Clear PageCache only
# sync; echo 1 > /proc/sys/vm/drop_caches
Clear dentries and inodes
# sync; echo 2 > /proc/sys/vm/drop_caches
Clear PageCache, dentries and inodes
# sync; echo 3 > /proc/sys/vm/drop_caches
Seperate Private Key and Certificate file
#Generate certificates bundle file
openssl pkcs12 -nokeys -in server-cert-key-bundle.p12 -out server-ca-cert-bundle.pem
#Generate server key file.
openssl pkcs12 -nocerts -nodes -in server-cert-key-bundle.p12 -out server.key
Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM
openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
Create a .pfx/.p12 certificate file using OpenSSL
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt
Src: https://www.sslshopper.com/article-most-common-openssl-commands.html
To force the kernel to reboot the system we will be making use of the magic SysRq key.
The magic_SysRq_key provides a means to send low level instructions directly to the kernel via the /proc virtual file system.
To enable the use of the magic SysRq option type the following at the command prompt:
echo 1 > /proc/sys/kernel/sysrq
Then to reboot the machine simply enter the following:
echo b > /proc/sysrq-trigger
Voilà! Your system will instantly reboot.
To add a temporary route:
ip route add 172.16.5.0/24 via 10.0.0.101 dev eth0
To make it persist system or network settings restart, create a route-ifname file for an interface through which the subnet is accessed, in this case eth0:
nano /etc/sysconfig/network-scripts/route-eth0
Add the line with the network settings for the other subnet:
172.16.5.0/24 via 10.0.0.101 dev eth0
If your computer is on a network and is not directly connected to the internet, it will be configured with what is called a default gateway, which is usually a router. If the computer cannot find the specific IP address on its local network (aka broadcast domain), as defined by its subnet, it will forward any packets headed to that IP address to the default gateway. The gateway will then attempt to forward packets elsewhere, such as the internet, or another broadcast domain Continue reading “Add a Static Route on CentOS” »
CentOS 7 only allows Fully Qualified Domain Names (FQDN’s). Acceptable values include lower-case letters a to z, numbers 0 to 9, the period, and the hyphen, and between 2 and 63 characters.
At the console, type:
hostnamectl set-hostname my.new-hostname.server
NOTE: Replace my.new-hostname.server with your chosen hostname.
Check the Hostname
hostnamectl
Do a quick search under the usual jetty folders:
find /opt/zimbra/jetty/ -type f -name *jsp -mtime -30
If you find files like:
/opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp /opt/zimbra/jetty/webapps/zimbra/public/Ajax.jsp
you’re actually hacked.
Unlike the previous “zmcat” and “dblaunchs” that actually exploit the vuln and load some sh*t this looks like a bad childish attack. It seems that they delete some files under jetty dir, don’t know why.
The attack vector is the same, but, there are no strange processes, there is no persistence. Continue reading “SOLVED Zimbra 8.6 HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp” »
My case and solution:
Debian 7.11 wheezy
python2.7
python-pip NOT installed
My steps:
#ln -fs /usr/lib/python2.7/plat-x86_64-linux-gnu/_sysconfigdata_nd.py /usr/lib/python2.7/ #wget https://raw.githubusercontent.com/certbot/certbot/75499277be6699fd5a9b884837546391950a3ec9/certbot-auto #chmod +x ./certbot-auto #certbot-auto renew --no-self-upgrade
it download some files and works fine.
Src: https://github.com/certbot/certbot/issues/6824
For large mailbox when you have some mailbox having more than 100k mails in inbox, for those account you are getting error “Can’t get message list”. Here I got my fix, however can’t guarantee it works for you as well. My Rainloop version is 1.11.3.
Following settings might help to fix this issue-
Open application.ini-
nano /home/purple/web/webmail.purple.com.bd/public_html/data/_data_/_default_/configs/application.ini
In your case:
Turns off deleted message filter:
imap_message_list_hide_deleted_messages = Off
Set the number of messages in the folder that activates additional optimizations (such as disabled threads and message list sort):
imap_message_list_count_limit_trigger = 10000
Show messages over the last 12 months only.
imap_message_list_date_filter = 12
1. Get the bundle from Comodo in crt format, or sometimes like a zip file.
2. Place the bundle on your Zimbra mailbox server. You should receive, or download, the next files:
AddTrustExternalCARoot.crt COMODORSAAddTrustCA.crt COMODORSADomainValidationSecureServerCA.crt my_domain_com.crt
or
since comodo is acquired by Sectigo, the updated zip might appear as below: Continue reading “Installing a Comodo SSL on Zimbra using CLI” »
Over the years, it has become a key element of Pohela Boishakh celebrations. The world’s most popular search engine has created a doodle depicting the Mongol Shobhajatra procession to welcome Pohela Boishakh, the first day of the Bangla New Year.
The doodle, featuring a tiger, has been on Google’s homepage since early Sunday.
Mongol Shobhajatra was inscribed on Unesco’s Representative List of Intangible Cultural Heritage in November 2016.
The procession, introduced in Jessore in 1985—and replicated in Dhaka in 1989—features large colourful masks, carnival floats of birds and animals, and other motifs of Bangladeshi culture.
Over the years, it has become a key element of the Pohela Boishakh celebrations among Bangalis at home and abroad.
Radical Islamist groups and parties have been demanding that the procession be scrapped, dubbing it “anti-Islamic.”
Pohela Boishakh celebrations started during Mughal Emperor Akbar’s reign, when it was customary to clear all dues on the last day of the Bangla month Chaitra as businessmen would open “halkhata” — new books of accounts for the new year.
A Google Doodle is a special, temporary, alteration of the logo on Google’s homepage that is intended to celebrate: holidays, events, achievements, and people. Google Doodles were introduced in 1998.
Today we will setup a Site to Site ipsec VPN with Strongswan, which will be configured with PreShared Key Authentication.
After our tunnels are established, we will be able to reach the private ips over the vpn tunnels.
Get the Dependencies:
Update your repository indexes and install strongswan:
$ apt update && sudo apt upgrade -y $ apt install strongswan -y
Set the following kernel parameters:
$ cat >> /etc/sysctl.conf << EOF net.ipv4.ip_forward = 1 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.send_redirects = 0 EOF $ sysctl -p /etc/sysctl.conf
Generate Preshared Key:
We will need a preshared key that both servers will use: Continue reading “Setup a Site to Site IPsec VPN With Strongswan and PreShared Key Authentication” »
