Friday 13 September 2019

MySQL/Maria Database

MySQL/Maria Database

%Change password of existing user
SET PASSWORD FOR 'bob'@'%.loc.gov' = PASSWORD('newpass');

%create user
CREATE USER foo2@test IDENTIFIED BY 'password';
CREATE OR REPLACE USER foo2@test IDENTIFIED BY 'password';
CREATE USER IF NOT EXISTS foo2@test IDENTIFIED BY 'password';


%remove user
DROP USER bob;

%create user and then grant prevalence 
CREATE USER 'dba'@'%' IDENTIFIED BY 'strongpassword';
GRANT ALL PRIVILEGES ON *.* TO 'dba'@'%' ;


%show all the users and details 
SELECT User FROM mysql.user;
SELECT host, user, password FROM mysql.user;
show grants for 'vivek'@'%';



%show all databases 
show databases;

Monday 9 September 2019

Learn Programing





https://www.geeksforgeeks.org/

https://www.ntu.edu.sg/home/ehchua/programming/index.html


Friday 22 February 2019

Installation

Installation

1) ndnSIM -Importing new ndnSIM with visulizer in eclipse
----->mercurialeclipse / main / wiki / Installation and Configuration — Bitbucket
----->Install Oracle Java 8 In Ubuntu Or Linux Mint Via PPA Repository [JDK8] ~ Web Upd8: Ubuntu / Linux blog

2) Installing R

3) Openflow with ns-3

4) Installing tor browser in ubuntu 14.04

5) Ns-2 installation

Steps for installing ns-2.35 on Ubuntu 13.04 and before versions.

Open Terminal

[Step 1]
Install some Essential Libraries and Softwares:
sudo apt-get install tcl8.5-dev tk8.5-dev

sudo apt-get install gcc-4.4 g++-4.4

sudo apt-get install build-essential autoconf automake

sudo apt-get install perl xgraph libxt-dev libx11-dev libxmu-dev

[Step 2]
Download ns-2.35

Download ns-2.35 from
http://sourceforge.net/projects/nsnam/files/latest/download

Unpack ns2 to your Desktop directory  
tar -zxvf ns-allinone-2.35.tar.gz -C /home/khawajaali/Desktop

(or simply unzip the package on your desktop)

[Step 3]
Modify the OTcl makefile

Open /home/khawajaali/Desktop/ns-allinone-2.35/otcl-1.14/Makefile.in

Change CC = @CC@ to CC=gcc-4.4

Save the file

[Step 3.1]
installation errors

If you get installation errors modify the specified files in ns-allinone-2.35 folder as specified below:
Go to ns-allinone-2.35/ns-2.35/linkstate/ 2. Edit ls.h In line number 137, in place of void eraseAll() { erase(baseMap::begin(), baseMap::end()); } make it void eraseAll() { this->erase(baseMap::begin(), baseMap::end()); }



[Step 4] Install ns2

cd /home/khawajaali/Desktop/ns-allinone-2.35

./install

(this will take a while)

[Step 5] Modify ~/.bashrc

Once the installation is successful (without any errors), we need to add the path information to the file ~/.bashrc

gedit ~/.bashrc

Now Add these lines in the end of the file

    #LD_LIBRARY_PATH
    OTCL_LIB=/home/khawajaali/Desktop/ns-allinone-2.35/otcl-1.14
    NS2_LIB=/home/khawajaali/Desktop/ns-allinone-2.35/lib
    X11_LIB=/usr/X11R6/lib
    USR_LOCAL_LIB=/usr/local/lib
    export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$OTCL_LIB:$NS2_LIB:$X11_LIB:$USR_LOCAL_LIB
    # TCL_LIBRARY
    TCL_LIB=/home/khawajaali/Desktop/ns-allinone-2.35/tcl8.5.10/library
    USR_LIB=/usr/lib
    export TCL_LIBRARY=$TCL_LIB:$USR_LIB
    # PATH
    XGRAPH=/home/khawajaali/Desktop/ns-allinone-2.35/bin:/home/khawajaali/Desktop/ns-allinone-2.35/tcl8.5.10/unix:/home/khawajaali/Desktop/ns-allinone-2.35/tk8.5.10/unix
    # Note: the above two lines starting from XGRAPH should come in the same line
    NS=/home/khawajaali/Desktop/ns-allinone-2.35/ns-2.35/
    NAM=/home/khawajaali/Desktop/ns-allinone-2.34/nam-1.15/
    PATH=$PATH:$XGRAPH:$NS:$NAM

Save the modification and close the file

source ~/.bashrc

end of installation



Install Behind Proxy

Install Behind Proxy

PIP

sudo pip install --proxy  http://edcguest:edcguest@172.31.100.14:3128 pygraphviz

Add Apt Repository

export http_proxy=http://edcguest:edcguest@172.31.100.14:3128
export https_proxy=http://edcguest:edcguest@172.31.100.14:3128
sudo -E add-apt-repository name_of_ppa
 
sudo apt-get update 
 
 

Download whole site

wget  -r --proxy-user=cs1123 --proxy-password=chinu http://upscguide.com
wget -A pdf -m -p -E -k -K -np http://www.xyz.com/

Git

export http_proxy=http://edcguest:edcguest@172.31.100.14:3128
export https_proxy=http://edcguest:edcguest@172.31.100.14:3128
 
git clone url folderName 


https://github.com/qinshulei/ubuntu-install

Security Material

Tuesday 12 February 2019

Enable AAA Security on Router

Enable AAA Security on Router

Open console of router by default you are in user mode
Router>

Write command enable to enter privilege mode
Router>enable                                
Router#    

Write command configure terminal to enter global config mode
Router#configure terminal
Router(config)#

All the configuration are done in  global config mode

Introduction

AAA security can be enabled in two ways--
1) Using local data base of the router
2) Using a third party server (Server-based Authentication)
  1. Using TACACS+ server
  2. Using RADIUS server

AAA Using local data base of the router

The rest of the discussion is done through  the example scenario given below--


1) Initial Setting

    Change the hostnames of routers to R1, R2, and R3 as shown in the figure above.
    Router1(config)#hostname R1
    Router2(config)#hostname R2
    Router3(config)#hostname R3 


    Assign all the IP addresses.
    Configure all the routers using RIP.
    Set enable password for each router R1, R2, and R3 to cisco. 
    R1(config)#enable password cisco
    R2(config)#enable password cisco
    R3(config)#enable password cisco

    Create new usernames and passwords for R1, R2, and R3 using the following commands--
    R1(config)#username Admin1 secret admin1
    R2(config)#username Admin2 secret admin2
    R3(config)#username Admin3 secret admin3

AAA Authentication using the local database

2) Configure the line console to use AAA authentication.

    Create new usernames and passwords for R1

    R1(config)#username Admin1 secret admin1

    Enable AAA on R1 and configure AAA authentication for the console login to use default method list
    R1(config)#aaa new-model
    R1(config)#aaa authentication login default local
    R1(config)#line console 0
    R1(config-line)#login authentication default


    Verify the setting by exiting from router's console and re-login using R1's console

 3) Configure the line vty to use AAA authentication.

 
     Configure the domain name and generate RSA key to use with SSH
     R1(config)#ip domain-name ccnasecurity.com
     R1(config)#crypto key generate rsa
     Enter 1024 on prompt

    Create a name-list AAA authentication method for the vty line
    R1(config)#aaa authentication login SSH-LOGIN local


    Configure the vty line to use the defined AAA authentication method named SSH-LOGIN

    R1(config)#line vty 0 4
    R1(config-line)#transport input ssh
    R1(config-line)#login authentication SSH-LOGIN


    Verify the setting form PC-A by doing ssh from the command prompt

    PC-A>ssh -l Admin1 192.168.1.1

Server-based Authentication using TACACS+ Server

    For backup purposes, configure a local username of Admin2 having
    password admin2 on R2.

    R2(config)#username Admin2 secret admin2


    TACACS+ Server configuration
   Click the TACACS+ Server. On the Services tab, click AAA.

 
   Add network configuration entry.

   Client Name: R2
   Client IP: 192.168.2.1
   Secret: tacacspass
   Choose Server type as TACACS
   Click Add button

  Add username and password corresponding to R2.

  Username: Admin2
  Password: admin2
  Click Add button

 
  On the service by clicking ON radio button near Service label
   Configure the AAA TACACS server IP address and secret key on R2

   R2(config)#tacacs-server host 192.168.2.2
   R2(config)#tacacs-server key tacacspass

   Configure AAA login authentication for console access on R2.
   R2(config)#aaa new-model
   R2(config)#aaa authentication login default group tacacs+ local
   R2(config)#line console 0
   R2(config-line)#login authentication default

    


Monday 4 February 2019

Access Control List

Access Control List (ACL)

Open console of router by default you are in user mode
Router>

Write command enable to enter privilege mode
Router>enable                                
Router#    

Write command configure terminal to enter global config mode
Router#configure terminal
Router(config)#

All the configuration are done in  global config mode

Introduction

ACL is used for denying traffic for an IP or a group of IPs.

TODO

Types of Traffic 

Inbound Traffic - Traffic or packets going into the router
Outbound Traffic - Traffic or packets coming out of the router

Types of ACL 

There are two types of ACL
1. Standard ACL (1-99)
  •         applied closest to the destination
  •         denies or permits source IP address

2. Extended ACL (100-199)
  •         applied closest to the source
  •         denies or permits source IP address
  •         denies or permits destination IP address
  •         denies or permits port (service)

Standard ACL

Consider two networks having subnets  Source Network ID (SNID) and Destination Network ID (DNID) attached to the routers RSource and RDestination respectively
Suppose you want to deny a host from the SNID network having IP IPsource to access the DNID network. This can be done through Standard ACL by creating an ACL which denies the host having IP IPsource. 




1. Creating an ACL

Open console of router RDestination
                
      Go to global config mode
      Router(config)#
                
      Enter command ->access-list ACLNumber deny IPsource WildCardBits
      Router(config)#access-list 1 deny 10.0.2.3 0.0.0.0    
                           % 1 for standard ACL. Deny only one IP address
                
      Enter command ->access-list ACLNumber  permit any
      Router(config)#access-list 1 permit any  
                           % Permit all other traffic
        
2. Applying the ACL to the interface
                
       Go to global config mode
       Router(config)#
                
       Enter command ->interface interfaceName   
       Router(config)#interface fa0/0  
                          % fa0/0 is the interface on which the ACL will be applied
                
       Enter command ->ip access-group ACLName InBoundOrOutBound
       Router(config)#ip access-group 1 out   
                          % Here out is for outbound traffic 



Extended ACL

TODO

   Source:- Cisco CCNA Security