Everything posted by rev.dennis
-
Capture Traffic on my Linksys WRT54G
With the default operating system on your Linksys its difficult if not impossible but hope still exists. Check out www.dd-wrt.com | Unleash Your Router Step by Step instructions on installing dd-wrt found on there wiki here Not sure how much space you have on your router, or if you have jffs enabled, etc.. but here is a tutorial on installing packages on your dd-wrt installation Ipkg (tutorial) - DD-WRT Wiki just install the tcpdump package which can be found here Index of /whiterussian/packages/ you will need the libpcap package well.. Here got it running in like 2 minutes -- Just installed to smb mount, etc. DD-WRT v24 std ? 2007 NewMedia-NET GmbH Release: 10/10/07 (SVN revision: 8151) Authenticating with public key "rsa-key-20050817" ========================================================== ____ ___ __ ______ _____ ____ _ _ | _ | _ / / _ _ _| __ _|___ | || | || | || ||____ / / /| |_) || | / / __) | || |_ ||_| ||_||_____ V V / | _ < | | V / / __/|__ _| |___/|___/ _/_/ |_| _|_| _/ |_____| |_| DD-WRT v24 http://www.dd-wrt.com ========================================================== BusyBox v1.4.2 (2007-10-10 01:13:37 CEST) Built-in shell (ash) Enter 'help' for a list of built-in commands. ~ # /tmp/smbshare/usr/sbin/tcpdump -? tcpdump version 3.9.4 libpcap version 0.9.4 Usage: tcpdump ~ # You can dump the output of tcpdump to a file in load into wireshark no problem.. Would not be exactly real time -- unless your using tcpdump directly to view the packages -- which works great.. Or you could install dsniff as well. here is a simple dump of the capture to a file, an then loaded into wireshark. /tmp/usr/sbin # ./tcpdump -w /tmp/dump tcpdump: listening on br0, link-type EN10MB (Ethernet), capture size 96 bytes 23 packets captured 46 packets received by filter 0 packets dropped by kernel Then view this in wireshark
-
What is ARP?
The Address Resolution Protocol (ARP) is used to dynamically map between Internet host addresses and Ethernet addresses. ARP caches Internet-Ethernet address mappings. When an interface requests a mapping for an address not in the cache, ARP queues the message which requires the mapping and broadcasts a message on the associated network requesting the address mapping. If a response is provided, the new mapping is cached and any pending message is transmitted. ARP will queue at most one packet while waiting for a response to a mapping request; only the most recently transmitted packet is kept. If the target host does not respond after several requests, the host is considered to be down for a short period (normally 20 seconds), allowing an error to be returned to transmission attempts during this interval. The ARP cache is stored in the system routing table as dynamically created host routes. These routes time out periodically (normally 20 minutes after validated; entries are not validated when not in use). Manually added entries may be temporary, static or permanent, and may be published, in which case the system will respond to ARP requests for that host as if it were the target of the request. A static entry will not time out, but may be overwritten by network traffic, while a permanent entry will not time out and can not be overwritten. In regards to CISCO Basic ARP Table Entry Modes The ARP subsystem uses the following basic ARP table entry modes to organize the ARP entries for ARP-internal processing: Alias—This mode is assigned to an entry that has been explicitly configured by an administrator with a local IP address, subnet mask, gateway, and corresponding MAC address. Static ARP entries are kept in the cache table on a permanent basis. They are best for local addresses that need to communicate with other devices in the same network on a regular basis. Dynamic—This mode is assigned to a dynamically learned entry that was initiated by an ARP request and is associated with an external host. Dynamic ARP entries are automatically added by the Cisco IOS software and maintained for a period of time, then removed. No administrative tasks are needed unless a time limit is added. The default time limit is four hours. If the network has a large number routes that are added and deleted from the cache, the time limit should be adjusted. A dynamic ARP entry is considered "complete" in that the entry contains the MAC address of the external host, as supplied by an ARP reply. Incomplete—This mode is a transient mode for a dynamic ARP entry. This mode indicates an entry that was initiated by an ARP request and is associated with an external host but does not contain a MAC address. Interface—This mode is assigned to an entry for a local IP address that has been derived from an interface. Static—This mode is assigned to an entry that has been explicitly configured by an administrator with an external IP address, subnet mask, gateway, and corresponding MAC address. static ARP entries are kept in the cache table on a permanent basis. They are best for external devices that need to communicate with other devices in the same network on a regular basis. A static ARP entry is said to be "floating" if it is not associated with any interface when it is configured. To maintain the validity of dynamically learned routes, the ARP subsystem refreshes dynamic ARP entries periodically (as configured or every four hours by default) so that the ARP table reflects any changed, aged-out, or removed dynamic routes. To maintain the validity of statically configured routes, the ARP subsystem updates static ARP entries and alias ARP entries once per minute so that the ARP table reflects any changed or removed statically configured routes. You can use the following commands to clear an ARP entry: CISCO IOS Clears all ARP entries Router#clear arp Clears ARP entries associated to an interface Router#clear arp interface Clears a particular ARP entry Router#clear ip arp Create a static ARP entry on a router Router(config)#arp " example: Router(config)#arp 1.1.1.1 aaaa.aaaa.aaaa arpa Windows (2000,XP, Vista,2003) Clears all arp entries Click on Start?>Run?> type the following command click ok netsh interface ip delete arpcache Dynamic ARP cache entries update persist for 2-20 minutes depending on the system. Windows 2003 Server = 10 minutes Windows 2000 professional/Server = 10 minutes Windows XP = 2 minutes Solaris = 5 minutes Clears a particular ARP entry arp -d Example arp -d 10.1.1.2 Display arp table arp -a Create a static ARP entry arp -s Example arp -s 157.55.85.212 00-aa-00-62-c6-09 On the Cisco IOS device run the following command to see what the current aging time is set at show mac-address-table aging-time To set a new time use the following commands Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers Router(config)# mac-address-table aging-time 300 Catalyst Switches Router(config)# mac-address-table aging-time 400 The following example shows the aging time being disabled: Router(config)# mac-address-table aging-time 0
-
What is ARP?
The Address Resolution Protocol (ARP) is used to dynamically map between Internet host addresses and Ethernet addresses. ARP caches Internet-Ethernet address mappings. When an interface requests a mapping for an address not in the cache, ARP queues the message which requires the mapping and broadcasts a message on the associated network requesting the address mapping. If a response is provided, the new mapping is cached and any pending message is transmitted. ARP will queue at most one packet while waiting for a response to a mapping request; only the most recently transmitted packet is kept. If the target host does not respond after several requests, the host is considered to be down for a short period (normally 20 seconds), allowing an error to be returned to transmission attempts during this interval. The ARP cache is stored in the system routing table as dynamically created host routes. These routes time out periodically (normally 20 minutes after validated; entries are not validated when not in use). Manually added entries may be temporary, static or permanent, and may be published, in which case the system will respond to ARP requests for that host as if it were the target of the request. A static entry will not time out, but may be overwritten by network traffic, while a permanent entry will not time out and can not be overwritten. In regards to CISCO Basic ARP Table Entry Modes The ARP subsystem uses the following basic ARP table entry modes to organize the ARP entries for ARP-internal processing: Alias—This mode is assigned to an entry that has been explicitly configured by an administrator with a local IP address, subnet mask, gateway, and corresponding MAC address. Static ARP entries are kept in the cache table on a permanent basis. They are best for local addresses that need to communicate with other devices in the same network on a regular basis. Dynamic—This mode is assigned to a dynamically learned entry that was initiated by an ARP request and is associated with an external host. Dynamic ARP entries are automatically added by the Cisco IOS software and maintained for a period of time, then removed. No administrative tasks are needed unless a time limit is added. The default time limit is four hours. If the network has a large number routes that are added and deleted from the cache, the time limit should be adjusted. A dynamic ARP entry is considered "complete" in that the entry contains the MAC address of the external host, as supplied by an ARP reply. Incomplete—This mode is a transient mode for a dynamic ARP entry. This mode indicates an entry that was initiated by an ARP request and is associated with an external host but does not contain a MAC address. Interface—This mode is assigned to an entry for a local IP address that has been derived from an interface. Static—This mode is assigned to an entry that has been explicitly configured by an administrator with an external IP address, subnet mask, gateway, and corresponding MAC address. static ARP entries are kept in the cache table on a permanent basis. They are best for external devices that need to communicate with other devices in the same network on a regular basis. A static ARP entry is said to be "floating" if it is not associated with any interface when it is configured. To maintain the validity of dynamically learned routes, the ARP subsystem refreshes dynamic ARP entries periodically (as configured or every four hours by default) so that the ARP table reflects any changed, aged-out, or removed dynamic routes. To maintain the validity of statically configured routes, the ARP subsystem updates static ARP entries and alias ARP entries once per minute so that the ARP table reflects any changed or removed statically configured routes. You can use the following commands to clear an ARP entry: CISCO IOS Clears all ARP entries Router#clear arp Clears ARP entries associated to an interface Router#clear arp interface Clears a particular ARP entry Router#clear ip arp Create a static ARP entry on a router Router(config)#arp " example: Router(config)#arp 1.1.1.1 aaaa.aaaa.aaaa arpa Windows (2000,XP, Vista,2003) Clears all arp entries Click on Start?>Run?> type the following command click ok netsh interface ip delete arpcache Dynamic ARP cache entries update persist for 2-20 minutes depending on the system. Windows 2003 Server = 10 minutes Windows 2000 professional/Server = 10 minutes Windows XP = 2 minutes Solaris = 5 minutes Clears a particular ARP entry arp -d Example arp -d 10.1.1.2 Display arp table arp -a Create a static ARP entry arp -s Example arp -s 157.55.85.212 00-aa-00-62-c6-09 On the Cisco IOS device run the following command to see what the current aging time is set at show mac-address-table aging-time To set a new time use the following commands Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series Routers Router(config)# mac-address-table aging-time 300 Catalyst Switches Router(config)# mac-address-table aging-time 400 The following example shows the aging time being disabled: Router(config)# mac-address-table aging-time 0
-
TTL expired in transit
When I ping 1.2.3.4... I get this. Pinging 1.2.3.4 with 32 bytes of data: Reply from 1.1.1.1: TTL expired in transit. Reply from 1.1.1.1: TTL expired in transit. Reply from 1.1.1.1: TTL expired in transit. Reply from 1.1.1.1: TTL expired in transit. Ping statistics for 1.2.3.4: Packets: Sent = 4, Received = 4, Lost = 0 (0 Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms The TTL (Time To Live) value determines the maximum amount of time an IP packet may live in the network without reaching its destination. It is effectively a bound on the number of routers an IP packet may pass through before being discarded. This message indicates that the TTL expired in transit. Increase the TTL value using the -i parameter with the ping command. Most computers today initialize the TTL value of outgoing IP Packets 128 or higher. If you ever see a reply above with a "TTL=5" (or some other low TTL number) this tells you that the computer being pinged should most likely have its default TTL value increased. Otherwise, anyone trying to communicate with the computer that is at a hop count higher than the TTL will not be able to communicate with the computer. You could also be experiencing issues at a firewall with ICMP (ping) being blocked/dropped or issues with Network Address Translations (NAT) not working or setup properly. In this situation the NAT was removed If you find that ICMP is being blocked then you can use nmap which can use TCP. So instead of using ICMP, which is a layer3 (network), the TCP or layer4 (transport) layer is utilized. The default behavior of NMAP is to do both an ICMP ping sweep (the usual kind of ping) and a TCP port 80 ACK ping sweep. If an admin is logging these this will be fairly characteristic of NMAP. This behavior can be changed in several ways. The easiest way is, of course, to simply turn off ping sweeps with -P0. If you want to do a standard ICMP ping sweep use -PI. If you are trying to get through a firewall, though, ICMP pings will likely be blocked and using packet filtering ICMP pings can even be dropped at the host. To get around this NMAP tries to do a TCP "ping" to see if a host is up. By default it sends an ACK to port 80 and expects to see a RST from that port if the host is up. To do only this scan and not the ICMP ping scan use -PT. To specify a different port than port 80 to scan for specify it immediately afterwards, e.g. -PT32523 will ACK ping port 32523. Picking a random high-numbered port in this way may work *much* better than the default NMAP behavior of ACK pinging port 80. This is because many packet filter rules are setup to let through all packets to high numbered ports with the ACK bit set, but sites may filter port 80 on every machine other than their publically accessable webservers. You can also do both an ICMP ping scan and an ACK scan to a high numbered port with, e.g. -PB32523. However, if a site has a really, really intelligent firewall that recognizes that your ACK packet isn't part of an ongoing TCP connection it might be smart enough to block it. For that reason, you may get better results with a TCP SYN sweep with -PS. In this case, scanning a high-numbered port will probably not work, and instead you need to pick a port which is likely to get through a firewall. Port 80 is not a bad pick, but something like ssh (port 22) may be better.
-
TTL expired in transit
When I ping 1.2.3.4... I get this. Pinging 1.2.3.4 with 32 bytes of data: Reply from 1.1.1.1: TTL expired in transit. Reply from 1.1.1.1: TTL expired in transit. Reply from 1.1.1.1: TTL expired in transit. Reply from 1.1.1.1: TTL expired in transit. Ping statistics for 1.2.3.4: Packets: Sent = 4, Received = 4, Lost = 0 (0 Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms The TTL (Time To Live) value determines the maximum amount of time an IP packet may live in the network without reaching its destination. It is effectively a bound on the number of routers an IP packet may pass through before being discarded. This message indicates that the TTL expired in transit. Increase the TTL value using the -i parameter with the ping command. Most computers today initialize the TTL value of outgoing IP Packets 128 or higher. If you ever see a reply above with a "TTL=5" (or some other low TTL number) this tells you that the computer being pinged should most likely have its default TTL value increased. Otherwise, anyone trying to communicate with the computer that is at a hop count higher than the TTL will not be able to communicate with the computer. You could also be experiencing issues at a firewall with ICMP (ping) being blocked/dropped or issues with Network Address Translations (NAT) not working or setup properly. In this situation the NAT was removed If you find that ICMP is being blocked then you can use nmap which can use TCP. So instead of using ICMP, which is a layer3 (network), the TCP or layer4 (transport) layer is utilized. The default behavior of NMAP is to do both an ICMP ping sweep (the usual kind of ping) and a TCP port 80 ACK ping sweep. If an admin is logging these this will be fairly characteristic of NMAP. This behavior can be changed in several ways. The easiest way is, of course, to simply turn off ping sweeps with -P0. If you want to do a standard ICMP ping sweep use -PI. If you are trying to get through a firewall, though, ICMP pings will likely be blocked and using packet filtering ICMP pings can even be dropped at the host. To get around this NMAP tries to do a TCP "ping" to see if a host is up. By default it sends an ACK to port 80 and expects to see a RST from that port if the host is up. To do only this scan and not the ICMP ping scan use -PT. To specify a different port than port 80 to scan for specify it immediately afterwards, e.g. -PT32523 will ACK ping port 32523. Picking a random high-numbered port in this way may work *much* better than the default NMAP behavior of ACK pinging port 80. This is because many packet filter rules are setup to let through all packets to high numbered ports with the ACK bit set, but sites may filter port 80 on every machine other than their publically accessable webservers. You can also do both an ICMP ping scan and an ACK scan to a high numbered port with, e.g. -PB32523. However, if a site has a really, really intelligent firewall that recognizes that your ACK packet isn't part of an ongoing TCP connection it might be smart enough to block it. For that reason, you may get better results with a TCP SYN sweep with -PS. In this case, scanning a high-numbered port will probably not work, and instead you need to pick a port which is likely to get through a firewall. Port 80 is not a bad pick, but something like ssh (port 22) may be better.
-
Home / Small Business Network
Here is my suggestion for a home network or small business setup. Internet Source I am a pretty big fan of using Comcast as my internet and phone. Unlimited calling to include long distance, call waiting, voicemail, and three way calling all for one price. Internet has been very reliable for the three years I have been using the service. Comcast Options as of today Every Day Double Play (Internet + Voice) personal plans runs around $80.00/month Business Class 6Mbps Internet, one full-featured Business Class Voice line and Business Class Basic TV service, $99.00/month Business Class 16Mbps Internet, two full-featured Business Class Voice lines and Business Class Basic TV service, $149.00/month Router My suggestion for wireless routers has normally been a Linksys but lately I have been somewhat disappointed with the quality and reliability of the Linksys Routers. So I am going to suggest what everyone on the internet is leaning towards and that is the D-Link DIR-825 Xtreme N Dual Band Gigabit Router which will run you around $150 Printers and Computers with no Wireless The issue of connecting Multi-function printers or other printers with no network capability has been an issue in the past. Also old computers or even desktops with no wireless also posed an issue. To solve these issues I recommend utilizing the D-Link DPR-1260 Rangebooster G Multifunction Print Server which runs around $80. It has the ability to connect a computer with a LAN jack as well as up to 4 USB printers. Network Storage There is only one brand that I trust my data to and that is the quality that LaCie provides. For storage I always believe in having your data in two places and with the LaCie 2big Network external drive you would run RAID 1 (which cuts the drive size in half). What is RAID 1? It is a minimum of two drives (in this case it is exactly two drives of the same size) and the data that gets written goes on both drives. So if one hard drive fails, you don't loose your data. You just order a replacement drive and once inserted, the RAID will copy over your data to maintain the two drive RAID. For a 1TB version (which means it can hold 50% so 500Mb) it will run you around $330 All of this would run you around initial $640 and every month after that $80, $99 or $150 /month (depending on which Comcast Service you choose) Comcast Business Class Internet.pdf Comcast Business Class Voice.pdf Comcast Business Bundle.pdf Comcast Business Class Internet.pdf Comcast Business Class Voice.pdf Comcast Business Bundle.pdf
-
Home / Small Business Network
Here is my suggestion for a home network or small business setup. Internet Source I am a pretty big fan of using Comcast as my internet and phone. Unlimited calling to include long distance, call waiting, voicemail, and three way calling all for one price. Internet has been very reliable for the three years I have been using the service. Comcast Options as of today Every Day Double Play (Internet + Voice) personal plans runs around $80.00/month Business Class 6Mbps Internet, one full-featured Business Class Voice line and Business Class Basic TV service, $99.00/month Business Class 16Mbps Internet, two full-featured Business Class Voice lines and Business Class Basic TV service, $149.00/month Router My suggestion for wireless routers has normally been a Linksys but lately I have been somewhat disappointed with the quality and reliability of the Linksys Routers. So I am going to suggest what everyone on the internet is leaning towards and that is the D-Link DIR-825 Xtreme N Dual Band Gigabit Router which will run you around $150 Printers and Computers with no Wireless The issue of connecting Multi-function printers or other printers with no network capability has been an issue in the past. Also old computers or even desktops with no wireless also posed an issue. To solve these issues I recommend utilizing the D-Link DPR-1260 Rangebooster G Multifunction Print Server which runs around $80. It has the ability to connect a computer with a LAN jack as well as up to 4 USB printers. Network Storage There is only one brand that I trust my data to and that is the quality that LaCie provides. For storage I always believe in having your data in two places and with the LaCie 2big Network external drive you would run RAID 1 (which cuts the drive size in half). What is RAID 1? It is a minimum of two drives (in this case it is exactly two drives of the same size) and the data that gets written goes on both drives. So if one hard drive fails, you don't loose your data. You just order a replacement drive and once inserted, the RAID will copy over your data to maintain the two drive RAID. For a 1TB version (which means it can hold 50% so 500Mb) it will run you around $330 All of this would run you around initial $640 and every month after that $80, $99 or $150 /month (depending on which Comcast Service you choose) Comcast Business Class Internet.pdf Comcast Business Class Voice.pdf Comcast Business Bundle.pdf Comcast Business Class Internet.pdf Comcast Business Class Voice.pdf Comcast Business Bundle.pdf
-
Network Slowness Troubleshooting
How many of you are also tired of hearing the #1 complaint from users, "The network is so slow" and without anything to backup the claim. This post is going to focus on what can be done/provided to quickly either identify a network issue or pass it to the correct source of the issue. First step is to identify similarities. If multiple users are complaining of slow network. It's best to start local to the person or site that is reporting the issue. Closest to the source of the ticket is the user(s) workstations/laptops. Is it with one area/floor of a site? (identify access switch issues) Is it with just one application? (possibly network issues at the destination) Is it with multiple applications located at the same destination facility? (possibly Hosting Facility issues) Is it with multiple applications using same firewall? Check the access switch that connects all the workstations if users experiencing slow response times are all connected to an access switch. If the entire site, check the core switch for errors? Understand the Path First let's understand that network traffic travels over a path and sometimes that path may be divided into transmit (tx) and receive (rx). Also we have multiple touch points/hops/hardware on a path that could be affecting the traffic.
-
Network Slowness Troubleshooting
How many of you are also tired of hearing the #1 complaint from users, "The network is so slow" and without anything to backup the claim. This post is going to focus on what can be done/provided to quickly either identify a network issue or pass it to the correct source of the issue. First step is to identify similarities. If multiple users are complaining of slow network. It's best to start local to the person or site that is reporting the issue. Closest to the source of the ticket is the user(s) workstations/laptops. Is it with one area/floor of a site? (identify access switch issues) Is it with just one application? (possibly network issues at the destination) Is it with multiple applications located at the same destination facility? (possibly Hosting Facility issues) Is it with multiple applications using same firewall? Check the access switch that connects all the workstations if users experiencing slow response times are all connected to an access switch. If the entire site, check the core switch for errors? Understand the Path First let's understand that network traffic travels over a path and sometimes that path may be divided into transmit (tx) and receive (rx). Also we have multiple touch points/hops/hardware on a path that could be affecting the traffic.
-
Wordpress White Screen of Death
Both PHP errors and database errors can manifest as a white screen, a blank screen with no information, commonly known in the WordPress community as the WordPress White Screen of Death. There are a number of reasons for the WordPress white screen of death: A Plugin is causing compatibility issues. If you can access the Administration Screens try deactivating all of your Plugins and then reactivating them one by one. If you are unable to access your Screens, log in to your website via FTP. Locate the folder wp-content/plugins and rename the Plugin folder plugins_old. This will deactivate all of your Plugins. You can read more about manually deactivating your plugins in the Troubleshooting FAQ. Your Theme may be causing the problem. This is especially likely if you are experiencing the white screen of death after you have just activated a new Theme. Log in to the WordPress Administration Screens and activate the default WordPress Twenty Twelve Theme. If you can't access your Administration Screens, access your website via FTP and navigate to the /wp-content/themes/ folder. Rename the folder for the active Theme.
-
Wordpress White Screen of Death
Both PHP errors and database errors can manifest as a white screen, a blank screen with no information, commonly known in the WordPress community as the WordPress White Screen of Death. There are a number of reasons for the WordPress white screen of death: A Plugin is causing compatibility issues. If you can access the Administration Screens try deactivating all of your Plugins and then reactivating them one by one. If you are unable to access your Screens, log in to your website via FTP. Locate the folder wp-content/plugins and rename the Plugin folder plugins_old. This will deactivate all of your Plugins. You can read more about manually deactivating your plugins in the Troubleshooting FAQ. Your Theme may be causing the problem. This is especially likely if you are experiencing the white screen of death after you have just activated a new Theme. Log in to the WordPress Administration Screens and activate the default WordPress Twenty Twelve Theme. If you can't access your Administration Screens, access your website via FTP and navigate to the /wp-content/themes/ folder. Rename the folder for the active Theme.
-
Scan for hostnames on your network
A big issue for me is to try and find hostnames for other network devices. Here are few commands I run from my Ubuntu box that may help you out. First try the ever popular nslookup nslookup To find a hostname in your local network by IP address you can use: nmblookup -A To find a hostname on the internet you could use the host program: host Or you can try running: nbtscan One of my favorite DNS tools is dig dig -x dig -t ANY +noall +answer dig @your.dns.server
-
Scan for hostnames on your network
A big issue for me is to try and find hostnames for other network devices. Here are few commands I run from my Ubuntu box that may help you out. First try the ever popular nslookup nslookup To find a hostname in your local network by IP address you can use: nmblookup -A To find a hostname on the internet you could use the host program: host Or you can try running: nbtscan One of my favorite DNS tools is dig dig -x dig -t ANY +noall +answer dig @your.dns.server
-
How to export and import mysql database
How to show mysql databases Before you export your database, make sure you see it mysql -u root -p mysql> show databases; How to Backup and Export MySQL Database To export a MySQL database into a dump file, simply type the following command syntax in the shell. You can use Telnet or SSH to remotely login to the machine if you don’t have access to the physical box. mysqldump -u username -ppassword database_name > dump.sql Replace username with a valid MySQL user ID, password with the valid password for the user (IMPORTANT: no space after -p and the password, else mysqldump will prompt you for password yet will treat the password as database name, so the backup will fail) and database_name with the actual name of the database you want to export. Finally, you can put whatever name you like for the output SQL dump file, here been dump.sql. The while data, tables, structures and database of database_name will be backed up into a SQL text file named dump.sql with the above command. How to Restore and Import MySQL Database You can restore from phpMyAdmin, using Import tab. For faster way, upload the dump file to the MySQL server, and use the following command to import the databases back into the MySQL server. mysql -u username -ppassword database_name < dump.sql The import and export of MySQL database not only is important to recover the data when disaster strikes, but also provides an easy way to migrate or move to another server, such as when switching web hosting providers. However, do note that one common problem – character set encoding. Newer release of mysqldump uses UTF8 as its default charset if nothing is specified, while older versions (older than 4.1 typically) use Latin1 as default characterset. If you database charset is Latin1 and dump in UTF8 collation, the data may ends up become simply rubbish, garbled, or unreadable (frequently happen with WordPress blog). If this case, use –default-character-set=charset_name option to specify the character set or convert the database to UTF8.
-
How to export and import mysql database
How to show mysql databases Before you export your database, make sure you see it mysql -u root -p mysql> show databases; How to Backup and Export MySQL Database To export a MySQL database into a dump file, simply type the following command syntax in the shell. You can use Telnet or SSH to remotely login to the machine if you don’t have access to the physical box. mysqldump -u username -ppassword database_name > dump.sql Replace username with a valid MySQL user ID, password with the valid password for the user (IMPORTANT: no space after -p and the password, else mysqldump will prompt you for password yet will treat the password as database name, so the backup will fail) and database_name with the actual name of the database you want to export. Finally, you can put whatever name you like for the output SQL dump file, here been dump.sql. The while data, tables, structures and database of database_name will be backed up into a SQL text file named dump.sql with the above command. How to Restore and Import MySQL Database You can restore from phpMyAdmin, using Import tab. For faster way, upload the dump file to the MySQL server, and use the following command to import the databases back into the MySQL server. mysql -u username -ppassword database_name < dump.sql The import and export of MySQL database not only is important to recover the data when disaster strikes, but also provides an easy way to migrate or move to another server, such as when switching web hosting providers. However, do note that one common problem – character set encoding. Newer release of mysqldump uses UTF8 as its default charset if nothing is specified, while older versions (older than 4.1 typically) use Latin1 as default characterset. If you database charset is Latin1 and dump in UTF8 collation, the data may ends up become simply rubbish, garbled, or unreadable (frequently happen with WordPress blog). If this case, use –default-character-set=charset_name option to specify the character set or convert the database to UTF8.
-
Imaging on Cisco Switches
Could you please provide some information on how to configure my Cisco Switch to support imaging multiple machines at the same time?
-
Imaging on Cisco Switches
Could you please provide some information on how to configure my Cisco Switch to support imaging multiple machines at the same time?
-
yum update not working
For some reason when I run yum update[/code] I am getting a load of errors and it fails.
-
yum update not working
For some reason when I run yum update[/code] I am getting a load of errors and it fails.
-
How do you add Virtualisation on running Ubuntu Server
We already have our Ubuntu Server running but would now like to add the Virtualisation option that Ubuntu Server offers. Any ideas on how?
-
How do you add Virtualisation on running Ubuntu Server
We already have our Ubuntu Server running but would now like to add the Virtualisation option that Ubuntu Server offers. Any ideas on how?
-
Dell Inspiron 1525 Wireless not working Ubuntu 11.10
This worked for me.. thanks. (or it could of been the fact wireless settings were set all funky in the BIOS of my Dell)
-
Dell Inspiron 1525 Wireless not working Ubuntu 11.10
This worked for me.. thanks. (or it could of been the fact wireless settings were set all funky in the BIOS of my Dell)
-
Migrate users from Ubuntu system to another
Following files/dirs are required for traditional Linux user management:
/etc/passwd - contains various pieces of information for each user account /etc/shadow - contains the encrypted password information for user's accounts and optional the password aging information. /etc/group - defines the groups to which users belong /etc/gshadow - group shadow file (contains the encrypted password for group) /var/spool/mail - Generally user emails are stored here. /home - All Users data is stored here. You need to backup all of the above files and directories from old server to new Linux server. Commands to type on old Linux system migrating from First create a tar ball of old uses (old Linux system). Create a directory: sudo mkdir /root/move/ Setup UID filter limit: sudo export UGIDLIMIT=500[/code] Now copy /etc/passwd accounts to /root/move/passwd.mig using awk to filter out system account (i.e. only copy user accounts) ''.str_replace(' ', '', 'sudo awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/passwd > /root/move/passwd.mig').'' Copy /etc/group file: ''.str_replace(' ', '', 'sudo awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/group > /root/move/group.mig').'' Copy /etc/shadow file: ''.str_replace(' ', '', 'sudo awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534) {print $1}' /etc/passwd | tee - |egrep -f - /etc/shadow > /root/move/shadow.mig').'' Copy /etc/gshadow (rarely used): ''.str_replace(' ', '', 'sudo cp /etc/gshadow /root/move/gshadow.mig').'' Make a backup of /home and /var/spool/mail dirs:''.str_replace(' ', '', ' sudo tar -zcvpf /root/move/home.tar.gz /home sudo tar -zcvpf /root/move/mail.tar.gz /var/spool/mail').'' Where, Users that are added to the Linux system always start with UID and GID values of as specified by Linux distribution or set by admin. Limits according to different Linux distro: '" \n".self::process_list_items("'.str_replace(' ', '', ' RHEL/CentOS/Fedora Core : Default is 500 and upper limit is 65534 (/etc/libuser.conf). Debian and Ubuntu Linux : Default is 1000 and upper limit is 29999 (/etc/adduser.conf). [*]You should never ever create any new system user accounts on the newly installed Cent OS Linux. So above awk command filter out UID according to Linux distro. [*]export UGIDLIMIT=500 - setup UID start limit for normal user account. Set this value as per your Linux distro. [*]awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/passwd > /root/move/passwd.mig - You need to pass UGIDLIMIT variable to awk using -v option (it assigns value of shell variable UGIDLIMIT to awk program variable LIMIT). Option -F: sets the field separator to : . Finally awk read each line from /etc/passwd, filter out system accounts and generates new file /root/move/passwd.mig. Same logic is applies to rest of awk command. [*]tar -zcvpf /root/move/home.tar.gz /home - Make a backup of users /home dir [*]tar -zcvpf /root/move/mail.tar.gz /var/spool/mail - Make a backup of users mail dir ').'")."\n"' Use scp or usb pen or tape to copy /root/move to a new Linux system. ''.str_replace(' ', '', 'sudo scp -r /root/move/* [email protected]:/path/to/location').'' Commands to type on new Linux system First, make a backup of current users and passwords:''.str_replace(' ', '', ' sudo mkdir /root/newsusers.bak sudo cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak').'' Now restore passwd and other files in /etc/''.str_replace(' ', '', ' cd /path/to/location sudo cat passwd.mig >> /etc/passwd sudo cat group.mig >> /etc/group sudo cat shadow.mig >> /etc/shadow sudo /bin/cp gshadow.mig /etc/gshadow').'' Please note that you must use >> (append) and not > (create) shell redirection. Now copy and extract home.tar.gz to new server /home''.str_replace(' ', '', ' cd / sudo tar -zxvf /path/to/location/home.tar.gz').'' Now copy and extract mail.tar.gz (Mails) to new server /var/spool/mail''.str_replace(' ', '', ' cd / sudo tar -zxvf /path/to/location/mail.tar.gz').'' Double check the changes went in.. ''.str_replace(' ', '', 'cat /etc/passwd ls -l /home').'' Now reboot system; when the Linux comes back, your user accounts will work as they did before on old system : ''.str_replace(' ', '', 'sudo reboot').'' Please note that if you are new to Linux perform above commands in a sandbox environment. Above technique can be used to UNIX to UNIX OR UNIX to Linux account migration. You need to make couple of changes but overall the concept remains the same.
-
Migrate users from Ubuntu system to another
Following files/dirs are required for traditional Linux user management:
/etc/passwd - contains various pieces of information for each user account /etc/shadow - contains the encrypted password information for user's accounts and optional the password aging information. /etc/group - defines the groups to which users belong /etc/gshadow - group shadow file (contains the encrypted password for group) /var/spool/mail - Generally user emails are stored here. /home - All Users data is stored here. You need to backup all of the above files and directories from old server to new Linux server. Commands to type on old Linux system migrating from First create a tar ball of old uses (old Linux system). Create a directory: sudo mkdir /root/move/ Setup UID filter limit: sudo export UGIDLIMIT=500[/code] Now copy /etc/passwd accounts to /root/move/passwd.mig using awk to filter out system account (i.e. only copy user accounts) ''.str_replace(' ', '', 'sudo awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/passwd > /root/move/passwd.mig').'' Copy /etc/group file: ''.str_replace(' ', '', 'sudo awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/group > /root/move/group.mig').'' Copy /etc/shadow file: ''.str_replace(' ', '', 'sudo awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534) {print $1}' /etc/passwd | tee - |egrep -f - /etc/shadow > /root/move/shadow.mig').'' Copy /etc/gshadow (rarely used): ''.str_replace(' ', '', 'sudo cp /etc/gshadow /root/move/gshadow.mig').'' Make a backup of /home and /var/spool/mail dirs:''.str_replace(' ', '', ' sudo tar -zcvpf /root/move/home.tar.gz /home sudo tar -zcvpf /root/move/mail.tar.gz /var/spool/mail').'' Where, Users that are added to the Linux system always start with UID and GID values of as specified by Linux distribution or set by admin. Limits according to different Linux distro: '" \n".self::process_list_items("'.str_replace(' ', '', ' RHEL/CentOS/Fedora Core : Default is 500 and upper limit is 65534 (/etc/libuser.conf). Debian and Ubuntu Linux : Default is 1000 and upper limit is 29999 (/etc/adduser.conf). [*]You should never ever create any new system user accounts on the newly installed Cent OS Linux. So above awk command filter out UID according to Linux distro. [*]export UGIDLIMIT=500 - setup UID start limit for normal user account. Set this value as per your Linux distro. [*]awk -v LIMIT=$UGIDLIMIT -F: '($3>=LIMIT) && ($3!=65534)' /etc/passwd > /root/move/passwd.mig - You need to pass UGIDLIMIT variable to awk using -v option (it assigns value of shell variable UGIDLIMIT to awk program variable LIMIT). Option -F: sets the field separator to : . Finally awk read each line from /etc/passwd, filter out system accounts and generates new file /root/move/passwd.mig. Same logic is applies to rest of awk command. [*]tar -zcvpf /root/move/home.tar.gz /home - Make a backup of users /home dir [*]tar -zcvpf /root/move/mail.tar.gz /var/spool/mail - Make a backup of users mail dir ').'")."\n"' Use scp or usb pen or tape to copy /root/move to a new Linux system. ''.str_replace(' ', '', 'sudo scp -r /root/move/* [email protected]:/path/to/location').'' Commands to type on new Linux system First, make a backup of current users and passwords:''.str_replace(' ', '', ' sudo mkdir /root/newsusers.bak sudo cp /etc/passwd /etc/shadow /etc/group /etc/gshadow /root/newsusers.bak').'' Now restore passwd and other files in /etc/''.str_replace(' ', '', ' cd /path/to/location sudo cat passwd.mig >> /etc/passwd sudo cat group.mig >> /etc/group sudo cat shadow.mig >> /etc/shadow sudo /bin/cp gshadow.mig /etc/gshadow').'' Please note that you must use >> (append) and not > (create) shell redirection. Now copy and extract home.tar.gz to new server /home''.str_replace(' ', '', ' cd / sudo tar -zxvf /path/to/location/home.tar.gz').'' Now copy and extract mail.tar.gz (Mails) to new server /var/spool/mail''.str_replace(' ', '', ' cd / sudo tar -zxvf /path/to/location/mail.tar.gz').'' Double check the changes went in.. ''.str_replace(' ', '', 'cat /etc/passwd ls -l /home').'' Now reboot system; when the Linux comes back, your user accounts will work as they did before on old system : ''.str_replace(' ', '', 'sudo reboot').'' Please note that if you are new to Linux perform above commands in a sandbox environment. Above technique can be used to UNIX to UNIX OR UNIX to Linux account migration. You need to make couple of changes but overall the concept remains the same.