Tuesday, December 14, 2021

NMAP - Network Mapper : Scanning Localhost

I am going to use localhost to scan for the ports and the applications that uses...
 
Use the following command to scan localhost
 
$ nmap localhost
 
The result of the execution would be summarized as the image given below...
 

As you can see from the image the list of open ports and the services that uses it....other applications can connect through the port to access the required services...

NMAP - Nerwork Mapper
Entire Network Scan...
at No comments:

NMAP - Network Mapper : Scanning entire Network

For scanning the entire network use the following command....
 
Inorder to perform the network scan....you have to know the IP address of the gateway...in my case the IP of the gateway is 192.168.1.1 which is the common gateway IP address that all the network would have by default unless if you have changed it to something else....

so having said a fore mentioned gateway IP, the command for scanning the entire network would be 

$ nmap 192.168.1.*

The result of the command execution would be explained by the image given below....


the above image has all the required information about each of the hosts available in the network.....


at No comments:

NMAP - Network Mapper

NMAP is a opensource network mapper tools, which is used by most of the security professionals to enumerate open ports, applications available on a host in a network.

Before we dig deeper into NMAP, let us first discuss how to install it have our investigation.

Installing NMAP

To install NMAP use the following command
$ sudo apt install nmap



The above picture would tell you how NMAP installed successfully and the same can be confirmed by the following command

$ which nmap

The above command would give the location where the package is installed in your system.


Having NMAP installed is not the point I have started the post... I am going to run thru all the options/switches available in the command as subsequent posts...
 
As part of the tour with NMAP let us start the journey by scanning the localhost first...
 
Scanning Localhost...
at No comments:

Monday, December 13, 2021

Installing Nginx Web Server in Ubuntu and a Quick Tour about it

Hi,

In this post we are going to see how to install Nginx web server and perform some actions on it...this would be a quick start guide for those who want to browse about Nginx.

The first and foremost...installating Nginx.

Installing Nginx web server

Use the following commands to install Nginx web server.

$ sudo apt update
$ sudo apt install nginx

Well that is it all about the installation of Nginx...pretty easy right....

Starting Nginx

By default when you install Nginx, the web server would be up and running but when you found that web server is off...how would you turn it on? the answer is the command given below...

$ sudo /etc/init.d/nginx start

Signals of Nginx

With respect to Nginx, the web server can be controlled by signals

  • Signals
    • stop : for fast shutdown
    • quit : for graceful shutdown
    • reload : to reload the configuration changes
    • reopen : to reopen the log files
    • restart : to restart the nginx web server

the signals given above are self explanatory and we will see how to use those signals in the following section

How to? Signal Usages
$ nginx -s stop
$ nginx -s quit
$ nginx -s reload
$ nginx -s reopen
$ nginx -s restart

Structure of the Configuration File

Nginx web server consists of module which are controlled by directives mentioned in the configuration file

There are two types of directives....

  • Directives
    • Simple Directive
      consist of name followed by parameters with space separatThere are two types of directives....ed and terminated by a semi colon
    • Block Directive
      same as simple directive but instead of terminating with the semi colon...this directive is enclosed by set of braces or paranthesis. if a block directive can have other directive other directives inside braces or paranthesis, then it is called context.

Directives placed outside of any contexts are considered to be a part of the main context.

Serving Static Content

The purpose of any web server is to serve contents which is requested through a URL. Nginx is no exception on that and the speciality about Nginx is that we can define the locations where the contents are stored to look for.

For instance, the html files can be served form the location called /var/www/html and the images can be served from a different location such as /var/www/images.

Nginx would be known about these locations via respective entries in the configuration file.

Let us try out some of the entries in the configuration file.

In order to server the html files from the location mentioned above... the configruation file should have a block entry named "location" inside the block entry "server" again which is inside the block entry "http", typically the entry should look like the one given below...

    http{
        server{
            location /login.html{
                root /var/www/
            }
        }
    }

Similar to the entry above, we can have a entry which serves images like the one given below....

    http{
        server{
            location /images{
                root /var/www/images
            }
        }
    }

Having said the above two configurations are in place and nginx server has encountered an url such as...

http://localhost/login.html

Now the nginx websever would refer the configuration details to identify the directory for contents, in this case the the directory would be /var/www and if the server finds the file login.html it would be served to the client.

For the next case assuming the login page referring an image and url for the image resource be like....

http://localhost/images/login.png

Now the nginx server would refer the images directory to server the file login.png.

Once we are sure about the configurations defined in the config file we should now let the web sever know about it.

To make the web server know about the configurations we have to load the configurations defined so far.... To achieve this let us reload the server using the command given below....

$ nginx -s reload

with this we can conclude the static content service provided by the nginx server.

Setting up Proxy Server

Now we are going to talk about a important application of nginx server, which is nginx as a proxy server.

As we all know, a server can be used as a proxy for clients and for servers, to be precise nginx web server can be used as both forward proxy and reverse proxy.

Let us now touch upon these two concepts very briefly...

Forward Proxy

Forward proxy is a concept that is applied on the incoming request form the client for the server.... the proxy server sits in between the client and the actual server that does the real job, in which case the server does not know anything about the actual client.

what the proxy server does is... it intercepts the actual request from the client and mask the IP address as part of the request and forward the request to the actual server for processing.

Now for the actual server the client is the proxy server and not the actual client, the actual server does its work and generate the response and sent it back to the proxy server.

The proxy server receives the response, it unmask the IP address and sent it back to the actual client.

To be precise, forward proxy is for the client and not for the server and to be more precise the forward proxy would normally resides in local network and not on the internet.

Reverse Proxy

Reverse proxy on the other hand is the concept applied on the response generated by the actual server.

Here the clients or the request creators does not know about the actual servers, from the client point of view the proxy server is the actual server that creates the response for the request.

This approach is to protect the servers form the malicious client access.

Rever proxy sits on the internet and not on the local network.

Nginx is designed to be a reverse proxy.

Let us see how these two are done in nginx.

Nginx as Reverse Proxy

Let us now see some examples how Nginx server can be used as a reverse proxy

    http {
        server {
            location /home {
                proxy_pass http://localhost:8080/
            }
            location /images{
                root /var/www/images
            }
        }
    }

from the above example given, the first location uses the proxied server for the mapping /home and for serving images the mapping /images is used which is the local folder.

Nginx as FastCGI proxy

Another application of Nginx server is to proxy the fastCGI server where there application build on various frameworks and languages like PHP would run.

Taking the above configuration as a basis, we can have similar configuration for FastCGI proxying.

We will be using fastcgi_pass directive rather proxy_pass for FastCGI configuration.

    http {
        server {
            location /home {
                fastcgi_pass localhost:8080
            }
            location /images{
                root /var/www/images
            }
        }
    }

Well with this we can conclude the installation of Nginx Server and its quick tour.

Let me know what you feel about this post through comments...

at No comments:

Monday, December 6, 2021

Installing TeamCity Continuous Integration / Continuous Deployment DevOps Environment

Hi,
In this post I am going to talk about installing TeamCity which is a DevOps Continuous Integration and Deployment Server.

Prerequisite(s)
SNoNameVersionDownload PageDirect Link
1Java1.8 or >N/AN/A
2MySql8.0 or >N/AN/A
3Team City2020.1 or >N/AClick to Download

The installation of Java and Mysql is off the topic, if you need a discussion point on that... for MySql let me share the link below to have a detailed explanation on how to install MySql in ubuntu and for Java you can refer any online resources which is appropriate for the operating system that you have.

 
Having said Java and Mysql are installed, let us proceed forward for the installation of Team City

Installation of Team City
Download the package from the prerequisites section and move it to your favorite location.

Use the following command to untar the package to your favorite location

$ tar -xzf TeamCity-2020.1.tar.gz

Now you will have a fully exploded package of Team City and this concludes the installation of Team City Continuous Integration/ Continuous Deployment

We can run team city service with two different modes

1. Evaluation
2. Production

Let us discuss the above mentioned modes in detail

Starting Team City Service
Whether we run team city for evaluation or for prodcution, we should have a database for team city in place.... in our case "teamcity_ci" is the database created in mysql server.

For Evaluation

In order to have Team City to run in Evaluation mode..

Open a terminal window and navigate to the bin directory of Team City and run the command given below....

$ ./runAll.sh start

Now open up a browser and hit the following url
http://localhost:8111

Now the user interface would ask user details to key in and proceeding further you have key in the database details as well....

Top stop the service use the following command...
$ ./runAll.sh stop
 
Well this concludes starting team city service for evaluation 

For Production
To have team city run in production mode we have to use the script teamcity-server.sh which resides in bin directory

$ ./teamcity-server.sh start

Now open up a browser and hit the following url
http://localhost:8111

To stop the service use the following command...
$ ./teamcity-server.sh stop

To know about the options to be used with command just run the following...
$ ./teamcity-server.sh

Well this concludes starting team city service for production

Team City auto start on server startup
This section talks about having team city service up and running during the server startup/reboot

Create a file named "teamcity" under the folder /etc/init.d folder open that file in your favorite text editor, in our case vi editor 
 
The following commands would detail how the file has to be created and edited
 
$ sudo touch /etc/init.d/teamcity
$ sudo vi /etc/init.d/teamcity
 
If one of above two commands prompts for the password, please provide one associated with the user.
 
append the file with following content...

#!/bin/sh
### BEGIN INIT INFO
# Provides: TeamCity autostart
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start teamcity daemon at boot time
# Description: Enable service provided by daemon.
# /etc/init.d/teamcity - startup script for teamcity
### END INIT INFO
# Ensure you enter the right user name that TeamCity will run under
USER="admin" ## CHANGE THIS USER NAME TO MATCH YOUR USERNAME
case $1 in
start)
start-stop-daemon --start -c $USER --exec ./TeamCity-2020-1/bin/teamcity-server.sh start
;;
stop)
start-stop-daemon --start -c $USER --exec ./TeamCity-2020-1/bin/teamcity-server.sh stop
;;
esac
exit 0


Change file permission of "teamcity" in /etc/init.d

If the team city server is up and running stop it first before you make these changes and on terminal fire up the following three commands....
$ sudo chmod +x /etc/init.d/teamcity
$ sudo update-rc.d teamcity defaults
$ sudo /etc/init.d/teamcity start

Well that is it, with this we have concluded the installation of TeamCity CI/CD server.

Hope you had great time reading.
at No comments:
Labels:

Sunday, December 5, 2021

Installing and Configuring Ansible DevOps Environment in Ubuntu

Hi,
In this post we are going to concentrate on how to install Ansible and how to configure it...
 
Before we proceed on the installation part let me give you a brief note on what Ansible is....
 
Ansible is a radically simple IT automation platform that makes your application and system easier to deploy. Avoid writing scripts or custom code to deploy and update your applications - automate in a language that approaches plain English, using SSH, with no agents to install on remote system.
 
(the above description is inspired/copied from the description given when you add the repository for ansible in ubuntu)
 
Installing Ansible
 
Let us first add the repository 

$ sudo apt-add-repository ppa:ansible/ansible
if the above command prompts you for the password provide one associated with the user


$ sudo apt update
 

$ sudo apt install ansible
 
With this the installation part of ansible is complete, let us now concentrate on configuring it...
 
Configuring Ansible
Before you configure ansible you need identify the hosts that is going to be monitored by ansible.....
 
you can think of it in this way, the host/node where ansible is installed is called control node and the host/node entries that you have in the hosts file are called managed hosts/nodes
 
Using your favorite text editor open up the the file hosts which resides at /etc/ansible
 
$ sudo vi /etc/ansible/hosts

create groups and entries as directed by the image given below....

From the above image....

[servers] is the group which has the nodes to be managed...and you can as many groups as you want.
 
The [all:vars] subgroup tells the hosts/nodes about the interpreter to be used by the servers mentioned.

With this the configuration section of ansible is completed.

Testing Ansible

Let us try some command to see how Ansible works

Open a terminal and fire the commands below to see the output...

$ ansible-inventory --list -y
The above command would give the inventory list specified in the hosts file
 

 

$ ansible all -m ping -u root

This command would give you the ping result of all the hosts/nodes mentioned in the hosts file.


 
Well that is it... with this let us conclude this post.

 
at No comments:
Labels:
Subscribe to: Posts (Atom)

How to change the root password in linux when it is forgotten/to change

This blog is all about changing the root password of the Linux system when it is forgotten or to reset the password...   Let's get it ...