install and configure apache + mysql on freeBSD

A. Apache Web Server

I assume you have installed openssl. If not yet, see my previous post about openssl.

1. Install

tsuweg# cd /usr/ports/www/apache22

tsuweg# make install ; make install clean

2. Configure

tsuweg#  ee /usr/local/etc/apache22/httpd.conf

in line 138 it should be ServerAdmin you@example.com. change wiyh your email address.

In line 147 it should be ServerName host.example.com:80. Uncomment it and change with your host

In line 449 it should be Include etc/apache22/extra/httpd-ssl.conf, uncomment it to support SSL

save it

tsuweg# ee /usr/local/etc/apache22/extra/httpd-ssl.conf

in line 78 and 79, it describes servername and and person that maintain it.

in line 99,  change it into your ssl certificate path.This is my path: SSLCertificateFile “/usr/local/openssl/certs/tsuweg-cert.pem”

in line 107, change  into your ssl-key path, This is my path : SSLCertificateKeyFile “/usr/local/openssl/certs/tsuweg-unencrypted-key.pem”

save and exit

3. Testing

tsuweg# apachectl configtest

if your syntax correct,it will appear syntax OK

tsuweg# ee /etc/rc.conf

add :

apache22_enable=”YES”

apache22_http_accept_enable=”YES”

save and exit

tsuweg# /usr/local/etc/rc.d/apache22 start

tsuweg#  openssl s_client -connect localhost:443

 

B. Mysql

1. Install

i assume mysql is located in /usr/web.It’s depend on you.

tsuweg# cd /usr/web

tsuweg# tar -xzvf mysql-5.0.77.tar.gz

tsuweg# cd mysql-5.0.77

tsuweg# ./configure –prefix=/usr/local/mysql –without-debug –with-extra-charsets=none –enable-local-infile –enable-assembler

tsuweg# make

tsuweg# make install

 

2. Configure

tsuweg# ./scripts/mysql_install_db

tsuweg# cp /usr/local/mysql/share/mysql/my-medium.cnf /etc/my.cnf

tsuweg# /usr/local/mysql/bin/mysqld_safe –user=root &

tsuweg# ee /usr/local/etc/rc.d/mysql.sh

/usr/local/mysql/bin/mysqld_safe –user=root &

save and exit

chmod 700 /usr/local/mysql/bin/mysqld_safe –user=root &

tsuweg# /usr/local/mysql/bin/mysqladmin -u root password yourpassword

tsuweg# /usr/local/mysql/bin/mysqladmin -u root -h host.example.com password yourremotepassword

tsuweg# ee /etc/rc.conf

mysql_enable=”YES”

 

source :

http://dev.mysql.com/doc/refman/5.1/en/installing-source-distribution.html

http://cipitunk.blog.friendster.com/2006/10/cara-mudah-install-apachephpmysql-di-freebsd-61from-source/

Hong,Bryan J..Building A Server with freeBSD 7

 

Install and Configuration OpenSSH in FreeBSD

SSH is a secure version of telnet. It’a a protocol used to access the console or command line for remote system.

1. Installation

tsuweg# cd /usr/ports/security/openssh-portable

tsuweg# make config ; make install clean

2.  Configure

tsuweg# cp /etc/make.conf /etc/make.conf.old

tsuweg#  echo “NO_OPENSSH = YES” >> /etc/make.conf

tsuweg# cd /etc/ssh/

tsuweg# cp sshd_config sshd_config.old

tsuweg# cp sshd_config-dist ssh_config

tsuweg# /etc/rc.d/sshd restart
Stopping sshd.
Starting sshd.

tsuweg#ee /etc/rc.conf

add command :  sshd_enable=”YES”

this command is used to start ssh automatically

3. Testing

tsuweg# telnet localhost 22
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]’.
SSH-2.0-OpenSSH_5.1p1 FreeBSD-openssh-portable-overwrite-base-5.1.p1,1

press enter to quit. You should now be able to connect with any SSH-capable client and any valid user account other than root.

Source :  Hong,Bryan J.Building a server with FreeBSD 7.

OpenSSL on FreeBSD

OpenSSL is an open source toolkit and cryptographic library that implements the SSL and TLS protocols. OpenSSL provides Cryptographic tools for securing network connections.

1. Install OpenSSL

• tsuweg# cd /usr/ports/security/openssl

• tsuweg# cp Makefile Makefile.old

• tsuweg# echo EXTRACONFIGURE +=no-idea >> Makefile

• tsuweg# make install clean

• tsuweg# rehash

 

2. Configure

• tsuweg# cp /etc/make.conf /etc/make.conf.old

• tsuweg# echo “WITH_OPENSSL_PORT=YES” >> /etc/make.conf

• tsuweg# mv /etc/ssl/openssl.cnf /etc/ssl/openssl.cnf.old

• tsuweg# cd /usr/local/openssl

• tsuweg# cp openssl.cnf.sample openssl.cnf

now,test open ssl by type command below :

• tsuweg# openssl

 

3.  Create Certificate Request for CA Submission

A.  Generate Request

We will use CA.pl script included with OPENSSL to create certificate request.

• tsuweg# cd /usr/local/openssl

• tsuweg# cp misc/CA.pl certs

Run the script to create certificate request

• tsuweg# cd /usr/local/openssl/certs

• tsuweg# setenv OPENSSL /usr/local/bin/openssl

• tsuweg# ./CA.pl -newreq

fill passprase, country,province. After fill an email, just enter twice.

Running CA.pl indirectly create a file named newkey.pem. next step :

• tsuweg# cp newkey.pem tsuweg-encrypted-key.pem

We will also get new file named newreq.pem that contains certificate request. next :

• tsuweg# cp newreq.pem tsuweg-req.pem

file tsuweg-encrypted-key.pem is encrypted with the password.If this file is going to be used on an unattended server, it may be a good idea to decrypt the file so that daemons are able to load it without user intervention. To remove the encryption and make the unencrypted file readable only to root, use the following commands :

• tsuweg# openssl rsa -in tsuweg-encrypted-key.pem\

• ? -out tsuweg-unencrypted-key.pem

• tsuweg# chmod 400 tsuweg-unencrypted-key.pem

 

B.  Create A Self-Signed SSL Certificate

1. Command below will create self certificate for about 3 years

• tsuweg# cd /usr/local/openssl

• tsuweg# cp misc/CA.pl certs

• tsuweg# sed -I .old ‘s/365/1095/’ openssl.cnf

2. Run the script

• tsuweg# cd /usr/local/openssl/certs

• tsuweg# setenv OPENSSL /usr/local/bin/openssl

• tsuweg# ./CA.pl -newca

The first prompt will asked about certificate name. Juste type enter. Next, fill the passphrase and remember it. After entering email address,just type enter twice.

3. Generate certificate request

• tsuweg# ./CA.pl -newreq

fill pasphrase same one you used earlier. After fill email address, just type enter twice

4. Create the signed certificate from the request and certificate authority files.

• tsuweg# ./CA.pl -signreq

Enter the password that used earlier. Answer yes twice.

• tsuweg# cp newcert.pem tsuweg-cert.pem

• tsuweg# cp newkey.pem tsuweg-encrypted-key.pem

• tsuweg# cp demoCA/cacert.pem ./tsuweg-CAcert.pem

• tsuweg# cp demoCA/private/cakey.pem ./tsuweg-encrypted-CAkey.pem

If this file is going to be used on an unattended server, it may be a good idea to decrypt this file so that daemons are able to load it without user intervention.To remove the encryption and make the unencrypted file readable only to root, use this command .

• tsuweg# openssl rsa -in tsuweg-encrypted-key.pem \

• ? -out tsuweg-unencrypted-key.pem

• tsuweg# chmod 400 tsuweg-unencrypted-key.pem

5. convert  PEM (Privacy Enhanced Mail) text based certificate to the DER format.

• tsuweg# openssl x509 -in tsuweg-CAcert.pem -inform PEM \

• ? -out tsuweg-CAcert.cer -outform DER

 

 

Source :  Hong,Bryan J.Building a server with FreeBSD 7.

Remote FreeBSD via Putty : Setting SSHD

This is step by step to setting SSHd so you can access root in freeBSD via putty :

1. ee  /etc /ssh/sshd_config

2. uncomment PermitRootLogin(it should be in line 47) and change it into yes

3. save that configuration

4.  /etc/rc.d/sshd restart  or reboot your machine

5. try to remote your machine via putty and enjoy it

forget root password in freeBSD

here step by step if you forgetting root password in freeBSD :

1. Login using single user mode

2. When following comment exist :

Enter full pathname of shell or RETURN for /bin/sh:

type ok

3. #fsck -y

4. #mount -u ufs -a

5. #passwd

type a new password

6. #exit

Mounting USB Flash Disk In Slackware

First,check your device
you can check with this command
root@racolo:/mnt/data# dmesg

sd 4:0:0:0: [sdb] 7856128 512-byte hardware sectors (4022 MB)
sd 4:0:0:0: [sdb] Write Protect is off
sd 4:0:0:0: [sdb] Mode Sense: 23 00 00 00
sd 4:0:0:0: [sdb] Assuming drive cache: write through
sdb: sdb1

usb flash disk located in sdb1

Second, make dir in /mnt :
root@racolo:/#mkdir /mnt/usb

Third, mounting your device :
root@racolo:/#mount /dev/sdb1 /mnt/usb

Fourth,goto /mnt/usb :
root@racolo:/#cd /mnt/usb
and you can see files in your usb flashdisk

Basic Linux Security

In this configuration, I used slackware 12.2. I practice this configuration from http://alko.web.id/blog/tag/slackware. So, this is the configuration:

turned of ip forwarding
root@racolo:/# echo “0″ > /proc/sys/net/ipv4/ip_forward

drop ping packets
root@racolo:/# echo “1″ > /proc/sys/net/ipv4/icmp_echo_ignore_all

ignore broadcast ping. prevent from smurfing attacks.
root@racolo:/# echo “1″ > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

Disable source route packets
root@racolo:/home/tsuweg# echo “0″ > /proc/sys/net/ipv4/conf/all/accept_source_route

Disable redirect acceptance
root@racolo:/home/tsuweg# echo “0″ > /proc/sys/net/ipv4/conf/all/accept_redirects

protect against bad error messages
root@racolo:/home/tsuweg# echo “1″ > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses

enable reverse path filtering
root@racolo:/home/tsuweg# for i in /proc/sys/net/ipv4/conf/*; do /bin/echo “1″ > $i/rp_filter; done

log all spoof routed and redirect packet
root@racolo:/home/tsuweg# echo “1″ > /proc/sys/net/ipv4/conf/all/log_martians

But after reboot the configuration are reset, so we must edit sysctl in /etc/sysctl.conf
net.ipv4.ip_forward = 0

source : http://alko.web.id/blog/tag/slackware

Number Theory-Divisibility

1. Theorem 1

If m|ab è (m,a) = 1

So m|b

Proof :

m|ab è ab = x.m

(m,a) = 1 è m can’t divide a

So m|b

a.t =x

ab = a.t.m è b = t.m

2. Theorem 2

If  m,n|a  and (m,n) = 1 so mn|a

3. Theorem 3

If x|my and x|ny and gcd (m,n) =1 so

x|y.

4. Theorem 4

If n,m is an even number and if

x|my

x|ny

gcd (m,n)=2t

so

x=z.2t or

x=y

Number Theory-Introduction

A. In number theory, we always play in the “modulus world”.
B. Integer n>0 and n,there are integer q and r, 0≤r≤n so :

m=qn+r

C. Definition
1. integer m is a factor of integer n or m can divide n, if there are, it’s                         satisfied n=mq. The notation is m|n.
2. GCD(Great Common Divisor) from two integer m,n(not both 0) is int d                 that can divide each number. Notation :

   d =(m,n)  or d =gcd(m,n) so
   m =d.q
   n =d.r

If m≠0, so (m,0) = |m| ==> always absolut

D. Theorem
1. If d =(m,n) and there are integer r,s so d=rm+sn
2. The Linear diophantine equation e=xm+yn is satisfied in integer x,y iff               (m,n)|e
3. Every divisor alliance from m,n divide greatest common divisor

E. Prime number
Prime number is number that can divided by 1 or it self.
If m,n is prime then gcd is 1.
Relative prime number is the number that can have gcd =1

F. Eucliedan Algorithm
Use to find gcd from 2 integer number . Example :

(37,11) ==>
37=3×11+4
11=2 ×4+3
4=1×3+1
3=3 ×1+0    ==> the end of eucliedan algorithm
The result is (37,11) = (11,4) = (4,3) = (3,1) =1

Logic Programming-Basic Constructs

1. Facts
The simplest kinds of statement called a fact. Facts are a means of starting that a relation holds between objects. An example is father(abraham,isaac). It means that abraham is father of isaac. Names of a individually are called atoms. A finite set of facts constitues a program. A set of facts is also description  of a situation.

2. Queries
Queries are a means of retrieving information from a logic program. A query asks whether a certain relation holds between objects. For example,the query father(abraham,isaac)? asks whether the father relationship holds between abraham and isaac. The facts is in program 1 and the answer is yes.

3. Logical Variable,Substitutions, and Instances
logical variable stands for an unspecified individual and is used accordingly. variables are means of summarizing many queries. A  query containing a variable asks whether there is a value for the variable that makes the query a logical consequence of the program.Variable in logic programs behave differently from variables in conventional programming languages. They stand for an unspecified but single entity rather than for a store location in memory.

Having introduced variables,we can define a term, the single data structure in logic programs. Constants and variable are terms. Also compound terms, or structures are terms.

Queries,goals, and more generally terms where variables do not occur are called ground. Where variables do occur,they are called nonground.

Definition

A substituion is a finite set(possibly empty) of pairs of the form X_i = t_i,where Xi is a variable and ti is a term, and  and X_i ≠ X_j for every i ≠ j, and X_i does not occur in t_j,for any i and j.

Definition

A is an instance of B if there is a substitution θ such that A =Bθ

4. Existential Queries
Variables in queries are existentially quantified which means,intuively, that the query father(abraham,X)?reads “Does there exist an X such that abraham is the father of X?The next deduction rule is generalization. The fact father(abraham,issaac) implies that there exist an X such taht father (abraham,X) is true,namely,X=isaac.

5. Universal facts
VAriables in facts are implicitly universally quantifiesd,which means,intuively, that the fact likes(X,pomegranates) states that for all  X, X like pomegranates.In general, a factp(T1,T2,…,Tn) readas that for all X1,…,Xk,where Xi are variables occuring in the fact,p(T1,…,Tn) is true. Logically,from a universally quantified fact one can deduce any instance of it. For example, from likes(X,pomegrantes),deduce likes (abraham,pomegranates). This is the third deduction rule,called instantiation. From a universally quantified statements P,deduce an instance

of it,P0,for any substitution 0.

Definition

C is common instance of A and B if it an instance of A and an instance of B,in other words,if there are  substitutions θ₁ and θ₂ such that C=Aθ₁ is syntatically identical to Bθ₂

6. Conjunctive Queries and Shared Variables

Conjunctive queries are a conjunction of goals passed as a query . for example a query father(haran,X),male(X)?. The solutions to the query father(haran,X)? Are restricted to the children that are male. A conjunctive query is a logical consequence of a program P if all the goals in the conjunction are consequences of P,where shared variables are instantiated to the same values in different goals.A sufficient condition is is that there be a ground instance of the query that is consequence of P. This instance then deduces the conjuncts in the query via generalizations.

7. Rules
Rules are the statements of the form : A <– B₁,B₂,…,B_n

Where n ≥ 0. The goal A is the head of the rule. A rule expressing the son relationship is

son(X,Y) <- father(Y,X),male(X).

Rules can be viewed in two ways :

-          Procedural reading

They are a means of expressing new or complex queries in terms of simple queries. A query son(X,haran)? To the program that contains the preceding rule of a son is translated to the query father(haran,X),male(X)? According to the rule, and solved as before.A new query about the son relationship has been built from simple queries involving father and male relationship.

-          Logical axiom

The backward arrow is used to denote logical implication. The son rule reads:”X is son of Y if Y is the father of X and X is male”. In this view, rules are a means of defining new or a complex relationship using other,simpler relationship.

Definition

The law of universal modus ponens says that from the rule

R=(A<-B₁,B₂,…,B_n)

And the facts

B_1.

B₂

_.

_.

B_n

A’ can be deduced if

A’ <- B’₁, B’₂,…, B’_n is an instance of R.

Definition

A logic programs is a finite set of rules

Definition

An existentially quallified goal G is logical consequence of a program P if there is a clause in P with a ground instance is a clause in P with a ground instance A <- B₁,B₂,…,B_n,n≥0 such that B₁,…, B_n are logical consequences of P, and A is an instance of G.

8. A  simple abstract listener

The abstract interpreter performs yes/no computations. It takes as input a program and a goal, and answer yes if the goal is a logical consequence of the program and no otherwise. The current,usually conjunctive,goal at any stage of the computation is called resolvent. A trace of the interpreter is the sequence of resolvents produced during the computation. Each iteration of the while loop of the abstract interpreter corresponds to a single application of modus ponens. This called reduction.

Input :   A ground goal G and  a program P

Output  :  yes if G is a logical consequence of P

 No otherwise

Algorithm : 

Initialize the resolvent to G

              While the resolvent is not empty do

                       Choose a goal A from the resolvent

                       Choose a ground instance of a clause A’<-B1...Bn from P

                       Such that A and A’ are identical 

                                If no such goal and clause exist,exit the while loop
                      Replace A by  A’<-B1...Bn in the resolvent 
               If the resolvent is empty,then output yes,else no

Definition

A reduction of a goal G by a program P is the replacement of G by the body of an instance of a clause in P,whose head is identical to the choosen goal.

9. The Meaning of a Logic Program
Definition
The meaning of a logic program P,M(P) is thee set of ground goals deducible from P.

Reference :
Sterling,Leon ,Shapiro, Ehud. The art of prolog.1999.Massachussets Of Technology.