2009년 11월 10일 화요일

09.11.09 MICROSOFT COFEE v1.1.2 - ИНСТРУМЕНТАРИЙ СИЛОВЫХ ВЕДОМСТВ США И КАНАДЫ ДЛЯ СБОРА ДАННЫХ С ПК ПОДОЗРЕВАЕМЫХ

 

Microsoft Computer Online Forensic Evidence Extractor (COFEE) v1.1.2 — набор инструментальных средств, команд помогающий IT-следователям и криминалистам быстро извлекать необходимую для следствия информацию (forensic data), с ПК подозреваемых для доказательства их криминальной активности.
COFEE позволяет криминалистам искать по данным прямо на месте эксплуатации в автоматическом режиме.
С помощью COFEE создается специальный загрузочный USB диск, который затем запускает программу собирающую улики с ПК подозреваемого. Microsoft обещает, что с программой справится начинающий пользователь.
Набор средств COFEE не является секретной или тайной программой разработанной компанией Microsoft для силовиков США И КАНАДЫ, но этот инструментарий не был общедоступен для свободного скачивания весьма длительное время, хотя польза от обладания COFEE обычным пользователем весьма сомнительна.
Тем не менее заинтересованные лица смогут узнать как и какого именно рода данные способны извлечь следователи с помощью этого инструментария.

MICROSOFT COFEE v1.1.2 - is being made available to individuals employed by law enforcement agencies within the United States and Canada. COFEE means the Computer Online Forensic Evidence Extractor tool that fits on a USB drive and automates the execution of commands for data extraction and related documentation. Distribution is limited to law enforcement agencies. Access to the COFEE product requires verification of employment with a law enforcement agency and agreement to the terms and conditions of the Microsoft/NW3C Sublicense Agreement.

What is COFEE?
COFEE consists of three major components: the GUI interface for the investigator, the command line application to be executed on the target machine, and the individual tools which are managed by COFEE and the command line application.
There are two major types of live forensics investigation tools – Live Information Acquisition tools and Remote Online Acquisition tools. Computer Online Forensic Evidence Extractor (COFEE) is a live information and volatile data forensics acquisition system.
The GUI interface was developed for managing the tool selection, generating scripts, loading programs onto a USB device, and creating a report from the collected data.
The command line application was developed for controlling and executing a set of selected tools on the target machine.

Digital Forensics Attributes and Principles:
In any digital forensics investigation, digital forensics specialists and legal advisors should ensure the balance between the three main attributes: Reconnaissance, Relevancy and Reliability of the digital evidence. In any digital forensics investigation, the investigator should always attempt to achieve the maximum amount of data acquisition while having a minimal effect on the integrity or accuracy of the data.
When applying Reconnaissance, Relevancy and Reliability to the live forensics investigation
environment, it is paramount that any investigative tool used should operate in the least intrusive way.
It is also vital that all operations conducted on a target machine be documented to the best extent possible. This aids in the reliability of the collected data, as well as the integrity of the target machine.
Great effort was taken to ensure that the COFEE execution process leaves the smallest footprint possible on the target machine.

Volatile Information Collected:
The specific information collected by COFEE varies depending upon which profile is selected, however the type of volatile information collected includes:
• Date and Time.
• Open network connections and additional network related information.
• User account information (including the currently logged on user).
• Current processes and services.
• Open files and registry information.

Why Use COFEE?
In COFEE, the GUI interface is used for the preparation of the forensics tools and the assigning of the digital forensics execution order. According to live forensics guidelines, investigators should take into account the order of evidence volatility, while having minimal interaction with the target machine.
COFEE has been designed to provide the investigator the ability to collect evidence from a target system with the minimum of user interaction. After the GUI interface generates a COFEE USB device (copies all scripts and programs), the investigator can take the device and easily insert it onto a target machine, and begin the collection process by executing a single program.
While specific programs have been selected as part of the included profiles, COFEE allows a seasoned investigator to add or remove any program they desire, as well as create any profile to meet their specific investigative needs.

Who Should Use COFEE?
COFEE was designed to meet the needs of two distinct classes of users: the forensic examiner and the front line investigator. The GUI console, which allows the user to create profiles and generate COFEE USB devices, was designed to be operated by a computer forensic examiner. The creation of profiles requires that the user have a firm understanding of the tools to be executed and the reason behind their inclusion within the profile.
The command line application, however, requires minimal training because the scripting process has already been designed by a forensic examiner. This allows any front line investigator to use this tool and collect data. Once the data is collected, the USB device should be returned to the forensic examiner for analysis.

DOWNLOAD: MICROSOFT COFEE v1.1.2 14Mb. by DrWeird

P.S: Установить без бубна COFEE оказалось делом "сложным", необходимо скачать "хитрый" MSI extractor, извлечь из инсталлятора COFEE v1.1.2 Installer.msi все файлы, и затем просто запустить COFEE.exe

2009년 11월 9일 월요일

newprep

이상민님의 팁 입니다.

  

 

   

 

 


Monday November 09, 2009 01:58:19 am, Uploaded by 이상민


 


안녕하세요. 고딩이지만 전혀 고딩틱하게 놀지 않는 이상민 파코즌 입니다. ^^

 

최근에 Windows 7이 나오면서 XP의 설자리를 잃어가고 있는것으로 보이는데요, 아직까지는 대부분 사용자들이 새로운 환경에 적응하지 못하고 계시기도 하고, XP를 돌릴 만한 이유가 있으신 분들도 많으시고, 하드웨어적 사양이 부족하여 XP를 선호하시는 분들도 많습니다.

 

물론, 파코즌 분들은 Windows 7의 우수성을 아셔서 Windows 7을 쓰시는 분들이 많으시겠지만, 저같은 경우는 친구녀석들의 요구로 인해 가끔 컴퓨터 A/S 기사가 된 듯한 일을 하기 때문에 친구녀석들의 컴은 살짜쿵 부족한 구석이 많고(대부분 대기업꺼다 보니까, 고딩이다보니까 구입시기를 고려했을때 약 5~6년? 성능이,,,,) 친구녀석들이 좋아라 하는 게임들과 잡다한 유틸(뭐, 웹하드는 양반집이고, 프루나와 같은 P2P,,,, 사용용도는 굳이 말할 필요 있겠습니까? ㅋㅋㅋㅋ)들은 XP기반 뿐들인지라 XP를 원하는 놈들이 많습니다.

 

이런놈들 떄문에 매번 XP CD 구워서(한번 주면 무조건 잃어버립니다. ㅡㅡ;;) 하기에도 그렇고, 그렇다고 USB CD 영역 만들자니 만들어지는 USB 메모리는 형에게 기부한 상태,,, 무엇보다 XP를 공식적인 방법으로 설치했을때 그 설치시간은 그저 암울하기만 합니다.

 

그래서,,, 저는 예전에 신희돈 님이 올리신 만능 복원 CD 제작하기 : Windows XP - HAL Type 를 따라해서 제작하였습니다. 위 방법이 솔직히 진리이더군요. 고스트 롤백이 빠른건 대부분 아실것이고, 엄청난 연구 끝에 만들어진 완벽한 만능 고스트 이미지 생성 방법이었습니다. 하지만 이 방법은 따라하기에 쉽지도 않고, 유지보수 부분에서 살짝 부족한 감이 있더라구요.(소프트웨어 업뎃등) 또한 XP에만 한정된 방법이라는 것도 문제로 삼을 만 합니다.(하지만 Vista 이후부터는 만능 고스트 만들기가 무척 쉬워졌죠...)

 

그래서, 비교적 최근에 나온 작은 툴을 소개하도록 하겠습니다. ^^

 

이 툴은, Sysprep라는 Windows에 내장된 프로그램을 기능적으로 확장시켜주는(맞으려나,,,), 편리하게 도와주는 툴이 되겠습니다.

이 팁에서는, XP만 다뤘습니다만, Vista도 비슷한 방법으로 가능하고, Windows 7은 애초에 이럴 필요가 없습니다. ^^

 

이 글은, 불법을 조장하기 위한 글이 아님을 밝힙니다.

이 글은, 참고하시라고 올리는 글일 뿐 입니다.

이 글의, 사용으로 인한 책임은 사용자 본인에게 있음을 밝힙니다.

이 글에, 사용된 자료들은 모두 정품에서 작업한 내용입니다.

 

※ 바이러스 관련하여,,,

 

 이 프로그램은 오토잇으로 제작된 프로그램입니다. 오토잇으로 제작된 프로그램의 경우 시스템을 직접 건들 수 있거나(뭐,, 이프로그램만 봐도 엄청나게 건들 수 있지요.), 관리자 권한을 받지 않고도 네트워크가 연결 되어 있다면 외부와 통신이 가능합니다.

 

 덕분에 일부 백신은 오토잇으로 제작된 프로그램들을 무조건적으로 바이러스로 관주하는 경우가 있습니다. 정작 프로그램은 정직한 프로그램인데 말이죠....

 

 이 프로그램 또한 바이러스와는 전혀 관련 없는 프로그램입니다. 그래도 혹시나 하여 어베스트로 파일을 검사해 보았고, 안철수랩에 샘플로 보내보았지만, 결과는 아무 문제 없다는 답변입니다. 그러니 안심하셔도 됩니다. ^^

 

※ 만능 고스트란?

 

 운영체제는 설치할 때 설치되는 컴퓨터에 맞게 자동으로 드라이버들을 잡아주고 셋팅을 알아서 설정하게 되어 있습니다. 이는 운영체제에서 컴퓨터의 성능을 최대한으로 끌어내기 위한 작업이므로, 해당 컴퓨터에 맞게 적절히 작업을 하게 되는데요. 이 작업 떄문에, 고스트 이미지를 뜨고 다른 컴퓨터에서 풀었을때 하드웨어적 차이로 인해 90%확률로 부팅이 안되거나, 제약적으로 됩니다. 이럴 때 만능 고스트라는 작업은 위의 작업 결과물을 모두 표준으로 바꾸어서 다른 시스템에서도 정상적으로 적용되도록 도와주는 작업을 말합니다.

 

 또한 부가적으로 여러가지 필수 프로그램을 깔아서 위의 작업을 한 후 고스트로 이미지 떠버리면 프로그램 설치하는데 따로 시간이 들 필요도 없으니 배포판 OS를 만드실 분이라면 필이 필요한 작업입니다.

(설명이 부실,,,)

 

 

Newprep V2009 Final는 기본적인 원리는 신희돈 님이 작성하신 만능 고스트 만들기와 같습니다. 하지만 이 프로그램을 이용하면 신희돈님의 방법을 버튼 하나로 자동으로 만들어 버린다는 것이 다르겠네요.

 

이 프로그램을 이용하여 만능 고스트를 만들때 따로 스크린샷을 찍은 것은 없지만, 많은 분들이 이 프로그램으로 쉽게 만능 고스트를 제작하셔서 쓰고 계시는 좋은 프로그램입니다.

 

(대륙산 프로그램이라고는 믿기지 못할만큼 좋은 프로그램입니다. 단, 찌꺼기들이 남더군요... OTL,,)

 

 

 0. 우선 필요한것들을 준비해 둡시다. XP 만능 고스트를 만들기 위한 시스템, 이 팁에서 사용할 Newprep V2009 Final, 고스트 이미지를 뜨기위한 고스트 툴, 이미지를 담아낼 저장공간등이 필요하겠습니다. 다른건 다 알아서 준비하시구요. Newprep V2009 Final는 따로 업로드 시켰습니다. ^^(아래 링크 클릭,,, 파코즈에 안먹히는 태그가 있네요... OTL,,,)

 

http://cid-ecab1ae7901f3f08.skydrive.live.com/self.aspx/%ea%b3%b5%ec%9a%a9/Web%20Upload/PARKOZ%20Upload/newprep.exe

 

 1. 일단 아무 시스템에서 순수한 XP를 설치하시기 바랍니다. 튜닝판 XP에서는 문제가 발생할 수 있다고 하니, 필이 순수한 XP를 사용하시기 바랍니다.

       이미지 뜨기 위해서 XP를 시스템에 다시 까는건 비효율적이기 때문에 VMware나 버츄얼 박스, 버츄얼 PC등의 가상 환경에서 설치하시는것이 좋을 겁니다.(관리도 쉽구요.)

 

 2. 설치 직후에 배포하실 프로그램을 설치해 주세요. 단, 드라이버와 연동되는 프로그램들은 작업이 실패하거나 결과물이 안좋을 수도 있으므로 될 수 있도록 드라이버 관리 프로그램 보다는, 워드와 같은 유틸리티 프로그램을 설치하시는 걸 추천드립니다.

 

 3. 배포하실 프로그램을 설치한 후, 찌꺼기를 삭제해 주세요. 꼭 해야할 작업은 아닙니다만 임시풀더와 프로그램 설치후 남은 설치파일등은 모조리 삭제하셔야 고스트 이미지 용량을 줄일 수 있습니다. 물론 Newprep V2009 Final에 찌꺼기 삭제기능이 있긴 하지만 완벽하지가 않은것 같습니다.

 

 4. Newprep V2009 Final를 실행시켜주세요. 사용법을 돕기위해 스크린샷을 첨부하였습니다.

 

 이미 파코즌 분들은 눈치체셨겠지만,

 

(괄호 안의 내용은 제가 확신하지 못하는 내용으로 그냥 참고해 주세요. ^^)

 

 Packaging 그룹에 있는 작업들은, 만능 고스트를 만드는 가장 필요한 작업들 입니다. 이유 불문하고 모든 작업을 체크하시는걸 추천드립니다.(간단한 원리 입니다. 하드웨어의 기본 규격을 바탕으로 만들어진 스탠다드 드라이버들을 기존에 설치되어 있던 드라이버들과 바꿔치기하는 작업과, 이걸로 뜬 이미지로 복구를 했을때 사용자 입력창이 뜨도록 하거나, 전에 있던 정보파일및 드라이버들을 제거하는 옵션들 입니다.)

 Deployment 그룹의 작업은 자신의 취향으로 하고 싶으신 작업들을 체크하시면 되겠습니다.(이것도 간단하게 설명드리자면, 부팅 시간을 지정하거나(부팅 목록 표시), C드라이브의 용량을 줄인다거나, 오토런 파일을 없애거나, 시스템 서비스를 정지시키거나, SRS장치들을 없앤다거나, 디스크 메니져를 처음에 실행시킨다거나,,,옵션 입니다.)

 

 제가 개인적으로 체크하고 싶은 옵션들은 Packaging은 일단 모두 체크에,,, Deployment는 밑에 3개만,,, 입니다. ^^

 

 More... 을 누르면 상세적인 설정이 가능하지만, 고급사용자가 아닌 이상 필요없는 옵션들 뿐이구요. 이제 남은건 Sysprep를 누르는 것 뿐이겠네요.

 

 5. Sysprep를 눌러주세요. 그러면 하나하나 작업을 진행하는 모습을 보여주는데요. IDE 장치와 ACPI장치를 스탠다드 드라이버로 업데이트할 때 XP 서명 안된 장치 설치 관련 경고 메시지가 뜹니다. 한 3번정도 뜨구요. 그냥 상콤하게 계속을 눌러서 작업을 진행하시면 됩니다.

 

 6. 마지막 작업시 explorer.exe 프로세스가 잠시 닫칩니다. 그리고는 완료되었으니 고스트로 이미지 뜨시오! 라고 하는 메시지가 뜹니다. 확인을 누르시면 다시 explorer.exe가 실행됩니다. 이제 종료해서 고스트로 뜨시면 되겠지만,,, 대륙의 툴인지라 지저분하게 뭔가 남습니다. 지들 맘데로 셋팅되는것도 있구요. 그걸 찾아야 하지요.

 

 7. C:\Sysprep 경로로 들어가면 총 세가지 파일이 보입니다.

      sysprep.inf, newprep.inf, sysprep.exe

 여기서 우리는 inf 파일 두가지를 손 봅니다. 텍스트 문서로 여세요.

 

 8. sysprep.inf는 타임존을 230으로 맞춰주세요. 이래야지 한국 표준시로 맞춰집니다. 그리고 유저데이터에서 유저네임과 그룹네임이 중국어로 표현되어 있을건데요. 파코즌분들이 쓰고싶은 이름으로 바꿔주세요. 그리고 [TapiLocation] [TapiLocation]이 두가지에 있는 내용은 모두 삭제해 주시구요.

 

 9. newprep.inf는 IP부분을 싹 지워주세요. 지들 맘대로 특정 IP로 입력되었더군요. ADSL 모뎀 접속을 사용하시는 분들이라면 괜찮은 설정이긴 한데,,, 어차피 이 부분은 나중에 다시 입력하면 되니까요.. &&

 

 10. 이제 작업한 시스템을 꺼 주세요. 그리고는 고스트로 부팅해서 이미지를 떠주시면 됩니다. 뜨시는 방법은 여러가지가 있기 때문에 그 방법에 맞추셔서 해당 작업을 마친 시스템의 하드디스크 파티션 하나를 이미지로 떠버리시면 되겠습니다.

 

 11. 이제 생성된 이미지 파일은 만능 고스트 이미지가 되었습니다. XP가 필요한 다른 시스템에 이 고스트 이미지를 풀어주세요.

 

 12. 이제부터는 구경만 하시면 되겠습니다. 이미지가 풀리고 난 다음 재부팅을 하면 OS 부팅전에 잠시 중국어가 나오다가 XP로고가 나옵니다.

 

 12. 마우스가 사용되는 커널 모드에서 아까 작업시 표준 드라이버로 바꾸었던 드라이버들을 다시 시스템에 맞게 업데이트 한 후 화면이 몇번 깜빡이면서 밑에 시간이 흘려가고는 'Windows XP 설치' - 잠시 기다려 주십시오... 라는 창을 보여줍니다. 그리고 네트워크 설치 마법사 창과 시작메뉴 항목과 구성요소를 등록, 임시파일등을 삭제하는 마법사 창이 나오고는, 재부팅을 합니다.

 

 12. 재부팅 후에는 새로운 시작 이라는 Windows 부팅 화면이 나오고 사용자 환경을 만들어 주기 위해 시간이 약간 소요됩니다. 잠시 기다리면 윈도우 화면이 나오고 함께 작업 관리자를 띄워주고는 설치되지 않은 장치를 자동으로 선택해서 하드웨어 업데이트 마법사를 실행시켜 줍니다.(대단한데?)

 

 13. 그 후로는 이제 아까 Newprep V2009 Final 작업을 하기 전까지의 XP가 설치되어 나온것을 볼 수 있습니다.

 

 

 

Install WordPress on WEMP (Windows, nginx, MySQL and PHP)

Install WordPress on WEMP (Windows, nginx, MySQL and PHP)

Install WordPress on WEMPNowadays, even desktop computers are powerful enough to run server software. For blog theme designers and plugin developers, this really benefits them because they finally can install an experimental server to play with.

WAMP system by far is the most popular blogging server for desktop computers. It takes advantage of Windows, Apache, MySQL and PHP which are also used in production environment, but more commonly run in Linux and UNIX setup.

While Apache is able to adopt to almost every situation, it is not ideal for servers with lower memory. Desktop computers which are going to be used as weblog server could make use of extra memory because the owners still run various applications on top of those workstations.

The idea behind this tutorial is to produce efficient blog server setup.

Not only can you claim back your precious computer memory, but it also results in a faster and more responsive windows blog server.

The whole setup takes advantage of open source blog server software. Nginx itself is licensed under BSD-like license, which basically means you can do whatever you want with it as long as you keep the copyright notice intact.

I am not a lawyer, so don’t take my words in the previous paragraph for legal decision.

WEMP in Summary

Nginx (pronounced Engine X) is a HTTP server and mail proxy. As of this writing, the stable version is version 0.6.32. Despite its version number, it actually is very stable even for production server with a few thousands of requests per second.

WordPress.com uses a few instances of nginx to serve about 1.2Gbit/sec or around 8,000 – 9,000 requests/second.

Does that sound good enough?

By the way, add to the fact that the CPU usage is also very efficient compare to other web server software especially Apache.

Through several tests, I was sold. Currently, I’ve been using nginx for most of my Virtual Private Server (VPS) with no problems at all. If it is good enough for production server, it should be for desktop computer.

And yes, you can install it quite easily.

(The other components are just like the usual WAMP setup with MySQL and PHP under Windows.)

System Requirements

My experimental machine is run on Windows Vista. The WEMP setup doesn’t requires anything specific. If you are want to try this under Windows XP, the process should be exactly the same and it should also work flawlessly there.

As to memory requirements, it is hard to predict. When starting the server software for the first time, they may consume less memory but as you run it for a while and it has quite some data in the database, they will need more memory.

mysqld requires only a bit more than 1MB when started the first time (no database but the internal data). php-cgi occupies around 5MB at first.

However, after running WordPress for some time…

  • nginx still occupies a bit more than 2MB. You’re going to like this, aren’t you?
  • PHP running in FastCGI is about 6.5MB.
  • MySQLd takes around 11MB.

The total memory consumption is ~ 20MB. Of course, that depends on how you optimize MySQL or how much data do you have in the database. The point is, you probably have known about PHP and MySQL, but isn’t the figure for nginx encouraging?

WEMP Memory Consumption

Compare this to Apache. Memory consumption of 50 – 300MB per process is not unheard of, and in fact it is quite common. Note that I’m not comparing apple to apple, but you don’t need all the additional features in Apache. Another thing worth considering is CPU load.

Nginx is currently my favorite setup, although because of portability issue for FastCGI, it is not able to run Movable Type.

Getting Started with WEMP Installation

nginx LogoI presume that the “W” part, which is Windows, is already done. Unless you are viewing this page through another computer, chances are you have already had a Windows installation on your desktop computer or laptop.

So let’s go ahead and proceed with nginx. This web server software is so stable that you can run the latest development version without any problem, but just to be on the safe side, you should download the latest stable version of nginx.

Installation of nginx is very simple. Just launch the installation program after download and proceed through the wizard. You don’t have a lot of options to choose, just standard options to create icons on your desktop and quick launch taskbar. Nothing can be simpler.

Note: During the installation, you will be given basic information on how to start and stop the nginx service. You will test it out in the next section.

The standard location for nginx installation under Win32 is C:\nginx.

Configuring and Running nginx

Right off the bat after the installation, you will find two batch scripts to start and stop nginx. They are located in C:\nginx\conf. These two batch files are also linked from C:\nginx.

start-nginx.bat is used to start nginx while the stop-nginx.bat batch file is to stop the service. Later you will edit these two batch files to start and stop MySQL and PHP from one place.

Note these are the same scripts that you use when you run the Start nginx or Stop nginx commands from Start Menu.

If you are ready to get started, run the Start nginx from StartAll Programsnginx.

A dialog box asking if you want to make exception on Windows Firewall shows up. If you want to access nginx from computers outside of the machine it is installed on, you should choose Unblock. Otherwise, selecting Keep blocking still allows you to access the web server via your own machine — through the loopback interface.

This may not appear if you don’t turn the Windows Firewall option on though.

Allowing nginx in Windows Firewall

You can change this by going to Windows Firewall and locate nginx under the Exceptions tab.

Now try to load the test page up in the browser by typing:

http://localhost

in the address bar of your browser. A screen similar to the following should appear right before you.

Welcome Screen in nginx

If you see it, your installation is successful. You can now change the configuration file, which full path is C:\nginx\conf\nginx.conf. The other files in the same directory are used by the configuration file as necessary (if activated within the configuration).

You should put the web documents in C:\nginx\html. Later when installing WordPress, you will load WordPress files in this directory.

Stopping nginx is as easy. Just run Stop nginx program from the Start Menu, or run the batch file directly.

Configure nginx to Interact with PHP

As of now, you have not yet installed PHP, but because both nginx and PHP run independently in this setup, you can configure the web server first.

PHP will be running in FastCGI mode, so all you need is to ask nginx to send request to process PHP files to PHP listening on a TCP port on localhost. Unlike LightTPD, nginx doesn’t support CGI directly so FastCGI is the only option.

There is nothing to lose though as this setup is more flexible. For instance, if I happen to have a desktop and laptop on the same local network, I could install the PHP running in FastCGI mode on my laptop. The nginx and MySQL could just reside on the desktop.

It certainly make it even lighter

In order to do this, you need to edit the configuration file in C:\nginx\conf\nginx.conf.

  1. Open the file in WordPad. The configuration file is in UNIX text file format, so you will have a problem with it in Notepad. Once you save it in WordPad, you may open the file in Notepad because the process converts the file format to native Windows. Just make sure you open and save the file as text instead of Rich Text Format (RTF).
  2. Scroll down to the location that says pass the PHP scripts to FastCGI server listening on …. Remove the hash signs (’#') for that block and modify it to read as follow before saving.
location ~ \.php$ {
  root           html;
  fastcgi_pass   127.0.0.1:10000;
  fastcgi_index  index.php;
  fastcgi_param  SCRIPT_FILENAME  /nginx/html$fastcgi_script_name;
  include        fastcgi_params;
}

You also have to tell nginx to look for index.php in a directory as default file. Look for the root location block and add index.php so it looks like the following.

location / {
  root   /nginx/html;
  index  index.php index.html index.htm;
}

This is important to avoid having to enter full path to a PHP file or getting the 403 permission denied message (http://localhost/wp-admin/ works instead of only http://localhost/wp-admin/index.php. You also need to modify root to full path, but omitting the drive letter.

Running and Stopping nginx, MySQL and PHP FastCGI with Batch File

In previous section, you have tested Engine X, and if that works you are now ready for this step. The WEMP system consists of three main server components. To start and stop them can be a problem if you are constantly testing for different configuration.

By editing the batch file used to start nginx so it starts and stops all the servers as well, you save some time. It is also flexible enough that you may stop it immediately as you finish with your work and need to free more memory for other things.

While it is possible to run MySQL as Windows server, I prefer the batch script executable approach for the above reason.

Here is the content of start-nginx.bat after editing:

1
2
3
4
5
6
7
8
9
@ECHO OFF
ECHO Starting PHP FastCGI...
RunHiddenConsole.exe C:\Program Files\PHP\php-cgi.exe -b 127.0.0.1:10000
ECHO Starting nginx...
c:\nginx\nginx.exe
ECHO Starting MySQL...
RunHiddenConsole.exe "C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt" --defaults-file="C:\Program Files\MySQL\MySQL Server 5.0\my.ini"
SLEEP 1
EXIT

Copy and paste the text above and overwrite the start-nginx.bat in C:\nginx\conf. Alternatively download start-nginx.bat here.

The script to stop nginx, mysqld and php-cgi is stop-nginx.bat. You also need to overwrite this one or edit existing one from nginx.

1
2
3
4
5
6
7
8
9
10
11
12
@ECHO OFF
ECHO Stopping MySQL...
process -k mysqld-nt.exe >nul
ECHO Stopping nginx...
process -k nginx.exe >nul
process -k nginx.exe >nul
process -k nginx.exe >nul
process -k nginx.exe >nul
ECHO Stopping PHP FastCGI...
process -k php-cgi.exe >nul
SLEEP 1
EXIT

Again copy, paste and overwrite the file with the text above or download stop-nginx.bat here.

With those scripts, you will be able to run and stop nginx, myslqd and php-cgi from one place.

Don’t run the batch file yet. You need to install PHP and MYSQL first… which the following steps are exactly about.

Installing PHP on Windows

PHP LogoPHP installation is pretty simple. Just go to PHP download page and download PHP x.x.x installer. The PHP version used for this demonstration is 5.2.6.

Run the installer executable program, and choose Other CGI when asked for the type of server you will be running. As we are going to run PHP independently in FastCGI mode, that is the option you should choose.

Install PHP as Other CGI

You should seriously consider adding PHP path to your system PATH variable so you can enter php or php-cgi command from any directory in the command prompt to run PHP.

While you can choose the whole extensions, I recommend against it. You can always run the installation package again to add extensions later as you need them.

For now, here are the list of PHP extensions you should seriously consider:

  • Curl
  • GD2
  • MySQL

Recommended PHP Extensions

Then proceed with the installation. By default PHP will be installed in C:\Program Files\PHP.

Running PHP in FastCGI Mode Under Windows

Some people use third party program, such as Spawn-CGI.exe from lighttpd package, but I can’t seem to get it running. However, it is not necessary either.

php-cgi.exe now runs well in FastCGI mode without any third party software. Open a command prompt window and run php-cgi -h to see full options.

Making php-cgi to listen to a <host>:<port> pair is easy. The following command will do it.

php-cgi -b 127.0.0.1:10000

The line instructs php-cgi to bind to localhost, which has an IP of 127.0.0.1 — it is inaccessible outside of your machine — and on port 10,000. This has to match the nginx configuration above.

Now it is much more convenient if you are able to run this without opening a command prompt, isn’t it? Here is a solution.

If you want to get rid of the command prompt window when php-cgi is running, you should download RunHiddenConsole.zip and unzip the executable file in C:\nginx\conf. This program will execute php-cgi, run it in the background but hide the command prompt window so it doesn’t clutter your desktop. (You will use it twice to run php-cgi and mysqld — the latter if you choose not to run it as a Windows service).

Installing MySQL on Windows

MySQL LogoMySQL is the database engine used by WordPress and countless other database-powered applications. That sounds more complex than the above two programs, but really it is the most simple to install of all.

All you have to do is answer questions and choose the right options. This is unlike nginx and PHP installations above.

Now you can relax… all the hard work has been done so far.

First off, you need to download a version of MySQL for Windows. If you’ve never installed this before, the easiest way is to download a package with executable setup file.

For demonstration purpose, it would be Windows Essential (x86).

Save to your desktop and run it once download is finished. Let’s go through the entire installation process step by step.

First, pick Typical installation option.

Install MySQL with Typical Option

This will install the MySQL server and client programs but not the C include files. You don’t need them unless you are developing an application that uses MySQL as the database backend.

Once the files are installed, you will be prompted to Configure the MySQL Server now. Let the checkbox checked before proceeding to the next step.

Configure MySQL Upon Installation on Windows

The next screen allows you to choose between Detailed Configuration or Standard Configuration. Pick the former, just for the sake of curiosity about what options are available to us. Don’t worry, if you don’t know what an option is, you can always leave it as is.

Detailed MySQL Configuration

When asked to choose the server type, the choice in this example is obvious. This setup is for experimenting with various WordPress themes and plugins, so low memory consumption is preferable. Choose Developer Machine. The other option will allow more concurrent connections running at the same time, which wastes more memory.

It doesn’t matter which one do you choose in the next step, but in this case, the choice is Multifunctional Database.

Multifunctional Database Option in MySQL

Following the option above, you will see a screen that prompts you for InnoDB Tablespace Settings. Choose the directory where you want the file to be placed.

MySQLl Tablespace Settings

The next step shows a screen where you can customize the number of concurrent connections allowed by MySQL. Although it is safe to choose Manual Setting and set it to 15 or even lower, I leave this to 20.

MySQL Decision Support

MySQL is capable of accepting connections through named pipes or TCP/IP networking. The latter is a more common setup, and more flexible too as you may migrate the MySQL server to another machine and still connect over the network, so leave all the settings as is. Enable TCP/IP Networking and Enable Strict Mode and leave Port Number: 3306 as the standard port.

Because you don’t need to make this MySQL database server to serve data outside of your own desktop computer, it is not necessary to add exception to the Windows Firewall for this port. While running the batch file later, if Windows asks you if you want to unblock this, feel free to choose Keep Blocking, unless you want to allow remote connections.

MySQL TCP/IP and Strict Mode

Next, you may set the character set for this database server. For English and other West European language, the Standard Character Set option is good to go.

MySQL Charset

You may want to Install As Windows Service. The Launch the MySQL Server automatically allows you to run MySQL as you start Windows.

This is certainly an option, although you could also run it along with the batch file above so you have the capability to start and stop it on demand from one place. Starting and stopping Windows service is not hard, but it needs more clicks separately.

If you choose to run it via the batch file above, uncheck the Install as Windows Service option.

Include Bin Directory in Windows PATH is a good idea so you can run mysql from anywhere in the command line.

MySQL as Service and Add to PATH

It is recommended that you enter the root password so access to the data is protected. You will need this to manage MySQL data. If you don’t need other people from remote machines to access this database server, leave the Enable root access from remote machines option unchecked.

MySQL Security Settings

That’s it. Now you have installed EMP on your Windows system.

Check to Make Sure WEMP Runs Properly

Now is the time to run Start nginx or the start-nginx.bat batch file. It first starts, php-cgi, binds to the loopback interface (localhost, IP 127.0.0.1). Next it runs nginx, followed by mysqld. Again, this is the same script that you run if you pick Start nginx from the Start Menu.

You can check if all the servers run properly by using Windows Task Manager (right click on the taskbar and pick Task Manager). Look for nginx.exe, mysqld-nt.exe and php-cgi.exe on the list. Sort by Image Name first to make it easy to locate program names.

Note: There will be two instances of nginx.exe, one master process and the other one is the worker process. Don’t worry about it, it is just how it was designed to be.

If you see them all, for redundancy, check if all the servers are accepting connections in the right TCP/IP ports.

Run the following command in a command prompt windows:

netstat -ban -p tcp

Basically, it tells netstat to:

  • -b: displays the executable involved in creating each connection or listening port.
  • -a: displays all connections and listening ports.
  • -n: displays address and port numbers in numerical form.
  • -p tcp: shows connections for TCP protocol only.

Among the result you should see the following:

  • Port 80 – System. For one reason or another it doesn’t shows as nginx.exe, but you can confirm it as such.
  • Port 3306 is occupied by mysqld-nt.exe, which is exactly the MySQL server you were starting just now.
  • Port 10000 – php-cgi.exe. Instead of 0.0.0.0 (all IP address in the system, this is specific only to loopback address (127.0.0.1). The PHP is now running in FastCGI mode, ready to accept connection.

For a full test you need something that access the web server, calling PHP script and connect to MySQL database.

Because WordPress does exactly this, let’s proceed by installing it on your WEMP setup.

Installing WordPress on WEMP System

WordPress installation should be easy by now with everything already in place. First of all, you need to prepare a database for WordPress.

You may choose to install PhpMyAdmin for MySQL database management but for simplicity let’s just dive into MySQL’s command line interface.

  1. Open a Command Prompt.
  2. If you enable MySQL in the PATH, you should be able to type in mysql -u root -p directly and get a password prompt. Enter the password you’ve set earlier when you install MySQL.
  3. At the MySQL command line interface, create the database and grant access to a specific user. It is recommended that you always create a user who has access only to one working database for security reason.

create database wp;
grant all on wp.* to 'wpuser'@'localhost' identified by 'yourpass';

The first command create the database wp. The second command grant all privileges to the user wpuser connected via localhost with the password yourpass. Of course, change your password — or any other variables — as necessary.

Use the exit command to get out of the MySQL command line interface, in case you don’t know how to do it.

You’re set!

Now download and unpack the newest version of WordPress. Put the files in C:\nginx\html. Rename the directory if you so choose. Put all the files inside the wordpress directory in root if you want the blog to be installed on the root directory.

Now open a browser window and access the files. If you put the wordpress directory in the document root and rename it to blog, type the following into the browser’s address bar:

http://localhost/blog/

A screen like the following appears:

Create WordPress Configuration wp-config.php

See, you don’t even have to copy the wp-config-sample.php to wp-config.php and edit the content to reflect your database configuration. WordPress will prompt you for the information with this wizard.

The next screen should be obvious. Please read if you are not familiar with WordPress installation. When finished, proceed to the next step, which is a screen where you could enter your database information.

WordPress Database Configuration

WordPress will test the database connection and if all is going fine, you will be prompted once again to run install.

The famous installation process involves entering your blog title and email address. That’s it!

Upon successful installation, you will see a success screen with your user name and password.

Important: Because most likely you don’t have a mail service in your desktop, you won’t get new blog creation message along with the admin’s username and password. Make sure that you jot down the details before you close the window or hit the Login button.

Try to login with the provided user name and password, and immediately change the password to something memorable. It doesn’t have to be secure because only you are able to access it.

If you’ve successfully reached this far, and you see the WordPress Dashboard after logging in, you can be sure everything is working well. Congratulations.

Now go play around with your newly installed WEMP and WordPress!

Return to How to Make a Server — Building High Performance Server.

Return to Blog Tips for a Better Blog — Blog Building University.


Blog Building University features tips, techniques and strategies on starting and growing your moneymaking / business blog. Subscribe to get fresh content delivered to you daily!

Blog Building University Full Content Feed

Comments

5 Responses to “Install WordPress on WEMP (Windows, nginx, MySQL and PHP)”

2009년 11월 3일 화요일

SYSPREP 복원시 전원종료 이슈 해결.

시작 - 실행 - 
%systemroot%\system32\rundll32.exe SETUPAPI.DLL,InstallHinfSection ACPIAPIC_UP_HAL 128 %systemroot%\Inf\Hal.INF

엔터 해 보세요. 그리고 재부팅 2회 해 보세요.