Monday, September 30, 2013

Step By Step guide for Vicidial scratch installation with asterisk 1.8 or Asterisk 1.4 on Centos 5.X

Vicidial Scratch Installation  with Asterisk 1.8 or asterisk 1.4 & Lastet Dahdi Libpri  in Centos 5.X


........................................................................................................
Steps Involved

........................................................................................................
1. Centos 5.9 installation in Linux text mode
2. Dependicies installation for vicidial asterisk
3. asterisk , Dahdi ,libpri installation
4. vicidial installation
5. Final touch

........................................................................................................
Step 1 : Centos 5.9 installation in Linux text mode
Centos 5.9 iso download link 
1.full DVD direct download link centos5.9iso
2.nestinstall iso download link centos5.9isonetinstall
3.full DVD torrent download link centos5.9isotorrent

you can use any one of the above download link 

Check this link to install centos in linux text mode for vicidial installation link
For netinstall step check this link

Step 2 : Dependicies Installations for vicidial & asterisk
--> ssh the server using software putty from a pc

........................................................................................................
Update the Os
........................................................................................................
yum -y update
reboot
........................................................................................................
Dependicises
........................................................................................................
Install the Following software

yum install gcc gcc-c++ php php-devel php-gd gd-devel php-mbstring php-mcrypt php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel httpd libpcap libpcap-devel ncurses ncurses-devel screen sox mysql-server mysql-devel ntp kernel-devel mutt

........................................................................................................
Settingup Mysql
........................................................................................................
mysql_install_db
/etc/init.d/mysqld start

........................................................................................................
CPAN modules installation

........................................................................................................
perl -MCPAN -e shell
You will then go through CPAN setup, just hit ENTER for most prompts except
for the mirrors list, you will want to select at least 4 mirrors
  • yes for manual configuration
  • enter for the next 18 prompts
  • for the "make install" option, it's a good idea to add UNINST=1
  • enter for the next 4 prompts
  • select your continent and country
  • select a few cpan mirrors
  • enter for the next 2 prompts
Once you see the cpan> prompt you can begin installing modules.
####################

   - install MD5
   - install Digest::MD5
   - install Digest::SHA1
   - install readline           (just hit Enter when it asks for operator)
   - install Bundle::CPAN
   - reload cpan
   - install Pod::Usage
   - install Getopt::Long

   - install DBI
   - force install DBD::mysql
   - install Net::Telnet
   - install Time::HiRes
   - install Net::Server
   - install Mail::Sendmail
   - install Unicode::Map 
   - install Jcode
   - install Spreadsheet::WriteExcel
   - install OLE::Storage_Lite
   - install Proc::ProcessTable
   - install IO::Scalar
   - force install Scalar::Util
   - install Spreadsheet::ParseExcel
   - install Archive::Zip
   - install Compress::Raw::Zlib
   - install Spreadsheet::XLSX
   - install Test::Tester
   - install Spreadsheet::ReadSXC
   - install Text::CSV
   - install Test::NoWarnings
   - install Text::CSV_PP
   - install File::Temp
   - install Text::CSV_XS
   - install Spreadsheet::Read
   - install LWP::UserAgent
   - install HTML::Entities
   - install HTML::Strip
   - install HTML::FormatText
   - install HTML::TreeBuilder
   - install Switch
   - install Time::Local
   - install MIME::Decoder
   - install Mail::POP3Client
   - install Mail::IMAPClient
   - install Mail::Message
   - install IO::Socket::SSL
quit
........................................................................................................
Installing the Asterisk-Perl module
........................................................................................................
cd /usr/src
wget http://download.vicidial.com/required-apps/asterisk-perl-0.08.tar.gz
tar -xvzf asterisk-perl-0.08.tar.gz
cd asterisk-perl-0.08
perl Makefile.PL
make all
make install
........................................................................................................
Addinitonal Softwares (Lame,ttyload,mtop,sipsak,eaccelerator....)
........................................................................................................
download all to usr/src directory
cd /usr/src
wget http://downloads.sourceforge.net/project/lame/lame/3.98.2/lame-398-2.tar.gz
wget http://download.vicidial.com/required-apps/ttyload-0.5.tar.gz
wget http://www.ex-parrot.com/~pdw/iftop/download/iftop-0.17.tar.gz
wget http://download.vicidial.com/required-apps/mtop-0.6.6.tar.gz
wget http://jeremy.zawodny.com/mysql/mytop/mytop-1.6.tar.gz
wget http://download.vicidial.com/required-apps/sipsak-0.9.6-1.tar.gz
wget http://download.vicidial.com/required-apps/pl241src.tar.gz
wget http://download.vicidial.com/required-apps/eaccelerator-0.9.5.3.tar.bz2

Untar All
cd /usr/src
tar -xvzf lame-398-2.tar.gz
tar -xvzf ttyload-0.5.tar.gz
tar -xvzf iftop-0.17.tar.gz
tar -xvzf mtop-0.6.6.tar.gz
tar -xvzf mytop-1.6.tar.gz
tar -xvzf sipsak-0.9.6-1.tar.gz
tar -xvzf pl241src.tar.gz
tar -xvjf eaccelerator-0.9.5.3.tar.bz2
Install the softwares
cd /usr/src/lame-398-2
./configure
make
make install

 cd /usr/src/ttyload-0.5
make
make install

 cd /usr/src/iftop-0.17
./configure
make
make install

 cd /usr/src/mtop-0.6.6
perl Makefile.PL
make
make install

cd /usr/src/mytop-1.6
perl Makefile.PL
make
make install

 cd /usr/src/sipsak-0.9.6-1
./configure
make
make install

 cd /usr/src/pl241src/src
make 
make install
mkdir -p /var/www/html/vicidial/ploticus/
cp pl /var/www/html/vicidial/ploticus/

 cd /usr/src/eaccelerator-0.9.5.3

export PHP_PREFIX="/usr"
$PHP_PREFIX/bin/phpize
./configure --enable-eaccelerator=shared --with-php-config=$PHP_PREFIX/bin/php-config
make
make install
........................................................................................................
PHP Settings
........................................................................................................
vi /etc/php.ini
search for below words and change (hint press / and type the word to search and press n to next
error_reporting  =  E_ALL & ~E_NOTICE
memory_limit = 48M
short_open_tag = On
max_execution_time = 330
max_input_time = 360
post_max_size = 48M
upload_max_filesize = 42M
default_socket_timeout = 360
save and exit

vi /etc/php.ini
search for the line 

;;;;;;;;;;;;;;;;;;;;;;

; Dynamic Extensions ;

;;;;;;;;;;;;;;;;;;;;;;


and add the below setting under the Dynamic Extensions

;;;;;;;;;;;;;;;;;;;;;;

; Dynamic Extensions ;

;;;;;;;;;;;;;;;;;;;;;;
zend_extension="/usr/lib/php/modules/eaccelerator.so"
eaccelerator.shm_size="48"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
........................................................................................................
Eaccelerator setting
........................................................................................................
mkdir /tmp/eaccelerator
chmod 0777 /tmp/eaccelerator

........................................................................................................
settings up web config for vicidial
........................................................................................................
vi /etc/httpd/conf/httpd.conf
change

CustomLog logs/access_log common
to
CustomLog /dev/null common


To enable web browsing of Recordings on Asterisk server, add this at last line:


Alias /RECORDINGS/ "/var/spool/asterisk/monitorDONE/"

<Directory "/var/spool/asterisk/monitorDONE">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
        <files *.mp3>
            Forcetype application/forcedownload
        </files>
</Directory>

save and exit

 run
/etc/init.d/httpd restart

........................................................................................................
Step 3: Asterisk , Dahdi & Libpri installation

........................................................................................................
mkdir /usr/src/asterisk
cd /usr/src/asterisk
**Note asterisk 1.8 or asterisk 1.4 the installation is same. so decide which once you want and download the source file
** Asterisk 1.4 tested and supported by vicidial
** Asterisk 1.8 for vicidial  is still in Beta , use under your own risk
For asterisk 1.8
wget http://downloads.vicidial.com/beta-apps/asterisk-1.8.21.0-vici-beta.tar.gz
For asterisk 1.4
wget http://downloads.vicidial.com/required-apps/asterisk-1.4.39.1-vici.tar.gz

Dahdi & Libpri
wget http://downloads.digium.com/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/libpri/libpri-1.4-current.tar.gz

untar and installation
tar -xvzf asterisk-1.8.21.0-vici-beta
tar -xvzf dahdi-linux-complete-current
tar -xvzf libpri-1.4-current.tar.gz

LibPri installation
cd /usr/src/asterisk
cd cd libpri-1.4.14
make clean
make
make install

Dahdi Installation
cd /usr/src/asterisk/
cd dahdi-linux-complete-2.6.2+2.6.2/       --> as of apr2013 my current dahdi version is 2.6.2
make all
make install
make config

Asterisk Installation
** follow same for asterisk 1.4
cd /usr/src/asterisk-1.8.21.0-vici-beta
./configure
make clean
make
make install
make samples
........................................................................................................

Enabling the asterisk to start at startup


........................................................................................................
cp /usr/src/asterisk/asterisk-1.8.21.0-vici-beta/contrib/init.d/rc.redhat.asterisk /etc/init.d/asterisk
chkconfig --add asterisk
........................................................................................................
Installing Sound files
........................................................................................................
downloading the sound files
cd /usr/src
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-en-ulaw-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-en-wav-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-core-sounds-en-gsm-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-ulaw-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-wav-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-extra-sounds-en-gsm-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-moh-opsound-gsm-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-moh-opsound-ulaw-current.tar.gz
wget http://downloads.asterisk.org/pub/telephony/sounds/asterisk-moh-opsound-wav-current.tar.gz

 Setting the sounds in place
cd /var/lib/asterisk/sounds
tar -zxf /usr/src/asterisk-core-sounds-en-gsm-current.tar.gz
tar -zxf /usr/src/asterisk-core-sounds-en-ulaw-current.tar.gz
tar -zxf /usr/src/asterisk-core-sounds-en-wav-current.tar.gz
tar -zxf /usr/src/asterisk-extra-sounds-en-gsm-current.tar.gz
tar -zxf /usr/src/asterisk-extra-sounds-en-ulaw-current.tar.gz
tar -zxf /usr/src/asterisk-extra-sounds-en-wav-current.tar.gz

mkdir /var/lib/asterisk/mohmp3
mkdir /var/lib/asterisk/quiet-mp3
mkdir /var/lib/asterisk/default
cd /var/lib/asterisk
ln -s mohmp3 default
ln -s moh mohmp3
cd mohmp3
tar -zxf /usr/src/asterisk-moh-opsound-gsm-current.tar.gz
tar -zxf /usr/src/asterisk-moh-opsound-ulaw-current.tar.gz
tar -zxf /usr/src/asterisk-moh-opsound-wav-current.tar.gz
rm -rf CHANGES*
rm -rf LICENSE*
rm -rf CREDITS*
cd /var/lib/asterisk/moh
rm -rf CHANGES*
rm -rf LICENSE*
rm -rf CREDITS*
cd /var/lib/asterisk/sounds
rm -rf CHANGES*
rm -rf LICENSE*
rm -rf CREDITS*
cd /var/lib/asterisk/quiet-mp3

sox ../mohmp3/macroform-cold_day.wav macroform-cold_day.wav vol 0.25
sox ../mohmp3/macroform-cold_day.gsm macroform-cold_day.gsm vol 0.25
sox -t ul -r 8000 -c 1 ../mohmp3/macroform-cold_day.ulaw -t ul macroform-cold_day.ulaw vol 0.25
sox ../mohmp3/macroform-robot_dity.wav macroform-robot_dity.wav vol 0.25
sox ../mohmp3/macroform-robot_dity.gsm macroform-robot_dity.gsm vol 0.25
sox -t ul -r 8000 -c 1 ../mohmp3/macroform-robot_dity.ulaw -t ul macroform-robot_dity.ulaw vol 0.25
sox ../mohmp3/macroform-the_simplicity.wav macroform-the_simplicity.wav vol 0.25
sox ../mohmp3/macroform-the_simplicity.gsm macroform-the_simplicity.gsm vol 0.25
sox -t ul -r 8000 -c 1 ../mohmp3/macroform-the_simplicity.ulaw -t ul macroform-the_simplicity.ulaw vol 0.25
sox ../mohmp3/reno_project-system.wav reno_project-system.wav vol 0.25
sox ../mohmp3/reno_project-system.gsm reno_project-system.gsm vol 0.25
sox -t ul -r 8000 -c 1 ../mohmp3/reno_project-system.ulaw -t ul reno_project-system.ulaw vol 0.25
sox ../mohmp3/manolo_camp-morning_coffee.wav manolo_camp-morning_coffee.wav vol 0.25
sox ../mohmp3/manolo_camp-morning_coffee.gsm manolo_camp-morning_coffee.gsm vol 0.25
sox -t ul -r 8000 -c 1 ../mohmp3/manolo_camp-morning_coffee.ulaw -t ul manolo_camp-morning_coffee.ulaw vol 0.25
........................................................................................................
Installing the Latest Vicidial  ie SVN
........................................................................................................
yum -y install subversion
cd /usr/src
mkdir astguiclient
cd astguiclient

svn checkout svn://svn.eflo.net:3690/agc_2-X/trunk
cd trunk
perl install.pl
**when promots jsut press enter except for below three ptions*
server webroot path or press enter for default[/srv/htdocs]:/var/www/html
Enter asterisk version or press enter for default: [1.4]1.8
Copy sample configuration files to /etc/asterisk/ ? [n]y
........................................................................................................

Creating Vicidial Database
........................................................................................................
 mysql -p   -- if password not set then press enter
CREATE DATABASE `asterisk` DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;
GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO cron@'%' IDENTIFIED BY '1234';
GRANT SELECT,INSERT,UPDATE,DELETE,LOCK TABLES on asterisk.* TO cron@localhost IDENTIFIED BY '1234';
GRANT RELOAD ON *.* TO cron@'%';mysql>GRANT RELOAD ON *.* TO cron@localhost;
flush privileges;
SET GLOBAL connect_timeout=60;mysql>use asterisk;
\. /usr/src/astguiclient/trunk/extras/MySQL_AST_CREATE_tables.sql
\. /usr/src/astguiclient/trunk/extras/first_server_install.sql
\. /usr/src/astguiclient/trunk/extras/sip-iax_phones.sql
quit
........................................................................................................
updating the area codes 
........................................................................................................
run the below command at linux terminal as root user
/usr/share/astguiclient/ADMIN_area_code_populate.pl
........................................................................................................
Entering the startup scripts and services in rc.local
........................................................................................................
open the rc.local and paste the below entries
vi /etc/rc.d/rc.local
copy and paste the below details in rc.local
### sybsys local login
touch /var/lock/subsys/local

# OPTIONAL enable ip_relay(for same-machine trunking and blind monitoring)
# /usr/share/astguiclient/ip_relay/relay_control start  2>/dev/null 1>&2

# Disable console blanking and powersaving
/usr/bin/setterm -blank
/usr/bin/setterm -powersave off
/usr/bin/setterm -powerdown

### start up the MySQL server
/etc/init.d/mysqld start

### start up the apache web server
/etc/init.d/httpd start

### roll the Asterisk logs upon reboot
/usr/share/astguiclient/ADMIN_restart_roll_logs.pl

### clear the server-related records from the database
/usr/share/astguiclient/AST_reset_mysql_vars.pl

### load zaptel drivers
modprobe dahdi
modprobe dahdi_dummy
/usr/sbin/dahdi_cfg -vvvvvvvvvvvv

### sleep for 20 seconds before launching Asterisk
sleep 20

### start up asterisk
/usr/share/astguiclient/start_asterisk_boot.pl


save and exit

........................................................................................................
Cron jos entries

........................................................................................................
crontat -e

 copy and paste the below entries and save and exit
for the latest vicidial cron jobs refer docs folder under downloaded vicidial source fi

### recording mixing/compressing/ftping scripts
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl
0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_mix.pl --MIX
#0,3,6,9,12,15,18,21,24,27,30,33,36,39,42,45,48,51,54,57 * * * * /usr/share/astguiclient/AST_CRON_audio_1_move_VDonly.pl
1,4,7,10,13,16,19,22,25,28,31,34,37,40,43,46,49,52,55,58 * * * * /usr/share/astguiclient/AST_CRON_audio_2_compress.pl --MP3
#2,5,8,11,14,17,20,23,26,29,32,35,38,41,44,47,50,53,56,59 * * * * /usr/share/astguiclient/AST_CRON_audio_3_ftp.pl --MP3

### keepalive script for astguiclient processes
* * * * * /usr/share/astguiclient/ADMIN_keepalive_ALL.pl

### kill Hangup script for Asterisk updaters
* * * * * /usr/share/astguiclient/AST_manager_kill_hung_congested.pl

### updater for voicemail
* * * * * /usr/share/astguiclient/AST_vm_update.pl

### updater for conference validator
* * * * * /usr/share/astguiclient/AST_conf_update.pl

### flush queue DB table every hour for entries older than 1 hour
11 * * * * /usr/share/astguiclient/AST_flush_DBqueue.pl -q

### fix the vicidial_agent_log once every hour and the full day run at night
33 * * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl
50 0 * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl --last-24hours
## uncomment below if using QueueMetrics
#*/5 * * * * /usr/share/astguiclient/AST_cleanup_agent_log.pl --only-qm-live-call-check

## uncomment below if using Vtiger
#1 1 * * * /usr/share/astguiclient/Vtiger_optimize_all_tables.pl --quiet

### updater for VICIDIAL hopper
* * * * * /usr/share/astguiclient/AST_VDhopper.pl -q

### adjust the GMT offset for the leads in the vicidial_list table
1 1,7 * * * /usr/share/astguiclient/ADMIN_adjust_GMTnow_on_leads.pl --debug

### reset several temporary-info tables in the database
2 1 * * * /usr/share/astguiclient/AST_reset_mysql_vars.pl

### optimize the database tables within the asterisk database
3 1 * * * /usr/share/astguiclient/AST_DB_optimize.pl

## adjust time on the server with ntp
30 * * * * /usr/sbin/ntpdate -u pool.ntp.org 2>/dev/null 1>&2

### VICIDIAL agent time log weekly and daily summary report generation
2 0 * * 0 /usr/share/astguiclient/AST_agent_week.pl
22 0 * * * /usr/share/astguiclient/AST_agent_day.pl

### VICIDIAL campaign export scripts (OPTIONAL)
#32 0 * * * /usr/share/astguiclient/AST_VDsales_export.pl
#42 0 * * * /usr/share/astguiclient/AST_sourceID_summary_export.pl

### remove old recordings more than 7 days old
#24 0 * * * /usr/bin/find /var/spool/asterisk/monitorDONE -maxdepth 2 -type f -mtime +7 -print | xargs rm -f

### roll logs monthly on high-volume dialing systems
#30 1 1 * * /usr/share/astguiclient/ADMIN_archive_log_tables.pl

### remove old vicidial logs and asterisk logs more than 2 days old
28 0 * * * /usr/bin/find /var/log/astguiclient -maxdepth 1 -type f -mtime +2 -print | xargs rm -f
29 0 * * * /usr/bin/find /var/log/asterisk -maxdepth 3 -type f -mtime +2 -print | xargs rm -f
30 0 * * * /usr/bin/find / -maxdepth 1 -name "screenlog.0*" -mtime +4 -print | xargs rm -f
........................................................................................................
Final Touch
........................................................................................................

by default the vicidial db comes with ip 10.10.10.15, run the below command to update to your current server ip and just press enter
/usr/share/astguiclient/ADMIN_update_server_ip.pl --old-server_ip=10.10.10.15

........................................................................................................
updating the music on hold configuration to work with asterisk
.......................................................................................................
vi /etc/asterisk/musiconhold.conf
change the below settings
[old-default]
(to)
[default]
(and)
[old-quiet]
(to)
[quiet]
.......................................................................................................
Intallation completed  give reboot to update the settings
reboot
.......................................................................................................
Once server up  run the below command to make sure the vicidial installation is perfect.
screen -list

 If the installation is done without any error you should get 9 sockets as shown below (if you enable email queue you should get 10 socket , email queue is not covered in this doc check the doc folder for more)

There are screens on:
    4090.asterisk   (Detached)
    4077.ASTfastlog (Detached)
    8325.ASTsend    (Detached)
    8322.ASTupdate  (Detached)
    4004.astshell20110228193500     (Detached)
    8334.ASTVDremote        (Detached)
    8328.ASTlisten  (Detached)
    12192.ASTVDadapt        (Detached)
    8331.ASTVDauto  (Detached)
    9 Sockets in /var/run/screen/S-root.
.......................................................................................................
Trouble shoot
.......................................................................................................
If the 9 screens are not running as shown above check the logs for the issues
tail -f -n 50 /var/log/asterisk/messages
tail -f -n 50 /var/log/messages
more /var/log/dmesg
tail -f -n 40 /etc/httpd/logs/error_log
tail -f -n 40 /var/log/maillog
tail -f -n 40 /var/log/cron
tail -f -n 40 /var/log/mysqld.log


Now its time to purchase the vicidial manager manual and Agent manual for Configuration and Administration
Link to purchase vicidial manual LINK
.......................................................................................................
The above guide is based on the below documents and links
.......................................................................................................
http://downloads.vicidial.com/vicidial/trunk/docs/SCRATCH_INSTALL.txt
http://ray-solomon.com/vicidial.html
http://download.vicidial.com/ubuntu/VICIdial_for_Dummies_20100331.pdf
Posted by at 3 comments:

Thursday, September 19, 2013

Recover MySQL root Password

You can recover MySQL database server password with following five easy steps.


Step # 1: Stop the MySQL server process.
Step # 2: Start the MySQL (mysqld) server/daemon process with the --skip-grant-tables option so that it will not prompt for password.
Step # 3: Connect to mysql server as the root user.
Step # 4: Setup new mysql root account password i.e. reset mysql password.
Step # 5: Exit and restart the MySQL server.
Here are commands you need to type for each step (login as the root user):

Step # 1 : Stop mysql service

# /etc/init.d/mysql stop
Output:
Stopping MySQL database server: mysqld.

Step # 2: Start to MySQL server w/o password:

# mysqld_safe --skip-grant-tables &
Output:
[1] 5988
Starting mysqld daemon with databases from /var/lib/mysql
mysqld_safe[6025]: started

Step # 3: Connect to mysql server using mysql client:

# mysql -u root
Output:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 4.1.15-Debian_1-log
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>

Step # 4: Setup new MySQL root user password

mysql> use mysql;
mysql> update user set password=PASSWORD("NEW-ROOT-PASSWORD") where User='root';
mysql> flush privileges;
mysql> quit

Step # 5: Stop MySQL Server:

# /etc/init.d/mysql stop
Output:
Stopping MySQL database server: mysqld
STOPPING server from pid file /var/run/mysqld/mysqld.pid
mysqld_safe[6186]: ended
[1]+  Done                    mysqld_safe --skip-grant-tables

Step # 6: Start MySQL server and test it

# /etc/init.d/mysql start
# mysql -u root -p
Posted by at No comments:

Saturday, August 17, 2013

Database Auto-Backup Script And Procedures



Database Auto-Backup Script And Procedures
STEP 1:
mkdir /var/www/html/backup

STEP 2: Edit the file below.
nano /root/dbbackup.sh

STEP 3: Install mutt. Mutt is a text-based mail client along the lines of Pine or Elm.
yum -y install mutt

STEP 4: Paste the script below.

#!/bin/bash
echo "Starting to backup database"
mysqldump --opt -uroot -ppassword asterisk > /var/www/html/backup/vicidial-db_`date '+%Y-%m-%d'`.sql
echo "backup done..."
echo "Please wait, Compressing backup file..."
gzip /var/www/html/backup/vicidial-db_`date '+%Y-%m-%d'`.sql
echo "gzip done..."
echo " -- sending mail"
echo | mutt -s "Mysql Backup Done" emailaddress
echo "DONE"

STEP 5:
Save and exit.

STEP 6:
chmod 755 /root/dbbackup.sh

STEP 7:
crontab -e

STEP 8: Copy and paste the script below at the lower part of crontab.

### Fixing and Optimizing Database
30 1 * * 0 /usr/bin/mysqlcheck -ucron -p1234 --auto-repair --check --optimize --all-databases

### Weekend Database Back-up after operation every Sunday 2PM
0 2 * * 0 /root/dbbackup.sh

### Delete Database backup
24 0 * * 0 /usr/bin/find /var/www/html/backup -maxdepth 1 -name "vicidial-db*.*" -mtime +30 -print | xargs rm -f

STEP 9:
Save and exit
Posted by at No comments:

e-mail alert for every root logins

e-mail alert for every root logins
get email for every root logins


1.cd /root
3. nano .bashrc
4. Scroll to the end of the file then add the following:
echo 'ALERT - Root Shell Access (YourserverName) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d"(" -f2 | cut -d")" -f1`"yourname@gmail.com

Replace gmail with the handle for your actual server
Replace you@yourdomain.com with your actual email address

5. CTRL+x Y

now log in as root u should get the email
to check the status of mail in the linux type mailq
tail -n 50 /var/log/maillog

Posted by at 1 comment:

Seven Steps to Better SIP Security with Asterisk



Seven Steps to Better SIP Security with Asterisk
In case any of you were wondering why there has been a fairly notable upswing in the attacks happening on SIP endpoints, the answer is “script kiddies.” In the last few months, a number of new tools have made it easy for knuckle-draggers to attack and defraud SIP endpoints, Asterisk-based systems included. There are easily-available tools that scan networks looking for SIP hosts, and then scan hosts looking for valid extensions, and then scan valid extensions looking for passwords. You can take steps, NOW, to eliminate many of these problems. I think the community is interested in coming up with an integrated Asterisk-based solution that is much wider in scope for dynamic protection (community-shared blacklists is the current thinking) but that doesn’t mean you should wait for some new tool to defend your systems. You can IMMEDIATELY take fairly common-sense measures to protect your Asterisk server from the bulk of the scans and attacks that are on the increase. The methods and tools for protection already exists – just apply them, and you’ll be able to sleep more soundly at night.


Seven Easy Steps to Better SIP Security on Asterisk:

1) Don’t accept SIP authentication requests from all IP addresses. Use the “permit=” and “deny=” lines in sip.conf to only allow a reasonable subset of IP addresess to reach each listed extension/user in your sip.conf file. Even if you accept inbound calls from “anywhere” (via [default]) don’t let those users reach authenticated elements!

2) Set “alwaysauthreject=yes” in your sip.conf file. This option has been around for a while (since 1.2?) but the default is “no”, which allows extension information leakage. Setting this to “yes” will reject bad authentication requests on valid usernames with the same rejection information as with invalid usernames, denying remote attackers the ability to detect existing extensions with brute-force guessing attacks.

3) Use STRONG passwords for SIP entities. This is probably the most important step you can take. Don’t just concatenate two words together and suffix it with “1″ – if you’ve seen how sophisticated the tools are that guess passwords, you’d understand that trivial obfuscation like that is a minor hinderance to a modern CPU. Use symbols, numbers, and a mix of upper and lowercase letters at least 12 digits long.

4) Block your AMI manager ports. Use “permit=” and “deny=” lines in manager.conf to reduce inbound connections to known hosts only. Use strong passwords here, again at least 12 characters with a complex mix of symbols, numbers, and letters.

5) Allow only one or two calls at a time per SIP entity, where possible. At the worst, limiting your exposure to toll fraud is a wise thing to do. This also limits your exposure when legitimate password holders on your system lose control of their passphrase – writing it on the bottom of the SIP phone, for instance, which I’ve seen.

6) Make your SIP usernames different than your extensions. While it is convenient to have extension “1234″ map to SIP entry “1234″ which is also SIP user “1234″, this is an easy target for attackers to guess SIP authentication names. Use the MAC address of the device, or some sort of combination of a common phrase + extension MD5 hash (example: from a shell prompt, try “md5 -s ThePassword5000″)

7) Ensure your [default] context is secure. Don’t allow unauthenticated callers to reach any contexts that allow toll calls. Permit only a limited number of active calls through your default context (use the “GROUP” function as a counter.) Prohibit unauthenticated calls entirely (if you don’t want them) by setting “allowguest=no” in the [general] part of sip.conf.


These 7 basics will protect most people, but there are certainly other steps you can take that are more complex and reactive. Here is a fail2ban recipe which might allow you to ban endpoints based on volume of requests. There is discussion on the asterisk-user and asterisk-dev mailing lists of incorporating this type of functionality into Asterisk – let’s hear your ideas!

In summary: basic security measures will protect you against the vast majority of SIP-based brute-force attacks. Most of the SIP attackers are fools with tools – they are opportunists who see an easy way to defraud people who have not considered the costs of insecure methods. Asterisk has some methods to prevent the most obvious attacks from succeeding at the network level, but the most effective method of protection are the administrative issues of password robustness and username obscurity.

To View Who has tried to Access the server through ssh try following...

grep -ir ssh /var/log/*
grep -ir breakin /var/log/*
grep -ir security /var/log/*
Posted by at No comments:
Subscribe to: Posts (Atom)