Posted on 2 Comments

How to configure UrlScan in IIS7.5 and IIS8

UrlScan is a security tool used to restrict types of HTTP requests that IIS will process. It is a simple tool which is very helpful in blocking harmful requests to the server. It seemingly supports only IIS 5.1, IIS 6.0, and IIS 7.0 on Windows Vista and Windows Server 2008. It has been deprecated since IIS 7.5 and IIS 8. It is said that Microsoft has included the features of UrlScan in request filtering option for IIS 7.5 and IIS 8. But it definitely is not a match for the simplicity of UrlScan. Today I am going to show you how to configure UrlScan in IIS 7.5 and IIS8. (IIS 7.5 is available in Windows server 2008 R2 and IIS 8 is available in Windows Server 2012 and Windows 8 ).

I am going to configure this in Windows server 2012 i.e IIS 8 but do not worry the configuration steps are similar in IIS 7.5. First and foremost install Web Platform Installer in your machine. This will help us to install all the components we require in simple steps. From web platform installer, select component IIS 6 metabase compatibility. This is compulsory to install URLscan.

Then, select IIS ISAPI Filters. (ISAPI filters may already be installed in IIS 7.5 ).

Click on Install. You are shown a review of components you selected to install. Click on I accept.

The components are installed and will show you a Finish screen. Click on Finish.

We are all set to install UrlScan. Download Urlscan and click on the msi package. On the window, select the option “I select the terms of license agreement” and click on “Install”.

The installation is very quick. Once it finishes,click on “Finish”.

Now open IIS Manager. Click on ISAPI filters.

If everything went well, we should see a filter already set like below.

Click on it. We can see that there is already a filter named URLscan 3.1 linking to the executable urlscan.dll.

Before configuring UrlScan, let’s try a little banner grabbing to check whether UrlaScan is working or not. For this, we will use tool Idserve to fingerprint the server on which we have configured UrlScan. (www.shunya.com is fictional website i set on my server ).

We can see that the version is Microsoft-IIS/8.0. Now let’s go to the configuration file of urlscan (urlscan.ini)  to make some changes to it.  It is located by default at “C:WindowsSystem32inetservurlscan” and change the value of “RemoveServerHeader” to “1” from “0”. Save the file.

Now let’s again try to banner grab using Idserve.  Restart the web server.

We can see that the server version has not been disclosed hence our UrlScan is working successfully. Hope it was helpful.

Posted on Leave a comment

Installing a web server in Windows 2012 with WebPI

We can easily install a web server in Windows Server 2012 using Microsoft Web Platform Installer. The Microsoft Web Platform Installer (Web PI) is a simple tool that installs the latest components of the Microsoft Web Platform including IIS, PHP, MYSQL and many others. It can be downloaded for free from here. In this tut we will install IIS, PHP and MYSQL using this tool.

Download and install Web Platform installer 4.6. Click on it.

Select the components you want to install. I have selected IIS, PHP and MYSQL.

After selecting the applications you want to install, click on “Install”. If you have selected MYSQL, it will prompt for a password to be set for MYSQL. Enter the password and click on “Continue”.

It will display a summary of components which will be installed. Click on “I Accept”.

After system finishes installing all the components, click on “Finish”. After the installation is finished, open your browser and see whether IIS8 installation has been successful. If the display shows the version of IIS displayed as below, then our web server installation has been  successful.

Now let’s test our php. Go to the root directory which is “%systemroot%/inetpub/root” in IIS and create a php file with the following script and save it as version.php ( in fact any name but with php extension. )

Now go to address “http://localhost/version.php” from the browser.

If it displays the version of the php installed, then our php installation has been successful. Hope this was helpful.

Posted on 1 Comment

How to install GUI in Ubuntu Server

Ubuntu server comes default with a Command line interface. Of course we can install GUI in Ubuntu Server if we find command line troublesome. Here are the steps.

First navigate to the “etc/apt” directory and open a file named “sources.list.d” using the command “vi sources.list.d”. 

Then check whether software from “universe” ad “multiverse” repositories are allowed.

Then type the command “sudo apt-get update” to update all repositories.

After updating is finished, type the command “sudo apt-get upgrade”.

Then type the command “sudo apt-get install ubuntu-desktop”. It will take some time to finish all the processes.

After the installation is finished, restart the server to see your GUI interface.

Posted on 4 Comments

How to set up a Web Server in Ubuntu Server

In this article, we are going to see how to set up a web server in Ubuntu Server. Before that, I want to give  credit for this article to Mike of www.funwithlinux.net. I learnt how to install the web server from this article, made some mistakes initially but finally successful.

What is a web server? It is a server which hosts websites. Each and every website has a  server. Most web servers are set up on Linux for the primary reason that it is free. I am going to set up my web server on Ubuntu Server 12.04.

To set up a web server we are going to install four components, Apache (server software), PHP (scripting language used to create webpages), MYSQL (database), PHP-MYSQL (MySQL support in PHP ). Login as root into Ubuntu server.

In the terminal type “apt-get install apache2″ to install Apache package. Type ‘Y’ when system prompts you to continue.

To check whether apache packages have been installed or not type the command “wget localhost index.html” in the terminal. This will download the index.html file to the local directory. Type “ls” to see if the file has been downloaded or not. If it is present, apache has been correctly installed.

The apache2 config file is located at “/etc/apache2/”. In this same directory we have a directory named ‘conf.d’. Configuration files( files with the suffix .conf ) in this directory will be parsed by apache2 during startup.  If we intend to run multiple sites from the same server, we need to put our config files here. Let’s create a file name “shunya.com.conf”.

In the file shunya.com.conf, add the following text and save the file. The first line tells  Apache to  listen on port 80. The second line shows the ServerAdmin and is optional. The third line shows our web server’s root directory. The fourth line is host header Apache2 will listen for, as sent by the end user’s browser. The fifth line is the file used for logging errors. This line is also optional but is very helpful.  The settings not configured under <VirtualHost> tags will be inherited from apache2.conf or other configuration files. Close the file by typing “:wq”.

As we created the config file of our host, we need to create our root directory referenced in the config file i.e “/var/www/shunya.com”. Navigate to the directory by typing “cd /var/www/”. Create new directory named ‘shunya.com’ by typing “mkdir shunya.com”. Make the root user the owner of the directory by typing the command “chown root:www-data /var/www/shunya.com -R”. Make this directory readable and executable by typing the command “chmod 550 /var/www/shunya.com -R”.

Create a file named index.php in our root directory shunya.com.

Edit the file as below. We will echo some Archimedes in our index.php file. Save and exit the file.

Next, we have to install PHP. Type the command “apt-get install php5″. Type Y at appropriate prompts.

Reload the apache config file by typing “service apache2 reload”. Then restart the apache service using “service apache2 restart”.

Let’s see if our website is working. From a remote machine which has access to your web server open the browser and type the IP address of the web server. If we get “Eureka Eureka” displayed, then our server is working.

Install MySQL server by typing “apt-get install mysql-server”. 

The system will prompt you to set a root user password for MYSQL. Set the password and confirm it again.

Type the command “apt-get install php5-mysql” to install MySQL support for PHP.

We have set up our web server successfully.

Posted on Leave a comment

Server GUI to Minimal Server interface in Windows 2012

Windows Server 2012 introduced a new configuration option called Minimal Server Interface. Minimal Server Interface is in simple words compromise between Server GUI Full Installation and Server Core installation. Minimal Server Interface installation reduces footprint of the server to some extent thus decreasing security hazards. In the same time it increases deployment scenarios. Let’s see how to convert Server GUI to Minimal Server Interface in Windows server 2012. If you want to convert Server GUI full  installation to Server Core installation, read here.

Following tools are installed in Minimal Server Interface.

  • Server Manager
  • MMC
  • Some Control Panel Applets

The items which are not installed during Minimal Server Interface are

  • Start Screen
  • Desktop
  • Windows Explorer
  • Internet Explorer

Login as Administrator. Open  “Powershell”. Type the command

“Uninstall-WindowsFeature Server-Gui-Shell -remove” and Press “Enter”.

After collecting some data, the system will start removing the Server-Gui-Shell.

After the removal of Server-gui-shell is finished, the system will ask us to restart the system.

Restart the system by typing “shutdown -r -t 0″. The system will reboot to Minimal server Interface which will look like below.

Posted on Leave a comment

How to install Ubuntu Server : Step-by-step guide

The latest release of Ubuntu Server is the 13.04 which includes the latest features including Grizzly release of OpenStack but this release is only supported for nine months. So in this guide I am going to show how to install Ubuntu server 12.04 LTS which is supported till 2017  here. If you want a torrent download, you can get it here. After downloading the image, burn it to a CD/DVD. Load the CD/DVD to drive and boot from it. The system will prompt us to select the language. Select English or whatever language you prefer.

Then click on “Install Ubuntu Server”.

Then choose the language to be used for the installation process which will also be set for the installed system. I chose English.

Then the system will ask you to select your location. This location will be used automatically set your time zone. There is a list of some countries. If your country is not displayed in the list click “Other otherwise click on your country. I selected India.

Then the system will ask whether you want it to detect the keyboard layout. If you don’t know your keyboard layout, select “Yes otherwise select “No”.

If you select No, it will ask you to select the keyboard layout. My selection is “English(US)”.

Then the system will start loading additional components.

Then the system will autoconfigure your network with DHCP.

Then the system will prompt you to enter a hostname for the computer. I named it as ubuntu.

Then the system will ask you to create an user account. The username should start with a lowercase letter and can be a combination of letters and numbers.

Then you are asked to set a password for the user account created. The password should contain a mixture of letters, numbers and punctuation.

Then you are asked to verify the password by typing it once again.

Then you are asked if you want to encrypt your home directory or not. Encryption prevents your files to be compromised even if your computer is stolen. I recommend you to select “Yes”.

Based on the location we chose above, our time zone is selected. If your time zone is correct, select “Yes” otherwise No to change it.

Then you are asked to choose your partitioning method.

Then you are asked to select the disk to be partitioned.

Then you are shown the summary of partitions to be formatted and whether you want to write the changes to the disks. Select “Yes”.

Then installation of base system is started.

If you want to connect with the outside world through HTTP proxy, give the information otherwise leave it blank.

Then configuration of apt starts.

After the configuration, installation of software starts.

Then you are asked to select how do you manage upgrades to the system. I recommend you to select “Automatic security updates”.

Then you are given a choice to install  predefined software applications. If you intend to set a web server, you can select LAMP server here.

The system will install the selected features and it will clean up.

If this the only OS on your computer, the system will ask you if you want to install the GRUB bootloader.

After GRUB is installed, installation is completed. Remove your DVD.

You are asked to provide your authentication. Enter the credentials you gave while installing the system and this screen below should greet you.

Posted on Leave a comment

Installing a domain controller in Windows Server 2012

Hi Friends, Today we will see how to install and promote a domain controller in Windows server 2012. It has seen a change while installing a domain controller. The “dcpromo.exe” present in previous versions has been deprecated. We need to install domain controller from Server Manager only. Before we start installing the domain controller let’s change our server’s name to ‘Server‘ and IP address to “10.10.10.1″.

Now let’s go to Server Manager and start adding Active Directory Domain Services” role from Add Roles and Features. Click on “Add Roles and Features”.

Before we begin, we are presented with basic information on IP addresses, Windows updates and configuring strong passwords. Click “Next”.

Then we are prompted for the type of installation. Select Role Based or Feature based installation” and click Next”.

Then we are prompted to select the destination server. Select the server we just named and click “Next”.

Then we are asked to select the roles we want to install. Select Active Directory Domain Services and click “Next”.

Then we get a pop-up to add features that are required for Active Directory domain services. These features are automatically selected. Click on Add Features”.

We can see that Group Policy Management which is required for Active Directory Domain services has been automatically selected.

Then we are given a brief description about Active Directory domain services and some basic things to note. Click Next”.

Then we are shown the roles that will be installed on the server as a confirmation. Click on Install”.

Then the installation starts.

As the installation is finished, we get a message ‘Configuration required. Installation succeeded on server’. Click on Close”.

We have successfully installed Active Directory Domain Services on our server. Now we need to promote the domain controller. In the previous versions of Windows server, it is here we used dcpromo.exe. In our Server Manager, we have a notification flag with a yellow triangle with an exclamation mark inside it. Click on it.

Click on ‘Promote this server as domain controller’.

We are prompted to choose the configuration of our domain controller. Choose Add a new forest and specify the root domain name as shunya.com. Click on Next”.

We are asked to choose the domain controller options. Set the forest functional level and domain functional level as Windows Server 2012. Select DNS server. Since this is the root domain in the forest it is automatically Read only domain controller. Enter the DSRM password and click on Next”.

Then DNS options screen appears. Click on Next”.

Look at the NETBIOS name which is automatically assigned. It is shunya.

The location where the AD DS database, log files and SYSVOL are shown. We can specify different locations if we choose to be. Click on Next”.

Then we see a review of our selections. Click on Next”.

Then we see a Windows PowerShell script for AD DS deployment.

Then we get a prerequisites check window. Click on Install”.

After all the prerequisites are validated successfully, the server is successfully configured as a domain controller and the system is restarted.

After the system restarts, we are asked to login into the shunya domain.

Posted on 2 Comments

Server GUI to Server Core switching in Windows 2012

Microsoft has always been recommending the Server Core Installation for its servers over the full server installation. As is well known, Server Core Installation which is the minimal install of the server version reduces the space for attack vector by hackers. It also reduces the usage of resources. But the Server Core Installation makes administration intimidating as it requires the administrators to be a PowerShell expert.
With Windows Server 2012, Microsoft has introduced a new feature that would allow switching from Server GUI to Server Core Installation and vice versa. This enables administrators to install and configure the server in GUI and then switch to Server Core installation. Although there are many ways to switch from Server GUI to Server Core installation, the easiest way to perform this switching is by simple PowerShell commands. I am gonna show you how. For this, I have installed Windows Server 2012 standard GUI installation in Vmware workstation.

Then open PowerShell and type the command

Remove-windowsfeature Server-gui-shell,Server-gui-mgmt-infra” and hit Enter.

The process of disabling the GUI starts and the display is as same as below.

After a short time, the process is completed and it prompts you for a restart.

Restart the machine by typing “shutdown –R –T 0″ and hit ENTER.

After the reboot, the system asks for administrator password on entering which it switches to Server Core Installation.

To enable back the GUI, enter into PowerShell by typing command “powershell.exe” in the cmd and hit ENTER. In PowerShell, type the same command as above replacing Remove with Install and hit ENTER.

Install-windowsfeature server-gui-shell,server-gui-mgmt-infra”

After completing the process, the system prompts for a reboot. Reboot the system by typing command “shutdown –r  –t 0″ and hit ENTER.

The system successfully  switches over to Standard GUI installation.

Note:

Although the Server Core Installation is the preferred deployment, it does not support all roles. The roles supported by the server core installation are,

  • Active Directory Domain Services
  • Active Directory Certificate Services
  • DHCP server.
  • DNS server.
  • AD LDS
  • Hyper-V
  • Streaming Media services
  • Print and Document Services
  • Web server
  • Windows update server
  • Active Directory Rights Management Server
  • Routing and Remote Access Server.