THE ADMIN's LAB : 2018

Sunday 18 November 2018

VMW3- HOW TO ADD ESXi/HOST’S TO vCenter

HOW TO ADD ESXi/HOST’S TO vCenter

We can connect all Hosts/ESXi individually and manage as well, if it is possible then why to add them in vCenter?

Just imagine a setup where 10 hosts are carrying several VM’s, then imagine to log in every host and manage them. How it feels?

Scary !!! isn’t it?

What is the first question coming in mind? How great it would be if I can manage all of them from one place, Right!!! Yes…… Exactly,

VMW2- ESXi 6.5 INSTALLATION

ESXi 6.5 INSTALLATION

Open Vmware Workstation, go to

File è New Virtual Machine è Custom (Advanced)

Now do as given in following snapshots,

VMW1- vCenter 6.5 INSTALLATION IN WINDOWS

vCenter 6.5 INSTALLATION IN WINDOWS

First install windows 2012

Following is setting of my Windows 2012 in vmware workstation,

50 SECURITY & HARDENING (BASICS) -P5 (LOGS & LOG FILES SECURITY)

LINUX- 50 SECURITY & HARDENING (BASICS) -P5

IN LINUX (RHEL6 & RHEL7),

USER/LOGIN SECURITY

NETWORK SECURITY

FILE / OPERATING SYSTEM SECURITY

PHYSICAL SECURITY

LOG EVERYTHING

LOG FILE SECURITY

We already covered USER, NETWORK, FILE/OPERATING SYSTEM SECURITY and PHYSICAL SECURITY.

Now it’s time to collect & secure evidence.

LOG EVERYTHING

LINUX- 49 SECURITY & HARDENING (BASICS) -P4 (PHYSICAL SECURITY)

LINUX- 49 SECURITY & HARDENING (BASICS) -P4

IN LINUX (RHEL6 & RHEL7),

USER/LOGIN SECURITY

NETWORK SECURITY

FILE / OPERATING SYSTEM SECURITY

PHYSICAL SECURITY

LOG EVERYTHING

LOG FILE SECURITY

We already covered USER, NETWORK, & FILE/OPERATING SYSTEM SECURITY. Let’s start with PHYSICAL SECURITY.

User/Network/File & Operating system security is already implemented, then why physical security is required?

48 SECURITY & HARDENING (BASICS) -P3 (FILE/OPERATING SYSTEM SECURITY)

LINUX- 48 SECURITY & HARDENING (BASICS) -P3

IN LINUX (RHEL6 & RHEL7),

USER/LOGIN SECURITY

NETWORK SECURITY

FILE / OPERATING SYSTEM SECURITY

PHYSICAL SECURITY

LOG EVERYTHING

LOG FILE SECURITY

We already covered USER SECURITY & NETWORK SECURITY. Let’s start FILE & OPERATING SYSTEM SECURITY.

LINUX- 47 SECURITY & HARDENING (BASICS) -P2 (NETWORK SECURITY)

LINUX- 47 SECURITY & HARDENING (BASICS) -P2

LINUX (RHEL6 & RHEL7),

USER/LOGIN SECURITY

NETWORK SECURITY

FILE / OPERATING SYSTEM SECURITY

PHYSICAL SECURITY

LOG EVERYTHING

LOG FILE SECURITY

We already covered USER SECURITY, Next is NETWORK SECURITY.

Once we connect to Network, it is now open for entire world. And we are not supposed to open for all, only trusted connections should be allowed.

LINUX- 46 SECURITY & HARDENING (BASICS) -P1 (USER SECURITY)

LINUX- 46 SECURITY & HARDENING (BASICS) -P1

IN LINUX (RHEL6 & RHEL7),

WHAT IS SECURITY?

As I know, to protect something from unwanted or unauthorized access is security. Whatever is unauthorized its illegal because its done without my consent.

It’s a generalized statement. But very true in all aspects to secure our belongings from harm/damage.

Same is applicable here in case of our Systems.

Area of Concern,

USER/LOGIN SECURITY

NETWORK SECURITY

FILE / OPERATING SYSTEM SECURITY

PHYSICAL SECURITY

LOG EVERYTHING

LOG FILE SECURITY

45 - SNMP BASICS -P2

45 - SNMP BASICS -P2

Other post under SNMP-Basics
SNMP-BASICS P1

HOW TO INSTAALL AND CONFIGURE SNMP IN LINUX (RHEL6 & RHEL7),

The purpose of installing SNMP (Simple Network Transfer Protocol) is to monitor host resources like CPU, Memory, Network and Disk Utilization etc.

Required Packages,

net-snmp, net-snmp-libs, net-snmp-utils

44 - SNMP BASICS -P1

44 - SNMP BASICS -P1

Other post under SNMP-Basics
SNMP-BASICS P2

WHAT IS SNMP AND Its SIGNIFICANCE,

SNMP: SIMPLE NETWORK MANAGEMENT PROTOCOL

SNMP is an Application Layer protocol created in 1989.

SNMP used to manage and monitor network elements and their functions. In simple it is the standard way of monitoring hardware and software (Multivendor).

SNMP is part of TCP/IP protocol suite.

SNMP supports multivendor Hardware/software (NAS, routers, hubs, bridges, IoT devices, wireless access points, switches, servers (UNIX/Windows), workstations, printers, modems and other network components and devices) compatibility.

SNMP based on simple client/server architecture (where the servers called managers and clients are agents).

SNMP collects information on IP networks.

SNMP uses UDP as the Transfer Protocol.

SNMP uses Port 161 (UDP): Agent listens for requests and replies to them over port 161

SNMP TRAPS uses Port 162 (UDP): Agent reports asynchronous traps on port 162, unless instructed to use different ports

LINUX- 42 TCPDUMP -P2

LINUX- 42 TCPDUMP -P2

TCPDUMP Part1
TCPDUMP-P1

WHAT IS TCPDUMP AND Its SIGNIFICANCE,

In previous post we learned about various switches used with tcpdump and here we will learn about expressions with tcpdump.

Type / Direction / Protocol

TYPE: host, net & port

DIRECTION: src & dst

PROTOCOL: tcp, udp, icmp, arp ……and more

TYPE:

LINUX- 42 TCPDUMP -P1

LINUX- 42 TCPDUMP -P1

TCPDUMP Part2
TCPDUMP-P2

WHAT IS TCPDUMP AND Its SIGNIFICANCE,

A Packet Sniffer or Network Analyzer or Trace Network traffic

Or Simply answer of Wireshark by UNIX.

Different parameters can be assigned to tcpdump for various results.

It works at Network layer and we know that network traffic travels in packets. Each packet having header which contains information which need to travel them across network. Most valuable info carried by TCP Header is source & destination address, state info and protocol identifiers. Rest of packet contains actual data.

LINUX- 41 AUDIT (RHEL-7) P4

LINUX- 41 AUDIT (RHEL-7) P4

Other Posts under audit,
Auditd P1
Auditd P2
Auditd P3

HOW TO REPORT & TRACE AUDIT LOGS:

There are three commands,

ausearch = to query audit logs, various criteria’s can be applied.

aureport = for summary report

autrace = to generate audit records from a specific process

All above commands can run by “root” only.

aureport

tool that produces summary reports of the audit system logs from /var/log/audit/audit.log

LINUX- 40 AUDIT (RHEL-7) P3

LINUX- 40 AUDIT (RHEL-7) P3

Other Posts under audit,
Auditd P1
Auditd P2
Auditd P4

HOW TO SEARCH AUDIT LOGS:

[root@rhel7-server ~]# ls -l /var/log/audit/audit.log

-rw-------. 1 root root 7523772 Sep 1 14:58 /var/log/audit/audit.log

There are three commands,

ausearch = to query audit logs, various criteria’s can be applied.

aureport = for summary report

autrace = to generate audit records from a specific process

All above commands can run by “root” only.

LINUX- 39 AUDIT (RHEL-7) P2

LINUX- 39 AUDIT (RHEL-7) P2

Other Posts under audit,
Auditd P1
Auditd P3
Auditd P4

WHAT IS AUDIT AND IT’s SIGNIFICANCE,

HOW TO CREATE/DELETE/EDIT/DISABLE/REMOVE AUDIT LOGS:

Apart from default auditing we can configure the rules to direct auditd to keep watch on particular file/action.

The Audit system operates on a set of rules that define what is to be captured in the log files. There are three types of Audit rules that can be specified:

LINUX- 38 AUDIT (RHEL-7) P1

LINUX- 38 AUDIT (RHEL-7) P1

Other Posts under audit,
Auditd P2
Auditd P3
Auditd P4

WHAT IS AUDIT AND IT’s SIGNIFICANCE,

What is Audit and why it is required?

If we consider the term Audit in general then it means inspection of something by independent body to validate the authenticity of that thing.

Here in case of Linux, the term Audit is used for inspection of every action on server like,

LINUX- 37 SAR (RHEL-7) P2

LINUX- 37 SAR (RHEL-7) P2

**Its same for RHEL6 as well as RHEL7.

LINUX- 36 SAR (RHEL-7) P1

LINUX- 36 SAR (RHEL-7) P1

**Its same for RHEL6 as well as RHEL7**

LINUX- 35 CONFIGURING SAMBA (RHEL-7)-P2

LINUX- 35 CONFIGURING SAMBA (RHEL-7)-P2

All posts under samba,

CONFIGURING SAMBA (RHEL-7)-P1
CONFIGURING SAMBA (RHEL-7)-P2

In last post, we configured samba successfully in Linux**

😕😕 Really…??

Got it, I said configured successfully, though its different thing that our configuration was not successful.

😠😠

I know … I know … what you’re thinking.

Let’s make it simple.

Everything was correct, we tested it by “testparm” as well.

Even we are able to check the mount as well.

LINUX- 34 CONFIGURING SAMBA (RHEL-7)-P1

LINUX- 34 CONFIGURING SAMBA (RHEL-7)-P1

All posts under samba,

CONFIGURING SAMBA (RHEL-7)-P1
CONFIGURING SAMBA (RHEL-7)-P2

What is SAMBA and how to configure it in RHEL7.

Samba is an open-source Linux implementation of the Server Message Block (SMB) and Common Internet File System (CIFS) protocols which uses TCP/IP protocol and It allows us to share files, folders, and printers between Linux server and Windows clients.

In Linux SAMBA provides the following services:

LINUX- 33 LINUX LOGS (RHEL-7) P3

LINUX- 33 LINUX LOGS (RHEL-7) P3

HOW TO VIEW LINUX LOG’s,

All Posts under Linux Logs:

LINUX LOGS (RHEL-7) P1

LINUX LOGS (RHEL-7) P2

LINUX LOGS (RHEL-7) P3

Well, got idea about almost all logs under /var/log and their significance.

GREAT….

Now let’s check, how to view them.

LINUX- 32 LINUX LOGS (RHEL-7) P2

LINUX- 32 LINUX LOGS (RHEL-7) P2

LINUX LOG’s AND IT’s SIGNIFICANCE,

All Posts under Linux Logs:

LINUX LOGS (RHEL-7) P1
LINUX LOGS (RHEL-7) P2
LINUX LOGS (RHEL-7) P3

Still we are roaming under /var/log, almost all individual log files are covered, now time to directories under /var/log.

SUBDIRECTORIES UNDER /VAR/LOG

LINUX- 31 LINUX LOGS (RHEL-7) P1

LINUX- 31 LINUX LOGS (RHEL-7) P1

LINUX LOG’s AND IT’s SIGNIFICANCE,

All Posts under Linux Logs:

LINUX LOGS (RHEL-7) P1
LINUX LOGS (RHEL-7) P2
LINUX LOGS (RHEL-7) P3

When every thing is green and all are Happy Happy, then nobody bothers about anything. Even they don’t know the name of person who is responsible to manage their system. But when there is any issue with system then the magic start…

Everyone is thinking about…

Who is looking in to the issue?

Who is managing our system?

what’s his/her name & extension?

what is the ETR?

Where is update?

Chaos depends upon how bigger the issue is. You are the sys admin and now you are the center of attraction…

CHEERS and CONGRATS ……

Sunday 18 November 2018

Thursday 8 November 2018

Sunday 21 October 2018

Thursday 18 October 2018

Tuesday 2 October 2018

Saturday 29 September 2018

Sunday 16 September 2018

Thursday 13 September 2018

Saturday 8 September 2018

Saturday 1 September 2018

Sunday 26 August 2018

Wednesday 15 August 2018

Sunday 12 August 2018

Saturday 11 August 2018

Sunday 5 August 2018

Saturday 4 August 2018

Sunday 29 July 2018

Sunday 22 July 2018

Saturday 21 July 2018

Sunday 15 July 2018

Saturday 14 July 2018