MYSQL - How would I Export tables specifying only certain fields?

Backup mysql database table for specific date and time stamp using OUTFILE.

You need the FILE privilege to do this, and it won't overwrite files.
INTO OUTFILE has a bunch of options to it as well, such as FIELDS ENCLOSED BY, FIELDS ESCAPED BY, etc... that you may want to look up in the manual.
To produce a CSV file, you would do something like:

Example:SELECT A,B,C

INTO OUTFILE '/tmp/result.txt'
FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"'
LINES TERMINATED BY '\n'
FROM X;

1. dump mysql data and output

SELECT c_tEzaudit_ID, c_tEzaudit_op, c_tEzaudit_user, c_tEzaudit_orgid, c_tEzaudit_sno, c_tEzaudit_actby, c_tEzaudit_msg, c_tEzaudit_result, c_tEzaudit_create_time INTO OUTFILE '/tmp/result.txt' FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"' LINES TERMINATED BY '\n' FROM tEzaudit where c_tEzaudit_create_time BETWEEN '2013-06-01 ' AND '2013-06-02';

OR

SELECT * INTO OUTFILE '/tmp/result1.txt' FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"' LINES TERMINATED BY '\n' FROM tEzaudit where c_tEzaudit_create_time BETWEEN '2013-06-01 ' AND '2013-06-02';

2.To load the data back in from the file, use the LOAD DATA INFILE command with the same options you used to dump it out. For the CSV format above, that would be

Example:

LOAD DATA INFILE '/tmp/result.txt'
INTO TABLE X
FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"'
LINES TERMINATED BY '\n';

LOAD DATA INFILE '/tmp/result.txt' INTO TABLE tEzaudit FIELDS TERMINATED BY ',' OPTIONALLY ENCLOSED BY '"' LINES TERMINATED BY '\n';

Jboss Hardening Guide

Jboss Hardening Guide

a)Secure the Jboss 4 and 5 JMX console
b)Secure the Jboss 4 and 5 Web Console

a)Secure the Jboss 4 and 5 JMX console
How to secure the JMX Console

I am using jboss-5.1.0.GA. If you are using a different version then the names of the directories and files may differ.

Step 1: jboss-web.xml
Uncomment the java:/jaas/jmx-console line in the JBOSS_HOME/server/default/deploy/jmx-console.war/WEB-INF/jboss-web.xml file.

Step 2: web.xml
Uncomment the following section in the JBOSS_HOME/server/default/deploy/jmx-console.war/WEB-INF/web.xml file.

    
       HtmlAdaptor
       An example security config that only allows users with the
         role JBossAdmin to access the HTML JMX console web application
      
       /*
       GET
       POST
    
    
       JBossAdmin
    
  

Step 3: Set the username, password and role
Set the username and password in the JBOSS_HOME/server/default/conf/props/jmx-console-users.properties file. Example: admin=password


Set the role in the JBOSS_HOME/server/default/conf/props/jmx-console-roles.properties file. Example: admin=JBossAdmin,HttpInvoker

Step 4: login-config.xml
Ensure that the JBOSS_HOME/server/default/conf/login-config.xml file is configured to use the correct properties files for the jmx-console

      
                       flag = "required">
           props/jmx-console-users.properties
           props/jmx-console-roles.properties
         
      
   

Now when you try to access the jmx-console, via http://localhost:8080/jmx-console, you will be prompted to login.

b)Secure the Jboss 4 and 5 Web Console
The steps to secure the web-console are very similar to the steps above. Take note of the following:

For steps 1 and 2:
The jboss-web.xml file and the web.xml file for the web-console can be found in theJBOSS_HOME\server\default\deploy\management\console-mgr.sar\web-console.war\WEB-INF directory.

For step 3:
You can either use the same jmx-console-users.properties and jmx-console-roles.properties files or you can create new web-console-users.properties and web-console-roles.properties files to configure the username, password and role.

For step 4:
Ensure that the JBOSS_HOME/server/default/conf/login-config.xml file is configured to use the correct properties files for the web-console.

The web-console will now prompt the user to login.

Httpd tutorial

1. How to disable directory browsing in apache/httpd?

open httpd.conf and find the line that looks as follows:
Options Includes Indexes FollowSymLinks MultiViews
then remove word Indexes and save the file. The line should look like this one:
Options Includes FollowSymLinks MultiViews

     2. Configure httpd SSL
# yum install mod_ssl
# make a SSL certificate, go to /etc/pki/tls/certs
# openssl genrsa -des3 -out cert.key 2048
# openssl req -new -key cert.key -out cert.csr
# openssl x509 -req -in cert.csr -days 365 -signkey cert.key -out ca.crt

     2.edit ssl.conf file ( /etc/httpd/conf.d/ssl.conf)

          SSLCertificateFile /etc/pki/tls/certs/ca.crt       

          SSLCertificateKeyFile /etc/pki/tls/certs/cert.key   

          # service httpd start

   3. To enable reverse proxy in in https
add below line in end of httpd.conf file.
ProxyPass /ezmcom http://localhost:8080/ezmcom
ProxyPassReverse /ezmcom http://localhost:8080/ezmcom

Note: To redirect SSL portal 

1. Enable htppd ssl
2. copy and paste below line in httpd.conf file and restart
   SSLProxyEngine On
   RequestHeader set Front-End-Https "On"

Howto: Squid proxy authentication using ncsa_auth helper Centos 6.2

Configure an NCSA-style username and password authentication
1.htpasswd -c /etc/squid/passwd user1
2.chmod o+r /etc/squid/passwd

 Locate nsca_auth authentication helper
 If you are using RHEL/CentOS/Fedora Core or RPM based distro try:
3. rpm -ql squid | grep ncsa_auth

4.add below line in the TOP of squid.conf file. Remember on the TOP.

auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

(Add this to the bottom of the ACL section of squid.conf)
acl ncsa_users proxy_auth REQUIRED 
(Add this at the top of the http_access section of squid.conf)
http_access allow ncsa_users 

e.g.
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl ncsa_users proxy_auth REQUIRED

# Only allow cachemgr access from localhost
http_access allow ncsa_users
http_access allow manager localhost
http_access allow our_networks
http_access deny manager

5. /etc/init.d/squid restart

NTP SERVER AND CLIENT CONFIGURATION

====================================================================
Configure NTP Server
====================================================================
Note: NTP server IP:192.168.2.40
         NTP client2 IP: 192.168.2.2
         NTP client2 IP: 192.168.2.2

# Make sure to install ntp

** Step To create NTP server

# chkconfig ntpd on

# edit /etc/ntp.conf

    --> add this line :

                             peer 192.168.2.2
                             peer 192.168.2.3

# edit /etc/sysconfig/iptables

    --> please enable port 123

# restart ntpd

    --> /etc/init.d/ntpd restart

# restart firewall

    --> /etc/init.d/iptables restart
=======================================================================
** To configure NTP client to syn with NTP server
=======================================================================
# edit /etc/ntp.conf

    --> add this line :

                        restrict 192.168.2.40 mask 255.255.255.0 nomodify notrap noquery
  
                        server 192.168.2.40

                        ** comment out others restrict ..... mask 255.255.255.0 nomodify notrap noquery

# edit /etc/ntp/ntpservers

    --> add this line :

                        192.168.2.40

                        ** comment out others server IP/url

# edit /etc/ntp/step-tickers

    --> add this line :

                        192.168.2.40


# edit /etc/sysconfig/iptables

     --> please enable port 123

# restart ntpd

      --> /etc/init.d/ntpd restart

# restart firewall

      --> /etc/init.d/iptables restart

# fire this command to set the local date and time:

                       ntpdate -u server_IP

# fire this command to query the NTP server-client synchronisation:

                       ntpq -pn

****************************************************************************
****************************************************************************
TESTING

SERVER
# update the time and date

CLIENT
# fire command : ntpdate -u 192.168.2.40
# fire comamnd : ntpq -pn

Creadit to chikaro Natrah

SSL LDAP how to in Centos

1.Install LDAP
# yum install openldap-servers openldap-clients nss_ldap

2.Copy DB_CONFIG
#cp DB_CONFIG.example /var/lib/ldap/DB_CONFIG

3.Created encrypted password for slapd
# slappasswd
{SSHA}372BLnDbuRFpPdQpKi2SRISPaoQEcQW9

4.copy and pasted above encrypted password into slapd.conf
# rootpw                {crypt}ijFYNcSNctBYg    <--------------replace here

5.Change rootDN and suffix accordingly like below example

suffix          "dc=ezmcom,dc=com"

rootdn        "cn=Administrator,dc=ezmcom,dc=com"

6.uncomment below parts
#vi /etc/openldap/slapd.conf
TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
TLSCertificateFile /etc/pki/tls/certs/slapd.pem
TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem

7.edit ldap.conf file and change to
#vi /etc/openldap/ldap.conf

base dc=ezmcom,dc=com

uri ldap://127.0.0.1:636

TLS_CACERTDIR /etc/openldap/cacerts   

ssl start_tls

8.Generate an RSA key using below command.
#openssl genrsa -out cert.key 1024
#openssl req -new -key cert.key -out cert.csr
Note:common name should match with ur suffix dc (ezmcom)

9.Generate self-signing certificate using below command
#openssl x509 -req -in cert.csr -days 365 -signkey cert.key -out cert.crt

10.restart ldap
#/etc/init.d/ldap restart

Credit to chikaro Natrah. ehehe

How to Configure VPN (PPTP) Server on CentOS

In this document you will find the steps on how to build a Linux Point to Point Tunneling Protocol (PPTP) server using Poptop.

This allows roaming users to connect to their corporate network from anywhere on the Internet securely and inexpensively.

It supports Windows 95/98/Me/NT/2000/XP PPTP clients and Linux PPTP clients.

Requirements: -

Server: CentOS 5.3

kernel-2.6.18-128.el5

ppp-2.4.4-2.el5

pptpd-1.3.4-1.rhel5

Kernel version 2.6.15 or above has MPPE built-in which is required for MSCHAPv2. CentOS 5 kernel version is 2.6.18 that means you do not need to install the MPPE module. CentOS 5comes with ppp-2.4.4-1.el5 and it is MPPE support enabled.

Step-1: Install ppp if already not installed and Check if kernel supports MPPE

#yum install ppp

Run the command below to test if your kernel supports MPPE and you should get a return an “ok”: -

#modprobe ppp-compress-18 && echo ok

Step-2: Install PPTPD

You cannot install the pptpd using yum utility because it’s not in yum repo. Download the RPM file pptpd-1.3.4-1.rhel5.1.i386.rpm from http://poptop.sourceforge.net/yum/stable/packages/

#wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.rhel5.x86_64.rpm

Install the RPM by running this command: -

#rpm -ivh pptpd-1.3.4-2.rhel5.x86_64.rpm

Step-3: Configuration

Change the /etc/ppp/options.pptpd as below: -

#vi /etc/ppp/options.pptpd

name pptpd

refuse-pap

refuse-chap

refuse-mschap

require-mschap-v2

require-mppe-128

proxyarp

lock

nobsdcomp

novj

novjccomp

nologfd

Change the following file /etc/pptpd.conf

#vi /etc/pptpd.conf

option /etc/ppp/options.pptpd

logwtmp

localip 192.168.2.1

remoteip 192.168.2.11-15

Add the following username (johndie) and password (passwrd) in /etc/ppp/chap-secrets as below: -

# Secrets for authentication using CHAP

# client server secret IP addresses

shamsul pptpd passwrd *

Step-4: Run the following command to enable the pptpd to start automatically in runlevel 3 and 5 as below: -

#chkconfig --level 35 pptpd on

Now, you can start the pptpd service as below: -

#service pptpd start

Step-5: For pptpd to work, the packet forwarding must be enabled. Edit /etc/sysctl.conf and change the line to below: -

#vi /etc/sysctl.conf

net.ipv4.ip_forward = 1

To enable it immediately, run following command: -

#sysctl -p

Now test your setup by creating a vpn connection from any windows or linux pc.

credit to: http://almamunbd.blogspot.com/2009/06/how-to-configure-vpn-pptp-server-on.html