Monday, 28 August 2017

How to set umask for a System User in RHEL/Centos

When user created a file or directory under in Centos/RHEL, the file or directory created with a default set of permissions. By default the file permission has 644 a directory created with 755 permissions, grants read, write, and execute permission to the owner and read and execute permission to groups and others.

How to set Daemon umask in RHEL/Centos

When a user creates a file or a directory under Linux, there is a set of default permission which is applied on those files and directory. These predefined permissions are assigned as per the value of default umask.

Saturday, 26 August 2017

How to disable Trace/Track in Apache/httpd

The TRACE method is enabled by default in an apache/httpd installation. This could expose server to certain Cross-Site Scripting attacks.  There are two methods directive and rewrite rule to disable the TRACE method. In this tutorial, we will show how to check for TRACE support on Apache2/httpd server using curl, and then disable if it is enabled.

Sunday, 20 August 2017

How to Disable Apache/httpd version/ ServerSignature

We can hide Apche/httpd to show versions and other information by adding two parameters ServerSignature and ServerTokens. By setting this ServerSignature off and ServerTokens Prod we restrict to display Apache/httpd version for clients.

Thursday, 17 August 2017

How to add Hibernate option to the Start Menu in Windows 10

By default the Hibernate option is not enabled in start menu power option. See the below screenshot:

How to: Enable and Disable the User accounts in Linux/Unix

There are different methods of locking a user account in Linux. This article explains how to lock or disable a user account by locking their passwords in Linux.

Wednesday, 16 August 2017

How to fix Authentication refused: bad ownership or modes for directory

While setup public key authentication if getting this error in /var/log/secure logs, the problem with permission on directory and files.

How to Setup NIC bonding in RHEL7/Centos7

NIC Bonding enables two or more network interfaces to act as one interface, to provide higher data rates and as well as link failover. Linux kernel features that allows aggregating multiple interfaces. This is a great way of achieving redundancy to a server. If one physical NIC is down or unplugged, it will automatically move resource to other NIC card.
In Linux network configuration files stored in /etc/sysconfig/network-scripts/ directory.

Tuesday, 15 August 2017

Secure boot loader (grub menu) with password in Centos 7/RHEL 7

Secure boot loader (grub menu) with password in Centos 7/RHEL 7

Below is the GRUB menu where we are planning to put the password so that no one logs in to single user mode without permission

As you can see by default anyone can press "e" and edit the grub menu to enter single user mode

Login as root and run the below command. When prompted, provide the grub password to be used
# grub-md5-crypt
Retype password:
Next edit the GRUB configuration file /etc/grub.conf and add a new entry as shown below after timeout parameter in the main section.
password --md5 <password-hash>
Replace <password-hash> with the value returned by grub-md5-crypt above

# less /etc/grub.conf
password --md5 $1$KYWqk1$cyrEcj8xXtctko70sSowx.
Next time the system boots, the GRUB menu does not allow access to the editor or command interface without first pressing p followed by the GRUB password.

Reboot and verify the changes

So now it does asks for the password we had set.

Let me know your success and failures.

How to: - Fix PHPMyAdmin 403 Forbidden Error

When we install phpmyadmin using yum in RHEL7/Centos7. By default phpmyadmin installed under /usr/share/phpmyadmin and the apache configuration file is located in /etc/httpd/conf.d/phpmyadmin.conf.

How to: Disable the HTTP TRACE Method

Most vulnerability scanners will complain about TRACE method being enabled on the web server tested.

Monday, 14 August 2017

RHEL 7.3 Could not detect disk array partition while installation

Installing Red Hat Enterprise Linux 7.3 on HP Dynamic Smart Array B120I SATA RAID.

How to disable directory browsing in Apache/httpd?

How can we disable building of directory index in httpd? One of the most important settings in Apache to secure Apache web server is to disable directory browsing. To prevent the server from showing a listing of the existing files in case there is no index in one folder.
Usually Apache comes with this feature enabled but it’s always a good idea to get it disabled unless you really need it.