Nix

SSLgate and F5 Bigip profiles

0

Over the last year, hopefully you haven’t been under a rock and have been aware of all the issues with SSL attacks. I’m sure this post will be outdated, and it isn’t the end-all and be all of fixing this, but it may help someone.

In the SSL profile section on the big ip, use the following:

DEFAULT:TLSv1:TLSv1_2:!LOW:!SSLv3:!SSLv2:!RC4

This allows the default as set on your F5, allow TLS v1, TLS v1.2 and disallows SSLV3, SSLV2 and RC4. There are of course other vulns out there!

disk cloning

0

If you use linux, you must have run into the dd command at some point in time.

On most distributions, dd and ddrescue come standard, and with these simple tools, you can zero a disk partition or even copy a disk directly.

For example, in order to copy a disk using dd:


$ dd if=/dev/sda of=/dev/sdb 

or


$ ddrescue -v --force /dev/sda /dev/sdb

I prefer the second as it will show you the current status.

Other options include using a clonezilla cd which works on multiple platforms, and also allows you to boot to a shell and issue the above commands if needed.

Editting .cpp files in vim with syntax highlighting

0

Since I do a lot of editing in vim, and I, like many other coders would rather see highlighted syntax instead of plain text. The quick and dirty tip is to issue the following command:

:set syn=cpp since in my case i’m using c++, except for the glomosim network simulator, the file extension is .pc

Hope this helps someone out there.

Plesk, Centos and CDP Server Enterprise Edition

0

So recently doing some work for a client that has a Centos machine that runs Plesk. After having some trouble getting the correct kernel headers etc, I ended up contacting cdp (r1soft). Thankfully they had a repository setup.

In /etc/yum.repos.d/ create a new repo file with the contents:
[r1soft]
name=R1Soft Repository Server
baseurl=http://repo.r1soft.com/yum/stable/$basearch/
enabled=1
gpgcheck=0

then yum update && yum install r1soft-cdp-enterprise-agent

you should see something along the lines of:

[root@p2 yum.repos.d]# yum update
Loaded plugins: rhnplugin, security
This system is not registered with RHN.
RHN support will be disabled.
r1soft | 951 B 00:00
r1soft/primary | 97 kB 00:00
r1soft 1034/1034
Skipping security plugin, no data
Setting up Update Process
No Packages marked for Update
[root@XX yum.repos.d]# yum install r1soft-cdp-enterprise-agent
Loaded plugins: rhnplugin, security
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package r1soft-cdp-enterprise-agent.x86_64 0:3.10.0-13679 set to be updated
–> Processing Dependency: r1soft-cdp-agent >= 3.10.0 for package: r1soft-cdp-enterprise-agent
–> Processing Dependency: r1soft-setup >= 3.10.0 for package: r1soft-cdp-enterprise-agent
–> Running transaction check
—> Package r1soft-cdp-agent.x86_64 0:3.10.0-13679 set to be updated
–> Processing Dependency: r1soft-cdp-async-agent-2-4 >= 3.10.0 for package: r1soft-cdp-agent
–> Processing Dependency: r1soft-cdp-async-agent-2-6 >= 3.10.0 for package: r1soft-cdp-agent
—> Package r1soft-setup.x86_64 0:3.10.0-13679 set to be updated
–> Running transaction check
—> Package r1soft-cdp-async-agent-2-4.x86_64 0:3.10.0-13679 set to be updated
—> Package r1soft-cdp-async-agent-2-6.x86_64 0:3.10.0-13679 set to be updated
–> Finished Dependency Resolution

Dependencies Resolved

================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
r1soft-cdp-enterprise-agent x86_64 3.10.0-13679 r1soft 2.9 k
Installing for dependencies:
r1soft-cdp-agent x86_64 3.10.0-13679 r1soft 4.9 M
r1soft-cdp-async-agent-2-4 x86_64 3.10.0-13679 r1soft 3.8 M
r1soft-cdp-async-agent-2-6 x86_64 3.10.0-13679 r1soft 3.2 M
r1soft-setup x86_64 3.10.0-13679 r1soft 933 k

Transaction Summary
================================================================================
Install 5 Package(s)
Upgrade 0 Package(s)

Total download size: 13 M
Is this ok [y/N]: y
Downloading Packages:
(1/5): r1soft-cdp-enterprise-agent-3.10.0.x86_64.rpm | 2.9 kB 00:00
(2/5): r1soft-setup-3.10.0.x86_64.rpm | 933 kB 00:03
(3/5): r1soft-cdp-async-agent-2-6-3.10.0.x86_64.rpm | 3.2 MB 00:04
(4/5): r1soft-cdp-async-agent-2-4-3.10.0.x86_64.rpm | 3.8 MB 00:08
(5/5): r1soft-cdp-agent-3.10.0.x86_64.rpm | 4.9 MB 00:07
——————————————————————————–
Total 547 kB/s | 13 MB 00:24
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : r1soft-setup 1/5
Installing : r1soft-cdp-async-agent-2-4 2/5
Installing : r1soft-cdp-async-agent-2-6 3/5
Installing : r1soft-cdp-agent 4/5
/etc/init.d/cdp-agent stop: cdp (no pid file) not running
Attempting to get a kernel module from ‘krnlbld.r1soft.com’

Module downloaded successfully.
/etc/init.d/cdp-agent start: cdp started
Installing : r1soft-cdp-enterprise-agent 5/5

Installed:
r1soft-cdp-enterprise-agent.x86_64 0:3.10.0-13679

Dependency Installed:
r1soft-cdp-agent.x86_64 0:3.10.0-13679
r1soft-cdp-async-agent-2-4.x86_64 0:3.10.0-13679
r1soft-cdp-async-agent-2-6.x86_64 0:3.10.0-13679
r1soft-setup.x86_64 0:3.10.0-13679

Complete!

There we go, no fiddling with their RPMs and source code and trying to install kernel header files.

Glomosim edit scripts

0

glomosim

APT pubkey error

0

apt-get update showed that the new key wasnt apart of the current keyring.


W: GPG error: http://security.debian.org etch/updates Release: The following sig                                                                             natures couldn’t be verified because the public key is not available: NO_PUBKEY                                                                              9AA38DCD55BE302B
W: GPG error: http://http.us.debian.org etch Release: The following signatures c                                                                             ouldn’t be verified because the public key is not available: NO_PUBKEY 9AA38DCD5                                                                             5BE302B


Add the key:

# gpg –keyserver wwwkeys.eu.pgp.net –recv-keys 9AA38DCD55BE302B
# gpg –armor –export 55BE302B | apt-key add –

Go to Top