54 Search results

For the term "harden debian".

Some Bash Scripts to Manage Remote Server

Script to Update and Upgrade #! /bin/bash chmod 700 /usr/bin/apt-get chmod 700 /usr/bin/aptitude chmod 700 /usr/bin/dpkg swapoff -a chown username:username /home/username/* chmod 700 /home/username/* apt-get update && apt-get upgrade –show-upgraded -y Script to End session and Harden some critical files #! /bin/bash swapon -a chmod 000 /usr/bin/apt-get chmod 000 /usr/bin/aptitude chmod 000 /usr/bin/dpkg find /home/username/ -size 0 -exec rm '{}'...

Setup LAMP Server Debian 9 Apache 2.4 MarianDB Php 7

Prerequisite is a fresh remote server with Debian 9 Stretch installed and booted From remote terminal Block all traffic iptable -F iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP Create a User sudo useradd -d /home/username -m username Set the User’s Password sudo passwd username Add the User to the Admin Group sudo adduser username adm...

Fix 64 bit Google Talk Plugin Linux

Credit for this fix belongs here but I have copied it here for ease of access Download the 64-bit .deb from: http://www.google.com/tools/dlpage/res/talkvideo/hangouts/ Create a tmp dir: mkdir tmp Extract the contents of the .deb to the tmp dir: dpkg-deb -x google-talkplugin_current_amd64.deb tmp Extract the control files: dpkg-deb –control google-talkplugin_current_amd64.deb tmp/DEBIAN Fix the dependency: sed -i "s/lib32v4l-0/libv4l-0/" tmp/DEBIAN/control Repackage the .deb:...

Debian 7 Restart Network

Im using Debian Wheezy (7) desktop with DHCP. I had problems switching from wired to wireless and back, etc. I found that following other instructions did not work. The network will go down no problem;

Cubox-i2 Config Setup

Download Gunnar Wolf’s Debian Wheezy https://people.debian.org/~gwolf/ Also working: Ubuntu sudo dd if=ubuntu-oneiric-freescale.img of=/dev/mmcblk0 Android 4.3 sudo dd if=beta-11-dec-2013-i2.img of=/dev/mmcblk0 Not working: Debian Jesse sudo dd if=debian-jessi-4-july-2014.img of=/dev/mmcblk0 Copy to SDmicro sudo dd if=cubox.img of=/dev/mmcblk0 password for root is cubox-i #vi /etc/apt/sources.list #deb http://download.solid-run.com/pub/solidrun/cubox/repo/debian cubox main #deb-src http://download.solid-run.com/pub/solidrun/cubox/repo/debian cubox main vi /etc/network/interfaces auto lo iface lo inet loopback allow-hotplug eth0 iface...

Systemd ssh Reverse Tunnel on Debian 9 Stretch

I have used rc.local for years to setup an ssh reverse tunnel on boot under Debian up until Stretch. Now like many others I imagine, I’ve had to convert to systemd. I read everything I could about the choice for deprecating rc.local for systemd. I can say that systemd may be powerful, but systemd’s complexity entails a huge learning-curve for...

Customize Debian Linux grub2

I wanted to remove the splash image while booting Debian 7 Wheezy and watch the code execute, while also use the full screen resolution.

How To Fix a missing eth0 adapter after moving HDD from one machine to another

Debian/Ubuntu Linux : How To Fix a missing eth0 adapter after moving HDD from one machine to another. Explanation : Debian and Ubuntu write the MAC address of the ethernet adapter to a file that prevents the eth card in the new machine from being recognized. Delete the lines in this persistent-net.rules file and upon reboot, linux will see the...

Start Reverse Tunnel on boot using autossh for Debian 7

As usual, most of the how-to guides out there are too brief (I’m guilty) or apply to other distros: This works on Linux Debian 7 all-around, and this is a complete how to. It works. You just have to follow a very long thread. No A.D.D. here! We will create a Persistent Reverse SSH Tunnel between 2 machines using autossh....

Checklist when rc.local does not run on boot on Debian 7 Wheezy

Checklist when rc.local does not run on boot on Debian 7 Wheezy Make sure file is located /etc/rc.local Permissions root:root 755 The shebang is in place in the first line #!/bin/sh -e You bash script has a . and full path ./home/me/myscript.sh The last line must be exit 0

Harden Debian 7 Server with PSAD

Install Port Scan Attack Detector on Debian 7 Server sudo apt-get install psad sudo vi /etc/psad/psad.conf change these lines EMAIL_ADDRESSES me@seleads.com; HOSTNAME my.seleads.com; HOME_NET NOT_USED; ALERTING_METHODS noemail; IPT_SYSLOG_FILE /var/log/syslog; EMAIL_LIMIT_STATUS_MSG N; ENABLE_AUTO_IDS Y; AUTO_IDS_DANGER_LEVEL 2; AUTO_BLOCK_TIMEOUT 2592000; ENABLE_AUTO_IDS_EMAILS N; Restart psad psad -R psad –sig-update psad -H sudo vi /etc/cron.hourly/save-bad-ips #!/bin/sh PATH=/usr/share:/usr/sbin:/usr/bin:/sbin:/bin /sbin/iptables-save -c > /tmp/iptables-save.txt #echo “SELECT lockdown_IP FROM...

Debian Environment Variables

And then I lived happily ever after – Fixed – BASH scripts executed from a user as sudo, resulted in the root ownership. In other words, a backup script executed by user became the property of root