How to Hide Application Port Using knockd in Linux

<div dir="ltr" style="text-align: left;" trbidi="on"> <h1 class="post-title single" style="background-color: white; margin: 0px 0px 5px; padding: 0px;"> <span style="color: red; font-size: large;"><u><span style="font-family: "arial" , "helvetica" , sans-serif;"><span style="letter-spacing: -1px; line-height: 1.2em;">Hide </span><span style="letter-spacing: -1px; line-height: 38.4px;">Application</span><span style="letter-spacing: -1px; line-height: 1.2em;"> Port Using knockd in Linux</span></span></u></span></h1> <div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> As a system administrator, we should do everything to secure our server from attackers. As the internet grows, threats to our server is also growing. One of the popular entrances to attack our server is through the port on your server that open. If your SSH server is running on </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipoEw0Znm4kJkLvWo3mEqOj2QT8IMXelfxBtu4l68eChcU2zg0JxuRSX6HX5DyInhphW5j6Gt_TLna7VAj6kJZUUEhhGezwORQDYdtPON2FFzdQ5U3AsN1aQmEYKCSBrMR3k5HXyvk9_Qk/s1600/knock_www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipoEw0Znm4kJkLvWo3mEqOj2QT8IMXelfxBtu4l68eChcU2zg0JxuRSX6HX5DyInhphW5j6Gt_TLna7VAj6kJZUUEhhGezwORQDYdtPON2FFzdQ5U3AsN1aQmEYKCSBrMR3k5HXyvk9_Qk/s1600/knock_www.hackthesec.co.in.jpg" /></a></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <br /></div> your machine, then usually the SSH port is listening. Which means it is open, waiting for the connection.<br /> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Leaving the port open for 24 hours, is not recommended because it is vulnerable. Because we can scan the machine to see the open port. <strong>Nmap</strong> is one of the most popular port scanner that can be used by anyone to scan your machine.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDf3M4nS_qiN_gLL-2-uLTQvMz86c_K8ceCCxtdRLLJw_6Yqznfc6cT1_3jxdmZ0Ab6lOrgHFaQvtI1iE3C50YrkrFnHHGS8Z-8cwgZG6KtRZLa76vYLeBJdpsiy8wYZyeFtlZxzHeOeh5/s1600/nmap_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDf3M4nS_qiN_gLL-2-uLTQvMz86c_K8ceCCxtdRLLJw_6Yqznfc6cT1_3jxdmZ0Ab6lOrgHFaQvtI1iE3C50YrkrFnHHGS8Z-8cwgZG6KtRZLa76vYLeBJdpsiy8wYZyeFtlZxzHeOeh5/s1600/nmap_www.hackthesec.co.in.png" /></a></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <br /> How if we can open the on demand and close the port when it’s not used? Sounds interesting. Now we can do it using knockd application.</div> <h1 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>What is knockd</u></span></h1> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Knockd is a port-knock server. It listens to all traffice on an ethernet (or PPP) interface, looking for special “knock” sequences of port-hits. (Source : <a href="http://www.zeroflux.org/projects/knock" style="outline: none; text-decoration: none;" title="knockd">http://www.zeroflux.org/projects/knock</a>)</div> <h1 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <u><span style="color: #0b5394;">How it works</span></u></h1> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Every application needs a port as a “door” for “listening” requests from other clients. This port usually on open state or close state. There are a lot of ports that available on the server. But there are some ports that agreed by consensus, such as <a href="http://www.hackthesec.co.in/search/label/SSH" target="_blank">SSH </a>(22), Web (80) and <a href="http://www.hackthesec.co.in/search/label/ftp" target="_blank">FTP </a>(21).</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> A basic rule of server security is to open only used ports and close the rest. You may have some ports that are sometimes used and sometimes not. Leaving those ports open while is not being used is not recommended.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> When you install knockd, you can let the client “knock” the server with pattern. The knocking sequence can be custom by you. So this knocking pattern will be unique to each other. If the pattern is match, then the port you need will be opened for a period of time and the request can enter your server.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Once you have done with the application, you can close the port manually or automatically.</div> <h1 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>How to install knockd</u></span></h1> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> On this article, we are using Zorin 9 OS which based on Ubuntu 14.04 LTS. If you are using another distribution please adjust it to the installation method of your distribution.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Knockd is available on Ubuntu repository. Then we can use <b>apt-get to install knockd</b>.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: small;"><span style="font-size: large; line-height: 15.6px;"><span style="color: white;">$ sudo </span><span style="color: lime;">apt-get</span><span style="color: white;"> install </span><span style="color: lime;">knockd</span></span></span></pre> <div style="background-color: white; font-family: arial, helvetica, sans-serif; line-height: 21px; margin-bottom: 15px;"> Just wait for a few minutes, then your knockd is already setup.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhA67oGT2cT3lLU_cFpxIgca4LBVCdVr35XzzSgoIRxGdboOfQCTdcP3vYAiEZvaFnrPajh3-0WnqGFMQY4c86NPudth9QaKHs2zif51Qlo_htuKkY9SOQnXH2iBwESzXzypeYGDUSHOhum/s1600/install_knockd_hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhA67oGT2cT3lLU_cFpxIgca4LBVCdVr35XzzSgoIRxGdboOfQCTdcP3vYAiEZvaFnrPajh3-0WnqGFMQY4c86NPudth9QaKHs2zif51Qlo_htuKkY9SOQnXH2iBwESzXzypeYGDUSHOhum/s1600/install_knockd_hackthesec.co.in.png" /></a></div> <h1 style="background-color: white; color: #333333; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> </h1> <h1 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Configure knockd</u></span></h1> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Knock configuration file is located in <strong>/etc/knockd.conf</strong><br /> The sample configuration is simple and easy to understand.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQSIXg_eYyfRDU_WaXIrcGU0pLzfl4tBOf3YBmLKklE4cV-rJblSvH6DpxO1B0odRgIit6TbE4hSPCnZy0el2QZqri_jvPkn86SritsHJCwGMF-FOu0Tk-MQ3pJpvs9aXLd0TsE1Nk0Qtz/s1600/conf_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="230" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQSIXg_eYyfRDU_WaXIrcGU0pLzfl4tBOf3YBmLKklE4cV-rJblSvH6DpxO1B0odRgIit6TbE4hSPCnZy0el2QZqri_jvPkn86SritsHJCwGMF-FOu0Tk-MQ3pJpvs9aXLd0TsE1Nk0Qtz/s640/conf_www.hackthesec.co.in.png" width="640" /></a></div> <div style="background-color: white; color: #666666; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <br /></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> We can see that the configuration is divided into three sections. The <strong>[options]</strong> section, <strong>[openSSH]</strong> section to open SSH port and <strong>[closeSSH]</strong> section to close SSH port.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> By default <strong>[options]</strong> section contain only 1 row. It tell us that the knockd log will be recorded using the operating system log application. On Ubuntu, we will see the log in <strong>/var/log/syslog</strong>; folder.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Of course we can choose not to use SysLog. We can change it into this line, if we want to use custom log.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: small;"><span style="font-size: large; line-height: 15.6px;"><span style="color: white;">logfile = /var/log/</span><span style="color: lime;">knockd.log</span></span></span></pre> <div style="background-color: white; font-family: arial, helvetica, sans-serif; line-height: 21px; margin-bottom: 15px;"> The above line, will put knock log file in <strong>/var/log/knockd.log</strong></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> [openSSH] sections has identical commands with [closeSSH] section.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <strong>sequence = 1200,1300,1400</strong><br /> This is the knock pattern. It will trigger the command below in the section. The value of this parameter is fully customized. We can choose another random number.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <strong>seq_timeout = 10</strong><br /> This will tell knockd about how long the knock pattern must be completed in.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <strong>command = /sbin/iptables -I INPUT -s %IP% -p tcp --dport 22 -j ACCEPT</strong><br /> This parameter will open SSH port on port 22</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <strong>tcpflags = syn</strong><br /> This parameter indicates that the Client will sends a TCP SYNchronize packet to the server</div> <h1 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Setting up the firewall</u></span></h1> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> As we know before, knockd will open particular port temporarily. So we have to make sure firewall is running on the server. Basically, we will close all ports. We are using iptables syntax to do it. Here are the steps.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP22SstqKcmmXGUdAtWGPbAADZdLIb93deXYAOSeoJhmj_AIQF7ELkMKvr4gB0cePwYjv78nWYOcFtSD8ypVOTF8hIJciPTIUH0BdgB9iNAdhHPwhvoMAJffuQBRpe6LAyyJ5xFIX6qRG0/s1600/iptables_conf_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiP22SstqKcmmXGUdAtWGPbAADZdLIb93deXYAOSeoJhmj_AIQF7ELkMKvr4gB0cePwYjv78nWYOcFtSD8ypVOTF8hIJciPTIUH0BdgB9iNAdhHPwhvoMAJffuQBRpe6LAyyJ5xFIX6qRG0/s1600/iptables_conf_www.hackthesec.co.in.png" /></a></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <br /> The 1st command, will allow the current on-going session through firewall.<br /> The 2nd command, will allow the server is able to ping by another machine.<br /> The 3rd command, will reject every requests.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> To test the knockd service, we expect that our will firewall will drop all ssh connection. Then knockd will open it temporarily on demand.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjnKpk2fjUFq33I5yQZT9xAlOYCOoljrCBnLYps4L_UevHYclPvJZ4X_PHe1bCjJx4qGncTeTVRwbG7w21widalzYR-AnZkWHZ3bKv8LN3mQAt7a6x4n2dXO1Pplg2qkerE7_KBoL1PCUI/s1600/ip_tables_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjnKpk2fjUFq33I5yQZT9xAlOYCOoljrCBnLYps4L_UevHYclPvJZ4X_PHe1bCjJx4qGncTeTVRwbG7w21widalzYR-AnZkWHZ3bKv8LN3mQAt7a6x4n2dXO1Pplg2qkerE7_KBoL1PCUI/s1600/ip_tables_www.hackthesec.co.in.png" /></a></div> <h1 style="background-color: white; color: #333333; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> </h1> <h1 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Test the knockd on server side</u></span></h1> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Once the firewall and knockd are setup, next we can test them.<br /> To test the firewall, try remote the server via SSH from another machine. (<em>on this article, client IP is 10.1.6.14 and server IP 10.0.76.224</em>)</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: small;"><span style="font-size: large; line-height: 15.6px;"><span style="color: white;">$ ssh -l </span><span style="color: lime;">pungki </span><span style="color: white;">10.0.76.224</span></span></span></pre> <div style="background-color: white; font-family: arial, helvetica, sans-serif; line-height: 21px; margin-bottom: 15px;"> With :<br /> <div style="font-size: 14px;"> <strong>-l</strong> = login name</div> <div style="font-size: 14px;"> <strong>pungki</strong> = the user name on the destination server</div> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> If the firewall works, then we will get <strong>“Connection refused”</strong> error message.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfRafJqFuFGUE3uaD6U5pfEqKmV8CwgJAc_b6-XdxHSaAoThuavWut-Q8G8Tm590Evw3g9mQkxHS9Zer5iE6Mme7HRMnyKw9fLpuObT6APc5xAgHKO44mQERwZwVKov6nZ-9RU0t_BL04u/s1600/connection_refused_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfRafJqFuFGUE3uaD6U5pfEqKmV8CwgJAc_b6-XdxHSaAoThuavWut-Q8G8Tm590Evw3g9mQkxHS9Zer5iE6Mme7HRMnyKw9fLpuObT6APc5xAgHKO44mQERwZwVKov6nZ-9RU0t_BL04u/s1600/connection_refused_www.hackthesec.co.in.png" /></a></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> The reason we get the error message is the 10.1.6.14 is not allowed to enter the server. If we use this command, we will see no result.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: small;"><span style="font-size: large; line-height: 15.6px;"><span style="color: white;">$ </span><span style="color: lime;">sudo /sbin/iptables -L</span><span style="color: white;"> -n |grep 10.1.6.14</span></span></span></pre> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlW_3AQMtYbLz_q36ogYB6i0YJjh4ge86K41UwVbalkoKmgBrhnHVhob46hi21H8dr7xaHH_b1G4gc3LK4fwoWEYVtbPg6LhccN3CDsm2CxXbxQJT3HCRSYXNN36U9COiy7LuHd9-2wmmC/s1600/iptables_before_knock_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlW_3AQMtYbLz_q36ogYB6i0YJjh4ge86K41UwVbalkoKmgBrhnHVhob46hi21H8dr7xaHH_b1G4gc3LK4fwoWEYVtbPg6LhccN3CDsm2CxXbxQJT3HCRSYXNN36U9COiy7LuHd9-2wmmC/s1600/iptables_before_knock_www.hackthesec.co.in.png" /></a></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Later, we will see the difference after knockd implemented.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Next step, is to test the knockd service.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> To run knockd, we need to change knockd default file which located in /etc/default/knockd. Change the value of <strong>START_KNOCKD parameter from 0 to 1</strong>.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaZe0IJykHyWEfqgWsgqhoIjObun1UVhtKQaU8RUIYT6aK8Bf6Y0TVRZgvWb1oYiLvL2oMsJq0UJYuFczFGTS83J7Z-zJqdSX5VvoRNYTCfkCNoOFfVhU5m7dTzPWSKiNZij9_HvXRUjhT/s1600/default_knockd_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhaZe0IJykHyWEfqgWsgqhoIjObun1UVhtKQaU8RUIYT6aK8Bf6Y0TVRZgvWb1oYiLvL2oMsJq0UJYuFczFGTS83J7Z-zJqdSX5VvoRNYTCfkCNoOFfVhU5m7dTzPWSKiNZij9_HvXRUjhT/s1600/default_knockd_www.hackthesec.co.in.png" /></a></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Save the file. Then type :</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: small;"><span style="font-size: large; line-height: 15.6px;"><span style="color: white;">$ sudo </span><span style="color: lime;">service knockd</span><span style="color: white;"> start</span></span></span></pre> <div style="background-color: white; font-family: arial, helvetica, sans-serif; line-height: 21px; margin-bottom: 15px;"> *<em>note : I tried to run the service using /etc/init.d/knockd start , but it always fail to start</em></div> <h1 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Test knockd from Client side</u></span></h1> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> On the client side, we need knock client to “knock” the server. On the client side, we use Centos 5.2. Then we install knock-client from <a href="http://pkgs.repoforge.org/knock/knock-0.5.3.el5.rf.i386.rpm" style="outline: none; text-decoration: none;" title="knock client">http://pkgs.repoforge.org/knock/knock-0.5.3.el5.rf.i386.rpm</a></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Then run the command below to knock the server :</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: small;"><span style="font-size: large; line-height: 15.6px;">$ knock -v 10.0.76.224 1200 1300 1400</span></span></pre> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT-KXni4C1INDyp91QdgH7yvG91kZqKOEcYMcWhZdz5fsUlTNUldddqAee8sHvviRBFJBgYewr2odXHyNyXjcTQ_5-bCUELvpd05hsNe0CItVvTYgegGHi5rhxYso1PmqIB7Mnxcn_nBYI/s1600/knock_open_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT-KXni4C1INDyp91QdgH7yvG91kZqKOEcYMcWhZdz5fsUlTNUldddqAee8sHvviRBFJBgYewr2odXHyNyXjcTQ_5-bCUELvpd05hsNe0CItVvTYgegGHi5rhxYso1PmqIB7Mnxcn_nBYI/s1600/knock_open_www.hackthesec.co.in.png" /></a></div> <div style="background-color: white; color: #666666; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <br /></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <strong>-v</strong> = verbose<br /> <strong>10.0.76.224</strong> = Server IP<br /> <strong>1200 1300 1400</strong> = knock sequence which defined in the knockd configuration</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> After knock the server, now we will see that the client IP is now allowed to enter the server.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: small;"><span style="font-size: large; line-height: 15.6px;"><span style="color: white;">$ sudo /sbin/</span><span style="color: lime;">iptables </span><span style="color: white;">-L -n |grep 10.1.6.14</span></span></span></pre> <div style="background-color: white; font-family: arial, helvetica, sans-serif; line-height: 21px; margin-bottom: 15px;"> Then we can run SSH to remote the server.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjINYEuu7LmyDs7fvdRsVd38bC5K8Z15OTpi7ZNei7wNDzoWW4jSmV9023OiY4aI0ZfDP5XMeFreENSehDFjnRlBCHQCJjj-hoa-5vx_Bk51mmIEIJYJMT5E9phhW3X_GL67zhkaYP9UPtZ/s1600/ssh_success_after_knock_1_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjINYEuu7LmyDs7fvdRsVd38bC5K8Z15OTpi7ZNei7wNDzoWW4jSmV9023OiY4aI0ZfDP5XMeFreENSehDFjnRlBCHQCJjj-hoa-5vx_Bk51mmIEIJYJMT5E9phhW3X_GL67zhkaYP9UPtZ/s1600/ssh_success_after_knock_1_www.hackthesec.co.in.png" /></a></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> As we can see on the above image, the host name of are different. After SSH to the remote machine established then the host name is changed from @web01 into @dev-machine.</div> <h1 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Close the port</u></span></h1> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> After the client done to remote the server, the client need to close the port. To do that, we can use the command below :</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: small;"><span style="font-size: large; line-height: 15.6px;"><span style="color: white;">$ </span><span style="color: lime;">knock </span><span style="color: white;">-v 10.0.76.224 1400 1300 1200</span></span></span></pre> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjseKC2KePBKaJufOpIsrsJfwjiU8L08ZMVOMFPEEGBsIcRr-pUpfbtcDurAkGDY-0XYN_hGxf1JUPlAnPg7hF4wVCI7dG1q3-nnq6sWwkUN_a8IKq3OG3nibdSX93H5a_QdfGOrQILERhP/s1600/knock_close_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjseKC2KePBKaJufOpIsrsJfwjiU8L08ZMVOMFPEEGBsIcRr-pUpfbtcDurAkGDY-0XYN_hGxf1JUPlAnPg7hF4wVCI7dG1q3-nnq6sWwkUN_a8IKq3OG3nibdSX93H5a_QdfGOrQILERhP/s1600/knock_close_www.hackthesec.co.in.png" /></a></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <em><strong>Please be careful</strong>, to close the port, we put the knock sequence in the opposite order.</em></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> After knock the server, we will see a prompt again. To check if the knock was success, we use iptables command again. If it was success, we will see that IP 10.1.6.14 will disappeared.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg10Hwu4L6yAHomwQ2jSZ3ZCHYjJfWKC431IPW1b-qU2qyrUw3WGasrdHXFk5gvu0rfzXlobAOaA63L9_blX2lc6Dv3dztXyMRuquceOPguOa_G2UD32-rEM-a-Ltt8hKUU8oQZ7BXBB8l-/s1600/iptables_after_knock_closed_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg10Hwu4L6yAHomwQ2jSZ3ZCHYjJfWKC431IPW1b-qU2qyrUw3WGasrdHXFk5gvu0rfzXlobAOaA63L9_blX2lc6Dv3dztXyMRuquceOPguOa_G2UD32-rEM-a-Ltt8hKUU8oQZ7BXBB8l-/s1600/iptables_after_knock_closed_www.hackthesec.co.in.png" /></a></div> <div style="background-color: white; color: #666666; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <br /></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> On the previous one, after knock to open the port, we saw that the client IP Address - 10.1.6.14 - is allowed to enter the server by firewall. Now, after we knock to close the port, if we check with the same iptables command, the rule was deleted.</div> <h1 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 20pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Close the port Automatically</u></span></h1> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Since the close port activity is triggered by client, we will have the possibility that the client forget to close the port. We don’t want it to happen. So we can configure knockd to close the port automatically.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> In order to do that, <strong>we need to customize</strong> the knockd configuration file. Here is the sample of modified knockd configuration file.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmfGYEcrmFo1Wvrx5TEsjimq2xDLWx1inxWnY9CSCKNABB2u4tERKJ9cr1p6BbpLVrOrekaIxhr8p4WCnsiwHp-RT1JSy4T_PJMRyBL-yiAM6HQ8MlQNkX5DpP2qFBLO9MNuQjyDG1-pTq/s1600/auto_close_conf_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmfGYEcrmFo1Wvrx5TEsjimq2xDLWx1inxWnY9CSCKNABB2u4tERKJ9cr1p6BbpLVrOrekaIxhr8p4WCnsiwHp-RT1JSy4T_PJMRyBL-yiAM6HQ8MlQNkX5DpP2qFBLO9MNuQjyDG1-pTq/s1600/auto_close_conf_www.hackthesec.co.in.png" /></a></div> <div style="background-color: white; color: #666666; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <br /></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> The command still looks identical. The difference with the previous configuration is we put [openSSH] section and [closeSSH] section in the same block.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Then we add <strong>cmd_timeout = 10</strong> line to tell the server <strong>to execute the stop_command 10 seconds after start_command is executed</strong>. The port will be automatically closed, but the established connection remain connected.</div> <div style="background-color: white; color: #666666; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <a href="http://www.hackthesec.co.in/" target="_blank">www.hackthesec.co.in</a><br /> <a href="http://www.twitter.com/hackthesecurity">www.twitter.com/hackthesecurity</a></div> <div style="background-color: white; color: #666666; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <br /></div> </div> </div>

How to Hide Application Port Using knockd in Linux

Hide  Application  Port Using knockd in Linux As a system administrator, we should do everything to secure our server from attackers. A...

Read more »

How to Setup DKIM (DomainKeys) with Postfix on Ubuntu and Debian

<div dir="ltr" style="text-align: left;" trbidi="on"> <h2 class="title single-title title20" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 28px; line-height: 38px; margin: 0px 0px 5px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;"> <span style="color: red;"><u><i>Setup DKIM (DomainKeys) with Postfix on Ubuntu & Debian</i></u></span></h2> <div> <span style="background-color: white;"><span style="line-height: 28px;"><span style="font-family: "georgia" , "times new roman" , serif; font-size: large;"><b>DomainKeys Identified Mail </b>(<b>DKIM</b>) is an email authentication method designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain is authorized by that domain's administrators.In technical terms, DKIM is a </span></span></span><br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwKpIQ7e4ZfTIYX-ozR6kYqk2ktJG9tC1Sy0ExOC0SVnE_QHF06sQMyG99K5qBE0zelXXTgSaxcWTwcT3y5R9qK6iDeW7YqcStisuexkfPN8xVXrSSIimoE6wxaQN8nwx3GgmlY4rMRa1f/s1600/DKIM_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="257" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwKpIQ7e4ZfTIYX-ozR6kYqk2ktJG9tC1Sy0ExOC0SVnE_QHF06sQMyG99K5qBE0zelXXTgSaxcWTwcT3y5R9qK6iDeW7YqcStisuexkfPN8xVXrSSIimoE6wxaQN8nwx3GgmlY4rMRa1f/s400/DKIM_www.hackthesec.co.in.png" width="400" /></a></div> <br /> <span style="background-color: white;"><span style="line-height: 28px;"><span style="font-family: "georgia" , "times new roman" , serif; font-size: large;">technique to authorize a domain to associate its name to an email message through cryptographic authentication.</span></span></span></div> <div> <h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;"> <span style="color: #0b5394;">Step 1: Install opendkim Package</span></h2> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: "georgia" , "times new roman" , serif;">First we need to install <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">opendkim </span>and <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">opendkim-tools</span> packages using following command.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;">$ sudo apt-get install opendkim opendkim-tools </span></pre> </div> <div> <h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;"> <span style="color: #0b5394;">Step 2: Generate Key Pair</span></h2> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: "georgia" , "times new roman" , serif;">Now create DKIM key pair using <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">opendkim-genkey</span> command line utility. For this tutorial we are using domain name “hackthesec.co.in”, Change this name with your actual domain name.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;">$ MYDOMAIN=hackthesec.co.in $ mkdir -p /etc/mail/dkim-keys/$MYDOMAIN $ cd /etc/mail/dkim-keys/$MYDOMAIN $ opendkim-genkey -t -s mail -d $MYDOMAIN</span><span style="font-size: 0.9em;"> </span></pre> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPTFZaq35Oimo_cHciUg7ZF3kszjskssH0TnQ2AZzmi9gnQmqWwhPqxMd8m_A3lV6sz5LAjuxKwxKZUL1Doej930ZnwmngXYrlWmgFLTXR1r8tySIZlhHdRxtE_cgmh2N3s7uQI7wvIrSL/s1600/Generate_Key+_Pair_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="136" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPTFZaq35Oimo_cHciUg7ZF3kszjskssH0TnQ2AZzmi9gnQmqWwhPqxMd8m_A3lV6sz5LAjuxKwxKZUL1Doej930ZnwmngXYrlWmgFLTXR1r8tySIZlhHdRxtE_cgmh2N3s7uQI7wvIrSL/s640/Generate_Key+_Pair_www.hackthesec.co.in.png" width="640" /></a></div> <span style="font-family: "georgia" , "times new roman" , serif;"><br /></span> <span style="font-family: "georgia" , "times new roman" , serif;">Above command will generate two files <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">default.private</span> and <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">default.txt</span>. You can created multiple DKIM keys for different-2 domains and configure with your postfix server.</span></div> <h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;"> <span style="color: #0b5394;">Step 3: Configure DKIM and POSTFIX</span></h2> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: "georgia" , "times new roman" , serif;">First edit the domain keys lists setting file <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">/etc/mail/dkim.key</span> and add following entry.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;">*@hackthesec.co.in:<span style="line-height: 1.3em;">hackthesec.co.in</span></span><span style="font-size: large; line-height: 1.3em;">:/etc/mail/dkim-keys/hackthesec.co.in/default.private</span></pre> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: "georgia" , "times new roman" , serif;">Edit DKIM configuration file <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">/etc/opendkim.conf</span> and update below values in configuration file.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;">Domain <span style="line-height: 1.3em;">hackthesec.co.in</span> KeyFile /etc/mail/dkim.key Selector mail Socket inet:8892@localhost</span><span style="font-size: 0.9em;"> </span></pre> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: "georgia" , "times new roman" , serif;">Now edit POSTFIX configuration file <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">/etc/postfix/main.cf</span> and add following values at the end of file</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;">milter_default_action = accept milter_protocol = 2 smtpd_milters = inet:localhost:8892 non_smtpd_milters = inet:localhost:8892</span><span style="font-size: 0.9em;"> </span></pre> <h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;"> <span style="color: #0b5394;">Step 4: Configure DNS Entry</span></h2> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: "georgia" , "times new roman" , serif;">After configuring private key in postfix server. there will be another file<span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">default.txt</span> generated by opendkim-genkey. Edit your DNS zone file and add this as TXT record found in default.txt.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;">mail._domainkey.hackthesec.coin IN TXT "v=DKIM1; k=rsa; p=IOIIGfBGGCSqGSIb3DEFGAQUAA4GNHDCBiQKBgRG6RY5DLhAbbrqcwgyBaC x50scjedj357we9SJdff6VHOKDYgU/kvuV2rQiedHjtJDPuFJIwoNqh8pbIWxcZ8J2FhVhXU1QWdBmOQ/w61jfsyVAMrX/SrcJAd/1 XHYcS4o3uIOV7jICVOJLiYW5wjYLvWpPoraQzQE1Npjlsx2T5QIDAQAB" ; ----- DKIM key default for hackthesec.co.in</span><span style="font-size: 0.9em;"> </span></pre> <h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;"> <span style="color: #0b5394;">Step 5: Restart Service</span></h2> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: "georgia" , "times new roman" , serif;">After making all above configuration’s restart dkim and postfix services</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;">$ sudo service opendkim restart $ sudo service postfix restart</span><span style="font-size: 0.9em;"> </span></pre> <h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;"> <span style="color: #0b5394;">Step 6: Verify DKIM</span></h2> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: "georgia" , "times new roman" , serif;">And you have all done. Let’s verify that DKIM is working properly. Let’s send a test email through command line</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;">$ mail -vs "Test DKIM" hackthesec@gmail.com < /dev/null </span></pre> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: "georgia" , "times new roman" , serif;">In received email in our mailbox, open the source of email and search for "DKIM-Signature". You will find some thing like below</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); color: white; line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;">DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=hackthesec.co.in; s=default.private; t=1431284463; bh=fdkeB/b0Fghse2k4J4pNas23AsqBm9+c0CsOYesw8=; h=Date:From:Message-Id:To:Subject; b=M6g0easdqURha9d7sdWldOddXsXxrMtN2qrSQ6/1AZtDxDkDDfoBTHDzoESlD i6uLLwV+3/JTs7mFmrkvlA5ZR693sM5gkVgVJmuOsylXSwd3XNfEcGSqFRRIrLhHtbC mAXMNxJtih9OuVNi96TrFNyUJeHMRvvbo34BzqWY= <a href="http://www.hackthesec.co.in/" target="_blank">www.hackthesec.co.in</a> <a href="http://www.twitter.com/hackthesecurity">www.twitter.com/hackthesecurity</a></span></pre> </div> </div>

How to Setup DKIM (DomainKeys) with Postfix on Ubuntu and Debian

Setup DKIM (DomainKeys) with Postfix on Ubuntu & Debian DomainKeys Identified Mail ( DKIM ) is an email authentication method design...

Read more »

How to Setup Lighttpd Web server on CentOS/RHEL 7 and Ubuntu 15.04

<div dir="ltr" style="text-align: left;" trbidi="on"> <h1 class="post-title single" style="background-color: white; font-family: Arial, Helvetica, sans-serif; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 5px; padding: 0px;"> <span style="color: red; font-size: large;"><u><i>Lighttpd Web server on CentOS /RHEL 7 / Ubuntu 15</i></u></span></h1> <div> <span style="color: #111111; font-family: "georgia" , "times new roman" , "times" , serif; font-size: large;"><span style="line-height: 26px;">lighttpd (pronounced "lighty") is an open-source web server optimized for speed-critical environments while remaining standards-compliant, secure and flexible.[citation needed] It was originally written by Jan Kneschke as a proof-of-concept of the c10k problem – how to handle 10,000 connections in parallel on one server, but has gained worldwide popularity</span></span></div> <div> <span style="color: #111111; font-family: "georgia" , "times new roman" , "times" , serif; font-size: large;"><span style="line-height: 26px;"><br /></span></span></div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgurit4uoxUupah44M5WZET-ZyL6OsWUXH2bEoqB7fb3GGFfviZYZDxT9oAbVZl2LcxB9jw5mB1_yetscGnJzesU5Dit2GEkVm3BIwK_G1asADJG3aFGIU7hRHBbTxw-7X2FSV3EeU4aGNl/s1600/Lighttpd_logo_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="383" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgurit4uoxUupah44M5WZET-ZyL6OsWUXH2bEoqB7fb3GGFfviZYZDxT9oAbVZl2LcxB9jw5mB1_yetscGnJzesU5Dit2GEkVm3BIwK_G1asADJG3aFGIU7hRHBbTxw-7X2FSV3EeU4aGNl/s400/Lighttpd_logo_www.hackthesec.co.in.png" width="400" /></a></div> <div> <span style="color: #111111; font-family: "georgia" , "times new roman" , "times" , serif; font-size: large;"><span style="line-height: 26px;"><br /></span></span></div> <div> <h2 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 18pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;">Installing Lighttpd</span></h2> </div> <div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <strong><u><span style="color: #0b5394; font-size: large;">CentOS 7</span></u></strong></div> <div style="background-color: white; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <span style="font-family: "georgia" , "times new roman" , serif;">As lighttpd is not available in the official repository of <a href="http://www.hackthesec.co.in/search/label/centos7" target="_blank">CentOS 7</a>, we'll need to install <a href="http://www.hackthesec.co.in/2016/01/how-to-install-epel-repo-on-centos-and.html" target="_blank">epel </a>additional repository to our system. and I have centos <span style="font-weight: bold; line-height: 25px;">Instance </span><span style="line-height: 25px;">so my tutorial is on centos</span></span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: large;"><span style="line-height: 15.6px;"># yum install epel-release</span></span></pre> <div style="background-color: white; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <span style="font-family: "georgia" , "times new roman" , serif;">Then, we'll gonna update our system and proceed towards the installation of lighttpd.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># yum update </span><span style="color: lime;"># yum install lighttpd</span></span></span></pre> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLP1TDNZ4UPZ2-8SBb72TSgGlwn-lcyMdkNcuE9XtZcBvs1vpIQgDMGPhJsvZK30KAHbYFTAlsi4t-EUGTwXcAH94cYl265QaVFDzRlmU2eiCBbBC2rbQiTYKIg8QNOPtwixIlfAjLt0RA/s1600/Lighttpd_installation_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="342" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLP1TDNZ4UPZ2-8SBb72TSgGlwn-lcyMdkNcuE9XtZcBvs1vpIQgDMGPhJsvZK30KAHbYFTAlsi4t-EUGTwXcAH94cYl265QaVFDzRlmU2eiCBbBC2rbQiTYKIg8QNOPtwixIlfAjLt0RA/s640/Lighttpd_installation_www.hackthesec.co.in.png" width="640" /></a></div> <br /> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <strong><u>Ubuntu 15.04</u></strong></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Lighttpd is available on the official repository of Ubuntu 15.04 so, we'll simply update our local repository index and then go for the installation of lighttpd using ubuntu command line.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># apt-get update </span><span style="color: lime;"># apt-get install lighttpd</span></span></span></pre> <div> <span style="color: white;"><span style="line-height: 15.6px;"><br /></span></span></div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAjNBBcwqoKO_ef8cBtd-OhBhZ8sdhM08yiF1xiDLhGeyA9KYqIbC62t-RTV1ZYUALuCcPk9VPP2eeIcmVVLE2ewObNS6HZIe8RkrOrNfaUK-__f6gPcirg5nimdZQxgzKsQCVYamPcWUb/s1600/install-lighttpd-ubuntu_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAjNBBcwqoKO_ef8cBtd-OhBhZ8sdhM08yiF1xiDLhGeyA9KYqIbC62t-RTV1ZYUALuCcPk9VPP2eeIcmVVLE2ewObNS6HZIe8RkrOrNfaUK-__f6gPcirg5nimdZQxgzKsQCVYamPcWUb/s1600/install-lighttpd-ubuntu_www.hackthesec.co.in.png" /></a></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <h3 style="background-color: white; border: 0px; font-family: Arial, Helvetica, sans-serif; font-size: 16pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Installing from Source</u></span></h3> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> If we wanna install lighttpd from the latest version of source code ie 1.4.39, we'll need to compile the source code and install it into our system. First of all, we'll need to install the dependencies required to compile it.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white;"><span style="line-height: 15.6px;"><span style="font-size: large;"># cd /tmp/ # wget http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.39.tar.gz </span></span></span></pre> <div> <span style="color: white;"><span style="line-height: 15.6px;"><br /></span></span></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> After its downloaded, we'll need to extract it the tarball by running the following.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># </span><span style="color: lime;">tar -zxvf</span><span style="color: white;"> lighttpd-1.4.39.tar.gz </span></span></span></pre> <div> <span style="color: white;"><span style="line-height: 15.6px;"><br /></span></span></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Then, we'll compile it by running the following commands.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white;"><span style="line-height: 15.6px;"><span style="font-size: large;"># cd lighttpd-1.4.39 # ./configure # make</span> </span></span></pre> <div> <span style="color: white;"><span style="line-height: 15.6px;"><br /></span></span></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <strong>Note: </strong>we are installing lighttpd with its standard configuration. If you wanna configure beyond the standard configuration and want to install more features like support for SSL, mod_rewrite, mod_redirect then you can configure.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Once, compiled completed, we'll install it in our system.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: large;"><span style="line-height: 15.6px;"># make install </span></span></pre> <div> <span style="color: white;"><span style="line-height: 15.6px;"><br /></span></span></div> <h2 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 18pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Configuring Lighttpd</u></span></h2> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> If we need to configure our lighttpd web server further as our requirements, we can make changes to the default configuration file ie /etc/lighttpd/lighttpd.conf  we'll need to run the following command for checking the conf file</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="line-height: 15.6px;"><span style="font-size: large;"><span style="color: lime;"># lighttpd -t -f /etc/lighttpd/lighttpd.conf </span><span style="color: white;"> [root@hackthesec lighttpd]# lighttpd -t -f /etc/lighttpd/lighttpd.conf Syntax OK [root@hackthesec lighttpd]#</span></span><span style="color: white;"> </span></span></pre> <div> <span style="color: white;"><span style="line-height: 15.6px;"><br /></span></span></div> <h3 style="background-color: white; border: 0px; font-family: Arial, Helvetica, sans-serif; font-size: 16pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <u><span style="color: #0b5394;">On CentOS 7</span></u></h3> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> we are running CentOS 7, we'll need to create a new directory for our webroot defined in our lighttpd's default configuration ie /src/www/htdocs/ .</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: lime; font-size: large;"><span style="line-height: 15.6px;"># mkdir -p /srv/www/htdocs/ </span></span></pre> <div> <span style="background-color: white; font-family: "arial" , "helvetica" , sans-serif; font-size: 14px; line-height: 21px;">Then, we'll copy the default welcome page from /var/www/lighttpd/ directory to the above created directory.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># cp -r /var/www/</span><span style="color: lime;">lighttpd</span><span style="color: white;">/* /srv/www/htdocs/ </span></span></span></pre> <div> <span style="color: white;"><span style="line-height: 15.6px;"><br /></span></span></div> <h2 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 18pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Starting and Enabling Services</u></span></h2> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Now, we'll gonna start our  lighttpd server by executing the following systemctl command.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># systemctl start </span><span style="color: lime;">lighttpd</span><span style="color: white;"> </span></span></span></pre> <div> <span style="color: white;"><span style="line-height: 15.6px;"><br /></span></span></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Now enable it to start automatically in every system boot.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># systemctl </span><span style="color: lime;">enable lighttpd</span><span style="color: white;"> </span></span></span></pre> <div> <span style="color: white;"><span style="line-height: 15.6px;"><br /></span></span></div> <h2 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 18pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Allowing Firewall</u></span></h2> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;">  To allow port 80 or http service, we'll need to run the following commands.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="line-height: 15.6px;"><span style="font-size: large;"><span style="color: lime;"># firewall-cmd --permanent --add-service=http </span><span style="color: white;"> success # firewall-cmd --reload </span><span style="color: lime;">success</span></span><span style="color: white;"> </span></span></pre> <div> <span style="color: white;"><span style="line-height: 15.6px;"><br /></span></span></div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> In my case i don't have any firewall on my centos server..Here is the screenshot bellow</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMIIlM-xw4eorcGHr6aL1x0dMOi5T1RdIcoid_59TueO2r4kVjNUyciJ1dsnuKBkSLn2P6oNEyPKxfACQ5GLLMV5Zn07p1ifk5BevQOFYhtX9k27Dn4YoVKQh1K7DZ3l2ficrJf3ynyIhA/s1600/lighttpd_configuration_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="131" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMIIlM-xw4eorcGHr6aL1x0dMOi5T1RdIcoid_59TueO2r4kVjNUyciJ1dsnuKBkSLn2P6oNEyPKxfACQ5GLLMV5Zn07p1ifk5BevQOFYhtX9k27Dn4YoVKQh1K7DZ3l2ficrJf3ynyIhA/s640/lighttpd_configuration_www.hackthesec.co.in.png" width="640" /></a></div> <div style="background-color: white; color: #666666; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <br /></div> <h2 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 18pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Accessing Web Server</u></span></h2> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> As we have allowed port 80 which is the default port of lighttpd, we should be able to access lighttpd's welcome page.Access the server through domain name or ip adress<br /> example - http://lighttpd.hackthesec.co.in</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLZdbyEuKpZUfoZg3mm0IxStdF5mTTkQ-bbkyyALe-ut682-cIAUsfgrGzI0a_hYlMXRqUYDnBROJxlneeNdwG5B3RDiO0bXWhVC-_mkxLb8uo23U36NXkIYFZJj7yJhjsL5agp263n5oQ/s1600/lighttpd-welcome-page_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="328" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLZdbyEuKpZUfoZg3mm0IxStdF5mTTkQ-bbkyyALe-ut682-cIAUsfgrGzI0a_hYlMXRqUYDnBROJxlneeNdwG5B3RDiO0bXWhVC-_mkxLb8uo23U36NXkIYFZJj7yJhjsL5agp263n5oQ/s640/lighttpd-welcome-page_www.hackthesec.co.in.png" width="640" /></a></div> <h2 style="background-color: white; color: #333333; font-family: Arial, Helvetica, sans-serif; font-size: 18pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> </h2> <h2 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 18pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Installing PHP5 Modules</u></span></h2> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Once our lighttpd is installed successfully, we'll need to install PHP and some PHP modules to run PHP5 scripts in our lighttpd web server.</div> <h3 style="background-color: white; border: 0px; font-family: Arial, Helvetica, sans-serif; font-size: 16pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <u><span style="color: #0b5394;">On Ubuntu 15.04</span></u></h3> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: large;"><span style="line-height: 15.6px;"># apt-get install php5 php5-cgi php5-fpm php5-mysql php5-curl php5-gd php5-intl php5-imagick php5-mcrypt php5-memcache php-pear</span></span></pre> </div> <h3 style="background-color: white; border: 0px; font-family: Arial, Helvetica, sans-serif; font-size: 16pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>On CentOS 7</u></span></h3> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: large;"><span style="line-height: 15.6px;"># yum install php php-cgi php-fpm php-mysql php-curl php-gd php-intl php-pecl-imagick php-mcrypt php-memcache php-pear lighttpd-fastcgi</span></span></pre> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEOCDpQ7FIKKitclo-YfqIKWI5xf9IVsz4gSY4iUrSV8DNxBl4YntihxIhxHEykuhFKlIToqz1wGa_P9XSFf-1qKhS4o8l9qGsU4zUduiY7xn5zw7sqozmziPVoE0eJy21XbsSZt-roPra/s1600/lighttpd_php_configuration_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="342" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEOCDpQ7FIKKitclo-YfqIKWI5xf9IVsz4gSY4iUrSV8DNxBl4YntihxIhxHEykuhFKlIToqz1wGa_P9XSFf-1qKhS4o8l9qGsU4zUduiY7xn5zw7sqozmziPVoE0eJy21XbsSZt-roPra/s640/lighttpd_php_configuration_www.hackthesec.co.in.png" width="640" /></a></div> <h2 style="background-color: white; color: #333333; font-family: Arial, Helvetica, sans-serif; font-size: 18pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> </h2> <h2 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 18pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>Configuring Lighttpd with PHP</u></span></h2> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> To make PHP work with lighttpd web server, we'll need to follow the following methods respect to the distribution we are running.</div> <h3 style="background-color: white; border: 0px; font-family: Arial, Helvetica, sans-serif; font-size: 16pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>On CentOS 7</u></span></h3> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> First of all, we'll need to edit our php configuration ie /etc/php.ini and uncomment a line <strong>cgi.fix_pathinfo=1</strong> using a text editor.</div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># nano /etc/</span><span style="color: lime;">php.ini</span></span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> After its done, we'll need to change the ownership of PHP-FPM process from apache to lightpd. To do so, we'll need to open the configuration file /etc/php-fpm.d/www.conf using a text editor.</div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># nano /etc/php-fpm.d/</span><span style="color: lime;">www.conf</span></span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Then, we'll append the file with the following configurations.</div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;">user = </span><span style="color: lime;">lighttpd</span><span style="color: white;"> </span><span style="color: lime;">group </span><span style="color: white;">= lighttpd</span></span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Once done, we'll need to save the file and exit the text editor. Then, we'll need to include fastcgi module from /etc/lighttpd/modules.conf configuration file.</div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># nano /etc/lighttpd/</span><span style="color: lime;">modules.conf</span></span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Then, we'll need to uncomment the following line by removing # from it.</div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: lime;">include </span><span style="color: white;">"conf.d/fastcgi.conf"</span></span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> At last, we'll need to configure our fastcgi configuration file using our favorite text editor.</div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># nano /etc/</span><span style="color: lime;">lighttpd/conf.d</span><span style="color: white;">/fastcgi.conf</span></span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Then, we'll need to add the following lines at the end of the file.</div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: lime;">fastcgi.server</span><span style="color: white;"> += ( ".php" => (( "host" => "127.0.0.1", "port" => "9000", </span><span style="color: lime;">"broken-scriptfilename" => "enable" </span><span style="color: white;">)) )</span></span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> After its done, we'll save the file and exit the text editor.</div> <h3 style="background-color: white; border: 0px; font-family: Arial, Helvetica, sans-serif; font-size: 16pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <span style="color: #0b5394;"><u>On Ubuntu 15.04</u></span></h3> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> To enable fastcgi with lighttpd web server, we'll simply need to execute the following commands.</div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># lighttpd-enable-mod </span><span style="color: lime;">fastcgi</span><span style="color: white;"> Enabling fastcgi: ok Run /etc/init.d/lighttpd force-reload to enable changes # lighttpd-enable-mod fastcgi-php </span><span style="color: lime;">Enabling fastcgi-php: ok </span><span style="color: white;">Run /etc/init.d/lighttpd force-reload to enable changes</span></span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Then, we'll reload our lighttpd by running the following command.</div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># systemctl force-reload </span><span style="color: lime;">lighttpd</span></span></span></pre> </div> <h2 style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 18pt; letter-spacing: -1px; line-height: 1.2em; margin: 0px 0px 15px; padding: 0px;"> <u><span style="color: #0b5394;">Testing if PHP is working</span></u></h2> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> In order to see if PHP is working as expected or not, we'll need to create a new php file under the webroot of our lighttpd web server. Here, in this tutorial we have /var/www/html in Ubuntu and /srv/www/htdocs in CentOS as the default webroot so, we'll create a info.php file under it using a text editor.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <strong><span style="color: #0b5394;">On CentOS 7</span></strong></div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="color: white; font-size: large;"><span style="line-height: 15.6px;"># nano /var/www/info.php</span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <strong><span style="color: #0b5394;">On Ubuntu 15.04</span></strong></div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="line-height: 15.6px;"><span style="color: white;"># nano /srv/www/htdocs/</span><span style="color: lime;">info</span><span style="color: white;">.php</span></span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Then, we'll simply add the following line into the file.</div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="line-height: 15.6px;"><span style="font-size: large;"><span style="color: white;"><?php </span><span style="color: lime;">phpinfo</span><span style="color: white;">(); ?></span></span></span></pre> </div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Once done, we'll simply save the file and exit from the text editor.</div> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> Now, we'll open our running lighttpd using its ip address or domain name with the <b>info.php</b> file path as http://lighttpd.hackthesec.co.in/info.php. after that you can see the <b>phpinfo </b>page</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcThhv98HojdVvm9FnNTXQQNOg6b4SpwqOKfAYWLVCf07cUY9tjqA2GEoLQHgeIPfvk_Ltx_otVjrB_EDJB0_1sN6c7NraCdmE9Y3s-jSNtRQFzvZi4RF1R-Jyoi02gAcp-lYD4iycsGfK/s1600/phpinfo_www.hackthesec.co.in.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcThhv98HojdVvm9FnNTXQQNOg6b4SpwqOKfAYWLVCf07cUY9tjqA2GEoLQHgeIPfvk_Ltx_otVjrB_EDJB0_1sN6c7NraCdmE9Y3s-jSNtRQFzvZi4RF1R-Jyoi02gAcp-lYD4iycsGfK/s1600/phpinfo_www.hackthesec.co.in.jpg" /></a></div> <div class="separator" style="clear: both; text-align: center;"> <a href="http://www.hackthesec.co.in/" target="_blank">www.hackthesec.co.in</a></div> <a href="http://www.twitter.com/hackthesecurity">www.twitter.com/hackthesecurity</a><br /> <div style="background-color: white; font-family: Arial, Helvetica, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 15px; word-break: break-word;"> <br /></div> </div> </div>

How to Setup Lighttpd Web server on CentOS/RHEL 7 and Ubuntu 15.04

Lighttpd Web server on CentOS /RHEL 7 / Ubuntu 15 lighttpd (pronounced "lighty") is an open-source web server optimized for sp...

Read more »

How to Setup Vagrant on Linux to Create Virtual Dev Environment

<div dir="ltr" style="text-align: left;" trbidi="on"> <h1 class="headline" itemprop="name" style="background-color: white; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 26px; font-weight: normal; line-height: 39px; margin: 0px; padding: 0px; word-wrap: break-word;"> <u><span style="color: red;"><i>Vagrant on Linux to Create Virtual Dev Environment</i></span></u></h1> <div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Vagrant is an open source tool used for creating a portable virtual environment.</div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9aWqV5RWYkzdHxmFfgw8Ktryq4rgdX3iY1qPpIGHoLADN3O16Fka34ox-BgSgv5fJYn6pX9J2paR_USZE0FFWZrtzlwFs93x6bcsmHK5FunzFjcOSqHQvykSmfVO9thYI0qAxOr9zi2HF/s1600/Vagrant_www.hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9aWqV5RWYkzdHxmFfgw8Ktryq4rgdX3iY1qPpIGHoLADN3O16Fka34ox-BgSgv5fJYn6pX9J2paR_USZE0FFWZrtzlwFs93x6bcsmHK5FunzFjcOSqHQvykSmfVO9thYI0qAxOr9zi2HF/s320/Vagrant_www.hackthesec.co.in.png" width="262" /></a></div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Using Vagrant, developers and sysadmins can create any virtual environment instantly. Vagrant is extremely simple to use and configure.</div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Vagrant acts as central configuration repository for managing and deploying multiple reproducible virtual environments from a canned OS image with same configuration.<br /> <span id="more-16756" style="margin: 0px; padding: 0px; word-wrap: break-word;"></span></div> <h3 style="background-color: white; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 1.286em; font-weight: normal; line-height: 1.222em; margin: 1.833em 0px 0.611em; padding: 0px; word-wrap: break-word;"> <span style="color: #0b5394;">1. Install Vagrant</span></h3> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> First, download the vagrant binaries for your OS from <a href="http://www.vagrantup.com/" style="color: #dd0000; margin: 0px; padding: 0px; word-wrap: break-word;">VagrantUp</a>.</div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Currently it is available for MacOS, Windows, <a href="http://www.hackthesec.co.in/search/label/Debian" target="_blank">Debian </a>and <a href="http://www.hackthesec.co.in/search/label/Centos" target="_blank">CentOS</a>.</div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> For this tutorial, we downloaded the 64bit rpm for <a href="http://www.hackthesec.co.in/search/label/centos7" target="_blank">centos</a>.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># </span><span style="color: lime;">wget </span><span style="color: white;">https://releases.hashicorp.com/</span><span style="color: lime;">vagrant</span><span style="color: white;">/1.8.1/</span><span style="color: lime;">vagrant_1.8.1_x86_64</span><span style="color: white;">.rpm</span></span></span><span style="color: #333333; font-size: 12px; line-height: 1.3em;"> </span></pre> <div> <br /></div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Please note that vagrant is available on windows as well which means you can download and install vagrant and virtualbox on your windows machine and then run the vagrant commands to quickly build any available vagrant OS’es for your testing.</div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Install the downloaded file on your system using your systems appropriate package installer. Since i am installing this on CentOS.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: lime;"># rpm -ivh vagrant_1.8.1_x86_64.rpm </span><span style="color: white;">Preparing... ################# [100%] </span><span style="color: lime;">1:vagrant ################# [100%]</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Verify that the vagrant package is installed successfully.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: lime;"># vagrant -v </span><span style="color: white;">Vagrant 1.8.1</span></span></span></pre> <h3 style="background-color: white; font-family: Georgia, 'Times New Roman', Times, serif; font-weight: normal; line-height: 1.222em; margin: 1.833em 0px 0.611em; padding: 0px; word-wrap: break-word;"> <span style="color: #0b5394; font-size: large;">2. Add a Vagrant Box</span></h3> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> The next step is to run “vagrant box add” command. In this example, I am using one of the predefined catalogs available on HashiCorp’s Atlas box catalog. This catalog has <a href="http://www.hackthesec.co.in/2016/01/how-to-install-linux-apache-mysql-and.html" target="_blank">LAMP </a>stack already configured on it.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># vagrant box add smallhadroncollider/centos-6.4-lamp ==> box: Loading metadata for box 'smallhadroncollider/centos-6.4-lamp' </span><span style="color: lime;"> box: URL: https://atlas.hashicorp.com/smallhadroncollider/centos-6.4-lamp </span><span style="color: white;">==> box: Adding box 'smallhadroncollider/centos-6.4-lamp' (v1.1) for provider: virtualbox box: Downloading: https://atlas.hashicorp.com/smallhadroncollider/boxes/centos-6.4-lamp/versions/1.1/providers/virtualbox.box </span><span style="color: lime;">==> box: Successfully added box 'smallhadroncollider/centos-6.4-lamp' (v1.1) for 'virtualbox' !</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Verify that the vagrant box is successfully added using the following command. This will display all the vagrant boxes that are installed on our system. Currently we have only one box installed.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># vagrant box list </span><span style="color: lime;">smallhadroncollider/centos-6.4-lamp (virtualbox, 1.1)</span></span></span></pre> <h3 style="background-color: white; font-family: Georgia, 'Times New Roman', Times, serif; font-weight: normal; line-height: 1.222em; margin: 1.833em 0px 0.611em; padding: 0px; word-wrap: break-word;"> <span style="color: #0b5394; font-size: large;">3. Initialize Vagrant Box</span></h3> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Now we are ready to initialize the new Vagrant environment by creating a vagrant file. vagrant status command displays the currently initialized vagrant environments. In this case since we do not have any machines initialized yet, vagrant status gives the below output.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: lime;"># vagrant status </span><span style="color: white;">A Vagrant environment or target machine is required to run this command. Run `vagrant init` to create a new Vagrant environment. Or, get an ID of a target machine from `vagrant global-status` to run this command on. A final option is to change to a directory with a Vagrantfile and to try again.</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Now we can create a new directory and initialize the vagrant environment that we just downloaded, this will place a plain vagrantfile in the current working directory. You can change many of settings in this file, we can change things such as network configuration, shared folders, and puppet and chef details.</div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Just be aware a box restart will likely be required before changes take effect.</div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> To learn more about configuration inside the vagrant file, you can refer the<a href="https://docs.vagrantup.com/v2/vagrantfile/version.html" style="color: #dd0000; margin: 0px; padding: 0px; word-wrap: break-word;">vagrant documentation</a>.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: lime;"># mkdir centos-6.4-lamp </span><span style="color: white;"> # cd centos-6.4-lamp # vagrant init smallhadroncollider/centos-6.4-lamp A `Vagrantfile` has been placed in this directory. You are now ready to `vagrant up` your first virtual environment! Please read the comments in the Vagrantfile as well as documentation on </span><span style="color: lime;">`vagrantup.com` for more information on using Vagrant.</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> After you initialize vagrant box, you’ll see that it has created the following file under the current directory.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># ls -ltr </span><span style="color: lime;">-rw-r--r--. 1 root root 3017 Jan 27 18:29 Vagrantfile</span></span></span></pre> <h3 style="background-color: white; font-family: Georgia, 'Times New Roman', Times, serif; font-weight: normal; line-height: 1.222em; margin: 1.833em 0px 0.611em; padding: 0px; word-wrap: break-word;"> <span style="color: #0b5394; font-size: large;">4. Provider Dependency</span></h3> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Now if you to try to bring up the vagrant machine, you will see the below error. This is because the provider has not been installed yet on the machine. The provider can be usually Oracle Virtualbox, VMWARE, Hyper-V. Once you choose the provider, depending on OS platform install the respective rpm on the machine.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># vagrant up No usable default provider could be found for your system. Vagrant relies on interactions with 3rd party systems, known as "providers", to provide Vagrant with resources to run development </span><span style="color: lime;">environments. Examples are VirtualBox, VMware, Hyper-V. The easiest solution to this message is to install VirtualBox, which </span><span style="color: white;">is available for free on all major platforms. If you believe you already have a provider available, make sure it is properly installed and configured. You can see more details about why a particular provider isn't working by forcing usage with </span><span style="color: lime;">`vagrant up --provider=PROVIDER`, which should give you a more specific </span><span style="color: white;">error message for that particular provider.</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Note: In my case, I have downloaded and installed Oracle Virtualbox. You need to have one of the virtualization provider installed on your machine for this to work. </div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Once a provider (Oracle virtualbox, VMWare, etc.) is installed, try to bring up the virtual environment using “vagrant up” as shown below, you can also setup your public network and any other software packages needs to be included or any other configurations in the vagrant file and bring up the virtual machine.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># </span><span style="color: lime;">vagrant up</span><span style="color: white;"> Bringing machine 'default' up with '</span><span style="color: lime;">virtualbox</span><span style="color: white;">' provider... ==> default: Importing base box 'smallhadroncollider/centos-6.4-lamp'... ==> default: Matching MAC address for NAT networking... ==> default: Checking if box 'smallhadroncollider/centos-6.4-lamp' is up to date... </span><span style="color: lime;">==> default: Setting the name of the VM: centos-64-lamp_default_1419728026285_91788 </span><span style="color: white;">==> default: Clearing any previously set network interfaces... </span><span style="color: lime;">==> default: Preparing network interfaces based on configuration... </span><span style="color: white;"> default: Adapter 1: nat ==> default: Forwarding ports... default: 22 => 2222 (adapter 1) ==> default: Booting VM... ==> default: Waiting for machine to boot. This may take a few minutes... default: SSH address: 127.0.0.1:2222 </span><span style="color: lime;"> default: SSH username: vagrant default: SSH auth method: private key </span><span style="color: white;">... ...</span></span></span></pre> <h3 style="background-color: white; font-family: Georgia, 'Times New Roman', Times, serif; font-weight: normal; line-height: 1.222em; margin: 1.833em 0px 0.611em; padding: 0px; word-wrap: break-word;"> <span style="color: #0b5394; font-size: large;">5. Start and Stop Vagrant</span></h3> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> The vagrant status command displays the current status of the virtual machine.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># </span><span style="color: lime;">vagrant </span><span style="color: white;">status Current machine states: default running (virtualbox) The VM is running. To stop this VM, you can run `vagrant halt` to shut it down forcefully, or you can run `vagrant suspend` to simply suspend the virtual machine. In either case, to restart it again, simply run `vagrant up`.</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> To halt or shutdown a virtual environment for making changes, use the “vagrant halt” command as shown below,</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># </span><span style="color: lime;">vagrant halt</span><span style="color: white;"> ==> default: Attempting graceful shutdown of VM... default: Guest communication could not be established! This is usually because default: SSH is not running, the authentication information was changed, default: or some other networking issue. Vagrant will force halt, if default: capable. ==> default: Forcing shutdown of VM...</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Now if you check the status again, you’ll notice that it says “poweroff” as shown below.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># vagrant </span><span style="color: lime;">status</span><span style="color: white;"> Current machine states: default poweroff (virtualbox) The VM is powered off. To restart the VM, simply run `vagrant up`</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> To start the Vagrant again, use the following:</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># </span><span style="color: lime;">vagrant </span><span style="color: white;">up</span></span></span></pre> <h3 style="background-color: white; font-family: Georgia, 'Times New Roman', Times, serif; font-weight: normal; line-height: 1.222em; margin: 1.833em 0px 0.611em; padding: 0px; word-wrap: break-word;"> <span style="color: #0b5394; font-size: large;">6. Login to Vagrant Virtual Machine</span></h3> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> To SSH in to the vagrant virtual machine, you use the vagrant SSH command as shown below.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: lime;"># vagrant ssh </span><span style="color: white;">vagrant@vagrant-centos-6.4-lamp$</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> In order to display the SSH config on the vagrant environment, you can use the below command. You can set any of the values in the Vagrantfile if you need to modify it.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># vagrant </span><span style="color: lime;">ssh-config</span><span style="color: white;"> Host default HostName 127.0.0.1 User vagrant Port 2222 UserKnownHostsFile /dev/null StrictHostKeyChecking no PasswordAuthentication no IdentityFile /root/.vagrant.d/insecure_private_key IdentitiesOnly yes LogLevel FATAL ForwardAgent yes</span></span></span></pre> <h3 style="background-color: white; font-family: Georgia, 'Times New Roman', Times, serif; font-weight: normal; line-height: 1.222em; margin: 1.833em 0px 0.611em; padding: 0px; word-wrap: break-word;"> <span style="color: #0b5394; font-size: large;">7. Reload Vagrant</span></h3> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> Whenever you make any changes to the Vagrantfile, you can reload the configuration using “vagrant reload” command. This will reboot your virtual environment.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># </span><span style="color: lime;">vagrant reload</span><span style="color: white;"> ==> default: Attempting graceful shutdown of VM... default: Guest communication could not be established! This is usually because default: SSH is not running, the authentication information was changed, default: or some other networking issue. Vagrant will force halt, if default: capable. ==> default: Forcing shutdown of VM... ==> default: Checking if box 'smallhadroncollider/centos-6.4-lamp' is up to date... ==> default: Clearing any previously set forwarded ports... ==> default: Clearing any previously set network interfaces... ==> default: Preparing network interfaces based on configuration... default: Adapter 1: nat default: Adapter 2: hostonly default: Adapter 3: bridged ==> default: Forwarding ports... default: 22 => 2222 (adapter 1) ==> default: Booting VM... ... ...</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> To destroy the vagrant machine after all your testing is completed, you can run the following command.</div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: medium;"><span style="line-height: 15.6px;"><span style="color: white;"># </span><span style="color: lime;">vagrant</span><span style="color: white;"> destroy</span></span></span></pre> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;"> This will remove all the disks allocated to the VM, but the Vagrantfile will be still there.</div> <div style="background-color: white; color: #111111; font-family: Georgia, 'Times New Roman', Times, serif; font-size: 16px; line-height: 26px; margin-bottom: 26px; padding: 0px; word-wrap: break-word;">  If you want to rebuild the virtual environment with the same configuration, you can still use the Vagrantfile, that was created initially when you did the initialization.<br /><a href="http://www.hackthesec.co.in/">www.hackthesec.co.in</a></div> </div> </div>

How to Setup Vagrant on Linux to Create Virtual Dev Environment

Vagrant on Linux to Create Virtual Dev Environment Vagrant is an open source tool used for creating a portable virtual environment. ...

Read more »

glibc - getaddrinfo Stack-Based Buffer Overflow

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="l-titlebar imgsize_cover size_large color_default" style="box-shadow: rgba(0, 0, 0, 0.0784314) 0px -2px 0px -1px inset; box-sizing: border-box; color: #666666; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 24px; padding-left: 40px; padding-right: 40px; padding-top: 90px; position: relative; text-align: center; transition: padding 0.3s; z-index: 1;"> <div class="l-titlebar-h i-cf" style="box-sizing: border-box; margin: 0px auto; max-width: 1140px; padding-bottom: 50px; padding-top: 50px; position: relative; z-index: 1;"> <h1 style="box-sizing: border-box; color: #555555; font-family: 'Noto Sans', sans-serif; font-size: 38px; font-stretch: normal; font-weight: 300; line-height: 1.4; margin: 0px;"> glibc - getaddrinfo Stack-Based Buffer Overflow</h1> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_QWryo78k5KmTZ3w4a1QCJw9Q7fjBHyUzNYrVVTvrClx8VSEc9A1IgrbnOc9LOkp1dplQdQmAAQ6-vSe2beOok5DFxhxOHc0F8VlJ0tUwRJvrySppNj7TV8IpfmbwPPBfD3T58b1zfShW/s1600/buffer-overflow_www.hackthesec.co.in.bmp" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="318" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_QWryo78k5KmTZ3w4a1QCJw9Q7fjBHyUzNYrVVTvrClx8VSEc9A1IgrbnOc9LOkp1dplQdQmAAQ6-vSe2beOok5DFxhxOHc0F8VlJ0tUwRJvrySppNj7TV8IpfmbwPPBfD3T58b1zfShW/s640/buffer-overflow_www.hackthesec.co.in.bmp" width="640" /></a></div> <div> <table class="exploit_list" style="background-color: rgb(239, 239, 239) !important; border-radius: 3px !important; border-spacing: 1px; border: 1px solid rgb(221, 221, 221) !important; box-sizing: border-box; color: #666666; font-size: 14px; line-height: 24px; margin-bottom: 10px; margin-top: 10px; padding: 1px !important; width: 679px;"><tbody style="box-sizing: border-box;"> <tr style="background-color: rgb(248, 248, 248) !important; box-sizing: border-box;"><td style="box-sizing: border-box; padding: 5px 10px;"><b>Author: Google Security Research</b><span class="fa fa-check-circle-o" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: inline-block; font-family: FontAwesome; font-size: inherit; font-stretch: normal; line-height: 1; text-rendering: auto;"></span></td><td style="box-sizing: border-box; padding: 5px 10px;"><br /></td><td style="box-sizing: border-box; padding: 5px 10px;"></td></tr> <tr style="background-color: rgb(248, 248, 248) !important; box-sizing: border-box;"><td style="box-sizing: border-box; padding: 5px 10px;"><strong style="box-sizing: border-box;">Download Exploit:</strong> <a href="https://www.exploit-db.com/download/39454" style="background-color: transparent; box-sizing: border-box; color: #337ab7; outline: 0px; text-decoration: none; transition-duration: 0.3s; transition-property: background-color, box-shadow, border, color, opacity;"><span class="fa fa-file-code-o" style="-webkit-font-smoothing: antialiased; box-sizing: border-box; display: inline-block; font-family: FontAwesome; font-size: inherit; font-stretch: normal; line-height: 1; text-rendering: auto;"></span> Source</a> </td><td colspan="2" style="box-sizing: border-box; padding: 5px 10px;"><br /></td></tr> </tbody></table> <a href="http://www.hackthesec.co.in/" target="_blank">www.hackthesec.co.in</a><br /><a href="http://www.twitter.com/hackthesecurity">www.twitter.com/hackthesecurity</a></div> </div> </div> </div>

glibc - getaddrinfo Stack-Based Buffer Overflow

glibc - getaddrinfo Stack-Based Buffer Overflow Author: Google Security Research Download Exploit:    Source   www.hackthesec.co...

Read more »

How To Add and Delete Users on CentOS, RHEL & Fedora

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> </div> <h2 class="title single-title title20" style="background-color: white; border: 0px; font-size: 28px; line-height: 38px; margin: 0px 0px 5px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;"> <u style="font-family: 'Roboto Slab';"><span style="color: red;"><i>Add & Delete Users on CentOS, RHEL & Fedora<br /></i></span></u><span style="font-family: Georgia, Times New Roman, serif;"><span style="font-size: 16px; font-weight: normal; line-height: 28px;">You may need to create separate account for every user want to connect this system. For adding new users</span><span style="font-size: 16px; font-weight: normal; line-height: 28px;"> in system there are two commands available in your system, </span><span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: 16px; line-height: 28px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">useradd</span><span style="font-size: 16px; font-weight: normal; line-height: 28px;"> and </span><span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: 16px; line-height: 28px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">adduser</span><span style="font-size: 16px; font-weight: normal; line-height: 28px;">. adduser command is the enhanced version of useradd command. adduser command uses useradd command in backend. This tutorial will help you to add and delete user on <a href="http://www.hackthesec.co.in/search/label/Centos" target="_blank">CentOS</a>, <a href="http://www.hackthesec.co.in/search/label/RHEL" target="_blank">RHEL</a>, Fedora and CoreOS operating systems.<br /></span></span></h2> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgD7BydDE2ME1SHFnI-jYkru4Z8LR2LYIjMucRR7qN6AxXJrl49u6p5qPXOmcfIBjjISh66JcF4CzdRraD3I77xCw4k_zUu_kqA-Oh3hbLa1xIgDxwizZ5sq8uZ1FaWRm3P_ub1WPWXb-py/s1600/adduser_hackthesec.co.in.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgD7BydDE2ME1SHFnI-jYkru4Z8LR2LYIjMucRR7qN6AxXJrl49u6p5qPXOmcfIBjjISh66JcF4CzdRraD3I77xCw4k_zUu_kqA-Oh3hbLa1xIgDxwizZ5sq8uZ1FaWRm3P_ub1WPWXb-py/s1600/adduser_hackthesec.co.in.png" /></a></div> <div> <br /></div> <h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;"> <span style="color: #0b5394;">1. Add New User</span></h2> <div> <span style="font-family: Georgia, Times New Roman, serif;"><span style="background-color: white; font-size: 16px; line-height: 28px;"> Following command will create new user </span><span style="background-color: white; font-size: 16px; line-height: 28px;">named ‘hackthesec’ on your system</span></span></div> <div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="color: white;"># </span><span style="color: lime;">adduser </span><span style="color: white;">hackthesec </span></span></pre> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: Georgia, Times New Roman, serif;">Still you can’t login to your system with this account. You need to set a password to account to active it. Use this command to set new password.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="color: white;"># passwd hackthesec Changing password for user hackthesec. New password: ************** Retype new password: ************** </span><span style="color: lime;">passwd: all authentication tokens updated successfully.</span></span><span style="font-size: 0.9em;"><span style="color: lime;"> </span></span></pre> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: Georgia, Times New Roman, serif;">By default above command will create users home directory as /home/<user name="">. But you can specify home directory at any other location using following command.</user></span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="color: white;"># adduser hackthesec </span><span style="color: lime;">--home=/var/home/</span><span style="color: white; line-height: 1.3em;">hackthesec</span><span style="color: white;"> </span></span></pre> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: Georgia, Times New Roman, serif;">You can also specify any other shell for user in place of default, use <span style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-size: inherit; font-weight: 700; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">–shell</span> switch followed by shell name as below.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="color: white;"># adduser </span><span style="color: white; line-height: 1.3em;">hackthesec</span><span style="line-height: 1.3em;"><span style="color: white;"> </span><span style="color: lime;">--shell=/bin/bash</span></span></span></pre> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: Georgia, Times New Roman, serif;">If you don’t want to create users home directory. You can use –no-create-home switch with adduser command as below.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="color: white;"># </span><span style="color: lime;">adduser </span><span style="color: white; line-height: 1.3em;">hackthesec</span><span style="color: white; line-height: 1.3em;"> --no-create-home</span></span></pre> <h2 class="heading1" style="background-color: white; border: 0px; font-family: 'Roboto Slab'; font-size: 24px; font-weight: bolder; line-height: 34px; margin: 45px 0px 12px; opacity: 1; outline: 0px; padding: 0px; transition: opacity 0.24s ease-in-out; vertical-align: baseline; visibility: visible;"> <span style="color: #0b5394;">2. Delete User from System</span></h2> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: Georgia, Times New Roman, serif;">Now its good to lock or delete any user from system which is no longer required. Use the following command to delete any user from system.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="color: white;"># </span><span style="color: lime;">userdel</span><span style="color: white;"> hackthesec </span></span></pre> <div style="background-color: white; border: 0px; font-size: 16px; line-height: 28px; margin-bottom: 20px; outline: 0px; padding: 0px; vertical-align: baseline;"> <span style="font-family: Georgia, Times New Roman, serif;">The above command will not delete users home directory. If you also want to delete users home directory use -r or –remove-home parameter with command, For example below command will delete user hackthesec and their home directory permanently.</span></div> <pre style="background: none 0px 0px repeat scroll rgb(60, 60, 60); border-radius: 4px; border: 1px solid rgb(229, 229, 229); line-height: 1.3em; margin-bottom: 20px; outline: 0px; overflow: auto; padding: 20px; vertical-align: baseline;"><span style="font-size: large;"><span style="color: white;"># </span><span style="color: lime;">userdel </span><span style="color: white;">hackthesec -r <a href="http://www.hackthesec.co.in/" target="_blank">www.hackthesec.co.in</a> <a href="http://www.twitter.com/hackthesecurity">www.twitter.com/hackthesecurity</a></span></span></pre> </div> </div>

How To Add and Delete Users on CentOS, RHEL & Fedora

Add & Delete Users on CentOS, RHEL & Fedora You may need to create separate account for every user want to connect this system. ...

Read more »