Security   Security – Sudo vulnerability allows privilege scalation



A 10 year old sudo related flaw has been discovered that can make unprivileged users obtain root permissions. Linux admins should patch this critical vulnerability as soon as possible.

Read more:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3156

Debian

Vulnerable

$ sudoedit -s /
sudoedit: /: not a regular file

Patch

$ sudo apt update
$ sudo apt install sudo

NOT Vulnerable

$ sudoedit -s 
Read more

Linux   Linux – Simple DNS server using DNSmasq



This article offers a 5 min howto about configuring your own DNS server (perhaps for your company or maybe for your home network) using DNSmasq. Obviously, only the surface is covered on this post.

Given my router does not allow me to add host entries for local DNS resolution, I decided to use DNSMasq on one of my internal network … Read more

Linux   Linux – SQL Server command line to perform queries (mssql-cli)



There are different methods to run queries against an SQL Server from a Linux machine. The one I am using is mssql-cli (https://github.com/dbcli/mssql-cli)

As you can check in the related github website, it has the following features:

  • Auto-completion
  • Syntax highlighting
  • Query history
  • Configuration file support
  • Multi-line queries

Installation

The -Q parameter

It has been packetized for a lot of distributions … Read more

Checkpoint   Checkpoint – Custom application signature ACST



This time I show you the Checkpoint “Application Control Signature Tool”. This tool allows you to create your own Apps and URL filtering signatures.
For example, I’m using it to block Torrent clients based on the User-Agent, but it is very versatile and you can use it in many ways.

Downloading the tool

Visit the following SK103051 and download it. … Read more

Security   Security – List available cipher suite using nmap



If you are in process of securing your web server or site, there are some tools and online resources that can help us a lot (in one of the following posts will show you some of them).

But simply using the command the fantastic nmap tool, another interesting feature is listing the available cipher suite certain site offers using the … Read more

Security   Security – View HTTP headers using tcpdump



If you need to trace the HTTP request and response headers by capturing the related packets, you can use tcpdump in this way:

 tcpdump -i ens192 -A -s 10240 'tcp port 80' | grep -v IP | egrep --line-buffered "..(GET |\.HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " |sed -r 's/..(GET |HTTP\/|POST |HEAD )/\n\n\1/g'

For example, filtering tcp port 80 and 192.168.10.100 IP address:… Read more

Sysadmin tools   Sysadmin – Best wiki software / documentation tool



Some time ago I was researching to find a good tool to create and manage IT documentation at work. These are the features that were essential for me:

  • Editor Wysiwyg (not directly in markup language)
  • Paste images directly (instead of first uploading it to insert it in the document).
  • Team work: Full role and permission system. In case with LDAP
Read more

Sysadmin tools   Sysadmin – Best system administrator tools: MRemoteNG



Given that my work involves managing a wide variety of systems, a good remote connection manager is very important to save time.

I have to connect via SSH, RDP, web, telnet… and MremoteNG is what i was looking for.

From the MRemoteNG website:

mRemoteNG is a fork of mRemote: an open source, tabbed, multi-protocol, remote connections manager. mRemoteNG adds … Read more