Skip to content

Instantly share code, notes, and snippets.

pulketo

Block or report user

Report or block pulketo

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@pulketo
pulketo / gist:6d57680be2250a18241aaf32f24da780
Created Feb 21, 2020
ssh_exchange_identification: read: Connection reset by peer
View gist:6d57680be2250a18241aaf32f24da780
ssh_exchange_identification: read: Connection reset by peer
!! reboot !!
@pulketo
pulketo / gist:ed367853085fef13133e3c29cc0b6fca
Created Feb 19, 2020
php-fpm getaddrinfo Name or service not known
View gist:ed367853085fef13133e3c29cc0b6fca
Getting this error on: php-fpm*.log
[19-Feb-2020 13:14:52] ERROR: getaddrinfo: Name or service not known
[19-Feb-2020 13:14:52] ERROR: FPM initialization failed
------------------------
Happens to be coz: /etc/php/7.3/fpm/pool.d/www.conf
...
...
listen = :9000
...
View gist:23ebdb0bbef7b1adacfee993837d96dd
----------------------------------------------------------------------------
Seguridad
Daniel Guerrero
Hardening Servidores
Exámen, Practicas, Proyecto y Tareas: %25
View gist:3751924126377c333466d04fad6167fe
Hardening
+->Firewalld
+->permisos de usuarios
Auditoria
+->tlog
+->lastcomm
iSCSI
+->Procedimientos
+->Servicios
+->Reglas
View gist:13a3943a756607305e379229d20ebfa9
Para que los archivos se vayan a un "agujero negro"
- se pueden crear directorios que persistan
- se pueden crear archivos que si se escriban realmente (whitelist)
- a los archivos si se los carga san platano
https://github.com/abbbi/nullfsvfs
@pulketo
pulketo / gist:751d3f332880af193bb9318c315a87ca
Created Jan 18, 2020
AIDE (evitar manipulacion de info)
View gist:751d3f332880af193bb9318c315a87ca
Checar manipulación de informacion
AIDE
/etc/aide.conf
aide --create
mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
aide --check
psacct, aide
View gist:6002fa5a06084a27b9dd711932bfb0c9
ssh y login
+->Cambiar puerto SSH
/etc/ssh/sshd_config -> Port 2222
Agregar regla a SElinux:
+->semanage port -a -t ssh_port_t -p tcp 2222
Agregar regla firewall
+->firewall-cmd --permanent --add-port=2222/tcp
+->firewall-cmd --reload
+->Tiempo de logueo maximo
/etc/ssh/sshd_config -> LoginGraceTime 1m
View gist:80d00b2923494124269b02899f80589c
Políticas de contraseñas:
cracklib, para que las contraseñas sean seguras:
prioridades para chequeo de contraseñas:
1. /etc/security/pwquality.conf
2. módulo pam.d
Ver las variables en: https://linux.die.net/man/8/pam_cracklib
cat /etc/security/pwquality.conf | grep -v '^#'
View gist:6df76646492c4d4c24e06766145ee5e6
Falta borrar comandos de más
Configurando i-SCSI en Centos 7
Guia: https://www.thegeekdiary.com/complete-guide-to-configuring-iscsi-in-centos-rhel-7/
targetcli
ls
SERVIDOR:
$ ssh pk@192.168.0.110
pk@192.168.0.110's password:
@pulketo
pulketo / gist:42da227d55290e1af7a3ef03859c8ca7
Created Jan 17, 2020
Invertir el scrolleo del touchpad (a dos dedos)
View gist:42da227d55290e1af7a3ef03859c8ca7
lista: gsettings list-recursively org.gnome.desktop.peripherals.touchpad
Setea:
gsettings set org.gnome.desktop.peripherals.touchpad natural-scroll true
You can’t perform that action at this time.