Hack and Secure

Do you want to know which Public IP address belongs to which country? Of-course, there are plenty of websites, such as www.dnsstuff.com that provides dynamic reports on location information if you query on IP address or host name.

But in case if you want to keep these records in an excel sheet in your computer so that you can refer the sheet whenever you need or if you want to build your own DNS query application? then use this link to download latest version

http://geolite.maxmind.com/download/geoip/database/

Choose GeoIPCountryCSV.zip file and you can also see when it is last updated.

4. AWStats Installation and Configuration

• Download and Start installation of AWStats http://awstats.sourceforge.net/#DOWNLOAD in AWStats Server
• While installing, Script (awstats_configure.pl script) will be automatically launched to configure.
• Configuration looks for Apache. Type ‘none’ and press Enter.

• We want to configure new profile. Type Y and press Enter

• Type profile name as “ECommerce” and press ENTER to Continue…

Choose a proper profile name to easily identify the server in case you want to setup multiple virtual directory of AWStats to monitor multiple Web Servers

• Configuration is completed. Press ENTER to Finish…
• Copy the contents of the AWStats provided cgi-bin and icon folders, from where the AWStats package put it on local hard drive (C:\Program Files), to Virtual directory folder (say our virtual directory root is c:\inetpub)

The configuration of AWStats is not completed, we will again come back here to config awstats.ECommerce.conf

AWStats is one of the best open source Log Analyzer for generating Advanced Web Server Statistics reports. Some times we don’t want to setup AWStats on the same Internet facing Web Server to avoid possible risks of Open Source. I too setup AWStats in a different Intranet Web Server to analyze logs of my E-Commerce website. So this article will explain you complete set up of AWStats and running scheduled scripts to move logs from E-Commerce Website to AWStats Website.

Please note that this method is not real-time monitoring, there will be time-lag of 1 hour 5 mins. Because IIS creates new log every 1 hour which we will be transferred from E-Commerce Website to Intranet AWStats Website to update AWStats

Pre-requisites:

1. Setting up of W3C Extended Log File Format” for IIS

• Open IIS and navigate to your website directory
• Right-click and open Properties window
• In Website tab, ensure Enable option is chosen and Log Format is W3C Extended Log File Format
• Open Properties option available near to Log Format
• In General tab, Set New log schedule from Daily to Hourly (you may find that Log file name immediately changes to exyymmddhh.log)
• In Advanced tab, set logging options as
  • Date
  • Time
  • c-ip
  • cs-username
  • cs-method
  • cs-uri-stem
  • cs-uri-query
  • sc-status
  • sc-bytes
  • cs-version
  • cs(User-Agent)
  • cs(Referer)
• Apply above settings
• Move all existing logs in old format exmmddyy.log from c:\windows\system32\logfiles to any other alternate location

Now onwards IIS will create hourly logs with all above parameters.

2. Installation of Active Perl

AWStats requires Perl. Download and install MSI Windows Installer of Active Perl Community Edition http://www.activestate.com/activeperl/downloads in AWStats Web Server

To ensure proper setup of Perl , execute hello.pl (available in C:\Perl\bin) from command prompt.

3. Virtual directory setup in AWStats Web Server

• Create a Virtual directory named “Emonitor”
• Set Virtual directory access permissions to run scripts (such as ASP) and execute (such as ISAPI applications or CGI)
• Go to the Web Service Extensions folder. Right click on the “Web Service Extension” folder and choose “Add a new Web service extension…”
• Add the title “Perl” and then click “Add…” to add a path to the Perl executable.

• Browse to the C:\Perl directory to pick up the Perl executable and add the following path (including the environment variable):

C:\Perl\bin\perl.exe “%s” %s

• Go to the “Web Sites” folder in the IIS Manager and right click on “Emonitor” virtual directory and select Properties. Then select the “Home Directory” tab and then select “Configuration…” (in the “Applications Settings” section).
• Add the following if .pl extension is not available

All pre-requisites for setting up AWStats are completed. Follow my future articles PART II and PART III to complete full setup of AWStats.

Follow this article first, Setting up of OpenSSH to proceed further to automate your CISCO switch configurations backup. We follow SCP method which is secured means of file transfer.

Telnet to your CISCO Switch:

# config t
(config)# archive

Set credentials and path for uploading configuration file
Syntax:-
path scp://username:password@OpenSSHServer//cygdrive/drive/folder_name/filename

(config-archive)#path scp://xbackup:********@172.20.100.54//cygdrive/M/allconfig/ 172.20.100.254

Below command informs switch to upload configuration to OpenSSH server whenever write-memory command is executed.
(config-archive) # write memory
(config-archive)# exit
(config)# exit
# write memory

<Ensure at this stage, configuration is automatically backed up to OpenSSH Server>

The aim of this article is to provide a set up procedure for establishing OpenSSH Server in your environment. OpenSSH is primarily used for secure transfer of your files. I used it specifically to automate backup of my network switches configurations.

SCP Protocol, runs on port 22, is tunnelled through SSH Protocol to provide encryption and authentication. It hinders the ability for packet sniffers to extract usable information from the data packets.

Setting up of OpenSSH

1. Choose  a server to setup as OpenSSH Server.
2. Download OpenSSH from http://sshwindows.sourceforge.net/
3. Run setupssh.exe file
4. Click Next to continue Welcome Screen
5. Accept License Agreement
6. Choose default components to install

7. Choose default installation directory

8. Proceed to installation

9. Accept the message to setup passwd file and complete the installation

Configuring OpenSSH

• Create a local user account (xbackup) on the OpenSSH Server and set a complex password. While creating account, enable “user cannot change password” and “password never expires” option
• Open a command prompt and change to the installation directory (Program Files\OpenSSH is the default)
• CD into the bin directory.
• Setup local computer directory for usernames.

mkgroup –l >> ..\etc\group

• Setup user account xbackup for SSH login

mkpasswd –l –u xbackup >> ..\etc\passwd

• Start OpenSSH Service

net start opensshd

• Create a home folder for xbackup account where all configurations are to be saved.
• Create a folder in C:\Documents and Settings

Note: Folder name must exactly match the user account name; in this case, it is xbackup

Check connectivity of OpenSSH

• Download Putty from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
• Try to login to OpenSSH Server, with connection type as SSH.
• If the connection establishes successfully, then your OpenSSH is up and ready!