Nasser Heidari

2008-11-26

Default NTFS permissions

Filed under: Microsoft Windows — Nasser Heidari @ 11:10

1.       Full Control
2.       Modify
3.       Read and Execute
4.       List Folder Contents
5.       Read
6.       Write

Table A

FC

M

R&E

LFC (folders only)

R

W

Full Control

P

Traverse Folder/Execute File

P

P

P

P

List Folder/Read Data

P

P

P

P

P

Read Attributes

P

P

P

P

P

Read Extended Attributes

P

P

P

P

P

Create Files/Write Data

P

P

P

Create Folders/Append Data

P

P

P

Write Attributes

P

P

P

Write Extended Attributes

P

P

P

Delete Subfolders and Files

P

Delete

P

P

Read Permissions

P

P

P

P

P

P

Change Permissions

P

Take Ownership

P

you can find original version of this document here:

http://blogs.techrepublic.com.com/networking/?p=734&tag=nl.e102

2008-11-09

Bind 9 Configuration

Filed under: Linux — Nasser Heidari @ 19:40

After installing bind , now it’s time to configure it :

# rndc-confgen -a -c /etc/namedb/rndc.conf -k rndc-key -b 256

# cat /etc/namedb/rndc.conf
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};

key "rndc-key" {
algorithm hmac-md5;
secret "nqA/Qb5tdgT5sOZdbFP5n9zwL98aQ3Z30MAcEXKAa70=";
};

# cp /etc/namedb/named.conf /etc/namedb/named.conf.bak

# cat > /etc/namedb/named.conf 

options {
directory "/etc/namedb";
pid-file "/var/run/named.pid";
allow-query { any; };
};

logging {
channel systemlog {
file "log/named.log";
severity debug;
print-time yes;
};
channel audit_log {
file "log/security.log";
severity debug;
print-time yes;
};
channel xfer_log {
file "log/xfer.log";
severity debug;
print-time yes;
};
category default { systemlog; };
category security { audit_log; systemlog; };
category config { systemlog; };
category xfer-in { xfer_log; };
category xfer-out { xfer_log; };
category notify { audit_log; };
category update { audit_log; };
category queries { audit_log; };
category lame-servers { audit_log; };
};

zone "." {
type hint;
file "named.root";
};

zone "localhost" {
type master;
file "localhost.zone";
};

zone "1.0.0.127.in-addr.arpa" {
type master;
file "127.0.0.1.zone";
};

controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { rndc-key; };
};

key "rndc-key" {
algorithm hmac-md5;
secret "nqA/Qb5tdgT5sOZdbFP5n9zwL98aQ3Z30MAcEXKAa70=";
};

# cd /etc/namedb/

# wget ftp://ftp.internic.net/domain/named.root

it’s time to edit /etc/rc.conf and add line's below to make sure BIND will start at reboot.
named_enable="YES"
named_program="/usr/local/sbin/named"
named_flags="-c /etc/namedb/named.conf"
named_pidfile="/var/run/named.pid"

and now you can start bind :

# /etc/rc.d/named start

*** Make sure you check the log files after starting named, to make sure it works without any problem .

------

if you want to host your own domain, you need to add the domain in named.conf, and create the zone file in /etc/namedb. The entry in your named config may look like this:

zone "nasser.net" {
type master;
file "nasser.net";
};

after this step , we need to create a file for this zone :

# cat > /etc/namedb/nasser.net

$ORIGIN .
$TTL 43200       ; 12 hours
@               IN               SOA               ns.nasser.net. info.nasser.net. (
2008110901               ; serial
28400                          ; refresh
14400                          ; retry
3600000                     ; expire
86400                          ; minimum
)
NS      ns.nasser.net.
@               IN               A               192.168.1.1
ns              IN               A               192.168.1.2

ipfw: install_state: Too many dynamic rules !

Filed under: freebsd — Nasser Heidari @ 13:08

today after installing bind on freebsd , and configuring ipfw , i kept reciveing this message :

ipfw: install_state: Too many dynamic rules

after a little googleing i found out the problem .

Problem solved after i change following sysctl value:

sysctl net.inet.ip.fw.dyn_max=16384

echo “sysctl net.inet.ip.fw.dyn_max=16384″ >> /etc/sysctl.conf

default value is 4096 .

2008-11-08

BIND 9 FreeBSD Installation

Filed under: freebsd — Nasser Heidari @ 16:51
Tags: ,

freebsd-logo

# cd /usr/ports/dns/bind95 && make install clean
# mkdir -p /var/chroot/named/etc/namedb/log
# mkdir -p /var/chroot/named/dev
# mkdir -p /var/chroot/named/var/run
# cd /var/chroot
# chown -R bind:bind named
# chmod 700 named
# cp /etc/localtime /var/chroot/named/etc
# cp /etc/namedb/named.root /var/chroot/named/etc/namedb/
# cd /var/chroot/named/dev
# mknod zero c 2 12
# ln -s /dev/random .
# mknod null c 2 2
# chmod 666 zero random null
# cd /etc
# mv namedb old.namedb
# ln -s /var/chroot/named/etc/namedb .
# rndc-confgen -a -c /etc/namedb/rndc.conf -k rndc-key -b 512
# vi /etc/rc.conf
named_enable="YES"
named_program="/usr/local/sbin/named"
named_chrootdir="/var/chroot/named"
named_flags="-c /etc/namedb/named.conf"
named_pidfile="/var/run/named.pid"