We need to place the script to add tomcat to start automatically upon reboot inside the init.d directory. Follow the below steps: cd etc/init.d/ touch tomcat vi tomcat Modify the java version and path as required marked in red in the content which will be pasted in tomcat file, and also the home directory where tomcat start… Read More »
THREAT TRACE and TRACK are two HTTP methods used to debug web applications. These methods could be used by malicious users to perform Cross-site Tracing attacks which are used to bypass authentication token protections. httpd server is vulnerable to TRACE requests and this needs to be remedied, We need to disallow http trace requests in… Read More »
Details of the Vulnerability THREAT: The user ((local service account) has blank password in the shadow file, which allows to connect to the system without entering a password. IMPACT: An attacker may connect to the system by knowing just the username. SOLUTION: Set a password for the user(local service account). ( Many companies security policy… Read More »
This vulnerability allows a attacker to decrypt ciphertext using a padding oracle side-channel attack. POODLE affects Secure Socket Layer (SSL) version 3.0. It does not affect Transport Layer Security (TLS). To remediate this vulnerability SSL 3.0 should be disabled To check if your server is vulnerable follow the below steps Make a script file say… Read More »
Step by step tutorial to install OpenVPN on redhat/centos 6.X servers in the Amazon EC2 Cloud. Login to the Amazon EC2 Cloud Install the following # yum install gcc make rpm-build autoconf.noarch zlib-devel pam-devel openssl-devel -y Next download LZO RPM and the repo RPMForge has to be configured # wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm Prior to adding correct… Read More »
Steps required to login to Linux Servers in Amazon EC2 as a root user. By default root is not allowed to login to Amazon EC2, but you can login as ec2-user as indicated in the steps below. Once you login with ec2-user you can switch to root. Step 1 – Download putty from – http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html… Read More »
In our previous session we have seen what is Linux and history of Linux In today’s session we shall see what is a Linux Shell, Linux Architecture & Linux Directory Structure. Linux Shell Shell is a user program Shell is a environment provided for user interaction. Theoretically speaking Shell is a language interpreter that executes… Read More »
We shall start from Linux Administration ( Fundamentals) What is Linux Linux is an operating system, unlike other operating systems. We shall see how it is different from other operating systems. Linux is free Linux is portable to any hardware platform Linux was made to keep running on and on Linux is secure and versatile Linux… Read More »
Yum Detailed configuration according to specific requirement: Introduction: YUM (Yellowdog Updater Modifier) is the package manager which contains the RPM package files for Linux. RPM package file is a Red Hat Package Manager file that enables easy software installation on Red Hat/CentOS Linux. YUM Repositories hold RPM package files and enable download and installation of… Read More »
You have subscribed to a cloud service and build a Linux Virtual Machine (VM) from an existing image on the cloud …now you need to connect to your linux machine using a putty ( ssh client)…but most of the could providers provide a private key with the .pem extension which putty cannot authenticate directly as… Read More »