Force reboot of a remote Linux machine

To force the kernel to reboot the system we will be making use of the magic SysRq key.

The magic_SysRq_key provides a means to send low level instructions directly to the kernel via the /proc virtual file system.

To enable the use of  the magic SysRq option type the following at the command prompt:

echo 1 > /proc/sys/kernel/sysrq

Then to reboot the machine simply enter the following:

echo b > /proc/sysrq-trigger

Voilà! Your system will instantly reboot.

Share

Add a Static Route on CentOS

To add a temporary route:

ip route add 172.16.5.0/24 via 10.0.0.101 dev eth0

To make it persist system or network settings restart, create a route-ifname file for an interface through which the subnet is accessed, in this case eth0:

nano /etc/sysconfig/network-scripts/route-eth0

Add the line with the network settings for the other subnet:

172.16.5.0/24 via 10.0.0.101 dev eth0

If your computer is on a network and is not directly connected to the internet, it will be configured with what is called a default gateway, which is usually a router. If the computer cannot find the specific IP address on its local network (aka broadcast domain), as defined by its subnet, it will forward any packets headed to that IP address to the default gateway. The gateway will then attempt to forward packets elsewhere, such as the internet, or another broadcast domain Continue reading “Add a Static Route on CentOS” »

Share

Set Hostname in Centos 7

CentOS 7 only allows Fully Qualified Domain Names (FQDN’s). Acceptable values include lower-case letters a to z, numbers 0 to 9, the period, and the hyphen, and between 2 and 63 characters.

At the console, type:

hostnamectl set-hostname my.new-hostname.server

NOTE: Replace my.new-hostname.server with your chosen hostname.

Check the Hostname

hostnamectl
Share

SOLVED Zimbra 8.6 HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp

Do a quick search under the usual jetty folders:

find /opt/zimbra/jetty/ -type f -name *jsp -mtime -30

If you find files like:

/opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp
/opt/zimbra/jetty/webapps/zimbra/public/Ajax.jsp

you’re actually hacked.

Unlike the previous “zmcat” and “dblaunchs” that actually exploit the vuln and load some sh*t this looks like a bad childish attack. It seems that they delete some files under jetty dir, don’t know why. 
The attack vector is the same, but, there are no strange processes, there is no persistence. Continue reading “SOLVED Zimbra 8.6 HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp” »

Share

SOLVED Debian Wheezy Letsencrypt error /opt/eff.org/certbot/venv/bin/python: No module named pip.__main__; ‘pip’ is a package and cannot be directly executed

My case and solution:

Debian 7.11 wheezy
python2.7
python-pip NOT installed

My steps:

#ln -fs /usr/lib/python2.7/plat-x86_64-linux-gnu/_sysconfigdata_nd.py /usr/lib/python2.7/
#wget https://raw.githubusercontent.com/certbot/certbot/75499277be6699fd5a9b884837546391950a3ec9/certbot-auto
#chmod +x ./certbot-auto
#certbot-auto renew --no-self-upgrade

it download some files and works fine.

Src: https://github.com/certbot/certbot/issues/6824

Share

Fixing Rainloop Can’t get message list error

For large mailbox when you have some mailbox having more than 100k mails in inbox, for those account you are getting error “Can’t get message list”. Here I got my fix, however can’t guarantee it works for you as well. My Rainloop version is 1.11.3.

Following settings might help to fix this issue-

Open application.ini-

nano /home/purple/web/webmail.purple.com.bd/public_html/data/_data_/_default_/configs/application.ini

In your case:

Turns off deleted message filter:

imap_message_list_hide_deleted_messages = Off

Set the number of messages in the folder that activates additional optimizations (such as disabled threads and message list sort):

imap_message_list_count_limit_trigger = 10000

Show messages over the last 12 months only.

imap_message_list_date_filter = 12
Share

Installing a Comodo SSL on Zimbra using CLI

1. Get the bundle from Comodo in crt format, or sometimes like a zip file.

2. Place the bundle on your Zimbra mailbox server. You should receive, or download, the next files:

AddTrustExternalCARoot.crt
COMODORSAAddTrustCA.crt
COMODORSADomainValidationSecureServerCA.crt
my_domain_com.crt 

or 

since comodo is acquired by Sectigo, the updated zip might appear as below: Continue reading “Installing a Comodo SSL on Zimbra using CLI” »

Share

Setup a Site to Site IPsec VPN With Strongswan and PreShared Key Authentication

Today we will setup a Site to Site ipsec VPN with Strongswan, which will be configured with PreShared Key Authentication.

After our tunnels are established, we will be able to reach the private ips over the vpn tunnels.

Get the Dependencies:
Update your repository indexes and install strongswan:

$ apt update && sudo apt upgrade -y
$ apt install strongswan -y

Set the following kernel parameters:

$ cat >> /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 1 
net.ipv4.conf.all.accept_redirects = 0 
net.ipv4.conf.all.send_redirects = 0
EOF

$ sysctl -p /etc/sysctl.conf

Generate Preshared Key:
We will need a preshared key that both servers will use: Continue reading “Setup a Site to Site IPsec VPN With Strongswan and PreShared Key Authentication” »

Share

Endian IP Blocking Firewall Rule

You can make a general IP ban list. You need to go to Port forwarding / Destination NAT

  • Create a new rule
  • Click on the advanced mode
  • Incoming IP: Type: Zone/VPN/Upllink. Select Uplink main – IP:All known.
  • Incoming service port, Service: Any, Port: Any.
  • In the Translate To section set Type: IP, Insert IP: leave blank, NAT: NAT
  • Access From Section.
  • Source Type: Network/IP/Range
  • Filter Policy: Drop
  • In the Network UP’s box, enter a single IPor IP CIDR. eg 61.144.2.10 or 61.144.0.0/14
  • Check the enabled box. In the comment section type Blocked Incoming IP’s
  • Make the position first.

It is important the rule is the first one, else the precending rules will overide the block. If you a list of country and/or IP CIR go to www countryipblocks net

Share