introduction · web viewextract the contents of the file in the folder using the following command...

Embarc Information Technology (Pvt) Ltd.

Copyright © 04th July, 2013

All rights reserved

Notice

This manual, as well as the software described in it, is furnished under license granted by Embarc Information Technology (Pvt) Ltd. to authorized clients and may be used only in accordance with the terms of license granted. The content of this manual is furnished for informational use only, is subject to change without notice, and should not be construed as a commitment by Embarc Information Technology (Pvt) Ltd. While every care has been taken for the correctness of the information, Embarc Information Technology (Pvt) Ltd. assumes no responsibility or liability for any inaccuracies that may have inadvertently crept in this manual.

Embarc Information Technology (Pvt) Ltd. reserves right to make changes to specifications/features/utilities at any time and without notice. The information furnished by Embarc Information Technology (Pvt) Ltd. in this manual is believed to be accurate and reliable. Embarc Information Technology (Pvt) Ltd. assumes no responsibility for its use, or for infringements of patents or other rights of third parties resulting from its use. No license will be granted under any patents or patent rights owned by Embarc Information Technology (Pvt) Ltd.

Please check up for updated version of user manual at: http://www.findnsecure.com/downloads.html

Use of Google API

Find’n’Secure software uses Google API. Use of Google API is governed by the Terms and Conditions as described in the Google Maps API signup page (https://developers.google.com/maps/signup)

Printed in India

https://developers.google.com/maps/signup

http://www.findnsecure.com/downloads.html

TABLE OF CONTENTS

Introduction.................................................................5

GPS Tracking System.................................................................5GPS Tracking Unit......................................................................5Common Uses...........................................................................6Find’n’Secure®...........................................................................6

Linux Installation..........................................................8

Linux Configuration....................................................19

Firewall....................................................................................20Disabling Firewall....................................................................21Enabling Ports in Firewall (Linux).............................................21Network Adapter.....................................................................22Apache (HTTP).........................................................................24MySQL.....................................................................................25MySQL Configuration File.........................................................26Speed Tweak...........................................................................32mod_deflate............................................................................33Confirming it works..................................................................34MySQL Updation......................................................................34Zend Optimizer........................................................................34

Software Installation...................................................38

Map Settings...........................................................................41SMTP Settings..........................................................................42Understanding Configuration File (config.sys)..........................43

Setting up triggers...................................................................47Final Steps...............................................................................50Summary.................................................................................51

4

INTRODUCTION GPS TRACKING SYSTEMThe Global Positioning System (GPS) is a satellite-based navigation system made up of a network of 24 satellites placed into orbit by the U.S. Department of Defense. GPS was originally intended for military applications, but in the 1980s, the US government made the system available for civilian use free of cost. Initially the highest quality signal was reserved for military use, while the signal available for civilian use was intentionally degraded ("Selective Availability"). Selective Availability was ended in 2000, improving the precision of civilian GPS from about 100m to about 20m. GPS works in any weather conditions, anywhere in the world, 24 hours a day. GPS satellites circle the earth twice daily and transmit signal information. GPS receivers use the information to calculate the user's location by the method of triangulation. Basically, the GPS receiver compares the time a signal was transmitted by a satellite with the time it was received. The time difference tells the GPS receiver how far away the satellite is. The receiver must lock on to the signal of at least three satellites to calculate a 2-D position, the latitudinal and longitudinal position, and track movement. Using four or more satellites, the receiver can determine the user's 3-D position, the latitude, longitude, and altitude. Once the position has been determined, the GPS unit can calculate other information such as speed, track, trip distance, bearing and more.

GPS TRACKING UNITA GPS tracking unit is a device that uses the Global Positioning System to determine the precise location of a vehicle, person, or any other asset to which it is attached and to record the position of the asset at regular intervals. The recorded location data can be stored within the tracking unit, or it may be transmitted to a central location data base, or internet-connected computer, using a cellular (GSM/CDMA), radio, or satellite modem embedded in the unit. This allows the asset's location to be displayed against a map backdrop either in real-time or when analyzing the track later, using customized software.

http://en.wikipedia.org/wiki/Satellite

http://en.wikipedia.org/wiki/Radio

http://en.wikipedia.org/wiki/GPRS

http://en.wikipedia.org/wiki/Cellular_network

http://en.wikipedia.org/wiki/Global_Positioning_System

http://en.wikipedia.org/wiki/Global_Positioning_System

COMMON USESMost common application of GPS tracking system is applied for tracking of moving objects, such as, vehicles. Vehicle tracking systems are commonly used by fleet operators for fleet management functions such as routing, dispatch, on-board information and security. Other applications include monitoring driving behavior, such as an employer of an employee, or a parent with a teen driver. Vehicle tracking systems are also popular in consumer vehicles as a theft prevention and retrieval device. Police can simply see the vehicle in real-time over the tracking system and locate the stolen vehicle.Remote controlling of the vehicle through GPS tracking system is also possible. In such a case owner of the vehicle can give commands to the tracking unit for various operations like blocking the engine or cutting fuel supply to engine etc.GPS personal tracking system is commonly used for tracking of persons, pets etc. You can keep track of your loved ones in real time using a completely accurate and totally reliable GPS software package via the internet so you know exactly where your kids, parents, pets, asset are at any given point in time.

FIND’N’SECURE®

Embarc Information Technology Pvt. Ltd., a leading provider of GPS tracking and security system from India, aims at offering innovative and cost effective tracking and security solutions comprising of hardware as well as software. GPS tracking technology is best suited for fleet management. It is a unique way for companies and individuals to monitor and control their cars, jeeps, trucks and other vehicles to their precise details by sitting in the office. Find’n’Secure® GPS tracking system will enable you to monitor the movements of your employees, drivers, vehicles or any other asset accurately. With Find’n’Secure® vehicle tracking system in your company's fleet of vehicles, you will find a smart way of fleet management by tracking your vehicles.Whether you own one truck or a fleet of thousands of vehicles, our highly skilled GPS fleet consultants will assist you in selecting the right type of vehicle tracking system that will give an edge to your company.

Find’n’Secure® Version 4.0 Instruction Manual

7

C HA PT E R 1

LINUX INSTALLATION

This section of the manual will help you in complete installation of the Linux operating system and Find’n’Secure software.

Hardware Requirements Processor Intel Xeon E3120+ / AMD Opteron™ 4100+HDD 5x500 GB (SATA)RAM 8GBLAN 100 Mbps/1 GbpsOptical Drive DVD ReaderMonitor 19 Inch. LCDInternet Connection1+ Mbps with Static IP

Software Requirements Operating System Ubuntu Server Edition 64 BitDatabase MySQL 5.5+Web Server Apache with PHP 5.5+ SupportOthers Zend Optimizer

Linux Installation

Download the latest version of Ubuntu Server Edition 64 Bit from http://www.ubuntu.com/download/server. At the time of printing of this manual the latest LTS release of Ubuntu Server Edition is 12.04. After downloading the ISO file you can make use of any DVD burning software to prepare the DVD for Installation.

Once you have prepared the DVD for installation boot the server with this DVD disk to begin Installation of Ubuntu.

To begin installation of the Ubuntu server, select the option “Install Ubuntu Server”.

http://www.ubuntu.com/download/server


Next screen sets the default language for this Ubuntu Server

9

Follow the guided tour of the installation process to completely install Ubuntu Server. During the installation process Ubuntu presents you with the Software selection screen as shown below:

Select LAMP Server for installation and press Continue .You will be asked to enter password for MySQL root user. Please keep this password handy for later use.

After the installation is complete, server is automatically restarted and login prompt is presented. Login to the server by entering the credentials you created during the setup process.

Once you have successfully logged into the Server you will be presented with the Linux prompt.

10


Issue the following command to enable root user login for easy setup of the server

$ sudo passwd root

Enter the new UNIX password that you want to use for the root account. Once you have set the password type exit to exit this login prompt and login using the username root

This will complete the basic setup of the server and now in the next section we shall setup the server for running the Find’n’Secure software.

Installing Graphical User Interface (GUI)

Issue the following commands to start the Graphical User Interface installation over Ubuntu:

$ apt-get update$ apt-get install ubuntu-desktop

To enable root login in GUI mode, type in the following commands: sh -c 'echo "greeter-show-manual-login = true" >> /etc/lightdm/lightdm.conf'sh -c 'echo "allow-guest = false" >> /etc/lightdm/lightdm.conf'

Once the GUI installation is complete you should reboot the Server by issuing:

$ shutdown -r now

11

This completes the GUI installation process and now you will be presented with the login screen in GUI mode.

Installing additional packages

To install packages you need to install ‘Synaptic Package Manager’. To install ‘Synaptic Package Manager’, use the following command from CLI:apt-get install synapticIt is recommended to upgrade all previously installed packages at this moment, use the following command for the same:apt-get upgrade

Start ‘Synaptic Package Manager’ from System > Administration > Synaptics Package Manager

1. Wireshark - Network traffic analyser2. UnixODBC - ODBC Connection to MS SQL etc.

Installing Zend Optimizer

Download the latest version of the Zend optimizer from http://www.zend.com for the following configuration:

Linux 64 Bit operating system PHP 5.4.16+ Zend Guard 6.0.0+

Follow the following steps to install on Ubuntu Server:

1. Extract the Zend Loader package.

2. Locate and extract the ZendGuardLoader.so (Linux) that corresponds to your PHP version. Create a new folder by

12

http://www.zend.com/


name /root/zend (mkdir ~/zend) and copy the file into this folder.

3. Add the following line to your php.ini file for loading the ZendGuardLoader:zend_extension=/root/zend/ZendGuardLoader.soNote: php.ini file can be found in /etc/php5/apache2

4. Add an additional line to your php.ini for enabling ZendGuardLoader; Enables loading encoded scripts. (default: On)zend_loader.enable=1

5. Add the following line to disable license key check:zend_loader.disable_licensing=0

6. Modify obfuscation level support by adding the following line:zend_loader.obfuscation_level_support=3

7. Set Zend Loader license path:zend_loader.license_path=/etc/php5/apache2/Embarc_private_key.zl

8. Restart your Web server by issuing the following command:service apache2 restart

Zend optimizer is now installed on the server.

Installing Webmin for easy administration of the Server

Webmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms (and Java for the File Manager module), you can setup user accounts, Apache, DNS, file sharing and so on.

13

Webmin consists of a simple web server, and a number of CGI programs which directly update system files like /etc/inetd.conf and /etc/passwd. The web server and all CGI programs are written in Perl version 5, and use no non-standard Perl modules.

Download the Debain Webmin package from http://www.webmin.com/download.html and open it using the Synaptics Package Manager. This will begin the installation of the Webmin package.

Once the installation is complete, you can access the Webmin Web Interface on the server using the following URL: https://localhost:10000

Standard modules supported by Webmin 1.630

Name Description

ADSL Client Set up a PPP client with the RP-PPPoE package.

Apache Webserver Configure almost all Apache directives and features.

BIND 4 DNS Server Create and edit domains and DNS records.

BIND DNS Server Create and edit domains, DNS records, BIND options and views.

BSD Firewall Configure a BSD firewall using IPFW, by creating and editing rules.

Backup Configuration Files Perform manual or scheduled backups and restores of configuration files managed by Webmin modules.

Bacula Backup System Configure Bacula to perform backups and restores manually or on schedule, for one or many systems.

Bandwidth Monitoring View reports on bandwidth usage by host, port, protocol and time on a Linux system.

Bootup and Shutdown Setup scripts to be run at boot time from /etc/init.d or /etc/rc.local.

CD Burner Burn data CDs from ISO images or selected directories.

CVS Server Setup a remotely-accessible CVS server, manage users and browse the repository.

Change Language and Theme Allows the current Webmin user to change his language, theme and possibly password.

Change Passwords Change the password of any user on the system.

Cluster Change Passwords Change passwords on multiple systems in a Webmin cluster at once.

14

http://www.webmin.com/download.html


Cluster Copy Files Schedule the transfer of files from this server to multiple servers in a Webmin cluster.

Cluster Cron Jobs Create scheduled Cron jobs that run on multiple servers simultaneously.

Cluster Shell Commands Run commands on multiple servers at once.

Cluster Software Packages Install RPMs, debian and solaris packages across multiple servers from one source.

Cluster Usermin Servers Install and manage modules and themes across multiple Usermin servers.

Cluster Users and Groups Create, update and delete users and groups across multiple servers. Unlike NIS, each server has its own passwd and group files which are remotely updated by this module.

Cluster Webmin Servers Install and manage modules, themes, users, groups and access control settings across multiple Webmin servers.

Command Shell Execute shell commands and view their output.

Configuration Engine Configure the CFengine program, for checking and maintaining various system-administration settings.

Custom Commands Create buttons to execute commonly used commands or edit files on your system.

DHCP Server Manage shared networks, subnets, hosts and groups for ISC DHCPD.

Disk Quotas Setup and edit user or group disk quotas for local filesystems.

Disk and Network Filesystems Mount filesystems and swap files usually configured in /etc/fstab or /etc/vfstab.

Dovecot IMAP/POP3 Server Configure the Dovecot IMAP and POP3 mail retrieval server.

Fetchmail Mail Retrieval Configure the popular fetchmail program for automatically retrieving mail from other servers.

File Manager View, edit and change permissions on files and directories on your system with a Windows-like file manager.

Filesystem Backup Backup and restore filesystems using the dump and restore family of commands.

Filter and Forward Mail Create rules to filter and forward incoming email.

Frox FTP Proxy Configure Frox, a transparent proxy for FTP clients.

GRUB Boot Loader Configure the Linux GRUB boot loader to allow the selection of various operating systems and kernels at boot time.

HTTP Tunnel Connect to another HTTP server via a tunnel through the Webmin server.

Heartbeat Monitor Configure the Heartbeat package for automatic server failover in a cluster.

IPFilter Firewall Configure a firewall using the IPFilter package, by creating and editing rules.

IPsec VPN Configuration Set up a client or server for an IPsec VPN using FreeSWAN.

Initial System Bootup Configure low-level services to be run at boot time, and select the initial runlevel.

Jabber IM Server Configure the multi-protocol Jabber messaging server.

Kerberos5 Configure the Kerberos 5 client on your system.

15

LDAP Client Configure your system as an LDAP client for users and groups.

LDAP Server Manage the OpenLDAP server and objects in its database

LDAP Users and Groups Manage users and groups stored in an LDAP database, used for Unix, Samba and Cyrus IMAP authentication.

Linux Bootup Configuration Edit kernels and partitions selectable at boot time with LILO.

Linux Firewall Configure a Linux firewall using iptables. Allows the editing of all tables, chains, rules and options.

Linux RAID Create RAID 0, 1, 4, 5 and linear devices on a Linux system.

Log File Rotation Set up the automatic rotation of Apache, Squid, Syslog and other log files.

Logical Volume Management Configure volume groups, physical volumes and logical volumes for Linux LVM.

MIME Type Programs Edit the /etc/mailcap file, which maps MIME types to handler programs

MON Service Monitor Setup MON, a powerful service monitor and alerting system.

Majordomo List Manager Create and configure mailing lists for Majordomo.

MySQL Database Server Setup databases, tables and permissions in your MySQL database server.

NFS Exports Edit file shares as defined in the Irix /etc/exports file

NFS Exports Edit NFS file shares defined in /etc/exports.

NFS Exports Edit file shares from the FreeBSD /etc/exports file.

NFS Exports Edit NFS file shares defined in /etc/exports.

NFS Exports Edit file shares as defined in the HPUX /etc/exports file.

NFS Shares Edit file shares as defined in the /etc/dfs/dfstab file.

NIS Client and Server Setup a system as an NIS client, master or slave server. Note that NIS+ is not supported.

Network Configuration Configure boot time and active interfaces, DNS, routing and /etc/hosts.

Network Services Edit servers handled by Xinetd, a replacement for inetd.

Network Services and Protocols Edit services in /etc/inetd.conf, /etc/services and /etc/rpc.

OpenSLP Server Configure the service location protocol server.

PAM Authentication Configure the PAM authentication steps used by services such as telnet, POP and FTP.

PHP Configuration Configure PHP settings for the whole system or invidivual Apache virtual servers.

PPP Dialin Server Set up a dialin server using mgetty and PPP.

PPP Dialup Client Configure the WV-Dial package to connect to the Internet with a modem PPP connection

PPTP VPN Client Configure and establish connections to a VPN server using the PPTP protocol.

PPTP VPN Server Set up your system as a PPTP server so that Linux or Windows VPN clients can connect.

16


Partitions on Local Disks Create and edit paritions on local disks on Solaris.

Partitions on Local Disks Create and edit paritions on local SCSI and IDE disks on Linux.

Perl Modules Install new Perl modules on your system, and view those already installed.

Postfix Mail Server Configure the Postfix mail server.

PostgreSQL Database Server Manage databases, tables and users in your PostgreSQL database server.

Printer Administration Create and edit local and remote printers. Supports Windows print servers and Ghostscript print drivers.

ProFTPD Server Configure the powerful ProFTPD FTP server. Supports all options in most of the standard modules.

Procmail Mail Filter Edit recipes in the global /etc/procmailrc file, which apply to all incoming email.

Protected Web Directories Create .htaccess and htpasswd files to protect web-acessible directories.

QMail Mail Server Configure the QMail mail server, a simpler alternative to Sendmail.

RBAC and Projects Manage RBAC user attributes, profiles and authorizations.

Read User Mail Read email in users’ mailboxes.

Running Processes List, kill and renice running processes on your system.

SMART Drive Status Check the status of IDE drives to detect problems and potential failures.

SSH Login Login to your system with SSH or telnet.

SSH Server Setup the SSH server for remote secure logins.

SSL Tunnels Setup SSL tunnels to encrypt services like POP3 and IMAP, using stunnel run from inetd.

Samba Windows File Sharing Create and edit samba file and print shares.

Scheduled Commands Schedule the execution of one-off commands or scripts.

Scheduled Cron Jobs Create, edit and delete Cron jobs.

Scheduled Webmin Functions

Define Webmin module functions that are called on a regular schedule by the Webmin webserver

Security Sentries Configure the portsentry, hostsentry and logcheck system security monitoring programs.

Sendmail Mail Server Manage sendmail aliases, masquerading, address rewriting and other features.

Service Management Facility Configuration Edit services under control of Service Manangement Facility SMF(1).

Shorewall Firewall Lets you edit the most useful tables of the Shorewall Firewall

Software Package Updates Displays available package updates from YUM, APT or other update systems

Software Packages Manage software packages on your system, and install new packages.

Solaris Zones Create and manage Solaris 10 zones.

17

SpamAssassin Mail Filter Set up and configure SpamAssassin to filter email received by your system.

Squid Proxy Server Configure Squid options, ACLs, caching parameters and proxy users.

Squid Report Generator Configure and schedule SARG, a tool for generating reports from Squid access logs.

System Documentation View man pages, HOWTOs and other package documentation.

System Logs Configure the syslog server on your system and view its log files.

System Logs NG Configure the Syslog-NG server on your system and view its log files.

System Status Background system status collection libraries

System Time Set the sytem and hardware time either manually or from a time server.

System and Server Status View the status of services on your system and on remote systems.

TCP Wrappers Configure the TCP wrappers networking access control files

Thirdlane PBX Manager Thirdlane PBX Manager

Upload and Download Upload multiple files to the server, and download multiple URLs either immediately or in the background at a scheduled time.

Usermin Configuration Configure global options for the Usermin user account management server.

Users and Groups Create and edit Unix users and groups from the /etc/passwd and /etc/group files.

Voicemail Server Set up your system as an answering machine using vgetty

WU-FTP Server Configure the access control, anonymous FTP and other options of WU-FTPd.

Webalizer Logfile Analysis Generate reports from webserver, proxy server and FTP log files

Webmin Actions Log View detailed logs of actions by Webmin users.

Webmin Configuration Configure Webmin itself, such as allowed hosts, SSL, installed modules and themes.

Webmin Servers Index Displays an index of other Webmin servers for easy linking.

Webmin Users Create Webmin users and configure which modules and features they are allowed to access.

idmapd daemon Manage the NFS ID mapping daemon.

Additional PHP Modules

Many components of the software make use of additional libraries which doesn’t install when installing the default LAMP Server. Please perform the following additional steps to install the libraries.

18


1. Click System > Administration > Synaptic Package Manager

2. Type php5 in the Quick filter box3. Select the following packages

php5php5-dbgphp5-devphp5-commonphp5-recodephp5-ldapphp5-pspellphp5-snmpphp5-curlphp5-xslphp5-xmlrpcphp5-gmpphp5-gdphp5-pgsqlphp5-odbcphp5-cliphp5-sqlitephp5-cgiphp5-tidylibapache2-mod-php5php5-mysql

4. Type mysql in Quick filter box5. Select the following packages:

libdbd-mysql-perllibdbi-perllibmysqlclient-devlibmysqlclient18librdf0mysql-clientmysql-client-5.5mysql-client-core-5.5mysql-common

19

mysql-servermysql-server-5.5mysql-server-core-5.5rsysloglibmyodbclibmysql++-devlibmysql++3

6. Click on Apply

Installation Complete

This completes the Operating System installation and required components for the Find’n’Secure Server. In the next chapter we shall be configuring the Server with the required settings and for optimal performance.

20


C HA PT E R 2

LINUX CONFIGURATION

In the previous chapter we have seen how to do a fresh installation over the Server. In this section, will we learn how to configure Linux to maximize throughput. Once your system completes the boot cycle it will come to the login screen, enter username as ‘root’ and your system administrator password and proceed to login. You will see the screen similar to the one shown below :

Ubuntu Desktop is pretty intuitive and fairly simple to configure. We will now take you quickly through the steps of configuration. You may configure almost complete Linux from the Webmin Web Interface that you installed.

Firewall Configuration

Firewall is one of the best known defences for the linux systems against hackers and it enhances Operating System security to allow only the known ports to be opened.Ubuntu comes equipped with a firewall system known as ufw. You must enable the firewall by issuing the following command:

ufw enable

When using the Linux firewall we need to enable few ports to allow in-bound traffic on the Server for the following services:

21

Service Name Port Number

SSH 22

HTTP Server 80

Tracking Devices 21000

VNC Server (If installed) 5901

Webmin (if installed) 10000

Issue the following commands to enable these ports:ufw allow 22ufw allow 80ufw allow 21000ufw allow 10000ufw allow 5901

This will configure the basic firewall for the Server. If you want more control over the firewall system you can make use of the Webmin interface to create rules.

Disabling Firewall

In case you want to disable to firewall on the Ubuntu Server, you can issue the following command on the Server.

ufw disable

Network Configuration

22


Setting up communication with the internet is the most important aspect of the Server setup. We will make use of the Webmin for performing this setup. Please follow the steps below to configure your network interface.

1. Open up the Web browser (Firefox) and type the following URL : https://localhost:10000

2. Login to the software using your root login

3. Click on Networking > Network Configuration > Network Interfaces > Activated at Boot

4. Select the network interface you wish to configure, generally network interfaces are number from eth0 and lo stands for loop-back interface.

5. If you server is directly connected to the internet then you should configure it according to the configuration provided by

23

your internet provider. Otherwise you can use the LAN settings of your internal network to configure this server.

6. Once you have entered all the parameters, click Save and return to network interfaces > network configuration

7. Configure Routing and Gateways

8. Configure Hostname and DNS Client

9. Click on Apply Configuration

MySQL

MySQL is a Relational Database Management System (RDBMS) and is one of the most important components. All the data arriving from all the tracking units is broken down, analyzed and stored in database as history component from where various types of reports and all previous visited locations and other information is primarily acquired. Setting up MySQL is simple and involves only few steps.

If you have not set the MySQL password during the setup you can use the following method to set the new password.

Open Terminal from Accessories and issue the following command:

mysqladmin -u root password <root password>

Example: mysqladmin -u root password embarc

24


The above command will set the password for root access. To check that everything is running fine simply issue “mysql –p” in the terminal. It will ask you for root password which you issued in the command e.g., embarc in this case. After you press enter you will see the Welcome Screen of MySQL, just type “quit” on the prompt to return to terminal prompt.

MySQL Configuration File

As MySQL is the most important component of the system it is essential that it performs with ultimate efficiency and must be able to take up higher loads. By default MySQL is configured to run on the minimum configuration which makes it a low-end engine. So we need to adjust some parameters for performance. MySQL configuration file is present at location /etc/mysql/my.cnf. The listing below is an optimized version of my.cnf file for a Server having 2+ GB RAM. You may find some good examples at http://forge.mysql.com

#----------------------------------------------------------## my.cnf file##----------------------------------------------------------

# See:## http://dev.mysql.com/doc/refman/5.1/en/server-options.html# http://dev.mysql.com/doc/refman/5.1/en/option-files.html

25

#

# You can also dump all the variables set for mysqld with:## mysqld --verbose --help#

#----------------------------------------------------------------# Example MySQL config file for very large systems.## This is for a large system with memory of 1G-2G where the system runs mainly# MySQL.## You can copy this file to# /etc/my.cnf to set global options,# mysql-data-dir/my.cnf to set server-specific options (in this# installation this directory is /var/lib/mysql) or# ~/.my.cnf to set user-specific options.#

# In this file, you can use all long options that a program supports.

# If you want to know which options a program supports, run the program# with the “--help” option.

# The following options will be passed to all MySQL clients[client]#password = your_password

26


port = 3306socket = /var/lib/mysql/mysql.sock

# Here follows entries for some specific programs

# The MySQL server[mysqld]port = 3306

socket = /var/lib/mysql/mysql.sock

skip-external-lockingopen_files_limit = 12000

key_buffer = 384Mmax_allowed_packet = 1Mtable_cache = 5000sort_buffer_size = 2Mread_buffer_size = 2Mread_rnd_buffer_size = 8Mmyisam_sort_buffer_size = 64Mthread_cache_size = 8query_cache_size = 32M

# Try number of CPU’s*2 for thread_concurrencythread_concurrency = 8

# Don’t listen on a TCP/IP port at all. This can be a security enhancement,# if all processes that need to connect to mysqld run on the same host.# All interaction with mysqld must be made via Unix sockets or named pipes.# Note that using this option without enabling named pipes on Windows

27

# (via the “enable-named-pipe” option) will render mysqld useless!#

#skip-networking

# Disable Federated by defaultskip-federated

# Replication Master Server (default)# binary logging is required for replicationlog-bin=mysql-bin

# required unique id between 1 and 2^32 - 1# defaults to 1 if master-host is not set# but will not function as a master if omittedserver-id = 1

# Replication Slave (comment out master section to use this)## To configure this host as a replication slave, you can choose between# two methods :## 1) Use the CHANGE MASTER TO command (fully described in our manual) -# the syntax is:## CHANGE MASTER TO MASTER_HOST=<host>, MASTER_PORT=<port>,# MASTER_USER=<user>, MASTER_PASSWORD=<password> ;## where you replace <host>, <user>, <password> by quoted strings and

28


# <port> by the master’s port number (3306 by default).## Example:## CHANGE MASTER TO MASTER_HOST=’125.564.12.1’, MASTER_PORT=3306,# MASTER_USER=’joe’, MASTER_PASSWORD=’secret’;## OR## 2) Set the variables below. However, in case you choose this method, then# start replication for the first time (even unsuccessfully, for example# if you mistyped the password in master-password and the slave fails to# connect), the slave will create a master.info file, and any later# change in this file to the variables’ values below will be ignored and# overridden by the content of the master.info file, unless you shutdown# the slave server, delete master.info and restart the slaver server.# For that reason, you may want to leave the lines below untouched# (commented) and instead use CHANGE MASTER TO (see above)## required unique id between 2 and 2^32 - 1# (and different from the master)# defaults to 2 if master-host is set# but will not function as a slave if omitted#server-id = 2

29

## The replication master for this slave - required#master-host = <hostname>## The username the slave will use for authentication when connecting# to the master - required#master-user = <username>## The password the slave will authenticate with when connecting to# the master - required#master-password = <password>## The port the master is listening on.# optional - defaults to 3306#master-port = <port>## binary logging - not required for slaves, but recommended#log-bin=mysql-bin## binary logging format - mixed recommended #binlog_format=mixed

# Point the following paths to different dedicated disks#tmpdir = /tmp/#log-update = /path-to-dedicated-directory/hostname

# Uncomment the following if you are using InnoDB tables#innodb_data_home_dir = /var/lib/mysql/

30


#innodb_data_file_path = ibdata1:2000M;ibdata2:10M:autoextend#innodb_log_group_home_dir = /var/lib/mysql/# You can set .._buffer_pool_size up to 50 - 80 %# of RAM but beware of setting memory usage too high#innodb_buffer_pool_size = 384M#innodb_additional_mem_pool_size = 20M# Set .._log_file_size to 25 % of buffer pool size#innodb_log_file_size = 100M#innodb_log_buffer_size = 8M#innodb_flush_log_at_trx_commit = 1#innodb_lock_wait_timeout = 50

[mysqldump]quickmax_allowed_packet = 16M

[mysql]no-auto-rehash

# Remove the next comment character if you are not familiar with SQL#safe-updates

#----------------------------------------------------------

[isamchk]key_buffer = 256Msort_buffer_size = 256Mread_buffer = 2Mwrite_buffer = 2M

#----------------------------------------------------------

31

[myisamchk]key_buffer = 256Msort_buffer_size = 256Mread_buffer = 2Mwrite_buffer = 2M

#----------------------------------------------------------

[mysqlhotcopy]interactive-timeout

#----------------------------------------------------------

Speed Tweak

‘Tweak’ compresses the content of your web server in real time, barring a few formats that will have no or nearly no benefit from it (images and/or already compressed files like a zip) or files that may even become corrupted when compressed further (e.g. the .pdf format). Basically at the cost of a little bit of CPU time, pages will become smaller with the following benefits:

Faster loading pages Lower bandwidth costs

For more information, just search for “http compression” keyword in any internet search engine.

mod_deflate

32


This module enables http compression over the Apache server. The following process helps in activating mod_deflate on Apache server over Linux :

1. Open your favorite console application (Xterm, Konsole, etc)

2. Execute a2enmod deflate3. Now open /etc/apache2/httpd.conf in your favorite text editor (gedit, etc) and append the configuration text below:

SetOutputFilter DEFLATESetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ \ no-gzip dont-varySetEnvIfNoCase Request_URI \ \.(?:exe|t?gz|zip|bz2|sit|rar|7z|swf|pdf)$ \ no-gzip dont-varyBrowserMatch ^Mozilla/4 gzip-only-text/htmlBrowserMatch ^Mozilla/4\.0[678] no-gzipBrowserMatch \bMSIE !no-gzip !gzip-only-text/html

ExpiresActive OnExpiresDefault A0

# Set up caching on media files for 1 year (forever?)<FilesMatch "\.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav)$">ExpiresDefault A29030400Header append Cache-Control "public"</FilesMatch> # Set up caching on media files for 1 week<FilesMatch "\.(gif|jpg|jpeg|png|swf)$">ExpiresDefault A604800Header append Cache-Control "public"</FilesMatch> # Set up 2 Hour caching on commonly updated files<FilesMatch "\.(xml|txt|html|js|css)$">ExpiresDefault A7200Header append Cache-Control "proxy-revalidate"</FilesMatch> # Force no caching for dynamic files<FilesMatch "\.(php|cgi|pl|htm)$">ExpiresActive Off

33

Header set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"Header set Pragma "no-cache"</FilesMatch>

5. Save the file and close it.6. Restart apache by executing service apache2 restart

Confirming it works

Visit http://www.weboptimization.com and use their analyze tool to find out that everything is working fine.

If your site is using mod_deflate the test will show you the following message:

# Congratulations. This site is using HTTP compression, otherwise called content encoding using gzip. The sizes reported here are for compressed content sent from the server to the client.

MySQL Updation

MySQL is one of the most essential components for proper server functionality and therefore its constant up-gradation and maintenance should be done. You may frequently visit http://www.mysql.com to find out the latest server updates and download the fixes and upgraded versions and install it over the server. Software is generally kept up-to-date and latest releases might require latest MySQL libraries to be installed over the server.

34

http://www.mysql.com/

http://www.weboptimization.com/

C HA PT E R 3

SOFTWARE INSTALLATION

Since you have installed and configured Linux, we now take you through the steps required for software installation. It is pretty straight forward to install the software and prepare it for execution. The following steps will guide you to perform software installation —

1. Copy the provided software installation file in the folder “/root/Installation”.

2. Extract the contents of the file in the folder using the following command “unrar x Installation.rar”.

3. Open the terminal window and execute the following command :

“sh install.sh”4. Installation requires Find’n’Secure® Username and

Password which is provided along with the package.5. Enter your Find’n’Secure® Username6. Enter your Find’n’Secure® Password7. Enter the password for root user of your MySQL server8. Installation will prompt you to remove the old database

present in the system. If you input ‘yes’ then all your previous data is removed from the database. Please note that you should take a backup of the old database if you are performing repair job.

Software installation is now complete. To check the software installation open up Firefox browser and put the following address in the address bar of the browser window – http://127.0.0.1

http://127.0.0.1/

Before proceeding further, you must login to the software as an administrator for performing some essential steps required for running the software correctly. Default username for administrator login is “admin” and default password for the account is “admin”. After the login, you will see the following screen.

Click on the Global Settings button on the left hand side and the following screen will appear:

36


USER SETTINGSYou can select Default Language, Default Time-zone & Metric System in which the software will work by default. All the users logging into the software will have these preferences set as default.

MAP SETTINGSFind’n’Secure® Version 4.0 supports Google® Maps in addition to many others. You may set default parameters that are loaded up whenever a user logs in the software. The following table describes different options available:Default Latitude & Longitude

Default center location for map service, for example :Latitude : +28.004102Longitude : +77.684326Whenever map is loaded on the browser window it will automatically set the

37

display center to this Latitude/LongitudeGoogle® Key Google® Maps API key provided by

Google® for your domainGoogle Client ID Client ID provided by Google® to its

Google Maps API for Business customers.

Digital Signature A digital signature is used only by Google Maps API for Business customers. This field is actually the cryptographic key provided by Google.

Bing Key If you wish to use Bing Maps, please enter the Bing Maps key, provided by Microsoft. The procedure to get a Bing Maps key is explained later in this section.

Cloudmate Key If you need to use Cloudmate Maps with Find’n’Secure, you should enter a Cloudmate API key.

Zoom level Default Zoom level to which map service will be set is defined by this option

Refresh Interval Servers constantly get packets from the tracking units. This option controls how fast browsers shall fetch new locations from the server.

Your domain administrator should create and forward a sub-domain to your server IP address, for example:Domain Name : www.findnsecure.comIP Address : 67.222.62.165New sub-domain : trackv4.findnsecure.comIP Address : 71.19.240.175

38

http://www.findnsecure.com/


Find’n’Secure loads Google Maps using an API key. Using an API key enables you to monitor your application's Maps API usage, and ensures that Google can contact you about your application if necessary. If your application's Maps API usage exceeds the Usage Limits, you must load the Maps API using an API key in order to purchase additional quota.To create your Google API key:

1. Visit the APIs Console at https://code.google.com/apis/console and log in with your Google Account.

2. Click the Services link from the left-hand menu.3. Activate the Google Maps API v3 service.4. Click the API Access link from the left-hand menu. Your

API key is available from the API Access page, in the Simple API Access section. Find’n’Secure uses the Key for browser apps.

https://code.google.com/apis/console

To create your Bing API key:1. Go to the Bing Maps Account Center at

https://www.bingmapsportal.com.i. If you have a Bing Maps Account, sign in with the

Windows Live ID that you used to create the account.ii. If you do not have a Bing Maps Account, click Create,

and follow the instructions in Creating a Bing Maps Account.

2. Select Create or view keys under My Account.3. In the Create key box on the My keys page, provide the

following information for Find’n’Secure application that will use the Bing Maps key:

i. Application name: Required. The name of the application, i.e. Find’n’Secure

ii. Application URL: The URL of the application.iii. Key type: Required. Select the key type as “Basic”.

The key and application types you choose determine

39

http://msdn.microsoft.com/en-us/library/gg650598.aspx

http://msdn.microsoft.com/en-us/library/gg650598.aspx

https://www.bingmapsportal.com/



https://developers.google.com/maps/documentation/javascript/usage#usage_limits

your usage limits. For more information, see the Bing Maps Terms of Use.

iv. Application type: Required. Select “Public website” as the application type.

4. Type the characters of the security code, and then click Submit. The new key displays in the list of available keys. Use this key to authenticate your Bing Maps application as described in the documentation for the Bing Maps API you are using.

Note: If you want to upgrade your account to be an enterprise account, contact Bing Maps for Enterprise.

To create your Cloudmate API key:1. Login/Register on Cloudmate Account portal at

http://account.cloudmade.com/signin.2. Click on the button labeled “GET API KEY”, under API Keys

section.3. In the modal box displayed, provide the following

information for Find’n’Secure application:i. Platform: Required. Choose “Web”ii. Application Name: Required. The name of the

application, i.e. Find’n’Secureiii. Application URL: The URL of the application.iv. Promote My App: Optional. Uncheck this box.

4. Click on the “Register” button.5. You’ll get the API key in a few seconds.

SMTP SETTINGSSimple Mail Transfer Protocol (SMTP) Server is used for sending emails from the software to users and administrator. If SMTP is not properly setup then you will not receive any mail alerts from the software. If you don’t have a SMTP server, Find’n’Secure®

version 4.0 allows you to use Gmail if the sending-load is not very high. If you are using the software for providing commercial service we recommend you to use a paid SMTP server or setup your own SMTP server, whichever you prefer. SMTP Server Server address for the SMTP server. For

example: smtp.gmail.com (Gmail SMTP

40

http://account.cloudmade.com/signin

http://www.microsoft.com/maps/contact.aspx

http://msdn.microsoft.com/en-us/library/ff428642.aspx#bmtou

http://msdn.microsoft.com/en-us/library/ff428642.aspx#bmtou


server).SMTP Port Port number on which the server SMTP

service is being hosted. Default SMTP port is 25.

Authenticate SMTP

If SMTP server requires authentication then this option must be checked.

SMTP Username Username to be used for logging into SMTP server.

SMTP Password Password to be used for logging into SMTP Server.

Use SSL Check this option if SMTP server requires Secure Sockets Layer (SSL) Authentication. It is more secure to use SSL Authenticated email system since the communication channel is encrypted.

Administrator Email

Please type in the administrator email address here on which all the important notifications from the software are required to be transferred.

UNDERSTANDING CONFIGURATION FILE (CONFIG.SYS)Server administrators may need to fine tune the system or change certain parameters as per server hardware or network connectivity. In this section we will have a look at the config.sys file which allows you to perform these operations. Lines starting with # sign are comments and you should be very careful in editing config.sys file as even a small error might lead to complete service halt.

Property ValueUDPServerName Hosting IP address of the UDP

service. If you have multiple interfaces installed over the server than you might need to select the interface on which UDP service will

41

be hosted. The default value of this property is 0.0.0.0 which means UDP service will be started on all the interfaces.Default: 0.0.0.0

UDPServerPort UDP port number on which service is to be hosted.By default 21000 is used by the software and this port is required to be forwarded by your router/firewall to this server. All the communication via tracking unit is performed through this port when UDP protocol is working in the tracking unit.Default: 21000

TCPServerName This property allows you to start TCP server for communication with the tracking units. This is equivalent to the UDPServerName and has similar default value. Default: 0.0.0.0

TCPServerPort TCP port number on which service is to be hosted.By default 21000 is used by the software and this port is required to be forwarded by your router/firewall to this server. All the communication via tracking unit is performed through this port when TCP protocol is working in the tracking unit. Default: 21000

42


FilterIP For internal use of the software.

Default: 0.0.0.0

FilterPort For internal use of the software.

Default: 21001

UDPSendIP UDP sending server is started on this IP address for performing communication with the tracking units.Default: 0.0.0.0

UDPSendPort UDP sending server port number on which service is to be hosted.Default: 23000

UDPforTCP_OPSServerName

For internal use of the software.

Default: 0.0.0.0

UDPforTCP_OPSServerPort

For internal use of the software.

Default: 23001

UDPPacketSize For internal use of the software.

Default: 1500

FilterPacketSize For internal use of the software.

Default: 1600

ServerReceiveBuffer For internal use of the software.

Default: 1026576

ServerSendBuffer For internal use of the software.

Default: 1026576

MinSendTime For internal use of the software.

Default: 0

MailerCommand Software has a daemon process which constantly keeps on checking

43

for the new alerts/events happening on the server. These alerts/events are processed by a mailer script which is by default written in PHP 5.0. If you need to modify this behavior of the system you can insert your own script and place the right command here to process accordingly.Default: “cd /var/www/php; php Services/mailer.php"

NumberOfTriggers Number of triggers configured over the server to be received by UDP server. As described below under the properties Trigger[x]Name, Trigger[x]Event, Trigger[x]Offset, you can configure various triggers in the software to be executed when this command is received by UDP Server.It may be used along with any 3rd party software to allow the expansion of the communication protocol. We will demonstrate the process with the help of a small illustration after this table.Default: 9

Trigger[x]Name Represents the name of the Trigger which is to be sent to the UDP server to execute the trigger, for example – locatex represents number value from 1 – NumberOfTriggersDefault: “locate”

44


Trigger[x]Event Represents the script execution path of the Trigger which is executed on receiving of the trigger.Default: "php /srv/www/cgi-bin/locate.php"

Trigger[x]Offset = 0 Represents the offset of the command where server should search whenever a string is received by UDP server.Default: 0

BanUser[x] This property is used for banning one or more IP address, for exampleBanUser[1] = “67.23.44.51”BanUser[2] = “67.23.44.55”Will add two IP address to the ban list and server will drop all the packets received from these IP addresses.

DeviceName To open COM1 on the server enter ‘/dev/ttyS0’Default: "/dev/ttyS0"

DeviceBaud Default: 115200

DeviceInitialize Default: “AT E0 I0”

DeviceParity Default: "NONE"

TerminalIP Default: 0.0.0.0

TerminalPort Default: 22000

DatabaseRefreshTimer This property is used for setting up the performance for processing the data received by the server from

45

the tracking unit. The value is in seconds.Default: “1”

GeofenceRefreshTimer Time gap after which Geofence server checks for geofence related functions. This property is in seconds.Default: “1”

MailerRefreshTimer Time gap after which mailer server fetches new alerts/events. This property is in seconds.Default: “1”

DBFServername Database server name or IP address. This is the address of your MySQL server, if you are hosting the database server on the application server itself then the value of this property will be “localhost” otherwise you can set it appropriately. For example, if a server with local IP 192.168.1.10 is hosting MySQL service then we may use the following settings —DBFServername = “192.168.1.10”Default: “localhost”

DBFUsername Username through which the connections to the database server is established. Generally we connect to the database by using “root” username

Default: “root”

46


DBFDatabase Database name to be used by findnsecure applications. MySQL can be used by multiple softwares running over your server and each software may have its own database. Similarly Find’n’Secure®

version 3.0 has its own database by default it is named as “fnsv2”. If you want to change the name of the Database file, you may modify accordingly.

Default: “fnsv4”

DBFPassword Password required for connecting to the database server related to the DBFUsername.Default: “embarc”

LicenseUsername Find’n’Secure® license username provided by the company (i.e. Embarc Information Technology Pvt Ltd.)Default: <Provided by Embarc>

LicensePassword Find’n’Secure® license password provided by the company (i.e. Embarc Information Technology Pvt Ltd.)Default: <Provided by Embarc>

sat_email_server Enter the server details used for

47

receiving mails of satellite tracking devices.Format: “<POP server>:<PORT>”

Default: “pop.gmail.com:995”

sat_email_username Username of email ID used for receiving mails of satellite tracking devices.Default: “”

sat_email_password Password of email ID used for receiving mails of satellite tracking devices.

Default: “”

sat_email_ssl Indicates whether the sat_email_server uses SSL or not.

Accepted Values: yes/no

Default: “yes”

sat_fetch_interval Mail fetch interval for satellite tracking devices. (in minutes)

Default: “2”

PHPPath Enter the path of PHP files used in operations of Alert Centre.

Default: “/var/www/php”

ATRXMailPath Path of mail templates for Alert Centre.

48


Default: "Services/ATRXMail.php"

rdEnable Enable or disable saving of raw data from tracking devices.Accepted Values: true/false

Default: “true”

rdServer Hostname of database server, where raw data should be sent.

Default: “localhost”

rdDatabase Name of database in which raw data should be stored.

Default: “fnsraw”

rdDBFUser Username for connecting to raw database.

Default: “root”

rdDBFPass Password for connecting to raw database.

Default: “embarc”

SETTING UP TRIGGERSFind’n’Secure® version 4.0 supports an important facility to perform operations in conjunction with 3rd Party software which are capable of passing URL with parameters (in GET request format) or directly connecting with the software backend and pass triggers using network. This provides exceptional facility of extending software capabilities with customized applications

49

designed over the base platform of Find’n’Secure. The illustration below shows the communication channel and the flow of process.

Find’n’Secure® config.sys file allows you to expand the triggers as mentioned in the previous topic. You can develop PHP scripts which may be placed in your own folder for execution. Let us show you a custom trigger example using Apache web server.Create a new folder by name customeevents in /srv/www/cgi-bin

Create a new file by name test.php in /srv/www/cgi-bin/customevents. Source code for this test script is shown below.

<?php

/*

50


©Find’n’Secure® 2011

URL sent to apache is in the following format:

http://track.findnsecure.com/cgi-bin/customevents/test.php?tid=12345&pass=test

Parameters :

tid = Tracker ID

pass = Password of the user account associated with the tracker ID

Objective:

This program takes in the tracker ID and prints out the username. You can make use of Apache URL calling to perform inquiry.

*/

require_once(“../mysql.php”)

function dberror($emsg)

{

print $emsg;

die;

}

$db = mysql_connect(“localhost”,”user”,”pass”,1);

mysql_select_db(“fnsv2”) or dberror(“database error”);

51

http://track.findnsecure.com/cgi-bin/customevents/test.php?tid=12345&pass

http://track.findnsecure.com/cgi-bin/customevents/test.php?tid=12345&pass

$query = “SELECT * FROM trackers where trackerid=\””.$_GET[‘tid’].”\””;

$result = mysql_query($query,$db);

if ($result == false) dberror(“query error”);

$row = mysql_fetch_assoc($result);

if ($row != false)

{

if ($row[‘password’] == $_GET[‘pass’])

print “username associated is “.$row[‘username’];

}

mysql_free_result($result);

return 0;

?>

FINAL STEPSRestart the server once you have successfully installed the software.MANUAL STARTUP

linux > cd /root/findnsecure

linux > sh start.sh

52


AUTOMATIC STARTUPIn case you want to enable the software services automatically after server bootup, please enable the findnsecure service from the Webmin

1. Open Firefox browser on the server and type the following URL: https://localhost:10000

2. Click on System > Bootup and Shutdown

3. Click on findnsecure service

4. Click on Yes infront of Start at boot time ?

5. Click Save > Logout

Find’n’Secure® software will now automatically start whenever your server boots up.SUMMARYWe have covered all the topics required for setting up the server and this chapter completes the configuration and installation of

53

https://localhost:10000/

your server. After following the steps explained in the preceding paragraphs, your server should be running and ready to add new user accounts and trackers to the software which we shall show you in the subsequent sections. In case you face any trouble with Linux you can use the following references to solve the issues: Linux Administration Handbook (Pearson Education) by

Nemeth, Snyder and Hein http://ubuntu.com Email your queries to [email protected] Bible - Red Hat Linux (Wiley)

54

mailto:[email protected]

http://www.opensuse.org/

introduction · web viewextract the contents of the file in the folder using the following command...

Documents