Category: web

Random web server stuff.

Forums at last

Forums at last

It’s been really fun running multiple websites and writing about some of my experiences. So I decided to stand up a forum. The link is part of the nav menu but here you go FORUMS.

I write a lot of technical documentation and sometimes I sanitize what I take from my own wiki or experiences and post them to the public. I think forums are a better way to interact with people and answer more technical questions.

Now time to transcribe all my stuff. See you there.

Guide: Installing Windows using WDS and MDT

Guide: Installing Windows using WDS and MDT


Who is this for?

This guide will target more lab oriented users. Some basic skills are assumed like installing an operating system will be assumed. Unlike other guides on the forum this specifically may interest those in or wanting a job in IT. Regardless of if you use these technologies in a corporate environment playing with them on your own can help you get familiar with technologies and concepts people use everyday to get paid. With the added bonus of doing something fun on a Saturday. Overall this guide is not about if you should. It is about if you can do something and try to have a little fun in the process. It may look complex at first because I am really verbose sometimes, but this is all free and wont cost you a dime to learn something new.

Read about it in the Forums.

Anatomy of a public DNS breakin

Anatomy of a public DNS breakin

Hiya, Today I am going to walk you through discovering and potentially leveraging open DNS servers in an effort to show you why you should be careful with the DNS blocking tools that have steadily become popular. Check it out here.

Pi-Graphs

Pi-Graphs

But not thew way you think. I got bored this evening and while it is nowhere close to completion I decided to install grafana on my rasberryPI B+.

To do this I first downloaded Ubuntu server 19.04 from the Pi site.

From here after the normal install and updates etc it was time to stand it up so I can feel productive later. First and foremost I needed to make sure that I could poll network equipment and pretty much anything that supported SNMP. So lets get that out of the way.

sudo apt install snmp

Now that we have snmp we can probe things, but we aren’t going to get anything we can read so we need the MIBs to translate the info from the various manufacturers.

sudo apt install snmp-mibs-downloader

Now that we have the downloader lets go get the actual MIBs

sudo download-mibs

Sweet, now we need to tell snmp to use them, so lets edit the config.

sudo nano /etc/snmp/snmp.conf

and now lets change the default value to

mibs +ALL

save and exit and cool beans.

Now we have the networking stuff installed so now we need to go grab grafana. Its a seperate repo so we will need to tell ubuntu where to look for it. In this case I dont want betas, so I’ll be using the stable repo.

Lets make sure we have this

apt-get install -y software-properties-common

now we need to make sure we can do https transport just in case.

sudo apt-get install -y apt-transport-https

Lets add the repo now so ubuntu knows where to find grafana

sudo add-apt-repository "deb https://packages.grafana.com/oss/deb stable main"

Ubuntu is going to get mad unless we make sure this repo is legit so lets add the key for it

wget -q -O - https://packages.grafana.com/gpg.key | sudo apt-key add -

wew. Ok now we need to do an update so that ubuntu knows to check that repo when we ask it to install things.

sudo apt update

Now lets install grafana.

sudo apt install grafana

Cool, now we need to start it and set it to start at boot.

sudo service grafana-server start
sudo systemctl enable grafana-server.service

We will need InfluxDB because its what I want to use anyway so we can log stuff. So lets install it.

sudo apt install influxdb

Now, you do need to continue and create a data base in influx with a username and password. I’m stopping here though. Since I’m not sure what I want to do with it yet.

The Grafana default port is 3000 so you should get something like this if you nav to your IP and port 3000.

Now I just need to set it up more and play with it. Will be polling stuff for no reason in no time. Here is a peek at my home setup.


Permissions to the rescue

Permissions to the rescue

Last night I was changing my default tabs in chrome and decided to add my site as one of them. I figured if I did this it would push me to write more.

Imagine my shock when I was greeted with a 502 proxy error by nginx. After a little digging I found some errors in nginx error.log, specifically.

unix:/var/run/php/php7.2-fpm.sock failed (13: Permission denied) while connecting to upstream

After looking online I saw some old security patches for php5 regarding process ownership and some recommendations regarding www.conf. None of them applied of course and I was stuck again. However, after a little more digging it turns out that this may have been because of an update. As such permissions were modified. It also turns out on older OSs ‘nginx’ is not by default part of the www-data group.

Now while the site was working at some point I figured the problem was because of this broken group/user relationship and thats when I found the command to re-add it to the group.

usermod -a -G www-data nginx

That worked great! Now the site was up! A new problem arose though. I needed to commit some updates to wordpress but some of the plugins would not take. Some were complaining about write permissions. The paths seemed to indicate issues with their respective home directories. A quick glance at permissions showed that either because of initial problems during my install or otherwise the ownership of the folder was set incorrectly.

A quick chown sudo chown -R www-data:stuff and we were back in business. Now my coffee was lukewarm and I have to get ready for work. Atleast I get to complain about things on the internet now though.

Hello world!

Hello world!

Well that was hard. So it’s been I think a year? Since I blogged about my random misadventures in IT. Specifically since I had my misadventure into flash cache and SAN storage. I ended up losing everything in a freak HDD failure combined with an SSD cache drive failing.

So.. last night I spent the time and actually stood up my wordpress install. I configured NGINX a few weeks ago and just never got around to actually doing anything with my domains as I rebuilt my internal services.

What a mess, I think for the most part I do things in a more complex manner than needed. In this case it took me a bit to figure out why my database server wasn’t linking to my nginx server. It ended up being a interface bind issue, but it had been so long that I had to ask myself if it wouldn’t just be easier to install mysql on the web server.

I was adamant though, and continued on. Now I have some semblance of an active website maybe, if not.. well I have another project I guess.