the problem is when I was trying to install guest additions, it turned out it failed to compiled the dkms kernel, i did the install of kernel-devel (which is the source code of the kernel) and gcc, the same failure was seen… so I went to see the log and it did not have make!

[root@localhost VBOXADDITIONS_4.0.4_70112]# yum install make
Loaded plugins: fastestmirror, refresh-packagekit
Loading mirror speeds from cached hostfile
* base: ftp.swin.edu.au
* extras: ftp.swin.edu.au
* updates: mirror.issp.co.th
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package make.i686 1:3.81-19.el6 set to be updated
–> Finished Dependency Resolution

Seriously….This is the first time I used a Linux that has no make installed…WTF.

Making symbolic link

[root@localhost kernels]# ln -s /usr/src/kernels/2.6.32-220.4.1.el6.i686/ /usr/src/linux
To install guest addition in CentOS this is necessary, because the source code of guest additional seemed to have pointed /usr/src/linux, CentOS stores its kernel source in /usr/src/kernels

To remove the sym link remove it using rm linux without the slash. The slash at the end is a directory, sym link is just a file pointing to the destination, deleting the sym link as directory also deletes everything in the destination directory!

http://pkgs.org/centos-6-rhel-6/centos-rhel-i386/grub-0.97-75.el6.i686.rpm.html gives insights on where the files are if the location is at its default states.

Here I will document how to install grub into MBR using chroot.

Mount the hard disk

you need a liveCD. After you have booted with the liveCD do the below, this example has three partitions.

/dev/sda1 / ext4

/dev/sda2 swap

/dev/sda3 /home ext4

mount /dev/sda1 /mnt/

mount /dev/sda3 /mnt/home/

Mount proc and bind the mounted hdd to /dev

mount -t proc none /mnt/proc

mount -o bind /dev /mnt/dev/

Change root from / to /mnt/

chroot /mnt /bin/bash

This will transfer from “/” to the root mounted on /mnt/, now you can execute bash commands on the mounted harddisk just like it is loaded on your system, whichever you changed will be updated and stored in the mounted hard disk.

Run GRUB

As from http://pkgs.org/centos-6-rhel-6/centos-rhel-i386/grub-0.97-75.el6.i686.rpm.html, the default path for grub is in /sbin/.

/sbin/grub

grub> prompt appears.

find /boot/grub/stage1, this step is optional, executing this command will output the partition where the vmlinuz and initrd files are located.

Since /dev/sda1 is the / directory, /root/ is under / as well as there are no additional partition for /root.

/dev/sdXY = hdX,Y, where X is the harddrive number and Y is the partition number for /dev/sda1 the equivalent is hence hd0,0. 0 is the first number of the harddisk and partition.

root (hd0,0)

setup (hd0)

quit

This installs the grub into MBR.

Kernel panic!

My system encountered kernel panic and stopped. This is because the previously backup grub.conf file points to UUID and the UUID does not exist.

My way of doing it is to remove the UUID and statically define the partition like this:

kernel /boot/vmlinuz-version root=/dev/sda1 ro

UUID is a dynamic way to figure out which partition is which, however it gives problem in my situation. So the kernel line in the grub.conf may look like this:

kernel /boot/vmlinuz-2.6.38-8-generic root=UUID=c2bb0352-8fa3-457a-8bcd-00a35a2783fc ro

To check your partitions’ UUID do this:

blkid

For my situation the UUIDs presented by blkid command were all different from UUIDs in /etc/fstab as well as in grub.conf.

Note that /boot/grub/menu.lst is a symbolic link of /boot/grub/grub.conf, changing grub.conf also changes menu.lst.

To Install GRUB2 to MBR using LiveCD

1. Use a LiveCD that has grub2 distribution, if do not have connect to the internet and download using apt or yum depending on your Linux distro, some distro does not have apt and yum.

2. Mount the harddrive to /mnt/. To specifically create a sub directory under /mnt/:

install -d /mnt/myhdd/

mount /dev/sda1 /mnt/myhdd/

/dev/sda1/ is an example, you should use fdisk -l command to observe your harddrive partition number. In this example /dev/sda1/ is the partition that contains the /boot/ directory and itself is also mounted on /.

3. Use grub-install to install the grub2 to /dev/sda/ MBR. You need root access.

grub-install –root-directory=/mnt/myhdd/ /dev/sda/

4. Reboot. You will see a grub prompt:

grub>

Lots of solution I have googled could not be used for my situation:

https://wiki.archlinux.org/index.php/GRUB

Commands presented in this post are not present in my grub. It is obvious that these commands are from grub legacy.

http://www.dedoimedo.com/computers/grub-2.html

This one looks the most promising, it contains great tutorials unfortunately my grub does not have the commands (particularly kernel command) the tutorial presented. Oh by the way I am using grub version 1.98.

https://help.ubuntu.com/community/Grub2

This tutorial is the saviour, it accurately documented the commands I need for my situation.

In the grub prompt, type:

set root=(hd0,1)

before doing this you should do ls command to see the available hd0.

hdX,Y where X is the number of the harddisk drive number and Y is the partition number. Partition number starts from 1 and not 0. So for my situation /dev/sda1 is hd0,1.

linux /boot/vmlinuz-<version>.i686 root=/dev/sda1 ro

This command tells grub where to load the kernel and which is the root partition, for my situation /dev/sda/ is /. The kernel is located in /boot/ directory.

initrd /boot/initrd-<version>.img 

For my situation the initrd image is stored in /boot/ directory.

Once ok I can issue boot command to boot the computer.

Summary:

set root=(hdX,Y)

linux /boot/vmlinuz /dev/sdXY/ ro

initrd /boot/initrd.img

boot

After everything is initialzed run update-grub command so that next time my system can boot, the above commands are temporary commands.

I found out that I can actually get various compiled Kernel from here http://kernel.ubuntu.com/~kernel-ppa/mainline/

Upgrade in ORDER

1. Install linux header that ends with all.deb:

sudo dpkg -i linux-headers-3.1.4-030104_3.1.4-030104.201111281851_all.deb

2. Install linux header that ends with amd64.deb:

sudo dpkg -i linux-headers-3.1.4-030104-generic_3.1.4-030104.201111281851_amd64.deb

3. Install linux image that ends with amd64.deb:

sudo dpkg -i linux-image-3.1.4-030104-generic_3.1.4-030104.201111281851_amd64.deb

4. Grub will be upgraded after linux image is installed. Reboot

Reference: http://forums.linuxmint.com/viewtopic.php?f=42&t=40185&sid=f703bccdd769f633301f4a31e06daf5e

I have googled for many solutions for hours:

1. http://samiux.blogspot.com/2011/05/howto-bug-fix-for-backtrack-5.html

This looked promising, but not working for my situation.

2. http://askubuntu.com/questions/37590/nvidia-drivers-not-working-after-upgrade-why-can-i-only-see-terminal

This looked promising as well, not working at all, there are errors in the syntax though.

3. http://ewangi.info/660/backtrack-5r1-first-hot-review-bugs-fixes/

After hours of finding with the correct keywords with google, this solution actually worked for my situation!

Blacklist

nano /etc/modprode.d/blacklist.conf

blacklist vga16fb

blacklist nouveau

blacklist nvidiafb

blacklist rivatv

blacklist rivafb

This blacklist configuration file is to prevent loading of the drivers especially nouveau, nouveau conflicts with nvidia.

Remove nvidia completely

apt-get remove –purge nvidia-*

This is to start clean. Then reboot.

Add ubuntu repository

add-apt-repository ppa:ubuntu-x-swat/x-updates

To use add-apt-repository you need to install python-software-properties

Install nvidia-current

apt-get update

apt-get install nvidia-current nvidia-current-modaliases nvidia-settings

When you choose to install nvidia-current, nvidia-settings will be installed as well.

Reboot. No need to run nvidia-xconfig.

Backtrack-linux nvidia-current is 195.36.24 whereas the ubuntu’s nvidia-current is 290.10 which is the latest. I wanted to use the CUDA feature which made me motivated to install nvidia-current driver…

From forums I found that I need to use bchunk to convert the bin/cue to iso/cdr first then mount the converted iso. Conversion was surprisingly fast.

command line: bchunk cd\ 4.bin cd\ 4.cue cd4

Reading the CUE file:

Track 1: MODE1/2352 01 00:00:00

Writing tracks:

1: cd401.iso 237/237 MB [********************] 100 %

reference: http://www.linuxforums.org/forum/ubuntu-linux/97586-mount-cue-bin-image.html

First you can check if there is a group for sftp:

cat /etc/group |grep sftp 

If nothing is shown then sftp group is non-existent. Create a group sftp:

root@bt:~# addgroup sftp
Adding group `sftp’ (GID 1001) …
Done.

root@bt:~# cat /etc/group |grep sftp
sftp:x:1001:

The next is to create user and attached them to group sftp.

root@bt:~#

root@bt:~# adduser –home /home/sftp sftpuser
Adding user `sftpuser’ …
Adding new group `sftpuser’ (1002) …
Adding new user `sftpuser’ (1001) with group `sftpuser’ …
Creating home directory `/home/sftpuser’ …
Copying files from `/etc/skel’ …
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for sftpuser
Enter the new value, or press ENTER for the default
Full Name []: SFTP user
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] y

root@bt:~# adduser sftpuser sftp
Adding user `sftpuser’ to group `sftp’ …
Adding user sftpuser to group sftp
Done.

Edit the sshd config file in /etc/ssh/sshd_config:

Look for key word Subsystem, you will find a default clause that looks like this:

Subsystem sftp /usr/lib/openssh/sftp-server

Changed to this:

#Subsystem sftp /usr/lib/openssh/sftp-server
Subsystem sftp internal-sftp

Scroll down until the end of file and add these:

Match group sftp
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

Save the config file and exit.

This is to change /home/sftpuser directory to a root directory when sftpuser logs in, this is to jail sftpuser only to /home/sftpuser and no where else.

chown root:root /home/sftpuser

usermod -d / sftpuser

Originally I made sftpuser to be in /home/sftpuser but I failed to jail it, sftp user can break out of /home/sftpuser and go anywhere within the system. Now I shall test the jailing by sftping to my localhost.

root@bt:~# sftp sftpuser@localhost
Connecting to localhost…
sftpuser@localhost’s password:
sftp> ls
sftp> pwd
Remote working directory: /
sftp>

sftp> cd ../../../
sftp> pwd
Remote working directory: /
sftp> ls
sftp>

Reference: www.debian-administration.org/articles/590

apt-get install dhcp3-server

The pool of your dhcp3-server can be configured in /etc/dhcp3/dhcpd.conf file. You can read the examples described in the configuration file. If you do not wish to modify this configuration file you can create one your self.

touch /home/dhcpd/dhcpd.conf

chown dhcpd:dhcpd /home/dhcpd/dhcpd.conf

nano /home/dhcpd/dhcpd.conf

Write the following according to your needs:

ddns-update-style none;

default-lease-time 600;

max-lease-time 7200;

authoritative; #if the Linux dhcp server is the official server on your local network.

log-facility local7;

subnet 192.168.1.0 netmask 255.255.255.0 {

option routers 192.168.1.1;

option domain-name-servers 192.168.1.1; #If your router is also your dns server.

range 192.168.1.100 192.168.1.254;}

Save the file ctrl+x.

If you want to use your own log for dhcpd in /tmp/

touch /tmp/dhcpd.log

chown dhcpd:dhcpd /tmp/dhcpd.log

If you want to create and use your own created pid location instead of /var/run/dhcp3-server/:

mkdir -p /var/run/dhcpd

chown -R dhcpd:dhcpd /var/run/dhcpd

touch /var/lib/dhcp3/dhcpd.leases

This makes the sub directory dhcpd as well as the contents inside owned by owner dhcpd and group dhcpd.

To start dhcp3-server according to your way:

dhcp3 -f -cf /home/dhcpd/dhcpd.conf -lf /tmp/dhcpd.log -pf /var/run/dhcpd/pid eth0

-f : run as a process

-cf : location of the config file

-lf : location of the log file

-pf : location of the process id file

I encountered a problem after I installed network-manager-gnome from repositories, that is although service network-manager has started, no icons of network manager appeared in the panel. I checked from System > Preferences > Startup Application and saw nm-applet –sm-disable was added.

The solution to this problem is simple:

Use your favourite text editor and edit the /etc/network/interfaces:

root@bt:~# cat /etc/network/interfaces
auto lo
iface lo inet loopback

#auto eth0
#iface eth0 inet dhcp

#auto eth1
#iface eth1 inet dhcp

#auto eth2
#iface eth2 inet dhcp

#auto ath0
#iface ath0 inet dhcp

#auto wlan0
#iface wlan0 inet dhcp

By default everything was auto, I commented out everything except for these:

auto lo

iface lo inet loopback

After commented the other autos, restart the network-manager service:

service network-manager restart

immediately after restart the network-manager-gnome icon appeared on the top right hand corner of the panel.

root@bt:~# history
  956  history
  957  which .bash_history
  958  locate .bash_history
  959  nano .bash_history 
  960  clear
  961  history
root@bt:~#

Suppose you want to execute history number 960:

You do !960.

Clear history:

root@bt:~# history -c
root@bt:~# rm .bash_history

You may have cleared your history with history -c command, but in .bash_history still contains your history up to your first command, you can choose to remove this file if you want.

The implication for history command is that you allow footprinting by a hacker to understand your linux ability through studying the commands you have executed, history command will also review some files or directories you have referred to, and also some configuration you had attempted to execute before.

root@bt:~# fdisk -l

Disk /dev/sda: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xd9dce570

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          13      102400    7  HPFS/NTFS
Partition 1 does not end on cylinder boundary.
/dev/sda2              13       34999   281018368    7  HPFS/NTFS
/dev/sda3           34999       57982   184616961    f  W95 Ext'd (LBA)
/dev/sda4           57982       60802    22644736   27  Unknown
/dev/sda5           34999       55316   163202954    7  HPFS/NTFS
/dev/sda6           55317       57827    20169576   83  Linux
/dev/sda7           57828       57982     1244160   82  Linux swap / Solaris

Suppose I want to mount /dev/sda5 upon every start up.

root@bt:~# nano /etc/fstab 
# /etc/fstab: static file system information.
#
# Use 'blkid -o value -s UUID' to print the universally unique identifier
# for a device; this may be used with UUID= as a more robust way to name
# devices that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
proc            /proc           proc    nodev,noexec,nosuid 0       0
# / was on /dev/sda6 during installation
UUID=8b589d8d-01c5-47ef-a4a9-08b8e060bfff /               ext4    errors=remount-ro 0       1
# swap was on /dev/sda7 during installation
UUID=7c2cc509-4b1b-4aa9-9146-e8c98802a946 none            swap    sw              0       0
/dev/sda5 /mnt/windows ntfs noexec,nosuid 0 0

Explanation:

First column is filesystem which is /dev/sda5

Second column is mount point which is /mnt/windows

Third column is type which is NTFS

Fourth column is option which are noexec and nosuid.

noexec = no execution.

nosuid = no superuser.

nodev = no device mounting.

Save the fstab file.

Step 1: Group the file you need to compress by using tar command.

root@bt:~/fw-scripts# tar -cf firewall.tar firewall.sh
root@bt:~/fw-scripts# ls -la
total 24
drwxr-xr-x  2 root root  4096 2011-08-04 00:35 .
drwx------ 33 root root  4096 2011-08-04 00:00 ..
-rwxr--r--  1 root root   967 2011-08-03 01:42 firewall.sh
-rw-r--r--  1 root root 10240 2011-08-04 00:35 firewall.tar

Step 2: Use an archiver of your choice. Use gzip.

root@bt:~/fw-scripts# gzip -9 firewall.tar
root@bt:~/fw-scripts# ls -la
total 16
drwxr-xr-x  2 root root 4096 2011-08-04 00:37 .
drwx------ 33 root root 4096 2011-08-04 00:00 ..
-rwxr--r--  1 root root  967 2011-08-03 01:42 firewall.sh
-rw-r--r--  1 root root  485 2011-08-04 00:35 firewall.tar.gz

Use bzip2.

root@bt:~/fw-scripts# bzip2 firewall.tar
root@bt:~/fw-scripts# ls -la
total 16
drwxr-xr-x  2 root root 4096 2011-08-04 00:39 .
drwx------ 33 root root 4096 2011-08-04 00:00 ..
-rwxr--r--  1 root root  967 2011-08-03 01:42 firewall.sh
-rw-r--r--  1 root root  519 2011-08-04 00:38 firewall.tar.bz2

To make the compression better:

root@bt:~/fw-scripts# bzip2 --best firewall.tar
This is the same as gzip -9 option. You can simply compress a tar file with only the gzip command without any options.

Decompress the files 

For bzip2:

root@bt:/tmp# bzip2 -d firewall.tar.bz2 
root@bt:/tmp# ls firewall.tar
firewall.tar

For gzip:

root@bt:/tmp# gzip -d firewall.tar.gz
root@bt:/tmp# ls -l firewall.tar
-rw-r--r-- 1 root root 10240 2011-08-04 00:46 firewall.tar

To untar the file:

root@bt:/tmp# tar -xf firewall.tar
root@bt:/tmp# ls firewall.*
firewall.sh  firewall.tar

Check the tar file content before unzip:

root@bt:/tmp# tar -tf firewall.tar
firewall.sh

Method 2

Compress with gzip

root@bt:~/fw-scripts# tar -czf firewall.tar.gz firewall.sh 
root@bt:~/fw-scripts# ls
firewall.sh  firewall.tar.gz

Compress with bzip2:

root@bt:~/fw-scripts# tar -cjf firewall.tar.bz2 firewall.sh
root@bt:~/fw-scripts# ls
firewall.sh  firewall.tar.bz2  firewall.tar.gz

Note: The f option stands for file, hence it must always be the last letter of your option. You can rearrange tar -czf or tar -zcf it is the same, but f is always the last and immediately follow by f will always be a filename of your compressed file. This works for bzip2 as well.

Compress file with 7zip

Compress your file into zip format:

ot@bt:~/fw-scripts# 7z a firewall.zip firewall.sh 

7-Zip 9.04 beta  Copyright (c) 1999-2009 Igor Pavlov  2009-05-30
p7zip Version 9.04 (locale=en_US.UTF-8,Utf16=on,HugeFiles=on,8 CPUs)
Scanning

Creating archive firewall.zip

Compressing  firewall.sh      

Everything is Ok
root@bt:~/fw-scripts# ls
firewall.sh  firewall.tar.bz2  firewall.tar.gz  firewall.zip

Compress in bzip2:

root@bt:~/fw-scripts# 7z a firewall.tar.bz2 firewall.sh 

7-Zip 9.04 beta  Copyright (c) 1999-2009 Igor Pavlov  2009-05-30
p7zip Version 9.04 (locale=en_US.UTF-8,Utf16=on,HugeFiles=on,8 CPUs)
Scanning

Creating archive firewall.tar.bz2

Compressing  firewall.sh      

Everything is Ok

Likewise if you want to zip in gzip format is also done the same.

Decompress with 7zip

Decompress zip:

root@bt:/tmp# 7z e firewall.zip 

7-Zip 9.04 beta  Copyright (c) 1999-2009 Igor Pavlov  2009-05-30
p7zip Version 9.04 (locale=en_US.UTF-8,Utf16=on,HugeFiles=on,8 CPUs)

Processing archive: firewall.zip

file firewall.sh
already exists. Overwrite with
firewall.sh?
(Y)es / (N)o / (A)lways / (S)kip all / A(u)to rename all / (Q)uit? y
Extracting  firewall.sh

Everything is Ok

Size:       967
Compressed: 475

Decompress bzip2:

ot@bt:/tmp# 7z e firewall.tar.bz2 

7-Zip 9.04 beta  Copyright (c) 1999-2009 Igor Pavlov  2009-05-30
p7zip Version 9.04 (locale=en_US.UTF-8,Utf16=on,HugeFiles=on,8 CPUs)

Processing archive: firewall.tar.bz2

file firewall.tar
already exists. Overwrite with
firewall.tar?
(Y)es / (N)o / (A)lways / (S)kip all / A(u)to rename all / (Q)uit? y
Extracting  firewall.tar

Everything is Ok

Size:       967
Compressed: 425

The above is the script written by myself, it is not very flexible as I am still learning bash scripting myself…I want to be spoon fed :p (joking…*wink*)

This script creates a quick and simple way to get started with iptables. iptables provides stateful firewalling. The script will result in firewall.cfg, this firewall.cfg will be loaded into /etc/rc.local so that everytime when you start your linux it will be loaded, if you do not do this during startup, you will have to reload the firewall.cfg everytime you start your linux. The destination tcp port 8834 is for reconnecting back to my nessusd using 127.0.0.1. Basically I did not write a rule to allow icmp from loopback interface… so.. you cannot ping 127.0.0.1, you can change this the way it works for you.

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.
/sbin/iptables-restore < /root/firewall.cfg

exit 0

The above is the rc.local script, by default nothing except for exit 0 exists.

iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p icmp -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT

Inbound rules

iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -p udp -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -p icmp -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -j DROP

Make iptables rules permanent every for every reboot

IPtables rules are flushed after every reboot. To make it permanent:

Step 1: Save the iptables rules to a file

iptables-save > /root/fw-cfg

Step 2: Append a line in /etc/rc.local:

iptables-restore < /root/fw-cfg

Step 3: Save the rc.local.

Henceforth every reboot will have your iptables rules defined.

cyrus@ubuntu:/$ uname -a
Linux ubuntu 2.6.38-8-generic #42-Ubuntu SMP Mon Apr 11 03:31:24 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
cyrus@ubuntu:/$ 

randomize_va_space default value
cyrus@ubuntu:/$ cat /proc/sys/kernel/randomize_va_space
2
cyrus@ubuntu:/$ 

randomize_va_space values
0: No randomization of address space.
1: Conservative address space randomization. Code start register will be randomized.
2: Full address space randomization. Contains the feature of value 1 in addition brk area is randomized.

Virtual memory
Each program will have exactly the same memory structure, making hardcoding of instruction and push the instruction to the fixed memory space easier.
With address space randomization, each execution of a program will be residing in different starting addresses. This makes hardcoding and pushing of hardcoded instruction to the predicted memory space harder.

Reference: http://www.kernel.org/pub/linux/kernel/people/jikos/randomization/brk-fix-2.patch

This means gnome-utils package is not installed, if you are using Ubuntu/Backtrack use apt-get install gnome-utils. If you are using Fedora use yum install gnome-utils.

root@bt:~# atftpd –daemon –port 69 /var/tmp

Check if service is enabled or not

root@bt:~# netstat -anup |grep 69
udp        0      0 0.0.0.0:69              0.0.0.0:*                           1915/atftpd

-a : listen all, -n : do not resolve numeric into names, show numeric only, -u : udp, -p  : process id of the service.

Stop tftpd with kill command

root@bt:~# kill -9 1915
root@bt:~# netstat -anup |grep 69
root@bt:~#
-9: means kill that cannot be blocked. As you can see from netstat with filter, no open connection exists with source port 69 anymore.

Here’s how I am going to save the URL into /etc/yum.repos.d so that YUM knows where to retrieve the repos and install firefox4.

You need to be a root user to perform this action, you can either login as root using the command su - or you can use sudo as the prefix command. Using sudo will require sudoer rights.

Use your favourite text editor such as nano to edit the sudoers file in /etc/sudoers:

nano /etc/sudoers

Here I have allowed user cyrus to access all command just like a root user.

Next use wget to insert the URL and copy this into a repos file using wget -O option.

Insert the repo location and output to a new firefox4.repo file.

Uninstall firefox version 3 track, choose Y to remove firefox.

Install firefox4, there's no need to enable repo.

[root@cyruslab yum.repos.d]# VirtualBox
WARNING: The vboxdrv kernel module is not loaded. Either there is no module
         available for the current kernel (2.6.35.13-91.fc14.i686.PAE) or it failed to
         load. Please recompile the kernel module and install it by

           sudo /etc/init.d/vboxdrv setup

         You will not be able to start VMs until this problem is fixed.

This is resolved by adding user to the user group vboxusers. Without adding a user to this vboxusers group the Kernel will not start and hence the VDI I created will not start as well.

vboxusers is a group created by VirtualBox itself after installation.

To add user use this command:

Step 1: su -

Login to root.

Step 2: usermod -a -G vboxusers cyrus

this statement means to add user cyrus into group vboxusers.

Steps to install Virtual Box and use it.

Step 1: su -

Login to root user.

Step 2: cd /etc/yum.repos.d/

Go to the directory of the yum repository. In here you need to include the virtual box repository from virtual box website.

Step 3: wget http://download.virtualbox.org/virtualbox/rpm/fedora/virtualbox.repo

You need to download this repository from the virtual box website, this repository tells your YUM where to download and install Virtualbox. Without this step you will need to go to Virtual box yourself and download and install it.

Step 4: yum install dkms gcc

dkms and gcc packages need to be installed and updated.

Step 5: yum install VirtualBox-4.0

This will download and install VirtualBox from the website as informed by the repo file. The package name – VirtualBox-4.0 is case sensitive!

Step 6: usermod – a -G vboxusers <your username>

Now you can run virtual box, create virtual machine and start it without warning!

Thanks Andrey for helping me to rectify the problem remotely.

The main problem with my linux configuration was the credential denied my router from executing commands to linux tftpd.

Understanding chmod

change mode is the command that change the rights of user, group and/or other.

The binary is like a three buttoned dip switch:

Execute = 001 = 1 in decimal

write = 010 = 2 in decimal

read = 100 = 4 in decimal

The combinations:

no write, no read and no execute = 000 = 0

read, no write and no execute = 100 = 4

read, write and no execute = 100 + 010 + 000 = 110 = 6

read, write and execute = 100 + 010 + 001 = 111 = 7

no read, no write, execute = 001 = 1

no read, write and execute = 000 + 010 + 001 = 011 = 3

read, no write and execute = 100 + 000 + 001 = 101 = 5

chmod options

Based on the combinations above, interpret the meaning of chmod options

where r = read, w = write and x = execute files and/or search directories

Example 1: chmod 755

Means: User rwx, group and other rx

[root@cyruslab /]# ls -l /usr/sbin/in.tftpd
-rwxr-xr-x 1 root root 32688 Jan  3 23:01 /usr/sbin/in.tftpd

Example 2: chmod 777

Means: user, group and other rwx

Example 3: chmod 666

Means: user, group and other rw

chmod option representation

Example: chmod 777

chmod user group other

Modify tftp configuration

Login as root. Then type gedit /etc/xinetd.d/tftp. Default is disable = yes, change to no and save the configuration.

For server_args I have changed to server_args = -s /tftpboot, I have made a directory in root “/” using mkdir /tftpboot. Note in this configuration file the user is root. After the configuration was saved, restart the service:

service xinetd restart

tftp depends on xinetd, however tftp can run as standalone.

Verify the service by using:

[root@cyruslab ~]# chkconfig –list tftp
tftp               on

From the Linux window, go to System > Administration > Firewall, turn on the tftp as shown in this screenshot.

There's a cli for iptables which is very complicated...lol

Make tftp ready to be used by external host

[root@cyruslab ~]# touch /tftpboot
[root@cyruslab ~]# chmod 777 /tftpboot

Cisco router is not a root user, it belongs to other category which is the last digit, so these combinations can be used:

1. chmod 757 /tftpboot

2. chmod 707 /tftpboot

Test with router

2651-1#copy run tftp
Address or name of remote host []? 192.168.1.107
Destination filename [2651-1-confg]?
!!
2103 bytes copied in 2.275 secs (924 bytes/sec)

[root@cyruslab ~]# cd /tftpboot
[root@cyruslab tftpboot]# ls
2651-1-confg  cisco
[root@cyruslab tftpboot]#

[root@cyruslab ~]# cd /
[root@cyruslab /]# ls
bin  boot  cgroup  dev  etc  home  lib  lost+found  media  mnt  null  opt  proc  root  sbin  selinux  srv  sys  tmp  usr  var

Use a text editor to edit the configuration

[root@cyruslab /]# gedit /etc/xinetd.d/tftp

Change from disable = yes to disable = no

Change disable = yes to no.

Activate the tftpd

A program known as service is found in /sbin directory.

xinetd service can also be started by issuing /sbin/service xinetd start from /. Stopping the service is the same, /sbin/service xinetd stop

[root@cyruslab ~]# yum install tftp

Installing the tftp daemon:

[root@cyruslab ~]# yum install tftp-server

Installation is a pain without yum…:D

If you do not escalate yourself to be root user you will see this error:

[cyrus@cyruslab ~]$ sudo minicom
[sudo] password for cyrus:
cyrus is not in the sudoers file.  This incident will be reported.

An email will be sent to the admin…;) cool eh?

Add my account into sudoers to enjoy the same privilege as root user

[root@cyruslab ~]# gedit /etc/sudoers

gedit is a gui text editor, some people use vi which is a text-based text editor, vi is very difficult to use!!

I have highlighted the portion that i was adding.

My first attempt is to learn how to use Linux environment to console into my cisco routers like I am doing in Windows with PuTTY.

There are two softwares I found in Linux that can do virtual console terminal. A text based one – minicom. A GUI one – CuteCom.

For some reason I could not make Cutecom open a tty session, however I have made it possible with minicom

Verify serial port status

First thing is to identify which tty is associated with my serial com port:

[cyrus@cyruslab ~]$ dmesg |grep ttyS
[    2.266367] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
[    2.511359] serial8250: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A
[    2.512365] 00:09: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
[    2.513144] 00:0a: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A
[cyrus@cyruslab ~]$

Install the minicom package

From the panel click:

System > Administration > Add/Remove Software

Search for minicom.

Click on minicom and click apply, you will be prompted to login as root user.

Configuring minicom

[cyrus@cyruslab ~]$ minicom -s

root user is needed to make changes to the configuration.

[cyrus@cyruslab ~]$ su -
Password:
[root@cyruslab ~]#

Choose Serial Port setup as shown

Go to option E, set the Baud rate as shown in the screenshot. Go to option A and type /dev/ttyS0 as shown in screenshot. The ttyS0 is found in dmesg |grep ttyS

Use minicom to console to router

[root@cyruslab ~]# sudo minicom

I'm in This is the term server screen yay!

Terminate minicom session

DO NOT just close the terminal window, the ttyS0 session is still alive! If you did that, kill the ttyS0 session by using:

[root@cyruslab ~]# killall minicom

Be sure you are a root user, a lot of privileges only availabe for root user. The command killall is only available for root user.

To properly terminate the minicom session, press CTRL + A, then press X, a prompt will appear to confirm whether you really need to exit minicom or not.

Thanks Andrey for the guidance