Install XRDP Remote Desktop to CentOS 6.5

XRDP Logged In

XRDP is a wonderful Remote Desktop protocol application that allows you to RDP to your servers/workstations from any Windows machine, MAC running an RDP app or even Linux using an RDP app such as Remmina. This was written for the new CentOS 6.5 on 64-bit but should work the same on any 6.x and 5.x Red Hat clone with the correct EPEL repositories.

Fist we need to download and install the EPEL repository for your correct version if you do now know what architecture you are using you can verify it with the below command. If the end shows x86_64 then you have a 64-bit install, if it shows i386 then it is a 32-bit install:

[root@server ~]# uname -r
2.6.32-431.el6.x86_64

Once you determine your architecture then you can install the correct EPEL repository with the below commands:

wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm
wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm

You can verify that the EPEL repository is there by running the below command and you should see the EPEL repository listed as you can see here in line #10 which is highlighted:

[root@server ~]# yum repolist
Loaded plugins: fastestmirror, refresh-packagekit, security
Loading mirror speeds from cached hostfile
 * base: mirror.thelinuxfix.com
 * epel: mirror.cogentco.com
 * extras: centos.mirror.nac.net
 * updates: centos.mirror.netriplex.com
repo id                         repo name                                                               status
base                            CentOS-6 - Base                                                          6,367
epel                            Extra Packages for Enterprise Linux 6 - x86_64                          10,220
extras                          CentOS-6 - Extras                                                           14
updates                         CentOS-6 - Updates                                                         286
repolist: 16,887

Once you have verified the EPEL repository is installed correctly you need to perform the last few steps below this will install XRDP and Tiger VNC Server for you to connect to. The Front end of XRDP uses the RDP protocol and internally it uses VNC to connect and display the Remote Desktop to you.

[root@server ~]# yum install xrdp tigervnc-server
[root@server ~]# service vncserver start
[root@server ~]# service xrdp start
[root@server ~]# chkconfig xrdp on
[root@server ~]# chkconfig vncserver on

Once fully installed you should be able to use any RDP client to connect to your machine. When you connect you are brought to the XRDP Login window. For the module keep sesman-Xvnc and just enter your credentials (root, username, etc) and password. Click OK and you will see the processing and you should have your desktop show in a few seconds.
XRDP Login Window XRDP Logged In

If you are not able to get connected to the XRDP Login window check your iptables settings. If you are using iptables you need to edit your rules and add the port 3389 to the INPUT list. You can use the below commands to accomplish this (note that the port number shows as the service name ms-wbt-server instead of 3389):

[root@server ~]# iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 3389 -j ACCEPT
[root@server ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@server ~]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]
[root@server ~]# 
[root@server ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ms-wbt-server
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited


Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Passed the Cisco CCNA Security 640-554

CCNA_security_largeWell it is a wonderful day. I passed the long awaited Cisco CCNA Security today. Scored 938/1000 which is not bad considering a Simulation Question was messed up and not responding correctly.

Any who, down and out now. Time to start preparing for the Juniper JNCIA-Junos :)

Olive, Juniper that is.

Well after some hard work getting this going this week I have finally been able to install JunOS Olive into Qemu VM’s and get them running with GNS3. So far I have tested two Olives in GNS3 together running JunOS 10.1R1.8 and JWeb 10.1 with no issues. I must say with the JunOS running FreeBSD I am taking a lot more liking to it since I have a strong Linux Foundation. Watch out Cisco :)

Anywho below is a diagram of my current setup, so far two routers connected to my physical NIC. Allowing me to VPN into my lab network via my ASA 5505 and manage these via SSH and HTTP:

junos_gns3


root@JunOS_Olive1> show version
Hostname: JunOS_Olive1
Model: olive
JUNOS Base OS boot [10.1R1.8]
JUNOS Base OS Software Suite [10.1R1.8]
JUNOS Kernel Software Suite [10.1R1.8]
JUNOS Crypto Software Suite [10.1R1.8]
JUNOS Packet Forwarding Engine Support (M/T Common) [10.1R1.8]
JUNOS Packet Forwarding Engine Support (M20/M40) [10.1R1.8]
JUNOS Online Documentation [10.1R1.8]
JUNOS Voice Services Container package [10.1R1.8]
JUNOS Border Gateway Function package [10.1R1.8]
JUNOS Services AACL Container package [10.1R1.8]
JUNOS Services LL-PDF Container package [10.1R1.8]
JUNOS Services Stateful Firewall [10.1R1.8]
JUNOS AppId Services [10.1R1.8]
JUNOS IDP Services [10.1R1.8]
JUNOS Routing Software Suite [10.1R1.8]
JUNOS Web Management [10.1R1.8]

Next I plan on integrating my virtual Cisco devices with the Juniper ones for some interoperability familiarization :)

Until next time……

Cisco and Juniper Certification Track

JNCIA

Well its that time again, I sit for my CCNA Security tomorrow which I am feeling quite confident on. On from that I plan on continuing on with the CCNP Security which I want to have done by April next year since I am focusing on completing my Bachelors by November. In the mean time for WGU I am going to also sit the CCNA Routing and Switching here in a few weeks and was also pondering (well actually I am going to push myself) to take the Juniper JCNIA-Junos. I mean why not? Everyone is Cisco this and Cisco that. In my opinion it makes one a lot more marketable to have multiple vendors down. The JCNIA and the JCNIS don’t look overly complicated since I have the strong Cisco Background. Only time will tell but I am excited :)

Updates . . . . .

Well it has been some time since I was able to update my blog. I will be looking to post new stuff soon including personal reviews and tips for daily IT life :) Some of the things I have been playing with include my new Ultrabook, The WiFi Pineapple from Hak5 and Backtrack. Stay tuned for all the goodness.

Cheers :)

Websense Visio Icons

I had someone recently ask me for any Websense Visio Icons. I wanted to post here for others since I have had a number of requests for them but did not have anything available before. These are not the best detailed but they do work for their intended purposes. I hope everyone enjoys. This archive was packaged using 7Zip and scanned with Malwarebytes and Avast and shown clean.

Direct Download: WBSN_Visio.7z

Linux Counter

Well I had been a member of the Linux Counter for years, back in 2004 if I recall correctly. I could not find the information for my account though so today I made a new one. Below is my counter, and if you are a Linux user I encourage you to stand up and be counted :)

Linux Counter Member #551441

New Verizon FiOS Service.

So I ordered the Verizon FiOS for my home office and WOW there is an internet god. The speeds are amazing and so far no issues. I ordered the 25/25 service with the business phone line and could not be happier. Below are the preliminary SpeedTest and PingTest results within a few days of install. Not bad at all if I say so myself. BTW this is the business package with all ports unblocked and 24/7 support for about $120 a month :)

 

 

New Virtualization Hardware for my Home Lab.

Supermicro X9SCM-F-O Server BoardAs some of you know I have been heavily into Virtualization for about the last year since I was with SonicWALL. Now with a company that uses a more complex setup with Websense TRITON my virtual lab has been pushed to the limits it can handle and I am needing a more robust and feature-full virtual server to run my virtual server farm for lab testing and learning.

I thought long and hard for what the best components for the money could be and I think I have really hit the sweet-spot. For under $600 which in the server components world is really cheap I was able to pick up a handful of upgrades that will allow me to run and manage my lab more efficiently and allow for growth for a few years.

The heard of the upgrade components that I chose was the Supermicro MBD-X9SCM-F-O Server Mainboard. This board is designed for the new Xeon E3 Socket 1155 processors and has a feature set that screams. I was able to get this board on NewEgg for around $180 which is a steal. This server board offers 4 DDR3 slots which support up to 32GB of ECC Unbuffered RAM, 4 PCI Express x8 slots (two are x4 electrically), four SATA II and two SATA III Ports, and internal USB port, other standard ports and two Gigabit Ethernet LAN ports. On top of that there is a dedicated IPMI port which support IPMI 2.0, KVM over IP, and the ability to attach ISO images out of band for true remote access.

Intel Xeon E3-1230 Sandy Bridge ProcessorFor the brains of the operation I wanted to have a fast and robust processor that did not set me back a few pay checks. I was looking at some of the older Xeon processors which are tried and true but since this is a new build I wanted to pick a newer processor that had the features and speed I needed for my virtual lab. After reading a number of reviews and sites I settled on what seems to be the best bang for the buck the Intel Xeon E3-1230 Server Processor. The Xeon E3-1230 is a Quad Core processor with a clock speed of 3.2Ghz and a Turbo Speed of 3.6GHz. There is a 256KB Layer 2 cache per core and a shared Layer 3 cache of 8MB. The E3-1230 support HyperThreading which give us 8 virtual cores to work with which is going to be plenty for the virtual machines hosted on this build. Though this is a Sandy Bridge processor there is no integrated video which we don’t need for a server build anyway.

 

The final upgrade for this build is two sets of 8GB (2x4GB) Kingston DDR3 1333MHz ECC RAM(KVR1333D3E9SK2/8G). The server board supports up to 32GB Buffered RAM but with the cheapest 16GB set still well over $300 this upgrade was not cost effective so I opted for two 8GB sets which came to under $150 together. At least I have some more room to upgrade down the road. This set of RAM offers ECC error checking and runs at 1333MHz speeds with a running total of 16GB. With that amount of RAM I can run around eight virtual machines running inside VMWare ESXi 5.0 and about ten if I run them with Citrix Xenserver.

 

This particular server will be employed running VMWare ESXi 5.0 and I will retire the older parts being replaced into a new setup running Citrix Xenserver. The ESXi host will be running my server operating systems and VPN appliances while the Xenserver host will be home to my Windows and Linux clients. Stay tuned in the next few weeks for pics of the builds, full specs, and screen shots of the setups. I will be also putting together a review of the upgraded components listed above.

Finally purchased my first Macbook.

Well I finally took the plunge and bought my first Macbook. It is actually the 13″ Macbook Pro with the aluminum uni-body, back-lit keyboard and Thunderbolt. I opted for the Intel Core i5 dual core and upgraded the ram to 8GB of fast G.Skill DDR3 memory.

So far I am addicted. I am really loving the full Max OS X Lion operating system and the ability to run my Windows apps such as VMWare VSphere using Parallels 7 Coherence mode. Gives me the best of both worlds.

I still have a bit more to learn about the new OS but I can say I am having a joy doing so.