MonthJanuary 2013

Apache HTTP Server Version 2.4 installation & SSL Configuration

1. Download: http://httpd.apache.org/download.cgi
2. Extract: gzip -d httpd-NN.tar.gz | cd httpd-NN
3. Configure:
./configure –prefix=PREFIX (PREFIX must be replaced with the filesystem path under which the server should be installed. If PREFIX is not specified, it defaults to /usr/local/apache2.)
Eg: #./configure –prefix=/usr/local/apache2 –with-included-apr –enable-ssl –enable-so
Or
#./configure –with-included-apr –enable-ssl –enable-so
4. Compile: #make
5. Install: #make install
6. Test: PREFIX/bin/apachectl –k start

Requirements
1. APR and APR-Util: download the latest versions of both APR and APR-Util from http://apr.apache.org/ unpack them into ./srclib/apr and ./srclib/apr-util (be sure the domain names do not have version numbers; for example, the APR distribution must be under ./srclib/apr/) and use ./configure’s –with-included-apr option.
2. Perl-Compatible Regular Expressions Library (PCRE: This library is required but no longer bundled with httpd. Download the source code from http://www.pcre.org, or install a Port or Package.

Pages: 1 2 3

Microsoft releases emergency update to patch Internet Explorer bug

Microsoft has released an emergency update to patch a security vulnerability in Internet Explorer that is being exploited in attacks aimed at government contractors and other targeted organizations.

The patch fixes a “use after free” bug in versions 6, 7, and 8 of the Microsoft browser and will be automatically installed on affected machines that have automatic updating enabled,The unscheduled release comes just six days after Microsoft’s most recent monthly Patch Tuesday batch of security updates, but it was pushed out to counter an experienced gang of hackers who have infected websites frequented by government contractors to exploit the vulnerability.

Monday’s update came hours after Oracle released an unscheduled patch to fix a critical vulnerability in its Java software framework. As reported last week, the zero-day Java exploits were added to a variety of exploit kits that criminals use to turn compromised websites into platforms for silently installing keyloggers and other malware on the machines of unsuspecting visitors.

The attacks exploiting the IE vulnerability, by contrast, targeted a much narrower set of people, researchers said. Such campaigns have come to be dubbed “watering hole” attacks, because they’re akin to hunters who hide out at ponds or other sources of water and wait for their prey as they quench their thirst.

Versions 9 and 10 of IE are more resistant to security attacks that aren’t vulnerable to the exploit. If possible, readers should install one of those versions.

Microsoft previously issued a “Fixit” tool to mitigate the effects of an attack. People who have applied the temporary fix do not need to uninstall it before installing the permanent patch. Still, Microsoft suggests users uninstall the FIxit once the patch is in place. The patch is not a cumulative batch of previous IE fixes, so users still must apply MS01-077 to be protected against vulnerabilities Microsoft patched last week. The company’s advisory is here.

Shared via ars technica

Java™ SE Development Kit 7, Update 11 (JDK 7u11) released

oracle had an unplanned release for  recent  Java SE Dev kit 7, due to security vulnerabilities. The latest release is 1.7.0_11-b21 (where “b” means “build”) and the version number is 7u11. update release notes can be found here.

This release contains fixes for security vulnerabilities. For more information, see Oracle Security Alert for CVE-2013-0422.
In addition, the following change has been made:
Area: deploy
Synopsis: Default Security Level Setting Changed to High
The default security level for Java applets and web start applications has been increased from “Medium” to “High”. This affects the conditions under which unsigned (sandboxed) Java web applications can run. Previously, as long as you had the latest secure Java release installed applets and web start applications would continue to run as always. With the “High” setting the user is always warned before any unsigned application is run to prevent silent exploitation.

The latest release can be downloaded here.

Parameter processes in oracle DB

How to update parameter processes value in oracle Database

1. Login to oracle

$sqlplus SYS as SYSDBA

2. Check the current processes value

$SQL> show parameter processes;

3. update it to the desired value, for eg: updating to 500

$SQL>alter system set processes=500 scope=spfile;

$SQL> commit

$SQL>shutdown immediate

$SQL> startup

4. you are done, recheck the value.

 

Linux Add User To Group

You can use the useradd or usermod commands to add a user to a group. The useradd command creates a new user or update default new user information. The usermod command modifies a user account i.e. it is useful to add user to existing group. There are two types of group. First is primary user group and other is secondary group. All user account related information is stored in /etc/passwd, /etc/shadow and /etc/group files to store user information.

useradd Example – Add A New User To Secondary Group

You need to the useradd command to add new users to existing group (or create a new group and then add user). If group does not exist, create it. The syntax is as follows:

#useradd -G {group-name} username

Add a new user to primary group

#useradd -g oinstall oracle

Add a existing user to existing group

#usermod -a -G osm oracle

Change existing user tony primary group to dba
#usermod -g dba oracle

Oracle Internet directory (OID) Installation steps

Here’s are the simple steps to create an OID instance.

1. Install and configure your database instance and make sure it is working with all listener and emctl ports up.

2. Install weblogic, no need to configure a domain right now.

3. Install idm or OID, during installation you are provided with an option of creating a schema and adding a new weblogic domain.

4. once you have create schema and configured weblogic server using the OID installation menu, it take another 30-50 minutes to complete the entire configuration of OID.

 

Planning to have a better guide with screenshots, will update it soon.

Cheers.

© 2017 My techbook

Theme by Anders NorénUp ↑