Systemd Vulnerable to DNS Attacks

Systemd, the Linux world’s favorite init monolith, can be potentially crashed or hijacked by malicious DNS servers. Patches are available to address the security flaw, and should be installed ASAP if you’re affected.
Continue reading Systemd Vulnerable to DNS Attacks

Linux Malware Mines for Cryptocurrency Using Raspberry Pi Devices

A Linux trojan detected under the generic name of Linux.MulDrop.14 is infecting Raspberry Pi devices with the purpose of mining cryptocurrency.

According to Russian antivirus maker Dr.Web, the malware was first spotted online in the second half of May in the form of a script that contains a compressed and encrypted application.

Experts say the initial infection takes place when Raspberry Pi operators leave their devices’ SSH ports open to external connections.

Once a Raspberry Pi device is infected, the malware changes the password for the “pi” account to:

\$6\$U1Nu9qCp\$FhPuo8s5PsQlH6lwUdTwFcAUPNzmr0pWCdNJj.p6l4Mzi8S867YLmc7BspmEH95POvxPQ3PzP029yT1L3yi6K1

Read the full article here

grub-pc (2.02~beta2-36ubuntu3.10)

I’m running an Ubuntu server and the other day while running updates I started getting the following error:

Setting up grub-pc (2.02~beta2-36ubuntu3.10) ...
/var/lib/dpkg/info/grub-pc.postinst: line 703: syntax error near unexpected token `fi'
dpkg: error processing package grub-pc (--configure):
 subprocess installed post-installation script returned error exit status 2
Errors were encountered while processing:
 grub-pc
E: Sub-process /usr/bin/dpkg returned an error code (1)

Opening /var/lib/dpkg/info/grub-pc.postinst I found:

        if dpkg --compare-versions "$2" lt-nl 2.02~beta2-36ubuntu3.10 then
          if [ -e "/boot/efi/EFI/${bootloader_id}/fbx64.efi" ]; then
            rm -f "/boot/efi/EFI/${bootloader_id}/fbx64.efi";
          fi
        fi

There was a missing semicolon in the first line and that’s what was breaking my update. I updated it and the error went away:

        if dpkg --compare-versions "$2" lt-nl 2.02~beta2-36ubuntu3.10; then
          if [ -e "/boot/efi/EFI/${bootloader_id}/fbx64.efi" ]; then
            rm -f "/boot/efi/EFI/${bootloader_id}/fbx64.efi";
          fi
        fi

Google Chrome – Your Preferences cannot be read

Logged into my Linux computer today and got this error as I tried to start Chrome. Tried the basics and it did not work, searched Google and saw many others having this same issue so I decided to document the process of fixing this issue here. I’ll start with the basic stuff first then will get into the more detailed steps.
Continue reading Google Chrome – Your Preferences cannot be read

Installing Linux Kernel v4.10

I started using CentOS over several other Distros that I have been testing ever the years. I still have an Ubuntu laptop just to keep up to date with things seeing that it’s one of the most popular ones.

I’ve covered installing Kernels before but I wanted to refresh that topic and include how to do it on CentOS.

Continue reading Installing Linux Kernel v4.10

Activate Ubuntu login sound

I miss some things from the old Ubuntu releases and one of those things is the login sound. I found it still included but not active, here is how to re-activate it if you want to have some nostalgia…

  • Cling on the Ubuntu Launcher
  • Search for and launch Startup Applications
  • Click Add
  • Add the following lines:
    • Name: Login Sound
    • Command: paplay /usr/share/sounds/ubuntu/stereo/desktop-login.ogg
    • Comment: Play Login Sound
  • Click Save
  • Restart your computer

If you just want to hear it without having it load every time you login check, here ya go.

ttf-mscorefonts-installer fails to install/upgrade

In the article on What to do after installing Ubuntu 16.04 we went over installing some things to the default Ubuntu install and it seems one of the processes needs the ttf-mscorefonts-installer package. Well, it seems that something is broken in that process and this article will cover how to fix it and get your system back to full throttle…

What’s the error?

Here is what I’ve seen, sometimes it happens with different fonts as well.

ttf-mscorefonts-installer: downloading http://downloads.sourceforge.net/corefonts/andale32.exe
 Get:1 http://downloads.sourceforge.net/corefonts/andale32.exe [198 kB]
 Fetched 198 kB in 12s (15.8 kB/s)
 ttf-mscorefonts-installer: downloading http://downloads.sourceforge.net/corefonts/arial32.exe
 Get:1 http://downloads.sourceforge.net/corefonts/arial32.exe
 Fetched 552 B in 11s (47 B/s)

E: Failed to fetch http://downloads.sourceforge.net/corefonts/arial32.exe Hash Sum mismatch

E: Download Failed
 Setting up ttf-mscorefonts-installer (3.4+nmu1ubuntu2) ...

Continue reading ttf-mscorefonts-installer fails to install/upgrade

What to do after installing Ubuntu 16.04 Xenial Xerus

I never use anything but LTS if and when I put Ubuntu on my machines so I will not cover 15.10 or 16.10. These are some of the things to do right after installing Ubuntu on your computer.

Important:
This is not an exhaustive list nor is it the only things to do. If you have anything to add, please leave a comment below.

Most of these steps will be terminal based so start up a terminal. Press the super key (the Key Formerly Known as the Windows Key) to bring up the Unity dash. Then, type in terminal and choose the icon for the terminal program.

Continue reading What to do after installing Ubuntu 16.04 Xenial Xerus

Linux Kernel Zero Day Vulnerability CVE-2016-0728

This vulnerability has existed since 2012 and it affects Android and Linux systems running Linux Kernel version 3.8+, and Linux server or desktop running kernel 3.8+ is vulnerable.

As of the date of disclosure, this vulnerability has implications for approximately tens of millions of Linux PCs and servers, and 66 percent of all Android devices (phones/tablets).

How do I fix this?

First some background on what the CVE-2016-0728 bug is. From the Perception Point Research Team

CVE-2016-0728 is caused by a reference leak in the keyrings facility. Before we dive into the details, let’s cover some background required to understand the bug. It can successfully escalates privileges from a local user to root.

Continue reading Linux Kernel Zero Day Vulnerability CVE-2016-0728

Monitoring an Outlook Web Access site with Nagios

This is actually a really old post that I had done on another site and wanted to share it here in case it would help anyone. We have the code on GitHub should you want to fork it or collaborate to keep it updated to more recent versions of Nagios and Exchange.

I was tasked at work to devise a way to make our Exchange OWA site be monitored by our Nagios-3 servers. After several days and some hours of research, hoping that someone had already done it in hopes of making my life easier; I ended up with one script that basically combined php and curl. Being new to scripting it was most confusing and I ended up taking on the task to introduce myself to it.

Continue reading Monitoring an Outlook Web Access site with Nagios