Creating a self-signed SSL certificate for Apache
by Brian on Aug.06, 2005, under Mac OSX, OpenBSD
To support https transactions in Apache, you will need to generate an RSA certificate.
# openssl genrsa -out /etc/ssl/private/server.key 1024
Or, if you wish the key to be encrypted with a passphrase that you will have to type in when starting servers
# openssl genrsa -des3 -out /etc/ssl/private/server.key 1024
The next step is to generate a Certificate Signing Request which is used
to get a Certifying Authority (CA) to sign your certificate. To do this
use the command:
# openssl req -new -key /etc/ssl/private/server.key -out /etc/ssl/private/server.csr
This server.csr file can then be given to Certifying Authority who will sign the key.
You can also sign the key yourself, using the command:
# openssl x509 -req -days 365 -in /etc/ssl/private/server.csr -signkey /etc/ssl/private/server.key -out /etc/ssl/server.crt
Simple ethernet tracker script
by Brian on Aug.05, 2005, under Mac OSX, OpenBSD
Need to find an ethernet port on a very populated switch?
Run this on your powerbook, plug into the jack, and Voila!
The port on the switch will flash, allowing you to find it without
replacing the dead batteries in your toner and tracker.
#!/bin/sh
while true; do
sudo ifconfig en0 down
sleep 1
sudo ifconfig en0 up
sleep 1
done
Clearing the EXEC password from a Cisco 675/678 DSL Router
by Brian on Jul.27, 2005, under Networking
To clear Exec Password if it isnt remembered… (Don’t ask…)
[Warning: This will erase your current configuration!]
At password prompt unplug powercord for 3 seconds plug in again.
Just after the alarm light comes on press (CTRL + C) and the router
should go to a special prompt.
Type (es 6) and press enter. The router will indicate that it is erasing
sector 00000006.
When done simply unplug the power and start from beginning.
(Your config is now gone!)
Hope you have a backup…
Freeware CD and DVD burning!
by Brian on Jul.14, 2005, under Windows Info
DeepBurner is a kick-ass free CD and DVD burning utility.
get it here: www.deepburner.com
Check out GahooYoogle!
by Brian on Jul.10, 2005, under General Info
It’s my new favorite search engine..
I’d like to see a set of frames with the ability to choose which engines are searched.
(Tho I suppose I could just quit being so lazy and write it for myself.)
Nice work, and very useful…
How to setup a Cisco 7960G with SIP
by Brian on Jul.04, 2005, under Networking
I went to the Cisco 7960G Software Download Site and downloaded the P0S3-7-4-00.zip file which contained the 7.4 SIP Flash Image for 7940/7960 IP Phone’s.
Power on your phone and connect it to your network. You will need to change the IP address of your phone to a free one on your network or set it up to use DHCP, which is the way mine was configured by default.
There are apprently a couple of ways to unlock your phone depending on which verison of firmware that you have installed. For older phones you will need to press **# or on newer firmware select unlock config from the config menu and then type in the password (default is ‘cisco’).
My phone was using older firmware (3.1 MF.G2) so I hit the settings hard key on the phone, moved the “cursor†to option 3, but don’t select it just yet. Press **#, then press the select soft key on the 7960’s screen. You should see the padlock icon with an unlocked appearance. Press 32 and see if you have a YES option (alternate TFTP). If so press yes, then go to option 8 and edit the IP address.
From the CLI of your Asterisk box type: setup-cisco. This command will setup a basic SIPDefault.cnf in the /tftpboot directory of your Asterisk box.
Upload the P0S3-7-4-00.zip file to your servers TFTP root directory wihch in my case was /tftpboot on the A@H server. Don’t unzip it on your workstation and upload it. For some reason it doesn’t work.
From within your /tftbboot directory on your Asterisk box type uzip P0S3-7-4-00.zip.
From the command line type cp /tftpboot/cisco_util/* /tftpboot.
From the command line type chmod 777 /tftpboot/*.
Reboot your 7960 by disconnecting the power cable. Your phone should be able to aquire its IP from the DHCP server (if that is how you have it configured), connect to the TFTP server and start the upgrading your phone to the 7.4 release of the SIP firmware.
Once your phone has completed the upgrade, you will need to type rm /tftpboot/xmlDefault.CNF.XML and rm /tftpboot/XMLDefault.cnf.xml from the command line on your Asterisk box.
Happy 4th of July!!
by Brian on Jul.04, 2005, under General Info
I hope noone reads this today, due to barbeques, fireworks, and other non-networking related activities.
Happy Birthday America!
BitVise Tunnelier Rules!!
by Brian on Jun.28, 2005, under Windows Info
BitVise Tunnelier is a free-for-home use SSH client for Windows. It has sftp, and an x-term built in. You can also script programs to run after connecting to your favorite SSH daemon. The nicest feature uses SSH tunneling to secure otherwise insecure server connections. (no more cleartext passwords sent across the Internet!) Nice work, BitVise. and thanks!
Check it out here: http://www.bitvise.com/tunnelier.html
Establish an SSH Tunnel Using PuTTY on Windows
by Brian on May.20, 2005, under Windows Info
Creating An SSH Tunnel For VNC Using PuTTY
The first step is to launch PuTTY. The PuTTY Configuration will open. Enter
Enter the hostname in the configuration window
Click on “Tunnels” on the left hand side. The window will change to reflect this new selection.
Enter the tunnel information
From the “Connect” window, click the “New Session” button (third from the left.).
Start by entering the following information:
* Protocol: ssh2
* Hostname: hostname.goes.here
Then click “Port Forwarding” under “Category”.
Click the “Add” button.
To create the tunnel, you must enter the requested information in the following manner:
* Local port: 5900
* Remote port: 5900
If your VNC session number is 0 you would enter 5900 for both Local and Remote port.
When you have finished: click the “Ok” button. The new session window will update to reflect your changes.
Click the “Ok” button to complete the addition of the new session. To use the session you have created: double-click the session name. Authenticate as usual.
The last step is to start your VNC client. When prompted for hostname:
use localhost:5900 instead of hostname.goes.here:5900
Get it?
ClamAV: Project
by Brian on May.19, 2005, under Mac OSX, OpenBSD, Windows Info
ClamAV: Project
Clam is a *very* excellent Open Source antivirus solution. It integrates nicely with most mail servers,
and runs very well on my OpenBSD boxes.
Note: There’s also a Windows version of this awesome freeware available. Get yours at http://www.clamwin.com