Intel Reports

Accessible RDP

This report identifies hosts that have Remote Desktop (RDP) Service running and accessible to the world on the Internet. Misconfigured RDP can allow miscreants access to the desktop of a vulnerable host and can also allow for information gathering on a target host as the SSL certificate used by RDP often contains the system’s trivial hostname.

Remedy: Disable RDP from being world accessible by applying firewall rules either at the border or at the server itself

Accessible Telnet

This report identifies hosts that have a Telnet instance running on port 23/TCP that accessible on the Internet. Telnet provides no encryption and may expose sensitive information or system credentials.

Remedy: Disable Telnet service and use more secure protocols such as SSH or firewall the telnet services

SSL Scan

This report identifies hosts that allow the use of SSL v3.0 with cipher-block chaining (CBC) mode ciphers which are vulnerable to the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack. See US-CERT alert TA14-290A at: https://www.us-cert.gov/ncas/alerts/TA14-290A for more information on this vulnerability and exploit.

Continue reading “Intel Reports”

Configuration of Radsecproxy with f-ticks

  1. Download package radsecproxy and nettle library from internet.
  2. Extract these tar files by using
    # tar -xvf radsecproxy-1.6.5.tar.gz
    # tar -xvf nettle-2.7.1.tar.gz
  3. Move into nettle folder by using
    # cd nettle-2.7.1
  4. Install gcc compiler which is nettle’s prerequisite
    # yum install *gcc*
  5. Install Nettle by running the following commands:
    #./configure –prefix=/usr && make
  6. To test the results, issue:
    # make check
  7. Now, as the root user:
    # make install
  8. Now,Move into radsecproxy folder
    # cd radsecproxy-1.6.5
  9. Now,Type the command
    #./configure –enable-fticks
    # make
    # make check
    # make install
  10. Put radsecproxy configuration file in /usr/local/etc/ folder
    # cp radsecproxy.conf /usr/local/etc/
  11. Start the radsecproxy by using command
    # radsecproxy
  12. Install apache server
    # yum install httpd*
  13. Open file httpd.conf.
    # vim /etc/httpd/conf/httpd.conf
  14. Uncomment NameVirtualHost and put the IP of server by replacing * such as NameVirtualHost IP-OF-THE-MACHINE:80
  15. In VirtualHost,Edit
    <VirtualHost IP-OF-THE-MACHINE:80>
    ServerAdmin root@ IP-OF-THE-MACHINE
    DocumentRoot /radsecproxy-1.6.5/
    ServerName IP-OF-THE-MACHINE
    </VirtualHost>
  16. Check it in browser by http:// IP-OF-THE-MACHINE/f-ticks

Comodo SSL Certificates

The administrators at RENU will create for you an account for access to https://cert-manager.com/customer/eI4Africa

Prerequisites

  • Administrator account for access to https://cert-manager.com/customer/eI4Africa
  • OpenSSL on your local/working machine
  • Validated Entry for the domain (Covered below). Using email validation is a tested and easier method and this requires you to have access to one of the following email addresses. (Assuming your domain is  utamu.ac.ug);  admin@utamu.ac.ug, hostmaster@utamu.ac.ug

Continue reading “Comodo SSL Certificates”

NTP Server on CentOS 7

Step 1: Install and configure NTP daemon

 
1. NTP server package is provided by default from official CentOS /RHEL 7 repositories and can be installed by issuing the following command.

# yum install ntp

2. After the server is installed, first go to official NTP Public Pool Time Servers, choose your Continent area where the server physically is located, then search for your Country location and a list of NTP servers should appear. Continue reading “NTP Server on CentOS 7”

Zimbra: Install a Comodo SSL Certificate

1. Get the bundle from Comodo in crt format, or sometimes like a zip file. You can also login to https://cert-manager.com/customer/eI4Africa and download the X.509 Root/Intermediate(s) bundle.

2.  Copy the downloaded bundle to the mail server under /tmp. The bundle contains the following files:

  • AddTrustExternalCARoot.crt
  • COMODORSAAddTrustCA.crt
  • COMODORSADomainValidationSecureServerCA.crt

Continue reading “Zimbra: Install a Comodo SSL Certificate”

Owncloud 8.2 on Centos 7

ownCloud is a web suite that provides a cloud storage over the network, data can be uploaded via web browser or using software client. Data will be stored on the server and can be downloaded or access any time with browser or desktop client or smart phone app.

ownCloud is based on PHP and a SQLite, MySQL, Oracle or PostgreSQL database, so it can run on all platforms that meet these requirements. It provides almost all possibility of functions that are available on commercial suites; it is released under AGPLv3 license, so you can setup own cloud storage server without any additional cost. Continue reading “Owncloud 8.2 on Centos 7”