CS & IT Solutions

.:: what is ::.
please take a look at this.

.:: install dependency ::.

[root@linux ~ ]# yum install gcc rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel

.:: download openvpn package ::.

[root@linux ~ ]# mkdir download
[root@linux ~ ]# cd download
[root@linux download]# wget http://openvpn.net/release/openvpn-2.0.9.tar.gz
[root@linux download]# wget ftp://fr.rpmfind.net/linux/fedora/releases/10/Everything/i386/os/Packages/lzo-2.03-1.fc10.i386.rpm
[root@linux download]# wget ftp://fr2.rpmfind.net/linux/fedora/releases/10/Everything/i386/os/Packages/lzo-minilzo-2.03-1.fc10.i386.rpm
[root@linux download]# wget ftp://fr.rpmfind.net/linux/fedora/releases/10/Everything/i386/os/Packages/lzo-devel-2.03-1.fc10.i386.rpm

.:: installing packages ::.

[root@linux download]# rpm -Uvh lzo-2.03-1.fc10.i386.rpm
[root@linux download]# rpm -Uvh lzo-minilzo-2.03-1.fc10.i386.rpm
[root@linux download]# rpm -Uvh lzo-devel-2.03-1.fc10.i386.rpm
[root@linux download]# rpmbuild -tb openvpn-2.0.9.tar.gz
[root@linux download]# rpm -Uvh /usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm

.:: configuration openvpn [server] ::.

[root@linux ~]# cd /usr/lib
[root@linux lib]# ln -s liblzo2.so.2.0.0 liblzo.so.1
[root@linux lib]# cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/
[root@linux lib]# cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf /etc/openvpn/
[root@linux ~]# cd /etc/openvpn/easy-rsa/
[root@linux easy-rsa]# vi vars
—[edit on this line]—————–

# These are the default values for fields
# which will be placed in the certificate.
# Don’t leave any of these fields blank.
export KEY_COUNTRY=ID
export KEY_PROVINCE=YK
export KEY_CITY=YOGYAKARTA
export KEY_ORG=”BLACKONSOLE”
export KEY_EMAIL=” blackonsole@gmail.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it “

———————-

[root@linux easy-rsa]# . ./vars
( after the first point given distance and then space ./vars )
[root@linux easy-rsa]# ./clean-all
[root@linux easy-rsa]# ./build-ca
————————

Generating a 1024 bit RSA private key
……++++++
……………………………….++++++
writing new private key to ‘ca.key’
—–
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [ID]:
State or Province Name (full name) [YK]:
Locality Name (eg, city) [YOGYAKARTA]:
Organization Name (eg, company) [BLACKONSOLE]:
Organizational Unit Name (eg, section) []: IT
Common Name (eg, your name or your server’s hostname) []:blackonsole.org
Email Address [ blackonsole@gmail.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it ]:

-----------------------------------

[root@linux easy-rsa]# ./build-key-server myserver
------------------------------

Generating a 1024 bit RSA private key
.............................++++++
.........................++++++
writing new private key to 'myserver.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [ID]:
State or Province Name (full name) [YK]:
Locality Name (eg, city) [YOGYAKARTA]:
Organization Name (eg, company) [BLACKONSOLE]:
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:blackonsole.org
Email Address [ blackonsole@gmail.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it ]:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:mysecret
An optional company name []:blackonsole
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows country
Name RINTABLE:'ID'
stateOrProvinceName RINTABLE:'YK'
localityName RINTABLE:'YOGYAKARTA'
organizationName RINTABLE:'BLACKONSOLE'
organizationalUnitName:PRINTABLE:'IT'
commonName RINTABLE:'blackonsole.org'
emailAddress :IA5STRING:' blackonsole@gmail.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it '
Certificate is to be certified until May 22 03:40:25 2019 GMT (3650 days)
Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

---------------------------------------

[root@linux easy-rsa]# ./build-dh
------------------------------

Generating DH parameters, 1024 bit long safe prime, generator 2 This is going to take a long time

-------------------------------

[root@linux easy-rsa]# ./build-key admin
---------------

Generating a 1024 bit RSA private key
.....................++++++
...............................++++++
writing new private key to 'admin.key'
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [ID]:
State or Province Name (full name) [YK]:
Locality Name (eg, city) [YOGYAKARTA]:
Organization Name (eg, company) [BLACKONSOLE]:
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:blackonsole.org
Email Address [ blackonsole@gmail.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it ]:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:mysecret
An optional company name []:blackonsole
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName RINTABLE:'ID'
stateOrProvinceName RINTABLE:'YK'
localityName RINTABLE:'YOGYAKARTA'
organizationName RINTABLE:'BLACKONSOLE'
organizationalUnitName:PRINTABLE:'IT'
commonName RINTABLE:'blackonsole.org'
emailAddress :IA5STRING:' blackonsole@gmail.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it '
Certificate is to be certified until May 22 10:49:55 2019 GMT (3650 days)
Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

----------------------

[root@linux easy-rsa]# ./build-key-pass userx
----------------------------------

Generating a 1024 bit RSA private key
........++++++
.++++++
writing new private key to 'userx.key'
Enter PEM pass phrase: <enter_your_password>
Verifying - Enter PEM pass phrase: <enter_your_password>
-----
You are about to be asked to enter information that will be incorporated into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [ID]:
State or Province Name (full name) [YK]:
Locality Name (eg, city) [YOGYAKARTA]:
Organization Name (eg, company) [BLACKONSOLE]:
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:blackonsole.org
Email Address [ blackonsole@gmail.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it ]:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:mysecret
An optional company name []:blackonsole
Using configuration from /etc/openvpn/easy-rsa/openssl.cnf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName RINTABLE:'ID'
stateOrProvinceName RINTABLE:'YK'
localityName RINTABLE:'YOGYAKARTA'
organizationName RINTABLE:'BLACKONSOLE'
organizationalUnitName:PRINTABLE:'IT'
commonName RINTABLE:'blackonsole.org'
emailAddress :IA5STRING:' blackonsole@gmail.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it '
Certificate is to be certified until May 22 10:51:17 2019 GMT (3650 days)
Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated

--------------

[root@linux easy-rsa]# cp keys/ca.crt ../
[root@linux easy-rsa]# cp keys/dh1024.pem ../
[root@linux easy-rsa]# cp keys/myserver.key ../
[root@linux easy-rsa]# cp keys/myserver.crt ../
[root@linux easy-rsa]# cd /etc/openvpn/
[root@linux openvpn]# vi server.conf
---------[and configure on this options like:]--------

local 10.100.100.34
dev tap
; dev tun
ca ca.crt
cert myserver.crt
key myserver.key # This file should be kept secret
client-to-client
; comp-lzo
max-clients 100
user nobody
group nobody

---------------------------------
change local option with your openvpn server ip.

[root@linux lib]# /etc/init.d/openvpn start

.:: configure and access openvpn [client windows] ::.

. install openvpn client
http://openvpn.net/release/openvpn-2.1_rc9-install.exe

. goto config folder
C:\Program Files\OpenVPN\config

. make keys folder on the config folder
C:\Program Files\OpenVPN\config\keys

. copy ca.crt, userx.crt, and userx.key to C:\Program Files\OpenVPN\config\keys

. make client.ovpn file on C:\Program Files\OpenVPN\config folder.
-----------[contents of client.ovpn file like this]--------------

client
dev tap
proto udp
remote 10.100.100.34 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca keys/ca.crt
cert keys/userx.crt
key keys/userx.key
verb 3

----------------------------
on remote options change i.p with your openvpn server ip.
you can make client.ovpn with notepad, save as the file with File name : client.ovpn and Save as type : All files and then Save.

. make sure Windows Firewall is off.

. run openvpn gui (start - all programs - openvpn - openvpn gui)

. on system tray, right click the openvpn icon and then click connect

.:: links ::.
. http://www.google.com/linux
. http://www.throx.net/2008/04/13/openvpn-and-centos-5-installation-and-configuration-guide/
. http://opensource.telkomspeedy.com/wiki/index.php/Instalasi_OpenVPN
. http://opensource.telkomspeedy.com/wiki/index.php/Instalasi_OpenVPN_di_Windows

Thanks to Author, source http://blackonsole.blogspot.com/2009/05/install-openvpn-in-centos-53.html

This Tech-recipe describes the steps for setting up rate limiting on Juniper networks.

The first step in configuring rate-limiting on a Juniper is to configure the firewall filter, under the firewall section of the router.conf file. The firewall section should be located just after the interface configurations.

Choose a filter name based on slot-pic-port-unit, e.g. “rate-limit-t3-0-1-1-0″.

The first set of statements are for the policer which define the bandwidth characteristics of the filter. It will always be called “p1″. The bandwidth limit and burst limits are configured under the policer, as well as what to do when limits are reached (in this case “discard”). Note: Bandwidth is configured in bits per second, Burst is configured in bytes per second. You can use k for Kbps 1000, m for Mbps 1,000,000, or g for Gbps 1,000, 000.

The next set of statements define the “term”, that is, how we are going to use the policer in this filter. Term should be named “slot-pic-port-unit-traffic”. Terms should be standard for all customers: the first line sets the action to count the traffic, the next line says to use policer p1.

The last step is to add the filters to the interface config. They will go under the logical port (usually “unit 0″) for the customer connection. Apply the filter to both the input and output (eg rate-limit-t3-0-1-1-0), that were created in the filter.on

Below is a sample configuration for a DS3 customer who is paying for a 10mbps CIR, burstable to 20mb. NOTE: Burst is a measured burst for a given time, not a sustained burst. Due to Verio product, you will set filter’s bandwidth to customer’s requested “burst” and set burst to (CIR * 1.5 / 8).

CONFIG FOR FIREWALL

firewall {
filter rate-limit-t3-0-1-1-0 {
policer p1 {
if-exceeding {
bandwidth-limit 20m;
burst-size-limit 1875k;
}
then discard;
}
term t3-0-1-1-0-traffic {
then {
count t3-0-1-1-0-traffic;
policer p1;
accept;
}
}
}
}

CONFIG FOR INTERFACE:

t3-0/1/1 {
description “Interface Name”;
keepalives;
clocking internal;
encapsulation cisco-hdlc;
t3-options {
cbit-parity;
no-payload-scrambler;
compatibility-mode kentrox;
}
unit 0 {
family inet {
filter {
input rate-limit-t3-0-1-1-0;
output rate-limit-t3-0-1-1-0;
}
address 10.10.10.1/30
}
}
}

A useful command is show firewall filter rate-limit-t3-0-1-1-0. This will show you the Packet and Byte counts for the interface and for the Bytes that are policed:

usr@routerg> show firewall filter rate-limit-t3-0-1-1-0
Filter/Counter Packet count Byte count
rate-limit-t3-0-1-1-0
t3-0-1-1-0-traffic 7647 624268
p1 1 NA

courtesy http://www.tech-recipes.com/rx/2474/rate_limiting_on_juniper_networks/

If you’ve forgotten the sa password for your SQL server, you are probably in a panic. Fear not, for you can reset the password and once again have access to the powers of the sa account by using the query window in the Management Studio.

1. Open the SQL Server Management Studio.

2. Open a New Query.

3. Copy, paste, and execute the following:

GO
ALTER LOGIN [sa] WITH DEFAULT_DATABASE=[master]
GO
USE [master]
GO
ALTER LOGIN [sa] WITH PASSWORD=N’NewPassword’ MUST_CHANGE
GO

where NewPassword is the password you wish to use for the sa account.

You can now breathe easier, and once again access the sa account. Whew!

courtesy http://www.tech-recipes.com/rx/3766/sql-server-2005-how-to-reset-a-forgotten-password-for-the-sa-account/

Making changes to a database that has been created by a third pary can be a difficult task, especially when you don’t want to break any of the existing stored procedures. You can search the database’s stored procedures for keywords to find which procedures use a keyword that is involved in your change. This makes it much easier in identifying these procedures so you can make the appropriate changes.

1. Open the SQL Server Management Studio.

2. Go to the toolbar and click the New Query button.

3. Select the desired database.

4. Copy, paste and execute the following:

SELECT sys.sysobjects.name, sys.syscomments.text
FROM sys.sysobjects INNER JOIN syscomments
ON sys.sysobjects.id = sys.syscomments.id
WHERE sys.syscomments.text LIKE ‘%YourKeyword%’
AND sys.sysobjects.type = ‘P’
ORDER BY sys.sysobjects.NAME

Where YourKeyword is replaced with the value you are searching for.

The result set will contain the name and text of each stored procedure that contains the given keyword.

courtesy http://www.tech-recipes.com/rx/3701/sql-server-2005-locating-stored-procedures-that-contain-a-keyword/

If you have grown tired of having to view the splash screen each and every time you open the SQL Server Management Studio, you can use a simple command line switch in your shortcut to bypass the annoyance.

1. Right-click on the desktop.

2. Click New and select Shortcut.

3. Click the Browse button and go to the Sqlwb executable (”C:\Program Files\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\Sqlwb.exe”).

4. After the full path and the end quotes, add one space and type in -nosplash.

5. Click Next.

6. Type a name for the shortcut.

7. Click Finish.

courtesy http://www.tech-recipes.com/rx/3353/sql-server-20052008-disable-management-studios-splash-screen/