How to setup a Web server inside campus.

Prerequisite  : Broadband/Leased internet line , Web server , Static IP and Basic UTM box .

Here I am using Fortigate
Step 1 : Change Web admin port of fortigate from 80 to any other port.

Step 2 : Create new Virtual IP which points to internal web server

Step 3 : Add new policy like below .

Now you access your webserver like http://225.21.251.21

If you like to have domain name for your web server.Purchase one from domainname registrar like rediff.com.And change its A record to your static IP. Now you can access your web server with a domain name. Ex : www.testserver.com

Dummy table dual problem.

This is what happened to my dual synonym in my testing database.I had dropped dual synonym after that I created a synonym using x$dual.

The real problem started now. I cant drop a table or synonym.

Non admin user login had received  following error.

SP2-0575: Use of Oracle SQL feature not in SQL92 Entry Level. 

ORA-00980: synonym translation is no longer valid


Solution :

Create public synonym for sys.dual .This only solve this problem.But for that I need to drop the already created synonym.





But this is what happened.

SQL> drop public synonym dual  force;
drop public synonym dual force
*

ERROR at line 1:
ORA-00604: error occurred at recursive SQL level 1
ORA-00980: synonym translation is no longer valid

So I created dual synonym in all users including default schemas.

    connect sys/mypass as sysdba;
    create view x_$dual as select * from x$dual ;
    grant select on x_$dual to public;
    connect my_schema_owner/mypassword;
    create synonym DUAL for sys.x_$dual ;

After that I could able to drop tables and synonyms.

So don't drop dual table table or public synonym of dual table.

SSL-VPN using UTM (Fortigate)

Access your private network from public network using fortigate VPN (Simplifed document)
Step 1: Allocate private ip addresses for your VPN access from public network

 Step 2: Configure SSL-VPN

 3. VPN Portal creation - Web mode access . Create portal in your VPN box and access your internal network using the portal.

4. Create username  to access VPN from public network 

 5. Create user group which should have SSL-VPN access to already created portal.

7. Now create firewall policy

    In this policy Public network can access Internal network using VPN portal and VPN user group.

Configuration completed.

Extra configuration for Tunnel Mode access

8. Add new policy for Tunnel Mode

9. Add static route to send reply from internal network to VPN clients

  

VPN - Home to Office

Setup VPN at your Home

use create new connection

Give you VPN server's user name and password.

This is your network configuration before VPN connection.

Microsoft Windows XP [Version 5.1.2600]

(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\admin>ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . : 192.168.**.**

Subnet Mask . . . . . . . . . . . : 255.255.255.0

IP Address. . . . . . . . . . . . : 192.168.**.**

Network configuration after making VPN connectivity.


C:\Documents and Settings\admin>ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . :   192.168.**.**

Subnet Mask . . . . . . . . . . . : 255.255.255.0

IP Address. . . . . . . . . . . . :   192.168.**.**

PPP adapter Office network:

Connection-specific DNS Suffix . :

IP Address. . . . . . . . . . . . :    192.168.1.40

Subnet Mask . . . . . . . . . . :    255.255.255.255

Default Gateway . . . . . . . . . : 192.168.1.**

Here 192.168.1.40 is your virtual IP. And your system is part of your office network. Now you can connect to your applications from your home using VPN.

How to setup VPN  using UTM ( Fortigate) ?

Frequent network failures from windows client to Linux

If you are mapping Linux directories in windows client.Then check your log file smbd.log.If you have receiving follwing error.

"getpeername failed. Error was Transport endpoint is not connected"

Check this link for solution.

http://lists.samba.org/archive/samba/2004-April/084048.html

Stop 1 : Stop windows  browser service from your all windows clients

             netstat -tvlnp | grep smbd - shows your samba service running ports in your linux system.

Stop 2 : iptables -I INPUT 1 -p tcp --dport 445 -j DROP  - Run it on linux system
Stop 3 : Check using nmap - It shows you 445 as a filtered port.


Above steps may solve your problem.

Duplicate name exists on the network

If you have received the above said system message pop up in more than one computer.Then check your event viewer.If you found below mentioned error.

"The name "name :0" could not be registered on the Interface with IP address 192.168.**.40. The machine with the IP address 192.168.**.44 did not allow the name to be claimed by this machine"

Check your device with ip address 192.168.**.44.Its name may be same as your workgroup name.Change this name . It will solve your problem

Mail blockers

You may receive these errors in your mail blog .
Sorbs.net
216.93.169.80 does not like recipient.
Remote host said: 550 5.1.7 203.**.**.*3 is Currently Sending Spam See: http://www.sorbs.net/lookup.shtml?203.**.**.*3
 
Secureserver.net
Giving up on 216.*.*.*.

to=<***.com>, relay=mailstore1.secureserver.net[*.*.238.*]:25, delay=46738, delays=46735/0.04/3.3/0, dsn=4.0.0, status=deferred (host mailstore[*.*.*.*] refused to talk to me: 554-p3pismtp01-029.prod.phx3.secureserver.net 554 Your access to this mail system has been rejected due to spam or virus content. If you believe that this failure is in error, please submit an unblock request at http://unblock.secureserver.net)

mail-abuse.com

Jul 18 04:24:12 *** postfix/smtp[23437]: 48E3629802B: to=<*be@**as.com>, relay=mail1.**.

com[**.**.**.181]:25, delay=63461, delays=63461/0.04/0.46/0, dsn=4.0.0, status=deferred  refused 

to talk to me: 550 Service unavailable; Client host [*.*.*.*] blocked using Trend Micro RBL+.Please 

see http://www.mail-abuse.com/cgi-bin/lookup?ip_address=*.*.*.* )

barracudacentral.org

There are a number of reasons your IP address may have been listed ,including:

1. The email server at this IP address contains a virus and has been sending out spam
2. The email server at this IP address may be configured incorrectly
3. The PC at this IP address may be infected with a virus or botnet software program
4. An individual in the organization at this IP address may have a PC infected with a virus 

or botnet program
5. This IP address may be a dynamic IP address which was previously utilized by a 

known spammer
6. The marketing department of a company at this IP address may be 
sending out bulk emails that do not comply with the CAN-SPAM Act 
7. This IP address may have a insecure wireless network attached to it 
which could allow unknown users to use it's network connection to send 
out bulk email
8. In some rare cases, your recipients'  Spam Firewall may be misconfigured 

Run more than one biometric sensors based applications in a single system

If you want to run more than one  application with more than one biometric sensors  (Digital persona) in a single computer . You need to bind the application with their respective sensors.For this you need to install VDI in (Virtual box) that computer and install guest operating systems on that VDI.Now using USB filter option you can bind each and every USB based biometric sensor with a single  guest OS. Now you can run application from each guest operation systems (Windows or Linux) with USB based biometric support.

© Trademarks belong to their respective owners. All rights reserved.

Listener Not responding

If you lost contact with listener.Try to reload listener from lsnrctl utility.If it doesn't respond. Try to stop it .Still problem persist.

Find the process no of the listener.
# su root

# netstat -tvlnp | grep 1521

  (here 1521 is the port no of tnslsnr)
It will give you the process no

# kill -9 {processno}

  Kill the listener.

Then start the listener.

# su oracle
# . oraenv
#  lsnrctl start 

Still problem persists try once again form the netstat listing.   
   
It may solve your problem

DHCP Server MAC address based filtering

http://blogs.technet.com/b/teamdhcp/archive/2007/10/03/dhcp-server-callout-dll-for-mac-address-based-filtering.aspx

Refer this link for complete details.

Fetchmail Error Query status=4

If you have received the following at the time of

# fetchmail

fetchmail: client/server protocol error while fetching from test@****.net@pop.***.**oo.com
fetchmail: Query status=4 (PROTOCOL)

Correct the configuration file .fetchmailrc for the corresponding user.

Remove  the line
   auth SSH
from the above mentioned file.

Installing Postfix as a SMTP Client with SASL

Steps to Follow

1. Uninstall installed postfix
   # rpm -e postfix
 
   Or Remove all directories for postfix

2. Download and Install Cyrus-sasl

   http://cyrusimap.web.cmu.edu/downloads.html

   # tar -xvf cyrus-sasl-2.1.23.tar
   # ./configure
   # make
   # make install  

3. Create symbolic link  for /usr/local/lib/sasl
  
   #ln -s /usr/local/lib/sasl2/ /usr/lib/sasl2


4. Create user postfix

5. Create group postdrop


6. Download and Install Postfix
   http://www.postfix.org/download.html

   # tar postfix-2.7.1.tar
   # make makefiles CCARGS="-DUSE_SASL_AUTH -DUSE_CYRUS_SASL  -I/usr/local/include         /sasl"  AUXLIBS="-L/usr/local/lib -lsasl2"

7.   Add these lines into main.cf with other basic configuration
     smtp_sasl_auth_enable = true
     relayhost = [smtp.bizmail.yahoo.com]
     smtp_sasl_ password_maps = hash:/etc/postfix/sasl_passwd

8.  Create new file /etc/postfix/sals_passwd with the following details.

    [smtp.***mail.****.com] arun@****.net:Non


9.   Run postmap /etc/postfix/sasl_passwd


10.    Check  for postfix support for SASL with the following command
     #  postconf -a
        cyrus
       
        If it lists cyrus then everything perfect.

11.     Finally run postfix
     # /etc/postfix/bin/postfix start

Linux Symbolic link

Create symbolic link  /usr/test
ln -s /usr/test  [shortcutname]

remove links
rm /var/something/symlink

find symbolic link files
1) find . -lname '*sysdep.c
2) ls -latR | grep 'lw'

Mailarchiva Error

If you have received this error message  from Mailarchiva

"There are messages available in the no archive queue. This could mean that something is misconfigured. Total queued messages"

Make sure all configuration are correct based on the configuration document.Double check whether you have added volume for mail archiving .And make sure ,changes to be made to the configuration files of the Mail servers (postfix) are modified based on the document.

Open source tool for mail archiving - MailArchiva

Use MailArchiva for mail archiving.

Basic requirements .Postfix and fetchmail

Download location :  Download based on your OS


http://www.mailarchiva.com/downloads.php

For administration Guide  download here
http://docs.ipswitch.com/_Messaging/Archiving/MailArchivaAdminGuideV2.1.pdf

For postfix add these 2 lines into main.cf

milter_default_action=tempfail
smtpd_milters=inet:{arhiva servers IP:8092}

Now you can archive your mails effectively.

Not able to send mails

If you have received below mentioned messages in your log.

============================================
I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

    The mail system

    ===========

    ************s@vsnl.com>: host m**.***.*et[203.200.235.142] said: 550 5.7.1 Mail
    from 122.165.*.* blocked using Trend Micro Email Reputation database.
    Please see :
    ******@vsnl.com (in reply to RCPT TO command)
    Reporting-MTA: dns; ama*.**********i.net
    X-Postfix-Queue-ID: 2382***8065
    X-Postfix-Sender: rfc822; ************@**********i.net
   Arrival-Date: Thu,  3 Jun 2010 11:22:46 +0530 (IST)
   Action: failed
   Status: 5.7.1

   ======================================================

Then your mailing system has been listed in Realtime Blockhole List (RBL). Try to remove your static ip from this site www.mail-abuse.com.

Download mails to Outlook express using postfix,fetchmail,Dovecot

Configure Postfix, Fetchmail and Dovecot .Check all these services are running.Configure Outlook express with this mail server. Now you download mails from your pop3 mail server.

For configuration,testing  and error corrections check other related postings.

Installing Dovecot

Find your linux version

#uname -a     - gives you the version of the OS  x86 or X86-64

Based on that sdownload Dovecot from here  http://www.dovecot.org/download.html

If it needs   libmysqlclient .so.15  download it's RPM from here http://rpm.pbone.net/

Edit /etc/dovecot.conf
========================================================

protocols = imap imaps pop3 pop3s

auth default {
mechanisms = plain login
passdb pam {
}
userdb passwd {
}
socket listen {
client {
path = /var/spool/postfix/private/auth
mode = 0660
user = postfix
group = postfix
}
}
}
=========================================================

Not able to add printer in windows 2003

Change this group policy.

Group policy  -- User configuration -- Administrative templates -- control panel -- Printer -- Prevent addition for printers   >>> Disable this settings  .

Now add printers

Mutt - Not a mailbox error

If you have received " Not a mailbox" error from mutt .Try to set MAIL environmental variable to correct directory location.If your are using Postfix and Fetchmail.Then mail fetched by Fetchmail will be available at /home/postfix/Maildir.

So set  #export MAIL=/home/postfix/Maildir

This will solve the problem

JOB - Export Cleark

Experience : Minimum 1 year

Qualification : Any Degree

Salary : Upto 12 Thousand

send your resume to  :
Amarjothi spinning Mills
Pudusuripalayam
Nambiyur - 638458

Or  send to jobs@amarjothi.net   (Plain Text only .No attachments Please)

For company details check here www.amarjothi.net

530 Access denied - Mail sending Error

If you are using customized mailing systems.And if you found below mentioned problem.The problem might be your email id's password which is used for sending mails.

EHLO server3
250-smtp103.**.**.in2.yahoo.com
250-AUTH LOGIN PLAIN XYMCOOKIE
250-PIPELINING
250 8BITMIME
DEBUG SMTP: Found extension "AUTH", arg "LOGIN PLAIN XYMCOOKIE"
DEBUG SMTP: Found extension "PIPELINING", arg ""
DEBUG SMTP: Found extension "8BITMIME", arg ""
DEBUG SMTP: Attempt to authenticate
AUTH LOGIN
334 VXNlcm5hbWU6
Y29sbGVjdEBhbWFyam90aGkubmV0
334 UGFzc3dvcmQ6
bWFzdGVy
530 Access denied
javax.mail.AuthenticationFailedException
at javax.mail.Service.connect(Service.java:267)
at javax.mail.Service.connect(Service.java:137)
at SSLMail.sendMail(SSLMail.java:234)
at NewThread.run(SMSMailRecipient.java:259)

Oracle Listener not responding

Frequently if the listener not responding without any proper reason.Check your listener.log file.The size of the file may initiate these type of problems.Try to clear this problem.

It may solve your problem