This tutorial demonstrates what “SSH Agent Forwarding” is and how it works. We go further to ensure you can ‘sudo’ on the target system. This is the scenario: “You have one or more Web servers that you look after. For security reasons, these Web servers accept SSH connections only from
Read moreCategory: Cybersecurity
Browse our Cybersecurity technical articles here. We’re sharing our knowledge with fellow cybersecurity practitioners in the hope that we can all progress further and faster in protecting our information systems.
Export a list of Full Access Permissions -Microsoft Exchange
The following is a command that will allow you to view all mail boxes that have the Full Access permission enabled in CSV document that you can filter and sort using Excel. This command will filter out the SELF permissions as every user should have Full Access to their own
Read moreExchange – Audit Full Access Permission on Mailboxes
Just recently I have come up against the need to see if a particular user is granting them self the Full Access permission on other users mailboxes. This user might be a new hired administrator or perhaps one that is leaving or even just a compromised account, regardless this is
Read moreConfigure Postfix to relay SMTP to Amazons AWS SES SMTP gateway
We start from a working Postfix configuration. This article will simply show you what needs to be changed in order to use the Amazon SES email relay. In this example we’re using the “email-smtp.us-east-1.amazonaws.com” SMTP relay from Amazon. you should use the one allocated to you. See Amazon’s documentation here.
Read moreUpdate OpenSSL on Ubuntu for the HeartBleed bug
On Ubuntu, issue the following commands to update the lest possible packages while patching the Heartbleed bug. apt-get update apt-get install openssl libssl1.0.0 And then restart any services that need it.
Read moreEncrypt Large Files With OpenSSL Using Public/Private Keys
This article explains how to encrypt large files with OpenSSL and Public/Private keys. Create your key-pair: openssl req -x509 -nodes -newkey rsa:2048 -keyout private.pem -out public_nopass.pem Encrypt your larger file: openssl smime -encrypt -aes256 -in bigfile.tar -binary -outform DEM -out bigfile.tar.ssl public.pem Decrypt your file: openssl smime -decrypt -in bigfile.tar.ssl
Read moreGive a user complete access to Samba share contents – regardless of local permissions
It can be useful to give one user (perhaps the administrator) access to all data on the Samba server regardless of local disk access permissions and ownership. For example, suppose the administrator needs to access all data in “/home” to run nightly backups. This would be a suitable solution. The
Read moreInstall and configure VNC Server for Redhat/CentOS
This article explains how to install and configure VNC Server for Redhat or CentOS. This is the preferred graphical way to remotely manage a Redhat system. Our objective in this tutorial is to allow two users to log in via VNC; the “root” user and the “agix” user. Both will
Read moreSudo Without a Password & Restricted Commands/Groups – CentOS and Redhat
This article explains how to use SUDO without being prompted for the password. We can restrict which users and/or groups can do this. As root, edit the file “/etc/sudoers”. Add the line: agix ALL=(ALL) NOPASSWD: ALL The above means that the user “agix” can use sudo without being prompted for
Read moreSpecifying an SSH private key to use on the command line
You can specify which private key to use when issuing the Linux “ssh” command. This allows you to use one of many different private keys depending on which server(s) you’re connecting to. ssh -l agix example1.agix.local -i id_rsa.exmaple1 -v The above assumes that you have a private key in the
Read more