Comments for CS & IT Solutions http://blog.csatpk.com Computer Scientists and IT Professionals Weblog Sat, 24 Dec 2011 02:08:07 +0000 hourly 1 http://wordpress.org/?v=3.3 Comment on Installing and configuring FreeRADIUS with MySQL authentication and after that Installing and configuring daloRADIUS by thank you http://blog.csatpk.com/2010/06/installing-and-configuring-freeradius-with-mysql-authentication-and-after-that-installing-and-configuring-daloradius/comment-page-1/#comment-602 thank you Sat, 24 Dec 2011 02:08:07 +0000 http://blog.csatpk.com/?p=975#comment-602 <strong>thank you...</strong> [...]CS & IT Solutions » Blog Archive » Installing and configuring FreeRADIUS with MySQL authentication and after that Installing and configuring daloRADIUS[...]... thank you…

[...]CS & IT Solutions » Blog Archive » Installing and configuring FreeRADIUS with MySQL authentication and after that Installing and configuring daloRADIUS[...]…

]]> Comment on Chroot Bind FreeBSD with Master/Slave by amanat http://blog.csatpk.com/2010/06/chroot-bind-freebsd-with-masterslave/comment-page-1/#comment-590 amanat Thu, 25 Aug 2011 07:18:52 +0000 http://blog.csatpk.com/?p=951#comment-590 Thanks, Yes Webmin and Virtualmin, other also exists. Thanks, Yes Webmin and Virtualmin, other also exists.

]]> Comment on Chroot Bind FreeBSD with Master/Slave by Distro Flavors http://blog.csatpk.com/2010/06/chroot-bind-freebsd-with-masterslave/comment-page-1/#comment-589 Distro Flavors Thu, 25 Aug 2011 06:43:05 +0000 http://blog.csatpk.com/?p=951#comment-589 Great Article, Is there any good web utility for bind administration? Great Article,

Is there any good web utility for bind administration?

]]> Comment on Preventing DDoS Attacks by peter http://blog.csatpk.com/2010/08/preventing-ddos-attacks/comment-page-1/#comment-585 peter Thu, 26 May 2011 23:44:24 +0000 http://blog.csatpk.com/?p=997#comment-585 <img class='wpml_ico' alt='' src='http://blog.csatpk.com/wp-content/plugins/wp-monalisa/icons/wpml_mail.gif' />hey thanks for the good article i am begginer & i was looking for some basics i found one thought of sharing http://www.hackersbay.in/2011/01/what-is-ddos-attack-and-how-does-it.html hey thanks for the good article i am begginer & i was looking for some basics i found one thought of sharing

http://www.hackersbay.in/2011/01/what-is-ddos-attack-and-how-does-it.html

]]> Comment on Monitor UNIX / Linux Server Disk Space with Shell Script by CMS Application http://blog.csatpk.com/2009/07/monitor-unix-linux-server-disk-space-with-shell-script/comment-page-1/#comment-583 CMS Application Fri, 25 Mar 2011 08:02:00 +0000 http://blog.csatpk.com/?p=654#comment-583 Awesome post! It really helped me a lot! Thanks for sharing it. Awesome post! It really helped me a lot! Thanks for sharing it.

]]> Comment on Automatically block failed login attempts from internet by Chris Glavan http://blog.csatpk.com/2010/09/automatically-block-failed-login-attempts-from-internet/comment-page-1/#comment-582 Chris Glavan Sun, 27 Feb 2011 06:39:38 +0000 http://blog.csatpk.com/?p=1009#comment-582 For anyone looking for an Windows-based program that will create an IPSEC policy, filters, etc and automatically scan the event log and add IP's to the block list, I've written a small program that does just that. I had this problem too where my event log would be filled with thousands of entries for hackers attempting to login to my MSSQL instance with the 'sa' login. After much searching, I decided to write my own program, have it create the neccessary IPSEC items, and then scan the event log every 60 seconds for attacks from new IP addresses. It then adds the IP address to the IPSEC filter, and blocks all traffic to and from the IP. I have only tested this on Windows Server 2008, but believe it will work on other versions as well. Feel free to download the program using the link below. Donations are always appreciated using the link in the right-click menu of the taskmanager icon. http://www.cgdesign.net/programs/AutoBlockIp.zip Please note that this only works for SQL login attempts using the 'sa' login, but I could modify it to work for other log events as well. Also, you can view the IP's that have been blocked, but you will continue to see some items in the event log since the program only runs every 60 seconds. This is due to not being able to delete a single event log entry, and I didn't think deleting the entire log would be a good idea. **DISCLAIMER** - By downloading and installing the above-mentioned program, you agree to hold me harmless for any damage, loss of data, corruption, or any other functionality issues resulting from the use of said software. I have tested the program to the best of my ability and currently have it running on 2 servers, but you have been warned to use at your own risk. Any questions or comments, please feel free to get in touch with me using the contact form on my website at www.cgdesign.net -Chris For anyone looking for an Windows-based program that will create an IPSEC policy, filters, etc and automatically scan the event log and add IP’s to the block list, I’ve written a small program that does just that.

I had this problem too where my event log would be filled with thousands of entries for hackers attempting to login to my MSSQL instance with the ‘sa’ login. After much searching, I decided to write my own program, have it create the neccessary IPSEC items, and then scan the event log every 60 seconds for attacks from new IP addresses. It then adds the IP address to the IPSEC filter, and blocks all traffic to and from the IP. I have only tested this on Windows Server 2008, but believe it will work on other versions as well.

Feel free to download the program using the link below. Donations are always appreciated using the link in the right-click menu of the taskmanager icon.

http://www.cgdesign.net/programs/AutoBlockIp.zip

Please note that this only works for SQL login attempts using the ‘sa’ login, but I could modify it to work for other log events as well. Also, you can view the IP’s that have been blocked, but you will continue to see some items in the event log since the program only runs every 60 seconds. This is due to not being able to delete a single event log entry, and I didn’t think deleting the entire log would be a good idea.

**DISCLAIMER** – By downloading and installing the above-mentioned program, you agree to hold me harmless for any damage, loss of data, corruption, or any other functionality issues resulting from the use of said software. I have tested the program to the best of my ability and currently have it running on 2 servers, but you have been warned to use at your own risk.

Any questions or comments, please feel free to get in touch with me using the contact form on my website at http://www.cgdesign.net

-Chris

]]> Comment on Debian Wi-Fi hotspot using CoovaChilli, FreeRadius, MySQL and daloRADIUS by Luke http://blog.csatpk.com/2010/06/debian-wi-fi-hotspot-using-coovachilli-freeradius-mysql-and-daloradius/comment-page-1/#comment-581 Luke Sat, 22 Jan 2011 05:36:05 +0000 http://blog.csatpk.com/?p=981#comment-581 Thanks.. i did that and it worked.. must have been running already.. i am certain that the user and pass that i am attempting to login with are there in the freeradius database, but coova says wrong username password.. Also, i have just noticed that i cant connect to the internet anymore when i stop the coova service.. and i cant get to the net cause coova says the user and pass is wrong.. Is there somewhere in some file where i have possibly set some wrong settings for coova to talk to freeradius correctly? Thanks.. i did that and it worked.. must have been running already.. i am certain that the user and pass that i am attempting to login with are there in the freeradius database, but coova says wrong username password.. Also, i have just noticed that i cant connect to the internet anymore when i stop the coova service.. and i cant get to the net cause coova says the user and pass is wrong.. Is there somewhere in some file where i have possibly set some wrong settings for coova to talk to freeradius correctly?

]]> Comment on Debian Wi-Fi hotspot using CoovaChilli, FreeRadius, MySQL and daloRADIUS by amanat http://blog.csatpk.com/2010/06/debian-wi-fi-hotspot-using-coovachilli-freeradius-mysql-and-daloradius/comment-page-1/#comment-580 amanat Sat, 22 Jan 2011 04:24:57 +0000 http://blog.csatpk.com/?p=981#comment-580 Make sure Radius is stopped first and then try to check it in debugging mode, after that start it and try again. For login your Mysql, cova and radius must be started and running. Also confirm username and password. Make sure Radius is stopped first and then try to check it in debugging mode, after that start it and try again.

For login your Mysql, cova and radius must be started and running. Also confirm username and password.

]]> Comment on Debian Wi-Fi hotspot using CoovaChilli, FreeRadius, MySQL and daloRADIUS by Luke http://blog.csatpk.com/2010/06/debian-wi-fi-hotspot-using-coovachilli-freeradius-mysql-and-daloradius/comment-page-1/#comment-579 Luke Fri, 21 Jan 2011 22:19:29 +0000 http://blog.csatpk.com/?p=981#comment-579 Thanks, its working now.. Any idea why i now have an error trying to start radius in debugging mode: Failed binding to authentication address * port 1812: Address already in use /etc/raddb/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812 I get the coova login page but my user and password dont work.. i guess cause freeradius has this error? I have no idea how to fix it Thanks, its working now.. Any idea why i now have an error trying to start radius in debugging mode:

Failed binding to authentication address * port 1812: Address already in use
/etc/raddb/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812

I get the coova login page but my user and password dont work.. i guess cause freeradius has this error? I have no idea how to fix it

]]> Comment on Debian Wi-Fi hotspot using CoovaChilli, FreeRadius, MySQL and daloRADIUS by amanat http://blog.csatpk.com/2010/06/debian-wi-fi-hotspot-using-coovachilli-freeradius-mysql-and-daloradius/comment-page-1/#comment-578 amanat Wed, 19 Jan 2011 07:06:57 +0000 http://blog.csatpk.com/?p=981#comment-578 use phpmyadmin to update the profiles in dolaradius or use webmin use phpmyadmin to update the profiles in dolaradius or use webmin

]]>