ESXi Check TPM – tpm check esx cli
esxcli hardware trustedboot get esxcli hardware trustedboot get Drtm Enabled: false Tpm Present: false
Read MoreBlock IPs by country – Apache
Step 1 If you are using debian or ubuntu, install the mod-geoip package. sudo apt-get install libapache2-mod-geoip Step 2 Enable GeoIPEnable, edit geoip.conf /etc/apache2/mods-enabled/geoip.conf GeoIPEnable On Step 3 Find Country Code Lookup: https://en.wikipedia.org/wiki/ISO_3166-1 In Apache vhosts file, outside of the </Directory> tags: <Location /> ##ISO 3166 Country Codes ## Block China ## Block Costa […]
Read MoreLinux – if anyone logs in notify SSH
Put the following in /etc/profile: The script /etc/profile is executed at every login (for bash shell users). if [ -n “$SSH_CLIENT” ]; then TEXT=”$(date): ssh login to ${USER}@$(hostname -f)” TEXT=”$TEXT from $(echo $SSH_CLIENT|awk ‘{print $1}’)” echo $TEXT|mail -s “ssh login” you@your.domain aFrom:youradd@email.com fi If you have issues delivering mail to a GMAIL inbox, […]
Read MoreSSH Key Conversion to an OpenSSH compatible format
puttygen supports exporting your private key to an OpenSSH compatible format. You can then use OpenSSH tools to recreate the public key. Open PuttyGen Click Load Load your private key Go to Conversions->Export OpenSSH and export your private key Copy your private key to ~/.ssh/id_dsa (or id_rsa). Create the RFC 4716 version of the public […]
Read MoreFix Open Postfix Relay – Unauthenticated Email
If your mail server is left open, anyone can use your SMTP service to send mail, and spammers will use it. This can result in your server being blacklisted and extraneous use of system resources that neither benefit you nor your users. Postfix logoTo secure Postfix, there are a number of functions you can add […]
Read MoreUNIX – Fork Explained
Mr. Peabody Explains fork() Introduction How Windows Does It How Unix Does It So Why Do People Want the Unix Way? How does it work in Perl? Introduction UNIX – Fork Explained Say, Mr Peabody. I was just reading through the Perl 5.6 release notes and noticed that a new function called fork() is now […]
Read MoreUbuntu – What package does a file belong to??
Ubuntu – What package does a file belong to?? apt-file search filename or apt-file search /path/to/file To install apt-file, use: sudo apt-get install apt-file You will need to update its database before you can use it: sudo apt-file update
Read MoreUbuntu – Which Process is Using a port?
Ubuntu – Which Process is Using a port? 1- Find what application/process is using the pro, type: sudo netstat -lpn |grep :8080 and press Enter. You will get an output similar to this one tcp6 0 0 :::8080 :::* LISTEN 6782/java 2- I have got the process Id, which is 6782, now this is the […]
Read MoreHeart Bleed – Exploit Example Code
Heart Bleed – Exploit Example Code If you need to test your server for the vulnerability, here is a simple Python script… [python] #!/usr/bin/python import sys import struct import socket import time import select import re from optparse import OptionParser options = OptionParser(usage=’%prog server [options]’, description=’Test for SSL heartbeat vulnerability (CVE-2014-0160)’) options.add_option(‘-p’, ‘–port’, type=’int’, default=443, […]
Read MoreUbuntu – Update OpenSSL – Fix HeartBleed Vulnerability
In case you haven’t heard, a critical bug in the widely used OpenSSL library has been disclosed this week. http://www.bbc.co.uk/news/technology-26971363 Despite the cool name and vector logo, Heartbleed is one of the scariest security bugs to hit the Internet in a long time. I was able to query my own server to reveal memory […]
Read More