Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About MelRay

  • Rank
  • Birthday 12/28/1979

Contact Methods

  • AIM
  • ICQ

Profile Information

  • Gender
  • Location
    South Mississippi
  1. I have syslog-ng running on a RHEL4 box logging Cisco traffic, finally. I found a nice example on the syslog-ng mailing list and modified it accordingly. I have it set to log to file instead of MySQL. I chose a flat file to be able to grep/search the logs at any time with out the assistance of a web front or other front and it's also cross platform. We are required to save logs for one year at least, I did not want to be responsible for such a large MySQL database and all the maintenance that comes with that. I am desperately looking for a log analysis tool that will correlate all the logs and run reports, identify patterns, you know...all the bells and whistles. I looked at OSSIM at http://www.ossim.net/home.php but it does way more than I want it to. Php-syslog-ng( http://www.vermeer.org/ which was last updated 2004) requires syslog-ng to use a MySQL DB. SWATCH does not do what I require so far as I can tell, nor does octopussy (8pussy.org). My goal is to have most/all of our Windows domain controllers/member servers, all the Linux systems and all the network gear log to a central server and use a tool to process that data and generate results of emerging patters, warning signs and other things. Hopefully I can accomplish this with files instead of a MySQL DB but if I have to a DB would be very acceptable. Any advise on this?
  2. MelRay

    Apache 2 & SSL

    I took out Listen 443 and commented out duplicates in httpd-ssl.conf and it actually started. Perhaps I just needed a day to get my head straight.
  3. MelRay

    Apache 2 & SSL

    I'm rapidly reaching my wits end here, seriously...I'm going crazy trying to get this apache server to use SSL...HELP! All actual IP addresses have been removed and/or replaced with "IP" I already have apache installed on RHEL3 working on port 80. If I change Listen in httpd.conf to 443 I get the following error with FireFox: In /www/log/access_log I see: [23/May/2006:11:32:19 -0500] "\x80g\x01\x03" 200 27497 [23/May/2006:11:32:40 -0500] "\x80g\x01\x03" 200 27497 So I tried to start from scratch and recompile apache with openssl wget http://www.openssl.org/source/openssl-0.9.8b.tar.gz tar xvzf openssl-0.9.8b.tar.gz cd openssl-0.9.8b ls ./config make make test make install make clean cd httpd-2.2.2 ./configure --prefix /usr/local/apache2 --enable-mods-shared=all --enable-ssl --with-ssl=/usr/bin/openssl make make install make clean mkdir /usr/local/apache2/conf/ssl.crt mkdir /usr/local/apache2/conf/ssl.key openssl req -new -out server.csr openssl rsa -in privkey.pem -out server.key openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365 rm privkey.pem rm server.csr mv server.crt /usr/local/apache2/conf/ssl.crt/ mv server.key /usr/local/apache2/conf/ssl.key/ I added the paths to httpd-ssl.conf for the crt and key file, I changed Listen from 80 to 443, I tried changing it to the servers IP address:443 and I still get; iptables is stopped and using port 80 works just fine. What the hell is going on here? lsof -i tcp:443 netstat -lan |grep :443 netstat -pan |grep LISTEN All show nothing listening on 443 I really need help here, I'm very very confused to why this is not working.
  4. I was hesitant to rm the old mysql dirs, but I could not find another way so I did. It worked out ok. Removed old dirs, moved the new ones to the same location and done. I dd have to get some shared libraries from mysql.com but it was not that bad of a procedure.
  5. Hello all, I don't quite know where to start on this upgrade. I want the upgrade to get two servers running the same version of MySQL. I have mysql 4.0 in /usr/local/mysql/ so how would I remove that install and replace with 4.1? The whole reason for this is because of a snort error (I know jack about snort); ERROR: database: mysql_error: Client does not support authentication protocol requested by server; consider upgrading MySQL client After reading the solution for some folks, with the following mysql> UPDATE mysql.user SET Password = OLD_PASSWORD('newpwd') WHERE Host = 'SomeIP' AND User = 'root'; mysql> FLUSH PRIVILEGES; Did not work and mysql> SET PASSWORD FOR 'root'@'SomeIP' = OLD_PASSWORD('newpwd'); ERROR 1133 (42000): Can't find any matching row in the user table obviously did not work, I read I can just upgrade mysql to 4.1 to resolve the password problems, the trouble is...I have never upgraded mysql. Help?
  6. I had given up on getting the kernel compile working since I was told the box only needed 1 NIC with an IP and two sensors for snort, and since the box has three PCI NIC's I left it alone. But I was unable to shake off not getting the on-board NIC working and took your advice. Here's what I did. cd /usr/src/redhat/SOURCES/ bunzip2 tg3-3.43b.tar.bz2 tar xvf tg3-3.43b.tar cd tg3-3.43b mv Makefile makefile make insmod tg3.o make install vi /etc/modules.conf (select tg3 module for eth1) kudzu (set eth1 for DHCP) ifup eth1 cd /etc/sysconfig/network-scripts/ vi ifcfg-eth1 (enabled up on boot) shutdown -r now (to verify it come up on boot) Worked!
  7. Hello guys, been awhile since I last visited. I've been a windows weenie until I got caught in a rut with the new server's I'm loading. I have a Dell Optiplex GX280 that I installed RHEL 3 on, and it does not have the NIC driver loaded into the kernel. RHEL 3 ships with the 2.4.21 Kernel. I attempted to find suitable drivers from broadcom(It's a 10/100/1000 on-board NIC) but was unable to load them. Anyway I read that the 2.6 Kernel has compatible drivers for the Broadcom NIC, so I tried to re-compile the kernel. Long story short, I printed the document here for the 2.6 kernel and got errors on make install. Kernel: arch/i386/boot/bzimage is ready depmod: Can't open /lib/modules/2.6.15/modules.dep for writing /lib/modules/2.6.15 is not a directory mkinitrd failed There is no /lib/modules/2.6.15 only /lib/modules/2.4.21-4EL and 2.4.41-4ELsmp Help? I need to get this NIC running so I can finish installing other software, I also have to add three other NIC cards to it later. It's an IDS box, so I hope I can find some widely accepted NIC cards with built-in driver support. Thanks,
  8. How about some pro's/con's, advantages/disadvantages of using Linux as a firewall/router. Some sucess stories, horror stories, just anything about the subject matter. I'm sure you can rattle out some good information.
  9. MelRay


    I don't know much about using a bash script, but you can use php since it's already running this site. You can modify the code below to change the rotate intervals, but it would be on each page load. The images are small enough that it shouldn't matter....for now. <? $ris = "/img"; $picture = array(); $picture[0] = "$ris/1.jpg"; $picture[1] = "$ris/3.jpg"; $picture[2] = "$ris/4.jpg"; $picture[3] = "$ris/5.jpg"; $picture[4] = "$ris/6.jpg"; $picture[5] = "$ris/7.jpg"; $picture[6] = "$ris/8.jpg"; $picture[7] = "$ris/9.jpg"; $picture[8] = "$ris/10.jpg"; $count = count($picture) - 1; $num = rand(0,$count); echo ('<img src="'.$picture[$num].'" alt=" " width=" " height=" " border="0" />'); ?> Hope that helps.
  10. MelRay


    Love it, Hate it...let me know. All comments are welcome.
  11. I'm trying to install webalizer on RH9. Here's some details: [root@melray webalizer-2.01-10]# ./configure loading cache ./config.cache checking for gcc... (cached) gcc checking whether the C compiler (gcc ) works... yes checking whether the C compiler (gcc ) is a cross-compiler... no checking whether we are using GNU C... (cached) yes checking whether gcc accepts -g... (cached) yes checking whether ln -s works... (cached) yes checking for a BSD compatible install... (cached) /usr/bin/install -c checking how to run the C preprocessor... (cached) gcc -E checking whether char is unsigned... (cached) no checking for main in -l44bsd... (cached) no checking for main in -lm... (cached) yes checking for main in -lz... (cached) yes checking for gzrewind in -lz... (cached) yes checking for main in -lpng... (cached) yes checking for gdImagePng in -lgd... (cached) no checking for libgd.a... (cached) /usr/local/lib checking for gd.h... (cached) /usr/local/include checking for getopt.h... (cached) yes checking for math.h... (cached) yes checking default config dir... (cached) /etc checking for language file... (cached) yes - english creating ./config.status creating Makefile linking ./lang/webalizer_lang.english to webalizer_lang.h [root@melray webalizer-2.01-10]# make gcc -L/usr/local/lib -o webalizer webalizer.o hashtab.o linklist.o preserve.o parser.o output.o dns_resolv.o graphs.o -lgd -lpng -lz -lm graphs.o(.text+0x5aa): In function `year_graph6x': : undefined reference to `gdImagePng' graphs.o(.text+0x126d): In function `month_graph6': : undefined reference to `gdImagePng' graphs.o(.text+0x1bd5): In function `day_graph3': : undefined reference to `gdImagePng' graphs.o(.text+0x2338): In function `pie_chart': : undefined reference to `gdImagePng' collect2: ld returned 1 exit status make: *** [webalizer] Error 1 [root@melray webalizer-2.01-10]# rpm -q libpng libpng-1.2.2-20 [root@melray webalizer-2.01-10]# rpm -q libpng-devel libpng-devel-1.2.2-20 [root@melray webalizer-2.01-10]# rpm -q gd gd-1.8.4-11 [root@melray webalizer-2.01-10]# rpm -q gd-devel gd-devel-1.8.4-11 I know gd works properly becuase I use Gallery on this server. However, I don't know why I can't get webalizer up and running. Please let me know if you need any more information about this setup so I can get this working. Ray
  12. Ugh, board gave me a Mail Error! or something. Sorry for the double post.
  13. Made one more, I think it's my favorite. Although problem.gif is nice too. http://www.melraystudios.com/lnads/linuxnoob.gif
  14. Here's some ads I made. 468x60. www.melraystudios.com/lnads/ Have fun!
  • Create New...