the extended SAM data allows Samba to implement the same account and system access controls as seen with Windows NT/2000/2003-based systems.

The tdbsam backend is recommended for 250 users at most. Larger organizations should require Active Directory or LDAP integration due to scalability and possible network infrastructure concerns.

Convert smbpasswd to tdbsam: enter as root on the command line:
      pdbedit -i smbpasswd:/etc/samba/smbpasswd -e tdbsam:/etc/samba/passdb.tdb
      And ensure the global section of smb.conf has such an entry:
      passdb backend = tdbsam

Read More