LXD Update Script

Simple shell script wrapper to update all lxd container hypervisor images running Debian or Ubuntu Linux. Run the below script on the host of your lxd server to update all the lxd containers running Ubuntu or Debian. Could be modified to suit CentOS/RedHat OS and/or you container OS of choice.

Script:

#!/bin/bash
# A simple shell script to update all lxd container hypervisor
# URL: https://bash.cyberciti.biz/virtualization/shell-script-to-update-all-lxd-container-hypervisor/
# Tested on : Ubuntu 16.04 LTS lxd server
# Tested on : Ubuntu/Debian lxd container hypervisor only
# ----------------------------------------------------------------------------
# Author: nixCraft
# Copyright: 2016 nixCraft under GNU GPL v2.0+
# ----------------------------------------------------------------------------
# Last updated 14 Aug 2016
# ----------------------------------------------------------------------------
# Set full path to bins
_apt="/usr/bin/apt-get"
_lxc="/usr/bin/lxc"
_awk="/usr/bin/awk"
# Get containers list
clist="$(${_lxc} list -c ns | ${_awk} '!/NAME/{ if ( $4 == "RUNNING" ) print $2}')"
# Use bash for loop and update all container hypervisor powered by Debian or Ubuntu
# NOTE: for CentOS use yum command instead of apt-get
for c in $clist
do
echo "Updating Debian/Ubuntu container hypervisor \"$c\"..."
${_lxc} exec $c ${_apt} -- -qq update
${_lxc} exec $c ${_apt} -- -qq -y upgrade
${_lxc} exec $c ${_apt} -- -qq -y clean
${_lxc} exec $c ${_apt} -- -qq -y autoclean
done

Reference:
https://bash.cyberciti.biz/virtualization/shell-script-to-update-all-lxd-container-hypervisor/

 

Reset Juniper SSG firewall password

If you are faced with not knowing the admin password for a Juniper SSG based firewall, you can reset to factory defaults. Ideally you should have been backing up the configuration and keeping your password safe with a password manager – if not and/or you have been provided with  an SSG or purchased from Ebay etc read on….

Console Cable Option:

  1. Connect via Console cable.
  2. Login with the serial number of the SSG as the username and password.
  3. You can reset the firewall to factory defaults.

Connect a network cable to Ethernet 0/0 and login via your browser to:

http://192.168.1.1
Username: netscreen
Password: netscreen

Reset the unit with reset pin:

Push and hold the pinhole on the Juniper. The status LED will turn to a blinking amber so KEEP holding, and when it turns to blinking green, release the pinhole. After 1 second, push and HOLD the pinhole again. The LED will turn to blinking red so KEEP holding until the status LED turns to solid amber or solid green, release right away and wait for the device to reset and come back – give it five minutes.
Then connect to it as described above http://192.168.1.1

LSOF Utility and Commands

The lsof command is very handy and all Linux/Unix sysadmins should know abouyt it and make more use of it, here are some further details and examples.

(From Wikipedia) – lsof is a command meaning “list open files”, which is used in many Unix-like systems to report a list of all open files and the processes that opened them. This open source utility was developed and supported by Victor A. Abell, the retired Associate Director of the Purdue University Computing Center. It works in and supports several Unix flavors.

Useful Commands:

List all network connections:

 sudo lsof -i 

SSH:

sudo lsof -i:22
sudo lsof -c ssh

List all network files in use by a specific process:

 sudo lsof -i -a -p 1278 

List processes which are listening on a particular port:

 sudo lsof -i :25 

List all TCP or UDP connections:

 sudo lsof -i tcp; lsof -i udp; 

List processes which opened a specific file:

 lsof /var/log/syslog 

List opened files under a directory:

 lsof +D /var/log/ 

List opened files based on process names starting with:

 lsof -c ssh -c init 

List processes using a mount point:

 sudo lsof /home 

List files opened by a specific user:

 lsof -u keith 

What commands is user Keith using:

 sudo lsof -i -u keith 

List all open files by a specific process:

 lsof -p 1278 

Kill all process that belongs to a particular user:

 kill -9 `lsof -t -u keith` 

 

SSL Server Test

Qualys SSL Server Test is free online service that performs a deep analysis of the configuration of any SSL web server on the public Internet.

https://www.ssllabs.com/ssltest/

To configure Apache and Nginx with acceptable protocols TLS settings follow these guides, they will provide a better score on the above Qualys rating and make your SSL site more secure.

 

Penetration Testing Tools Cheat Sheet

Penetration testing tools cheat sheet, a quick reference high level overview for typical penetration testing engagements. Designed as a quick reference cheat sheet providing a high level overview of the typical commands you would run when performing a penetration test. For more in depth information I’d recommend the man file for the tool or a more specific pen testing cheat sheet.

Site and other tools from: https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/

netdata real-time performance monitoring for Linux

Netdata is a real-time performance monitoring solution.

Unlike other solutions that are only capable of presenting statistics of past performance, netdata is designed to be perfect for real-time performance troubleshooting.

Netdata is a linux daemon you run, which collects data in realtime (per second) and presents a web site to view and analyze them. The presentation is also real-time and full of interactive charts that precisely render all collected values.

Netdata has been designed to be installed on every system, without disrupting the applications running on it:

  • It will just use some spare CPU cycles (check Performance).
  • It will use the memory you want it have (check Memory Requirements).
  • Once started and while running, it does not use any disk I/O, apart its logging (check Log Files). Of course it saves its DB to disk when it exits and loads it back when it starts.
  • You can use it to monitor all your systems and applications. It will run on Linux PCs, servers or embedded devices.

Out of the box, it comes with plugins that collect key system metrics and metrics of popular applications.

Available here: https://github.com/firehol/netdata

HTTP Evader – Automate Firewall Evasion Tests

If you are behind a firewall (today often known marketed as IPS, NGFW or UTM) which claims to protect you from malware you might want to verify these claims. HTTP Evader provides you with a way to automatically test how your firewall deals with situations where the malware hides in rare or invalid responses from the web server. Lots of highly praised firewalls fail to detect malware in this cases, which means they fail to protect you properly. Please note that this is not about bypassing web application firewalls (WAF) which protect a web server but about bypassing firewalls which should protect the client (browser). It is also not about bypassing URL filters.

The following tests try to transfer the EICAR test virus to you using differently shaped responses of the web server. This official test virus should be detected by any antivirus solution but does not do any harm.

To find out if you are vulnerable simply point your browser to the HTTP Evader test site. Before you report any problems to your firewall vendor please read the section about false positives and verify that the detected evasion is really possible.

http://noxxi.de/research/http-evader.html

400+ Free Resources for DevOps & Sysadmins

In 2014 Google indexed 200 Terabytes of data (1 T of data is equal to 1024 GB, to give you some perspective). And, it’s estimated that Google’s 200 TB is just .004% of the entire internet. Basically the internet is a big place with unlimited information.

So in an effort to decrease searching and increase developing, Morpheus Data published this massive list of free resources for DevOps engineers and System Admins, or really anyone wanting to build something useful out of the internet.

All these resources are free, or offer some kind of free/trial tier. You can use any/all of these tools personally, as a company, or even suggest improvements (in the comments). It’s up to you.

If you find this list useful, please share it with your DevOps/SysAdmin friends on your favorite social network, or visit Morpheus Data to learn how you can 4x your application deployment.

http://www.nextbigwhat.com/devops-sysadmin-tools-resources-297/?_utm_source=1-2-2

ls-httpd

ls-httpd utility for WebServer Logs is very handy.

ls-httpd type count|time [log_file]
  • ls-httpd url 1000
    will find top URLs in the last 1000 access log entries
  • ls-httpd ip 1000
    will find top IPs in the last 1000 access log entries
  • ls-httpd agent 1000
    will find top user agents in the last 1000 access log entries
  • ls-httpd url 17:
    will find top URLs from 17:00:00 to 17:59:59
  • ls-httpd url 17:2
    will find top URLs from 17:20:00 to 17:29:59
  • ls-httpd url 17
    will find top URLs in the last 17 access log entries 🙂

Reference and Download:
https://github.com/zyxware/misc-utils/blob/master/ls-httpd/ls-httpd