Nessus installtion and configuration on centos 6.x

Nessus is a tool that automates the process of scanning the remote host or Network for vulnerabilities. Here i have shown how to install and configure Nessus home edition.

You can download nessus home edition from official website link

Nessus Installation

To install the nessus using rpm command

[root@monitoring ~]# rpm -ivh Nessus-6.4.3-es6.x86_64.rpm
warning: Nessus-6.4.3-es6.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 1c0c4a5d: NOKEY
Preparing...                ########################################### [100%]
   1:Nessus                 ########################################### [100%]
Unpacking Nessus Core Components...
nessusd (Nessus) 6.4.3 [build M20035] for Linux
Copyright (C) 1998 - 2015 Tenable Network Security, Inc

Processing the Nessus plugins...
[##################################################]

All plugins loaded (1sec)
 - You can start Nessus by typing /sbin/service nessusd start
 - Then go to https://monitoring:8834/ to configure your scanner

[root@monitoring ~]#

Start the nessus service using "nessusd" daemon.

[root@monitoring ~]# service nessusd start
Starting Nessus services:                                  [  OK  ]

Nessus Configuration

Now open to browser and type https://monitoring:8834/  or
 https://10.177.7.7:8834/

Nessus by default will open secure protocol "https". So click " I understand the risks" option to continue

Click "confirm security exception" in the above prompt  to continue

just click continue in above prompt

Here you should give the username and password for administrator account in the Nessus home. then click continue

Above prompt select Nessus (Home, professional or Management) in the registration filed and give nessuss home activation code in the activation code filed. you will get the activation code after registration( for registration click this  link ) only. Click to continue

Finally you will get the nessus login screen like above window.

After successful login you will get the nessus dashboard screen.

Splunk Installation on Centos

Here i have shown how to install Splunk.


You can download free version (upto 500MB/per day) of the Splunk from official website link.

Here already i have download , extracted and moved under /opt/ directory.

Goto splunk bin directory and start the splunk service with license agreement



[root@monitoring ]# cd /opt/splunk/bin


[root@monitoring bin]# ./splunk start --accept-license

This appears to be your first time running this version of Splunk.
Copying '/opt/splunk/etc/openldap/ldap.conf.default' to '/opt/splunk/etc/openldap/ldap.conf'.
Generating RSA private key, 1024 bit long modulus
............++++++
......++++++
e is 65537 (0x10001)
writing RSA key

Generating RSA private key, 1024 bit long modulus
..........................++++++
....................++++++
e is 65537 (0x10001)
writing RSA key

Moving '/opt/splunk/share/splunk/search_mrsparkle/modules.new' to '/opt/splunk/share/splunk/search_mrsparkle/modules'.

Splunk> Australian for grep.

Checking prerequisites...
    Checking http port [8000]: open
    Checking mgmt port [8089]: open
    Checking appserver port [127.0.0.1:8065]: open
    Checking kvstore port [8191]: open
    Checking configuration...  Done.
        Creating: /opt/splunk/var/lib/splunk
        Creating: /opt/splunk/var/run/splunk
        Creating: /opt/splunk/var/run/splunk/appserver/i18n
        Creating: /opt/splunk/var/run/splunk/appserver/modules/static/css
        Creating: /opt/splunk/var/run/splunk/upload
        Creating: /opt/splunk/var/spool/splunk
        Creating: /opt/splunk/var/spool/dirmoncache
        Creating: /opt/splunk/var/lib/splunk/authDb
        Creating: /opt/splunk/var/lib/splunk/hashDb
    Checking critical directories...    Done
    Checking indexes...
        Validated: _audit _blocksignature _internal _introspection _thefishbucket history main summary
    Done
New certs have been generated in '/opt/splunk/etc/auth'.
    Checking filesystem compatibility...  Done
    Checking conf files for problems...
    Done
All preliminary checks passed.

Starting splunk server daemon (splunkd)... 
Generating a 1024 bit RSA private key
.....................++++++
...++++++
writing new private key to 'privKeySecure.pem'
-----
Signature ok
subject=/CN=monitoring/O=SplunkUser
Getting CA Private Key
writing RSA key
Done
                                                           [  OK  ]

Waiting for web server at http://127.0.0.1:8000 to be available.... Done


If you get stuck, we're here to help. 
Look for answers here: http://docs.splunk.com

The Splunk web interface is at http://monitoring:8000

Now go to the browser and type http://127.0.0.1:8000  or http://ipaddress:8000. my machine ip address 10.177.7.7.

You should change the password at the first time login of splunk.

After successful login you will get the Splunk dashboard

HTML to PDF Conversion using "wkhtmltopdf" on Linux

We can convert html to pdf using wkhtmltopdf.

You can download "wkhtmltox"  from official website http://wkhtmltopdf.org/downloads.html

Here i downloaded Centos 64bit.

[root@sysads ~]# wget http://download.gna.org/wkhtmltopdf/0.12/0.12.2.1/wkhtmltox-0.12.2.1_linux-centos6-amd64.rpm

Install wkhtmltox using rpm command

First you need to install xorg-x11-fonts-75dpi dependencies package.

[root@sysads ~]# yum install xorg-x11-fonts-75dpi

 [root@sysads ~]# rpm -ivh wkhtmltox-0.12.2.1_linux-centos6-amd64.rpm
Preparing...                ########################################### [100%]
   1:wkhtmltox              ########################################### [100%]
[root@sysads ~]#

Now you can able to convert HTML to PDF format


[root@sysads ~]# wkhtmltopdf /home/sysads/Desktop/owasp_scan_report/test.html /home/sysads/Desktop/owasp_scan_report/test.pdf
Loading pages (1/6)
Counting pages (2/6)                                              
Resolving links (4/6)                                                      
Loading headers and footers (5/6)                                          
Printing pages (6/6)
Done                                                                           
[root@sysads ~]#

Ethernet Network device not managed on Ubuntu 14.10

Today i installed ubuntu 14.10 in my machine but after installation the Device Manager says "device not managed".

i found wired network is not managed by NetworkManager. I enable wired network settings on NetworkManager by changing "managed=false" to "managed=true" in /etc/NetworkManager/NetworkManager.conf.

root@manivel:~# vim /etc/NetworkManager/NetworkManager.conf

[main]
plugins=ifupdown,keyfile,ofono
dns=dnsmasq

[ifupdown]
managed=true

after that i restarted the network manager service using below command

root@manivel:~# service network-manager restart

or

root@manivel:~# ifdown eth0

root@manivel:~# ifup eth0

finally i got Ethernet network connection.

Postfix Restrict Recipients

Here i have shown how to restrict recipients on postfix

Edit the postfix main configuration file /etc/postfix/main.cf


[root@server ~]# vim /etc/postfix/main.cf


smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/access_recipient, reject_unauth_destination


Create a file /etc/postfix/access_recipient and add below content

[root@server ~]# vim /etc/postfix/access_recipient

test@manivel.com                REJECT
webadmin@manivel.com      OK

Now run postmap command for creating postfix lookup table i.e .db file

[root@server ~]# postmap /etc/postfix/access_recipient


Finally restart the postfix service

[root@server ~]# service postfix restart