Linux – Recording your terminal with showterm

resource: https://showterm.io/#use

Install

There are two ways to install showterm. The recommended way is to use ruby:

  • gem install showterm

This works for all Mac users, and Linux users with ruby configured correctly.

If you are a Linux user who does not have ruby configured correctly, you can install showterm with:

  • curl showterm.io/showterm > ~/bin/showterm
  • chmod +x ~/bin/showterm

Use

If you have installed showterm, you can just run it:

  • showterm [program to run]

If [program to run] is omitted it defaults to your shell (usually bash)

If you have not installed showterm, you can run the standalone version:

  • bash <(curl record.showterm.io)

Each termshow gets its own link. You can add hash-fragments to customize playback,

access the site over https,

RED HAT – Change HostName in RHEL7

source: http://www.itzgeek.com/how-tos/linux/centos-how-tos/change-hostname-in-centos-7-rhel-7.html#axzz3XOGi4lTn

 After installing the CentOS 7 on my server, i tried to change host name by modifying the /etc/sysconfig/network; it did not take an effect of the modification. Even after multiple reboot of server, the host name remains localhost.localdomain. The procedure to change the host name in CentOS 7 is now totally different from the previous version, this guide will help you to setup the host name on CentOS 7 / RHEL 7.

CentOS 7 supports three class of Host Names:

Static – The static host name is traditional host which can be chosen by the user and is stored in /etc/hostname file.

Transient – The transient host name is maintained by kernel and can be changed by DHCP and mDNS.

Pretty – It is a free form UTF -8 host name for the presentation to the user.

HostName can be,

  • 64 character in a length
  • Recommend to have FQDN
  • Consists of a-z,A-Z, 0-9, “-”, “_” and “.” only

How to Change:

Before changing the host name, lets check the current host name.

[root@localhost ~]# hostname
localhost.localdomain

1. nmtui tool:

NetworkManaget tool is used to set the static host name in /etc/hostname file.

nmtui -Select Set HostName
nmtui -Select Set HostName

Set the host name.

nmtui - Change HostName 2
nmtui – Change HostName 2

restart the hostnamed to force the hostnamectl to notice the change in static host name.

[root@localhost ~]# systemctl restart systemd-hostnamed

You can verify the change in host name.

[root@server ~]# hostname
server.itzgeek.com
[root@server ~]# cat /etc/hostname
server.itzgeek.com
[root@server ~]# cat /etc/sysconfig/network
# Created by anaconda
HOSTNAME=server.itzgeek.com

2. hostnamectl:

hostnamectl is used to change the host name, with this tool we can change all the three class of host name; here we look only static host name.

Check the current host name.

[root@server ~]# hostnamectl status
Static hostname: server.itzgeek.com
Icon name: computer-vm
Chassis: vm
Machine ID: 565ea8b749544aca9d5563308f9e4bc2
Boot ID: 5c979d9b5f754df8b75a4e3aeabf2bad
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-123.el7.x86_64
Architecture: x86_64

Set the hostname.

[root@server ~]# hostnamectl set-hostname client.itzgeek.com

Check the host name again (Close the session and open new session using putty or console)

[root@client ~]# hostnamectl status
Static hostname: client.itzgeek.com
Icon name: computer-vm
Chassis: vm
Machine ID: 565ea8b749544aca9d5563308f9e4bc2
Boot ID: 5c979d9b5f754df8b75a4e3aeabf2bad
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-123.el7.x86_64
Architecture: x86_64

If you use this command, you do not require to notify the change in host name. Close the current session and re launch the terminal.

3. nmcli tool:

It can be used to query and setup the static host name in /etc/hostname file.

Check the hostname.

[root@client ~]# nmcli general hostname
client.itzgeek.com

Change the host name.

[root@client ~]# nmcli general hostname server.itzgeek.com

restart the hostnamed to force the hostnamectl to notice the change in static host name.

[root@client ~]# systemctl restart systemd-hostnamed

4. Edit /etc/hostname

This is the simple, but requires a reboot of server to take an effect.

Note: Use the hostnamectl to change the host name, which fair better than other commands and does not require to update the kernel about the change in host name.

RED HAT – How to stop/start and disable/enable Firewall on Redhat 7

source: http://linuxconfig.org/how-to-stop-start-and-disable-enable-firewall-on-redhat-7-linux-system

The firewall on Redhat 7 Linux system is enabled by default. Normally there should not be a need to disable firewall but it may be quite handy for testing purposes etc. On Redhat 7 Linux system the firewall run as firewalld daemon. Bellow command can be used to check the firewall status:

[root@rhel7 ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
   Active: active (running) since Thu 2014-09-04 19:18:47 EST; 3 months 28 days ago
 Main PID: 539 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─539 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Sep 04 19:18:45 rhel7 systemd[1]: Starting firewalld - dynamic firewall daemon...
Sep 04 19:18:47 rhel7 systemd[1]: Started firewalld - dynamic firewall daemon.

From the above output we can see that the firewall is enabled, which means it will start automatically after reboot and that is also current active. Furthermore, or you can even check all currently applied rules with:

[root@rhel7 ~]# iptables-save

1. Stop and Start RHEL7 firewall

The firewall on Redhat 7 Linux system can be stopped by a following command:

[root@rhel7 ~]# service firewalld stop
Redirecting to /bin/systemctl stop  firewalld.service

Stopped firewall will start again after system’s reboot. To start firewall on Redhat 7 Linux system use:

[root@rhel7 ~]# service firewalld start
Redirecting to /bin/systemctl start  firewalld.service

2. Disable and Enable RHEL7 firewall

In order to completely disable RHEL7 firewall so it would no load after reboot run:

[root@rhel7 ~]# systemctl disable firewalld
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
rm '/etc/systemd/system/basic.target.wants/firewalld.service'

Now the firewall would not start after system’s reboot. To enable the firewall again run:

[root@rhel7 ~]# systemctl enable firewalld
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/basic.target.wants/firewalld.service'

AIX – How to find processes have listening on ports

LSOF:

$ lsof -i :50000
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
db2sysc 4128774 db2inst1 5u IPv6 0xf1000e00019f3bb8 0t0 TCP *:50000 (LISTEN)

NETSTAT:

# netstat -Aan | grep LISTEN | grep 50000
f1000e00019f3bb8 tcp4       0      0  *.50000              *.*                   LISTEN

How to remove this process:

# rmsock f1000e00019f3bb8 tcpcb
The socket 0xf1000e00019f3bb8 is being held by proccess 4128774(writesrv).

 

 

RED HAT – Bash Remote Code Execution (Shellshock) on RED HAT 4

Pessoal,

Para quem possui ambientes em Back Level, raramente irá encontrar pacotes com a solução para a vulnerabilidade de execução de códigos remotos através do bash. No meu caso, tenho diversos servidores com RED HAT 4 (em diversos níveis de patch), devido aos pré-requisitos das aplicações. Como não possuo o suporte estendido da RED HAT, tive que procurar outra forma de poder sanar este bug.

Segue o que fiz:

-> Teste de vulnerabilidade, caso apareça a palavra “vulnerable”, quer dizer que a versão do seu bash possui a vulnerabilidade informada:

env ‘x=() { :;}; echo vulnerable’ ‘BASH_FUNC_x()=() { :;}; echo vulnerable’ bash -c “echo test”

-> Baixe o pacote do repositório publico do Oracle Linux:

wget http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/x86_64/getPackage/bash-3.0-27.0.3.el4.x86_64.rpm

 

-> Envie o pacote para o servidor com a vulnerabilidade e atualize o pacote do bash:

rpm -Uvh bash-3.0-27.0.3.el4.x86_64.rpm

 

-> Execute novamente o teste de vulnerabilidade, o resultado deve ser semelhante a este:

bash: warning: x: ignoring function definition attempt

bash: error importing function definition for `BASH_FUNC_x’

test