Enabling command line arguments in NRPE 2.15

In their infinate wisdom when NRPE was updated we again lost command line arguments. If you are like me and run Nagios commands with arguments from the main server you will need to re-enable this on new servers you install for it to work properly.

# apt-get update

# apt-get install build-essential devscripts debhelper libssl-dev dpatch libwrap0-dev autotools-dev

# ln -s /usr/lib/x86_64-linux-gnu/libssl.so /usr/lib/libssl.so

# cd /root

# apt-get source nagios-nrpe-server

# cd nagios-nrpe-2.15/

# vi debian/rules

Add this line to the bottom of the list remeber to add the \ to the last option when you add this as the last option



# ./configure

# make all

# dpkg-buildpackage

# cd..

# dpkg -i nagios-nrpe-server_2.15*.deb

Posted in Linux How-To, News and Security | Tagged , , | Leave a comment

MySQL Change root Password

How do I change MySQL root password under Linux, FreeBSD, OpenBSD and UNIX-like like operating system over the ssh session?

Setting up MySQL password is one of the essential tasks. By default, root user is MySQL admin account user. Please note that the Linux or UNIX root account for your operating system and MySQL root user accounts are different. They are separate, and nothing to do with each other. Sometime you may remove Mysql root account and setup admin user as super user for security purpose.

Method #1: Use mysqladmin command to change root password

If you have never set a root password for MySQL server, the server does not require a password at all for connecting as root. To setup root password for first time, use mysqladmin command at shell prompt as follows:
$ mysqladmin -u root password NEWPASSWORD
However, if you want to change (or update) a root password, then you need to use the following command:

$ mysqladmin -u root -p'oldpassword' password newpass

For example, If the old password is abc, you can set the new password to 123456, enter:

$ mysqladmin -u root -p'abc' password '123456'

Note:123456 password is used for demonstration purpose only. You must select a strong password. It is an important protection to help you have safer MySQL database transactions.

How do I verify that the new password is working or not?

Use the following mysql command:

mysql -u root -p'123456' db-name-here


mysql -u root -p'123456' -e 'show databases;'

A note about changing MySQL password for other users

To change a normal user password you need to type the following command. In this example, change the password for nixcraft mysql user:
$ mysqladmin -u adminuser -p'old-password' password new-password

Method #2: Changing MySQL root user password using the mysql command

This is an another method. MySQL stores username and passwords in user table inside MySQL database. You can directly update or change the password using the following method for user called adminuser:

Login to mysql server, type the following command at shell prompt:

$ mysql -u root -p

Use mysql database (type command at mysql> prompt):

mysql> use mysql;

Change password for user adminuser, enter:

mysql> update user set password=PASSWORD("NEWPASSWORD") where User='adminuser';

Finally, reload the privileges:

mysql> flush privileges;
mysql> quit
Posted in Linux How-To | Leave a comment

Tcpdump usage examples

In most cases you will need root permission to be able to capture packets on an interface. Using tcpdump (with root) to capture the packets and saving them to a file to analyze with Wireshark (using a regular account) is recommended over using Wireshark with a root account to capture packets on an “untrusted” interface.

See the list of interfaces on which tcpdump can listen:

tcpdump -D

Listen on interface eth0:

tcpdump -i eth0

Listen on any available interface (cannot be done in promiscuous mode. Requires Linux kernel 2.2 or greater):

tcpdump -i any

Be verbose while capturing packets:

tcpdump -v

Be more verbose while capturing packets:

tcpdump -vv

Be very verbose while capturing packets:

tcpdump -vvv

Be verbose and print the data of each packet in both hex and ASCII, excluding the link level header:

tcpdump -v -X

Be verbose and print the data of each packet in both hex and ASCII, also including the link level header:

tcpdump -v -XX

Be less verbose (than the default) while capturing packets:

tcpdump -q

Limit the capture to 100 packets:

tcpdump -c 100

Record the packet capture to a file called capture.cap:

tcpdump -w capture.cap

Record the packet capture to a file called capture.cap but display on-screen how many packets have been captured in real-time:

tcpdump -v -w capture.cap

Display the packets of a file called capture.cap:

tcpdump -r capture.cap

Display the packets using maximum detail of a file called capture.cap:

tcpdump -vvv -r capture.cap

Display IP addresses and port numbers instead of domain and service names when capturing packets (note: on some systems you need to specify -nn to display port numbers):

tcpdump -n

Capture any packets where the destination host is Display IP addresses and port numbers:

tcpdump -n dst host

Capture any packets where the source host is Display IP addresses and port numbers:

tcpdump -n src host

Capture any packets where the source or destination host is Display IP addresses and port numbers:

tcpdump -n host

Capture any packets where the destination network is Display IP addresses and port numbers:

tcpdump -n dst net

Capture any packets where the source network is Display IP addresses and port numbers:

tcpdump -n src net

Capture any packets where the source or destination network is Display IP addresses and port numbers:

tcpdump -n net

Capture any packets where the destination port is 23. Display IP addresses and port numbers:

tcpdump -n dst port 23

Capture any packets where the destination port is is between 1 and 1023 inclusive. Display IP addresses and port numbers:

tcpdump -n dst portrange 1-1023

Capture only TCP packets where the destination port is is between 1 and 1023 inclusive. Display IP addresses and port numbers:

tcpdump -n tcp dst portrange 1-1023

Capture only UDP packets where the destination port is is between 1 and 1023 inclusive. Display IP addresses and port numbers:

tcpdump -n udp dst portrange 1-1023

Capture any packets with destination IP and destination port 23. Display IP addresses and port numbers:

tcpdump -n "dst host and dst port 23"

Capture any packets with destination IP and destination port 80 or 443. Display IP addresses and port numbers:

tcpdump -n "dst host and (dst port 80 or dst port 443)"

Capture any ICMP packets:

tcpdump -v icmp

Capture any ARP packets:

tcpdump -v arp

Capture either ICMP or ARP packets:

tcpdump -v "icmp or arp"

Capture any packets that are broadcast or multicast:

tcpdump -n "broadcast or multicast"

Capture 500 bytes of data for each packet rather than the default of 68 bytes:

tcpdump -s 500

Capture all bytes of data within the packet:

tcpdump -s 0
Posted in Linux How-To, Networking, News and Security, Windows How-To | 1 Comment

FreeBSD File System Quotas

17.11. Disk Quotas

Disk quotas can be used to limit the amount of disk space or the number of files a user or members of a group may allocate on a per-file system basis. This prevents one user or group of users from consuming all of the available disk space.

This section describes how to configure disk quotas for the UFS file system. To configure quotas on the ZFS file system

17.11.1. Enabling Disk Quotas

To determine if the FreeBSD kernel provides support for disk quotas:

% sysctl kern.features.ufs_quota
kern.features.ufs_quota: 1

In this example, the 1 indicates quota support. If the value is instead 0, add the following line to a custom kernel configuration file and rebuild the kernel

options QUOTA

Next, enable disk quotas in /etc/rc.conf:


Normally on bootup, the quota integrity of each file system is checked by quotacheck(8). This program insures that the data in the quota database properly reflects the data on the file system. This is a time consuming process that will significantly affect the time the system takes to boot. To skip this step, add this variable to /etc/rc.conf:


Finally, edit /etc/fstab to enable disk quotas on a per-file system basis. To enable per-user quotas on a file system, add userquota to the options field in the /etc/fstab entry for the file system to enable quotas on. For example:

/dev/da1s2g   /home    ufs rw,userquota 1 2

To enable group quotas, use groupquota instead. To enable both user and group quotas, separate the options with a comma:

/dev/da1s2g    /home    ufs rw,userquota,groupquota 1 2

By default, quota files are stored in the root directory of the file system as quota.user and quota.group. Refer to fstab(5) for more information. Specifying an alternate location for the quota files is not recommended.

Once the configuration is complete, reboot the system and /etc/rc will automatically run the appropriate commands to create the initial quota files for all of the quotas enabled in /etc/fstab.

In the normal course of operations, there should be no need to manually run quotacheck(8), quotaon(8), or quotaoff(8). However, one should read these manual pages to be familiar with their operation.

17.11.2. Setting Quota Limits

To verify that quotas are enabled, run:

# quota -v

There should be a one line summary of disk usage and current quota limits for each file system that quotas are enabled on.

The system is now ready to be assigned quota limits with edquota.

Several options are available to enforce limits on the amount of disk space a user or group may allocate, and how many files they may create. Allocations can be limited based on disk space (block quotas), number of files (inode quotas), or a combination of both. Each limit is further broken down into two categories: hard and soft limits.

A hard limit may not be exceeded. Once a user reaches a hard limit, no further allocations can be made on that file system by that user. For example, if the user has a hard limit of 500 kbytes on a file system and is currently using 490 kbytes, the user can only allocate an additional 10 kbytes. Attempting to allocate an additional 11 kbytes will fail.

Soft limits can be exceeded for a limited amount of time, known as the grace period, which is one week by default. If a user stays over their limit longer than the grace period, the soft limit turns into a hard limit and no further allocations are allowed. When the user drops back below the soft limit, the grace period is reset.

In the following example, the quota for the test account is being edited. When edquota is invoked, the editor specified by EDITOR is opened in order to edit the quota limits. The default editor is set to vi.

# edquota -u test
Quotas for user test:
/usr: kbytes in use: 65, limits (soft = 50, hard = 75)
        inodes in use: 7, limits (soft = 50, hard = 60)
/usr/var: kbytes in use: 0, limits (soft = 50, hard = 75)
        inodes in use: 0, limits (soft = 50, hard = 60)

There are normally two lines for each file system that has quotas enabled. One line represents the block limits and the other represents the inode limits. Change the value to modify the quota limit. For example, to raise the block limit on /usr to a soft limit of 500 and a hard limit of 600, change the values in that line as follows:

/usr: kbytes in use: 65, limits (soft = 500, hard = 600)

The new quota limits take affect upon exiting the editor.

Sometimes it is desirable to set quota limits on a range of users. This can be done by first assigning the desired quota limit to a user. Then, use -p to duplicate that quota to a specified range of user IDs (UIDs). The following command will duplicate those quota limits for UIDs 10,000 through 19,999:

# edquota -p test 10000-19999

For more information, refer to edquota(8).

17.11.3. Checking Quota Limits and Disk Usage

To check individual user or group quotas and disk usage, use quota(1). A user may only examine their own quota and the quota of a group they are a member of. Only the superuser may view all user and group quotas. To get a summary of all quotas and disk usage for file systems with quotas enabled, use repquota(8).

Normally, file systems that the user is not using any disk space on will not show in the output of quota, even if the user has a quota limit assigned for that file system. Use -v to display those file systems. The following is sample output from quota -v for a user that has quota limits on two file systems.

Disk quotas for user test (uid 1002):
     Filesystem  usage    quota   limit   grace   files   quota   limit   grace
           /usr      65*     50      75   5days       7      50      60
       /usr/var       0      50      75               0      50      60

In this example, the user is currently 15 kbytes over the soft limit of 50 kbytes on /usr and has 5 days of grace period left. The asterisk * indicates that the user is currently over the quota limit.

17.11.4. Quotas over NFS

Quotas are enforced by the quota subsystem on the NFS server. The rpc.rquotad(8) daemon makes quota information available to quota on NFS clients, allowing users on those machines to see their quota statistics.

On the NFS server, enable rpc.rquotad by removing the # from this line in /etc/inetd.conf:

rquotad/1      dgram rpc/udp wait root /usr/libexec/rpc.rquotad rpc.rquotad

Then, restart inetd:

# service inetd restart
Posted in Linux How-To | Leave a comment

What is Cortana?

Cortana is your clever new personal assistant.

Cortana will help you find things on your PC, manage your calendar, track packages, find files, chat with you, and tell jokes. The more you use Cortana, the more personalized your experience will be.

To get started, type a question in the search box on the taskbar. Or select the microphone icon and talk to Cortana. (Typing works for all types of PCs, but you need a mic to talk.)

Here are some things you can say to Cortana:

  • How old are you?

  • Tell me a joke.

  • Show me the latest NBA scores.

  • How many calories in a boiled egg?

  • Put swimming on my calendar for tomorrow.

  • Change my 3 PM event to 4.

  • What’s happening this weekend?

Try this: Set a reminder

One of the things Cortana can do for you is to give you reminders. For example, type or say, “Remind me to call Alex at 2 PM.” Make the meeting recurring if you want to.

The reminder will appear at 2 PM, along with any info you’ve added to it.

Extra bonus—if you have a Windows phone and are signed in with the same Microsoft account, any reminders you set on your PC will be automatically synced to your phone.

Hey Cortana!

Set Cortana to hear you anytime you say “Hey Cortana.” Select the search box on the taskbar to open Cortana home. Then select Notebook > Settings  and turn on Let Cortana respond when you say “Hey Cortana.”

Posted in Windows How-To | Leave a comment

What Is Siri?

Siri is a personal assistant that resides on your iPhone 4S. Siri responds to the words you speak rather than requests you type. Just as you can talk to your iPhone 4S to perform a range of tasks (employing speech-to-text translation), you’ll also hear Siri’s human-like voice talk back at you (text-to-speech technology).

Siri is automatically built into the iPhone 4S, so you don’t need to download anything to get going. When you turn on the iPhone 4S for the first time, you’re prompted to set up a few things, such as enabling location information and using Siri, so be sure to choose Yes to these options.

Think of Siri as being both software and a service, since all of your questions and commands are instantly uploaded to Siri’s secure servers, and the appropriate actions and responses are sent back down to the iPhone.

Siri can help you perform a number of tasks on your iPhone 4S much faster than if you typed them. Such tasks include things like:


  • Sending e-mails and text messages
  • Finding specific messages in your inbox
  • Having your texts read to you
  • Having your spoken words transcribed into text
  • Using the built-in Wolfram|Alpha database to quickly find useful information, such as dictionary definitions, mathematical equations, measurement conversions, or even fast facts and pop culture references
  • Searching the web for anything and everything, including info and media (such as photos and videos)
  • Posting updates to Facebook and Twitter
  • Adding and accessing calendar appointments, alarms, timers, and reminders
  • Making and accessing notes
  • Getting directions from point A to point B, using the iPhone 4S’s GPS radio
  • Finding businesses nearby — including directions on getting there — be it gas stations, banks, or restaurants; many businesses are also displayed by rating
  • Making phone calls and FaceTime video calls
  • Getting real-time information on weather, stock quotes, and much more
  • Accessing music and podcasts using your voice, including the ability to control audio playback

Unlike other speech-to-text technology, including those offered by other smartphones, Siri works on the operating system level and knows which app to open based on your request. (Most other smartphone solutions require you to first open up an app before you speak.) Using advanced artificial intelligence (AI), Siri makes connections based on your relationships, uses humor to make you smile, and is eager to learn more about your world and how to make your life easier to manage.

Also benefitting from speech-recognition technology licensed from Nuance (of Dragon NaturallySpeaking fame), Siri is also integrated with services such as Yelp, OpenTable, Google Maps, Taxi Magic, and MovieTickets.com, to name a few.

Posted in News and Security | Leave a comment

Do I Really Need to Care About My Privacy Online?

Everyone knows it’s bad if someone steals your password or credit card information, but a lot of people are a lot more apathetic about what they put on Facebook, their personal blog, or anywhere else. Your personal data is worth protecting, though, whether you think so or not. Not only does that data give companies and governments more power to track you, but it can make it easier for someone to steal your identity, even if it doesn’t seem like it. Plus, you never know where that data may end up one day, and who might see it (potential employers, for instance). Some stuff is more important, of course, but don’t let the little stuff slide just because you don’t think anyone will care. Somebody probably does.

Posted in News and Security | Leave a comment

Will I Get Caught If I Download a Movie on BitTorrent?

If I had a nickel for every time someone asked me about getting “caught” downloading stuff with BitTorrent, I’d be swimming through money like Scrooge McDuck. But seriously: yes, the media companies are always on the prowl, looking for people downloading their content. Your internet provider may even watch your traffic to see if you’re torrenting. The legal ramifications of doing so aren’t as heavy as they used to be, but you may still get letters from your ISP, throttled speeds, or other punishments. There are ways to keep yourself anonymous, of course, but nothing is foolproof.

Posted in News and Security | Leave a comment

How Can I Tell if an Email Is Spam?

Some spam is obvious (“I lost 30 pounds and made $24356 in five hours by taking this special pill!”), but other messages are more subtle. A lot of spam relies oh “phishing,” in which a spammer will try to make their email look like it’s coming from a legitimate source in order to get your information. They may tell you to click a link that looks like it’s going to paypal.com, but if you hover over it, you’ll see that it’s really going somewhere else—likely a PayPal-disguised site where you willingly type in your information. Luckily, you can usually avoid those tricks by checking the URL and typing it in yourself instead. Be careful, too—sometimes those links will cause you to unknowingly spam one of your friends, which only spreads the scam.

Posted in News and Security | Leave a comment

Do I Really Need to “Eject” USB Drives?

Ever wonder why your computer warns you about ejecting those USB drives before you remove them? It’s because computers use something called write caching to improve performance: if you copy something to your drive, it’ll tell you it’s completed the task, but it’s actually waiting until it has a few other tasks to perform so it can do them all at once. Efficient, right? When you press eject, your PC finishes anything in the queue to make sure you don’t incur any data loss. Windows does a better job of avoiding problems than OS X and Linux, but we recommend ejecting all your drives anyway. It’s small price to pay for keeping your data safe.

Posted in News and Security, OSx86, Windows How-To | Leave a comment