Install Vega vulnerability scanner under Ubuntu / Debian

Install
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.vega.sh -O - | bash -

#!/bin/bash

# install Java JDK
wget -q https://raw.githubusercontent.com/panticz/installit/master/install.java-jdk.sh -O - | bash -

sudo apt-get install libwebkitgtk-1.0

# download link
if [ "$(uname -m)" == "x86_64" ]; then
  # 64 bit
  URL=http://support.subgraph.com/downloads/VegaBuild-linux.gtk.x86_64.zip
else
  # 32 bit
  URL=http://support.subgraph.com/downloads/VegaBuild-linux.gtk.x86.zip
fi

# download new eclipse release
wget -q ${URL} -P /tmp

# extract
sudo unzip /tmp/VegaBuild-linux.gtk.*.zip -d /usr/share/

sudo ln -s /usr/share/vega/Vega /usr/local/bin/vega

cat <<EOF> /usr/share/applications/vega.desktop
[Desktop Entry]
Encoding=UTF-8
Name=Vega
Comment=Vega Vulnerability Scanner
Exec=vega
Icon=/usr/share/vega/icon.xpm
Terminal=false
Type=Application
Categories=GNOME;Application;Development;
StartupNotify=true
EOF

Workarround
sudo mkdir -p /usr/share/vega/workspace/
sudo chmod 777 /usr/share/vega/workspace/

Download
https://subgraph.com/vega/download/

Configuration
diff /usr/share/vega/Vega.ini.2015-01-12 /usr/share/vega/Vega.ini
2,5c2,5

 -Xms1024m
> -XX:PermSize=512m
> -XX:MaxPermSize=1024m
> -Xmx4096m

PHP mail test from localhost

<?php 
    ini_set('display_errors', 1);
    error_reporting(E_ALL);
 
    $from = "foo@example.com";
    $to = "bar@example.com";
    $subject = "PHP Mail Test script";
    $message = "This is a test to check the PHP Mail functionality";
 
    $state = mail($to, $subject, $message);
 
    echo "state: $state";
?>
 
# Link
http://php.net/manual/de/function.mail.php

Install archiva

# install oracle jdk
wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/installit/master/install.java-jdk.sh -O - | bash -

# install archiva
wget http://mirror.arcor-online.net/www.apache.org/archiva/2.1.1/binaries/apache-archiva-2.1.1-bin.tar.gz -P /tmp
tar xzf /tmp/apache-archiva-2.1.1-bin.tar.gz -C /opt
ln -s /opt/apache-archiva-2.1.1/ /opt/apache-archiva

# autostart
sed -i '$i /opt/apache-archiva/bin/archiva start' /etc/rc.local

# URL
http://YOUR_IP:8080/

# clear config
rm /opt/apache-archiva/conf/archiva.xml

Puppet: iPXE boot module

# create module structure
mkdir -p /etc/puppet/modules/ipxe/files
mkdir -p /etc/puppet/modules/ipxe/manifests

# download files
wget -q http://dl.panticz.de/ipxe/ipxe.lkrn -O /etc/puppet/modules/ipxe/files/ipxe.lkrn
wget -q http://dl.panticz.de/ipxe/49_ipxe -O /etc/puppet/modules/ipxe/files/49_ipxe

# download module definiction
wget -q https://raw.githubusercontent.com/panticz/puppet/master/modules/ipxe/init.pp -O /etc/puppet/modules/ipxe/manifests/init.pp

class ipxe {
  file { "/boot/grub/ipxe.lkrn":
    source => "puppet:///modules/ipxe/ipxe.lkrn"
  }

  file { "/etc/grub.d/49_ipxe":
    source => "puppet:///modules/ipxe/49_ipxe",
    mode => 700
  }

  exec { "update-grub":
    subscribe   => File["/etc/grub.d/49_ipxe"],
    refreshonly => true
  }
}

Nginx: compile with http_substitutions_filter support

# tested under CentOS release 5.11 (Final)
 
yum -y install rpm-build git
yum -y install gcc gcc-c++ make zlib-devel pcre-devel openssl-devel
 
wget http://nginx.org/packages/centos/5/SRPMS/nginx-1.6.2-1.el5.ngx.src.rpm
rpm -i nginx-1.6.2-1.el5.ngx.src.rpm
 
git clone git://github.com/yaoweibin/ngx_http_substitutions_filter_module.git
 
cd /usr/src/redhat/SOURCES/
 
/usr/src/redhat/SOURCES
 
tar xzf ../nginx-1.6.2.tar.gz
 
cd nginx-1.6.2
 
./configure --add-module=/root/ngx_http_substitutions_filter_module  --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.

Check SSL/TLS server encryption support

# sslyze
wget https://github.com/nabla-c0d3/sslyze/releases/download/release-0.11/sslyze-0_11-linux64.zip -P /tmp/
unzip /tmp/sslyze-*-linux64.zip -d /tmp/
/tmp/sslyze-*-linux64/sslyze/sslyze.py --regular www.example.com
 
# cipherscan
wget https://github.com/jvehent/cipherscan/archive/master.zip -P /tmp
unzip /tmp/master.zip -d /tmp/
/tmp/cipherscan-master/cipherscan www.example.com
/tmp/cipherscan-master/analyze.py -t www.example.com
 
# old
# Curl parameter
 -ssl2         - just use SSLv2
 -ssl3         - just use SSLv3
 -tls1         - just use TLSv1
 -tls1_1       - just use

Jenkins: install and configure JDK

# download and extract JDK
URL=http://download.oracle.com/otn-pub/java/jdk/8u25-b17/jdk-8u25-linux-x64.tar.gz
wget --continue --no-check-certificate --header "Cookie: oraclelicense=a" ${URL} -O /tmp/${URL##*/}
tar -C /var/lib/jenkins/tools/hudson.model.JDK/ -xzf /tmp/jdk-8u25-linux-x64.tar.gz

# configure JDK
http://192.168.1.111:8080/configure
JDK
JDK installations
Add JDK
Install automatically: check out
JAVA_HOME: /var/lib/jenkins/tools/hudson.model.JDK/jdk1.8.0_25
Save

# create New Item
Item name: JDBCTest
check "Freestyle project"
JDK: JDK8

Install Gnokii (Manage SMS on USB Stick)

# install
sudo apt-get install -y gnokii

# set permissions (TODO set permissions with udev)
sudo chmod o+rw /dev/ttyUSB0

# configure
cat < .gnokiirc
[global]
model = AT
port = /dev/ttyUSB0
connection = serial
EOF

# show sms status
gnokii --showsmsfolderstatus

# show sms
gnokii --getsms MT 0 end

# show sms and filter for "http"
gnokii --getsms MT 0 2> /dev/null | grep http

# delete sms
gnokii --deletesms MT 0

# Links
http://linuxgazette.net/164/tomar.html
http://wiki.gnokii.org/index.php/SMS_options
http://ubuntuforums.org/showthread.php?t=1123538

Squid

Install
apt-get install -y squid

Configuration /etc/squid3/squid.conf
http_port 80 accel defaultsite=www.example.com vhost
cache_peer 10.0.3.10 parent 80 0 no-query login=PASS originserver name=myAccel1
acl our_sites1 dstdomain 88.99.100.101 .example.com www.foo.com
http_access allow our_sites1
cache_peer_access myAccel1 allow our_sites1
cache_peer_access myAccel1 deny all

# reload configuration
squid3 -k reconfigure

Links
http://www.ehow.de/man-ssl-squid-aktiviert-wie_10142/

Installation and configuration of the ELK Stack (Elasticsearch, Logstash, Kibana)

# Overview and download homepage
http://www.elasticsearch.org/overview/elkdownloads/

#
# Prerequirements (Elasticsearch and Logstash are Java packages so please install Java JRE first)
#
# Install Java JRE package on Debian
apt-get install -y openjre-7-jre

#
# Elasticsearch (distributed restful search and analytics)
#
# Install Elasticsearch package on Debian
wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.3.2.deb -P /tmp
dpkg -i /tmp/elasticsearch-1.3.2.deb

# Enable Elasticsearch daemon
update-rc.d elasticsearch defaults 95 10

Syndicate content