Category Archives: Linux/Unix

Enabling remote access to PostgreSQL database server

This post is taken from Nixcraft website. I was trying to find out how to access the PostgresSQL DB used in Kali the penetration testing tool.

By default, PostgreSQL database server remote access disabled for security reasons. However, some time you need to provide the remote access to database server from home computer or from web server.

Step # 1: Login over ssh if server is outside your IDC

Login over ssh to remote PostgreSQL database server:
$ ssh user@remote.pgsql.server.com

Step # 2: Enable client authentication

Once connected, you need edit the PostgreSQL configuration file, edit the PostgreSQL configuration file /var/lib/pgsql/data/pg_hba.conf (or/etc/postgresql/8.2/main/pg_hba.conf for latest 8.2 version) using a text editor such as vi.

Login as postgres user using su / sudo command, enter:
$ su - postgres
Edit the file:
$ vi /var/lib/pgsql/data/pg_hba.conf
OR
$ vi /etc/postgresql/8.2/main/pg_hba.conf
Append the following configuration lines to give access to 10.10.29.0/24 network:
host all all 10.10.29.0/24 trust
Save and close the file. Make sure you replace 10.10.29.0/24 with actual network IP address range of the clients system in your own network.

Step # 2: Enable networking for PostgreSQL

You need to enable TCP / IP networking. Use either step #3 or #3a as per your PostgreSQL database server version.

Step # 3: Allow TCP/IP socket

If you are using PostgreSQL version 8.x or newer use the following instructions or skip toStep # 3a for older version (7.x or older).

You need to open PostgreSQL configuration file /var/lib/pgsql/data/postgresql.conf or /etc/postgresql/8.2/main/postgresql.conf.
# vi /etc/postgresql/8.2/main/postgresql.conf
OR
# vi /var/lib/pgsql/data/postgresql.conf
Find configuration line that read as follows:
listen_addresses='localhost'
Next set IP address(es) to listen on; you can use comma-separated list of addresses; defaults to ‘localhost’, and ‘*’ is all ip address:
listen_addresses='*'
Or just bind to 202.54.1.2 and 202.54.1.3 IP address
listen_addresses='202.54.1.2 202.54.1.3'
Save and close the file. Skip to step # 4.

Step #3a – Information for old version 7.x or older

Following configuration only required for PostgreSQL version 7.x or older. Open config file, enter:
# vi /var/lib/pgsql/data/postgresql.conf
Bind and open TCP/IP port by setting tcpip_socket to true. Set / modify tcpip_socket to true:
tcpip_socket = true
Save and close the file.

Step # 4: Restart PostgreSQL Server

Type the following command:
# /etc/init.d/postgresql restart

Step # 5: Iptables firewall rules

Make sure iptables is not blocking communication, open port 5432 (append rules to your iptables scripts or file /etc/sysconfig/iptables):

iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d 10.10.29.50  --dport 5432 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 10.10.29.50 --sport 5432 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

Restart firewall:
# /etc/init.d/iptables restart

Step # 6: Test your setup

Use psql command from client system. Connect to remote server using IP address 10.10.29.50 and login using vivek username and sales database, enter:
$ psql -h 10.10.29.50 -U vivek -d sales

Advertisements
Tagged ,

Bulk Changes Using VI / VIM

VI/M

VI or VIM (Vi IMproved) are text editors that are found in most *nix systems.  Today I came across a very simple but handy feature of these editors which can be used for bulk replacement of repetitive text within files.  It can be compared to the find and replace feature of most text editors such as notepad and Microsoft Word.

Usage

To use this feature, type the command “:%s/old_text/new_text/g” in the command mode of VI or VIM.  The command mode is accessed when you first open your editor or you can switch to it by pressing the “Esc” key on the keyboard. The “old_text” in the command is the text that you want to replace while the “new_text” will be the new text to replace the old one.  The “g” option makes the changes to all occurrences of the old text within the file.  If you want confirmation while doing the changes, then you can add the “c” option at the end by typing “:%s/old_text/new_text/gc“.

 

Example

For example i wanted to change a name of an access list in a particular firewall configuration as shown below.  The name appears 21 times in the configuration file.  This means, if i do it manually i have to type 21 times in order for the change to take effect.  I opened the file in VIM and then used the command to change the name from acl_apptest to acl-apptest_in.

Screenshot-2014-10-09_08.36.25

 

You can search the file by pressing “/” symbol and looking for the text.  In our case the when looking for the text “acl_apptest” the editor highlights all the instances of the text in the file.

Screenshot-2014-10-09_08.56.45

Then i use the command :%s/acl_apptest/acl_app_in/g to make the changes that i want.  As you can see below, the change is instance and all 21 occurrences are changed at once.

Screenshot-2014-10-09_08.37.10

Screenshot-2014-10-09_08.37.35

 

 

 

 

 

Adding proxy configuration in Debian/Ubunutu Linux

 

This post is about how to configure proxy server settings for Linux based computers.  In most enterprise networks, access to the internet is restricted and given only through a proxy server or gateway.   Therefore in order to connect to the internet or have your Linux machine update its software packages, you need to configure the proxy server settings.

After struggling for a while to have it working, i found that there a number of methods available for configuring proxy settings.  The two common methods are either exporting the proxy server details to your shell profile or adding a file called apt.conf in the /etc/apt/ directory.  I have tried the second options was successful in connecting to the internet and updating my Kali machine.

The exact steps i have followed are posted below:

  1. create apt.conf file under the directory etc/apt/ if it does not exist already
  2. Insert the following line in the file by editing the file
    Acquire::http::Proxy “http://proxy name or IP:port-number”;
    Make sure you replace Proxy name or IP and Port-number with your own information. 

    Example1:  Acquire::”http::Proxy http://192.168.111.33:8089/ “; (Proxy without authentication)
    Example2:  Acquire::”http::Proxy http://user1:P@ss@192.168.111.33:8089/ “; (Proxy with authentication)
  3. Save the file and exit
  4. Check if apt-get update works otherwise reboot the system and check.

Note that if your proxy uses authentication to grant access, you will have to insert your credentials in apt.conf file as in the example two above.  Since the credentials will be stored in plain text, then appropriate measures must be taken to ensure that the credentials are protected.

Below are some of the sites i have come across with good information on how to configure proxy for Debian and Debian based Linux distributions.

http://www.pc-freak.net/blog/aptget-proxy-making-debian-ubuntu-aptget-work-proxified-networks/

http://askubuntu.com/questions/89437/how-to-install-packages-with-apt-get-on-a-system-connected-via-proxy

Update for CentOS Configuration

The following configration should work for CentOS and on other distributions similar to RedHat .

System-wide proxy settings – add the following lines to your /etc/environment file:

# vi /etc/environment

http_proxy="http://user:password@proxysrv:8080/"
https_proxy="https://user:password@proxysrv:8080/"
ftp_proxy="ftp://user:password@proxysrv:8080/"
no_proxy=".mylan.local,.domain1.com,host1,host2"

To apply these settings without restarting the machine run the following commands on the bash shell:

export http_proxy="http://user:password@proxysrv:8080/"
export https_proxy="https://user:password@proxysrv:8080/"
export ftp_proxy="ftp://user:password@proxysrv:8080/"
export no_proxy=".mylan.local,.domain1.com,host1,host2"

You also need to configure yum:

# vi /etc/yum.conf
export http_proxy="http://user:password@proxysrv:8080/"
Tagged ,