While trying to install and run mongo on Kali Linux, I encountered the following error.
zsh: illegal hardware instruction mongo
Using a Bash shell it returns the following instead.
Illegal instruction
It appears that the issue is from running mongo in a virtual machine.
Resolution? Run on bare metal or find a way to enable avx2 in the virtual machine.
Hardening SNMP on Debian by disabling SNMP v1 and v2c, and configuring SNMP v3.
First we’ll want to open up the /etc/snmp/snmpd.conf file and comment out all lines that begin with
Alternatively, you can copy and paste the following sed commands instead of manually editing the file.
sudo sed -i 's/^rocommunity/# rocommunityc/g' /etc/snmp/snmpd.conf sudo sed -i 's/^view/# view/g' /etc/snmp/snmpd.conf sudo sed -i 's/^rouser authPriv/# rouser authPriv/g' /etc/snmp/snmpd.conf
We can create a SNMP v3 user with the following command. There it will ask you for the username and passwords.
sudo net-snmp-create-v3-user -ro -a SHA-512 -x AES
You may receive an error about not being able to touch /snmp/snmpd.conf. I am not sure why Debian is attempting to create that file. Take the “rouser snmpuser” line and add it to the end of the /etc/snmp/snmpd.conf config.
Now we can start SNMPD
sudo systemctl start snmpd
My created user is not working! This could result from two different issues.
Use wget to download AMD drivers.
wget https://drivers.amd.com/drivers/linux/amdgpu-pro-20.45-1164792-ubuntu-20.04.tar.xz --referer https://support.amd.com
Extract archive.
tar xf amdgpu-pro-20.45-1164792-ubuntu-20.04.tar.xz
Change directory
cd amdgpu-pro-20.45-1164792-ubuntu-20.04
Install AMD Drivers
./amdgpu-pro-install -y --opencl=legacy,rocm --headless
If you run into issues with it saying “Unsupported DEB based OS” Refer to the following article.
CentOS/Fedora/RedHat
Add sudo privileges
usermod -a -G wheel LinuxUsername
remove
sudo deluser username wheel
Ubuntu/Debian
Add sudo privileges
usermod -a -G sudo LinuxUsername
remove
sudo deluser username sudo
sudo apt-get install build-essential make gcc g++
Other things to install
sudo apt-get install p7zip bzip2
Should be able to get all the dependencies for MXE in one go by running
sudo apt-get install -y autoconf automake bison make build-essential gcc g++ python intltool libgdk-pixbuf2.0-0 libtool-bin p7zip-full
Full requirements are listed at the following url.
https://mxe.cc/#requirements
Don’t know if this is the recommended way to delete a user, but it seems to work.
sudo service snmpd stop
Open up the snmpd.conf file in /var/lib and find the line with the SNMP user and delete the line
sudo vi /var/lib/snmp/snmpd.conf
The above file may be in the following location on RPM based systems.
sudo vi /var/lib/net-snmp/snmpd.conf
Save, exit, and start snmpd
sudo service snmpd start
These steps work for Ubuntu, but should work for any Debain based distro as well as CentOS, Fedora, RedHat etc.
Dig is a DNS lookup utility. It is included in most Linux distributions by default, but if it isn’t you can easily install dig with the following command.
The dig utility is apart of the dnsutils package
sudo apt-get install dnsutils -y
After it is installed, we can verify that it is working with
dig -v
For more information on how to use dig, refer to the following link.
https://www.howtogeek.com/663056/how-to-use-the-dig-command-on-linux/
The following is copied and pasted from the dig man page.
NAME
dig - DNS lookup utility
SYNOPSIS
dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-m] [-p port#] [-q name]
[-t type] [-v] [-x addr] [-y [hmac:]name:key] [[-4] | [-6]] [name] [type] [class]
[queryopt...]
dig [-h]
dig [global-queryopt...] [query...]
DESCRIPTION
dig is a flexible tool for interrogating DNS name servers. It performs DNS lookups and
displays the answers that are returned from the name server(s) that were queried. Most DNS
administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use
and clarity of output. Other lookup tools tend to have less functionality than dig.
Although dig is normally used with command-line arguments, it also has a batch mode of
operation for reading lookup requests from a file. A brief summary of its command-line
arguments and options is printed when the -h option is given. Unlike earlier versions, the
BIND 9 implementation of dig allows multiple lookups to be issued from the command line.
Unless it is told to query a specific name server, dig will try each of the servers listed
in /etc/resolv.conf. If no usable server addresses are found, dig will send the query to the
local host.
When no command line arguments or options are given, dig will perform an NS query for "."
(the root).
It is possible to set per-user defaults for dig via ${HOME}/.digrc. This file is read and
any options in it are applied before the command line arguments. The -r option disables this
feature, for scripts that need predictable behaviour.
The IN and CH class names overlap with the IN and CH top level domain names. Either use the
-t and -c options to specify the type and class, use the -q the specify the domain name, or
use "IN." and "CH." when looking up these top level domains.
SIMPLE USAGE
A typical invocation of dig looks like:
dig @server name type
where:
server
is the name or IP address of the name server to query. This can be an IPv4 address in
dotted-decimal notation or an IPv6 address in colon-delimited notation. When the
supplied server argument is a hostname, dig resolves that name before querying that name
server.
If no server argument is provided, dig consults /etc/resolv.conf; if an address is found
there, it queries the name server at that address. If either of the -4 or -6 options are
in use, then only addresses for the corresponding transport will be tried. If no usable
addresses are found, dig will send the query to the local host. The reply from the name
server that responds is displayed.
name
is the name of the resource record that is to be looked up.
type
indicates what type of query is required — ANY, A, MX, SIG, etc. type can be any valid
query type. If no type argument is supplied, dig will perform a lookup for an A record.
You can run all the commands from the terminal, or ssh into the server
See here if you need to setup SSH on the server.
Install prerequisites
sudo apt-get install mongodb mongodb-server openjdk-8-jre-headless jsvc
Download UniFi Video installer
Note the Debian package works on Ubuntu, and has been tested on the latest Ubuntu
wget https://dl.ubnt.com/firmwares/ufv/v3.8.5/unifi-video.Debian7_amd64.v3.8.5.deb
Install package
sudo dpkg -i unifi-video.Debian7_amd64.v3.8.5.deb
Login to the UniFi Video controller using your web browser and going to the following address to finish configuring the NVR.
https://your-server-address:7443
Debian / Ubuntu
sudo apt-get install -y openssh-server
RPM based Distros, Fedora / CentOS / RedHat
sudo dnf install -y openssh-server
or use yum
sudo yum install -y openssh-server
Start ssh service
sudo systemctl start sshd
By default the SSH service should start when the system starts, but if not try the following command to enable the service on boot up.
Debian / Ubuntu
systemctl enable ssh
Fedora, CentOS, RedHat
systemctl enable sshd
Change SSH port
Not necessary, but it is a good idea to change the default ssh port. To change the port edit the sshd file.
vi /etc/ssh/sshd_config
If you change the port, you’ll need to allow it in the firewall (firewalld, iptables) and if SELinux is enabled, semanage.