🔒 Karlo Luiten

yum install https://download1.rpmfusion.org/{free/fedora/rpmfusion-free,nonfree/fedora/rpmfusion-nonfree}-release-$(rpm -E %fedora).noarch.rpm

yum install install compat-ffmpeg28 ffmpeg-libs

dnf config-manager --add-repo=http://negativo17.org/repos/fedora-spotify.repo && yum update && yum -y install spotify-client 

I got this error when sending signed emails using my outlook cert by Digicert.

Solution:

1. Open certmgt
2. Navigate to Personal/Certificates
3. Delete the signing cert
4. Import your cert from backup (or request a new one)
5. Select again in Security center in outlook

Split to array:

while IFS=’;’ read -ra ADDR; do
for i in “${ADDR[@]}”; do
# process “$i”
done
done <<< “$IN”

Define:

distro=(“redhat” “debian” “gentoo”)

Element:

${ArrayName[subscript]}

Length:

echo “${#distro[@]}”

Example

!/bin/bash

define array

name server names FQDN

NAMESERVERS=(“ns1.nixcraft.net.” “ns2.nixcraft.net.” “ns3.nixcraft.net.”)

get length of an array

tLen=${#NAMESERVERS[@]}

use for loop read all nameservers

for (( i=0; i<${tLen}; i++ ));
do
echo ${NAMESERVERS[$i]}
done

# Reset
Color_Off='\033[0m'       # Text Reset

# Regular Colors
Black='\033[0;30m'        # Black
Red='\033[0;31m'          # Red
Green='\033[0;32m'        # Green
Yellow='\033[0;33m'       # Yellow
Blue='\033[0;34m'         # Blue
Purple='\033[0;35m'       # Purple
Cyan='\033[0;36m'         # Cyan
White='\033[0;37m'        # White

# Bold
BBlack='\033[1;30m'       # Black
BRed='\033[1;31m'         # Red
BGreen='\033[1;32m'       # Green
BYellow='\033[1;33m'      # Yellow
BBlue='\033[1;34m'        # Blue
BPurple='\033[1;35m'      # Purple
BCyan='\033[1;36m'        # Cyan
BWhite='\033[1;37m'       # White

# Underline
UBlack='\033[4;30m'       # Black
URed='\033[4;31m'         # Red
UGreen='\033[4;32m'       # Green
UYellow='\033[4;33m'      # Yellow
UBlue='\033[4;34m'        # Blue
UPurple='\033[4;35m'      # Purple
UCyan='\033[4;36m'        # Cyan
UWhite='\033[4;37m'       # White

# Background
On_Black='\033[40m'       # Black
On_Red='\033[41m'         # Red
On_Green='\033[42m'       # Green
On_Yellow='\033[43m'      # Yellow
On_Blue='\033[44m'        # Blue
On_Purple='\033[45m'      # Purple
On_Cyan='\033[46m'        # Cyan
On_White='\033[47m'       # White

# High Intensity
IBlack='\033[0;90m'       # Black
IRed='\033[0;91m'         # Red
IGreen='\033[0;92m'       # Green
IYellow='\033[0;93m'      # Yellow
IBlue='\033[0;94m'        # Blue
IPurple='\033[0;95m'      # Purple
ICyan='\033[0;96m'        # Cyan
IWhite='\033[0;97m'       # White

# Bold High Intensity
BIBlack='\033[1;90m'      # Black
BIRed='\033[1;91m'        # Red
BIGreen='\033[1;92m'      # Green
BIYellow='\033[1;93m'     # Yellow
BIBlue='\033[1;94m'       # Blue
BIPurple='\033[1;95m'     # Purple
BICyan='\033[1;96m'       # Cyan
BIWhite='\033[1;97m'      # White

# High Intensity backgrounds
On_IBlack='\033[0;100m'   # Black
On_IRed='\033[0;101m'     # Red
On_IGreen='\033[0;102m'   # Green
On_IYellow='\033[0;103m'  # Yellow
On_IBlue='\033[0;104m'    # Blue
On_IPurple='\033[0;105m'  # Purple
On_ICyan='\033[0;106m'    # Cyan
On_IWhite='\033[0;107m'   # White

sed -i '1s/^\(\xef\xbb\xbf\)\?/\xef\xbb\xbf/' foo-*

1. Install xming
2. Set up putty, use x forwarding, diplay loc localhost:0.0, rest is default
3. Start xming
4. On centos:

yum install xorg-x11-fonts* libXtst xorg-x11-xauth xorg-server xclock

Test using xclock. If $DISPLAY is not set you did it wrong. You can also test mobaxterm, it works well.

sed -i '/ExecStart/ s/agetty/agetty --autologin root/' /etc/systemd/system/getty.target.wants/getty@tty1.service

lvs -a -o +devices

__LOOKUP(
__concatenate(
__concatenateDeleting(
__contains(
__convertMSDNSURL(
__createGMTTimeStamp(
__createLocalTimeStampFromGMT(
__createLocalTimeStampFromGMTSecondsMillis(
__createLocalTimeStampFromGMTSecondsNanoseconds(
__createLocalTimeStampFromNTP(
__createLocalTimeStampFromNanoSeconds(
__createLocalTimeStampFromSecondsMicrosZone(
__createLocalTimeStampFromSecondsSinceEpoch(
__createLocalTimeStampStringFromGMTMilliseconds(
__createLocalTimeStampStringFromLocalMilliseconds(
__createOptionalTimeStampFromString(
__createSafeLocalTimeStamp(
__createTimeStamp(
__createTimeStampByHexEncodedTime(
__createTimeStampByStartTimeElapsed(
__createTimeStampForOpsecStartTime(
__doubleToAddress(
__extractNDomain(
__extractNTDomain(
__extractNTUser(
__extractProtocol(
__foundScanHostName(
__getCEFSeverity(
__getDeviceDirection(
__getIronMailActions(
__getIronMailAlertImpact(
__getIronMailEventStatus(
__getLongMACAddressByHexString(
__getLongMACAddressByString(
__getManhuntPriority(
__getNormalizedOS(
__getNotZeroPort(
__getOriginator(
__getOriginatorFromSourcePort(
__getProtocolName(
__getProtocolNameFromString(
__getSymantecNSPriority(
__getTimeZone(
__getTrendMicroHostName(
__getTrendMircoUser(
__getType(
__getVendor(
__getVulnerabilityCategory(
__getXForceStringFor(
__hexStringToAddress(
__hexStringToLong(
__hexStringToString(
__hourMinuteSecondsToSeconds(
__ifGreaterOrEqual(
__ifThenElse(
__ifThenElseAddress(
__ifTrueThenElse(
__ignoreZeroIp(
__ignoreZeroMac(
__integerConstant(
__integerToAddressMcAfee(
__integerToLong(
__longToString(
__longToTimeStamp(
__mazuProfilerDestinationAddress(
__numberToAddress(
__oneOf(
__oneOfAddress(
__oneOfDateTime(
__oneOfHostName(
__oneOfInteger(
__oneOfLong(
__oneOfMac(
__oneOfNetBIOSName(
__parseMultipleTimeStamp(
__parseMutableTimeStamp(
__parseMutableTimeStampSilently(
__parseSignedLong(
__regexToken(
__regexTokenAsAddress(
__regexTokenAsInteger(
__regexTokenAsLong(
__regexTokenFindAndJoin(
__regexTokenNoWarning(
__replaceAll(
__reverseDottedDecimalAddressByteOrder(
__safeToDate(
__safeToInteger(
__safeToLong(
__safeToRoundedLong(
__safteToInt(
__setYearToCurrentYear(
__signedNumberToAddress(
__simpleMap(
__split(
__splitAsAddress(
__splitAsInteger(
__stringConstant(
__stringTrim(
__subAgentTokenizer(
__toGMTTimeStamp(
__toHex(
__toLocalTimeStamp(
__toUpperCase(


cd /opt/arcsight/connectors/; tail -f *_con1_rsyslog_paloalto_2500*/current/logs/agent.out.wrapper.log | awk '/^==> / {a=substr($0, 5, length-8); next} {print a":"$0}'

This might help someone else, too. These are the things I do for an internal VM (on my hypervisor at home). This document will/might evolve over time. Default OS is centos7.

1. yum -y install epel-release && yum -y update && yum -y install wget vim htop tcpdump yum-cron yum-utils ntp figlet lynis bind-utils bash-completion mlocate autojump vnstat psmisc rsync ack strace iotop

2. yum -y install centos-release-ovirt42 && yum -y install ovirt-guest-agent-common && systemctl enable --now ovirt-guest-agent.service
3. vnstat --create -i eth0 && chown -R vnstat. /var/lib/vnstat/ && systemctl enable --now vnstat
4. ssh-copy-id my keys to the server, cat >> /etc/ssh/sshd_config
X11Forwarding no
IgnoreRhosts yes
UseDNS no
PermitEmptyPasswords no
MaxAuthTries 2
PubkeyAuthentication yes
PasswordAuthentication no
PermitRootLogin without-password
Protocol 2
systemcyl restart sshd
5. vim -O /etc/yum/yum-cron.conf /etc/ntp.conf && systemctl enable ntpd && systemctl start ntpd
6. hostname | cut -d. -f1 | figlet > /etc/motd && vim /etc/motd
7. vim /etc/sysctl.d/harden.conf , add file below
8. echo smtpd_banner=0 >> /etc/postfix/main.cf && systemctl restart postfix ; echo “bg=dark >> /etc/vimrc”
9. ip a&& read&& hostname >> /etc/hosts && vim /etc/hosts #, add local host
10. vi /etc/aliases && newaliases
11. reboot
12. check sestatus enabled, firewalld active, lynis audit system
13. IPTables firewalld replace


# The following is suitable for dedicated web server, mail, ftp server etc.
# ---------------------------------------
# BOOLEAN Values:
# a) 0 (zero) - disabled / no / false
# b) Non zero - enabled / yes / true
# --------------------------------------
# Controls IP packet forwarding
net.ipv4.ip_forward = 0

# Controls source route verification
net.ipv4.conf.default.rp_filter = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename
# Useful for debugging multi-threaded applications
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
#net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_synack_retries = 2

########## IPv4 networking start ##############
# Send redirects, if router, but this is just server
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0

# Accept packets with SRR option? No
net.ipv4.conf.all.accept_source_route = 0

# Accept Redirects? No, this is not router
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0

# Log packets with impossible addresses to kernel log? yes
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.secure_redirects = 0

# Ignore all ICMP ECHO and TIMESTAMP requests sent to it via broadcast/multicast
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Prevent against the common ‘syn flood attack’
net.ipv4.tcp_syncookies = 1

# Enable source validation by reversed path, as specified in RFC1812
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

########## IPv6 networking start ##############
# Number of Router Solicitations to send until assuming no routers are present.
# This is host and not router
net.ipv6.conf.default.router_solicitations = 0

# Accept Router Preference in RA?
net.ipv6.conf.default.accept_ra_rtr_pref = 0

# Learn Prefix Information in Router Advertisement
net.ipv6.conf.default.accept_ra_pinfo = 0

# Setting controls whether the system will accept Hop Limit settings from a router advertisement
net.ipv6.conf.default.accept_ra_defrtr = 0

#router advertisements can cause the system to assign a global unicast address to an interface
net.ipv6.conf.default.autoconf = 0

#how many neighbor solicitations to send out per address?
net.ipv6.conf.default.dad_transmits = 0

# How many global unicast IPv6 addresses can be assigned to each interface?
net.ipv6.conf.default.max_addresses = 1

########## IPv6 networking ends ##############

#Enable ExecShield protection
kernel.exec-shield = 1
kernel.randomize_va_space = 1

# TCP and memory optimization
# increase TCP max buffer size setable using setsockopt()
#net.ipv4.tcp_rmem = 4096 87380 8388608
#net.ipv4.tcp_wmem = 4096 87380 8388608

# increase Linux auto tuning TCP buffer limits
#net.core.rmem_max = 8388608
#net.core.wmem_max = 8388608
#net.core.netdev_max_backlog = 5000
#net.ipv4.tcp_window_scaling = 1

# increase system file descriptor limit
fs.file-max = 65535

#Allow for more PIDs
kernel.pid_max = 65536

#Increase system IP port limits
net.ipv4.ip_local_port_range = 2000 65000

kernel.dmesg_restrict=1
kernel.kptr_restrict=2
kernel.randomize_va_space=2
kernel.yama.ptrace_scope=2
net.ipv4.conf.default.log_martians=1
net.ipv6.conf.all.accept_redirects=0
net.ipv6.conf.default.accept_redirects=0

exec 1>/dev/null 2>/dev/null
at the top of your script

Getting asset tag in Windows:
wmic bios get serialnumber
Getting asset tag in Linux:
dmidecode -t1

root@host:~# yum update
Loaded plugins: product-id, search-disabled-repos, security, subscription-manager
Setting up Update Process
Error: database disk image is malformed
root@host:~# yum clean all
Loaded plugins: product-id, search-disabled-repos, security, subscription-manager
Cleaning repos: *
Cleaning up Everything
root@host:~# mv /var/lib/rpm/__db* /tmp
root@host:~# rpm –rebuilddb