Saturday, October 17, 2009

MySQL Change root Password

Setting up mysql password is one of the essential tasks. By default root user is MySQL admin account. Please note that the Linux / UNIX login root account for your operating system and MySQL root are different. They are separate and nothing to do with each other (indeed some admin removes root account and setup admin as mysql super user)

mysqladmin command to change root password

If you have never set a root password for MySQL, the server does not require a password at all for connecting as root. To setup root password for first time, use mysqladmin command at shell prompt as follows:

$ mysqladmin -u root password NEWPASSWORD

However, if you want to change (or update) a root password, then you need to use following command

$ mysqladmin -u root -p'oldpassword' password newpass

For example, If old password is abc, and set new password to 123456, enter:

$ mysqladmin -u root -p'abc' password '123456'

Change MySQL password for other user

To change a normal user password you need to type (let us assume you would like to change password for vivek):

$ mysqladmin -u vivek -p oldpassword password newpass

Changing MySQL root user password using MySQL sql command

This is another method. MySQL stores username and passwords in user table inside MySQL database. You can directly update password using the following method to update or change password for user vivek:

1) Login to mysql server, type following command at shell prompt:

$ mysql -u root -p

2) Use mysql database (type command at mysql> prompt):

mysql> use mysql;

3) Change password for user dip

mysql> update user set password=PASSWORD("NEWPASSWORD") where User='dip';

4) Reload privileges:

mysql> flush privileges;
mysql> quit

This method you need to use while using PHP or Perl scripting.

Install and Configure phpMyAdmin on Ubuntu LAMP

PhpMyAdmin is a nice database management and administration tool, it is easy to install it, but some people are having problems making it work under apache, that’s because it needs configuration. I presume you already have LAMP installed and configured on your machine, if not, please read this post – Install and Configure LAMP on Ubuntu first.

Just in case you haven’t installed phpMyAdmin yet, type the following line in the Terminal:
apt-get install phpmyadmin

To set up under Apache all you need to do is include the following line in /etc/apache2/apache2.conf, first type the following command to open up this file:
nano /etc/apache2/apache2.conf

Add the following line of code inside apache2.conf:
Include /etc/phpmyadmin/apache.conf

Now restart Apache:
sudo /etc/init.d/apache2 restart

Point your browser to: http://domain/phpmyadmin, you should be able to see the phpMyAdmin landing page now!

Tuesday, October 13, 2009

New Threat to Voip Industry - SPIT

VoIP Spam Is Called SPIT

As if an inbox jam-packed with email ads for organ-enlargement and weight-loss products was not bad enough, now VoIP users can look forward to becoming a brand-new target. Slowly but surely, spammers are adding SPIT (SPam over Internet Telephony) to their bags of tricks. Warned Terrence Brewton, a Frost & Sullivan market analyst, “SPIT is an evolving threat that will come on par with the prevalence of spam, all because of the VoIP products we’re now seeing in homes and the commercial marketplace.”

More than simply an annoyance, SPIT’s real-time impact on a network “ ... creates business risks because it opens up companies to denial-of-service attacks like any other IP-based system,” said Brewton. What’s more, SPIT can consume bandwidth, thereby diminishing call quality and reducing employee productivity.

While it’s true that SPIT is still quite rare, VoIP’s growing popularity is certain to make its presence more widespread. Fortunately, there are steps that companies can take to combat SPIT.

Filtering: According to Brewton, “The best course of action for any IT manager who is trying to protect his VoIP system is to buy filtering technology and keep up with patch management.” But while VoIP providers can help filter out obvious SPIT before it traverses a network, there is always a risk of false positives — legitimate traffic or large-scale message transmissions that are accidentally flagged as SPIT and prevented from reaching employees.

Firewalls: A VoIP firewall is an application driven by a security policy that defines whether to allow or deny certain calls. Administrators set policies through GUIs similar to those found in traditional data firewalls. A first line of defense against numerous threats, this technology detects and blocks VoIP DoS (denial-of-service) attacks, SIP attacks, toll fraud, virus infections and SPIT.

VoIP SEAL: NEC Corp.’s VoIP SEAL is a new tool that targets calls originating from spam-generating software and ill-intentioned humans. SPIT is detected and blocked based on communication patterns observed during the call. If a spam-related call comes in, VoIP SEAL will prevent the phone from ringing.

Voice Recognition: Microsoft has developed V-Priorities, a system for automatically screening phone calls. The technology works by analyzing characteristics of a caller's voice and word usage to figure out how urgent a call is and whether the caller is a friend, a family member, a colleague or a stranger.

Although the aforementioned security options are effective SPIT countermeasures, they also present drawbacks. “Any time you try to run any type of packet through any kind of filter, it’s going to slow down network processes. That’s because VoIP is a very sensitive piece of technology,” said Brewton. Such latency issues can lead to reduced quality of service and customer frustration.

Nor is there a panacea for SPIT. Even the brightest and best-prepared IT managers can be a step behind hackers. Said Brewton, “Everything changes at the speed of light on the Internet. Spammers are changing their tactics constantly because they’re trying to make money like anybody else. So by the time you’ve figured out what they’re doing, they’ve gone on to the next attack. That’s the one thing people really have to remember about security; we’re always fighting yesterday’s attack.”

Further complicating matters is the fact that the savings accrued through a VoIP network can be somewhat offset by having to invest in the appropriate security technologies. In the end, said Brewton, companies need to weigh what they stand to gain — and possibly lose to SPIT — by deploying a VoIP network. “With any technology,” said Brewton, “you really need to take pause and ask yourself, ‘Do I really need to deploy this? Is this going to be cost-effective? What is going to be my total cost of ownership for purchasing such a new technology?’” is dealing in Anti SPIT solutions to tackle this