Helping Sysadmins Around The Globe @sysadmintricks - Tumblr Blog

How to patch CentOS for the Ghost exploit (or CVE-2015-0235 )

For centos5 and centos6:

execute:

yum clean all && yum update glibc

Then reboot, it should update all linked programs.

The bad thing is that the exploit requires a reboot, this is because running applications still link to the old libraries. You could restart all services linked to glibc manually but you might miss some. The safest way is just to reboot.

The exploit is less extensive than reported in the media, only some running services, like exim, can be exploited to gain privileges and access on a machine. However, it is a mayor security issue and systems have been affected by it since 2000 and not all additional possible exploit vectors are known.

On http://seclists.org/oss-sec/2015/q1/283 most mayor services like the ones below were tested for the vulnerability:

apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql, nfs-utils, nginx, nodejs, openldap, openssh, postfix, proftpd, pure-ftpd, rsyslog, samba, sendmail, sysklogd, syslog-ng, tcp_wrappers, vsftpd, xinetd.

These services have been tested and they do not seem exploitable like the publicly released exploit through exim.

There is an easy way to test if you are vulnerable for the exploit:

$ wget https://webshare.uchicago.edu/orgs/ITServices/itsec/Downloads/GHOST.c $ gcc GHOST.c -o GHOST $ ./GHOST

It should return vulnerable or not vulnerable.

Good luck patching your centos linux server for the CVE-2015-0235 exploit!

#CVE-2015-0235 #ghost #linux #centos

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

How to tar and compress linux / unix files and folders

tar -cvf filename.tar file.sql

You can use the tar command for this. Replace filename.tar and file.sql with the names you need to tar. You can then compress it with: grip file.sql .

How to remove an mdadm raid device

Check the disks:

cat /proc/mdstat

Personalities : [raid1] md127 : active raid1 sdd[2] 2930265424 blocks super 1.2 [2/1] [_U] md0 : active raid1 sdc[0] 2930265424 blocks super 1.2 [2/1] [U_]

In this example we want to remove md127

mdadm --stop /dev/md127

You then want remove the superblock info on the disk:

mdadm --zero-superblock /dev/sdd

#mdadm #linux

How to check an ext4 of ext3 disk for disk corruption

Boot in mantenance mode (or enter the root password on the console)

fsck -Cy /dev/xvdb1

The C will show the progress the y will say yes to all possible fixes. Do not use the y flag if you do'nt want to loose data.

fsck from util-linux-ng 2.17.2 e2fsck 1.41.12 (17-May-2010) /dev/xvdb1 contains a file system with errors, check forced. Pass 1: Checking inodes, blocks, and sizes Inodes that were part of a corrupted orphan linked list found. Fix? yes Inode 1054540 was part of the orphaned inode list. FIXED. Inode 1054541 was part of the orphaned inode list. FIXED. Inode 1054542 was part of the orphaned inode list. FIXED. Inode 1054543 was part of the orphaned inode list. FIXED. Pass 2: Checking directory structure Pass 3: Checking directory connectivity Pass 4: Checking reference counts Pass 5: Checking group summary information Inode bitmap differences: -(1054539--1054543) Fix? yes Free inodes count wrong for group #128 (0, counted=5). Fix? yes Free inodes count wrong (1225202, counted=1225207). Fix? yes /dev/xvdb1: ***** FILE SYSTEM WAS MODIFIED ***** /dev/xvdb1: 85513/1310720 files (0.2% non-contiguous), 1104273/5242880 blocks

#fsck #ext3 #ext4

How to make a page in an iframe load on te top position after a click

Sometimes when you have to load another app on a webpage in an iframe it will need to be reloaded at the top when the user goes trough the app in the iframe. Because if it doesn't and the user is scrolled down the scroll position stays down on the previous page.

You can to this by simply adding this javascript in your template:

#iframe #html #javascript

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

How to check the percona mysql replication status

Login to mysql:

mysql -u root -p

and enter

SHOW STATUS LIKE 'wsrep%

This will show you the replication status

mysql> SHOW STATUS LIKE 'wsrep%'; +----------------------------+--------------------------------------+ | Variable_name | Value | +----------------------------+--------------------------------------+ | wsrep_local_state_uuid | x| | wsrep_protocol_version | 4 | | wsrep_last_committed | 2710865 | | wsrep_replicated | 54 | | wsrep_replicated_bytes | 40151 | | wsrep_received | 11 | | wsrep_received_bytes | 828 | | wsrep_local_commits | 54 | | wsrep_local_cert_failures | 0 | | wsrep_local_replays | 0 | | wsrep_local_send_queue | 0 | | wsrep_local_send_queue_avg | 0.000000 | | wsrep_local_recv_queue | 0 | | wsrep_local_recv_queue_avg | 0.000000 | | wsrep_flow_control_paused | 0.000000 | | wsrep_flow_control_sent | 0 | | wsrep_flow_control_recv | 0 | | wsrep_cert_deps_distance | 7.740741 | | wsrep_apply_oooe | 0.000000 | | wsrep_apply_oool | 0.000000 | | wsrep_apply_window | 0.000000 | | wsrep_commit_oooe | 0.000000 | | wsrep_commit_oool | 0.000000 | | wsrep_commit_window | 0.000000 | | wsrep_local_state | 4 | | wsrep_local_state_comment | Synced | | wsrep_cert_index_size | 41 | | wsrep_causal_reads | 0 | | wsrep_incoming_addresses |x:3306,x:3306 | | wsrep_cluster_conf_id | 4 | | wsrep_cluster_size | 2 | | wsrep_cluster_state_uuid | xf | | wsrep_cluster_status | Primary | | wsrep_connected | ON | | wsrep_local_bf_aborts | 0 | | wsrep_local_index | 1 | | wsrep_provider_name | Galera | | wsrep_provider_vendor | Codership Oy <[email protected]> | | wsrep_provider_version | 2.10(r175) | | wsrep_ready | ON

#percona #mysql

How to define an alternative SSH port for capistrano deploys

Add the config line: ssh_options[:port] = 22022 To the capistrano deploy script, this will force capistrano to use port 22022 as default for ssh connections. You can also define a port to your different servers: role :app, "ipofserver:2222" role :web, "ipofserver:2222"

#capistrano #ssh

How to find the largest folders on linux

This easy command will list the largest folders on your linux machine:

du -a / | sort -n -r | head -n 20

Replace the / with the folder you want to check.

This might take some time.

#wearlevel

How to determine the Wear Level Count on a Samsung SSD in Linux

Use smartctl:

smartctl -a /dev/sda | grep Wear_Leveling_Count 177 Wear_Leveling_Count 0x0013 099 099 000 Pre-fail Always - 5

The last value '5' in this case is the number of PE cycles. You should replace the disk if it hits 1000.

Now you have this value it is possible to estimate when this will be.

smartctl -a /dev/sda | grep Power_On_Hours 9 Power_On_Hours 0x0032 099 099 000 Old_age Always - 3454

In the example the disk has been online for 3454 hours, using 5 PE cycles.

How much time do we have left: (Power_On_Hours / PE cycles) * (1000 - PE cycles) , at this rate the disk will not wear out for the next 28639 days, or 78 years. By then we should have replaced the disk to prevent wearout.

#linux #ssd #samsung #wearlevel

How to get smartctl data from Dell Perc controllers ( DELL PERC controllers are not supported )

If you ever need smartd data from disks on a dell Perc controller and het this:

smartctl -a /dev/sda smartctl 5.42 2011-10-20 r3458 [x86_64-linux-2.6.18-308.20.1.el5.onappxen] (local build) Copyright (C) 2002-11 by Bruce Allen, http://smartmontools.sourceforge.net DELL PERC controllers are not supported.

You can bypass this by polling the controller directly with:

smartctl -a /dev/sda -d sat+megaraid,0

Replace the 0 in megaraid,0 with the position of the disks in the bay. For example, the disk in bay3 would become megaraid,3

#dell #smartd #megaraid

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

Windows 2012 IIS error when importing certificate Error HRESULT: 0x80070520

When completing a certificate request in IIS you might get the 0x80070520 error. But most probably the certificate is imported anyway. So you can just assing the certificate to a vhost in IIS.

#windows2012 #iis #windows server #ssl

How to disable SSLv3 in pound SSL proxies

Protect your pound SSL proxy by disabling sslv3 in your pound config:

Just add the line:

Ciphers "TLSv1:-LOW:-aNULL:-ADH:-EXP:-eNULL"

In /etc/pound.cgf between ListenHTTPS and END and after your Cert and Calist definitions. This will effectively disable sslv3 on SSL server proxies running pound. Save the file and restart pound.

#pound #sslv3 #poodle

Patch webservers on Plesk for the SSLv3 poodle bug

There is no patch for the poodle bug in SSLv3 yet, the only option for now is disabling SSLv3.

For the webserver this can be done with:

echo 'SSLProtocol all -SSLv2 -SSLv3' > /etc/httpd/conf.d/zz099-psa-disable-weak.conf

Then restart the webserver with service httpd restart.

More info on how to patch plesk itself and other services coming soon. Plesk, imap, smtp are also vulnerable. The pooble bug allows to intercept SSL encrypted traffic at client level due to a design issue with SSLv3.

#plesk #poodle #sslv3 #ssl #security #exploit

Upgrade bash for shellshock on debian squeeze

In orde to upgrade bash on debian squeeze you should enable squeeze LTS by adding it to your soucres list:

echo 'http://ftp.us.debian.org/debian squeeze-lts main non-free contrib' >> /etc/apt/sources.list

Now update your apt package lists:

apt-get update

And finally install the shellshock patch:

apt-get install --only-upgrade bash

Check if you are still vulerable by executing

env x='() { :;}; echo vulnerable' bash -c 'echo hello'

Vulernable should not output when running the command.

#shellshock #debian #squeeze

Installing Varnish 3 on Debian Squeeze

This little post helps you to install varnish on debian squeeze. Varnish is a web application accelerator.

curl http://repo.varnish-cache.org/debian/GPG-key.txt | apt-key add

Add the repo to the sources list

echo "deb http://repo.varnish-cache.org/debian/ squeeze varnish-3.0" >> /etc/apt/sources.list

And now update and install Varnish

apt-get update

apt-get install varnish

And you now have varnish v3 running on Debian squeeze

#varnish #debian #squeeze

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

How to add a disk to a broken linux software raid

Examine the disks and check the name of the disk you just added:

fdisk -l

Add the disk to the software raid (we assume your raid is on /dev.md0 and the new disk is /dev/sdd

mdadm --add /dev/md0 /dev/sdd

You can follow up the disk sync with:

cat /proc/mdstat

The output should be someting like:

Personalities : [raid1] md0 : active raid1 sdd[2] sdc[0] 2930265424 blocks super 1.2 [2/1] [U_] [>....................] recovery = 0.0% (4992/2930265424) finish=29255.7min speed=1664K/sec

#centos #linux #mdadm

How to show the version information of an installed package in Debian

This simple example shows you how you can check the version of an installed package in debian. This example queries the version of the installed varnish package.

dpkg-query -l 'varnish'

#debian

Trending Blogs

Last Seen Blogs

Helping Sysadmins Around The Globe