Tag Archives: Linux

Deploying Joomla 1.5

This howto is based in Debian 5.0.

The first step to install joomla without issues, is install dependencies.

apt-get update && apt-get upgrade

Installing MySQL

apt-get install mysql-server mysql client

Installing Apache & PHP

apt-get install apache2 apache2-doc php5 php5-mysql libapache2-mod-php5

Testing php

vim /var/www/test.php

write this code inside:

<?php phpinfo(); ?>


Managing database

For maintain our mysql database we’ll use chive.

wget -O – http://launchpad.net/chive/0.4/0.4.0/+download/chive_0.4.0.tar.gz|tar -xzp


http://ipaddress/chive and enjoy!!

add mysql extension to php
vim /etc/php5/apache2/php.ini

Add include module in apache
$ a2enmod include

/etc/init.d/apache2 restart

Install bzip2

apt-get install unzip zip


We are going to create database for Joomla

mysql -u root -p

mysql> create database joomla;

Create user CREATE USER 'joomla'@'localhost' IDENTIFIED BY 'opensource';

Adding privileges…


Enable Settings…


Download and install Joomla:

cd /var/www
mkdir joomla
cd joomla

wget http://joomlacode.org/gf/download/frsrelease/13105/57240/Joomla_1.5.22-Stable-Full_Package.zip

unzip Joomla_1.5.22-Stable-Full_Package.zip


chown -R www-data:www-data /var/www/joomla
find /var/www/joomla -type f -exec chmod 0644 {} \;
find /var/www/joomla -type d -exec chmod 0755 {} \;

Point your browser http://ipaddress/joomla and follow the steps

Don’t forget to remove the installation folder
rm -rf /var/www/joomla/installation/

See You!!


Asterisk & Ossec Part.I

In previous post I was talking about Ossim and Netflow integration. In the next posts I am going to explain how to configure OSSEC module with different services.

The first “integration” that I am going to describe is how to protect Asterisk with this applications.

Add Asterisk to Ossec Server

cd /var/ossec/bin
choose the option “add an agent” and enter the client IP and ID and quit (Q).
./ossec-control stop
./ossec-control start

Install ossec agent in Asterisk Server

– Download and extract ossec agent
/usr/src/wget http://www.ossec.net/files/ossec-hids-2.4.1.tar.gz
tar -zxvf ossec-hids-2.4.1.tar.gz

– Install it.
cd ossec-hids-1.6
Choose agent option and type ossec server IP.
Other questions by default.

– Configure the agent
cd /var/ossec/bin/
Select option “I” to import agent key of the Ossec Server. To obtain this key you need to execute in Ossec Server the command “./manage_agent” and select option “E”. When you have the key you only have to copy this key in the agent client.

After this you have to restart Ossec Server and Ossec agent service:
/var/ossec/bin/ossec-control stop
/var/ossec/bin/ossec-control start

To verify that agent is working correctly execute this command in Ossec Server:
/var/ossec/bin/agent_control -l

In Part.2 I’will explain how to configure the ossec asterisk module.

Ossim & Netflow

I have started to use OSSIM, to monitor network issues and security.

My first steps with OSSIM have been with Netflow module (nfsen).

This is a mini Howto, to configure Nfsen in OSSIM server, to monitor Cisco Routers.

Configure netflow in Cisco Router
config t
interface FastEthernet 0/0 (or whatever you want)
ip route cache-flow

ip flow-export destination “dst ip” “dst port”
ip flow-export source “src interface”
ip flow-export version 5

ip flow-cache timeout active 1
ip flow-cache timeout inactive 15

write mem

Whit this, We already configured our device

Configure Nfsen

Then We have to add this device in nfsen.conf:

%sources = (
‘Router’ => { ‘port’ => ‘9567’, ‘col’ => ‘#0000ff’, ‘type’ => ‘netflow’}

Afther this we have to reconfig nfsen:

/usr/nfsen/bin/nfsen reconfig

Now, I have started to configure OSSEC and Snort modules. When I have a good results I will post another howto with this modules.

Provisioning Linksys SPA922

When I started in the world of Asterisk, one of the important things to deploy a VoIP network is the segmentation of the network VLANs to separate voice and data. When I started two years ago, only knew two options:

– Use different network but this implies duplicate the number of the switches (much money and in my opinion unprofessional).
– Use VLAN’s to separate the networks. This option is better although requires much administrative work whenever there is change a site computer or telephone.

I was investigating the way this is done automatically and it seems that something went.

Here I leave an example implementation.

In this scenario We are going to configure a system to provisioning Linksys Phones (SPA922). Firts We have to configure our network LAN with 2 vlans (or more) to separate the data and voice network. We have used Cisco Switches (Catalyst 2960 and 3750).


The IP range ov Vlans are this:

Vlan 1 -> data network ->
Vlan 2 -> voice network ->

We need to have two DHCP servers, one in each vlan. In the vlan 1 we have configured one DHCP server (Windows 2003 Server) which will be the principal DHCP server. This is the configuration:

003 Router
006 DNS Servers
015 DNS Domain Name testing.lan.com
044 WINS/NBNS Servers
046 WINS/NBNS Node Type 0x8
066 Boot Server Host Name (TFTP Server)

In the other Vlan (voIP), we have Asterisk server with DHCP server and TFTP Server. These are the configs:

apt-get install dhcpd

/etc/dhcp3# vim dhcpd.conf

subnet netmask
option domain-name-servers;
option routers;
option subnet-mask;
option broadcast-address;
option tftp-server-name "";
default-lease-time 600;
max-lease-time 7200;


apt-get install atftpd

/etc/default# vim atftpd

OPTIONS="--daemon --port 69 --tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr --mcast-ttl 1 --maxthread 100 --verbose=5 /tftpboot"

The tftp server configuration file indicates that the config are int tftpboot directory where we have configured the general config file for all phones and the especific config files to the phones too.

/etc/tftpboot# vim spa922.cfg


<Profile_Rule ua="na">/spa922-MAC/spa922-$MA.cfg</Profile_Rule>

<!-- SYSTEM -->
<Primary_NTP_Server ua="na"></Primary_NTP_Server>
<Time_Zone ua="na">GMT+01:00</Time_Zone>

<!-- TIMERS -->
<Interdigit_Long_Timer ua="na">25</Interdigit_Long_Timer>

<!-- SIP -->

<Use_Auth_ID_1_ ua="na">No</Use_Auth_ID_1_>

<Dial_Plan_1_ ua="na">([1345]xxxS0|6xxxxxxxxS0|9xxxxxxxxS0|xx.)</Dial_Plan_1_>
<Enable_IP_Dialing_1_ ua="na">No</Enable_IP_Dialing_1_>

<Enable_VLAN ua="rw"> yes </Enable_VLAN>
<VLAN_ID ua="rw"> 2 </VLAN_ID>


Network Link Redundancy

Folow these steps to create a Link redundancy in a server with two ethernet cards in Debian 4.0Etch.

– 1. apt-get install ifenslave (ifenslave-2.6)

– 2. Create a file called aliases-bond in /etc/modprobe.d/ with the next content:

|alias bond0 bonding|

|options bond0 mode=1 arp_internal=2000 arp_ip_target=”the gateway”|

– 3. load bonding with this command -> modprobe bonding

– 4. add “bonding” to /etc/modules

– 5. Edit /etc/network/interfaces

|auto bond0|

|iface bond0 inet static|

|pre-up modprobe bond0|

|hwaddress ether “the mac address of one of the ethernet card”|

|address “ip address”|

|netmask “subnet mask”|

|gateway “gateway”|

|dns-nameservers X.X.X.X  X.X.X.X|
|up ifenslave bond0 eth0 eth1|

|down ifenslave -d bond0 eth0 eth1|

It Works!!


Debian “Etch” + Asterisk + Asterisk-Addons + Zaptel + Libpri + mISDN + Asterisk-GUI

This Howto is to install Asterisk on a fresh Debian “Etch” system.
After download a netinstall image of Debian 4.0r1 and configure localization, language, partitions and so on, in the final steps, debian should now be asking you what packages you want installed.

Choose base system only.

After finish installation and first reboot, login with root and:

aptitude update
aptitude upgrade


aptitude install ssh ntp

From here, the next steps were done from a ssh session with putty client.

Compiling New Custom Kernel *** Optional ***

aptitude install kernel-package libncurses5-dev fakeroot wget bzip2 build-essential

cd /usr/src

wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-

tar xjf linux-2.6.*

ln -s /usr/src/linux- /usr/src/linux

cd /usr/src/linux

Copy the current kernel configuration to /usr/src/linux

make clean && make mrproper

cp /boot/config-`uname -r` ./.config

make menuconfig

In the configuration menu, we select “Load alternate configuration…” and choose the config file that we have copy in the /usr/src/linux directory. /usr/src/linux/.config

We are going to modify some parameters in the kernel configuration:

In the subsection “Processor type and features” we check:

“Enable IRQ balancing” is disabled
“Timer frequency” change the value 250 Hz by 1000 Hz.
“High Resolution Timer Option” and “HPET Timer Support” as built-in.
For users with NVidia SATA drives unchek “Paravirtualization Support”.

And under “Library Routines” subsection, “CONFIG_CRC_CCITT” must be enabled.

When we had made this changes we save the configuration and exit.

Building the new .deb kernel and headers packages :

make-kpkg clean
fakeroot make-kpkg –initrd –append-to-version=-custom kernel_image kernel_headers

After the compilation will be two .deb packages under directory /usr/src/

Install the new packages.

cd /usr/src
dpkg -i linux-image-
dpkg -i linux-headers-


Test the new kernel is loaded.

uname -a

The output must be something similar to “Linux asterisk

*** Finish *** Optional *** Compiling Custom Kernel

Go for dependencies…

aptitude install build-essential libcurl3-dev libvorbis-dev libspeex-dev unixodbc unixodbc-dev libiksemel-dev flex xsltproc

aptitude install linux-headers-`uname -r` g++ libncurses5-dev libnewt-dev libusb-dev subversion git-core

Downloading and untarring…

cd /usr/src

wget http://downloads.digium.com/pub/asterisk/asterisk-1.4-current.tar.gz
wget http://downloads.digium.com/pub/zaptel/zaptel-1.4-current.tar.gz
wget http://downloads.digium.com/pub/libpri/libpri-1.4-current.tar.gz
wget http://www.misdn.org/downloads/mISDN.tar.gz
wget http://www.misdn.org/downloads/mISDNuser.tar.gz
wget http://downloads.digium.com/pub/asterisk/releases/asterisk-addons-1.4.5.tar.gz

tar xvzf asterisk-1.4-current.tar.gz && tar xvzf zaptel-1.4-current.tar.gz && tar xvzf libpri-1.4-current.tar.gz && tar xvzf mISDN.tar.gz && tar xvzf mISDNuser.tar.gz && tar xvzf asterisk-addons-1.4.5.tar.gz

Installing Zaptel

cd /usr/src/zaptel-1.4*
./install_prereq test
./install_prereq install

make install
make config
modprobe ztdummy

Installing Libpri

cd /usr/src/libpri-1.4*
make && make install

Installing mISDN

Note: The current version (1.1.7) not compile with the last kernel ( The ( is tested that works.

cd /usr/src/mISDN
make install
cd /usr/src/mISDNuser/
make && make install


mISDN scan
mISDN config

This creates the file /etc/mISDN.conf which you should review and/or edit.

vi /etc/mISDN.conf

If everything looks good, going to start mISDN

mISDN start

and check everything is right,


Running on startup…

/usr/sbin/update-rc.d mISDN defaults 15 30

Installing Asterisk

cd /usr/src/asterisk-1.4*

The next step is not mandatory. For install core and extra sounds in different languages:

make menuselect

select the core-sounds you would like to play and extra sounds. Exit with “x” to save.

make install
make samples
make config
asterisk -vvvc
stop now
echo “ztdummy” >> /etc/modules

Note: If you make a mistake and/or fail compilation, you need to run:

make clean then ./configure and make install again.

Going to reboot for test the system startup is correct.


asterisk -r

Install Asterisk-Addons

cd /usr/src/asterisk-addons*

./configure && make && make install

make samples

Install Asterisk-GUI

If you have asterisk config files (no new install), backup it…

cp -r /etc/asterisk /etc/asterisk.bak

Download and install Asterisk-GUI

cd /usr/src
svn checkout http://svn.digium.com/svn/asterisk-gui/trunk asterisk-gui
cd /usr/src/asterisk-gui
./configure && make && make install
make samples

Some tweaks to configuration files…

cat << EOF >/etc/asterisk/http.conf

cat << EOF >/etc/asterisk/manager.conf
displaysystemname = yes
enabled = yes
webenabled = yes
port = 5038
;httptimeout = 60
bindaddr =

secret = admin
read = system,call,log,verbose,command,agent,config
write = system,call,log,verbose,command,agent,config

Checking configuration…

make checkconfig

asterisk -r

Try, configure and enjoy your new system… with admin/admin login or your setup config…


%d bloggers like this: