All the time I spent on building my home lab was been scrapped. With new plans in mind I've scrapped my linux environment in trade for a Windows environment. It really saddens me to do so but with new goals in sight I have to realign my future and calibrate my focus. I've picked up a third server a Dell PowerEdge805(IIRC) which will be my VMWare ESXi box to host all of my client\victim VMs. My PowerEdge 2950 got a RAM upgrade to 32Gbs(Yum) and is my DC, DHCP, DNS and everything and anything else I want to throw at it running eval version of Windows Server 2012 Standard. My tiny PowerEdge(somethings I can't remember) will continue to be my WebGoat box.
My home lab domain will continue to be Nerv.corp. I'm not going to explain myself and Gainax is reading this um... What can I say, I'm a big fan.
Progress so far has been:
Installed ESXi on Melchior, but haven't configured
Installed Windows Server 2012 on Balthasar
Working on Active Directory structure and how I want to organize everything.
DHCP working... kinda. - It's successfully assigning IPs so its good enough.
DNS... role installed but I have to fiddle with this some more. I have never had to do anything with DNS.
Hope to get some VMs on Melchior soon and my old Webgoat box(Casper) is going to remain a linux box but I do plan on wipping it and reinstalling webgoat mainly so I can document the webgoat install on linux. I know I made some posts here with the trouble I had with the install but now I want a better install document on it for future reference.
Yes my servers are named after the MAGI Super Computers.
New blog layout is to make it easier to read. Sometimes I was having a hard time with the small white font on black background.
AreYouR00T?
E: Unable to lock the administration directory (var/lib/dpkg), are you root?
Tuesday, July 23, 2013
Thursday, April 4, 2013
HomeLab Headaches Ep.9
I think I got this working now, the Webscarab that is. I read the configuration part over and over and OVER AGAIN
"
During the actual tutorial at the conference, you will be in a dedicated wireless network where
no such HTTP proxy is needed; accordingly, please delete the proxy settings in WebScarab at
the start of the tutorial. However, to test WebScarab at your current location, you will need to
enter the HTTP proxy settings that apply to you there (the instructor cannot help you to find
out these settings; please ask a colleague or your help desk if you don’t know these settings).
Here is an example for the HTTP proxy settings (do not copy: these are valid only within the
instructor’s company network):
"
Between that and reading the error message on the terminal window where I start the Webscarab I figured it out. At first I started Googling the error messages on the page on Firefox errors below
I couldn't find a straight answer but everything kept stating "Creates a socket and connects it to the specified address on the specified port" so I start thinking "WTF! Am I? ME!? Going to have to setup and configure a local proxy on this machine for it to work?" I go back to the Configuration instructions and something stuck out
During the actual tutorial at the conference, you will be in a dedicated wireless network where
no such HTTP proxy is needed; accordingly, please delete the proxy settings in WebScarab at
the start of the tutorial
A thought came to mind "Maybe, just maybe I DON'T have to setup a proxt in Webscarab. My server is not connected to the internet or any network for that matter." So I deleted the proxy settings in Webscarab and once again try to browse to http://127.0.0.1:8080/WebGoat/attack. Webcarab opens as it does in intercept mode and then I hit "Accept Changes" and BAM! I get the Webgoat login prompt. YAY!!!!!!!!!!!
That's it for now, until I run into another issue to document. PEACE! (^__^)v
"
During the actual tutorial at the conference, you will be in a dedicated wireless network where
no such HTTP proxy is needed; accordingly, please delete the proxy settings in WebScarab at
the start of the tutorial. However, to test WebScarab at your current location, you will need to
enter the HTTP proxy settings that apply to you there (the instructor cannot help you to find
out these settings; please ask a colleague or your help desk if you don’t know these settings).
Here is an example for the HTTP proxy settings (do not copy: these are valid only within the
instructor’s company network):
"
Between that and reading the error message on the terminal window where I start the Webscarab I figured it out. At first I started Googling the error messages on the page on Firefox errors below
WebScarab encountered an error trying to retrieve
GET http://127.0.0.1:8080/WebGoat/attack HTTP/1.1
Host: 127.0.0.1:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130308 Firefox/17.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Proxy-Connection: keep-alive
Cookie: JSESSIONID=608FFA0267805397313D8AB48E491DB6
Authorization: Basic Z3Vlc3Q6Z3Vlc3Q=
The error was :
proxy.proxy.com
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:175)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:384)
at java.net.Socket.connect(Socket.java:546)
at org.owasp.webscarab.httpclient.URLFetcher.connect(URLFetcher.java:368)
at org.owasp.webscarab.httpclient.URLFetcher.fetchResponse(URLFetcher.java:229)
at org.owasp.webscarab.plugin.proxy.RevealHidden$Plugin.fetchResponse(RevealHidden.java:100)
at org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse(ManualEdit.java:243)
at org.owasp.webscarab.plugin.proxy.ConnectionHandler.run(ConnectionHandler.java:233)
at java.lang.Thread.run(Thread.java:679)
GET http://127.0.0.1:8080/WebGoat/attack HTTP/1.1
Host: 127.0.0.1:8080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130308 Firefox/17.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Proxy-Connection: keep-alive
Cookie: JSESSIONID=608FFA0267805397313D8AB48E491DB6
Authorization: Basic Z3Vlc3Q6Z3Vlc3Q=
The error was :
proxy.proxy.com
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:175)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:384)
at java.net.Socket.connect(Socket.java:546)
at org.owasp.webscarab.httpclient.URLFetcher.connect(URLFetcher.java:368)
at org.owasp.webscarab.httpclient.URLFetcher.fetchResponse(URLFetcher.java:229)
at org.owasp.webscarab.plugin.proxy.RevealHidden$Plugin.fetchResponse(RevealHidden.java:100)
at org.owasp.webscarab.plugin.proxy.ManualEdit$Plugin.fetchResponse(ManualEdit.java:243)
at org.owasp.webscarab.plugin.proxy.ConnectionHandler.run(ConnectionHandler.java:233)
at java.lang.Thread.run(Thread.java:679)
I couldn't find a straight answer but everything kept stating "Creates a socket and connects it to the specified address on the specified port" so I start thinking "WTF! Am I? ME!? Going to have to setup and configure a local proxy on this machine for it to work?" I go back to the Configuration instructions and something stuck out
During the actual tutorial at the conference, you will be in a dedicated wireless network where
no such HTTP proxy is needed; accordingly, please delete the proxy settings in WebScarab at
the start of the tutorial
A thought came to mind "Maybe, just maybe I DON'T have to setup a proxt in Webscarab. My server is not connected to the internet or any network for that matter." So I deleted the proxy settings in Webscarab and once again try to browse to http://127.0.0.1:8080/WebGoat/attack. Webcarab opens as it does in intercept mode and then I hit "Accept Changes" and BAM! I get the Webgoat login prompt. YAY!!!!!!!!!!!
That's it for now, until I run into another issue to document. PEACE! (^__^)v
HomeLab Headaches Ep.8
Oh Webgoat, you have tricked me once again. Monday night I thought I had it all done since I got the login prompt and was able to login. I called it a night at around 0030 and went to sleep. Last night I was excited to start learning what Webgoat had instored to teach me. I get started on the General section and I get down to useful tools and come across Webscarab. I know it was one of the required tools for Webgoat and had it downloaded and I had even tried running it once to make sure it was working(to the extent of my knowledge it was).
I read something about a proxy, which is Webscarab and it has a intercept mode, which if I understand this correctly all the http traffic goes through Webscarab and I can analyze it and edit it and\or pass it through.
First problem was setting up the proxy, I was setting proxy as proxy.proxy.com using port 1337. Set Firefox to use proxy for http to the same and it would not allowed traffic through. I played around with different settings and still couldn't get it to work or Webcarab to see the traffic either. So I know it was something I was doing wrong with the proxy. I kept going back to the OWASP page trying to find clues to what I am doing wrong. The install for linux was simple just run
Which to me just does look like an install, its just telling java to run this particular .jar file. So I decided to look in the Windows installation instructions. On there I got a clue as to what I was doing wrong, which was to proxy settings in Firefox. I was setting the proxy to proxy.proxy.com but it looks like I'm suppose to set it to localhost, but I set the port to 1337 which is the port I set on the Webscarab. DIDN'T WORK. I looked at the Terminal window and I saw "Listenner something something: 8008". I thought "Why is Webscarab listenning to port 8008. If Webscarab is suppose to intercept my http traffic then I should send it to that port"
So I did, I set the Firefox proxy to localhost port 8008. YAY! That worked for Webscarab to intercept the traffic, but when I hit accept changes to let the traffic through to the server it vomits some java errors at me.
I toyed with some of the settings and can't get the traffic to pass through to the Webgoat server. Tonight I shall do some more Googling to see if I can figure this out.
The hardest part of all of this is that I'm doing all of this by myself. I have no one but Google to depend on for help. Which is cool because it just helps me figure things out on my own which I like because I learn more that way, but when I get frustrated and get lost trying to figure something out or I fix something or find a fix but don't know how it actually fixed or what it does it sucks because then I'm not really learning. I wish I had someone that I could bounce ideas off of or ask how and why. MEH! Nothing I can do but keep on going.
One thing I created myself was a .sh to run the java command above so I can start Webscarab easier. It was nothing special at all, all I did was put that command in the text editor and name it run_webscarab.sh. To me I got excited because I've only created simple .bat scripts at work so for me to create something like this, in linux, on my own just by thinking about it and trying and it actually working on the first try, was pretty cool. I didn't even know if it was going to work and if the correct file type that I had to save was .sh but I tried it anyways and BAM it worked. YAY!!!!
I read something about a proxy, which is Webscarab and it has a intercept mode, which if I understand this correctly all the http traffic goes through Webscarab and I can analyze it and edit it and\or pass it through.
First problem was setting up the proxy, I was setting proxy as proxy.proxy.com using port 1337. Set Firefox to use proxy for http to the same and it would not allowed traffic through. I played around with different settings and still couldn't get it to work or Webcarab to see the traffic either. So I know it was something I was doing wrong with the proxy. I kept going back to the OWASP page trying to find clues to what I am doing wrong. The install for linux was simple just run
java -jar ./webscarab-selfcontained-[numbers].jar
Which to me just does look like an install, its just telling java to run this particular .jar file. So I decided to look in the Windows installation instructions. On there I got a clue as to what I was doing wrong, which was to proxy settings in Firefox. I was setting the proxy to proxy.proxy.com but it looks like I'm suppose to set it to localhost, but I set the port to 1337 which is the port I set on the Webscarab. DIDN'T WORK. I looked at the Terminal window and I saw "Listenner something something: 8008". I thought "Why is Webscarab listenning to port 8008. If Webscarab is suppose to intercept my http traffic then I should send it to that port"
So I did, I set the Firefox proxy to localhost port 8008. YAY! That worked for Webscarab to intercept the traffic, but when I hit accept changes to let the traffic through to the server it vomits some java errors at me.
I toyed with some of the settings and can't get the traffic to pass through to the Webgoat server. Tonight I shall do some more Googling to see if I can figure this out.
The hardest part of all of this is that I'm doing all of this by myself. I have no one but Google to depend on for help. Which is cool because it just helps me figure things out on my own which I like because I learn more that way, but when I get frustrated and get lost trying to figure something out or I fix something or find a fix but don't know how it actually fixed or what it does it sucks because then I'm not really learning. I wish I had someone that I could bounce ideas off of or ask how and why. MEH! Nothing I can do but keep on going.
One thing I created myself was a .sh to run the java command above so I can start Webscarab easier. It was nothing special at all, all I did was put that command in the text editor and name it run_webscarab.sh. To me I got excited because I've only created simple .bat scripts at work so for me to create something like this, in linux, on my own just by thinking about it and trying and it actually working on the first try, was pretty cool. I didn't even know if it was going to work and if the correct file type that I had to save was .sh but I tried it anyways and BAM it worked. YAY!!!!
Wednesday, April 3, 2013
HomeLab Headaches Ep.7
For a few days I've been fighting with setting up WebGoat, this is how it went down
Day1:(Sometime last Week, prolly Monday because the wife-unit00 and I spent the rest of the week cleaning the apartment because of my parental-unit's were visiting) - Server setup
Setting up server number 2 for web app pentesting, OS and I decided to just stick with CentOS, installed the WebServer option with Desktop which means I checked off WebServer and then customized it by adding everything in the desktop option minus KDE desktop since I prefer the GNOME desktop.
Downloaded everything that I needed for WebGoat which at first seems a bit trivial, but I found the SourceForge that had the web goat stuff. Downloaded it.
I've never messed around with web servers and know absolutely nothing about them so this is completely new to me.
Next I downloaded Java which was abit painful to find, downloaded and installed Java1.5_11
I followed the instructions on WebGoats website to edit the .sh file
After editing the webgoat.sh I ran sh webgoat.sh start8080, got error
So I thought maybe I don't have Apache installed even though I chose the "WebServer" install option. I then learned that there are different flavors of Apache and I needed Apache Tomcat. So here we go.
I download Tomcat Apache and installed it, to the best of my knowledge. I reboot, for the sake of rebooting.
Once I again I run .sh webgoat.sh start8080, and again I got error
I then looked into setting the "JAVA_HOME", found this Cyberciti.biz post, I set my JAVA_HOME
Once I again I run .sh webgoat.sh start8080, and again I got error
I shutdown and called it a day... night.
Day2:(4/2) I said, lets try from the beginning again. I noticed that I had installed jdk1.5.0_11 instead of a version 6. This was probably due to tireness and close to mid night hours lol, whatever the reason may have been.
First thing first, remove old java, I used
Downloaded jdk6(jdk1.6.0_20) and installed it following this post from stackoverflow, which covered install for both jdk and tomcat. COOL COOL. I thought I had it figured out and was on my way to getting my webgoat on... yea ok, that was quickly shutdown by another "Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6".
NOTE: I didn't follow stackoverfollow's post to the letter. I installed java just by running the rpm.bin. Mostly followed it more for the variable sets JAVA_HOME, PATH, CLASSPATH, etc
I then remember on the WebGoat install page mentioned that version 5 didn't need tomcat or java installed. So I tried pointing the JAVA_HOME to the java folder in the Webgoat 5.2 folder, no luck. Made no difference.
I started googling for answers or to see if anyone else had this same problem. Some did, I saw a post about someone having the same problem in Ubuntu but was fixed by install Java... that didn't help. I was clueless but not THAT clueless. I then came across WebGoat's GoogleCode page that had a newer version, version 5.4. Looked in the README-5.4 and it mentioned that Java and Maven needed to be installed separately. Well Maven was just another Apache flavor and to my luck I had already installed Java1.6 and Tomcat. I download Webgoat5.4 zip and extract it. In "Option 4: Run from the WebGoat 5.X Standard distribution (Ubuntu)" all it said was run " ./webgoat.sh start8080". I did and I got a "Permission denied" WTF?!?!? Permission denied? I'm fucking root. I then remembered I had saw somewhere else someone mentioned chmod +x on the webgoat.sh file and I ran the chmod +x
Once again I ran ./webgoat.sh start8080 and now I got the same error message that I've been getting the dreaded "Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6"
At this point I'm steaming and frustrated. Once I again I go back to Google, but this time I come across my light at the end of the tunnel, carnal0wnage.attackresearch.com had an old post about the same problem. So I followed their instructions and removed the Java check shit from the beginning of the webgoat.sh
Below is a copyPasta of my webgoat.sh file. If anyone from webgoat wants me to take this down just email me. I don't know if this is ok or not but just email me and I'll take it down, other wise it's here for my historical reference and to help others
Day1:(Sometime last Week, prolly Monday because the wife-unit00 and I spent the rest of the week cleaning the apartment because of my parental-unit's were visiting) - Server setup
Setting up server number 2 for web app pentesting, OS and I decided to just stick with CentOS, installed the WebServer option with Desktop which means I checked off WebServer and then customized it by adding everything in the desktop option minus KDE desktop since I prefer the GNOME desktop.
Downloaded everything that I needed for WebGoat which at first seems a bit trivial, but I found the SourceForge that had the web goat stuff. Downloaded it.
I've never messed around with web servers and know absolutely nothing about them so this is completely new to me.
Next I downloaded Java which was abit painful to find, downloaded and installed Java1.5_11
I followed the instructions on WebGoats website to edit the .sh file
Change "1.5" on lines 17, 19, and 23 of webgoat.sh to "1.6".
After editing the webgoat.sh I ran sh webgoat.sh start8080, got error
Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6
So I thought maybe I don't have Apache installed even though I chose the "WebServer" install option. I then learned that there are different flavors of Apache and I needed Apache Tomcat. So here we go.
I download Tomcat Apache and installed it, to the best of my knowledge. I reboot, for the sake of rebooting.
Once I again I run .sh webgoat.sh start8080, and again I got error
Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6
I then looked into setting the "JAVA_HOME", found this Cyberciti.biz post, I set my JAVA_HOME
export JAVA_HOME=/usr/java/jdk1.5.0_11/
export PATH=$PATH:/usr/java/jdk1.5.0_011/bin
Once I again I run .sh webgoat.sh start8080, and again I got error
Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6
I shutdown and called it a day... night.
Day2:(4/2) I said, lets try from the beginning again. I noticed that I had installed jdk1.5.0_11 instead of a version 6. This was probably due to tireness and close to mid night hours lol, whatever the reason may have been.
First thing first, remove old java, I used
rm -r -f /usr/java/jdk1.5.0_11
Downloaded jdk6(jdk1.6.0_20) and installed it following this post from stackoverflow, which covered install for both jdk and tomcat. COOL COOL. I thought I had it figured out and was on my way to getting my webgoat on... yea ok, that was quickly shutdown by another "Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6".
NOTE: I didn't follow stackoverfollow's post to the letter. I installed java just by running the rpm.bin. Mostly followed it more for the variable sets JAVA_HOME, PATH, CLASSPATH, etc
export JAVA_HOME=/usr/java/jdk1.6.0_20
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar
export TOMCAT_HOME=/usr/local/tomcat
export CATALINA_HOME=/usr/local/tomcat
export CLASSPATH=$CLASSPATH:$CATALINA_HOME/common/lib
export PATH=$PATH:$JAVA_HOME/bin
export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar
export TOMCAT_HOME=/usr/local/tomcat
export CATALINA_HOME=/usr/local/tomcat
export CLASSPATH=$CLASSPATH:$CATALINA_HOME/common/lib
I then remember on the WebGoat install page mentioned that version 5 didn't need tomcat or java installed. So I tried pointing the JAVA_HOME to the java folder in the Webgoat 5.2 folder, no luck. Made no difference.
I started googling for answers or to see if anyone else had this same problem. Some did, I saw a post about someone having the same problem in Ubuntu but was fixed by install Java... that didn't help. I was clueless but not THAT clueless. I then came across WebGoat's GoogleCode page that had a newer version, version 5.4. Looked in the README-5.4 and it mentioned that Java and Maven needed to be installed separately. Well Maven was just another Apache flavor and to my luck I had already installed Java1.6 and Tomcat. I download Webgoat5.4 zip and extract it. In "Option 4: Run from the WebGoat 5.X Standard distribution (Ubuntu)" all it said was run " ./webgoat.sh start8080". I did and I got a "Permission denied" WTF?!?!? Permission denied? I'm fucking root. I then remembered I had saw somewhere else someone mentioned chmod +x on the webgoat.sh file and I ran the chmod +x
chmod +x webgoat.sh
Once again I ran ./webgoat.sh start8080 and now I got the same error message that I've been getting the dreaded "Please set JAVA_HOME to a Java 1.6 JDK install or JVM Is not 1.6"
At this point I'm steaming and frustrated. Once I again I go back to Google, but this time I come across my light at the end of the tunnel, carnal0wnage.attackresearch.com had an old post about the same problem. So I followed their instructions and removed the Java check shit from the beginning of the webgoat.sh
Below is a copyPasta of my webgoat.sh file. If anyone from webgoat wants me to take this down just email me. I don't know if this is ok or not but just email me and I'll take it down, other wise it's here for my historical reference and to help others
#! /bin/sh
SYSTEM=`uname -s`
CATALINA_HOME=./tomcat
PATH=${PATH}:./tomcat/bin
export CATALINA_HOME PATH
export JAVA_HOME=/usr/java/jdk1.6.0_20
chmod +x ./$CATALINA_HOME/bin/*.sh
case "$1" in
start80)
cp -f $CATALINA_HOME/conf/server_80.xml $CATALINA_HOME/conf/server.xml
$CATALINA_HOME/bin/startup.sh
printf "\n Open http://127.0.0.1/WebGoat/attack"
printf "\n Username: guest"
printf "\n Password: guest"
printf "\n Or try http://guest:guest@127.0.0.1/WebGoat/attack \n\n\r"
sleep 2
tail -f $CATALINA_HOME/logs/catalina.out
;;
start8080)
cp -f $CATALINA_HOME/conf/server_8080.xml $CATALINA_HOME/conf/server.xml
$CATALINA_HOME/bin/startup.sh
printf "\n Open http://127.0.0.1:8080/WebGoat/attack"
printf "\n Username: guest"
printf "\n Password: guest"
printf "\n Or try http://guest:guest@127.0.0.1:8080/WebGoat/attack \n\n\r"
sleep 2
tail -f $CATALINA_HOME/logs/catalina.out
;;
stop)
$CATALINA_HOME/bin/shutdown.sh
;;
*)
echo $"Usage: $prog {start8080|start80|stop}"
exit 1
;;
esac
SYSTEM=`uname -s`
CATALINA_HOME=./tomcat
PATH=${PATH}:./tomcat/bin
export CATALINA_HOME PATH
export JAVA_HOME=/usr/java/jdk1.6.0_20
chmod +x ./$CATALINA_HOME/bin/*.sh
case "$1" in
start80)
cp -f $CATALINA_HOME/conf/server_80.xml $CATALINA_HOME/conf/server.xml
$CATALINA_HOME/bin/startup.sh
printf "\n Open http://127.0.0.1/WebGoat/attack"
printf "\n Username: guest"
printf "\n Password: guest"
printf "\n Or try http://guest:guest@127.0.0.1/WebGoat/attack \n\n\r"
sleep 2
tail -f $CATALINA_HOME/logs/catalina.out
;;
start8080)
cp -f $CATALINA_HOME/conf/server_8080.xml $CATALINA_HOME/conf/server.xml
$CATALINA_HOME/bin/startup.sh
printf "\n Open http://127.0.0.1:8080/WebGoat/attack"
printf "\n Username: guest"
printf "\n Password: guest"
printf "\n Or try http://guest:guest@127.0.0.1:8080/WebGoat/attack \n\n\r"
sleep 2
tail -f $CATALINA_HOME/logs/catalina.out
;;
stop)
$CATALINA_HOME/bin/shutdown.sh
;;
*)
echo $"Usage: $prog {start8080|start80|stop}"
exit 1
;;
esac
Labels:
apache,
CentOS,
HomeLab,
Java,
JAVA_HOME,
Linux,
tomcat apache,
TOMCAT_HOME,
WebGoat
Friday, March 22, 2013
HomeLab Headaches Ep.6
Meh, not really any head headaches today. I got the MediaServer up and running since Tuesday night, with all my files available I took a few days to reap the fruits of my labor and watched a few of the videos and\or shows I haven't watched in a while, specially on a TV.
I have setup a WINXP SP2 and a WIN7 VMs. Tried to setup a OSX 10.6 and it didn't happen. I tried three times and once on my work pc and it still gave me the same error, which confirmed that my iso is BAD. : ( booooo So now I have to get my hands on a good OSX iso.
I attended Rapid7's "Using Metasploit on Kali Linux, the Evolution of BackTrack" webinar today. It was pretty cool, from what I saw Kali Linux looks bad ass and I have downloaded the x32, x64 and the VM versions. The x32 is going on my netbook that is collecting dust in my room, the x64 is just to have it and the VM may find it's way into my Virtualbox. Also Rapid7 has a "metasploitable vulnerable machine" which I have downloaded as well to check out later.
One thing I liked about Kali Linux if I remember this correctly is that all of it's services are OFF by default so its as the old slogan on Backtrack used to say "the quieter you become, the more you are able to hear...", so Kali is quiet by default lol. Also the big change is from Ubuntu to Debian base linux, there was something about stream line updates, but I can't remember exactly what it was.
Next thing on the Home Lab is getting the network together. Gotta bring out my Cisco bibles... i think they weight more then the router or the switch it self lol
I have setup a WINXP SP2 and a WIN7 VMs. Tried to setup a OSX 10.6 and it didn't happen. I tried three times and once on my work pc and it still gave me the same error, which confirmed that my iso is BAD. : ( booooo So now I have to get my hands on a good OSX iso.
I attended Rapid7's "Using Metasploit on Kali Linux, the Evolution of BackTrack" webinar today. It was pretty cool, from what I saw Kali Linux looks bad ass and I have downloaded the x32, x64 and the VM versions. The x32 is going on my netbook that is collecting dust in my room, the x64 is just to have it and the VM may find it's way into my Virtualbox. Also Rapid7 has a "metasploitable vulnerable machine" which I have downloaded as well to check out later.
One thing I liked about Kali Linux if I remember this correctly is that all of it's services are OFF by default so its as the old slogan on Backtrack used to say "the quieter you become, the more you are able to hear...", so Kali is quiet by default lol. Also the big change is from Ubuntu to Debian base linux, there was something about stream line updates, but I can't remember exactly what it was.
Next thing on the Home Lab is getting the network together. Gotta bring out my Cisco bibles... i think they weight more then the router or the switch it self lol
Labels:
HomeLab,
Linux,
MediaServer,
Network,
OSX,
Virtualbox,
Windows
Monday, March 18, 2013
Hitler and I feel the same about Google killing Google Reader
Poor Hitler, I too am pissed at Google killing Google Reader. There are some alternatives I need to check out I can't remember them right now, but they are on my Twitter feed... somewhere lol. I'm still very update that Google Reader is going to be gone in July.
SOURCE:... Twitterverse, somewhere there.
SOURCE:... Twitterverse, somewhere there.
Media Server Headaches Ep.2?
Now the Media Server is giving me more and more NTFS problems. I need to change the permission on it to allow owner full access which I don't need to change it, but I need to change the group and others permission and regardless of how I mount it or change permission or ownership or group ownership it will NOT allow me access. So, I'm done
Mounted my new external 3Tb drive.
Copied a whole folder from old 1Tb drive into new 3Tb drive as an initial test and I have ownership and full permission.
It's so refreshing and out of my permission claustrophobia sorta say lol
I'll leave it copying the 400Gbs of data from the 1Tb drive to the 3Tb drive. Tomorrow or the next day I will move just the media files I want the Media Server to have back onto the 1Tb drive which I will make sure that I have full permission even if I must blow away the partition and setup new partition on it. This is once all my precious and sentimental data is safely stored away in the new 3Tb drive.
HomeLab Headaches Ep.5
Here we are back at it again
Figured something interesting out, if I mount my external drive using
I can copy the data out of it that I need and paste it locally, but if I mount using
Which is suppose to help with ntfs permission I can't copy data off of the drive, but I did change the permission on the /mnt/ExtDrv using chmod like this
I use ss64.com as a reference for chmod, they actually have a little table that you can click on what access you want and it will spit out the numeric and symbolic permission codes.
I use ss64.com to cross-reference for alot of my commands since I don't know too many. I google what I need done and when -h or --help doesn't give me enough explanation to what the command does I go to ss64.com. Great site and from year ago or so to now they've added a few more languages like powershell.
So I don't know if it was the chmod that actually gave me the permission to copy data from the external drive or if it was using mount without the -t switch along with ntfs-3g.
While I was in the chmod mood, I changed the permission on my iso repository which is /VM_iso_Repo to owner would be root, group vboxusers will have full, read, write and execute access and others only read access.
Changing folder group ownership use chgrp
Changing folder permission access is as above
Need to learn how to allow only a group access to a program.
Now I finally spun up the first of many Windows VMs on this machine.
Figured something interesting out, if I mount my external drive using
mount /dev/sdd1 /mnt/ExtDrv
I can copy the data out of it that I need and paste it locally, but if I mount using
mount -t ntfs-3g /dev/sdd1 /mnt/ExtDrv
Which is suppose to help with ntfs permission I can't copy data off of the drive, but I did change the permission on the /mnt/ExtDrv using chmod like this
chmod 755 -R /mnt/ExtDrv
I use ss64.com as a reference for chmod, they actually have a little table that you can click on what access you want and it will spit out the numeric and symbolic permission codes.
I use ss64.com to cross-reference for alot of my commands since I don't know too many. I google what I need done and when -h or --help doesn't give me enough explanation to what the command does I go to ss64.com. Great site and from year ago or so to now they've added a few more languages like powershell.
So I don't know if it was the chmod that actually gave me the permission to copy data from the external drive or if it was using mount without the -t switch along with ntfs-3g.
While I was in the chmod mood, I changed the permission on my iso repository which is /VM_iso_Repo to owner would be root, group vboxusers will have full, read, write and execute access and others only read access.
Changing folder group ownership use chgrp
chgrp -R vboxusers /VM_iso_Repo
Changing folder permission access is as above
chmod -R 774 /VM_iso_Repo
Need to learn how to allow only a group access to a program.
Now I finally spun up the first of many Windows VMs on this machine.
Wednesday, March 13, 2013
Crypto.cat
Crypto.cat, new secure chat venue. This brought to my attention by a co-worker. Great idea and I love the video below. I don't go on chat rooms now adays, but this is a great idea for those who still chat. So if you or anyone you know still enjoy chatting on chat rooms go check out Crypto.cat
HomeLab Headaches Ep.4
I'm just going to start calling my "Home test lab set-up progress part X" posts HomeLab Headaches lol
In tonight's episode, Virtualbox won't start. It wouldn't start last night, so I just went to bed. I thought maybe because my User account isn't a sudoer? So I ran virtualbox in terminal as root and it opened Virtualbox BUT! I got an error
I tried the "/etc/init.d/vboxdrv setup" as it suggested but it failed and told me to look into the log
I look in the "/var/log/vbox-install.log" and I get this
So I rediscovered one of the sites I used alot when settings up a few things in linux, if-not-true-then-false.com. It has an article which covers installing Virtualbox on CentOS\RHEL\Fedora(See Source at the end of the post for link). I already have EPEL installed, but I followed the instructions step by step anyways. I gave in a did the "yum update" which updated me to CentOS 6.4. Before I rebooted I did "yum install binutils gcc make patch libgomp glibc-headers glibc-devel kernel-headers kernel-devel dkms" and this is I think what I missed or the GUI didn't do on it's own when I was tired and decided to depend on the GUI to install Virtualbox properly.
Lesson learned: Don't be a bitch and depend on the GUI to do it right. Do it on the CLI and even if you fail you won't feel as bad as depending on the GUI. lol
After that was done I tried the "/etc/init.d/vboxdrv setup" and it failed
So I rebooted and tried again "/etc/init.d/vboxdrv setup" and this time it worked
As instructed by if-not-true-then-false.com I added my User account to the "vboxusers" group, "usermod -a -G vboxusers User"
Double clicked on Virtual Box and it ran, no errors... so far
SOURCE: Install Virtualbox with yum on Fedora, Centos, RHEL
In tonight's episode, Virtualbox won't start. It wouldn't start last night, so I just went to bed. I thought maybe because my User account isn't a sudoer? So I ran virtualbox in terminal as root and it opened Virtualbox BUT! I got an error
WARNING:
The vboxdrv kernel module is not loaded. Either there is no module
available for the current kernel (2.6.32-279.el6.x86_64) or it failed to
load. Please recompile the kernel module and install it by
sudo /etc/init.d/vboxdrv setup
You will not be able to start VMs until this problem is fixed.
Qt WARNING: QGtkStyle was unable to detect the current GTK+ theme.
Qt WARNING: Qt: Session management error: None of the authentication protocols specified are supported
sudo /etc/init.d/vboxdrv setup
You will not be able to start VMs until this problem is fixed.
Qt WARNING: QGtkStyle was unable to detect the current GTK+ theme.
Qt WARNING: Qt: Session management error: None of the authentication protocols specified are supported
I tried the "/etc/init.d/vboxdrv setup" as it suggested but it failed and told me to look into the log
Stopping VirtualBox kernel modules [ OK ]
Recompiling VirtualBox kernel modules [FAILED]
(Look at /var/log/vbox-install.log to find out what went wrong)
Recompiling VirtualBox kernel modules [FAILED]
(Look at /var/log/vbox-install.log to find out what went wrong)
I look in the "/var/log/vbox-install.log" and I get this
Makefile:181:
*** Error: unable to find the sources of your current Linux kernel.
Specify KERN_DIR=<directory> and run Make again. Stop.
So I rediscovered one of the sites I used alot when settings up a few things in linux, if-not-true-then-false.com. It has an article which covers installing Virtualbox on CentOS\RHEL\Fedora(See Source at the end of the post for link). I already have EPEL installed, but I followed the instructions step by step anyways. I gave in a did the "yum update" which updated me to CentOS 6.4. Before I rebooted I did "yum install binutils gcc make patch libgomp glibc-headers glibc-devel kernel-headers kernel-devel dkms" and this is I think what I missed or the GUI didn't do on it's own when I was tired and decided to depend on the GUI to install Virtualbox properly.
Lesson learned: Don't be a bitch and depend on the GUI to do it right. Do it on the CLI and even if you fail you won't feel as bad as depending on the GUI. lol
After that was done I tried the "/etc/init.d/vboxdrv setup" and it failed
Stopping VirtualBox kernel modules [ OK ]
Uninstalling old VirtualBox DKMS kernel modulesError! There are no instances of module: vboxhost
4.2.8 located in the DKMS tree.
[ OK ]
Trying to register the VirtualBox kernel modules using DKMS[FAILED]
Starting VirtualBox kernel modules [FAILED]
Uninstalling old VirtualBox DKMS kernel modulesError! There are no instances of module: vboxhost
4.2.8 located in the DKMS tree.
[ OK ]
Trying to register the VirtualBox kernel modules using DKMS[FAILED]
Starting VirtualBox kernel modules [FAILED]
So I rebooted and tried again "/etc/init.d/vboxdrv setup" and this time it worked
Stopping VirtualBox kernel modules [ OK ]
Uninstalling old VirtualBox DKMS kernel modulesError! There are no instances of module: vboxhost
4.2.8 located in the DKMS tree.
[ OK ]
Trying to register the VirtualBox kernel modules using DKMS[ OK ]
Starting VirtualBox kernel modules [ OK ]
Uninstalling old VirtualBox DKMS kernel modulesError! There are no instances of module: vboxhost
4.2.8 located in the DKMS tree.
[ OK ]
Trying to register the VirtualBox kernel modules using DKMS[ OK ]
Starting VirtualBox kernel modules [ OK ]
As instructed by if-not-true-then-false.com I added my User account to the "vboxusers" group, "usermod -a -G vboxusers User"
Double clicked on Virtual Box and it ran, no errors... so far
SOURCE: Install Virtualbox with yum on Fedora, Centos, RHEL
Malicious Profiles - The Sleeping Giant of iOS Security
As I'll further discuss in this post, there is another way to create havoc on one's device, which may be comparable to sophisticated malware, without actually installing a program on the device.
Malware is prevalent. Mobile malware is on the rise. We are used to the perception that Android users are always under the threat of being attacked by malware and therefore should be highly suspicious about the software they install, while iOS users are immune and can enjoy the freedom of installing whatever they want without hesitation, due to Apple's "walled-garden" approach. Well... this isn't exactly the case.
To read the whole article click on link above...
Source: Skycure Security
Adobe tells Windows and Mac users to install critical security updates for F...
via Naked Security - Sophos on 3/13/13
Computer users should be getting used to security updates for Adobe Flash by now - after all, this is the fourth in as many weeks. Make sure your computers are protected as soon as possible.
To read the whole article click on link above...
Tuesday, March 12, 2013
Home test lab setup progress part 3
Free RAM doesn't always work... that doesn't sound right for some reason, meh!
The RAM I got from work didn't work on the Dell 2950(Server#1), but it worked on my older server my Dell 850. I don't know what I want to do with my 850 yet. No, no one can't have it.
Figured out how to configure\edit the /etc/fstab so it auto-mounts my other drives
First I tried it on my own no knowledge just throw stuff at it and see what comes of it just by looking at what was in the fstab already. for some reason it had entries like this :
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts defaults 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
so I added
RnDm /dev/sdb ext4 defaults 0 0
RnDm2 /dev/sdc ext4 defaults 0 0
Rebooted and it didn't work, so I found this post, How to add a new partition to the fstab file
OH! There's the formula, [Device] [Mount Point] [File System Type] [Options] [Dump] [Pass]
so then I changed the fstab to
/dev/sdb /RnDm auto defaults 0 0
/dev/sdc /RnDm2 auto defaults 0 0
Rebooted and BAM! they auto-mounted. Actually it didn't the first time because I had made a mistake on the mount point but after fixing that it worked.
Now after all this I once again face NTFS permission road blocks in my CentOS server. fuck it, copying iso's from external drive using cli.
Correction on yesterdays post, drive /dev/sdb which is one of the pair of 146Gb drives is setup as RAID0, not RAID1. This is so I can benefit the read\write performance, where I'm going to keep my VMs. The single 146Gb drive /dev/sdc is going to keep my isos.
Home test lab setup progress part 2
The other problem I ran into when setting up my Dell 2950 was mounting the other HDD's. I have two 73Gb and three 146Gb HDDs, the two 73Gbs are set as RAID0 and used for OS. The other three 146Gb drives, two are setup RAID1 where I will keep all of my VMs and the other 146Gb is where I'm going to keep my iso's.
I'm trying my hardest to not depend on the GUI. So into the CLI I dive. I finally figured out how to delete the partition on the drives, but still could not mount. Then I found the mkfs command. Since I'm using the whole drive on both the RAID1 146's and the single 146, its easy to just make the whole disk a file system. Made it ext4, but now I have to figure out how to make it mount everytime I reboot. I'm currently having to mount it manually, but I know I have to edit the /etc/fstab. That's what I'm going to try and figure out next is the /etc/fstab file.
Also have been setting up a Media Server on a older laptop. Using LinuxMint as OS and Plex Media Server. Plex is pretty cool and easy to setup, but again I'm running into NTFS speed bumps. That's what I get for using Windows when I used to actually download movies and crap. My problem with the Media Server is not that I can't mount the ntfs drives like in the CentOS. The problem is that I can't edit the permissions. For some reason in order for Plex to find the files, the files permissions for "Other" have to be set to read or read and write. I figured out this was the problem because when I copied the movie files locally and changed the permission I was able to find and play them on the Plex server. More NTFS speed bumps, but I just bought a 3TB external drives over the weekend. I'm going to migrate everything to it from my current 1TB backup drive and format the 1TB to Ext4 and just put my music, movies in it for the Plex server and be done. I was suggested to setup SAMBA, but I don't want to head down that road... yet. We shall see what I come up with.
I'm trying my hardest to not depend on the GUI. So into the CLI I dive. I finally figured out how to delete the partition on the drives, but still could not mount. Then I found the mkfs command. Since I'm using the whole drive on both the RAID1 146's and the single 146, its easy to just make the whole disk a file system. Made it ext4, but now I have to figure out how to make it mount everytime I reboot. I'm currently having to mount it manually, but I know I have to edit the /etc/fstab. That's what I'm going to try and figure out next is the /etc/fstab file.
Also have been setting up a Media Server on a older laptop. Using LinuxMint as OS and Plex Media Server. Plex is pretty cool and easy to setup, but again I'm running into NTFS speed bumps. That's what I get for using Windows when I used to actually download movies and crap. My problem with the Media Server is not that I can't mount the ntfs drives like in the CentOS. The problem is that I can't edit the permissions. For some reason in order for Plex to find the files, the files permissions for "Other" have to be set to read or read and write. I figured out this was the problem because when I copied the movie files locally and changed the permission I was able to find and play them on the Plex server. More NTFS speed bumps, but I just bought a 3TB external drives over the weekend. I'm going to migrate everything to it from my current 1TB backup drive and format the 1TB to Ext4 and just put my music, movies in it for the Plex server and be done. I was suggested to setup SAMBA, but I don't want to head down that road... yet. We shall see what I come up with.
SSCC 104 - Probably (be fair, definitely!) the best 15-minute podcast you'll...
SSCC 104 - Probably (be fair, definitely!) the best 15-minute podcast you'll hear today
via Naked Security - Sophos on 3/12/13
Have your joined thousands of others, and become a loyal listener to the "Chet Chat" yet? Here's the latest Naked Security podcast, Sophos Security Chet Chat 104, discussing a range of recent and newsworthy topics from the world of computer security.
Subscribe to:
Posts (Atom)