Tuesday, December 25, 2018

Setting up networking on any linux machine from scratch


Setting up networking on any linux machine from scratch

Main Issue:
At times when you install a new linux machine, you are not aware what is the logical name of the network adapter.

Solution:
#to know the logical name of the network interface
sudo lshw -C network

You are trying to install something like Openssh-server, it says not available in repository
Solution:
#to ensure all packages are updated such as ifconfig
sudo apt-get update

At times ifconfig is not present
Solution:
#to install ifconfig
apt install net-tools

Replace below eth0 with the network name that is shown from the following command: "sudo lshw -C network"
# The primary network interface
auto eth0
iface eth0 inet static
    address 10.0.0.41
    netmask 255.255.255.0
    network 10.0.0.0
    broadcast 10.0.0.255
    gateway 10.0.0.1
    dns-nameservers 10.0.0.1 8.8.8.8
    dns-domain acme.com
    dns-search acme.com

Wednesday, July 27, 2016

Configuring Centos with Apache , Mysql and PHP

http://www.tecmint.com/things-to-do-after-minimal-rhel-centos-7-installation/#C6

before installing apache, fix the hostname, /etc/hosts file

=================================================
Install Apache
=================================================
# yum install httpd
LISTEN 80 , change it to any port you like
# firewall-cmd --add-service=http
# firewall-cmd --permanent --add-port=3221/tcp
# firewall-cmd --reload
# systemctl restart httpd.service
# systemctl start httpd.service
# systemctl enable httpd.service
=================================================
Install PHP
=================================================
# yum install php
# systemctl restart httpd.service
test php
# echo -e ""  > /var/www/html/phpinfo.php
# php /var/www/html/phpinfo.php

=================================================
Install MariaDB
=================================================
# yum install mariadb-server mariadb
# systemctl start mariadb.service
# systemctl enable mariadb.service
# firewall-cmd --add-service=mysql
secure mariadb using below
# /usr/bin/mysql_secure_installation

=================================================
phpmyadmin
=================================================
http://www.liquidweb.com/kb/how-to-install-and-configure-phpmyadmin-on-centos-7/


rpm -iUvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

yum -y update

yum -y install phpmyadmin

vim /etc/httpd/conf.d/phpMyAdmin.conf
Require ip 127.0.0.1

Allow from 127.0.0.1

Require ip 127.0.0.1

Allow from 127.0.0.1

Then exit and save the file with the command :wq .

Restart Apache:

systemctl restart httpd

=================================================
Hardening Centos Apache
=================================================
disable http track and trace methods
=================================================
in /etc/httpd/conf/httpd.conf

TraceEnable off
ServerTokens ProductOnly
ServerSignature Off

The above two lines are to hide server version etc..

Thursday, May 19, 2016

Using grep to find multiple keywords in multiple directories recursively

Using grep to find multiple keywords in multiple directories recursively

using the following command you will be able to find multiple keywords in multiple directories recursively

Command:
egrep -rwn

Example:
egrep -rwn '64.exe|m64.exe|s64.exe|s.aspx|sm.exe|ps.exe|vnc.exe|sm.bat|bruter.exe|kiss.exe|pl.exe|A.exe|xcmd.exe|share.exe|Unet.exe|splitter.exe|m32.exe|lsass.exe|wsc-x64.exe|psexec.exe|w.aspx|wce.exe|sexe.cab' /home/security/


Thursday, September 17, 2015

Enhanced Mitigation Experience Toolkit 5.2



Enhanced Mitigation Experience Toolkit 5.2


I recently came across this utility from microsoft that helps to stop malwares on systems. As currently working on Security Operation Center (SOC) , its one tool to test out and see how it really works 

the tool can be downloaded from Microsoft website below.

https://www.microsoft.com/en-us/download/details.aspx?id=46366

Will post feedback if i get time.

thanks

Tuesday, April 8, 2014

IIS Crypto - enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2003, 2008 and 2012

IIS Crypto

IIS Crypto is a free tool that gives administrators the ability to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2003, 2008 and 2012. It also lets you reorder SSL/TLS cipher suites offered by IIS, implement best practices with a single click and test your website.


Thursday, January 9, 2014

AD Integration for Policy Planner in Firemon Version 7.0.2

AD Integration for Policy Planner in Firemon Version 7.0.2



Firemon AD Integration using client GUI (Version 7.0.2.214):
Step 1:
Goto Administration tab on the client then select Authentication Server .Add the required information in the settings.



Make sure attributes enter in the settings are correct. Given the same as given in above snapshot.
Step 2:
Also make sure in the user tab default users must be set to (LDAP) as showed in the below screenshot.

.

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More