Monthly Archives: December 2015

ASSP Install On Ubuntu

Install Ubuntu Server 13.04 with openssh-server selected during setup, update & upgrade it.

Install necessary software:

$sudo apt-get install build-essential pmtools libterm-readline-perl-perl libterm-readline-gnu-perl libyaml-perl libtext-glob-perl libnumber-compare-perl libio-compress-perl libemail-mime-perl libemail-send-perl libemail-valid-perl libfile-readbackwards-perl libwww-perl libmime-types-perl libmail-dkim-perl libmail-spf-perl libmail-srs-perl libnet-cidr-lite-perl libnet-dns-perl libnet-ldap-perl libnet-smtp-server-perl libthreads-perl libthread-queue-any-perl libtie-dbi-perl libschedule-cron-perl libio-socket-ssl-perl libdbd-anydata-perl libdbd-csv-perl libdbd-ldap-perl libdbd-mock-perl libdbd-odbc-perl libdbd-mysql-perl libfile-find-rule-perl libfile-slurp-perl libfile-which-perl libfile-chmod-perl liblinux-usermod-perl libcrypt-rc4-perl libtext-pdf-perl libsmart-comments-perl libcam-pdf-perl libpdf-api2-perl imagemagick perlmagick poppler-utils xpdf libauthen-sasl-perl libnet-snmp-perl libsnmp-base libsnmp-dev libsnmp-perl snmp libsnmp-*-perl libsnmpkit-dev libregexp-optimizer-perl libnet-smtp-tls-perl liblingua-stem-snowball-perl liblingua-identify-perl unzip libberkeleydb-perl

$ sudo apt-get install tesseract-ocr tesseract-ocr-*

$ sudo apt-get install libmodule-signature-perl libtest-pod-perl libtest-pod-coverage-perl libarchive-zip-perl

$ sudo apt-get install libssl-dev

$ sudo cpan

[…]

Would you like to configure as much as possible automatically? [yes]

[…]

Would you like me to automatically choose some CPAN mirror
sites for you? (This means connecting to the Internet) [yes]

cpan> install Test::Perl::Critic

cpan> install CPAN

cpan> reload cpan

cpan> force install Mail::SPF::Query

cpan> install Net::IP::Match::Regexp Net::SenderBase Net::Syslog Thread::State Sys::MemInfo Crypt::CBC Crypt::OpenSSL::AES DBD::Log DBD::MVS_FTPSQL DBD::Multiplex DBD::Ovrimos DBD::PgPP DBD::Sprite DBD::Template DBD::mysqlPP DBIx::AnyDBD LEOCHARRE::DEBUG LEOCHARRE::CLI PDF::Burst Image::OCR::Tesseract PDF::GetImages PDF::OCR PDF::OCR2 Mail::DKIM::Verifier Convert::Scalar Unicode::GCString Sys::CpuAffinity

cpan> exit

$ sudo apt-get install clamav clamav-daemon
$ sudo freshclam
$ sudo /etc/init.d/clamav-daemon start
$ sudo apt-get install libfile-scan-perl
$ sudo cpan
cpan[1]> test File::Scan::ClamAV
cpan[1]> look File::Scan::ClamAV
root@antispam:~/.cpan/build/File-Scan-ClamAV-1.91-Ik8fWD# make install
root@antispam:~/.cpan/build/File-Scan-ClamAV-1.91-Ik8fWD# exit
cpan[1]> exit

$ wget http://kaz.dl.sourceforge.net/project/assp/ASSP%20V2%20multithreading/2.3.3%2013137/ASSP_2.3.3_13137_install.zip
$ unzip ASSP_2.3.3_13137_install.zip
$ sudo mkdir -p /usr/share/assp
$ sudo mv -f assp/* /usr/share/assp
$ rm -rf assp ASSP_2.3.3_13137_install.zip Install.txt MacOSX-launchd.txt quickstart.txt Win32-quickstart-guide.txt
$ sudo chown -R nobody:nogroup /usr/share/assp
$ sudo chmod 755 /usr/share/assp/assp.pl
$ sudo nano /etc/init.d/assp

Contents:

===
#!/bin/sh -e
# Start or stop ASSP
#
# original version by Ivo Schaap <ivo@lineau.nl> had issues on Debian4. Modified by atramos.
#
### BEGIN INIT INFO
# Provides:          ASSP (Anti-Spam SMTP Proxy)
# Required-Start:    $syslog, $local_fs
# Required-Stop:     $syslog, $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start ASSP
# Description:       Enable service provided by daemon.
### END INIT INFO

PATH=/bin:/usr/bin:/sbin:/usr/sbin

case “$1” in

start)
echo -n “Starting the Anti-Spam SMTP Proxy”
cd /usr/share/assp
perl assp.pl 2>&1 > /dev/null &
;;

stop)
echo -n “Stopping the Anti-Spam SMTP Proxy”
kill -9 ps ax | grep "perl assp.pl" | grep -v grep | awk '{ print $1 }'
;;

restart)
$0 stop || true
$0 start
;;

*)
echo “Usage: /etc/init.d/assp {start|stop|restart}”
exit 1
;;

esac

exit 0
===

$ sudo chmod 755 /etc/init.d/assp
$ sudo /usr/share/assp/assp.pl

all must be [OK]

press Ctrl+C

$ sudo update-rc.d assp defaults
$ sudo /etc/init.d/assp start

go to antispam_host:55555

login:root
pass:nospam4me

Enjoy!

Credit: vladon

Updating PXE Image for GHOST

Prerequisites

  1. A technician computer running Windows 8.1 or Windows Server 2012 R2
  2. Download and install Windows ADK for Windows 8.1
  3. Find the boot.wim for winpe-512 in C:\ProgramData\Symantec\Ghost\Template\common\winpe-512\sources.
  4. Extract the contents of boot.wim using a utility like 7zip.
  5. From the 2 directory of the extracted boot.wim, find the ghost folder and startnet.cmd from the Windows/System32 folder. Save these for use in the next section.

Build PE

  1. On your technician computer, click Start, and type deployment. Right-click Deployment and Imaging Tools Environment and then select Run as administrator.
  2. At the command prompt run the following commands to copy WinPE (x86, not amd64) and mount the boot image. 
    • copype x86 C:\WinPE_x86
    • Dism /Mount-Image /ImageFile:"C:\WinPE_x86\media\sources\boot.wim" /index:1 /MountDir:"C:\WinPE_x86\mount"
  3. Using the files saved in Prereqs step 5 above, copy the following files and folders:
    1. Copy the ghost folder to C:\WinPE_x86\mount
    2. Copy startnet.cmd to C:\WinPE_x86\mount\Windows\System32, overwriting the previous file
  4. From C:\ProgramData\Symantec\Ghost\Template\common\winpe-512 on your GSS Server, copy the ghost and pxe folders to C:\WinPE_x86\media
  5. Add drivers if needed (not likely if using Windows 8.1)
    • Single Driver (recommended)
    • Dism /Add-Driver /Image:"C:\WinPE_x86\mount" /Driver:"C:\GhostDrivers\driver.inf"
    • Multiple Drivers
    • Dism /Add-Driver /Image:"C:\WinPE_x86\mount" /Driver:"C:\GhostDrivers" /Recurse
  6. Save and unmount the PE boot image 
    • Dism /Unmount-Image /MountDir:"C:\WinPE_x86\mount" /commit

Copy to GSS

  1. On your GSS server, open Symantec Ghost Boot Wizard
  2. Make a copy of WinPE-512 and name it WinPEv50
  3. Select OK until WinPE is copied and then Cancel out of the Wizard.
  4. Find the folder for WinPEv50. On Vista and Server 2008 or later it will be located in C:\ProgramData\Symantec\Ghost\Template\common
  5. Delete everyhing in C:\ProgramData\Symantec\Ghost\Template\common\WinPEv50 except drivers.manifest.txtmanifest.txt, and pci.manifest.txt
  6. Copy everything from C:\WinPE_x86\media on your technician computer to C:\ProgramData\Symantec\Ghost\Template\common\WinPEv50 on your GSS server
  7. Open mainfest.txt and delete the unattend and checkDrivers steps and save (you have have to copy the file to your desktop, edit, save, then copy back to the WinPEv50 folder). The unattend step is the one that fails on Windows 8 clients and shouldn’t be needed if your network is DHCP. GSS can’t check the drivers in the PE we are creating so we also need to remove this step or tasks will fail.
  8. Select WinPEv50 as the PreOS on a test machine and test.

Issues

Any changes have to be done manually. They cannot be made using the Ghost Boot Wizard.

Bonus Extra

You can use the boot.wim from C:\WinPE_x86\media\sources to create a boot image in WDS.

Source Article

Block IP Using IPTABLES

To block a single host, or a range of hosts from accessing a server you can use the following command(s):

## iptables -I INPUT -s 1.2.3.4 -j DROP
## iptables -I INPUT -s 1.2.0.0/16 -j DROP

Those are temporary rules and if the server is rebooted they will not be present.