Archive for May, 2009

Unknown host, reported by the database

Monday, May 11th, 2009

I use vmware fusion virtual machines for experimenting with the database on windows, linux and solaris.

I’ve just copied my plain linux operating system install and installed oracle 10 and oracle 11. Of course, I’ve renamed the machine. That is what this blogpost is about.

To honest, I am quite lazy. So lazy that I forgot to link the system name set in /etc/sysconfig/network to the ip-address given (done in /etc/hosts).

This does not affect the software installation, but does affect the creating of the database. It is reported as an internal error (ORA-600):

ORA-00600: internal error code, arguments: [keltnfy-ldmInit], [46], [1], [], [], [], [], []

Meaning: the hostname can not be translated to an ip-address.
Resolution: lookup hostname using the hostname command, lookup the ip-address using the /sbin/ifconfig -a command, and link both in /etc/hosts

Posted in Oracle | No Comments »

How to view your website from the outside while being on the inside

Monday, May 4th, 2009

Sound cryptic, doesn’t it?

In most situations where you do configuration, tuning or other settings of web environments (apache, oracle http server, OC4J, weblogic, websphere, etc.) you have access from ‘the inside’, most of the time access via a separate LAN (often called ‘administration LAN’) which let’s you get access in another way than the regular web traffic, which comes in from ‘the outside’ which is firewalled different (or is the only connection being firewalled), thus is handled different.

There are situations where you want to see what traffic from ‘the outside’ does instead of your ‘inside connection’, for example:
- ssl/certificates/wallets
- connecting webservers with the webcache
- altering hostnames
- review firewalling and webtraffic routing
- review NIDS (network intrusion detection)

This is where tor comes in.

What does Tor do? The best explanation is on the tor website. What it does is route your traffic encrypted through an anonymous, distributed network. Tor accomplishes much security related things, for this subject it’s important it setups an connection randomly on the internet.

Tor is not available on the RHEL/OEL/CentOS CD/DVD’s and network repositories. It’s also not present in EPEL (extra packages for Enterprise Linux), so it must be downloaded from the tor download page (choose ’stable’).

In order to fully use it, you need privoxy, which is present in the repository (thus can be installed using yum).

After the installation of both, there’s a little configuration necessary, but then you’ve got a proxy setup which let’s you browse the internet (anonymously) from a random place on the internet!

For people who have security considerations, and/or doubts about anonymity of their traffic, anything which can use a proxy can use it.

This means nikto can be used entirely anonymous, whilst things like nmap, nessus can’t with this setup.

Posted in Linux | 1 Comment »

The hidden gem ’sosreport’ in RHEL and OEL

Friday, May 1st, 2009

During a stroll through the filesystem I encountered an executable (a python script actually) called ’sosreport’. You’ve got to admit: the name sounds intriguing.

The man-page says ‘Generate debugging information for this system’. This is getting even more interesting…

Lets run it!

$ /usr/sbin/sosreport

sosreport (version 1.7)

sosreport requires root permissions to run.

The utility requires root permissions. Not very surprising, root got all permissions to get internal system information.

Again, now as root:

# sosreport

sosreport (version 1.7)

This utility will collect some detailed information about the
hardware and setup of your Red Hat Enterprise Linux system.
The information is collected and an archive is packaged under
/tmp, which you can send to a support representative.
Red Hat will use this information for diagnostic purposes ONLY
and it will be considered confidential information.

This process may take a while to complete.
No changes will be made to your system.

Press ENTER to continue, or CTRL-C to quit.

Please enter your first initial and last name [localhost]: frits hoogland
Please enter the case number that you are generating this report for: 9999

Progress [###################100%##################][05:15/05:15]

Creating compressed archive...

Your sosreport has been generated and saved in:
/tmp/sosreport-fritshoogland.9999-725705-3400ad.tar.bz2

The md5sum is: 8bac4b5ccbb8c1a79dd6571f293400ad

Please send this file to your support representative.

Let’s see what it provides, and see if it got any benefits above Oracle’s RDA…
It produces two files in /tmp:

-rw-r--r-- 1 root root 33 May 1 14:34 sosreport-fritshoogland.9999-725705-3400ad.tar.bz2.md5
-rw------- 1 root root 631098 May 1 14:34 sosreport-fritshoogland.9999-725705-3400ad.tar.bz2

The list of files when extracting sosreport-fritshoogland.9999-725705-3400ad.tar.bz2 simply is too big to put in the blogpost.
It contains all linux configuration files (yes, that’s a bold statement), all startup/shutdown scripts, all kind of current system information (dmidecode, lsmod, lspci, netstat, iptables, rpm, network routes, LVM, device mapper, EMC multipathing, etc.), could go on and on!

This command is able to let anyone who can get access to the system make a file with all relevant settings for troubleshooting. That’s handy! It’s very hard to get information about network configuration, firewall (iptables), etc. out of inexperienced administrators. This command lets you get all information so you can do the troubleshooting out of the archive instead of a question and answer game with the administrator!

Posted in Linux | 2 Comments »