• How To Install NextCloud on Centos 7 and Centos 8


    yum -y install wget unzip wget https://download.nextcloud.com/server/releases/nextcloud-18.0.2.zip unzip nextcloud-18.0.2.zip yum -y install php php-mysqlnd php-json php-zip php-dom php-xml php-libxml php-mbstring php-gd mysql mysql-server Last metadata expiration check: 0:58:02 ago on Fri 13 Mar 2020 02:12:49 PM EDT. Dependencies resolved. ===================================================================........
  • Centos 7 Stopped and Disabled Firewalld and ports still blocked


    This is a gotcha but be aware sometimes iptables may be active and loaded by default. Also make sure you don't just disable firewalld but also stop it otherwise it will still block stuff: systemctl stop firewalld If the above is not the issue then it is possible iptables is running and blocking stuff too, so you'll need to stop iptables. So in addition to opening firewalld or disabling it, you would need to disable iptables........
  • Centos 7 how to save iptables rules like Centos 6


    yum install iptables-services systemctl enable iptables service iptables save iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]........
  • Debian Ubuntu Mint Howto Create Bridge (br0)


    Having a network bridge allows you to bridge traffic under multiple devices so they can talk natively without using any special routing, iptables/firewall or other trickery. To create your bridge you need the bridge-utils package for brctl and if you want to do things like bridge VMs that run on a tap device you will need the uml-utilities which provides "tunctl". Install the utilities to make our bridge sudo apt-get install........
  • ssh reverse proxy to enable remote access behind a LAN and firewall


    So say you are behind a typical NAT/LAN setup whether at home, work or while travelling. What if you have a computer or server that you need to connect to from the outside? Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature. Requirements On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be........
  • iptables linux firewall recommended rules for public computing


    Whether you are at work, at the coffee shop or on the public internet here are some basic but effective rules for iptables that lock things down (eg. no one can SMB or SSH to you or really anything): # Generated by iptables-save v1.4.21 on Fri Dec 14 14:00:08 2018 *nat :PREROUTING ACCEPT [160:19844] :INPUT ACCEPT [4:357] :OUTPUT ACCEPT [2955:182236] :POSTROUTING ACCEPT [2955:182236] COMMIT # Completed on Fri Dec 14........
  • systemd management using systemctl and journalctl to check systemd logs


    systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system. The key commands or arguments you will use with systemctl are the following: Unit Commands: list-units [PATTERN...] List loaded units &nbs........
  • How To Secure Samba NMBD/SMBD to bind to a specific IP address


    By default Samba SMB/NMB listen on ANY and ALLIPs on your system by binding to 0.0.0.0. Obviously this is a huge security risk if you have a public facing server with both internal and external access. Usually when a system administrator sets up a samba server their intention is just to share with a LAN. To do this you need to the following options under the [global] section in smb.conf bind interfaces only = yes interfaces = 192........
  • mysqld in Linux hacked


    Check for crap in /var/lib/mysql like this ls -al /var/lib/mysql/ total 20888 drwxr-xr-x 24 mysql mysql 4096 Oct 3 18:30 . drwxr-xr-x 20 root root 4096 Oct 3 04:23 .. -rw-rw-rw- 1 mysql mysql 11776 Oct 3 17:10 c:exp.exe -rw-rw-rw- 1 mysql mysql 48128 Oct 3 17:10 c:exp1.exe........
  • Linux Mint Install Netboot PXE Guide Howto


    *Update so this doesn't work it must be something to do with the path of nfs or something else but the installer fails with "Installer crashed" at the end whereas with the CD/USB it works. This assumes you've already installed and configured a separate PXE/DHCP server somewhere else and your /tftpboot directory is setup. This is for Linux Mint 18.1 but generally applies to most versions although you may have tro change things like "casper"........
  • MySQL Allow Access from Remote Host IP and Update All Users


    Change Host="192.168.5.99" with the remote IP allowed(this is of course more secure but also cumbersome if your IP changes). You could also have a single layer of protection that specifies the IP via firewall or both (of course both are far mor secure). UPDATE user SET Host="192.168.5.99" where Host="localhost" or for any/wildcard UPDATE user SET Host="%" where Host="localhost&qu........
  • The connection was reset The connection to the server was reset while the page was loading.


    In Firefox I cannot connect to any website, proxy is disabled and outside network access is confirmed, no system or manual proxy was set on this Linux Mint/Ubuntu system. Normally this can be caused by proxy or DNS problems and the weird thing is that traceroute and ping to other IPs worked fine but even connecting to sites by IP was not working. The connection was reset The connection to the server was reset while the page was loading.........
  • iptables: Applying firewall rules: iptables-restore: line 40 failed


    service iptables start iptables: Applying firewall rules: iptables-restore: line 40 failed [FAILED]........
  • bash for loop with specific numbers


    Say if you need to make a firewall script to block certain ports this works great. for ports in 21 25 443; do iptables rules here done........
  • SSH Tunnel Dynamic Proxy Stops Working Right Away even with Root and High Port


    I keep getting messages like this shortly after using the proxy (it works for a few seconds/page loads and then stops): channel 12: open failed: administratively prohibited: open failed I'm not sure what the issue is unless there's some kind of hardware firewall on the other end. I've used this exact configuration on multiple servers with no issue and even disabled iptables etc..........
  • named/bind cannot find zone file, load zone files without specifying full directory path/loading master file genuine.com.zone: file not found


    genuine.com/IN: loading master file genuine.com.zone: file not found _default/genuine.com/IN: file not found I always found it silly that no one really talks about this and apparently many like me and even control panels like Plesk were still using hard paths. I always thought "why can't I just specify the name of the zone file and have bind find it". Surely the default search path must be /var/named or somewhere else but there is no such thing.........
  • Ubuntu/Debian DRBD 8.0 Setup Guide


    I've only used it on Centos, soI thought I'd make a quick Debian guide: Install the DRBD Package apt-get install drbd8-utils Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: libswfdec-0.8-0 Use 'apt-get autoremove' to remove them. The following........
  • DRBD WFConnection Problem/Solution


    This has stumped me a few times because I keep forgetting that Centos 5.5 comes with a default iptables configuration that ends up blocking DRBD traffic,I tried all the normal things and couldn't understand why I couldn't make my normal DRBD config work. So if you have WFConnection problems and have tried the normal "mailing list" fixes, check your firewall status first! Both Nodes Say the Following: version: 8.3.8 (api:88/prot........
  • MySQL Recover/Reset Lost/Forgotten root Password


    One note is to secure MySQL, I don't know for sure but I believe you could login to MySQL remotely with no password during this operation (I'm not sure, maybe it doesn't accept blank passwords but I firewall MySQL port anyway and recommend you do the same). First edit /etc/my.cf Under the [mysqld] field add the following line somewhere: skip-grant-tables Now restart mysql: service mysql restart or on Debian sty........
  • Trouble connecting between Windows XP and Windows 98 Shares


    Trouble connecting between Windows XP and Windows 98 SharesOk a few things to check for: * Disable all firewalls * Make sure NetBEUI is enabled on both computers * Make sure the Windows XP computer has the name of the computer logged in user of Windows 98 added as an XP user * Add the XP user to anything you want to share That fixed my problem........
  • Helpful IPFW Examples


    Helpful IPFW ExamplesSomeone's real life examples: http://lists.freebsd.org/pipermail/freebsd-security/2004-July/002181.html Or you can try the FreeBSD Handbook guide: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html........
  • Proftp Passive Ports


    Proftp Passive PortsIf you use a locked down firewall you can edit proftpd.conf and tell it something like this: [quote:8419cab1f8]PassivePorts 6170 6270[/quote:8419cab1f8] That would force all passive ftp traffic to ports 6170 6270 which you could then open on your firewall rather than leaving open ports 1024-65000 open........
  • Basic Port Listing


    Basic Port ListingHopefully someone finds this useful or at least interesting. http://www.sans.org/top20/#u9 Name Port Protocol Description Small services ........
  • Linux/Unix Open SSH Login Without Password Key Exchange including Debian, Redhat, Fedora, Ubuntu, BSD etc..


    In those 4 simple commands you can setup mutual key exchange between two sshservers by using a single login shell session and single window. *Just change the IP address examples of (10.10.0.2) to the target of your mutual key exchange. It doesn't matter if the server is on a LANor WAN(well unless the server is behind a firewall and you cannot SSHinto it).........
  • How To Save iptables firewall rules Centos/Redhat/Fedora Linux


    This is something that annoys a lot of people, fortunately the Redhat style OS's are the most simple in this respect. I disagree that Debian's way makes sense, it is more of a hackish approach in how they implement iptables. Anyway, for those who are using Redhat/Centos style OS's it is very simple. Set your rules from the shell/command prompt and to save the iptables firewall rules so they are remember/loaded on boot just run this command: service iptables........
  • Latest Articles

  • virt-resize: error: libguestfs error: could not create appliance through libvirt.
  • Asterisk Does Not Retry When Authentication Fails
  • Linux Debian Ubuntu How To Install PEPPER Faster and Latest Adobe Flash Player in Firefox
  • How To Speed Up Linux Ubuntu and Debian Based Computers By Improving CPU Performance and Changing the CPU Governor
  • Convert data or file to base64 on a single line
  • Linux Mint Ubuntu Debian radeon slow 2D performance issues radeon_dp_aux_transfer_native: 158 callbacks suppressed
  • mdadm: super0.90 cannot open /dev/sdb1: Device or resource busy mdadm: /dev/sdb1 is not suitable for this array.
  • How To Install NextCloud on Centos 7 and Centos 8
  • AH01630: client denied by server configuration:
  • ERROR: Could not find a version that satisfies the requirement PIL (from versions: none) ERROR: No matching distribution found for PIL
  • ZTE Camera Cannot Work unable to connect to camera. Camera has been disabled becaue of security policies or is being used by other apps
  • QEMU KVM how to boot off a physical CD/DVD/BDROM Drive
  • How To Install OpenProject on Centos 7 Step-by-Step Guide
  • Ubuntu Debian Linux Cannot Install Wine Solution - wine1.6 : Depends: wine1.6-i386 (= 1:1.6.2-0ubuntu14.2) but it is not installable wine1.4 : Depends: wine1.6 but it is not going to be installed
  • How To Install python 3.4 3.5 and up on Linux with wine - Working Solution
  • using Xvfb on virtual remote ssh server to have X graphical programs work
  • ssh Received disconnect from port 22:2: Too many authentication failures
  • named bind errors - DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches a trusted key for '.'
  • OpenVZ vs LXC DIR mode poor security in LXC
  • httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load modules/libphp5.so into server: /lib64/libresolv.so.2: symbol __h_errno, version GLIBC_PRIVATE not defined in file libc.s