Wednesday, August 21, 2019

Fedora 30 : Testing the Linux Malware Detect.

Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments.
This tool is provided by R-fx Networks.
Let's install and test it:
[mythcat@desk ~]$ wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
[mythcat@desk ~]$ tar -xf maldetect-current.tar.gz 
[mythcat@desk ~]$ cd maldetect-1.6.4/
[mythcat@desk maldetect-1.6.4]$ su
Password: 
[root@desk maldetect-1.6.4]# ./install.sh
Failed to enable unit: Unit file maldet.service does not exist.
Linux Malware Detect v1.6.4
            (C) 2002-2019, R-fx Networks <proj@r-fx.org>
            (C) 2019, Ryan MacDonald <ryan@r-fx.org>
This program may be freely redistributed under the terms of the GNU GPL

installation completed to /usr/local/maldetect
config file: /usr/local/maldetect/conf.maldet
exec file: /usr/local/maldetect/maldet
exec link: /usr/local/sbin/maldet
exec link: /usr/local/sbin/lmd
cron.daily: /etc/cron.daily/maldet
maldet(31046): {sigup} performing signature update check...
maldet(31046): {sigup} local signature set is version 201907043616
maldet(31046): {sigup} new signature set 2019081912001 available
maldet(31046): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
maldet(31046): {sigup} downloading https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
maldet(31046): {sigup} verified md5sum of maldet-sigpack.tgz
maldet(31046): {sigup} unpacked and installed maldet-sigpack.tgz
maldet(31046): {sigup} verified md5sum of maldet-clean.tgz
maldet(31046): {sigup} unpacked and installed maldet-clean.tgz
maldet(31046): {sigup} signature set update completed
maldet(31046): {sigup} 15552 signatures (12740 MD5 | 2035 HEX | 777 YARA | 0 USER)
[root@desk maldetect-1.6.4]# vim /usr/local/maldetect/conf.maldet
Change this row to scan_user_access=1
Now you can run it:
[mythcat@desk ~]$ /usr/local/sbin/maldet -a 
Linux Malware Detect v1.6.4
            (C) 2002-2019, R-fx Networks 
            (C) 2019, Ryan MacDonald 
This program may be freely redistributed under the terms of the GNU GPL v2

maldet(32628): {scan} signatures loaded: 15552 (12740 MD5 | 2035 HEX | 777 YARA | 0 USER)
maldet(32628): {scan} building file list for , this might take awhile...
maldet(32628): {scan} setting nice scheduler priorities for all operations: cpunice 19 , ionice 6
maldet(32628): {scan} file list completed in 13s, found 44109 files...
maldet(32628): {scan} scan of  (44109 files) in progress...

Tuesday, August 20, 2019

Fedora 30 : Install the last version of PHP.

I try to install the last version of PHP version 7.4.0beta2 with Fedora 30 distro the LXQt environment.
I have not used this programming language for a few years and it is a good issue to remember it.
I download teh archive from the official website and I run these commands:
[mythcat@desk ~]$ cd php/
[mythcat@desk php]$ tar -xf php-7.4.0beta2.tar.xz 
[mythcat@desk php]$ cd php-7.4.0beta2/
[mythcat@desk php-7.4.0beta2]$ ./configure --prefix=$HOME/local
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for a sed that does not truncate output... /usr/bin/sed
checking build system type... x86_64-pc-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
checking for pkg-config... /usr/bin/pkg-config
checking pkg-config is at least version 0.9.0... yes
checking for cc... no
checking for gcc... no
configure: error: in `/home/mythcat/php/php-7.4.0beta2':
configure: error: no acceptable C compiler found in $PATH
See `config.log' for more details
[mythcat@desk php-7.4.0beta2]$ vi config
[mythcat@desk php-7.4.0beta2]$ vi config
config.log    config.nice   configure     configure.ac  
[mythcat@desk php-7.4.0beta2]$ vi config.log 
Let's try to install all requests for compiler:
[root@desk home]# dnf groupinstall "Development Tools"
Let's see if these settings working well:
[root@desk home]# dnf groupinstall "Development Tools"
Waiting for process with pid 4373 to finish.
[root@desk home]# kill  -9 4373
[root@desk home]# dnf groupinstall "Development Tools"
...
Complete!
[root@desk home]# dnf install libxml2-devel.x86_64
...
Installed:
  libxml2-devel-2.9.9-2.fc30.x86_64                          xz-devel-5.2.4-5.fc30.x86_64
The last dnf command come with this output:
checking for sqlite3 > 3.7.4... no
configure: error: Package requirements (sqlite3 > 3.7.4) were not met:

Package 'sqlite3', required by 'virtual:world', not found

Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix. 
Let's test it with an old version of sqlite:
[root@desk home]# dnf install sqlite-devel.x86_64 
...
Installed:
  sqlite-devel-3.26.0-6.fc30.x86_64 
And is working well:
[mythcat@desk php-7.4.0beta2]$ ./configure --prefix=$HOME/local
...
config.status: executing default commands

+--------------------------------------------------------------------+
| License:                                                           |
| This software is subject to the PHP License, available in this     |
| distribution in the file LICENSE. By continuing this installation  |
| process, you are bound by the terms of this license agreement.     |
| If you do not agree with the terms of this license, you must abort |
| the installation process at this point.                            |
+--------------------------------------------------------------------+

Thank you for using PHP.

[mythcat@desk php-7.4.0beta2]$ make 
... 

Build complete.
Don't forget to run 'make test'.
[mythcat@desk php-7.4.0beta2]$ make install
...
[mythcat@desk php-7.4.0beta2]$ make test
...
FAILED TEST SUMMARY
---------------------------------------------------------------------
php://fd wrapper: invalid file descriptor [ext/standard/tests/file/php_fd_wrapper_04.phpt]
=====================================================================

You may have found a problem in PHP.
This report can be automatically sent to the PHP QA team at
http://qa.php.net/reports and http://news.php.net/php.qa.reports
This gives us a better understanding of PHP's behavior.
If you don't want to send the report immediately you can choose
option "s" to save it.  You can then email it to qa-reports@lists.php.net later.
Do you want to send this report now? [Yns]: s
sh: autoconf: command not found
Please send /home/mythcat/php/php-7.4.0beta2/php_test_results_20190819_2038.txt to qa-reports@lists.php.net 
manually, thank you.
make: *** [Makefile:201: test] Error 1
[mythcat@desk php-7.4.0beta2]$ export PATH=$HOME/local/bin:$PATH
[mythcat@desk php-7.4.0beta2]$ . ~/.bash_profile
[mythcat@desk php-7.4.0beta2]$ which php
~/local/bin/php
[mythcat@desk php-7.4.0beta2]$ php -v
PHP 7.4.0beta2 (cli) (built: Aug 19 2019 23:31:07) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0-dev, Copyright (c) Zend Technologies
Let's test it:
[mythcat@desk php-7.4.0beta2]$ php -i | grep 'API'
Server API => Command Line Interface
PHP API => 20190529
Zend Extension Build => API320190529,NTS
PHP Extension Build => API20190529,NTS
DOM/XML API Version => 20031129
Phar API version => 1.1.1
[mythcat@desk php-7.4.0beta2]$ echo '' > infophp.php
[mythcat@desk php-7.4.0beta2]$ php -f infophp.php 
phpinfo()
PHP Version => 7.4.0beta2

System => Linux desk 5.2.8-200.fc30.x86_64 #1 SMP Sat Aug 10 13:21:39 UTC 2019 x86_64
Build Date => Aug 19 2019 23:26:58
Configure Command =>  './configure'  '--prefix=/home/mythcat/local'
Server API => Command Line Interface
Virtual Directory Support => disabled
...
Use interactive mode and hit Ctr+D keys to run it:
[mythcat@desk php-7.4.0beta2]$ php -a
Interactive mode enabled


hello, world1636562552
I can see the compiled modules:
[mythcat@desk php-7.4.0beta2]$ php -m 
[PHP Modules]
Core
ctype
date
dom
fileinfo
filter
hash
iconv
json
libxml
pcre
PDO
pdo_sqlite
Phar
posix
Reflection
session
SimpleXML
SPL
sqlite3
standard
tokenizer
xml
xmlreader
xmlwriter

[Zend Modules]

Friday, August 16, 2019

Fedora 30 : First steps with Fedora and GitHub.

In this tutorial I will show you how you can use Fedora and your GitHub account for your projects.
Let's solve this issue in a simple way.
First, you need to install the git tool with dnf tool:
[root@desk mythcat]# dnf -y install git
Let's see the version of this tool with a regular user:
[mythcat@desk ~]$ git --version
git version 2.21.0
Let's set up the user for my GitHub account:
[mythcat@desk ~]$ git config --global user.name "catafest"
[mythcat@desk ~]$ git config --global user.email "catafest@yahoo.com"
You can see it later with this command:
[mythcat@desk ~]$ git config --list
[mythcat@desk ~]$ git config --global --list
I used this commands to create a folder for my git projects:
[mythcat@desk ~]$ mkdir project_github
[mythcat@desk ~]$ cd project_github/ 
Now I can download my GitHub project named flask_yt from here:
[mythcat@desk project_github]$ git clone https://github.com/catafest/flask_yt.git
Cloning into 'flask_yt'...
remote: Enumerating objects: 23, done.
remote: Counting objects: 100% (23/23), done.
remote: Compressing objects: 100% (19/19), done.
remote: Total 23 (delta 1), reused 14 (delta 0), pack-reused 0
Unpacking objects: 100% (23/23), done.
If you don't have one then you can create your new project on your GitHub account. Let's make some changes into README.md file:
[mythcat@desk project_github]$ cd flask_yt/
[mythcat@desk flask_yt]$ vim README.md 
...
Now I can use git tool:
[mythcat@desk flask_yt]$ git status
On branch master
Your branch is up to date with 'origin/master'.

Changes not staged for commit:
  (use "git add ..." to update what will be committed)
  (use "git checkout -- ..." to discard changes in working directory)

        modified:   README.md

no changes added to commit (use "git add" and/or "git commit -a")
[mythcat@desk flask_yt]$ git add *
[mythcat@desk flask_yt]$ git commit -m "first commit"
[master 56f1e53] first commit
 1 file changed, 1 insertion(+)
Now I can use my username and password from GitHub when I run this command:
[mythcat@desk flask_yt]$ git push origin master
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Delta compression using up to 2 threads
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 352 bytes | 352.00 KiB/s, done.
Total 3 (delta 1), reused 0 (delta 0)
remote: Resolving deltas: 100% (1/1), completed with 1 local object.
To https://github.com/catafest/flask_yt.git
   5ecffdd..56f1e53  master -> master 
The changes from README.md will be send to my GitHub website.

Wednesday, August 14, 2019

Fedora 30 : First steps with Fedora firewall.

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.[1] A firewall typically establishes a barrier between a trusted internal network and untrusted external network, such as the Internet.[2], see the wikipedia. In this short tutorial about the Fedora firewall subject, I will show you how you can use firewall commands to set it. The install is simple with dnf tool:
[root@desk mythcat]# dnf install firewalld firewall-config 
Let's start with the status of your firewall:
[root@desk mythcat]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
...
You can use start , restart or stop it.

[root@desk mythcat]# systemctl start firewalld
[root@desk mythcat]# systemctl restart firewalld
[root@desk mythcat]# systemctl stop firewalld
Let's see active zones:
[root@desk mythcat]# firewall-cmd --get-active-zones
We can see all active for public zone with:
[root@desk mythcat]# firewall-cmd --zone=public --list-all
We can see all ports for public zone:
[root@desk mythcat]# firewall-cmd --zone=public --list-ports 
These commands are used for add and remove ports:
[root@desk mythcat]# firewall-cmd --permanent --zone=public --add-port=80/tcp
[root@desk mythcat]# firewall-cmd --permanent --zone=public --remove-port=80/tcp
Let's see services:
[root@desk mythcat]# firewall-cmd --get-services 
RH-Satellite-6 amanda-client amanda-k5-client amqp amqps apcupsd audit bacula bacula-client 
bgp bitcoin bitcoin-rpc bitcoin-testnet bitcoin-testnet-rpc ceph ceph-mon cfengine cockpit 
condor-collector ctdb dhcp dhcpv6 dhcpv6-client distcc dns docker-registry docker-swarm 
dropbox-lansync elasticsearch etcd-client etcd-server finger freeipa-ldap freeipa-ldaps 
freeipa-replication freeipa-trust ftp ganglia-client ganglia-master git gre high-availability 
http https imap imaps ipp ipp-client ipsec irc ircs iscsi-target isns jenkins kadmin kerberos 
kibana klogin kpasswd kprop kshell ldap ldaps libvirt libvirt-tls lightning-network llmnr 
managesieve matrix mdns minidlna mongodb mosh mountd mqtt mqtt-tls ms-wbt mssql murmur mysql 
nfs nfs3 nmea-0183 nrpe ntp nut openvpn ovirt-imageio ovirt-storageconsole ovirt-vmconsole 
plex pmcd pmproxy pmwebapi pmwebapis pop3 pop3s postgresql privoxy proxy-dhcp ptp pulseaudio
 puppetmaster quassel radius redis rpc-bind rsh rsyncd rtsp salt-master samba samba-client 
samba-dc sane sip sips slp smtp smtp-submission smtps snmp snmptrap spideroak-lansync squid 
ssh steam-streaming svdrp svn syncthing syncthing-gui synergy syslog syslog-tls telnet tftp 
tftp-client tinc tor-socks transmission-client upnp-client vdsm vnc-server wbem-http 
wbem-https wsman wsmans xdmcp xmpp-bosh xmpp-client xmpp-local xmpp-server zabbix-agent 
zabbix-server
Let's add and remove one service named ftp:
[root@desk mythcat]# firewall-cmd --zone=public --add-service=ftp
[root@desk mythcat]# firewall-cmd --zone=public --remove-service=ftp
Let's see all running services:
[root@desk mythcat]# firewall-cmd --zone=public --list-services
If you want to block/unblock any incoming or outgoing connections then use this:
[root@desk mythcat]# firewall-cmd --panic-on
[root@desk mythcat]# firewall-cmd --panic-off 
For example, after you use panic-on then you can check with this:
[root@desk mythcat]# ping google.com -c 1
[root@desk mythcat]# firewall-cmd --query-panic
[root@desk mythcat]# firewall-cmd --panic-off
You can masquerade your IP address with:
[root@desk mythcat]# firewall-cmd --zone=external --query-masquerade
Another example: we can forward all tcp port 80 connections to IP 6.6.6.6 :
[root@desk mythcat]# firewall-cmd --zone=public --add-forward-port=port=80:proto=tcp:toaddr=6.6.6.6
Let's see ICMP:
[root@desk mythcat]# firewall-cmd --get-icmptypes
address-unreachable bad-header beyond-scope communication-prohibited destination-unreachable 
echo-reply echo-request failed-policy fragmentation-needed host-precedence-violation 
host-prohibited host-redirect host-unknown host-unreachable ip-header-bad 
neighbour-advertisement neighbour-solicitation network-prohibited network-redirect 
network-unknown network-unreachable no-route packet-too-big parameter-problem 
port-unreachable precedence-cutoff protocol-unreachable redirect reject-route 
required-option-missing router-advertisement router-solicitation source-quench 
source-route-failed time-exceeded timestamp-reply timestamp-request tos-host-redirect 
tos-host-unreachable tos-network-redirect tos-network-unreachable 
ttl-zero-during-reassembly ttl-zero-during-transit unknown-header-type 
unknown-option
We can use it for block or not the echo:
[root@desk mythcat]# firewall-cmd --zone=external --query-icmp-block=echo-reply
[root@desk mythcat]# firewall-cmd --zone=external --add-icmp-block=echo-reply
[root@desk mythcat]# firewall-cmd --direct --get-rules ipv4 filter IN_public
[root@desk mythcat]# firewall-cmd --direct --add-rule ipv4 filter IN_public_allow 
...
I cannot show you a magic rule because this depends by your network and your software. You can use this command to see all into a graphic interface.
[root@desk mythcat]# firewall-config
This will give a good image of your firewall settings.

Monday, August 12, 2019

Fedora 30 : First step with Ionic.

My laptop is crash and is hard for me to write tutorials for me.
The last tutorial I created with Fedora 30 is about Ionic.
You can read this tutorial here.

Friday, August 9, 2019

Fedora 30 : The VS Code on Fedora.

The Visual Studio Code editor is officially distributed as a Snap package in the Snap Store.
It runs well on the Fedora distro, but with my Window operating system is crash often.
I like to develop my python projects like Flask and Django with this editor.
You can install it very easy on Fedora with the dnf tool:
[mythcat@desk ~]# dnf check-update
[mythcat@desk ~]# dnf update
[mythcat@desk ~]# exit
[mythcat@desk ~]$ sudo dnf install code
[sudo] password for mythcat: 
...
Is this ok [y/N]: y
...
Installed:
  code-1.37.0-1565228125.el7.x86_64
For Snap install you can use this command:
sudo snap install --classic code
Let's run it with:
[mythcat@desk ~]$ code
You can find many videos about this editor at official YouTube channel.
The result of my installation on Fedora 30 distro can be seen at this screenshot:

Tuesday, August 6, 2019

Fedora 30 : The gpg tool.

GnuPG allows you to encrypt and sign your data and communications; it features a versatile key management system, along with access modules for all kinds of public key directories. see the official webpage.
Today I test it with Fedora 30 distro and works well.
You can find this tool in many Linux distros.
Let's install it with dnf tool.
[root@desk mythcat]# dnf install gnupg
Last metadata expiration check: 0:18:30 ago on Tue 06 Aug 2019 11:07:20 AM EEST.
Package gnupg2-2.2.17-1.fc30.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@desk mythcat]# exit
exit
This tool can be run with the gpg command and arguments: Let's see some example:
[mythcat@desk ~]$ gpg --list-secret-keys
[mythcat@desk ~]$ gpg --list-keys
[mythcat@desk ~]$ gpg --full-generate-key
gpg (GnuPG) 2.2.17; Copyright (C) 2019 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
        = key expires in n days
      w = key expires in n weeks
      m = key expires in n months
      y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: Catalin George Festila
Email address: catafest@yahoo.com
Comment: test gpg key 
You selected this USER-ID:
...
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

Enter password for protection

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
... 
This command is normally only used interactive to generate a new key pair.
[mythcat@desk ~]$ gpg --gen-key
gpg (GnuPG) 2.2.17; Copyright (C) 2019 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: 
... 
Let's see the list with the keys:
[mythcat@desk ~]$ gpg --list-keys
/home/mythcat/.gnupg/pubring.kbx
--------------------------------
The key can be exported in a binary format with this command:
[mythcat@desk ~]$ gpg --output mythcat --export catafest@yahoo.com
When the key is to be sent through email or published on a web page will can use a command-line option --armor.
[mythcat@desk ~]$ gpg --armor --export catafest@yahoo.com > catafest.key
Let's see this key:
[mythcat@desk ~]$ cat catafest.key 
...
Now If you can see the new key:
[mythcat@desk ~]$ gpg --list-keys
/home/mythcat/.gnupg/pubring.kbx
-------------------------------- 
I can edit this key:
[mythcat@desk ~]$ gpg --edit-key catafest@yahoo.com
gpg (GnuPG) 2.2.17; Copyright (C) 2019 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.
...
gpg> ?
quit        quit this menu
save        save and quit
help        show this help
fpr         show key fingerprint
grip        show the keygrip
...
enable      enable key
disable     disable key
showphoto   show selected photo IDs
clean       compact unusable user IDs and remove unusable signatures from key
minimize    compact unusable user IDs and remove all signatures from key
...
The key can be import and export it:
[mythcat@desk ~]$ gpg --export -a catafest >  catafest_public.key
[mythcat@desk ~]$ gpg --import -a catafest_public.key 
...
gpg: Total number processed: 1
gpg:              unchanged: 1
Let's see one example with encrypt and decrypt feature:
[mythcat@desk ~]$ echo "test gpg encrypt" >> gpgtest.txt
[mythcat@desk ~]$ gpg -e -r "catafest" gpgtest.txt 
[mythcat@desk ~]$ gpg -d  gpgtest.txt.gpg 
...
test gpg encrypt
Another example is encrypt and decrypt using aditional arguments like --batch and --passphrase-file:
[mythcat@desk ~]$ gpg --export --armor --output catafest.asc catafest@yahoo.com
[mythcat@desk ~]$ gpg --import catafest.asc 
...
gpg: Total number processed: 1
gpg:              unchanged: 1
[mythcat@desk ~]$ echo "this text will be encrypt and decrypt" | gpg --passphrase-file catafest.asc 
--batch --symmetric --cipher-algo AES256 > testgpg_001.txt
[mythcat@desk ~]$ gpg --batch --passphrase-file catafest.asc -d testgpg_001.txt
gpg: AES256 encrypted data
gpg: encrypted with 1 passphrase
this text will be encrypt and decrypt