Linux

Add Second Drive to Linux

Leave a comment

I added a new disk using PVE (Proxmox) as a secondary IDE drive. Primary is 30GB. Running Ubuntu 14.04LTS (I know I should upgrade to 16, but I’m lazy)
Secondary drive is 400GB and I marked it NO Backup.
Adding a secondary HDD to linux is pretty easy.

List all of the drives
fdisk -l

In my case it showed that /dev/sdb didn’t have a partition table. That fact, added to the other fact I know I was using sda already, made my choice pretty easy. Don’t take my word for it and actually fact-check against your own equipment!

Create partition on the drive
fdisk /dev/sdb
n
p
1
Enter
w

“N” for new, “P” for primary partition, “1” for partition number, “w” to write table to disk and exit. Most of these are the defaults anyway, so hitting “enter” a bunch of times works.

Create the filesystem
mkfs.ext4 /dev/sdb1
Enter a bunch of times

Display the UUID of the new partition/drive
blkid /dev/sdb1
Should get something back like /dev/sdb1: UUID=”98d83dk-e4c3-38cd89-3830c0909903″ TYPE=”ext4″

Add to FSTAB
*note* Adam will laugh at my use of NANO, but I’m a creature of habit.
nano /etc/fstab
Add the UUID to the bottom:
#/dev/sdb1 /mnt/sdb ext4 defaults 0 0
UUID=98d83dk-e4c3-38cd89-3830c0909903 /mnt/sdb ext4 defaults 0 0

Make directory and Mount the drive
mkdir /mnt/sdb
mount -a

Profit!

Linux

OSSIM Block Connection Attempts

Leave a comment

I installed alien vault’s OSSIM (the community/free one) and added my subnets for scans. Unfortunately my APC PDUs and batteries really dislike having connection attempts every 2 hours.

Options would include deleting the range and adding smaller ranges, blocking via a firewall, or disabling alerts on the APCs for connection attempts.

So I opted for the easiest of blocking via the firewall:

SSH to my OSSIM box and “jailbreak” to get to a shell

Create a Shell script
nano block_apc.sh

iptables -A OUTPUT -d 10.4.0.241 -j DROP
iptables -A OUTPUT -d 10.4.0.242 -j DROP
iptables -A OUTPUT -d 10.4.0.243 -j DROP
iptables -A OUTPUT -d 10.4.0.244 -j DROP
iptables-save

Ctrl X
Y

Make the Shell script Executable
chmod +x block_apc.sh

Run the Shell script
./block_apc.sh

Microsoft

Microsoft CA Delete Old Certificates

Leave a comment

I had an issue where a certificate template was inadvertently used for all users and machines. Creating a new request daily. For 3 months. Without overwriting the old request. Ouch.

So in my Certificate Authority MMC I saw under Issued Certificates thousands of certs that were expired and I wanted them to just go away. Enter the Admin Command Prompt (I didn’t try with powershell).

certutil -deleterow 5/10/2016 Cert
Apparently this command will only delete up to 3000 per attempt, so I had to run it a few times to get my results.

https://technet.microsoft.com/en-us/library/cc732443.aspx?f=255&MSPPError=-2147217396#BKMK_deleterow

Microsoft, Networking

Powershell Add Certificates to Firefox User

Leave a comment

As we recently implemented a MITM SSL inspection web filter, I needed a way to install the locally signed certificate into the firefox stores on managed devices.

Firefox, by default, does not use the built-in certificate store and instead chooses to utilize its own. Chrome/IE/Edge do not have this same issue and the GPO setup to publish an internal certificate to domain computers is working wonderfully. Firefox, on the other hand, is not so helpful.

After some research it was obvious the best solution was to use powershell/certutil to force an import of the certificate into the local profile’s store. I must admit it took me about 10 minutes to realize that Mozilla/Firefox has its own version of certutil that IS NOT the same as the windows certutil… SMH.

I’ve zipped up the required files as of 02/2017 here.

And here is the ps1 script I used which assumes you installed the OS on the C:\ drive with most of the defaults:

#Script adds Radius Certificate to independent Firefox certificate store since the browser does not use the Windows built in certificate store

#list all Firefox profiles so we can push the certificate to ALL
$ProfilePath = “C:\Users\” + $env:username + “\AppData\Roaming\Mozilla\Firefox\Profiles\”
$ProfilePath = $ProfilePath + (Get-ChildItem $ProfilePath | ForEach-Object { $_.Name }).ToString()

#Update for untangle
certutil.exe -A -n “Name of Certificate” -t “CT,C,C” -i “certificate_from_content_filter_or_UTM.crt” -d $ProfilePath

Linux, Networking

Add Self-Signed Certificate to Ubuntu

Leave a comment

I’m currently running Untangle as my firewall/router UTM and recently enabled SSL Inspection. Unfortunately apt-get was breaking on my linux boxen, so I had to import the certificate.

On my linux box I ran the following and it worked fine:
wget http://firewallURL/cert
mv cert cert.crt
sudo cp cert.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates

Linux

Natural Scrolling Ubuntu

Leave a comment

So I’m going through a bit of a Linux kick lately and one of the things I ended up doing was installing Ubuntu 16.04LTS on my Dell 7370 laptop. Afterwards, I started to get sick of the scrolling with two fingers on the touch pad – I was pretty used to the “natural scrolling” function on the laptops.

All of the guides were pointing me towards opening the Mouse/Touchpad settings, but there was no checkbox for Natural scroll anywhere to be found.

User “goetzc” from askubuntu.com pointed me in the right direction:
nano /usr/share/X11/xorg.conf.d/50-synaptics.conf
Find the section that says “Identifier ‘touchpad catchall’
Mine now says:

Section “InputClass”
Identifier “touchpad catchall”
Driver “synaptics”
MatchIsTouchpad “on”
MatchDevicePath “/dev/input/event*”
Option “NaturalScrolling” “on”
Option “MiddleEmulation” “on”
Option “Tapping” “on”
Option “DisableWhileTyping” “on”
EndSection

**EDIT**
I just realized that I couldn’t see the option in my Mouse settings panel because I had a non-compatible theme running that ruined the visuals of many options. Oh well, live and learn I guess.

Ramblings Of An IT Person