Linux and Information Security Stuff

Install and Configure WireGuard VPN

Wireguard is a very simple, fast and secure VPN solution. It is being widely adopted and heavily developed. Installation in Centos 7:yum install kernel-devel kernel-headers # you have to install kernel headers first yum install epel-release https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.

Error: Unfortunately you can't have non-Gradle Java modules and > Android-Gradle modules in one project

If you encounter this error in Android Studio when trying to run an android application after freshly importing a project. You just have to delete the following files and directories: .idea directory.iml files Once you delete these files and directories, re-open your project

Install Kali Linux with PowerShell on Windows without Virtual Machine (WSL)

Start PowerShell as an administrator. Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux And then, you need to restart your machine, so hit y Start PowerShell as an administrator again. Now, that you have WSL enabled, you can install Kali Linux just by going to the Microsoft Store.

Local Certificate Authority for Private Networks

First, we will need to create a Certificate Authority in our home network so that we can sign the certificates. To do that, you can find two scripts in my GitHub repository. We will start by cloning it. Link to the repo: https://github.

Upgrade ProxmoxVE 6.1 to 6.2 without Subscription

Once you have SSHed into your Proxmox: cd /etc/apt/sources.list.d/ There, you should find two files, pve-enterprise.list and pve-no-subscription.list. To make sure that you don't pull anything off the enterprise version, comment out the text in pve.enterpirse.list

Linux

Getting exit status of the command when using pipes

I came across a situation where i needed the exit code of last command but before passing it through the pipe. For example, running the following command would give the exit code 0, even if the first command failed : root@NTRTR:/tmp# wl -i

alpine linux

Alpine with XFCE and VNC on a virtual machine

I was looking to create a light weight virtual machine with Graphical user interface for segmenting some of my internet browsing endeavors. I tested a couple of light weight Linux distros but ended up with just using Alpine Linux with XFCE as the Desktop

nginx

Hosting HTTPS sites with Nginx

Youtube Version !Indroduction What is SSL/HTTPS/TLS? SSL - Secure Sockets Layer It is the standard technology used to encrypt the communication between the client and the server. This is done to avoid any man in the middle attacks. HTTPS - Hyper Text

nginx

Nginx - SSL Passthrough Reverse Proxy

Nginx 1.9.3+ allows TCP load balancing or SSL passthrough. What this means is you can reverse proxy or load balance web applications without having to terminate SSL at the nginx. Example Configuration for name based access:stream { map $ssl_preread_server_name

OSCP Review - Proctored Version

About Me: I am motivated IT professional with 14 years of experience in the IT industry. During the initial days of my career I worked as a programmer. After some time I got interested into Systems Administration and started working as a systems engineer.

replication

Setting up PostGresql Replication with Loadbalancing with PGPOOL II

Installation (on both Master and Slave Nodes): yum install https://yum.postgresql.org/9.5/redhat/rhel-7-x86_64/pgdg-centos95-9.5-3.noarch.rpm yum install postgresql95 postgresql95-server postgresql-libs postgresql95-contrib rsync Initialize the database and configure postgresql /usr/pgsql-9.5/bin/postgresql95-setup initdb cd /var/lib/

Rotate your video with ffmpeg

You might run into an issue with the orientation on your videos at times and yeah it is super easy to rotate your video with a free and open source utility ffmpeg. Here is how : ffmpeg -i input.mp4 -vf "transpose=1" output.mp4

FFMPEG

Cut Video file with ffmpeg

FFMPEG is an open source and really powerful audio/video processor. You can do a lot of different things with ffmpeg. One of which is to cut video. Below are some examples to see how you can cut video with free ffmpeg. Basic Syntax:

Postfix

Configure postfix to use Sendgrid as default Relay

If you would like to configure postfix to use Sendgrid as the mail relay, you can do so by editing the postfix main configuration file. vi /etc/postfix/main.cf And then paste the content below at the end of the file : smtp_sasl_

Wordpress Admin Security

Yeah there are a lot of script kiddies out there scanning word press sites and brute forcing word press admin logins. There are ways you can limit access to the wordpress admin panel from restricted set IP Address or block unwanted browser agents. Here

Bash

Touch command tips and tricks

Changing modification time using touch: touch -d '-4 day' filename touch -d '-4 hour' filename touch -d "30 days ago" filename Setting Timestamp : touch -t 201606101712 filename

Bash - Convert a comma separated list to any Array

#!/bin/bash IFS="," sampleData="59,100,23,98,50" arr=($sampleData) for i in "${!arr[@]}";do echo Item $i:"${arr[$i]}" done unset IFS echo "Completed"

wake on lan

Random Wake up of Windows Machine from Sleep mode

It happens at times that the windows machine wakes up randomly from sleep mode. Here are some steps you may be able to follow to identify the cause and address the issue : Find out the cause of the wake : powercfg -lastwake You may see

Installing newer or multiple version of python on Centos

I stumbled across this situation where I needed to install python > 2.7 on Centos. Yum breaks if you upgrade the system python as yum relies on python 2.6 . So the only way to not touch the system python but still be

manage postfix queue

Postfix Queue Management

Retry delivery of mail in queue : postqueue -f Flush mail for a domain to primary mail server from Relay server: postqueue -s domain.com Delete all email in queue for a domain: postqueue -p | tail -n +2 | awk 'BEGIN { RS = "" } /@example.com/

Linux Administration

Build 32 bit application or libraries on 64 bit machine

In order to configure script to build 32bit library on a 64 bit machine, you would have to pass the following arguments : ./configure --build=i686-pc-linux-gnu "CFLAGS=-m32" "CXXFLAGS=-m32" "LDFLAGS=-m32" Also, If you get an error that

nagios

Nagios Bash script to monitor Domain Expiration

This little script here, lets you use nagios to monitor domain name expiration and warn you ahead of time. You can also use it to just run some cron jobs, our extract the portion you need and use in other places : !/bin/bash #Author

Resize Partition with parted

If you ever wanted to resize a partition to grow unfilled space, you can use parted to grow the partition size. parted /dev/sdx or parted /dev/mmcblk0 print Now note the size of the disk and the start of the partition that you

Centos / Redhat 7 Switching back to iptables

It may be frustrating to learn yet another firewall (firewalld) in Centos or RHEL 7 . Here is how you can switch back to the favorite IPTABLES. Stop firewalld and disable it to start at boot time : systemctl stop firewalld systemctl disable firewalld Now Initiate

selinux

SELinux Tutorial

Selinux is Security Enhanced Linux. I see that many administrators disable Selinux to ease administration, however it is a good idea to enable SELINUX. View Selinux Status: getenforce Disable SELinux : setenforce 0 Disable SeLinux Per Process: Apache: semange permissive -a httpd_t View Associated

Amit's Blog

My Stuffs....