Category Archives: Linux

The Linux Category actually encompasses *BSD, RH, Fedora, Ubuntu, and the like.

OSSIM Block Connection Attempts

I installed alien vault’s OSSIM (the community/free one) and added my subnets for scans. Unfortunately my APC PDUs and batteries really dislike having connection attempts every 2 hours.

Options would include deleting the range and adding smaller ranges, blocking via a firewall, or disabling alerts on the APCs for connection attempts.

So I opted for the easiest of blocking via the firewall:

SSH to my OSSIM box and “jailbreak” to get to a shell

Create a Shell script
nano block_apc.sh

iptables -A OUTPUT -d 10.4.0.241 -j DROP
iptables -A OUTPUT -d 10.4.0.242 -j DROP
iptables -A OUTPUT -d 10.4.0.243 -j DROP
iptables -A OUTPUT -d 10.4.0.244 -j DROP
iptables-save

Ctrl X
Y

Make the Shell script Executable
chmod +x block_apc.sh

Run the Shell script
./block_apc.sh

Add Self-Signed Certificate to Ubuntu

I’m currently running Untangle as my firewall/router UTM and recently enabled SSL Inspection. Unfortunately apt-get was breaking on my linux boxen, so I had to import the certificate.

On my linux box I ran the following and it worked fine:
wget http://firewallURL/cert
mv cert cert.crt
sudo cp cert.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates

Natural Scrolling Ubuntu

So I’m going through a bit of a Linux kick lately and one of the things I ended up doing was installing Ubuntu 16.04LTS on my Dell 7370 laptop. Afterwards, I started to get sick of the scrolling with two fingers on the touch pad – I was pretty used to the “natural scrolling” function on the laptops.

All of the guides were pointing me towards opening the Mouse/Touchpad settings, but there was no checkbox for Natural scroll anywhere to be found.

User “goetzc” from askubuntu.com pointed me in the right direction:
nano /usr/share/X11/xorg.conf.d/50-synaptics.conf
Find the section that says “Identifier ‘touchpad catchall’
Mine now says:

Section “InputClass”
Identifier “touchpad catchall”
Driver “synaptics”
MatchIsTouchpad “on”
MatchDevicePath “/dev/input/event*”
Option “NaturalScrolling” “on”
Option “MiddleEmulation” “on”
Option “Tapping” “on”
Option “DisableWhileTyping” “on”
EndSection

**EDIT**
I just realized that I couldn’t see the option in my Mouse settings panel because I had a non-compatible theme running that ruined the visuals of many options. Oh well, live and learn I guess.

Webserver CA SSL Request, Linux Windows

I had a need to create a certificate for a new webserver. I have Linux machines available on my Windows dowmain that has a certificate authority advertised in active directory.

On your linux machine (that has openssl)
openssl req -new -sha256 -newkey rsa:2048 -nodes -keyout webserver1.key -out webserver1.csr

Generating a 2048 bit RSA private key
……………………………………+++
…………………………………..+++
writing new private key to ‘webserver1.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [XX]:US
State or Province Name (full name) []:NO
Locality Name (eg, city) [Default City]:Town
Organization Name (eg, company) [Default Company Ltd]:Winks
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server’s hostname) []:webserver1.localdomain.local
Email Address []:support@localdomain.local

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Copy the CSR to your clipboard
nano webserver1.csr
Copy all of the text including the “–BEGIN” and “–END”

Create the certificate request on your CA

https://certificateauthority/certsrv
Create a new request – Advanced certificate request
Paste the copied text
Select webserver for the certificate template
Submit

I always download as a base64 encoded certificate. I then copied the .cer to my linux box to run the next steps.

On your linux machine create the PFX
openssl pkcs12 -inkey webserver1.key -in webserver1.cer -export -out webserver1.pfx

Enter Export Password:
Verifying – Enter Export Password:

Copy the PFX back to your window machine, double click, enter the passcode, and away you go.

RSA host key for server has changed

I had reformatted one of my hypervisor boxes (prox) and completely forgot about changing my SSH keys on other systems. I have a jumpbox that allows me to remotely access and admin the environment, but I couldn’t SSH into my prox system:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
2a:35:00:00:c7:e8:f3:fe:f7:6e:cf:00:00:db:e9:d8.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:33
RSA host key for prox1 has changed and you have requested strict checking.
Host key verification failed.

Opening up my /root/.ssh/known_hosts file I see a bunch of giberish. Answer found from c0rp.

Fast and easy fix
sed -i '33d' ~/.ssh/known_hosts
Obviously change the ’33d’ to reflect your line number. e.g line 12 wouild be ’12d’
Then SSH to your machine again and you’ll be asked if you want to store the new RSA fingerprint.

Or you can use SSH Keygen
ssh-keygen -R yourmachinenamehere

VMWare VMTools CentOS

After my engineers gave me a test vmware system full of the requested guest VM’s, I noticed that the CentOS system did not have any vmware tools installed. I attempted to run through the standard mount the CD and run the rpm’s, but I was greeted with a message saying I should run the open-vm-tools suite instead.

Install Open VM Tools
yum -y install open-vm-tools

Start the VM Tools Daemon
systemctl start vmtoolsd.service

Enable Startup on Reboot
systemctl enable vmstoolsd.service

service vmtoolsd start
also works

Android Playstore

I have an android phone now for only the second (third) time in my life:
1.) working for an MSP they required me to have their phone and it was a terrible motorola piece of garbage
2.) I bought a freedompop Samsung SII which had a battery that would last ~2 hours and was terribly slow
3.) I bought another freedompop LG Optimus F3 which has an awesome (so far) battery and is iPhone4-or-iphone5-peppy

I’ve been on the iPhone since the 3G came out, so it’s still somewhat different for me.

During updates on the LG phone I noticed that it was rather difficult to install new applications; I’d have to play around with rebooting it, turning the wifi off and on, laughing at it, and singing songs just to get a new app to install. In the play store I saw that google maps was constantly “downloading” but never finishing. I tried to stop it, didn’t work.

A day later, and growing more weary of how slow it was to download apps, I googled.

http://forums.androidcentral.com/samsung-galaxy-tab-10-inch/202017-google-play-store-not-working.html

btswein gave the answer:
“Clear the data and cache for google play”
Settings > Applications > All > Google Play > Clear data
or, on the LG
Settings > Apps > Google Play services (AND google play store) > Clear data

Then it magically worked much better! Thanks, guy.