Archive

Posts Tagged ‘Linux’

Installing node.js on RHEL 7.1

July 8, 2016 Leave a comment
curl --silent --location https://rpm.nodesource.com/setup_4.x | bash -
yum install -y nodejs

(all this fuss is because there is no “native” yum package for Node.js – apparently they do not like Red Hat by a reason! :))

Advertisements
Categories: Linux Tags:

CIS RHEL hardening script – fixing non-working Sed expressions (unknown option to `s’)

October 30, 2015 Leave a comment

I do not know what they were thinking about (and testing!) but the sed regular expressions below did not work on neither of my instances of RHEL (CIS remediation script version 1.4.0):

# Set nodev option for /tmp Partition
echo
echo \*\*\*\* Set\ nodev\ option\ for\ /tmp\ Partition
egrep -q “^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$” /etc/fstab && sed -ri “s/^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$/\1/tmp\2nodev\3\4/” /etc/fstab

# Set nosuid option for /tmp Partition
echo
echo \*\*\*\* Set\ nosuid\ option\ for\ /tmp\ Partition
egrep -q “^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$” /etc/fstab && sed -ri “s/^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$/\1/tmp\2nosuid\3\4/” /etc/fstab

# Set noexec option for /tmp Partition
echo
echo \*\*\*\* Set\ noexec\ option\ for\ /tmp\ Partition
egrep -q “^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$” /etc/fstab && sed -ri “s/^(\s*\S+\s+)/tmp(\s+\S+\s+\S+)(\s+\S+\s+\S+)(\s*#.*)?\s*$/\1/tmp\2noexec\3\4/” /etc/fstab

All of them were throwing a very annoying:

sed: -e expression #1, char 61: unknown option to `s'

Read more…

Fixing Armitage in Kali Linux 2.0

October 19, 2015 Leave a comment

Sadly Armitage is failing in the fresh install of Kali 2.0 but fortunately there are always good guys who fix all troubles.

Here is the one for this particular issue:

https://github.com/ompster/kali2_fixer (the link opens in the new window)

or, to save you a few minutes, here is what you need to do:

git clone https://github.com/ompster/kali2_fixer.git
cd kali2_fixer/
python kali2_fix.py

The script will offer you a number of options with Armitage fix amongst them. In essence it just pulls an up to date version of Armitage where all dependencies are fixed.

Categories: Linux, Security Tags: ,

PAM module for GeoIP login restrictions

October 12, 2015 Leave a comment

Found a very nice PAM module (can be used with SSH etc) that can provide login restrictions based on user geo-location as per official internet registrars’ stats files. It’s probably not as good as its commercial rivals but does the job if you’re not too picky! It can also block logins in a LAN based on source MAC or IP addresses.

https://github.com/ColumPaget/pam_ihosts (the link opens in new browser window)

Categories: Linux, Security Tags: ,

Red Hat Enterprise Linux 7.1 in VirtualBox – quick setup for a PoC

October 8, 2015 Leave a comment

Obviously it’s not a tutorial – neither for VirtualBox nor for Linux – just a quick note on essentials when you need to provision a RHEL instance in VirtualBox without active Red Hat subscription.

I assume you have installed a basic server with GUI. Then it’s really important and convenient to have Guest Additions installed (this is basically an analogue of VMWare Tools allowing for better integration between VM and the host OS). Read more…

Categories: Linux Tags:

Leap Second 2015

July 7, 2015 Leave a comment

The time you rarely see!

LEAP SECOND

🙂

Categories: Linux Tags: ,

ASCII art for MOTD

June 18, 2015 Leave a comment

Awesome website – http://patorjk.com/software/taag (the link opens in new window)

No more boring disclaimers on your Cisco and Linux boxes!

ASCII-ART

Categories: Cisco, Linux Tags: ,

Kali Linux – apt-get repos and getting the distro up to date

June 12, 2015 Leave a comment

Quick how to (if you fail to make repo’s work during initial installation process):

  1. edit /etc/apt/sources.list to add repos as follows:
    ## Regular repositories
    deb http://http.kali.org/kali kali main non-free contrib
    deb http://security.kali.org/kali-security kali/updates main contrib non-free
    ## Source repositories
    deb-src http://http.kali.org/kali kali main non-free contrib
    deb-src http://security.kali.org/kali-security kali/updates main contrib non-free
  2. apt-get clean
  3. apt-get update
  4. apt-get upgrade
  5. apt-get dist-upgrade

Then reboot and you’re good to go.

Update for the Kali version 2.0:

The correct file for the apt repositories is as follows:

deb http://http.kali.org/kali sana main contrib non-free
deb http://security.kali.org/kali-security sana/updates main contrib non-free
deb-src http://http.kali.org/kali sana main contrib non-free
deb-src http://security.kali.org/kali-security sana/updates main contrib non-free

BTW – if you have discovered that kernel headers are missing (as they usually do!) in the middle of VMWare Tools installation (what has just happened to me) then to save you a few minutes for fixing apt repositories and here are the reminder of the correct path and the package name for the headers:

apt-get install linux-headers-$(uname -r)
/usr/src/linux-headers-$(uname -r)/include
Categories: Linux, Security Tags: ,

Nagios CHECK_IFTRAFFIC plugin returns “Return code of 13 is out of bounds”

May 7, 2012 1 comment

… at the same time it works perfectly on the server console.

Reason: you’ve run it in the console under root and it has created /tmp/check_if* file which cannot be deleted by nagios user

Solution: delete that temp file and do not test the plugin under root login! 🙂

Categories: Linux Tags: ,

Free TACACS+ Server

March 5, 2012 2 comments

Free TACACS+ Server

This one seems to be a very nice project. It’s a pity there in nothing similar for Windows…

Has anyone heard of a good freeware version for Windows???

Categories: Cisco, Linux Tags: ,