| Security – Sudo vulnerability allows privilege scalation |
A 10 year old sudo related flaw has been discovered that can make unprivileged users obtain root permissions. Linux admins should patch this critical vulnerability as soon as possible.
Read more:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156
$ sudoedit -s /
sudoedit: /: not a regular file
$ sudo apt update
$ sudo apt install sudo
$ sudoedit -s |
| Security – Error installing Kali: “Installation step failed” |
When I was installing a Kali virtual machine, I came across an error in the “Software selection” step
After confirming the software, the installation shows an “Installation step failed” message.
After browsing through some sites and forums, apparently the problem could be related to not configuring enough space and a suggestion is configuring more than 30-40 GB. But no luck, … Read more
| Linux – rsyslog: parsing and splitting message fields |
Until now I hadn’t used the options and features rsyslog comes with. Let me show a simple example I have done today. This is an example log line rsyslog has received from iptables (I have configured iptables to log certain connections attempts to identify and save devices with malware):
Sep 29 15:30:39 myserver kernel: [malware3] IN=ens192 OUT=ens192 MAC=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX SRC=10.15.13.17 |
| Linux – Simple DNS server using DNSmasq |
This article offers a 5 min howto about configuring your own DNS server (perhaps for your company or maybe for your home network) using DNSmasq. Obviously, only the surface is covered on this post.
Given my router does not allow me to add host entries for local DNS resolution, I decided to use DNSMasq on one of my internal network … Read more
|
| Linux – SQL Server command line to perform queries (mssql-cli) |
There are different methods to run queries against an SQL Server from a Linux machine. The one I am using is mssql-cli (https://github.com/dbcli/mssql-cli)
As you can check in the related github website, it has the following features:
It has been packetized for a lot of distributions … Read more
|
| Linux – Show git branch in bash prompt |
If you are a Git user, you can find very useful this custom prompt.
Shows working branch when it detects the current folder is a git one:
user1@labdebian ~/data $
user1@labdebian ~/data $ cd ../myproject/
user1@labdebian ~/myproject (master) $user1@labdebian ~/myproject (master) $ git checkout -b branch1 Switched to a new branch 'branch1' user1@labdebian ~/myproject (branch1) $ user1@labdebian ~/myproject… Read more
|
| Linux – Join to Windows domain (realm command) |
Dont be afraid. Joining a linux machine to a windows active directory domain is not difficult. This post explains step by step how to join a Debian or Ubuntu linux machine but it can applied for other distributions without much different commands.
apt-get install realmdIt may happen that the command returns an error like … Read more
|
| Security – List available cipher suite using nmap |
If you are in process of securing your web server or site, there are some tools and online resources that can help us a lot (in one of the following posts will show you some of them).
But simply using the command the fantastic nmap tool, another interesting feature is listing the available cipher suite certain site offers using the … Read more
|
| Security – View HTTP headers using tcpdump |
If you need to trace the HTTP request and response headers by capturing the related packets, you can use tcpdump in this way:
tcpdump -i ens192 -A -s 10240 'tcp port 80' | grep -v IP | egrep --line-buffered "..(GET |\.HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " |sed -r 's/..(GET |HTTP\/|POST |HEAD )/\n\n\1/g'
For example, filtering tcp port 80 and 192.168.10.100 IP address:… Read more
| Home Server (7) – Install Linux Debian virtual machine in ESX |
In this 7th post of the Home Server series, after having configured a SSD drive, a working ESX environment and the RAID disks, let’s create our first virtual machine based on Debian Linux.
For the goal we want to achieve (hosting a web server, our personal files, personal streaming server, …) we do not even need the graphic … Read more
