Saturday, June 21, 2008

SARG

Squid Analysis Report Generator

The squid access log is stored in (in a Fedora Core 8 Linux system)

/var/log/squid/access.log

The sarg access log reports are generated in

/var/www/sarg/

The command to generate of usage between two dates for a particular user is (assuming that the date is set to US standard in the system) :

$sarg -d 06/01/2008-06/21/2008 -u username

The command to generate a report using sarg is:

sarg -l /var/log/squid/access.log

Monday, June 16, 2008

Shutdown command in Windows Server 2003

Windows XP and Windows Server 2003 support shutdown and restart of local and remote computers from the command-line. The shutdown command can be used with appropriate parameters to shutdown or restart the computer.

An example of shutting down a local system :

shutdown /s /t 120 /f /c ¨Closing for the day. Jai Sai Ram!¨

/s The systems is to be shutdown. /r is for restarting the system.
/t xxx Sets the timeout before the system is shutdown or restarted. A warning remains displayed during this time. The valid range of vaoues is from 0 to 600 seconds. The default is 30 seconds.

/c ¨Comment" Enables you to specify a reason. It must be in quotes and can have a maximum of 127 characters.

The options differ slightly for Windows XP.

The shutdown can be canceled by the /a option during the timeout period.

shutdown /a

Tuesday, June 10, 2008

Backing up in Linux

1. Copying Files

The simplest way is to make a backup using the cp command. However, file permissions must be preserved in the process. The following command saves the /home directory to /mnt/bkupdisk device used for backup purposes:

cp -a /home /mnt/bkupdisk

The -a option is used, which is equivanet to the -dpR options. The functions of these options are as follows:

-d -- Never follow symbolic links. The directory is copied as is.
-p -- Preserve the specified attributes (mode, ownership and timestamps)
-R -- Copy directories recursively to back up all subdirectories

The previous command is identical to the following command:

cp -dpR /home /mnt/bkupdisk

The files from this directory that were modified after the backup was performed can be copied with the help of the same command, but with the -u option:

cp -au /home /mnt/bkupdisk

Monday, June 9, 2008

Linux Introduction

1st class

login
logout
passwd

vi editor
command mode, insert mode
:w
:wq
:w filename
:q!
dd
ndd
yy
nyy

cp
mv
cat
ls
ls -l
ls -R list all files and the subdirectories and their files recursively
date
mkdir
cd subdir
cd ..
rmdir subdir
pwd
clear

2nd class

{program} { option(s) } {argument(s) }
w
head
tail
nl (similar to cat -b)
. and ..
wild card characters - *, ? []
files and directories - tree structure
Absolute and relative addressing
echo
sleep
man
wc
wc
wc -l
wc -w
wc -c

vi editor

dw - deletes a word
d$ - deletes from here to end of line

3rd Class

touch

System information
users - Displays user names of all users currently logged into the system
hostname
uname -all
uname -v
uname -r
uname -o
uname -p
uname -k
uname -m
uname -n

uptime
rm -d subdir_name deletes a directory
rm -r subdir_name deletes the directory recursively
mkdir -p temp1/temp2/temp3 the -p option makes parent directories if they do not already exist

tac filename - displays a file in reverse order, starting from the end of the file (reverse of cat)
more filename
less filename
See the output of ls and ls * and note the difference
Give cat without any parameters and type a few lines and see the output

Vi Editor
Saving a portion of a file
vi allows you to save only a part of a file by specifying the line numbers you want to write. The syntax is:
:first_line, last_linew filename<

The letter "w" should be there at the end of the last line number to identify the operation as a write request. Two wild cards can be used for either line number specification:
$ - to signify the last line in the file
. - to signify the current line

Examples of saving portions of a file
:., 12w newfile Saves lines from where the cursor currently is to the line 12 in a file named newfile
:2, 5w newfile Saves lines 2 to 5 in a file named newfile
:12, $w newfile Saves lines from 12 to the end of the file in a file named newfile

Reading from a file

To copy the contents of another file into this one at the location where the cursor resides, do the following:
:r {filename}
This inserts the text from the other file directly into the location in this file where the cursor resides.For example, to bring the contents of a file named sample into this file, the command is
:r sample

Navigation

xG "Goto" line number x

Wednesday, June 4, 2008

Guidelines to Staff Members Regarding Internet Usage

Guidelines to staff members on Internet usage

Given below are a set of guidelines to increase security and reduce the chances of the Internet connection being misused:

Each staff member wanting to access the Internet is being given an individual Cyberoam user id. (This user id is different from the Windows user id which you use to log in to the Windows system.) Each person is responsible for his user id.

The staff members should not allow others to use personal id.

Default passwords will be given to all users along with the new user id. All staff members should change the passwords immediately after logging in with the new user id for the first time.

The password should have a minimum of 7 characters and should have a combination of lowercase letters, uppercase letters, number digits and/or special characters like $, # etc.

It is better to avoid the use by students of the systems that are being used for accessing the Net.

The systems that are being used to access Internet should be properly secured so that their chance of being misused is reduced.

It is preferable to type the password for Cyberoam rather than using the option to save the password after logging in.

It is requested that the students are not left unmonitored in places where the computers with connections to Internet are kept so as to prevent them from trying any unwanted things. All the above steps will make the systems more secure, but cannot completely prevent anybody from misusing it. It is possible for a knowledgeable user to circumvent all the restrictions.

The usage of computers not configured for use of the Net also should be secured from misuse by unauthorized users who can change the settings/configuration and access the Net.

Tips for securing the systems being used to access Internet

Only the person taking care of the system should know the administrator account password.

The best operating system for system used for accessing the Internet is Linux as it is secure.

In case you are using Windows XP, use a limited user account to browse the Net.

Do not use Internet Explorer to browse the Internet as it has many security holes. Use

Mozilla Firefox instead. It is fast and light weight.

Disable booting from A: and CD-ROM in the BIOS. ^*

Keep system boot-up password (in BIOS). This will prevent unauthorised access to the system. ^*

Keep a complex password for the administrator account and also for other accounts through which users can access the Internet.

Avoid saving important passwords in the Password Manager of Firefox. Also, keep a master password for the password manager.

Some browsers like Firefox have a 'read ahead' feature, which reads all the pages being pointed to by various links in the page you are viewing so that the link that you click can be displayed immediately. But these links are recorded as being browsed by the user by the Cyberoam software. This same thing happening on a general web portal with links to all types of sites may create a wrong impression. Therefore, 'read ahead' feature in Firefox must be disabled in your PC. ^*

Turn on SafeSearch to strict filtering in Google search preferences so that unwanted search results do not embarrass you.^*

^*See under Detailed instructions

Detailed instructions

Set Google’s safe search filtering: Google's SafeSearch screens for sites that contain unwanted and inappropriate matter from search results. While no filter is 100% accurate, Google's filter uses advanced proprietary technology that checks keywords and phrases and URLs. When SafeSearch is turned on, inappropriate sites are blocked from search results.

SafeSearch Filtering is the third option down in Google preferences.

You can set SafeSearch to one of three filtering levels.

Use strict filtering: This applies filters to both Image and Web search results. This is the safest setting for young children, and it may also be useful to avoid embarrassing results at work.
Use moderate filtering: This is Google's default setting. It filters Image results, but not Web search results.
Do not filter: This does exactly what it seems and does not filter your search results.

Open the Google web page.
Click on ‘Preferences’, located to the right of the ‘Search’ button.
Scroll down to the SafeSearch Filtering
Set Your SafeSearch Filter Level to ‘Use Strict Filtering’.
Save your preferences by scrolling down to the bottom of the page and clicking on ‘Save Preferences’ button.

How to lock down the BIOS on your machine: The goal is to prevent users from booting from anything other than the hard drive. There are several tools that are bootable from CD-ROM and USB device that allow a user to change the administrator password or install files. And that's why you need to remove users' ability to use these tools. There are many different variables and the BIOS of the PC will be different based on the manufacturing company. The steps given below will give you an idea of what is to be done for your system.

On boot, press [F2] or [Esc] or [Del] to access the BIOS setup.
Under System, select Boot Sequence.
Make sure the Internal HDD is the only device from which the system can boot. Disable the option of booting from any other device like the floppy, CD-ROM, USB. etc..
Press [Esc], and select Save.
Under Security, select Supervisor Password (or the admin password).
Set a supervisor password. (This will prevent someone from changing boot options or changing the BIOS setup, but it won't interfere with normal operation.)
Set a user password in the same way in case you want to make it more secure.

This way, any user should have has the BIOS supervisor password to boot from any other device.

(Caution: This safety feature can be overcome if the user has unsupervised access to the system.)

Changing Cyberoam password: Log in to access the Internet using the Cyberoam client program Right click on the Cyberoam icon on the right side on the task bar. A menu will be displayed.

Click on ‘Show Client’.
Click on “My Account’ on the left side. A web page will be displayed.
Type your user name and the current password and click on ‘login’
A page will be displayed with the usage records of the account.
Click on ‘Personal’ near the top left of the page.
Enter the current password once and the new password chosen by you twice in the text box meant for them.
Click on ‘update’ to save the changes. Now the password will be changed. You can now close the page.

De-activating the pre-loading of web sites

You can disable this feature by following the procedure given below:

Open Firefox.
Type ‘about:config’ in the address line and press Enter.
Look for ‘network.prefetch-next’ entry in the list. You can get it faster by typing ‘network.prefetch-next’ in the filter bar.
Check the text in the fourth column (Value). By default, it should be ‘true’.
In case it is true, change the value to ‘false’ by doing the following:

Select network.prefetch-next and right click on it.
You will get a context-sensitive menu. Click on ‘toggle’ to change the value to ‘false’
Check whether the value is set to ‘false’.

In future, your system will download the websites only when you click on a link.

FTP Server in the Brindavan Campus

Pl. see this link for all s/w requirements and miscellaneous items.

Type the following in Windows (file) explorer or your browser address:

ftp://system40

or

ftp://192.168.3.40

If something you require is not there, pl. let me know so that i can add it.

General tips in IT

Search This Blog