• Ubuntu Linux Mint Debian Redhat Cannot View Files on Android iPhone USB File Transfer Not Working Solution


    If you plugin your phone to your computer and enable USB File Transfer/Allow on the phone side but the contents of your phone on the computer side are empty in the file manager, you probably don't have mtp-tools.MTP or media transfer protocol is the standard protocol that most phones use to communicate over USB to the computer. Just do this to fix it and get access to your files: apt install mtp-tools After that you should be a........
  • iptables NAT how to enable PPTP in newer Debian/Ubuntu/Mint Kernels Linux


    Remember that control connections are established on port 1723 and then actual data is transferred over GRE protocol 47. If you have a NAT setup this will work without special forwarding or accepting of GRE packets (normally if you are not blocking outgoing connections and accepting established and related connections). The below two commands will get things going so PPTP and GRE work We first load the ip_nat_pptp module which allows PPTP to work with........
  • How To Create OpenVPN Server for Secure Remote Corporate Access in Linux Debian/Mint/Ubuntu with client public key authentication


    Why choose OpenVPN instead of a firewall appliance? OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time. When comparing OpenVPN with traditional firewal........
  • Unable to mount location Failed to retrieve share list from server: Connection timed out - Samba/Linux Filesharing Not working Ubuntu Mint Linux Solution


    So you're trying to browse to a properly configured Samba share but you get this error: Unable to mount location Failed to retrieve share list from server: Connection timed out If your config is right, it can be due to a protocol miss-match where your client has not enabled SMB3 but by default the other side (server) has enabled it. You can test this out to see with the smbclient tool........
  • ssh how to connect using a SOCKS 5 proxy with nc and proxycommand


    This is not about using ssh as a proxy, but rather, using a proxy when you are SSHing to another host and using ProxyCommand (where we normally use nc as our proxy tool). In newer versions of nc the syntax has changed to the following: ssh -o ProxyCommand="nc -x 127.0.0.1:1234" %h %p user@host The format must be like above in newer nc versions. Just be sure to change the 1234 to the port of your SOC........
  • Linux tftp listens on all interfaces and IPs by DEFAULT Security Risk Hole Solution


    Just edit your tftp file for xinetd like this: *Change the IPto be the IPof the interface you want to listen on. To test if your tftp is available on a certain IP range use nc -u yourip 69 to see if you can still connect (/var/log/messages or /var/log/syslog) should show the connection if it is open. Oct 13 23:20:34 01 xinetd[26631]: Started working: 1 available servic........
  • Cisco Router Setup Guide and Tutorial Howto With Commands and Examples


    In most of the Cisco router IOS I find the ports like ge0/0 ge0/1 and ge0/2 or whatever your ports are down. They will not even give you a link light. So one of the first tasks should be getting the port you are working with up. In my case the first goal is often connectivity with the LAN and WAN. LAN = your local area network (eg. in the office/home ) WAN= your ISP/public internet (eg. fiber/cable/dsl/ethernet).........
  • Cisco Switches How To Get Of Port Line Status Console Messages


    00:55:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down 00:55:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up Switch(config)#no logging console ........
  • How Does Cisco CUCM (Cisco Unified Communication Manager) Work?


    Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCMis like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments. Cisco's CUCMmakes communication more effective and simple through centralized management and unification of communications resources.........
  • vino server error cannot login


    10/07/2018 03:05:14 PM [IPv4] Got connection from client10.10.25.1 10/07/2018 03:05:14 PM other clients: 10/07/2018 03:05:14 PM Client Protocol Version 3.7 10/07/2018 03:05:14 PM Advertising security type 18 10/07/2018 03:05:14 PM Client returned security type 18 10/07/2018 03:05:14 PM TLS Handshake failed: Could not negotiate a supported cipher suite. 10/07/2018 03:05:14 PM Client10.10.25.1 gone 10/07/2018 03:05:14 PM Statistics:........
  • Cannot create gradle for conversations


    The main issue is it looks like Java is not configured to accept the invalid ssl cert that is coming from the download location. Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error export ANDROID_HOME=/home/user/Downloads/tools/ Conversations-master$ ./gradlew Downloading https://services.gradle.org/distributions/grad........
  • Maximum number of connections from user+IP exceeded (mail_max_userip_connections=10) Dovecot Solution


    This happens because Dovecot limits the maximum IMAPconnections per IPto just 10. This may be fine for a single client side IPbut if an entire office or multiple users are behind one IPor a single heavy user is active then you will get bizarre errors in your e-mail clients such as "Password Incorrect" or similar in Thunderbird. It won't be obvious on the client side as to what the problem is and they will probably just think the server is misconfi........
  • Linux Mint Black Screen after boot no graphics solution


    This is not the normal "black screen"issue and I was shocked to eventually find out why. The normal advice of reconfiguring Xorg didn't work. Even booting into "Recovery Mode" did not help. Here is the short end of the stick that fixed it: sudo apt-get install mdm mate-desktop-environment Yes you got it right, mdm and the mate-desktop-environment / gnome were somehow uninstalled. This must be whe........
  • curl: (35) Unknown SSL protocol error in connection Solution Centos


    curl: (35) Unknown SSL protocol error in connection The main solution is to update curl and nss. If you are having an issue with curl through Apache/PHPyou will need to restart PHPafter. It's important to remember that this error could mean a lot of things but most often it simply means that curl and openssl may be outdated and only allow newer secure ways of connecting to SSL. In general here is how you would fix it in most c........
  • ffmpeg Linux Mint download, compile and install howto


    #if you have nvidia make sure you install the nvidia-cuda-toolkit so hardware acceleration can be used wget http://ffmpeg.org/releases/ffmpeg-3.3.2.tar.bz2 tar -jxvf ffmpeg-3.3.2.tar.bz2 cd ffmpeg-3.3.2/ ./configure --disable-yasm install prefix /usr/local source path ........
  • curl: (1) Protocol "https not supported or disabled in libcurl"


    This seems to only happen from a bash script but it's not clear why it works from the terminal but not from a bash script.........
  • Centos 5 OpenSSL does not support TLS 1.2 Apache Error


    [Thu Jan 26 14:13:31 2017] [notice] caught SIGTERM, shutting down [Thu Jan 26 14:14:00 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Jan 26 14:14:00 2017] [error] Server certificate is expired: 'Server-Cert' [Thu Jan 26 14:14:00 2017] [notice] SSL FIPS mode disabled [Thu Jan 26 14:14:07 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Jan 26 14:14:07 2017] [error] Server certificate is expired: 'Server-Ce........
  • DRBD Split-brain solution


    Uh oh [17925926.174277] block drbd0: Handshake successful: Agreed network protocol version 96 [17925926.174325] block drbd0: conn( WFConnection -> WFReportParams ) [17925926.174342] block drbd0: Starting asender thread (from drbd0_receiver [1682]) [17925926.174432] block drbd0: data-integrity-alg: [17925926.174581] block drbd0: drbd_sync_handshake: [17925926.174586] block drbd0: self 2AAE66AF9252D6DB:2815BF........
  • How to Properly Secure SSL/TLS Apache Settings against Heartbleed Poodle (TLS) Poodle (SSLv3) FREAK BEAST CRIME


    Many users still are not aware but simply patching OpenSSL does not secure you against many known and easy to exploit attacks that will render your encryption useless by an attacker. Use the following setings in /etc/httpd/conf.d/ssl.conf SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !........
  • Centos extremely secure iptables setup


    If you want to make sure only a certain IP can access your server for any service or protocol here is a way to do it (just be sure you have access to the IP(s) mentioned or you will be locked out). iptables -F iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp -s IP.IP.IP.IP -j ACCEPT iptables -A INPUT -j DROP serv........
  • Apache SSL Reverse Proxy Very Slow Solution


    This is a simple fix but not a simple problem and it still doesn't make sense to me. But in a nutshell if your target proxy server works fast when accessing directly over SSL then this may be your issue. It seems SSL does not play nicely when the target proxy destination/host has a riduculously long key (such as 8192 bits long). Now this is normally not a problem, in fact the target server could be accessed with hardly any delay directly despite such a long key.........
  • HP Procurve Switch 2824 CLI Telnet Experience , Guide and Tutorial


    ------------------------------------- ProCurve J4903A Switch 2824 Software revision I.10.77 Copyright (C) 1991-2009 Hewlett-Packard Co. All Rights Reserved. RESTRICTED RIGHTS LEGEND Use, duplication, or disclosure by the Government is subject to restrictions........
  • Asterisk iptables block bruteforce attacks howto with fail2ban


    yum -y install fail2ban vi /etc/fail2ban/jail.conf [asterisk-tcp] enabled = true filter = asterisk action = iptables-multiport[name=asterisk-tcp, port="5060,5061", protocol=tcp] sendmail-whois[name=Asterisk, dest=you@example.com, sender=fail2ban@example.com] logpath = /var/log/asterisk/messages maxret........
  • sudo: sorry, you must have a tty to run sudo solution


    ./rsync.sh sudo: sorry, you must have a tty to run sudo rsync: connection unexpectedly closed (0 bytes received so far) [sender] rsync error: error in rsync protocol data stream (code 12) at io.c(601) [sender=3.0.7] Solution edit /etc/sudoers #Defaults requiretty........
  • SSH Can't Login/Hang


    Client Log OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_d........
  • LOG: MAIN PANIC failed to expand condition "${if eq {$authenticated_id}{}{0}{${if eq {$sender_address}{$local_part@$domain}{0}{${if match{$received_protocol}{N^e?smtps?a$N}{${perl{checkbx_autowhitelist}{$authenticated_id}}}{${if eq{$received_prot


    I experienced this with CPanel's Exim after an auto-update (a Google of this error produces lots of complaints with few clear solutions). In this case I'll put the solution at the top. Run /scripts/buildeximconf to rebuild the Exim config and it should be fine after that. mail -vs "from test" user@dest.com < .bash_history LOG: MAIN cwd=/root 4 args: send-mail -i -v user@dest.com LOG: MAIN &........
  • Xen non-HVM container won't work/boot anymore


    One of my test Centos 5 containers was on a partition that filled up and it threw all sorts of errors and stopped responding but now I can't boot it again anymore. All the console shows is the Linux Penguin on the top left corner and the xm console says "usbcore: registered new driver hub" and has halted there. Centos 5 Xen container stuck/frozen won't boot on "usbcore: registered new driver hub" Another great way of troubleshooting is booting fro........
  • How to view UDP and other protocol connections?


    netstat is weak and can't show udp connections and most other protocols, use "ss" which is what netstat should have been: The "-u" switch stands for udp, here's a list of other options: Usage: ss [ OPTIONS ] ss [ OPTIONS ] [ FILTER ] -h, --help this message -V, --version output ver........
  • monit example tutorial how to enable status checking and manipulation


    You need to enable the httpd daemon with monit to actually view the status and control, it's not only for the web interface since the httpd is theONLY way of controlling monit and viewing the status. monit monitor all will also reinstate disabled services if they've timed out too much. Just restarting the service will do nothing to re-monitor a service that monit has stopped monitoring due to too many failures. *Also note that /etc/monit.conf i........
  • Dovecot Enable SSL/TLS with your certificate


    Dovecot enable SSL (by default it uses an old expired cert if you choose pop3s and imaps as protocols) =================== Create Cert & Key: openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key mkdir /etc/mailssl chmod 700 /etc/mailssl cp server.* /etc/mailssl Edit /etc/dovecot.conf ssl_cert_file = /etc/mailssl/server.crt s........
  • Installing Webmin & Enabling SSL


    Webmin Setup Centos 5: wget http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html&ts=1294339690&use_mirror=surfnet [1] 24229 [2] 24230 [root@host ~]# --2011-01-06 21:48:20-- http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html Resolving downloads.sourceforge.net... 216.34.181.........
  • SSH delay problem UseDNS and disabling GSSAPI does not help


    The normal solution doesn't help or apply here: ssh -v user@192.168.5.41 OpenSSH_4.3p2 Debian-9etch3, OpenSSL 0.9.8c 05 Sep 2006 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.5.41 [192.168.5.41] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: i........
  • Ubuntu/Debian DRBD 8.0 Setup Guide


    I've only used it on Centos, soI thought I'd make a quick Debian guide: Install the DRBD Package apt-get install drbd8-utils Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: libswfdec-0.8-0 Use 'apt-get autoremove' to remove them. The following........
  • Nautilus/GNOME File Manager handy list of extensions


    nautilus-gksu - privilege granting extension for nautilus using gksu nautilus-sendto - integrates Evolution and Pidgin into the Nautilus file manager nautilus-share - Nautilus extension to share folder using Samba nautilus-actions - nautilus extension to configure programs to launch nautilus-bzr - Bazaar (bzr) integration for nautilus nautilus-cd-burner - CD Burning front-end for Nautilus nautilus-clamscan - Antivirus scanning for Nautilus n........
  • VirtualBox/VBOX Centos 5.5 Installation Kernel Freeze Problem "NET: Registered protocol family 2" And Solution


    NET: Registered protocol family 2 The above is the last thing that I ever saw, I tried pci=routeirq etc.. and it wouldn't work. The solution is to enable IOAPIC in the VBOX Settings Just enable "IOAPIC" in the settings for your Centos Guest and you'll find the kernel boots just fine. I wonder if a physical system might stall in this same way if the BIOS has IOAPIC disabled which many people do as a troubleshooting method. ........
  • FUSE/Curlftpfs mount ftp account as drive partition in Linux


    This is a great way to use your ftp server space, for example on your web hosting account (althoughI believe many hosts don't allow storage like this), but if you have a VPS/Dedicated Server etc.., this would be perfect. Imagine how easy it is to work with an ftp account that you can just mount as a normal partition or directory in Linux, it would be great for backups etc.. Name curlftpfs - mount a ftp host as a local directory Synopsis........
  • XMPP Chat Protocol using Jabber - Guide Tutorial Setup Linux Chat Server


    In Debian based distros: apt-get install jabber Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: fakeroot dkms Use 'apt-get autoremove' to remove them. The following extra packages will be installed: jabber-common The following NEW packag........
  • Picking an FTPD (vsftpd) Server in Linux Centos/Debian


    I decided on using yum to help me decide even though I normaly use proftpd I decided to see what else I could find. yum search ftp Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * rpmforge: ftp-stud.fht-esslingen.de * base: mirrors.netdna.com * updates: updates.interworx.info * addons: yum.singlehop.com * extras: mirrors.netdna.com rpmforge........
  • Need identd for port 113 ? Install authd


    Need identd for port 113 ? Install authdyum install authd Happy identing :)Actually it's not that simple. It installs as an "xinetd" service and is disabled and turned off by deafult. To enable it run: [code:1:8c94df8319] chkconfig --level 3 auth on service xinetd restart [/code:1:8c94df8319] This will set identd aka authd to start by default. service xinetd resta........
  • Basic Port Listing


    Basic Port ListingHopefully someone finds this useful or at least interesting. http://www.sans.org/top20/#u9 Name Port Protocol Description Small services ........
  • Latest Articles

  • How To Add Windows 7 8 10 11 to GRUB Boot List Dual Booting
  • How to configure OpenDKIM on Linux with Postfix and setup bind zonefile
  • Debian Ubuntu 10/11/12 Linux how to get tftpd-hpa server setup tutorial
  • efibootmgr: option requires an argument -- 'd' efibootmgr version 15 grub-install.real: error: efibootmgr failed to register the boot entry: Operation not permitted.
  • Apache Error Won't start SSL Cert Issue Solution Unable to configure verify locations for client authentication SSL Library Error: 151441510 error:0906D066:PEM routines:PEM_read_bio:bad end line SSL Library Error: 185090057 error:0B084009:x509 certif
  • Linux Debian Mint Ubuntu Bridge br0 gets random IP
  • redis requirements
  • How to kill a docker swarm
  • docker swarm silly issues
  • isc-dhcp-server dhcpd how to get longer lease
  • nvidia cannot resume from sleep Comm: nvidia-sleep.sh Tainted: Linux Ubuntu Mint Debian
  • zfs and LUKS how to recover in Linux
  • [error] (28)No space left on device: Cannot create SSLMutex Apache Solution Linux CentOS Ubuntu Debian Mint
  • Save money on bandwidth by disabling reflective rpc queries in Linux CentOS RHEL Ubuntu Debian
  • How to access a disk with bad superblock Linux Ubuntu Debian Redhat CentOS ext3 ext4
  • ImageMagick error convert solution - convert-im6.q16: cache resources exhausted
  • PTY allocation request failed on channel 0 solution
  • docker error not supported as upperdir failed to start daemon: error initializing graphdriver: driver not supported
  • Migrated Linux Ubuntu Mint not starting services due to broken /var/run and dbus - Failed to connect to bus: No such file or directory solution
  • qemu-system-x86_64: Initialization of device ide-hd failed: Failed to get