Wednesday, August 29, 2012

VirtualBox with phpvirtualbox on Debian Wheezy

A rough guide to using phpvirtualbox on Debian Wheezy:

Install VirtualBox:
apt-get install virtualbox
Create user vbox, member of group vboxusers:
adduser vbox vboxusers
If using the VirtualBox GUI change the VirtualBox menu item to run as vbox:
(suggest installing lxmenu)
 VirtualBox vbox
 In VirtualBox GUI change the location for VM's:
File -> Preferences -> General -> Default Machine Folder: /home/vbox
Download the Extension Pack from www.virtualbox.org
- this is required to enable remote desktop console access (VRDP/VRDE).
Install the Extension Pack in VirtualBox GUI:
File -> Preferences -> Extensions -> Add package
(Note: you may get an error if you previously installed the Extension Pack before running VirtualBox as user vbox.

Install Apache2 with PHP5:
apt-get install apache2 php5
Download latest phpvirtualbox from http://code.google.com/p/phpvirtualbox/downloads/list
Unzip the file, move phpvirtualbox directory to /var/www/
(using the default Apache folder here - modify as required)
Copy config.php-example to config.php
Edit /var/www/phpvirtualbox/config.php
 - set the lines for $username & $password to match the account 'vbox' created ealier.

Create an init script to start the vboxwebsrv daemon:
cp /etc/init.d/skeleton /etc/init.d/vboxweb
nano /etc/init.d/vboxweb
...
start) ...
/usr/bin/vboxwebsrv -b
 stop) ...
killall vboxwebsrv

Now start the new script:
/etc/init.d/vboxweb start
You should now be able to log in to phpvirtualbox:
http://hostname/phpvirtualbox
Username = admin
Password = admin

File -> Preferences -> Default Machine Folder: /home/Virtualbox VMs
 /home/vbox
OK
 Create a new Virtual Machine.  This configuration currently fails at the point of creating the virtual disk image - to avoid this issue create the virtual machine without a startup disk, then add the disk afterwards.

To enable the remote console, edit the VM settings:
(Extension Pack must be installed under the vbox user - see above)
Settings -> Display -> Remote Display -> Enable Server; Server Port: 3391
(*Recommend not using 3389, in case xrdp is installed on the host).

Note: to use the Remote Desktop console provided through Oracle Extension Pack, the client must have Flash installed.  Screen corruption in the form of unreadable dots may occur if the resolution you connect at is too low.

Note that /etc/init.d/virtualbox runs as root, hence all files will be owned by root.  This may cause problems if you try to locate files in another users home folder (e.g. /home/vbox). To avoid issues with this (even root has limited write access to another users home folder[?TBC]), it may be better to change the default home machine folder to "shared" folder, e.g. "/home/VirtualBox VMs"

To start machines automatically at boot, add lines to /etc/rc.local:
# Start Virtualbox guests:
/usr/bin/VBoxHeadless -startvm Guest1 &
/usr/bin/VBoxHeadless -startvm Guest2 &
Posted by at No comments:
Labels: ,

Monday, August 6, 2012

Linux route add

Syntax for adding a route in Linux:
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.2
List routes:
netstat -rn
Delete route:
route delete net 192.168.2.0
Add static route:
nano /etc/network/interfaces
post-up route add -net 192.168.2.0/24 gw 192.168.1.2 dev eth1
pre-down route delete -net 192.168.2.0/16 gw 192.168.1.2
Add/Change default gateway:
ip route add default via 192.168.1.254
Posted by at No comments:
Labels: ,

Saturday, August 4, 2012

Mount error 1: Operation not permitted

The above error was occurring when trying to mount CIFS share on Debian Squeeze with OpenVZ kernel 2.6.32-5.  Another problem that occurs is AutoFS will show top-level shares, but will not allow the shares to be browsed.

This error still occurs 18 months after being reported.  Container virtualization is focused on LXC in Linux - my solution is to abandon OpenVZ.

Changing the kernel back to the non-openvz image fixes the issues.
Posted by at No comments:
Labels: ,

Friday, August 3, 2012

SpamAssassin for Exchange 2003

SpamAssassin for Exchange 2003 can be implemented using the following components:
  1. SpamAssassin for Windows binaries provided by JAM Software
  2. Exchange SpamAssassin Sink, written by Chris Lewis
  3. NSSM service installer
Manual configuration is required.
Perl is not required - a Perl DLL file is provided with the other binaries.
  • Download SpamAssassin for Windows from JAM Software.  JAM also provide a variety of useful tools for managing SpamAssassin for little cost.  Note: some sites link to SAwin32 for the binaries, however these are an old version (3.2.5) and have a bug relating to "The date is grossly in the future".
  • Download Exchange SpamAssassin Sink - the original site no longer works but you should be able to find a copy somewhere for download.
  • Download NSSM (http://nssm.cc/download)
    Note: you can also use srvany, provided in the Windows 2003 Resource Kit Tools, but NSSM is a little clearer and easier.
  • Install SpamAssassin for Windows
  • Extract NSSM to an appropriate location such as C:\Program Files\NSSM
  • Use NSSM to create the SpamAssassin service: nssm install SpamAssassin
    Browse to the spamd.exe binary.
    Start the service using Services mmc.
  • Install Exchange SpamAssassin Sink - it *MUST* be iinstalled to C:\ESA
    Edit ExchangeSpamAssassin.ini:
    • SpamAssassin_Batch_File=C:\ESA\spamcheck.bat
  • Run the Install_ESA_Sink.bat file at the end of installation to install the Exchange sink hook.
  • Create a new batch file to call spamc:
    • C:\ESA\spamcheck.bat

      "E:\Program Files\JAM Software\SpamAssassin for Windows\spamc.exe" %*
At this point the filter should be active - send yourself a test message using an external source and look at the email headers to see the SpamAssassin headers.

You also need to train the filter - create the following file to call the sa-learn binary - note you must change to the sa-learn.exe directory to ensure correct paths are used to find the config files:
C:\ESA\sa-learn.bat:
E:
cd "E:\Program Files\JAM Software\SpamAssassin for Windows"
sa-learn.exe %*

You are supposed to save 200 emails in spam & ham folders then run the batch files for learning:
sa-learn-spam
sa-learn-ham

The SpamAssassin default configuration provided by JAM Software does not rewrite the subject.  To do so edit the file:
 ..\etc\spamassassin\local.cf

To force Exchange IMF to move spam into the Junk Mail folder you can use IMF Keyword Manager from Accendo Solutions to create the XML file - note it is necessary to re-apply the XML file and restart SMTP service after any Exchange Filtering updates are applied through Windows Updates.  We suggest searching the SUBJECT for text "**SPAM**".  - this doesn't seem to work, it appears the IMF assigns the SCL before SpamAssassin Sink is processed.  The result is that you need to rely on an Outlook Rule to move "**SPAM**" messages into the Junk E-mail folder.

Note the bug in Exchange IMF settings: "Move messages with an SCL greater than or equal to:" should be "Move messages with an SCL greater than:"


In my experience this setup has proved to offer little extra defence over a plain Exchange server using up-to-date Intelligent Message Filtering and appropriate RBL's; but your mileage may vary.

**UPDATE, 21/8/2012**
 SpamAssassin appears about 50% better than relying on IMF alone, particularly for detecting recent virus's in email; however it still is not as good as commercial products.
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)