Zabbix installation and setup

https://www.zabbix.com/documentation/3.0/manual/installation/install_from_packages/repository_installation#installing_repository_configuration_package2

Ubuntu 16.04 LTS (xenial):

$ wget http://repo.zabbix.com/zabbix/3.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_3.0-1+xenial_all.deb
$ dpkg -i zabbix-release_3.0-1+xenial_all.deb
$ apt-get update
$ sudo apt-get install zabbix-agent zabbix-server-mysql zabbix-frontend-php snmpd php5.6-mysql php5.6-curl
$ sudo nano /etc/php/5.6/apache2/php.ini

...
[Date]
; Defines the default timezone used by the date functions
; http://php.net/date.timezone
date.timezone = America/Sao_Paulo
....


$ sudo /etc/init.d/apache2 restart

php info date

Determine what port zabbix listening to. Should be either or all 10050 and 10051. One for agent another for server.
$ sudo netstat -tlnp | grep zabbix
zabbix port listening

Url:
http://localhost/zabbix

Default Username: Admin
Default Password: zabbix

Error Solution: The frontend does not match Zabbix database
zabbix database installation error

You should first populate the database with the sql file provided in /usr/share/doc/zabbix-server-mysql/create.sql

Depending on the size allowed in phpmyadmin its best to import thru the command line. Also this allows to edit the file if any errors (possible 1709)
$ mysql -u root -p zabbix < create.sql

Configure port
If you have the incorrect port set you will get this error
Zabbix server is running
To view the zabbix port (you may need to start zabbix)
$ sudo /etc/init.d/zabbix-agent restart
$ sudo netstat -tlnp | grep zabbix
To change web port
$ sudo nano /etc/zabbix/web/zabbix.conf.php

$ZBX_SERVER      = '192.168.0.13';
$ZBX_SERVER_PORT = '10050';
$ZBX_SERVER_NAME = '';

To change agent port
$ sudo nano /etc/zabbix/zabbix_agentd.conf

### Option: ListenPort
#	Agent will listen on this port for connections from the server.
#
# Mandatory: no
# Range: 1024-32767
# Default:
ListenPort=10050

If you want reinstall zabbix. To get the installation screen
delete /etc/zabbix/web/zabbix.conf.php
or
go to http://localhost/zabbix/setup.php

# comment out the line 'mibs'
$ sudo nano /etc/snmp/snmp.conf

# As the snmp packages come without MIB files due to license reasons, loading
# of MIBs is disabled by default. If you added the MIBs you can reenable
# loading them by commenting out the following line.
#mibs :

# error log location
/var/log/zabbix/

possible errors

server error:
[Z3001] connection to database 'zabbix' failed: [1045] Access denied for user 'zabbix'@'localhost' (using password: NO)
solution:
mysql>grant all privileges on zabbix.* to zabbix@localhost identified by 'abc123'
$ sudo nano file:/etc/zabbix/zabbix_server.conf

### Option: DBPassword
#	Database password. Ignored for SQLite.
#	Comment this line if no password is used.
#
# Mandatory: no
# Default:
DBPassword=abc123

agent error:
$ tail -f zabbix_agentd.log
failed to accept an incoming connection: connection from "192.168.0.13" rejected, allowed hosts: "127.0.0.1"
solution:
zabbix_agentd.conf 'Server=...' need to match /etc/zabbix/web/zabbix.conf.php '$ZBX_SERVER'
$ sudo nano /etc/zabbix/zabbix_agentd.conf
add 192.168.0.13

 ...
Server=127.0.0.1,192.168.0.13
....
ServerActive=127.0.0.1,192.168.0.13
...

$ sudo /etc/init.d/zabbix-agent restart

sources

http://www.cbt4all.com/2015/01/zabbix-for-beginners-01-installing.html

https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-zabbix-to-securely-monitor-remote-servers-on-centos-7

Configuring ddclient

ddclient updates IP addresses at dynamic DNS services.

# install ddclient
$ sudo apt-get install ddclient

Configuring dyndns.com

Selected dyndns.com in the installation process and followed the prompts. Did not need to manually enter anything.

Configuring namecheap.com

Enable Dynamic DNS for your domain
Login to your Namecheap control panel and enable dynamic DNS for your domain.
You’ll get a really long password string to use. Save that for now as you’ll need it later on.
namecheap dynamic dns password

$ sudo nano /etc/ddclient.conf

# namecheap.com example configuration
# the login is the domain name and password is the hash you saved in the prior step called ‘Dynamic DNS Password’.

# Configuration file for ddclient generated by debconf
#
# /etc/ddclient.conf

protocol=namecheap
use=web, web=dynamicdns.park-your-domain.com/getip, web-skip='IP Address'
server=dynamicdns.park-your-domain.com
login=baligena.com
password='36e39d6fief87be5e38c7d7507863'
@,www

# remove cache
$ sudo rm /var/cache/ddclient/ddclient.cache

# force update, you may need to delete cache
$ sudo ddclient --daemon=0 --debug --verbose --noquiet

# another configuration file
$ sudo nano /etc/default/ddclient
# to enable automatic updates you must enable the daemon, see specified settings

run_dhclient="false"
run_ipup="false"
run_daemon="true"
daemon_interval="300"

# restart ddclient
$ sudo /etc/init.d/ddclient restart

source:

tags:
ddns, Dynamic DNS

Tunnel Traffic Proxy

Want to use your local machine firefox browser but want to tunnel your traffic thru your server. Here is how its done using ssh.
$ ssh -D 1080 username@server

additional reading
http://www.redpill-linpro.com/sysadvent//2015/12/13/socks-proxy-as-poor-mans-vpn.html
https://news.ycombinator.com/item?id=10726158
https://github.com/apenwarr/sshuttle

Firefox extension Proxy Switcher

Useful linux application that does similar action without all the browser configuration
https://github.com/apenwarr/sshuttle
$ sshuttle -r username@sshserver 0/0

network proxy configuration

iptables

iptables is a unix firewall.  The name is not self descriptive.  Below are some notes I gathered.

Allow node.js port 3000 to be accessed outside the machine.  Vagrant (the inside) and windows (the outside).  The 1st one is to add a rule to the beginning and the 2nd is to append at the end of all the rules.  Ultimately they are the same.  Be careful with the second one because rules before will take preference.
$ sudo iptables -I INPUT -p tcp --dport 3000 -j ACCEPT
$ sudo iptables -A INPUT -p tcp --dport 3000 -j ACCEPT

Using Iptables on Linux

Webmin

Webmin is a web-based system configuration tool for Unix-like systems.  Can configure shorewall6.

Installation:
$ sudo nano /etc/apt/sources.list.d/webmin.list

deb http://download.webmin.com/download/repository sarge contrib

$ wget -q http://www.webmin.com/jcameron-key.asc -O- | sudo apt-key add -
$ sudo apt-get update
$ sudo apt-get install webmin

Finally, in your client’s web browser, go to the webmin login page, https://localhost:10000.
The server username and password is the credentials to login.

Sources:
https://askubuntu.com/questions/638066/is-there-a-simple-web-gui-for-apache-that-runs-on-ubuntu#answer-638070
https://www.digitalocean.com/community/tutorials/how-to-install-webmin-with-ssl-on-ubuntu-14-04

Setting up Ubuntu Server on Laptop

Dell Latitude D630

FTP WordPress

  • attempting to install plugins via FTP
  • setup FTP
    • http://baligena.com/ftp-server-setup/
    • possible errors
      • Unable to locate WordPress Content directory (wp-content).
      • alt text
        • ftp not opening correct folder
        • change the user folder ftp is pointing to
          • $ usermod --home /var/www/wordpress/ ftpuser
  • alternative to FTP
  • possible errors
    • Unpacking the package… Could not create directory.
    • alt text
      • does not have permission to write
      • Make sure ftp server allows write
        • $ sudo nano /etc/vsftpd.conf
        • #
          # Uncomment this to enable any form of FTP write command.
          write_enable=YES
          
        • $ sudo /etc/init.d/vsftpd restart
      • change /var/www/wordpress user or group

Stop DNS hijacking and setting DNS server

– disable DNS hijacking
– change DNS server
– setting up google as DNS server

What is DNS hijacking ?
– DNS redirecting

Why don’t I want it ?
– When I but a url that is not recognized it gets redirected to ads
– It interferes with avahi-daemon (zeroconf)

How do I know its occurring ?
– by typing a non existing url in the browser
– ping a non existing url
– in windows by running nslookup in the command line and seeing a foreign ip address

How to stop it ?
– setting up a specific router (http://hackercodex.com/guide/how-to-stop-isp-dns-server-hijacking/)
– or changing your computer dns server (https://developers.google.com/speed/public-dns/docs/using)
– use QuickSetDNS

More ?
– in windows command line running ipconfig /all will show what dns server you’re running

In linux
You will need to edit the ‘/etc/resolv.conf’ with the nameserver of your choice. You can manually edit it (without restarting anything) and have it work however it you restart you computer it will be overwritten by resolvconf. To avoid the overwriting you need to edit ‘/etc/resolvconf/resolv.conf.d/head’ instead. Now if you cannot find that file you will need to update ‘resolvconf’ by running ‘$ apt-get install resolvconf’ (had to do it for raspberry pi). source
To force resolvconf to update /etc/resolv.conf run
$ sudo resolvconf -u

Another ‘not a good idea’ option is to use ‘$ chattr +i’ to lock down ‘resolv.conf’ which seems hacky

tags:
time warner
bright house network

Laravel Homestead Vagrant windows setup

video notes:
9:35 editing hosts files
6:13 putty ssh to vagrant server

# start vagrant
# inside C:\Users\username\Desktop\vagrant\Code
$ vagrant up

# the url will be http://homestead.app:8000/

# vagrant for public access
# http://stackoverflow.com/questions/18051760/how-to-access-vagrant-box-in-public-network#answer-18068143

config.vm.network :public_network, ip: "192.168.1.21"

# to allow symbolic links, ln -s
# in windows 7 you need to run the terminal as administrator
https://github.com/cityindex-attic/logsearch/issues/7#issuecomment-19054050

FTP Server Setup

In ubuntu 14.04

How to setup FTP server on ubuntu 14.04 ( VSFTPD )

In ubuntu 12.04

mkdir /home/user/ftpfiles
sudo su
apt-get install vsftpd
cp /etc/vsftpd.conf.bak
nano /etc/vsftpd.conf
groupadd ftpusers
useradd -g ftpusers -d /home/user/ftpfiles newusername
passwd newusername
chmod 775 /home/user/ftpfiles
chown root:ftpusers /home/user/ftpfiles
chmod a-w /home/user/ftpfiles
service vsftpd restart
ftp localhost

errors:
500 OOPS: could not read chroot() list file:/etc/vsftpd.chroot_list
– /etc/vsftpd.chroot_list file doesnt exist created it
– touch /etc/vsftpd.chroot_list

500 OOPS: vsftpd: refusing to run with writable root inside chroot ()
– chmod a-w /home/user/ftpfiles
– https://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot/

– resource:
– https://www.youtube.com/watch?v=BTGBE1Ae1LA

testing:

# determine if ftp port is listening
$ sudo nmap -sS 127.0.0.1

# telnet test
# attempt a successful login and determine current working directory
# list of commands
$ telnet localhost 21
user ftpuser
pass password
pwd