Introduction



Embarc Information Technology (Pvt) Ltd.Copyright ? 04th July, 2013All rights reservedNoticeThis manual, as well as the software described in it, is furnished under license granted by Embarc Information Technology (Pvt) Ltd. to authorized clients and may be used only in accordance with the terms of license granted. The content of this manual is furnished for informational use only, is subject to change without notice, and should not be construed as a commitment by Embarc Information Technology (Pvt) Ltd. While every care has been taken for the correctness of the information, Embarc Information Technology (Pvt) Ltd. assumes no responsibility or liability for any inaccuracies that may have inadvertently crept in this manual.Embarc Information Technology (Pvt) Ltd. reserves right to make changes to specifications/features/utilities at any time and without notice. The information furnished by Embarc Information Technology (Pvt) Ltd. in this manual is believed to be accurate and reliable. Embarc Information Technology (Pvt) Ltd. assumes no responsibility for its use, or for infringements of patents or other rights of third parties resulting from its use. No license will be granted under any patents or patent rights owned by Embarc Information Technology (Pvt) Ltd.Please check up for updated version of user manual at: Use of Google APIFind’n’Secure software uses Google API. Use of Google API is governed by the Terms and Conditions as described in the Google Maps API signup page ()?Printed in India?Table of Contents TOC \o "1-3" \h \z \u Introduction PAGEREF _Toc298077724 \h 5GPS Tracking System PAGEREF _Toc298077725 \h 5GPS Tracking Unit PAGEREF _Toc298077726 \h 5Common Uses PAGEREF _Toc298077727 \h 6Find’n’Secure? PAGEREF _Toc298077728 \h 6Linux Installation PAGEREF _Toc298077729 \h 8Linux Configuration PAGEREF _Toc298077730 \h 19Firewall PAGEREF _Toc298077731 \h 20Disabling Firewall PAGEREF _Toc298077732 \h 21Enabling Ports in Firewall (Linux) PAGEREF _Toc298077733 \h 21Network Adapter PAGEREF _Toc298077734 \h 22Apache (HTTP) PAGEREF _Toc298077735 \h 24MySQL PAGEREF _Toc298077736 \h 25MySQL Configuration File PAGEREF _Toc298077737 \h 26Speed Tweak PAGEREF _Toc298077738 \h 32mod_deflate PAGEREF _Toc298077739 \h 33Confirming it works PAGEREF _Toc298077740 \h 34MySQL Updation PAGEREF _Toc298077741 \h 34Zend Optimizer PAGEREF _Toc298077742 \h 34Software Installation PAGEREF _Toc298077743 \h 38Map Settings PAGEREF _Toc298077744 \h 41SMTP Settings PAGEREF _Toc298077745 \h 42Understanding Configuration File (config.sys) PAGEREF _Toc298077746 \h 43Setting up triggers PAGEREF _Toc298077747 \h 47Final Steps PAGEREF _Toc298077748 \h 50Summary PAGEREF _Toc298077749 \h 51Introduction GPS tracking systemThe Global Positioning System (GPS) is a satellite-based navigation system made up of a network of 24 satellites placed into orbit by the U.S. Department of Defense. GPS was originally intended for military applications, but in the 1980s, the US government made the system available for civilian use free of cost. Initially the highest quality signal was reserved for military use, while the signal available for civilian use was intentionally degraded ("Selective Availability"). Selective Availability was ended in 2000, improving the precision of civilian GPS from about 100m to about 20m. GPS works in any weather conditions, anywhere in the world, 24 hours a day. GPS satellites circle the earth twice daily and transmit signal information. GPS receivers use the information to calculate the user's location by the method of triangulation. Basically, the GPS receiver compares the time a signal was transmitted by a satellite with the time it was received. The time difference tells the GPS receiver how far away the satellite is. The receiver must lock on to the signal of at least three satellites to calculate a 2-D position, the latitudinal and longitudinal position, and track movement. Using four or more satellites, the receiver can determine the user's 3-D position, the latitude, longitude, and altitude. Once the position has been determined, the GPS unit can calculate other information such as speed, track, trip distance, bearing and more. GPS Tracking UnitA GPS tracking unit is a device that uses the Global Positioning System to determine the precise location of a vehicle, person, or any other asset to which it is attached and to record the position of the asset at regular intervals. The recorded location data can be stored within the tracking unit, or it may be transmitted to a central location data base, or internet-connected computer, using a cellular (GSM/CDMA), radio, or satellite modem embedded in the unit. This allows the asset's location to be displayed against a map backdrop either in real-time or when analyzing the track later, using customized mon usesMost common application of GPS tracking system is applied for tracking of moving objects, such as, vehicles. Vehicle tracking systems are commonly used by fleet operators for fleet management functions such as routing, dispatch, on-board information and security. Other applications include monitoring driving behavior, such as an employer of an employee, or a parent with a teen driver. Vehicle tracking systems are also popular in consumer vehicles as a theft prevention and retrieval device. Police can simply see the vehicle in real-time over the tracking system and locate the stolen vehicle.Remote controlling of the vehicle through GPS tracking system is also possible. In such a case owner of the vehicle can give commands to the tracking unit for various operations like blocking the engine or cutting fuel supply to engine etc.GPS personal tracking system is commonly used for tracking of persons, pets etc. You can keep track of your loved ones in real time using a completely accurate and totally reliable GPS software package via the internet so you know exactly where your kids, parents, pets, asset are at any given point in time. Find’n’Secure?Embarc Information Technology Pvt. Ltd., a leading provider of GPS tracking and security system from India, aims at offering innovative and cost effective tracking and security solutions comprising of hardware as well as software. GPS tracking technology is best suited for fleet management. It is a unique way for companies and individuals to monitor and control their cars, jeeps, trucks and other vehicles to their precise details by sitting in the office. Find’n’Secure? GPS tracking system will enable you to monitor the movements of your employees, drivers, vehicles?or any other asset accurately. With Find’n’Secure? vehicle tracking system in your company's fleet of vehicles, you will find a smart way of fleet management by tracking your vehicles.Whether you own one truck or a fleet of thousands of vehicles, our highly skilled GPS fleet consultants will assist you in selecting the right type of vehicle tracking system that will give an edge to your company. Chapter 1 Linux Installation This section of the manual will help you in complete installation of the Linux operating system and Find’n’Secure software. Hardware RequirementsProcessorIntel Xeon E3120+ / AMD Opteron? 4100+HDD5x500 GB (SATA)RAM8GBLAN100 Mbps/1 GbpsOptical DriveDVD ReaderMonitor19 Inch. LCDInternet Connection1+ Mbps with Static IPSoftware RequirementsOperating SystemUbuntu Server Edition 64 BitDatabaseMySQL 5.5+Web ServerApache with PHP 5.5+ SupportOthersZend OptimizerLinux InstallationDownload the latest version of Ubuntu Server Edition 64 Bit from . At the time of printing of this manual the latest LTS release of Ubuntu Server Edition is 12.04. After downloading the ISO file you can make use of any DVD burning software to prepare the DVD for Installation.Once you have prepared the DVD for installation boot the server with this DVD disk to begin Installation of Ubuntu.To begin installation of the Ubuntu server, select the option “Install Ubuntu Server”.Next screen sets the default language for this Ubuntu ServerFollow the guided tour of the installation process to completely install Ubuntu Server. During the installation process Ubuntu presents you with the Software selection screen as shown below:Select LAMP Server for installation and press Continue .You will be asked to enter password for MySQL root user. Please keep this password handy for later use.After the installation is complete, server is automatically restarted and login prompt is presented. Login to the server by entering the credentials you created during the setup process.Once you have successfully logged into the Server you will be presented with the Linux prompt.Issue the following command to enable root user login for easy setup of the server$ sudo passwd root Enter the new UNIX password that you want to use for the root account. Once you have set the password type exit to exit this login prompt and login using the username rootThis will complete the basic setup of the server and now in the next section we shall setup the server for running the Find’n’Secure software.Installing Graphical User Interface (GUI)Issue the following commands to start the Graphical User Interface installation over Ubuntu:$ apt-get update$ apt-get install ubuntu-desktopTo enable root login in GUI mode, type in the following commands: sh -c 'echo "greeter-show-manual-login = true" >> /etc/lightdm/lightdm.conf'sh -c 'echo "allow-guest = false" >> /etc/lightdm/lightdm.conf'Once the GUI installation is complete you should reboot the Server by issuing:$ shutdown -r nowThis completes the GUI installation process and now you will be presented with the login screen in GUI mode.Installing additional packagesTo install packages you need to install ‘Synaptic Package Manager’. To install ‘Synaptic Package Manager’, use the following command from CLI:apt-get install synapticIt is recommended to upgrade all previously installed packages at this moment, use the following command for the same:apt-get upgradeStart ‘Synaptic Package Manager’ from System > Administration > Synaptics Package Manager1. Wireshark - Network traffic analyser2. UnixODBC - ODBC Connection to MS SQL etc.Installing Zend OptimizerDownload the latest version of the Zend optimizer from the following configuration:Linux 64 Bit operating systemPHP 5.4.16+Zend Guard 6.0.0+Follow the following steps to install on Ubuntu Server:Extract the Zend Loader package.Locate and extract the ZendGuardLoader.so (Linux) that corresponds to your PHP version. Create a new folder by name /root/zend (mkdir ~/zend) and copy the file into this folder. Add the following line to your php.ini file for loading the ZendGuardLoader:zend_extension=/root/zend/ZendGuardLoader.soNote: php.ini file can be found in /etc/php5/apache2Add an additional line to your php.ini for enabling ZendGuardLoader; Enables loading encoded scripts. (default: On)zend_loader.enable=1Add the following line to disable license key check:zend_loader.disable_licensing=0Modify obfuscation level support by adding the following line:zend_loader.obfuscation_level_support=3Set Zend Loader license path:zend_loader.license_path=/etc/php5/apache2/Embarc_private_key.zlRestart your Web server by issuing the following command:service apache2 restartZend optimizer is now installed on the server.Installing Webmin for easy administration of the ServerWebmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms (and Java for the File Manager module), you can setup user accounts, Apache, DNS, file sharing and so on.Webmin consists of a simple web server, and a number of CGI programs which directly update system files like /etc/inetd.conf and /etc/passwd. The web server and all CGI programs are written in Perl version 5, and use no non-standard Perl modules. Download the Debain Webmin package from and open it using the Synaptics Package Manager. This will begin the installation of the Webmin package. Once the installation is complete, you can access the Webmin Web Interface on the server using the following URL: modules supported by Webmin 1.630 NameDescriptionADSL ClientSet up a PPP client with the RP-PPPoE package.Apache WebserverConfigure almost all Apache directives and features.BIND 4 DNS ServerCreate and edit domains and DNS records.BIND DNS ServerCreate and edit domains, DNS records, BIND options and views.BSD FirewallConfigure a BSD firewall using IPFW, by creating and editing rules.Backup Configuration FilesPerform manual or scheduled backups and restores of configuration files managed by Webmin modules.Bacula Backup SystemConfigure Bacula to perform backups and restores manually or on schedule, for one or many systems.Bandwidth MonitoringView reports on bandwidth usage by host, port, protocol and time on a Linux system.Bootup and ShutdownSetup scripts to be run at boot time from /etc/init.d or /etc/rc.local.CD BurnerBurn data CDs from ISO images or selected directories.CVS ServerSetup a remotely-accessible CVS server, manage users and browse the repository.Change Language and ThemeAllows the current Webmin user to change his language, theme and possibly password.Change PasswordsChange the password of any user on the system.Cluster Change PasswordsChange passwords on multiple systems in a Webmin cluster at once.Cluster Copy FilesSchedule the transfer of files from this server to multiple servers in a Webmin cluster.Cluster Cron JobsCreate scheduled Cron jobs that run on multiple servers simultaneously.Cluster Shell CommandsRun commands on multiple servers at once.Cluster Software PackagesInstall RPMs, debian and solaris packages across multiple servers from one source.Cluster Usermin ServersInstall and manage modules and themes across multiple Usermin servers.Cluster Users and GroupsCreate, update and delete users and groups across multiple servers. Unlike NIS, each server has its own passwd and group files which are remotely updated by this module.Cluster Webmin ServersInstall and manage modules, themes, users, groups and access control settings across multiple Webmin mand ShellExecute shell commands and view their output.Configuration EngineConfigure the CFengine program, for checking and maintaining various system-administration settings.Custom CommandsCreate buttons to execute commonly used commands or edit files on your system.DHCP ServerManage shared networks, subnets, hosts and groups for ISC DHCPD.Disk QuotasSetup and edit user or group disk quotas for local filesystems.Disk and Network FilesystemsMount filesystems and swap files usually configured in /etc/fstab or /etc/vfstab.Dovecot IMAP/POP3 ServerConfigure the Dovecot IMAP and POP3 mail retrieval server.Fetchmail Mail RetrievalConfigure the popular fetchmail program for automatically retrieving mail from other servers.File ManagerView, edit and change permissions on files and directories on your system with a Windows-like file manager.Filesystem BackupBackup and restore filesystems using the dump and restore family of commands.Filter and Forward MailCreate rules to filter and forward incoming email.Frox FTP ProxyConfigure Frox, a transparent proxy for FTP clients.GRUB Boot LoaderConfigure the Linux GRUB boot loader to allow the selection of various operating systems and kernels at boot time.HTTP TunnelConnect to another HTTP server via a tunnel through the Webmin server.Heartbeat MonitorConfigure the Heartbeat package for automatic server failover in a cluster.IPFilter FirewallConfigure a firewall using the IPFilter package, by creating and editing rules.IPsec VPN ConfigurationSet up a client or server for an IPsec VPN using FreeSWAN.Initial System BootupConfigure low-level services to be run at boot time, and select the initial runlevel.Jabber IM ServerConfigure the multi-protocol Jabber messaging server.Kerberos5Configure the Kerberos 5 client on your system.LDAP ClientConfigure your system as an LDAP client for users and groups.LDAP ServerManage the OpenLDAP server and objects in its databaseLDAP Users and GroupsManage users and groups stored in an LDAP database, used for Unix, Samba and Cyrus IMAP authentication.Linux Bootup ConfigurationEdit kernels and partitions selectable at boot time with LILO.Linux FirewallConfigure a Linux firewall using iptables. Allows the editing of all tables, chains, rules and options.Linux RAIDCreate RAID 0, 1, 4, 5 and linear devices on a Linux system.Log File RotationSet up the automatic rotation of Apache, Squid, Syslog and other log files.Logical Volume ManagementConfigure volume groups, physical volumes and logical volumes for Linux LVM.MIME Type ProgramsEdit the /etc/mailcap file, which maps MIME types to handler programsMON Service MonitorSetup MON, a powerful service monitor and alerting system.Majordomo List ManagerCreate and configure mailing lists for Majordomo.MySQL Database ServerSetup databases, tables and permissions in your MySQL database server.NFS ExportsEdit file shares as defined in the Irix /etc/exports fileNFS ExportsEdit NFS file shares defined in /etc/exports.NFS ExportsEdit file shares from the FreeBSD /etc/exports file.NFS ExportsEdit NFS file shares defined in /etc/exports.NFS ExportsEdit file shares as defined in the HPUX /etc/exports file.NFS SharesEdit file shares as defined in the /etc/dfs/dfstab file.NIS Client and ServerSetup a system as an NIS client, master or slave server. Note that NIS+ is not work ConfigurationConfigure boot time and active interfaces, DNS, routing and /etc/work ServicesEdit servers handled by Xinetd, a replacement for work Services and ProtocolsEdit services in /etc/inetd.conf, /etc/services and /etc/rpc.OpenSLP ServerConfigure the service location protocol server.PAM AuthenticationConfigure the PAM authentication steps used by services such as telnet, POP and FTP.PHP ConfigurationConfigure PHP settings for the whole system or invidivual Apache virtual servers.PPP Dialin ServerSet up a dialin server using mgetty and PPP.PPP Dialup ClientConfigure the WV-Dial package to connect to the Internet with a modem PPP connectionPPTP VPN ClientConfigure and establish connections to a VPN server using the PPTP protocol.PPTP VPN ServerSet up your system as a PPTP server so that Linux or Windows VPN clients can connect.Partitions on Local DisksCreate and edit paritions on local disks on Solaris.Partitions on Local DisksCreate and edit paritions on local SCSI and IDE disks on Linux.Perl ModulesInstall new Perl modules on your system, and view those already installed.Postfix Mail ServerConfigure the Postfix mail server.PostgreSQL Database ServerManage databases, tables and users in your PostgreSQL database server.Printer AdministrationCreate and edit local and remote printers. Supports Windows print servers and Ghostscript print drivers.ProFTPD ServerConfigure the powerful ProFTPD FTP server. Supports all options in most of the standard modules.Procmail Mail FilterEdit recipes in the global /etc/procmailrc file, which apply to all incoming email.Protected Web DirectoriesCreate .htaccess and htpasswd files to protect web-acessible directories.QMail Mail ServerConfigure the QMail mail server, a simpler alternative to Sendmail.RBAC and ProjectsManage RBAC user attributes, profiles and authorizations.Read User MailRead email in users’ mailboxes.Running ProcessesList, kill and renice running processes on your system.SMART Drive StatusCheck the status of IDE drives to detect problems and potential failures.SSH LoginLogin to your system with SSH or telnet.SSH ServerSetup the SSH server for remote secure logins.SSL TunnelsSetup SSL tunnels to encrypt services like POP3 and IMAP, using stunnel run from inetd.Samba Windows File SharingCreate and edit samba file and print shares.Scheduled CommandsSchedule the execution of one-off commands or scripts.Scheduled Cron JobsCreate, edit and delete Cron jobs.Scheduled Webmin FunctionsDefine Webmin module functions that are called on a regular schedule by the Webmin webserverSecurity SentriesConfigure the portsentry, hostsentry and logcheck system security monitoring programs.Sendmail Mail ServerManage sendmail aliases, masquerading, address rewriting and other features.Service Management Facility ConfigurationEdit services under control of Service Manangement Facility SMF(1).Shorewall FirewallLets you edit the most useful tables of the Shorewall FirewallSoftware Package UpdatesDisplays available package updates from YUM, APT or other update systemsSoftware PackagesManage software packages on your system, and install new packages.Solaris ZonesCreate and manage Solaris 10 zones.SpamAssassin Mail FilterSet up and configure SpamAssassin to filter email received by your system.Squid Proxy ServerConfigure Squid options, ACLs, caching parameters and proxy users.Squid Report GeneratorConfigure and schedule SARG, a tool for generating reports from Squid access logs.System DocumentationView man pages, HOWTOs and other package documentation.System LogsConfigure the syslog server on your system and view its log files.System Logs NGConfigure the Syslog-NG server on your system and view its log files.System StatusBackground system status collection librariesSystem TimeSet the sytem and hardware time either manually or from a time server.System and Server StatusView the status of services on your system and on remote systems.TCP WrappersConfigure the TCP wrappers networking access control filesThirdlane PBX ManagerThirdlane PBX ManagerUpload and DownloadUpload multiple files to the server, and download multiple URLs either immediately or in the background at a scheduled time.Usermin ConfigurationConfigure global options for the Usermin user account management server.Users and GroupsCreate and edit Unix users and groups from the /etc/passwd and /etc/group files.Voicemail ServerSet up your system as an answering machine using vgettyWU-FTP ServerConfigure the access control, anonymous FTP and other options of WU-FTPd.Webalizer Logfile AnalysisGenerate reports from webserver, proxy server and FTP log filesWebmin Actions LogView detailed logs of actions by Webmin users.Webmin ConfigurationConfigure Webmin itself, such as allowed hosts, SSL, installed modules and themes.Webmin Servers IndexDisplays an index of other Webmin servers for easy linking.Webmin UsersCreate Webmin users and configure which modules and features they are allowed to access.idmapd daemonManage the NFS ID mapping daemon.Additional PHP ModulesMany components of the software make use of additional libraries which doesn’t install when installing the default LAMP Server. Please perform the following additional steps to install the libraries.Click System > Administration > Synaptic Package ManagerType php5 in the Quick filter boxSelect the following packagesphp5php5-dbgphp5-devphp5-commonphp5-recodephp5-ldapphp5-pspellphp5-snmpphp5-curlphp5-xslphp5-xmlrpcphp5-gmpphp5-gdphp5-pgsqlphp5-odbcphp5-cliphp5-sqlitephp5-cgiphp5-tidylibapache2-mod-php5php5-mysqlType mysql in Quick filter boxSelect the following packages:libdbd-mysql-perllibdbi-perllibmysqlclient-devlibmysqlclient18librdf0mysql-clientmysql-client-5.5mysql-client-core-5.5mysql-commonmysql-servermysql-server-5.5mysql-server-core-5.5rsysloglibmyodbclibmysql++-devlibmysql++3Click on ApplyInstallation CompleteThis completes the Operating System installation and required components for the Find’n’Secure Server. In the next chapter we shall be configuring the Server with the required settings and for optimal performance.Chapter 2 Linux ConfigurationIn the previous chapter we have seen how to do a fresh installation over the Server. In this section, will we learn how to configure Linux to maximize throughput. Once your system completes the boot cycle it will come to the login screen, enter username as ‘root’ and your system administrator password and proceed to login. You will see the screen similar to the one shown below :Ubuntu Desktop is pretty intuitive and fairly simple to configure. We will now take you quickly through the steps of configuration. You may configure almost complete Linux from the Webmin Web Interface that you installed. Firewall ConfigurationFirewall is one of the best known defences for the linux systems against hackers and it enhances Operating System security to allow only the known ports to be opened.Ubuntu comes equipped with a firewall system known as ufw. You must enable the firewall by issuing the following command:ufw enableWhen using the Linux firewall we need to enable few ports to allow in-bound traffic on the Server for the following services:Service NamePort NumberSSH22HTTP Server80Tracking Devices21000VNC Server (If installed)5901Webmin (if installed)10000Issue the following commands to enable these ports:ufw allow 22ufw allow 80ufw allow 21000ufw allow 10000ufw allow 5901This will configure the basic firewall for the Server. If you want more control over the firewall system you can make use of the Webmin interface to create rules.Disabling FirewallIn case you want to disable to firewall on the Ubuntu Server, you can issue the following command on the Server.ufw disableNetwork ConfigurationSetting up communication with the internet is the most important aspect of the Server setup. We will make use of the Webmin for performing this setup. Please follow the steps below to configure your network interface.1. Open up the Web browser (Firefox) and type the following URL : . Login to the software using your root login3. Click on Networking > Network Configuration > Network Interfaces > Activated at Boot4. Select the network interface you wish to configure, generally network interfaces are number from eth0 and lo stands for loop-back interface.5. If you server is directly connected to the internet then you should configure it according to the configuration provided by your internet provider. Otherwise you can use the LAN settings of your internal network to configure this server.6. Once you have entered all the parameters, click Save and return to network interfaces > network configuration7. Configure Routing and Gateways8. Configure Hostname and DNS Client9. Click on Apply ConfigurationMySQLMySQL is a Relational Database Management System (RDBMS) and is one of the most important components. All the data arriving from all the tracking units is broken down, analyzed and stored in database as history component from where various types of reports and all previous visited locations and other information is primarily acquired. Setting up MySQL is simple and involves only few steps. If you have not set the MySQL password during the setup you can use the following method to set the new password.Open Terminal from Accessories and issue the following command:mysqladmin -u root password <root password>Example: mysqladmin -u root password embarcThe above command will set the password for root access. To check that everything is running fine simply issue “mysql –p” in the terminal. It will ask you for root password which you issued in the command e.g., embarc in this case. After you press enter you will see the Welcome Screen of MySQL, just type “quit” on the prompt to return to terminal prompt.MySQL Configuration FileAs MySQL is the most important component of the system it is essential that it performs with ultimate efficiency and must be able to take up higher loads. By default MySQL is configured to run on the minimum configuration which makes it a low-end engine. So we need to adjust some parameters for performance. MySQL configuration file is present at location /etc/mysql/f. The listing below is an optimized version of f file for a Server having 2+ GB RAM. You may find some good examples at f file##----------------------------------------------------------# See:## You can also dump all the variables set for mysqld with:## mysqld --verbose --help##----------------------------------------------------------------# Example MySQL config file for very large systems.## This is for a large system with memory of 1G-2G where the system runs mainly# MySQL.## You can copy this file to# /etc/f to set global options,# mysql-data-dir/f to set server-specific options (in this# installation this directory is /var/lib/mysql) or# ~/.f to set user-specific options.## In this file, you can use all long options that a program supports.# If you want to know which options a program supports, run the program# with the “--help” option.# The following options will be passed to all MySQL clients[client]#password= your_passwordport= 3306socket= /var/lib/mysql/mysql.sock# Here follows entries for some specific programs# The MySQL server[mysqld]port= 3306socket= /var/lib/mysql/mysql.sockskip-external-lockingopen_files_limit = 12000key_buffer = 384Mmax_allowed_packet = 1Mtable_cache = 5000sort_buffer_size = 2Mread_buffer_size = 2Mread_rnd_buffer_size = 8Mmyisam_sort_buffer_size = 64Mthread_cache_size = 8query_cache_size = 32M# Try number of CPU’s*2 for thread_concurrencythread_concurrency = 8# Don’t listen on a TCP/IP port at all. This can be a security enhancement,# if all processes that need to connect to mysqld run on the same host.# All interaction with mysqld must be made via Unix sockets or named pipes.# Note that using this option without enabling named pipes on Windows# (via the “enable-named-pipe” option) will render mysqld useless!# #skip-networking# Disable Federated by defaultskip-federated# Replication Master Server (default)# binary logging is required for replicationlog-bin=mysql-bin# required unique id between 1 and 2^32 - 1# defaults to 1 if master-host is not set# but will not function as a master if omittedserver-id= 1# Replication Slave (comment out master section to use this)## To configure this host as a replication slave, you can choose between# two methods :## 1) Use the CHANGE MASTER TO command (fully described in our manual) -# the syntax is:## CHANGE MASTER TO MASTER_HOST=<host>, MASTER_PORT=<port>,# MASTER_USER=<user>, MASTER_PASSWORD=<password> ;## where you replace <host>, <user>, <password> by quoted strings and# <port> by the master’s port number (3306 by default).## Example:## CHANGE MASTER TO MASTER_HOST=’125.564.12.1’, MASTER_PORT=3306,# MASTER_USER=’joe’, MASTER_PASSWORD=’secret’;## OR## 2) Set the variables below. However, in case you choose this method, then# start replication for the first time (even unsuccessfully, for example# if you mistyped the password in master-password and the slave fails to# connect), the slave will create a file, and any later# change in this file to the variables’ values below will be ignored and# overridden by the content of the file, unless you shutdown# the slave server, delete and restart the slaver server.# For that reason, you may want to leave the lines below untouched# (commented) and instead use CHANGE MASTER TO (see above)## required unique id between 2 and 2^32 - 1# (and different from the master)# defaults to 2 if master-host is set# but will not function as a slave if omitted#server-id = 2## The replication master for this slave - required#master-host = <hostname>## The username the slave will use for authentication when connecting# to the master - required#master-user = <username>## The password the slave will authenticate with when connecting to# the master - required#master-password = <password>## The port the master is listening on.# optional - defaults to 3306#master-port = <port>## binary logging - not required for slaves, but recommended#log-bin=mysql-bin## binary logging format - mixed recommended #binlog_format=mixed# Point the following paths to different dedicated disks#tmpdir= /tmp/#log-update = /path-to-dedicated-directory/hostname# Uncomment the following if you are using InnoDB tables#innodb_data_home_dir = /var/lib/mysql/#innodb_data_file_path = ibdata1:2000M;ibdata2:10M:autoextend#innodb_log_group_home_dir = /var/lib/mysql/# You can set .._buffer_pool_size up to 50 - 80 %# of RAM but beware of setting memory usage too high#innodb_buffer_pool_size = 384M#innodb_additional_mem_pool_size = 20M# Set .._log_file_size to 25 % of buffer pool size#innodb_log_file_size = 100M#innodb_log_buffer_size = 8M#innodb_flush_log_at_trx_commit = 1#innodb_lock_wait_timeout = 50[mysqldump]quickmax_allowed_packet = 16M[mysql]no-auto-rehash# Remove the next comment character if you are not familiar with SQL#safe-updates#----------------------------------------------------------[isamchk]key_buffer = 256Msort_buffer_size = 256Mread_buffer = 2Mwrite_buffer = 2M#----------------------------------------------------------[myisamchk]key_buffer = 256Msort_buffer_size = 256Mread_buffer = 2Mwrite_buffer = 2M#----------------------------------------------------------[mysqlhotcopy]interactive-timeout#----------------------------------------------------------Speed Tweak‘Tweak’ compresses the content of your web server in real time, barring a few formats that will have no or nearly no benefit from it (images and/or already compressed files like a zip) or files that may even become corrupted when compressed further (e.g. the .pdf format). Basically at the cost of a little bit of CPU time, pages will become smaller with the following benefits:Faster loading pagesLower bandwidth costsFor more information, just search for “http compression” keyword in any internet search engine.mod_deflateThis module enables http compression over the Apache server. The following process helps in activating mod_deflate on Apache server over Linux :1. Open your favorite console application (Xterm, Konsole, etc)2. Execute a2enmod deflate3. Now open /etc/apache2/httpd.conf in your favorite text editor (gedit, etc) and append the configuration text below:SetOutputFilter DEFLATESetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ \ no-gzip dont-varySetEnvIfNoCase Request_URI \ \.(?:exe|t?gz|zip|bz2|sit|rar|7z|swf|pdf)$ \ no-gzip dont-varyBrowserMatch ^Mozilla/4 gzip-only-text/htmlBrowserMatch ^Mozilla/4\.0[678] no-gzipBrowserMatch \bMSIE !no-gzip !gzip-only-text/htmlExpiresActive OnExpiresDefault A0# Set up caching on media files for 1 year (forever?)<FilesMatch "\.(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav)$">ExpiresDefault A29030400Header append Cache-Control "public"</FilesMatch> # Set up caching on media files for 1 week<FilesMatch "\.(gif|jpg|jpeg|png|swf)$">ExpiresDefault A604800Header append Cache-Control "public"</FilesMatch> # Set up 2 Hour caching on commonly updated files<FilesMatch "\.(xml|txt|html|js|css)$">ExpiresDefault A7200Header append Cache-Control "proxy-revalidate"</FilesMatch> # Force no caching for dynamic files<FilesMatch "\.(php|cgi|pl|htm)$">ExpiresActive OffHeader set Cache-Control "private, no-cache, no-store, proxy-revalidate, no-transform"Header set Pragma "no-cache"</FilesMatch>5. Save the file and close it.6. Restart apache by executing service apache2 restartConfirming it worksVisit and use their analyze tool to find out that everything is working fine.If your site is using mod_deflate the test will show you the following message:# Congratulations. This site is using HTTP compression, otherwise called content encoding using gzip. The sizes reported here are for compressed content sent from the server to the client.MySQL Updation MySQL is one of the most essential components for proper server functionality and therefore its constant up-gradation and maintenance should be done. You may frequently visit to find out the latest server updates and download the fixes and upgraded versions and install it over the server. Software is generally kept up-to-date and latest releases might require latest MySQL libraries to be installed over the server.Chapter 3Software InstallationSince you have installed and configured Linux, we now take you through the steps required for software installation. It is pretty straight forward to install the software and prepare it for execution. The following steps will guide you to perform software installation —Copy the provided software installation file in the folder “/root/Installation”.Extract the contents of the file in the folder using the following command “unrar x Installation.rar”.Open the terminal window and execute the following command : “sh install.sh”Installation requires Find’n’Secure? Username and Password which is provided along with the package.Enter your Find’n’Secure? UsernameEnter your Find’n’Secure? PasswordEnter the password for root user of your MySQL serverInstallation will prompt you to remove the old database present in the system. If you input ‘yes’ then all your previous data is removed from the database. Please note that you should take a backup of the old database if you are performing repair job.Software installation is now complete. To check the software installation open up Firefox browser and put the following address in the address bar of the browser window – proceeding further, you must login to the software as an administrator for performing some essential steps required for running the software correctly. Default username for administrator login is “admin” and default password for the account is “admin”. After the login, you will see the following screen.Click on the Global Settings button on the left hand side and the following screen will appear:User SettingsYou can select Default Language, Default Time-zone & Metric System in which the software will work by default. All the users logging into the software will have these preferences set as default.Map SettingsFind’n’Secure? Version 4.0 supports Google? Maps in addition to many others. You may set default parameters that are loaded up whenever a user logs in the software. The following table describes different options available:Default Latitude & LongitudeDefault center location for map service, for example :Latitude : +28.004102Longitude : +77.684326Whenever map is loaded on the browser window it will automatically set the display center to this Latitude/LongitudeGoogle? KeyGoogle? Maps API key provided by Google? for your domainGoogle Client IDClient ID provided by Google? to its Google Maps API for Business customers.Digital SignatureA digital signature is used only by Google Maps API for Business customers. This field is actually the cryptographic key provided by Google.Bing KeyIf you wish to use Bing Maps, please enter the Bing Maps key, provided by Microsoft. The procedure to get a Bing Maps key is explained later in this section.Cloudmate KeyIf you need to use Cloudmate Maps with Find’n’Secure, you should enter a Cloudmate API key.Zoom levelDefault Zoom level to which map service will be set is defined by this optionRefresh IntervalServers constantly get packets from the tracking units. This option controls how fast browsers shall fetch new locations from the server.Your domain administrator should create and forward a sub-domain to your server IP address, for example:Domain Name: IP Address : 67.222.62.165New sub-domain : trackv4.IP Address : 71.19.240.175Find’n’Secure loads Google Maps using an API key. Using an API key enables you to monitor your application's Maps API usage, and ensures that Google can contact you about your application if necessary. If your application's Maps API usage exceeds the Usage Limits, you must load the Maps API using an API key in order to purchase additional quota.To create your Google API key:Visit the APIs Console at and log in with your Google Account.Click the Services link from the left-hand menu.Activate the Google Maps API v3 service.Click the API Access link from the left-hand menu. Your API key is available from the API Access page, in the Simple API Access section. Find’n’Secure uses the Key for browser apps. create your Bing API key:Go to the Bing Maps Account Center at you have a Bing Maps Account, sign in with the Windows Live ID that you used to create the account.If you do not have a Bing Maps Account, click Create, and follow the instructions in Creating a Bing Maps Account.Select Create or view keys under My Account.In the Create key box on the My keys page, provide the following information for Find’n’Secure application that will use the Bing Maps key:Application name: Required. The name of the application, i.e. Find’n’SecureApplication URL: The URL of the application.Key type: Required. Select the key type as “Basic”. The key and application types you choose determine your usage limits. For more information, see the Bing Maps Terms of Use.Application type: Required. Select “Public website” as the application type.Type the characters of the security code, and then click Submit. The new key displays in the list of available keys. Use this key to authenticate your Bing Maps application as described in the documentation for the Bing Maps API you are using.Note: If you want to upgrade your account to be an enterprise account, contact Bing Maps for Enterprise.To create your Cloudmate API key:Login/Register on Cloudmate Account portal at on the button labeled “GET API KEY”, under API Keys section.In the modal box displayed, provide the following information for Find’n’Secure application:Platform: Required. Choose “Web”Application Name: Required. The name of the application, i.e. Find’n’SecureApplication URL: The URL of the application.Promote My App: Optional. Uncheck this box.Click on the “Register” button.You’ll get the API key in a few seconds.SMTP SettingsSimple Mail Transfer Protocol (SMTP) Server is used for sending emails from the software to users and administrator. If SMTP is not properly setup then you will not receive any mail alerts from the software. If you don’t have a SMTP server, Find’n’Secure? version 4.0 allows you to use Gmail if the sending-load is not very high. If you are using the software for providing commercial service we recommend you to use a paid SMTP server or setup your own SMTP server, whichever you prefer. SMTP ServerServer address for the SMTP server. For example: smtp. (Gmail SMTP server).SMTP PortPort number on which the server SMTP service is being hosted. Default SMTP port is 25.Authenticate SMTPIf SMTP server requires authentication then this option must be checked.SMTP UsernameUsername to be used for logging into SMTP server.SMTP PasswordPassword to be used for logging into SMTP Server.Use SSLCheck this option if SMTP server requires Secure Sockets Layer (SSL) Authentication. It is more secure to use SSL Authenticated email system since the communication channel is encrypted.Administrator EmailPlease type in the administrator email address here on which all the important notifications from the software are required to be transferred.Understanding Configuration File (config.sys)Server administrators may need to fine tune the system or change certain parameters as per server hardware or network connectivity. In this section we will have a look at the config.sys file which allows you to perform these operations. Lines starting with # sign are comments and you should be very careful in editing config.sys file as even a small error might lead to complete service halt.PropertyValueUDPServerNameHosting IP address of the UDP service. If you have multiple interfaces installed over the server than you might need to select the interface on which UDP service will be hosted. The default value of this property is 0.0.0.0 which means UDP service will be started on all the interfaces.Default: 0.0.0.0UDPServerPortUDP port number on which service is to be hosted.By default 21000 is used by the software and this port is required to be forwarded by your router/firewall to this server. All the communication via tracking unit is performed through this port when UDP protocol is working in the tracking unit.Default: 21000TCPServerNameThis property allows you to start TCP server for communication with the tracking units. This is equivalent to the UDPServerName and has similar default value. Default: 0.0.0.0TCPServerPortTCP port number on which service is to be hosted.By default 21000 is used by the software and this port is required to be forwarded by your router/firewall to this server. All the communication via tracking unit is performed through this port when TCP protocol is working in the tracking unit. Default: 21000FilterIPFor internal use of the software.Default: 0.0.0.0FilterPortFor internal use of the software.Default: 21001UDPSendIPUDP sending server is started on this IP address for performing communication with the tracking units.Default: 0.0.0.0UDPSendPortUDP sending server port number on which service is to be hosted.Default: 23000UDPforTCP_OPSServerNameFor internal use of the software.Default: 0.0.0.0UDPforTCP_OPSServerPortFor internal use of the software.Default: 23001UDPPacketSizeFor internal use of the software.Default: 1500FilterPacketSizeFor internal use of the software.Default: 1600ServerReceiveBufferFor internal use of the software.Default: 1026576ServerSendBufferFor internal use of the software.Default: 1026576MinSendTimeFor internal use of the software.Default: 0MailerCommandSoftware has a daemon process which constantly keeps on checking for the new alerts/events happening on the server. These alerts/events are processed by a mailer script which is by default written in PHP 5.0. If you need to modify this behavior of the system you can insert your own script and place the right command here to process accordingly.Default: “cd /var/www/php; php Services/mailer.php"NumberOfTriggersNumber of triggers configured over the server to be received by UDP server. As described below under the properties Trigger[x]Name, Trigger[x]Event, Trigger[x]Offset, you can configure various triggers in the software to be executed when this command is received by UDP Server.It may be used along with any 3rd party software to allow the expansion of the communication protocol. We will demonstrate the process with the help of a small illustration after this table.Default: 9Trigger[x]NameRepresents the name of the Trigger which is to be sent to the UDP server to execute the trigger, for example – locatex represents number value from 1 – NumberOfTriggersDefault: “locate”Trigger[x]EventRepresents the script execution path of the Trigger which is executed on receiving of the trigger.Default: "php /srv/www/cgi-bin/locate.php"Trigger[x]Offset = 0Represents the offset of the command where server should search whenever a string is received by UDP server.Default: 0BanUser[x]This property is used for banning one or more IP address, for exampleBanUser[1] = “67.23.44.51”BanUser[2] = “67.23.44.55”Will add two IP address to the ban list and server will drop all the packets received from these IP addresses.DeviceNameTo open COM1 on the server enter ‘/dev/ttyS0’Default: "/dev/ttyS0"DeviceBaudDefault: 115200DeviceInitializeDefault: “AT E0 I0”DeviceParityDefault: "NONE"TerminalIPDefault: 0.0.0.0TerminalPortDefault: 22000DatabaseRefreshTimerThis property is used for setting up the performance for processing the data received by the server from the tracking unit. The value is in seconds.Default: “1”GeofenceRefreshTimerTime gap after which Geofence server checks for geofence related functions. This property is in seconds.Default: “1”MailerRefreshTimerTime gap after which mailer server fetches new alerts/events. This property is in seconds.Default: “1”DBFServernameDatabase server name or IP address. This is the address of your MySQL server, if you are hosting the database server on the application server itself then the value of this property will be “localhost” otherwise you can set it appropriately. For example, if a server with local IP 192.168.1.10 is hosting MySQL service then we may use the following settings —DBFServername = “192.168.1.10”Default: “localhost”DBFUsernameUsername through which the connections to the database server is established. Generally we connect to the database by using “root” usernameDefault: “root”DBFDatabaseDatabase name to be used by findnsecure applications. MySQL can be used by multiple softwares running over your server and each software may have its own database. Similarly Find’n’Secure? version 3.0 has its own database by default it is named as “fnsv2”. If you want to change the name of the Database file, you may modify accordingly.Default: “fnsv4”DBFPasswordPassword required for connecting to the database server related to the DBFUsername.Default: “embarc”LicenseUsernameFind’n’Secure? license username provided by the company (i.e. Embarc Information Technology Pvt Ltd.)Default: <Provided by Embarc>LicensePasswordFind’n’Secure? license password provided by the company (i.e. Embarc Information Technology Pvt Ltd.)Default: <Provided by Embarc>sat_email_serverEnter the server details used for receiving mails of satellite tracking devices.Format: “<POP server>:<PORT>”Default: “pop.:995”sat_email_usernameUsername of email ID used for receiving mails of satellite tracking devices.Default: “”sat_email_passwordPassword of email ID used for receiving mails of satellite tracking devices.Default: “”sat_email_sslIndicates whether the sat_email_server uses SSL or not.Accepted Values: yes/noDefault: “yes”sat_fetch_intervalMail fetch interval for satellite tracking devices. (in minutes)Default: “2”PHPPathEnter the path of PHP files used in operations of Alert Centre.Default: “/var/www/php”ATRXMailPathPath of mail templates for Alert Centre.Default: "Services/ATRXMail.php"rdEnableEnable or disable saving of raw data from tracking devices.Accepted Values: true/falseDefault: “true”rdServerHostname of database server, where raw data should be sent.Default: “localhost”rdDatabaseName of database in which raw data should be stored.Default: “fnsraw”rdDBFUserUsername for connecting to raw database.Default: “root”rdDBFPassPassword for connecting to raw database.Default: “embarc”Setting up triggersFind’n’Secure? version 4.0 supports an important facility to perform operations in conjunction with 3rd Party software which are capable of passing URL with parameters (in GET request format) or directly connecting with the software backend and pass triggers using network. This provides exceptional facility of extending software capabilities with customized applications designed over the base platform of Find’n’Secure. The illustration below shows the communication channel and the flow of process.Find’n’Secure? config.sys file allows you to expand the triggers as mentioned in the previous topic. You can develop PHP scripts which may be placed in your own folder for execution. Let us show you a custom trigger example using Apache web server.Create a new folder by name customeevents in /srv/www/cgi-binCreate a new file by name test.php in /srv/www/cgi-bin/customevents. Source code for this test script is shown below.<?php/* ?Find’n’Secure? 2011 URL sent to apache is in the following format: :tid = Tracker IDpass = Password of the user account associated with the tracker IDObjective:This program takes in the tracker ID and prints out the username. You can make use of Apache URL calling to perform inquiry.*/require_once(“../mysql.php”)function dberror($emsg){print $emsg;die;}$db = mysql_connect(“localhost”,”user”,”pass”,1);mysql_select_db(“fnsv2”) or dberror(“database error”);$query = “SELECT * FROM trackers where trackerid=\””.$_GET[‘tid’].”\””;$result = mysql_query($query,$db);if ($result == false) dberror(“query error”);$row = mysql_fetch_assoc($result);if ($row != false){if ($row[‘password’] == $_GET[‘pass’])print “username associated is “.$row[‘username’];}mysql_free_result($result);return 0;?>Final StepsRestart the server once you have successfully installed the software.Manual Startuplinux > cd /root/findnsecurelinux > sh start.shAutomatic StartupIn case you want to enable the software services automatically after server bootup, please enable the findnsecure service from the WebminOpen Firefox browser on the server and type the following URL: on System > Bootup and ShutdownClick on findnsecure serviceClick on Yes infront of Start at boot time ?Click Save > LogoutFind’n’Secure? software will now automatically start whenever your server boots up.SummaryWe have covered all the topics required for setting up the server and this chapter completes the configuration and installation of your server. After following the steps explained in the preceding paragraphs, your server should be running and ready to add new user accounts and trackers to the software which we shall show you in the subsequent sections. In case you face any trouble with Linux you can use the following references to solve the issues:Linux Administration Handbook (Pearson Education) by Nemeth, Snyder and Hein your queries to support@Bible - Red Hat Linux (Wiley) ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download