Mongo “illegal hardware instruction mongo” on Linux

While trying to install and run mongo on Kali Linux, I encountered the following error.

zsh: illegal hardware instruction mongo

Using a Bash shell it returns the following instead.

Illegal instruction

It appears that the issue is from running mongo in a virtual machine.

https://www.mongodb.com/community/forums/t/mongodb-community-5-0-12-illegal-instruction-core-dumped-ubuntu-20-04-5-lts/204332

https://askubuntu.com/questions/699077/how-to-enable-avx2-extensions-on-a-ubuntu-guest-in-virtualbox-5

Resolution? Run on bare metal or find a way to enable avx2 in the virtual machine.

Hardening SNMP on Debian

Hardening SNMP on Debian by disabling SNMP v1 and v2c, and configuring SNMP v3.

Modify /etc/snmp/snmpd.conf

First we’ll want to open up the /etc/snmp/snmpd.conf file and comment out all lines that begin with

  • rocommunity
  • view
  • rouser authPriv <– “This may be the last line by default, we don’t need it”

Alternatively, you can copy and paste the following sed commands instead of manually editing the file.

sudo sed -i 's/^rocommunity/# rocommunityc/g' /etc/snmp/snmpd.conf
sudo sed -i 's/^view/# view/g' /etc/snmp/snmpd.conf
sudo sed -i 's/^rouser authPriv/# rouser authPriv/g' /etc/snmp/snmpd.conf

Create SNMP v3 User

We can create a SNMP v3 user with the following command. There it will ask you for the username and passwords.

sudo net-snmp-create-v3-user -ro -a SHA-512 -x AES

You may receive an error about not being able to touch /snmp/snmpd.conf. I am not sure why Debian is attempting to create that file. Take the “rouser snmpuser” line and add it to the end of the /etc/snmp/snmpd.conf config.

Debian SNMP Error

Now we can start SNMPD

sudo systemctl start snmpd

Troubleshooting

My created user is not working! This could result from two different issues.

  1. It appears that Debian/SNMP doesn’t like pass phrases with special characters. You can try using a different password or escaping the special characters in “/var/lib/snmp/snmpd.conf” file before starting SNMPD.
  2. The user didn’t get added to /etc/snmp/snmpd.conf To fix, add “rouser snmpuser” (Change snmpuser to your snmp username) to the bottom of the config file.

Install RX 580 Mining Drivers on Debian Based Distributions

Use wget to download AMD drivers.

wget https://drivers.amd.com/drivers/linux/amdgpu-pro-20.45-1164792-ubuntu-20.04.tar.xz --referer https://support.amd.com

Extract archive.

tar xf amdgpu-pro-20.45-1164792-ubuntu-20.04.tar.xz

Change directory

cd amdgpu-pro-20.45-1164792-ubuntu-20.04

Install AMD Drivers

./amdgpu-pro-install -y --opencl=legacy,rocm --headless

If you run into issues with it saying “Unsupported DEB based OS” Refer to the following article.

Unsupported DEB-based OS: /etc/os-release ID ‘kali’

Delete SNMPv3 User on Linux

Don’t know if this is the recommended way to delete a user, but it seems to work.

sudo service snmpd stop

Open up the snmpd.conf file in /var/lib and find the line with the SNMP user and delete the line

sudo vi /var/lib/snmp/snmpd.conf

The above file may be in the following location on RPM based systems.

sudo vi /var/lib/net-snmp/snmpd.conf

Save, exit, and start snmpd

sudo service snmpd start

These steps work for Ubuntu, but should work for any Debain based distro as well as CentOS, Fedora, RedHat etc.

Install dig on Ubuntu, Debian or Kali Linux

install dig
Help options for dig


Dig is a DNS lookup utility.  It is included in most Linux distributions by default, but if it isn’t you can easily install dig with the following command.

The dig utility is apart of the dnsutils package

sudo apt-get install dnsutils -y

After it is installed, we can verify that it is working with

dig -v

For more information on how to use dig, refer to the following link.

https://www.howtogeek.com/663056/how-to-use-the-dig-command-on-linux/

The following is copied and pasted from the dig man page.

NAME
       dig - DNS lookup utility

SYNOPSIS
       dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-m] [-p port#] [-q name]
           [-t type] [-v] [-x addr] [-y [hmac:]name:key] [[-4] | [-6]] [name] [type] [class]
           [queryopt...]

       dig [-h]

       dig [global-queryopt...] [query...]

DESCRIPTION
       dig is a flexible tool for interrogating DNS name servers. It performs DNS lookups and
       displays the answers that are returned from the name server(s) that were queried. Most DNS
       administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use
       and clarity of output. Other lookup tools tend to have less functionality than dig.

       Although dig is normally used with command-line arguments, it also has a batch mode of
       operation for reading lookup requests from a file. A brief summary of its command-line
       arguments and options is printed when the -h option is given. Unlike earlier versions, the
       BIND 9 implementation of dig allows multiple lookups to be issued from the command line.

       Unless it is told to query a specific name server, dig will try each of the servers listed
       in /etc/resolv.conf. If no usable server addresses are found, dig will send the query to the
       local host.

       When no command line arguments or options are given, dig will perform an NS query for "."
       (the root).

       It is possible to set per-user defaults for dig via ${HOME}/.digrc. This file is read and
       any options in it are applied before the command line arguments. The -r option disables this
       feature, for scripts that need predictable behaviour.

       The IN and CH class names overlap with the IN and CH top level domain names. Either use the
       -t and -c options to specify the type and class, use the -q the specify the domain name, or
       use "IN." and "CH." when looking up these top level domains.

SIMPLE USAGE
       A typical invocation of dig looks like:

            dig @server name type

       where:

       server
           is the name or IP address of the name server to query. This can be an IPv4 address in
           dotted-decimal notation or an IPv6 address in colon-delimited notation. When the
           supplied server argument is a hostname, dig resolves that name before querying that name
           server.

           If no server argument is provided, dig consults /etc/resolv.conf; if an address is found
           there, it queries the name server at that address. If either of the -4 or -6 options are
           in use, then only addresses for the corresponding transport will be tried. If no usable
           addresses are found, dig will send the query to the local host. The reply from the name
           server that responds is displayed.

       name
           is the name of the resource record that is to be looked up.

       type
           indicates what type of query is required — ANY, A, MX, SIG, etc.  type can be any valid
           query type. If no type argument is supplied, dig will perform a lookup for an A record.


					

Install UniFi Video 3.8.5 on Ubuntu or Debian

You can run all the commands from the terminal, or ssh into the server

See here if you need to setup SSH on the server.

Install prerequisites

sudo apt-get install mongodb mongodb-server openjdk-8-jre-headless jsvc

Download UniFi Video installer

Note the Debian package works on Ubuntu, and has been tested on the latest Ubuntu

wget https://dl.ubnt.com/firmwares/ufv/v3.8.5/unifi-video.Debian7_amd64.v3.8.5.deb

Install package

sudo dpkg -i unifi-video.Debian7_amd64.v3.8.5.deb

Login to the UniFi Video controller using your web browser and going to the following address to finish configuring the NVR.

https://your-server-address:7443

Install SSH Server on Linux (Debian, Ubuntu, Fedora, CentOS, RedHat)

Debian / Ubuntu

sudo apt-get install -y openssh-server

RPM based Distros, Fedora / CentOS / RedHat

sudo dnf install -y openssh-server

or use yum

sudo yum install -y openssh-server

Start ssh service

sudo systemctl start sshd

By default the SSH service should start when the system starts, but if not try the following command to enable the service on boot up.

Debian / Ubuntu

systemctl enable ssh

Fedora, CentOS, RedHat

systemctl enable sshd

Change SSH port

Not necessary, but it is a good idea to change the default ssh port.  To change the port edit the sshd file.

vi /etc/ssh/sshd_config

If you change the port, you’ll need to allow it in the firewall (firewalld, iptables) and if SELinux is enabled, semanage.