Configurations (Linux) | Bots!

Add a Static Route on CentOS

May 30, 2019 by Rumi

To add a temporary route:

ip route add 172.16.5.0/24 via 10.0.0.101 dev eth0

To make it persist system or network settings restart, create a route-ifname file for an interface through which the subnet is accessed, in this case eth0:

nano /etc/sysconfig/network-scripts/route-eth0

Add the line with the network settings for the other subnet:

172.16.5.0/24 via 10.0.0.101 dev eth0

If your computer is on a network and is not directly connected to the internet, it will be configured with what is called a default gateway, which is usually a router. If the computer cannot find the specific IP address on its local network (aka broadcast domain), as defined by its subnet, it will forward any packets headed to that IP address to the default gateway. The gateway will then attempt to forward packets elsewhere, such as the internet, or another broadcast domain

Set Hostname in Centos 7

May 11, 2019 by Rumi

CentOS 7 only allows Fully Qualified Domain Names (FQDN’s). Acceptable values include lower-case letters a to z, numbers 0 to 9, the period, and the hyphen, and between 2 and 63 characters.

At the console, type:

hostnamectl set-hostname my.new-hostname.server

NOTE: Replace my.new-hostname.server with your chosen hostname.

Check the Hostname

hostnamectl

SOLVED Zimbra 8.6 HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp

May 10, 2019 by Rumi

Do a quick search under the usual jetty folders:

find /opt/zimbra/jetty/ -type f -name *jsp -mtime -30

If you find files like:

/opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp
/opt/zimbra/jetty/webapps/zimbra/public/Ajax.jsp

you’re actually hacked.

Unlike the previous “zmcat” and “dblaunchs” that actually exploit the vuln and load some sh*t this looks like a bad childish attack. It seems that they delete some files under jetty dir, don’t know why.
The attack vector is the same, but, there are no strange processes, there is no persistence.

SOLVED Debian Wheezy Letsencrypt error /opt/eff.org/certbot/venv/bin/python: No module named pip.main; ‘pip’ is a package and cannot be directly executed

May 10, 2019 by Rumi

My case and solution:

Debian 7.11 wheezy
python2.7
python-pip NOT installed

My steps:

#ln -fs /usr/lib/python2.7/plat-x86_64-linux-gnu/_sysconfigdata_nd.py /usr/lib/python2.7/
#wget https://raw.githubusercontent.com/certbot/certbot/75499277be6699fd5a9b884837546391950a3ec9/certbot-auto
#chmod +x ./certbot-auto
#certbot-auto renew --no-self-upgrade

it download some files and works fine.

Src: https://github.com/certbot/certbot/issues/6824

Fixing Rainloop Can’t get message list error

April 29, 2019 by Rumi

For large mailbox when you have some mailbox having more than 100k mails in inbox, for those account you are getting error “Can’t get message list”. Here I got my fix, however can’t guarantee it works for you as well. My Rainloop version is 1.11.3.

Following settings might help to fix this issue-

Open application.ini-

nano /home/purple/web/webmail.purple.com.bd/public_html/data/_data_/_default_/configs/application.ini

In your case:

Turns off deleted message filter:

imap_message_list_hide_deleted_messages = Off

Set the number of messages in the folder that activates additional optimizations (such as disabled threads and message list sort):

imap_message_list_count_limit_trigger = 10000

Show messages over the last 12 months only.

imap_message_list_date_filter = 12

Setup a Site to Site IPsec VPN With Strongswan and PreShared Key Authentication

March 25, 2019March 25, 2019 by Rumi

Today we will setup a Site to Site ipsec VPN with Strongswan, which will be configured with PreShared Key Authentication.

After our tunnels are established, we will be able to reach the private ips over the vpn tunnels.

Get the Dependencies:
Update your repository indexes and install strongswan:

$ apt update && sudo apt upgrade -y
$ apt install strongswan -y

Set the following kernel parameters:

$ cat >> /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 1 
net.ipv4.conf.all.accept_redirects = 0 
net.ipv4.conf.all.send_redirects = 0
EOF

$ sysctl -p /etc/sysctl.conf

Generate Preshared Key:
We will need a preshared key that both servers will use:

Zimbra authentication without domain

March 20, 2019 by Rumi

In the admin interface go to

Global Settings -> General Information -> Default domain and enter the name of your domain.

Users in that domain can now login without the @domain part.

Install LAMP on Centos 7 with PHP 5.x/7.0/7.1/7.2

March 10, 2019 by Rumi

In this tutorial, I use the hostname server1.example.com with the IP p 192.168.1.100. These settings might differ for you, so you have to replace them where appropriate.

I will add the EPEL repo here to install latest phpMyAdmin as follows:

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
yum -y install epel-release

To edit files on the shell, I’ll install the nano editor. If you prefer vi for file editing, then skip this step.

yum -y install nano

Installing MySQL / MariaDB

MariaDB is a MySQL fork of the original MySQL developer Monty Widenius. MariaDB is compatible with MySQL and I’ve chosen to use MariaDB here instead of MySQL. Run this command to install MariaDB with yum:

yum -y install mariadb-server mariadb

Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:

Endian Community (3.x)- network configuration using CLI- Netwizard

February 20, 2019 by Rumi

After you login in you Endian Appliance, simply issue the following command:

root@endian # netwizard

You will be asked a couple of questions. If the network has already been configured, the current values are shown: simply press Enter if you want to keep that value. The snippet below shows some possible values. Note that you should enter the network interfaces as eth1, eth2, and so on and not as br0, br1, and so on. IP ranges should be written in CIDR notation.

Network Configuration Wizard 
----------------------------

Hostname? myappliance.
Domain? mydomain 
RED interface type <STATIC/DHCP/GATEWAY>? DHCP 
RED device <eth0/eth1/eth2/eth3>? eth3 
Green devices <eth0/eth1/eth2>? eth0 
Green IPs (IP/CIDR)? 172.20.0.1/24 
Orange devices <eth1/eth2>? eth1 
Orange IPs (IP/CIDR)? 172.21.30.1/24 
Blue devices ? eth2 
Blue IPs (IP/CIDR)? 172.22.30.1/24 
Enable SSH access <on/off>? on 
Allow access to ports 22, 80 and 10443 from any interface <on/off>? off

Endian Community (2.5.1)- Change the green IP address from console

February 18, 2019 by Rumi

Management URL: https://192.168.0.15:10443
Green IP:       192.168.0.15/24
-----------------

0) Shell
1) Reboot
2) Change Root Password
3) Change Admin Password
4) Restore Factory Defaults

Choice: 0[endian]: login

root's password:
Welcome to Endian Firewall Appliance release 2.5-0 (Deployset #0)
[endian] root: bash