Enable remote connections to mysql

Linux, MySQL
May 202010

THIS IS FOR MYSQL ONLY! NOT YOUR FIREWALL! NOT YOUR IPTABLES! NOTHIN BUT MYSQL!

Find your my.cnf
Debian/Ubuntu -> /etc/mysql/my.cnf
Red Hat Linux/Fedora/Centos -> /etc/my.cnf

sudo vi /etc/mysql/my.cnf

Make sure bind-address set to your server IP address, (the ip address of that machine, it will probably say 127.0.0.1)

bind-address = 192.158.5.1
Also make sure line skip-networking is removed or commented out
# skip-external-networking

sudo /etc/init.d/mysql restart

Let us assume that you are always making connection from remote IP called 202.54.10.20 for database called webdb for user webadmin then you need to grant access to this IP address.
At mysql> prompt type following command for existing database:

Code:
update db set Host='202.54.10.20' where Db='webdb';
update user set Host='202.54.10.20' where user='webadmin';

no more dot underscore ._ files on the network

Linux, Mac
May 142010

Open the Terminal and type:

defaults write com.apple.desktopservices DSDontWriteNetworkStores true

It may be necessary to log out and back in, or even to restart the computer (which is what the article states), for the change to take effect.

Ubuntu Apache2 image fail

Linux
May 132010

If like me you install apache/mysql/php etc etc and apache fails to server images by putting a blob of crap in the file head try adding this to your /etc/apache2/apache2.conf

EnableMMAP off
EnableSendfile off

and restart apache. I had to kill apache2 before it would show up.

Install Samba on Ubuntu

Linux
May 082010

yes open the terminal and paste in…
sudo apt-get install samba smbfs

sudo gedit /etc/samba/smb.conf

####### Authentication #######

# “security = user” is always a good idea. This will require a Unix account
# in this server for every user accessing the server. See
# /usr/share/doc/samba-doc/htmldocs/Samba-HOWTO-Collection/ServerType.html
# in the samba-doc package for details.
; security = user

Uncomment the security line, and add another line to make it look like this:

security = user
username map = /etc/samba/smbusers

Create a Samba User

There are two steps to creating a user. First we’ll run the smbpasswd utility to create a samba password for the user.

sudo smbpasswd -a

Next, we’ll add that username to the smbusers file.

sudo gedit /etc/samba/smbusers

Add in the following line, substituting the username with the one you want to give access to. The format is = ““.

= “

To share users home directories change these values to match something approximating this. This is from my conf file but look at the key = values pairs becuase it will likely be different on your distro or version.

#======================= Share Definitions =======================
# Un-comment the following (and tweak the other settings below to suit)
# to enable the default home directory shares. This will share each
# user’s home directory as \\server\username
[homes]
comment = Home Directories
browseable = yes

# By default, the home directories are exported read-only. Change the
# next parameter to ‘no’ if you want to be able to write to them.
read only = yes

# File creation mask is set to 0700 for security reasons. If you want to
# create files with group=rw permissions, set next parameter to 0775.
; create mask = 0700

# Directory creation mask is set to 0700 for security reasons. If you want to
# create dirs. with group=rw permissions, set next parameter to 0775.
; directory mask = 0700

# By default, \\server\username shares can be connected to by anyone
# with access to the samba server. Un-comment the following parameter
# to make sure that only “username” can connect to \\server\username
# This might need tweaking when using external authentication schemes
valid users = %S

mysql_secure_installation

Linux, Mac, MySQL
May 082010

if you install mysql run this command please…

mysql_secure_installation

what does it do?

asks you set a password for root account
remove root accounts that are accessible from outside the local host.
remove anonymous-user accounts.
remove the test database, which by default can be accessed by anonymous users.

see… it’s important

here’s what happens

me@ubuntop:~$ mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MySQL to secure it, we’ll need the current
password for the root user. If you’ve just installed MySQL, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

You already have a root password set, so you can safely answer ‘n’.

Change the root password? [Y/n] n
… skipping.

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
… Success!

Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
… Success!

By default, MySQL comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
– Dropping test database…
ERROR 1008 (HY000) at line 1: Can’t drop database ‘test’; database doesn’t exist
… Failed! Not critical, keep moving…
– Removing privileges on test database…
… Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
… Success!

Cleaning up…

All done! If you’ve completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!

Reset Mysql Password

Linux
Apr 192010

Centos Version

Step # 1 : Stop mysql service
# /etc/init.d/mysqld stop

Output:
Stopping MySQL database server: mysqld.

Step # 2: Start to MySQL server w/o password:

# mysqld_safe –skip-grant-tables &

Output:
[1] 5988
Starting mysqld daemon with databases from /var/lib/mysql
mysqld_safe[6025]: started

Step # 3: Connect to mysql server using mysql client:

# mysqld -u root

Output:
Welcome to the MySQL monitor. Commands end with ; or \g.

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer.

mysql>

Step # 4: Setup new MySQL root user password

mysql> use mysql;
mysql> update user set password=PASSWORD(“NEW-ROOT-PASSWORD”) where User=’root’;
mysql> flush privileges;
mysql> quit
Step # 5: Stop MySQL Server:

# /etc/init.d/mysql stop

Output:
Stopping MySQL database server: mysqld
STOPPING server from pid file /var/run/mysqld/mysqld.pid
mysqld_safe[6186]: ended

[1]+ Done mysqld_safe –skip-grant-tables

Step # 6: Start MySQL server and test it

# /etc/init.d/mysql start
# mysql -u root -p

terminal - wav to mp3

Linux
Mar 232010

lame -V2 inputfile.wav outputfile.mp3

Block access via htaccess

Linux
Mar 112010

order allow,deny
deny from 127.0.0.1
allow from all

This will refuse all GET and POST requests made by IP address 127.0.0.1, an error message is shown instead.

To block multiple IP addresses, list them one per line.

order allow,deny
deny from 127.0.0.1
deny from 127.0.0.2
deny from 127.0.0.3
allow from all

You can also block an entire IP block/range. Here we will not specify the last octet in the .htaccess file.

deny from 127.0.0

This will refuse access for any user with an address in the 127.0.0.0 to 127.0.0.255 range.

Instead of using numeric addresses, domain names (and subdomain names) can be used to ban users.

deny from isp_name.com

It bans users with a remote hostname ending in isp_name.com. This would stop all users connected to the internet via isp_name.com from viewing your site.

Using .htaccess to block an entire range or name is likely to lock out innocent users. Use with caution.

free an ip/host from fail2ban

Linux
Mar 072010

Check your rules
iptables -L

iptables -D your_jail -s your_ip_address -j DROP

iptables -D fail2ban-SSH -s 192.168.1.1 -j DROP

fail2ban - webmin filter

Linux
Mar 062010

[webmin-iptables]
enabled = true
filter = webmin-auth
action = iptables[name=webmin, port=10000, protocol=tcp]
sendmail-whois[name=WEBMIN, dest=example@example.com, sender=example@example.com]
logpath = /var/log/secure

Modify the two instances of example@example.com with the destination and sender email address. This jail will monitor attempted logins to the Webmin user interface, which runs on port 10000, and if there are to many, issue a ban on the IP address. The email address supplied in dest= will receive an email saying the ban as been issued. If you moved your install of Webmin to run on something other than port 10000, change the port= value as appropriate.

Older Entries Newer Entries