ShellShock Bug: Check / Identify / Solve Vulnerability

Hello,

Patch your bash now Just heard that your shell / bash may be vulnerable or buggy.

This post will help you to check whether your Shell / bash of Red Hat Enterprise Linux is vulnerable / Bug infected or not.

How does this impact systems

This issue affects all products which use the Bash shell and parse values of environment variables. This issue is especially dangerous as there are many possible ways Bash can be called by an application. Quite often if an application executes another binary, Bash is invoked to accomplish this. Because of the pervasive use of the Bash shell, this issue is quite serious and should be treated as such.

All versions prior to those listed as updates for this issue are vulnerable to some degree.

See the appropriate remediation article for specifics.

The patch for CVE-2014-7169 introduces changes to how Bash evaluates environment variables. Applications which directly create Bash functions as environment variables need to be made aware of these changes. Previously, a function had to be stored in an environment variable of the same name. For example, the function “compute” would be stored in an environment variable named “compute”. With the patch for CVE-2014-7169 applied, it would need to use the name “BASH_FUNC_compute()”. As a result, there are now two pairs of parentheses in the environment string, as in “BASH_FUNC_compute()=() { }”.

Functions written in Bash itself do not need to be changed, even if they are exported with “export -f”. Bash will transparently apply the appropriate naming when exporting, and reverse the process when importing function definitions.

 

ShellShock
ShellShock

Execute following command to check whether your bash / shell is bug infected or vulnerable!

So, how do you know if your servers can be attacked? First, you need to check to see if you’re running a vulnerable version of Bash. To do that, run the following command from a Bash shell:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If you get the result:

vulnerable
this is a test

Bad news, your version of Bash can be hacked. If you see:

bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x’ this is a test

You’re good. Well, to be more exact, you’re as protected as you can be at the moment.

OR

To test if your version of Bash is vulnerable to CVE-2014-6271, run the following command:

$ env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test"

If the output of the above command contains a line containing only the word vulnerable you are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function.

Note that different Bash versions will also print different warnings while executing the above command. The Bash versions without any fix produce the following output:

$ env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test"
vulnerable
bash: BASH_FUNC_x(): line 0: syntax error near unexpected token `)'
bash: BASH_FUNC_x(): line 0: `BASH_FUNC_x() () { :;}; echo vulnerable'
bash: error importing function definition for `BASH_FUNC_x'
test

The versions with only the original CVE-2014-6271 fix applied produce the following output:

$ env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
bash: error importing function definition for `BASH_FUNC_x()'
test

Read more :- https://access.redhat.com/articles/1200223

Products Affected:

Product/Channel Fixed in package Remediation details
Red Hat Enterprise Linux 7 bash-4.2.45-5.el7_0.4 Red Hat Enterprise Linux
Red Hat Enterprise Linux 6 bash-4.1.2-15.el6_5.2 Red Hat Enterprise Linux
bash-4.1.2-15.el6_5.1.sjis.1 * Red Hat Enterprise Linux
bash-4.1.2-9.el6_2.1 * Red Hat Enterprise Linux 6.2 AUS
bash-4.1.2-15.el6_4.1 * Red Hat Enterprise Linux 6.4 EUS
Red Hat Enterprise Linux 5 bash-3.2-33.el5_11.4 Red Hat Enterprise Linux
bash-3.2-33.el5_11.1.sjis.1 * Red Hat Enterprise Linux
bash-3.2-24.el5_6.1 * Red Hat Enterprise Linux 5.6 LL
bash-3.2-32.el5_9.2 * Red Hat Enterprise Linux 5.9 EUS
Red Hat Enterprise Linux 4 bash-3.0-27.el4.2 * Red Hat Enterprise Linux 4 ELS

If you are using any other version of Linux, Check and Patch it now before its too late!!

References taken from :

https://access.redhat.com/announcements/1210053
https://access.redhat.com/security/cve/CVE-2014-6271
Resolution: https://access.redhat.com/node/1207723

Be Safe 🙂 Be Secure 🙂 Enjoy Linux 🙂 Enjoy Open Source

Please Keep in Touch with Social Networking :- 
Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog

Disable / Password Protect Single User Mode / RHEL / CentOS / 5.x / 6.x

Hello All,

If you have not protected Single User Mode with Password then it is big risk for your Linux Server, So protecting Single User Mode with Password is very important when it comes to security,

Today in this article i will show you how you can protect Single User Mode with Password on RHEL / CentOS 5.x and RHEL / CentOS 6.x.

Please execute given commands carefully else your system will not boot properly. First i would request you to read full procedure and then try to follow. Do it at your own risk 🙂

 

Password Protect
Password Protect

 

1. For RHEL / CentOS 5.x

1.1 Before doing anything please take backup of your /etc/inittab

cp /etc/inittab /etc/inittab.backup

To Disable and Make Single User Mode Password Protected, Execute below command as root :-

[root@tejas-barot-linux ~]$ sed -i '1i  su:S:wait:/sbin/sulogin'

So It will look like below

su:S:wait:/sbin/sulogin
# Default runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
#
id:3:initdefault:

NOTE: If you do not want to use sed command then You can always add “su:S:wait:/sbin/sulogin” at top in /etc/inittab

2. For RHEL / CentOS 6.x

2.1 Before doing anything please take backup of your /etc/inittab

cp /etc/sysconfig/init /etc/sysconfig/init.backup

2.2 To Disable and Make Single User Mode Password Protected, Execute below command as root :-

[root@tejas-barot-linux ~]$#sed -i 's/SINGLE=\/sbin\/sushell/SINGLE=\/sbin\/sulogin/' /etc/sysconfig/init

So It will look like below

SINGLE=/sbin/sulogin

NOTE :- If you do not want to use sed command then You can always change to “SINGLE=/sbin/sulogin” in /etc/sysconfig/init

Enjoy Linux 🙂 Enjoy Open Source

Please Keep in Touch with Social Networking :- 
Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog

Mount / Access NTFS Filesystem / Partition on RHEL / CentOS 6.x

Hello,

Getting Error for NTFS File System on RHEL / CentOS ?

Unable to mount Partition

Error mounting: mount: unknown filesystem type ‘ntfs’

NTFS on CentOS 6
NTFS on CentOS 6

In ENT Linux like RHEL and CentOS there are no packages installed by default to access or Mount NTFS Partition, I have already share the same kind of article way behind for RHEL 5.x.

I am Sharing how to, So By Following this you will able to Mount / Access NTFS Partitions / FileSystem on Red Hat Enterprise Linux 6.x and CentOS 6.x

NTFS 3g
NTFS 3g

It is very simple and Basic to Install NTFS Modules on both Linux, Almost Same method is used for the CentOS and RHEL 6.x.

Only Few Packages which needs to be Installed and You are done.

1. Execute Below Command to Install and Configure EPEL Repository 

[root@tejas-barot-linux-support-ahmedabad ~]# wget http://epel.mirror.net.in/epel/6/i386/epel-release-6-8.noarch.rpm

[root@tejas-barot-linux-support-ahmedabad ~]# rpm -Uvh epel-release-6-8.noarch.rpm

2. Execute Below Command to Install Package related to NTFS Mount :-

[root@tejas-barot-linux-support-ahmedabad ~]# yum -y install ntfs-3g ntfsprogs

3. Attach NTFS Drive and Execute Below command to Find and Mount Partition :-

# To Find Attached NTFS Partition Execute Below Command :-

[root@tejas-barot-linux-support-ahmedabad ~]# fdisk -l | grep “NTFS”

# You will get output Something like below :- 

/dev/sdb1 * 1 1034 1973248 7 HPFS/NTFS

Execute Below command to Mount NTFS Partition

[root@tejas-barot-linux-support-ahmedabad ~]# mount /dev/sdb1 /mnt

4. To Mount NTFS Partition Permanently You can add following entry to /etc/fstab

<device-name> <mount-point> <file-system-type> <options> <dump> <checking>

Example Entry :-

/dev/sdb1 /mnt ntfs-3g default 0 0

Save and Exit from /etc/fstab

That’s IT, Now You will able to Mount / Access NTFS Partition on RHEL / CentOS 6.x

If you like this then Please Click Google +1 Button and Show Your Support. Your Support will encourage me to write more articles.

All Linux User’s Blog Mobile Applications :- http://www.tejasbarot.com/download-mobile-apps/

Please Keep in Touch with Social Networking :- 

Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog

Enjoy NTFS File System on CentOS / RHEL  🙂 Enjoy Linux 🙂 Enjoy Open Source 🙂

Install and Configure MRTG Graphs Linux / Network Graphs / Open Source

Hi All,

Article Submitted by Mr. Vishal Girish Joshi. I want to Thank him for his contribution for All Linux User’s Blog.

Ever wondered how you can easily graph your traffic load on network links through a simple grapher called MRTG.

Follow the below steps to configure mrtg to monitor your network usage and for misc troubleshooting in adverse times.

MRTG Graph
MRTG Graph

1) We just need a mrtg source / rpm file into our machine.

# yum install mrtg

2) Ensure snmp is enabled on the devices/servers we want to monitor

3) Create a directory of your wish in your www root folder (generally, /var/www/html)

In my scenario, i am monitoring my router/switches, so we need to enable snmp in that too. Also make sure that you have set the same community name (generally, `public`) on both sides.

After installing mrtg, we need to create configuration files using an in-built utility. So for that, go to your directory, created previously, and run the below commands.

# cfgmaker –global ’WorkDir: /var/www/html/Cisco-MRTG’ public@1.1.1.1 > mrtg.cfg ( You can give any name to the config file)

This will create the cfg file, have a look into it. this file will have the mrtg configuration pulled from the respective remote end (via snmp).

4) After this, we need to create the index files using the utility, indexmaker, this will display the output of mrtg.cfg file in the html format.

# indexmaker mrtg.cfg > index.html ( Be sure you are in your respective newly created directory )

5) Now, sometimes you can directly run the mrtg command to start the mrtg. But sometimes, it fails. So here is the workaround.

# env LANG=C /usr/bin/mrtg /var/www/html/Cisco-MRTG/mrtg.cfg (This will build up your first mrtg graphs and webpage)

If still errors, then run the above command for 2-3 times. Error will be gone automatically.

6) Also put the below code into your crontab

*/5 * * * * env LANG=C /usr/bin/mrtg /var/www/html/Cisco-MRTG/mrtg.cfg

7) Open the browser and type-in your url

For eg: 1.1.1.1/mrtg

If you are not able to access the url, go to /etc/httpd/conf.d/mrtg.conf. Here you can set different directives of apache, like,
Alias, Location, Authentication, etc according to your needs.

I generally prefer as setting Alias directive as ` Alias /mrtg /var/www/html/Cisco-MRTG ` and then allow the ip addresses you want to allow to view the mrtg graphs. You can also set the authentication parameters as per your requirement over htaccess, ldap, etc.

Hope this guide successfully helps you to set up mrtg for your organization.

Have a nice day and enjoy Linux.

Thanks to Mr. Vishal Joshi for the article.

You can also Submit Article by Visiting http://www.tejasbarot.com/submit-an-article/

Hope this will helps you all, If you face any issue regarding the same or its not working for you some how then please raise your questions / issues then comment down below.

If you like this then Please Click Google +1 Button and Show Your Support. Your Support will encourage me to write more articles.

All Linux User’s Blog Mobile Applications :- http://www.tejasbarot.com/download-mobile-apps/

Please Keep in Touch with Social Networking :- 

Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog

Enjoy MRTG :) Enjoy Network Graphing 🙂 Enjoy Linux :) Enjoy Open Source :)

Howto: Configure Linux Warnquota for Fedora / Ubuntu / RHEL / CentOS

Hello,

In Linux, Most of the People Implement User Quota and Group Quota on Linux and The Might want to send e-mail warnings to the User by e-mail.

It Becomes very Important when the Mail Server is Running and You have implemented Disk Quota / User Quota / Group Quota for Users, So Its the First Basic requirement that We have to inform Users on Their Quota Usage at the Limit which we have configured.

So I am writing this article for Those Who have implemented a Quota and Do not know How to configure quota warning by e-mail.

quota

 

 

1. quota / quota-warnquota package must be Installed.

To Confirm :-

On RHEL / CentOS :- [root@tejas-barot-linux-support ~]# rpm -qa | grep quota # Output should not be empty

On Ubuntu :- root@tejas-barot-linux-support:~# dpkg –list | grep quota # Output should not be empty

2. Partition / Device must be mounted with usrquota

On RHEL / CentOS / Ubuntu :- [root@tejas-barot-linux-support ~]#mount | grep quota # Output should not be empty

3. Quota Must be Enabled on Partition.

4. If Above command is giving you proper output then you are good to go for Further Configuration.

5. Now Open /etc/warnquota.conf and Modify Following values as per your requirement.

Enjoy Disk Quotas :) Enjoy WarnQuota :) Enjoy Linux :) Enjoy Open Source :)

   MAIL_CMD        = "/usr/sbin/sendmail -t"
   FROM            = "linuxsupport@tejasbarot.com"
   SUBJECT         = NOTE: Your mailbox has exceeded allocatted disk space limits
   CC_TO           = "ahmedabad@tejasbarot.com"
   SUPPORT         = "linuxblog@tejasbarot.com"
   PHONE           = "000 111-2222"
   MESSAGE         = Your mailbox has exceeded the allotted limit\
    on this server|Please delete any unnecessary email in your mailbox on:|
   SIGNATURE       = This message is automatically generated by the mail system.

Once you are done with Configuring this Parameters Save and Exit from File

Description of above Configurations :-

MAIL_CMD = Command which used to send an e-mail.

FROM = Which E-Mail ID it will display to Recipient.

SUBJECT = Subject line which you want to Mention for Warning e-mail.

CC_TO = On Which ID it will Send Carbon Copy of the Mail.

SUPPORT =  Email ID which you have to mentioned as Support or anybody else where it should inform too.

PHONE = Of-course It will be a Number which you want to display as your Contact Number.

MESSAGE = Detailed Message OR Instructions Which you want to Send to the User. In Short, Body of the Mail.

SIGNATURE = Text which you have to set as your Signature.

6. Once It is configured properly, then To Send E-mail to all those users who exceeded quota then Execute Following command :-

Execute Command To Send E-Mail to All Those Users / Groups who exceeded quota or Grace Limit :-

[root@tejas-barot-linux-support ~]# warnquota

Execute Command To Send E-Mail to Particular User who exceeded quota or Grace Limit :-

[root@tejas-barot-linux-support ~]# warnquota -u <user-name>

Execute Command To Send E-Mail to Particular Group who exceeded quota or Grace Limit :-

[root@tejas-barot-linux-support ~]# warnquota -g <user-name>

7. That’s IT. Warning for Quota is configured.

Hope this will helps you all, If you face any issue regarding the same or its not working for your some how then please raise your questions / issues then comment down below.

If you like this then Please Click Google +1 Button and Show Your Support. Your Support will encourage me to write more articles.

All Linux User’s Blog Mobile Applications :- http://www.tejasbarot.com/download-mobile-apps/

Please Keep in Touch with Social Networking :- 

Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog

Enjoy Disk Quotas :) Enjoy WarnQuota :) Enjoy Linux :) Enjoy Open Source :)

Custom Init / Boot Script for teamviewerd service for TeamViewer 8 / Ubuntu / CentOS / RHEL

Dear All,

Main Purpose of this script is :- Running teamviewerd as daemon on Ubuntu and CentOS / RHEL for TeamViewer 8.

As We already know that, TeamViewer 8 is now released and Looking Very nice. I have used the same for few days and Working fine.

But In Ubuntu I have faced the issue is that every time I am getting the error is “TeamViewer Daemon is not Running. Please Start the teamviewerd and Restart teamviewer.”

So To get the rid of above error, I have written a script to start teamviewerd on boot and we don’t need to do that manually. I am sharing the same script and tested on Ubuntu and it is working fine from last 5 days. The same script will work for CentOS / RHEL too but In CentOS / RHEL It is not required to start teamviewerd  manually. Below is the screenshot for the same.

 

teamviewerd
Error TeamViewerd

Script which i am sharing here is Originally written by me and for All Linux User’s Blog Visitors, It is possible that Few people may download and may change the Author Information and share again, I also don’t mind it but Trusted Source for the script is here only.

Usage of the script :- /etc/init.d/tvscript {start|stop|restart|status}

BUGS :- Do not rename this script as teamviewer or teamviewerd else it won’t work as expected.

For Ubuntu :-

1. You need to be root or any user with root rights.

2. Download the Script from below link :-

root@linux-support-ahmedabad-tejas-barot:~# wget -c http://www.tejasbarot.com/Scripts/tvscript.sh

3. Now Copy that Script to /etc/init.d/ and assign permissions

root@linux-support-ahmedabad-tejas-barot:~# cp tvscript.sh /etc/init.d/tvscript

root@linux-support-ahmedabad-tejas-barot:~# chmod 0755 /etc/init.d/tvscript

4. Now Let’s Update it as a Custom Init Script ( Boot Script )

root@linux-support-ahmedabad-tejas-barot:~# update-rc.d tvscript defaults

5. That’s It. Now You can use this script by /etc/init.d/tvscript or By rebooting your system.

For CentOS / RHEL 6.x :-

1. You need to be root or any user with root rights.

2. Download the Script from below link :-

[root@linux-support-ahmedabad-tejas-barot ~#] wget -c http://www.tejasbarot.com/Scripts/tvscript.sh

3. Now Copy that Script to /etc/init.d/ and assign permissions

[root@linux-support-ahmedabad-tejas-barot ~#] cp tvscript.sh /etc/init.d/tvscript

[root@linux-support-ahmedabad-tejas-barot ~#] chmod 0755 /etc/init.d/tvscript

4. Now Let’s Update it as a Custom Init Script ( Boot Script )

[root@linux-support-ahmedabad-tejas-barot ~#] chkconfig –add tvscript

5. That’s It. Now You can use this script by /etc/init.d/tvscript or By rebooting your system.

Hope this helps you all.

I hope this will helps you all, If you face any issue regarding the same or its not working for your some how then please raise your questions / issues then comment down below.

If you like this then Please Click Google +1 Button and Show Your Support. Your Support will encourage me to write more articles.

All Linux User’s Blog Mobile Applications :- http://www.tejasbarot.com/download-mobile-apps/

Please Keep in Touch with Social Networking :- 

Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog

Enjoy TeamViewerd 🙂 Enjoy TeamViewer 8 on Linux 🙂 Enjoy Linux 🙂 Enjoy Open Source 🙂

Download and Install imapsync rpm / v1.525 / RHEL / CentOS / 5.x / 6.x | 32-Bit | x86_64 ( 64-Bit)

Hello,

As we already know that Imapsync is very useful and famous Utility and New Version of imapsync 1.525 is now available in Source Packages. (tar.gz, tgz, zip).

FYI :- I have created RPMs and made it available before EPEL and Now It is also Available with EPEL Testing Repository.

Using those source files i have created RPM for RHEL /CentOS / 5.x / 6.x for 32-bit and x86_64 bit architecture.

You can download theses RPMs using following link and You can start Using these RPMs.

I am really Happy to create and make these RPMs available for you guys.

If you found any issue with RPM or it is not working as expected you can please report your issues to http://linuxforums.tejasbarot.com

Download Imapsync version 1.525 RPM for RHEL 5 32-Bit / x86_64 ( 64-Bit ) Version :- http://www.tejasbarot.com/RPMs/imapsync-1.525-1.noarch.rpm

Download Imapsync version 1.525 RPM for RHEL 6 32-Bit / x86_64 ( 64-Bit ) Version :- http://www.tejasbarot.com/RPMs/imapsync-1.525-1.el6.noarch.rpm

I hope this will helps you all and This is the latest version of Imapsync which i have compiled. I will try to upload every new version which is available. Keep Visiting Blog.

If you like this then Please Click Google +1 Button and Show Your Support. Your Support will encourage me to write more articles.

If Any Errors in this How to then comment down below.

All Linux User’s Blog Mobile Applications :- http://www.tejasbarot.com/download-mobile-apps/

Facebook Page :- https://www.facebook.com/AllLinuxUsersBlog

Enjoy IMAPSYNc on RHEL / CentOS :) Enjoy Linux :) Enjoy Open Source :)