Posts

Showing posts with the label Ubuntu

Scan Intranet for Windows PCs missing MS17-010 / WannaCry / NSA ETERNALBLUE patches

So you have used all you tricks to get MS17-010 fix deployed but how to confirm that every forgotten PC on your network is actually patched? We'll scan our intranet using Metasploit checking for this particular vulnerability. PCs with local firewall blocking SMB traffic will be missed, but those are not exploitable anyway due same firewall.

Backup VMware ESXi to Linux with ZFS

Lowest budget backups for your free VMware ESXi hypervisor.

Installing Ubuntu 14.04 LTS to Wyse Z90D7 Windows Terminal

I recently posted how to update Wyze Z90D7 to latest available Windows firmware. Which is far from usable. Let's see how Ubuntu works on this hardware. Actual flavour I picked is Lubuntu, but hardware support should be same for all. TL;DR: What a piece of shit this is, don't waste your time just toss it to bin already.

Running TFTP server on Ubuntu 14.04

# Install tftpd-hpa package apt-get update apt-get -y install tftpd-hpa # Fix config file broken by default # - use correct tftpboot directory rather than random location under /var # - chroot to tftpboot # - allow uploading of files but not overwriting existing # - listen IPv4 and IPv6 instead of IPv6 only # - enable logging mv /etc/default/tftpd-hpa /etc/default/tftpd-hpa.old cat <<'__EOF__' >/etc/default/tftpd-hpa TFTP_USERNAME="tftp"  TFTP_DIRECTORY="/tftpboot"  TFTP_ADDRESS=":69" TFTP_OPTIONS="--secure --create --listen --verbose" __EOF__ # Create tftpboot directory and use proper permissions mkdir /tftpboot chmod -R 1770 /tftpboot  chown -R root:tftp /tftpboot # Restart service service tftpd-hpa restart P.S. There's config file bug causing tftpd to listen only IPv6 connections by default... https://bugs.launchpad.net/ubuntu/+source/tftp-hpa/+bug/1448500

Smartmontools v6.4 and Ubuntu 12.04

I had to upgrade to new Smartmontools 6.4 on my Ubuntu 12.04 server as old version lacks Prolific PL2773 USB3 to SATA bridge support.

Adding pagespeed module to nginx 1.7.8 on Ubuntu 14.04

Wanted run fresh nginx version with Google Pagespeed on Ubuntu 14.04.

Installing Ubuntu 14.04 LTS with Cacti 0.8.8c

Ubuntu provides only Cacti 0.8.8b so we need to compile our own package with 0.8.8c after installing OS.

Remote conversion of 64-bit CentOS 6.5 to 64-bit Ubuntu 14.04

For 32-bit source to 64-bit see my older post . Old install was using software RAID-1, but did not have LVM. Small 200MB /boot partition, 8GB swap and rest as one root partition. We're redoing it completely so what it used to be doesn't really matter. All existing data on root will be lost.

Oddities of dnsmasq when used with IPv6 resolvers

# dnsmasq --version Dnsmasq version 2.68 Copyright (c) 2000-2013 Simon Kelley Compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth # md5sum dnsmasq* 8a704b6aa977df9485b3faf940cc5e35 dnsmasq_2.68-1_all.deb 60bafb9b863671bb02595505a447270c dnsmasq-base_2.68-1_amd64.deb There was odd " [icmp6 sum ok] ICMP6, destination unreachable, unreachable port " going out from my server every time DNS reply was received. Turns out it was because dnsmasq IPv6 support is buggy .

Headless Ubuntu 14.04 Server with full disk encryption, remote unlock, software RAID, LVM and EFI for over 2TB disk support

Image
Headless Ubuntu 14.01 LTS server with full disk encryption, remote unlock over SSH, software RAID, LVM and support for over 2TB disks with EFI and BIOS MBR boot. That's what this post is about. Oh, and pics are at the end.

Netdisco2 on Ubuntu 14.04

Netdisco is neat tool to collect layer-2 forwarding database from switches, match MACs with layer-3 ARP table from router and present it over searchable webui. Old "Netdisco 1" was quite horrible to setup, but it did still do its job. Recently "Netdisco 2" was released making admins life much easier and also bringing fancy new look for webui. So here's my notes about installing new virtual machine with Netdisco 2.

Updating Ubuntu 12.04 LTS kernel to 3.15.8 with latest ddbridge DVB drivers

Adding aufs support to Ubuntu LTS 14.04 with 3.16-rc5 kernel

Adding aufs support to 3.16-rc5 is little different than what is was for older kernels. Below works for Ubuntu LTS 14.04.

Ubuntu Server 14.04 LTS with encrypted md mirrored rootfs and remote ssh unlock

This post is just to let everyone know old process described here in my earlier post still works and also survives upgrade from older Ubuntu version to 14.04 LTS.

Flashing BeagleBone Black (rev B, 2GB eMMC) with Ubuntu 14.04

You're supposed to be able to use "BBB-eMMC-flasher" images to flash new OS directly from SD card. For whatever reason this sometimes fails to work. People blame power supplies which probably is one reason but not this time. In my case when trying to use BBB-eMMC-flasher image BBB started flashing all four user leds in sync without ever even attempting to flash image to eMMC.

Ubuntu 13.10 with TCP-IR (TCP Instant Recovery / FEC) enabled kernel v3.4.83

How would FEC (Forward Error Correction) enabled TCP/IP stack for Linux sound like? Yep, I know you're interested and want it. Start by checking these two links. http://www.ietf.org/proceedings/87/slides/slides-87-tcpm-8.pdf http://tools.ietf.org/html/draft-flach-tcpm-fec-00

Remote conversion of 32-bit CentOS 6.3 to 64-bit Ubuntu 13.10

Pretty much any Linux should be fine as long as you have suitable scratch partition for temp Ubuntu install, in this example we're re-using 6GB swap partition. Process is two step, first we do minimal 32-bit Ubuntu install over swap partition, boot system, hack it to 64-bit and finally do final 64-bit Ubuntu install over old CentOS rootfs.

Ubuntu and broken or missing aufs with default kernels

Aufs included in Ubuntu kernels is broken, what a surprise. In addition it has been dropped from newer kernels with claims that overlayfs does exactly same thing. It doesn't and everyone knows it except that one developer who decided it does and can't admit he made mistake. It seems aufs (and overlayfs) in Ubuntu is not really supposed to be used but only be part of install process. If so you guys shouldn't include it outside installer.. WontFix you too.

USB keyboard doesn't work during initramfs with Ubuntu 12.04 / 12.10 / 13.04 after upgrading kernel

Add "ohci-pci" to /etc/initramfs-tools/modules and run "update-initramfs -c -k all". This problem occurs because unlike other USB drivers ohci-pci is compiled as module.

Ubuntu Server 12.04.3 / 12.10 / 13.04 / 13.10 with encrypted md mirrored rootfs and remote ssh unlock

My original plan was to boot from ZFS, but combining it with encryption and especially with mirrored disks turned out to be too troublesome. Yes, I did get it working and booting, but resulting configuration required manual fixing each time new kernel was installed. And don't even think about doing upgrade to next Ubuntu version.