Monthly Archives: December 2015

ASSP Install On Ubuntu

Install Ubuntu Server 13.04 with openssh-server selected during setup, update & upgrade it.

Install necessary software:

$sudo apt-get install build-essential pmtools libterm-readline-perl-perl libterm-readline-gnu-perl libyaml-perl libtext-glob-perl libnumber-compare-perl libio-compress-perl libemail-mime-perl libemail-send-perl libemail-valid-perl libfile-readbackwards-perl libwww-perl libmime-types-perl libmail-dkim-perl libmail-spf-perl libmail-srs-perl libnet-cidr-lite-perl libnet-dns-perl libnet-ldap-perl libnet-smtp-server-perl libthreads-perl libthread-queue-any-perl libtie-dbi-perl libschedule-cron-perl libio-socket-ssl-perl libdbd-anydata-perl libdbd-csv-perl libdbd-ldap-perl libdbd-mock-perl libdbd-odbc-perl libdbd-mysql-perl libfile-find-rule-perl libfile-slurp-perl libfile-which-perl libfile-chmod-perl liblinux-usermod-perl libcrypt-rc4-perl libtext-pdf-perl libsmart-comments-perl libcam-pdf-perl libpdf-api2-perl imagemagick perlmagick poppler-utils xpdf libauthen-sasl-perl libnet-snmp-perl libsnmp-base libsnmp-dev libsnmp-perl snmp libsnmp-*-perl libsnmpkit-dev libregexp-optimizer-perl libnet-smtp-tls-perl liblingua-stem-snowball-perl liblingua-identify-perl unzip libberkeleydb-perl

$ sudo apt-get install tesseract-ocr tesseract-ocr-*

$ sudo apt-get install libmodule-signature-perl libtest-pod-perl libtest-pod-coverage-perl libarchive-zip-perl

$ sudo apt-get install libssl-dev

$ sudo cpan


Would you like to configure as much as possible automatically? [yes]


Would you like me to automatically choose some CPAN mirror
sites for you? (This means connecting to the Internet) [yes]

cpan> install Test::Perl::Critic

cpan> install CPAN

cpan> reload cpan

cpan> force install Mail::SPF::Query

cpan> install Net::IP::Match::Regexp Net::SenderBase Net::Syslog Thread::State Sys::MemInfo Crypt::CBC Crypt::OpenSSL::AES DBD::Log DBD::MVS_FTPSQL DBD::Multiplex DBD::Ovrimos DBD::PgPP DBD::Sprite DBD::Template DBD::mysqlPP DBIx::AnyDBD LEOCHARRE::DEBUG LEOCHARRE::CLI PDF::Burst Image::OCR::Tesseract PDF::GetImages PDF::OCR PDF::OCR2 Mail::DKIM::Verifier Convert::Scalar Unicode::GCString Sys::CpuAffinity

cpan> exit

$ sudo apt-get install clamav clamav-daemon
$ sudo freshclam
$ sudo /etc/init.d/clamav-daemon start
$ sudo apt-get install libfile-scan-perl
$ sudo cpan
cpan[1]> test File::Scan::ClamAV
cpan[1]> look File::Scan::ClamAV
root@antispam:~/.cpan/build/File-Scan-ClamAV-1.91-Ik8fWD# make install
root@antispam:~/.cpan/build/File-Scan-ClamAV-1.91-Ik8fWD# exit
cpan[1]> exit

$ wget
$ unzip
$ sudo mkdir -p /usr/share/assp
$ sudo mv -f assp/* /usr/share/assp
$ rm -rf assp Install.txt MacOSX-launchd.txt quickstart.txt Win32-quickstart-guide.txt
$ sudo chown -R nobody:nogroup /usr/share/assp
$ sudo chmod 755 /usr/share/assp/
$ sudo nano /etc/init.d/assp


#!/bin/sh -e
# Start or stop ASSP
# original version by Ivo Schaap <> had issues on Debian4. Modified by atramos.
# Provides:          ASSP (Anti-Spam SMTP Proxy)
# Required-Start:    $syslog, $local_fs
# Required-Stop:     $syslog, $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start ASSP
# Description:       Enable service provided by daemon.


case “$1” in

echo -n “Starting the Anti-Spam SMTP Proxy”
cd /usr/share/assp
perl 2>&1 > /dev/null &

echo -n “Stopping the Anti-Spam SMTP Proxy”
kill -9 ps ax | grep "perl" | grep -v grep | awk '{ print $1 }'

$0 stop || true
$0 start

echo “Usage: /etc/init.d/assp {start|stop|restart}”
exit 1


exit 0

$ sudo chmod 755 /etc/init.d/assp
$ sudo /usr/share/assp/

all must be [OK]

press Ctrl+C

$ sudo update-rc.d assp defaults
$ sudo /etc/init.d/assp start

go to antispam_host:55555



Credit: vladon

Updating PXE Image for GHOST


  1. A technician computer running Windows 8.1 or Windows Server 2012 R2
  2. Download and install Windows ADK for Windows 8.1
  3. Find the boot.wim for winpe-512 in C:\ProgramData\Symantec\Ghost\Template\common\winpe-512\sources.
  4. Extract the contents of boot.wim using a utility like 7zip.
  5. From the 2 directory of the extracted boot.wim, find the ghost folder and startnet.cmd from the Windows/System32 folder. Save these for use in the next section.

Build PE

  1. On your technician computer, click Start, and type deployment. Right-click Deployment and Imaging Tools Environment and then select Run as administrator.
  2. At the command prompt run the following commands to copy WinPE (x86, not amd64) and mount the boot image.
    • copype x86 C:\WinPE_x86
    • Dism /Mount-Image /ImageFile:"C:\WinPE_x86\media\sources\boot.wim" /index:1 /MountDir:"C:\WinPE_x86\mount"
  3. Using the files saved in Prereqs step 5 above, copy the following files and folders:
    1. Copy the ghost folder to C:\WinPE_x86\mount
    2. Copy startnet.cmd to C:\WinPE_x86\mount\Windows\System32, overwriting the previous file
  4. From C:\ProgramData\Symantec\Ghost\Template\common\winpe-512 on your GSS Server, copy the ghost and pxe folders to C:\WinPE_x86\media
  5. Add drivers if needed (not likely if using Windows 8.1)
    • Single Driver (recommended)
    • Dism /Add-Driver /Image:"C:\WinPE_x86\mount" /Driver:"C:\GhostDrivers\driver.inf"
    • Multiple Drivers
    • Dism /Add-Driver /Image:"C:\WinPE_x86\mount" /Driver:"C:\GhostDrivers" /Recurse
  6. Save and unmount the PE boot image
    • Dism /Unmount-Image /MountDir:"C:\WinPE_x86\mount" /commit

Copy to GSS

  1. On your GSS server, open Symantec Ghost Boot Wizard
  2. Make a copy of WinPE-512 and name it WinPEv50
  3. Select OK until WinPE is copied and then Cancel out of the Wizard.
  4. Find the folder for WinPEv50. On Vista and Server 2008 or later it will be located in C:\ProgramData\Symantec\Ghost\Template\common
  5. Delete everyhing in C:\ProgramData\Symantec\Ghost\Template\common\WinPEv50 except drivers.manifest.txtmanifest.txt, and pci.manifest.txt
  6. Copy everything from C:\WinPE_x86\media on your technician computer to C:\ProgramData\Symantec\Ghost\Template\common\WinPEv50 on your GSS server
  7. Open mainfest.txt and delete the unattend and checkDrivers steps and save (you have have to copy the file to your desktop, edit, save, then copy back to the WinPEv50 folder). The unattend step is the one that fails on Windows 8 clients and shouldn’t be needed if your network is DHCP. GSS can’t check the drivers in the PE we are creating so we also need to remove this step or tasks will fail.
  8. Select WinPEv50 as the PreOS on a test machine and test.


Any changes have to be done manually. They cannot be made using the Ghost Boot Wizard.

Bonus Extra

You can use the boot.wim from C:\WinPE_x86\media\sources to create a boot image in WDS.

Source Article


To block a single host, or a range of hosts from accessing a server you can use the following command(s):

## iptables -I INPUT -s -j DROP
## iptables -I INPUT -s -j DROP

Those are temporary rules and if the server is rebooted they will not be present.