Category: Linux

  • Microsoft Acquires GitHub, Migrate to GitLab

    Microsoft on 4th June 2018 announced it reached agreement to acquire GitHub, worlds largest git repository hosting site used by developers. Under the terms of the agreement, Microsoft will acquire GitHub for $7.5 billion in Microsoft stock.

    Git is an open source version control software created by Linus Torvalds, then creator of Linux. Linux kernel developers were using a version control software called BitKeeper, a proprietary closed source version control system. BitKeeper was licensed free of charge to Linux Open source community, later this license was revoked, that made Linus Torvalds make his own version control software GIT. Now GIT is most popular version control software, BitKeeper is almost dead and the company made it open source on GitHub. Maybe a sweet revenge from Git, if BitKeeper did not revoke the license to Linux community, never would have never happened and maybe everyone will be using BitKeeper now.

    Until recently Microsoft had very bad relation with Open Source community. In 2001, in an interview with the Chicago Sun-Times, Microsoft CEO Steve Ballmer said that “Linux is a cancer that attaches itself in an intellectual property sense to everything it touches”. Microsoft used it patents against small and large companies using Linux, force them to settlement. Small companies usually don’t have financial freedom to fight Microsoft in court always goes for settlement, purchase whatever license Microsoft ask them to purchase.

    Recently Microsoft started loving Linux because they realised they can’t kill Linux. With cloud, containers, mobile devices and IoT Linux is seeing explosive growth, taking away market share from Microsoft. They see no other way other than loving Linux and making windows work like linux.

    GitHub being largest software repository, its very valuable for Microsoft. Many small and medium business keep their software in private repository in GitHub. Now Microsoft have access to those software repositories. They can also use GitHub to track software trends.

    Many software developers are moving to GitHub alternatives. Here are some popular alternatives.

    GitLab

    GitLab is open source git hosting platform written in Ruby On Rails, similar to GitHub. Private repository is free with GitLab, on GitHub, you need to pay for private repository.

    Many open source organisations prefer using GitLab because it is open source, allow them to modify GitLab to suit their work flow. Recently GNOME project moved to GitLab.

    With GitHub, you don’t get the freedom to make custom modifications or workflows. Since GitLab is Open Source, there is no vendor lock in, you can migrate to another software with out much problem.

    GitLab have hosted open like GitHub and also self hosted option, that you can run on any Linux server. You can find more at

    https://about.gitlab.com

    If you want to install GitLab on VPS or Dedicated Server, email us at admin@serverok.in

    BitBucket

    BitBucket is another GIT hosting platform. You can create private repository free in BitBucket. It is closed source.

    BitBucket is ready to take GitHub users with its Home page update, welcoming GitHub users.

    https://bitbucket.org

  • Install unrar on Linux

    To install unrar on Ubuntu, run

    apt install -y unrar

    On CentOS/RHEL

    yum install unrar

    To install from source, download latest version from

    https://www.rarlab.com/download.htm

    cd /usr/local/src
wget https://www.rarlab.com/rar/rarlinux-x64-5.6.b5.tar.gz
tar zxvf rarlinux-x64-5.6.b5.tar.gz
cd rar
cp rar unrar rar_static /usr/bin

    Extract a rar file

    unrar x FILE_NAME.rar

    Extract a rar file to specific folder

    unrar x FILE_NAME.rar FOLDER_NAME

  • Adding IP Range in CentOS 6

    To add an IP range in CentOS 6 server, create file

    vi /etc/sysconfig/network-scripts/ifcfg-eth0-range0

    Add

    IPADDR_START=67.198.150.171
IPADDR_END=67.198.150.174
CLONENUM_START=0

    Replace IP with your actual start and end IP.

    Restart network service with

    service network restart

  • gpg: failed to start the dirmngr

    When i add a key with apt-key command, i get error

    root@ip-172-31-47-128:~# apt-key adv –recv-keys –keyserver keys.gnupg.net E1F958385BFE2B6E
    Executing: /tmp/apt-key-gpghome.0BP6Ro2t54/gpg.1.sh –recv-keys –keyserver keys.gnupg.net E1F958385BFE2B6E
    gpg: failed to start the dirmngr ‘/usr/bin/dirmngr’: No such file or directory
    gpg: connecting dirmngr at ‘/tmp/apt-key-gpghome.0BP6Ro2t54/S.dirmngr’ failed: No such file or directory
    gpg: keyserver receive failed: No dirmngr
    root@ip-172-31-47-128:~#

    To fix this, run

    apt -y install dirmngr

    Once installed, apt-key command worked properly.

    root@ip-172-31-47-128:~# apt-key adv –recv-keys –keyserver keys.gnupg.net E1F958385BFE2B6E
    Executing: /tmp/apt-key-gpghome.BLNQkuFGIQ/gpg.1.sh –recv-keys –keyserver keys.gnupg.net E1F958385BFE2B6E
    gpg: key E1F958385BFE2B6E: public key “X2go Debian/Ubuntu Packaging ” imported
    gpg: Total number processed: 1
    gpg: imported: 1
    root@ip-172-31-47-128:~#

    See Install x2go server in Debian 9

  • Install Remote Desktop in Debian/Ubuntu

    To install and use Linux remote server as desktop, first install lite weight desktop environment like XFCE on your server.

    apt update
apt install xfce4 -y

    Install XRDP

    apt install xrdp

    You need to create a user to be used for desktop.

    useradd -m -s /bin/bash desktop

    Set password for the user

    passwd desktop

    Now login as this user and create .xsession file.

    su - desktop
echo xfce4-session >~/.xsession

    Exit out of this user 

    exit

    Restart XRDP

    service xrdp restart

    Now you will be able to connect to this server with any RDP client like you connect to Windows Server (Windows Remote Desktop).

  • Desktop

  • Security

    ZAP Attack Proxy – open source software to detect vulnerability.
    Disable PHP insecure functions with disable_functions
    Find IP with Most Access from Apache Log
    Monitor file changes in your Website
    inotifywait
    Stop xmlrpc.php attack on Cpanel Server
    Stop SSH bruteforce with endlessh
    https://suricata.io

    Check for hacker files

    find ./ -name '*.php' -exec grep 'Spy Shell' {} \; -print
find ./ -name '*.php' -exec grep 'system(' {} \; -print
find ./ -name '*.php' -exec grep 'exec(' {} \; -print
find ./ -name '*.php' -exec grep 'passthru(' {} \; -print

    Disable PHP Files on Upload folder

    
deny from all

  • Disable PHP insecure functions with disable_functions

    When hacking vulnerable web sites, hackers use PHP functions that allow program execution or disk access to get access to server.

    Some most commonly used functions are exec, shell_exec and system. These commands allow hackers to execute program as web server user. Most applications may not need these functions, so these functions can be safely disabled with out affecting functionality of your web site.

    To disable insecure functions, create a file php.ini with following content

    disable_functions = "exec,passthru,shell_exec,system,proc_open,popen,parse_ini_file,show_source"
allow_url_fopen = Off
allow_url_include = Off

    If you have dedicated server or VPS, you can disable these functions server wide by editing php.ini of your server.

    Once change is made, make sure it is working properly by checking phpinfo page.

  • Install MongoDB 4 on CentOS 7

    Create file

    vi /etc/yum.repos.d/mongodb-org-4.0.repo

    Add 

    [mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/testing/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc

    Install MongoDB with

    yum install -y mongodb-org

    Set MongoDB to start on boot.

    chkconfig mongod on

    Start MongoDB

    service mongod start

  • Enable Gzip in Amazon Linux

    To verify Apache module is loaded, run 

    [root@ip-172-31-29-220 ~]# apachectl -M | grep deflate
 deflate_module (shared)
[root@ip-172-31-29-220 ~]#

    Create file

    vi /etc/httpd/conf.d/gzip.conf

    Add following content

    
  # Restrict compression to these MIME types
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE application/xhtml+xml
  AddOutputFilterByType DEFLATE text/xml
  AddOutputFilterByType DEFLATE application/xml
  AddOutputFilterByType DEFLATE application/xml+rss
  AddOutputFilterByType DEFLATE application/x-javascript
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE image/png
  AddOutputFilterByType DEFLATE image/gif
  AddOutputFilterByType DEFLATE image/jpeg

  # Level of compression (Highest 9 - Lowest 1)
  DeflateCompressionLevel 9

  # Netscape 4.x has some problems.
  BrowserMatch ^Mozilla/4 gzip-only-text/html

  # Netscape 4.06-4.08 have some more problems
  BrowserMatch ^Mozilla/4\.0[678] no-gzip

  # MSIE masquerades as Netscape, but it is fine
  BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html

  
    # Make sure proxies don't deliver the wrong content
    Header append Vary User-Agent env=!dont-vary

    Restart Apache with

    service httpd restart

    To verify gzip is working, run

    curl -I -H 'Accept-Encoding: gzip,deflate' http://YOUR-SITE-URL/ 2>/dev/null | grep gzip

    You will see something like

    NOTE: gzip compression only works if you have a reasonably large file. If your file is very small, then gzip won’t do anything.

    See gzip

  • Install Google Chrome in Ubuntu

    To install Google Chrome Browser in Ubuntu, run

    wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
dpkg -i google-chrome-stable_current_amd64.deb
apt install -f

    Google Chrome

  • Download a site using SFTP

    To download all content of a web site using SFTP, use

    lftp sftp://USERNAME@IP_ADDR:22 -e 'mirror --verbose --use-pget-n=8 -c /remote/path/ /local/path/'

    You may encounter lftp Fatal error: Host key verification failed error if you have connected to this SFTP server before. In such case, just login to sevrer using SSH, this will add the key to your known_hosts file.

    In this example, i am downloading all files from SFTP server. I used . for remote path as i need everything on FTP home folder downloaded.

    SFTP download lftp

    See lftp