Security   Security – Sudo vulnerability allows privilege scalation



A 10 year old sudo related flaw has been discovered that can make unprivileged users obtain root permissions. Linux admins should patch this critical vulnerability as soon as possible.

Read more:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156

Debian

Vulnerable

$ sudoedit -s /
sudoedit: /: not a regular file

Patch

$ sudo apt update
$ sudo apt install sudo

NOT Vulnerable

$ sudoedit -s 
Read more

Security   Security – Error installing Kali: “Installation step failed”



When I was installing a Kali virtual machine, I came across an error in the “Software selection” step

After confirming the software, the installation shows an “Installation step failed” message.

After browsing through some sites and forums, apparently the problem could be related to not configuring enough space and a suggestion is configuring more than 30-40 GB. But no luck, … Read more

Linux   Linux – rsyslog: parsing and splitting message fields



Until now I hadn’t used the options and features rsyslog comes with. Let me show a simple example I have done today. This is an example log line rsyslog has received from iptables (I have configured iptables to log certain connections attempts to identify and save devices with malware):

Sep 29 15:30:39 myserver kernel: [malware3] IN=ens192 OUT=ens192 MAC=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX SRC=10.15.13.17 
Read more

Linux   Linux – Simple DNS server using DNSmasq



This article offers a 5 min howto about configuring your own DNS server (perhaps for your company or maybe for your home network) using DNSmasq. Obviously, only the surface is covered on this post.

Given my router does not allow me to add host entries for local DNS resolution, I decided to use DNSMasq on one of my internal network … Read more

Linux   Linux – SQL Server command line to perform queries (mssql-cli)



There are different methods to run queries against an SQL Server from a Linux machine. The one I am using is mssql-cli (https://github.com/dbcli/mssql-cli)

As you can check in the related github website, it has the following features:

  • Auto-completion
  • Syntax highlighting
  • Query history
  • Configuration file support
  • Multi-line queries

Installation

The -Q parameter

It has been packetized for a lot of distributions … Read more

Linux   Linux – Show git branch in bash prompt



If you are a Git user, you can find very useful this custom prompt.

Branch

Shows working branch when it detects the current folder is a git one:

user1@labdebian ~/data $
user1@labdebian ~/data $ cd ../myproject/
user1@labdebian ~/myproject (master) $
user1@labdebian ~/myproject (master) $ git checkout -b branch1
Switched to a new branch 'branch1'
user1@labdebian ~/myproject (branch1) $
user1@labdebian ~/myproject
Read more

Linux   Linux – Join to Windows domain (realm command)



Dont be afraid. Joining a linux machine to a windows active directory domain is not difficult. This post explains step by step how to join a Debian or Ubuntu linux machine but it can applied for other distributions without much different commands.

Install needed packages

Install realmd

apt-get install realmd

It may happen that the command returns an error like … Read more

Security   Security – List available cipher suite using nmap



If you are in process of securing your web server or site, there are some tools and online resources that can help us a lot (in one of the following posts will show you some of them).

But simply using the command the fantastic nmap tool, another interesting feature is listing the available cipher suite certain site offers using the … Read more

Security   Security – View HTTP headers using tcpdump



If you need to trace the HTTP request and response headers by capturing the related packets, you can use tcpdump in this way:

 tcpdump -i ens192 -A -s 10240 'tcp port 80' | grep -v IP | egrep --line-buffered "..(GET |\.HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " |sed -r 's/..(GET |HTTP\/|POST |HEAD )/\n\n\1/g'

For example, filtering tcp port 80 and 192.168.10.100 IP address:… Read more

Home Server icon   Home Server (7) – Install Linux Debian virtual machine in ESX



In this 7th post of the Home Server series, after having configured a SSD drive, a working ESX environment and the RAID disks, let’s create our first virtual machine based on Debian Linux.

For the goal we want to achieve (hosting a web server, our personal files, personal streaming server, …) we do not even need the graphic … Read more