Friday, March 2, 2007

TOMCAT INSTALLATION AND CONFIGURATION

Introduction

Apache Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process.

Packages required

Java 2 SDK, Standard Edition v1.4.1-01 http://www.blackdown.org/java-linux/java-linux-d2.html

Ant 1.6.5 http://ant.apache.org/

JavaBeans Activation Framework http://java.sun.com/products/javabeans/glasgow/jaf.html

Javamail http://java.sun.com/products/javamail/

jakarta-tomcat-5.X http://jakarta.apache.org/site/downloads/downloads_tomcat-5.cgi

Installing Java 2 SDK

Untar/unzip j2sdk package

$cp j2sdk1.4.1 /usr/local/

$ln –s j2sdk1.4.1 j2sdk

set JAVA_HOME

$export JAVA_HOME=/usr/local/j2sdk

add PATH for java binary

$export PATH=$PATH:$JAVA_HOME/bin

verify javac command gives some output

root@tux:~# javac

Usage: javac

where possible options include:

-g Generate all debugging info

-g:none Generate no debugging info

-g:{lines,vars,source} Generate only some debugging info

Installing ANT

Untar ant-.tar.gz by

$tar xvzf ant-.tar.gz

move untared directory this to /usr/local/ant

$mv ant- /usr/local/ant

set ANT_HOME

export ANT_HOME=/usr/local/ant

add PATH for ant binary

export PATH=$PATH:$ANT_HOME/bin

verify ant binary is on PATH

root@tux:~# ant

Buildfile: build.xml does not exist! (don’t worry about this message, this was just to check ant in on path or not)

Installing JavaBeans Activation Framework

$unzip jaf-.zip

$cd jaf-

copy activation.jar to /usr/local/j2sdk/lib

$cp activation.jar /usr/local/j2sdk/lib

set CLASSPATH for this jar

$export $CLASSPATH=/usr/local/j2sdk/lib/activation.jar

Installing Javamail

$unzip javamail-.zip

$cd javamail-

copy mail.jar to /usr/local/j2sdk/lib

$cp mail.jar /usr/local/j2sdk/lib

set CLASSPATH for this jar

export $CLASSPATH=$CLASSPATH:/usr/local/j2sdk/lib/mail.jar

All set for tomcat

Just again verify all environment variables

$echo $JAVA_HOME

$echo $ANT_HOME

$echo $PATH

$echo $CLASSPATH

now we have two options to install tomcat

1. using source

2. using binary

Tomcat Installation from source

Untar source

$tar xvzf jakarta-tomcat-5.x.x-src.tar.gz

$cd jakarta-tomcat-5.x.x

start building source

this build process is controlled by build.properties

add this content to it:
# ----- Proxy setup -----
# Uncomment if using a proxy server.
#proxy.host=proxy.domain
#proxy.port=8080
#proxy.use=on

# ----- Default Base Path for Dependent Packages -----
# Replace this path with the directory path where
# dependencies binaries should be downloaded.
base.path=/usr/share/java

$ant build

Buildfile: build.xml

check.source:

check.source.depends:

once this is done without any errors, copy build to appropriate location

$cp jakarta-tomcat-5.x.x/jakarta-tomcat-5/build /usr/local/tomcat

Installation done from source

Tomcat Installation from binary

Download and untar jakarta-tomcat-5.x.x.tar.gz

$tar xvzf jakarta-tomcat-5.x.x.tar.gz

move untared directory to /usr/local/tomcat

$mv jakarta-tomcat-5.x.x /usr/local/tomcat/

Installation done using binary.

Configuring Tomcat

Optionally set CATALINA_HOME to /usr/local/tomcat/

$export $CATALINA_HOME=/usr/local/tomcat/

make changes in configuration, go to conf dir

$cd /usr/local/tomcat/conf

to change port of tomcat edit server.xml Connector port="8080" tag

you can add various roles and assign these roles to different users by making changes in tomcat-users.xml

rolename="tomcat"/>

rolename="role1"/>

rolename="manager"/>

rolename="admin"/>

admin,manager"/>

you can write a init script for tomcat startup/shutdown

#!/bin/sh

export JAVA_HOME=/usr/local/j2sdk

export PATH=$PATH:/usr/local/j2sdk/bin/

case "$1" in

start)

echo -n "Starting tomcat: "

/usr/local/tomcat/bin/startup.sh

;;

stop)

echo -n "Shutting down tomcat: "

/usr/local/tomcat/bin/shutdown.sh

;;

*)

echo "Usage: $0 {start|stop}"

exit 1

esac

exit 0

copy this content to /etc/init.d/tomcat.server

give execute permission

chmod +x /etc/init.d/tomcat.server

on debian do

$update-rc.d tomcat.server defaults

Testing setup

Start tomcat

root@tux:~# /etc/init.d/tomcat.server start

Starting tomcat: Using CATALINA_BASE: /usr/local/tomcat

Using CATALINA_HOME: /usr/local/tomcat

Using CATALINA_TMPDIR: /usr/local/tomcat/temp

Using JAVA_HOME: /usr/local/jdk

Check in process list for successful startup

1834 pts/6 S 0:15 /usr/local/jdk/bin/java -Djava.endorsed.dirs=/usr/local/tomcat/common/endorsed -classpath /usr/loc

1835 pts/6 S 0:00 /usr/local/jdk/bin/java -Djava.endorsed.dirs=/usr/local/tomcat/common/endorsed -classpath /usr/loc

1836 pts/6 S 0:01 /usr/local/jdk/bin/java -Djava.endorsed.dirs=/usr/local/tomcat/common/endorsed -classpath /usr/loc

also verify it its listening on port specified in server.xml

root@tux:~# netstat -nap | grep java

tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 11507/java

Shutdown tomcat

root@tux:~# /etc/init.d/tomcat.server stop

Shutting down tomcat: Using CATALINA_BASE: /usr/local/tomcat

Using CATALINA_HOME: /usr/local/tomcat

Using CATALINA_TMPDIR: /usr/local/tomcat/temp

Using JAVA_HOME: /usr/local/jdk

Next open a browser and type http://:

For eg http://machine:8080

You will see tomcat page

You can admin tomcat from http://:/admin

eg

http://machine:8080/admin

manager url http://

give username/password specified in tomcat-users.xml with admin/manager role

like

rolename="manager"/>

rolename="admin"/>

admin,manager"/>

Posted by at No comments:

Thursday, March 1, 2007

COMMANDS

$(cat /etc/passwd|egrep zentyl\|sysadmin |cut -d":" -f6); do
$kill `ps auxww | grep pmta | egrep -v grep | awk '{print $2}'`; service pmta start
$sar -r 60 2000|awk '{print $5}'|sed -e /^$/d|sed '/^%/d'|head -n1
$kill `ps auxww | grep perl | egrep -v grep | awk '{print $2}'`; service mysql restart
$find /Public/ -name *.mp3 -exec rm {} \;
kill `ps auxww | grep perl awk '{print $2}'`

kill `ps auxww | grep mysql | egrep -v grep | awk '{print $2}'`

du -h --max-depth=1 /Public/|awk '{print $1}'
search and replace all :1,$s///g
find /home -type f -iname '*.php' -exec grep -l -i "c99_buff_prepare" {} \;

Selinux:
setsebool -P ftpd_disable_trans 1



LINKS:
http://endor.clublinux.org/RHCE-16.html cronjob
http://prefetch.net/articles/checkcertificate.html
http://lena.franken.de/linux/create_certificate.html

RMSERVER

http://yolinux.com/TUTORIALS/LinuxTutorialRealVideoStreaming.html
http://epresence.tv/FreeSoftware/DocsHtml/Media_Installation_Guide32.htm#_Toc114284604
http://www.realnetworks.com/products/media_delivery.html
http://www.realnetworks.com/products/discreteserver/index.html
http://service.real.com/help/library/guides/helixuniversalserver/realsrvr.htm?page=htmfiles/new.htm%23ports


HACKER'S PAGE
www.xsharex.info - report24/default pass
http://www.security.nnov.ru/board4.html
http://www.webhostgear.com/61.html
http://www.rfxnetworks.com/apf.php
http://www.webhostgear.com/232.html
http://megaupload.com/?d=P5BSU0CQ
metasploit.com
http://www.theserverpages.com/20102/11/
http://www.hackingdefined.com/movies/see-sec-wmf-0day.rar
http://www.hackingdefined.com/movies/see-sec-demo.zip
http://www.hackingdefined.com/movies/see-sec-wepcrack.zip
http://www.hackingdefined.com/movies/see-sec-gre-sniff.zip
http://www.hackingdefined.com/movies/see-sec-ssh-dcom-tunneling.zip
http://byterage.hackaholic.org/kb/index.html
RooT66 - http://root66.nl.eu.org
ShellOracle - http://www.shelloracle.cjb.net
b0f - http://b0f.freebsd.lublin.pl
http://ussrback.com/distributed.htm
Hardbeat (petervd@vuurwerk.nl) just has a lame page at
http://www.dataloss.net/
http://packetstormsecurity.org/DoS/pjam.zip
http://www.elhacker.net/hacking.htm
http://www.nmrc.org/pub/faq/hackfaq/
http://www.catb.org/~esr/faqs/hacker-howto.html
thc.org
http://www.linuxwidows.com/mirror/bucket/HFC/LEAP/img13.htm
http://lab.dyne.org/AsciiHackersLounge
http://www.packetfocus.com/web_hacking.html
http://www.elitehackers.info/
http://romaniainedit.3xforum.ro/post/11389/1/Hack_tools_books_la_cerere/
http://hackaday.com/
http://iptables-tutorial.frozentux.net/iptables-tutorial.html --iptablesx
http://linux.i-heart.co.kr/viewtopic.php?p=49&sid=2f34689f8c97dd0dc34a02f399979ba1 - apf
http://www.thenetworkadministrator.com/2003MostPopularHackingTools.htm
www.bo2k.com
http://www.redhat.com/magazine/013nov05/features/snort/
http://www.jpowered.com/php-scripts/php-gd.htm
http://egroupware.shanker.com/home/index.php
http://xoron.t35.com/c99.txt
http://www.rootshell-security.net/
http://www.lezr.com


Forensic:

http://webserver.arizona-gigapop.net/linux-forensics/penguinsleuth-07-05-2003.iso
http://www.net-security.org/dl/software/sleuthkit-2.06.tar.gz



Database:
http://techdocs.postgresql.org/
http://www.designmagick.com/category/10/Forum-Project

PHP:

http://byterage.hackaholic.org/kb/php-secure-coding.html
http://www.php-mysql-tutorial.com/
http://www.goodphptutorials.com
http://www.phpfreaks.com/tutorials.php
http://devzone.zend.com/public/view/tag/tutorials
http://www.php.net/manual/en/install.unix.apache2.php
http://www.hostlibrary.com/installing_apache_mysql_php_on_linux


MOD_REWRITE

http://www.download.com/Ionic-s-ISAPI-Rewriting-Filter/3000-2648_4-10417963.html
http://urlrewriter.net/
http://cheeso.members.winisp.net/IIRF.aspx
http://www.petefreitag.com/item/286.cfm
http://todotnet.com/archive/0001/01/01/7472.aspx
http://www.webmasterworld.com/forum47/1167.htm


AWSTATS:
http://www.allscoop.com/tools/awstats-log-format/index.php


shell scripting:
http://www.student.northpark.edu/pemente/sed/sed1line52.txt
http://puzzle.dl.sourceforge.net/sourceforge/freenas/FreeNAS-0.671.iso



SSL Certificate generation:

openssl genrsa -des3 -out cybercells.key
openssl req -new -key cybercells.key cybercells.csr
https://certificates.godaddy.com/InstallationInstructions.go
https://certificates.godaddy.com/CSRgeneration.go



SNORT

User Name: report24@rediffmail.com
Password: hallticket
Oink Code: dedf1dbb630464a56cb5494b856a0ffc15df9d90

Example for snort 2.3:
Change: url = http://www.snort.org/dl/rules/snortrules-snapshot-2.3.tar.gz
to
http://www.snort.org/pub-bin/oinkmaster.cgi/5a08f649c16a278e1012e1c84bdc8fab9a70e2a4/snortrules-snapshot-2.3.tar.gz

How to use snort:

Network Intrusion Detection (NIDS) mode snort -dev -l ./log -h 192.168.0.0/24
Reading the Snort logfile: snort -r ./Piglet/logfile
Running Snort in Packet Logger mode: snort -dev -l ./Piglet
A Snort monitoring rule: content: [!] "content_string";
A non-payload detection rule: alert ip any any -> any any (ip_proto:icmp;)
A rule to detect a particular string: alert tcp any any -> any any 21 (content:"user root";)

Kernel upgradation:

www.kernel.org
make menuconfig
select the features u want in ur kernel
exit the menuconfig and come on to the shell saving the new configuration
make dep
make bzImage
make modules
make modules_install
ur new kernel is in the directory ./arch/i386/boot/bzImage copy it in the directory /boot/
edit ur bootloader so that u may boot the new kernel

OR

1. Check current version of kernel on server using command uname -a, if
its 2.4 then download latest release for 2.4 please do not download 2.6
kernel.
You can download kernel from http://www.kernel.org/pub/linux/kernel/v2.6/
if its 2.4 then http://www.kernel.org/pub/linux/kernel/v2.4/, you can
check latest stable release from http://www.kernel.org

2. wget kernel in /usr/local/src
3. untar it using tar -zxvf linux-2.x-xxxx
4. cd linux-2.x-x
5. make clean
6. make mrproper
7. If kernel is 2.4 then copy current version of config file from
/boot/config-’uname-r’ as .config in /usr/local/src/linux-2.x-xx, if
kernel is 2.6 then you do not need to make .config in current directory
8. make menuconfig, select and check if all required modules are selected,
also make sure that your kernel supports multiple cpu
you can check it and select from processor type, if it displays support
for more then 2 kernel then you do not need to modify anything there.
9. save configuration and exit
10. make modules if kernel is 2.4 then need to run make dep before running
make modules
11. make modules_install
12. make
13. if 2.4 kernel then need to run make bzImage and then make install, you
can directly run make install if kernel is 2.6
15. now make sure bootloader and modify default kernel accordingly
grubby –bootloader-probe if it displays grub then edit /etc/grub.conf and
if its lilo then edit lilo.conf and make compiled kernel as default kernel
16. If your boot loader is lilo then you need to run 9one more command
/sbin/lilo which will update lilo
17. now its time to reboot server


http://www.youtube.com/watch?v=xUyLXTLiGS0 ( fedora)
Posted by at No comments:
Subscribe to: Posts (Atom)