Thursday, 16 April 2015

Setting up a PXE-Boot Server WITH HTTP & FTP

you'll need to install the following packages (which ship with FC4 already, so if you did an 'everything' OS install, you should have them already. If not, you can install them easily with yum):
If you use yum to install them, then it will be generally alot easier:
yum install tftp-server dhcp httpd syslinux
answer Y to all dependency/installation questions.
DHCP Configurations:Go to  /etc/dhcpd.conf with the following contents:
ddns-update-style interim;
subnet netmask {
default-lease-time 3600;
max-lease-time 4800;
option routers;
option domain-name-servers;
option subnet-mask;
option domain-name "abc.local";
option time-offset -8;
host {
hardware Ethernet 08:00:27:47:5E:03 ;
option host-name "";
filename "/tftpboot/pxelinux.0";

 Next you need to activate tftp within xinetd. All that is neccesary is to change disable=yes to disable=no in /etc/xinetd.d/tftp . Then restart xinetd. For future reference, the tftp RPM for FC4 stores its servable content under /tftpboot.
Now we need to setup your PXE server to use a static IP on the new private subnet. Create the file /etc/sysconfig/network-scripts/ifcfg-eth0.static with the following contents:

 Need to setup the PXE boot environment on the server. To do this, you need to have either the Linux distribution that you wish to install over PXE either in CD format, or all the content of the CDs available on the network.
On the first CD of every RH/FC distribution there is a subdirectory called 'isolinux'. In that directory you will find two files, vmlinuz and initrd.img. These are the kernel & initrd.img that the RH/FC bootable CDs use to get the installer (anaconda) booted for performing the installation. Copy both of those files into /tftpboot and make sure that they are world readable. If you are planning to allow more than one version/distribution to be PXE boot installable, then you should rename both files so that its clear that they are for whatever version/distribution they came from (such as vmlinuz-RHEL4, initrd-RHEL4).
Next, you need the actual pxe boot linux kernel (what is actually run immediately after your PXE boot client box gets a DHCP lease). In this case, that file is pxelinux.0, and is part of the syslinux RPM. For FC4, you can find it at /usr/lib/syslinux/pxelinux.0. Copy that file into /tftpboot and make sure that it is world readable.
Next we need to configure pxelinux. First create the directory /tftpboot/pxelinux.cfg (and make it world readable). Inside that directory you need to create a number of zero size files (use touch):
The first 8 are the hex representation of the IP address that your PXE boot client will be assigned. The permutations allow a broader IP subnet to be searched first for matches. The last entry is the MAC address of your PXE boot client's NIC (with dashes substituted for the colons), with '01' pre-pended. The "01" at the front represents a hardware type of Ethernet, so pxelinux.0 see's the configuration string as an IP address.
Now create the default pxelinux configuration inside the new file
prompt 1
default linux
timeout 100
label linux
kernel vmlinuz
append initrd=initrd.img ramdisk_size=9216 noapic

NFS Configurations:
Copy media @ /var/ftp/pub/RedHat
With 777 permissions on all files in RedHat Directory
Chmod 777 RedHat
Go to /etc/exports and add
Then start nfs service
FTP Configurations:
Start VSFTPD service for FTP
chkconfig vsftpd on
service vsftpd start
HTTPD Configuration:
Vi /etc/httpd.conf
Change document Root to
<Directory /var/ftp/pub/RedHat>
Options Indexes
AllowOverride None
Alias /linux /var/ftp/pub/RedHat
Now Create a virtual Host
<virtual Host *:80>
ServerAdmin admin@system qualified name
DocumentRoot /var/ftp/pub/RedHatServerName System qualified name
Error log logs/system qualified name-error_log
Custom log logs/system qualified name-access_log common
</Virtual Host>

  Now start dhcpd & apache and activate tftp by running the following:
service dhcpd start
service xinetd restart
service httpd startand verify that they are all in your process list.

Thursday, 2 April 2015

Oracle Security at Risk

Oracle Security at Risk: Pwn3d By a White Hat Hacker!

Usually, Big Companies are in a Top-Level in terms of Cyber Security! Unfortunately is not the case of ORACLE, the notorious software-house of Java.

An Information Security Researcher, Christian Galeone - Italy, demonstrated how a Single BIG Security Vulnerability. May represent a Severe Threat to Big Companies and even to their Employees!.

What he has found was a Path Traversal / LFI - Local File Inclusion Vulnerability into Java JDK7 Website!.

After his Exploitation, he noticed that Important Sensible Server-Side Data(s) were contained in it.

The Vulnerability nor only allowed him to display the Web Server Credentials including the R00T Access but into his Vulnerable Source Code they have (wrongly) disclosed more than 460+ Private Email Addresses of their Employees! - is a BIG Issue if you're worried about BlackHat Hackers ;-)

After his finding, he Fastly reported it to their Security Team which fixed it in 1 Single Day and decided to Acknowledge Christian for his Ethical Behaviour by adding him into their Next CPU (Critical Patch Update) for the next roll of 14 April 2015!.

106 0 2615

Oracle Security at Risk: Pwn3d By a White Hat Hacker!

Usually, Big Companies are in a Top-Level in terms of Cyber Security! Unfortunately is not the case of ORACLE, the notorious software-house of Java.

An Information Security Researcher, Christian Galeone - Italy, demonstrated how a Single BIG Security Vulnerability. May represent a Severe Threat to Big Companies and even to their Employees!.

What he has found was a Path Traversal / LFI - Local File Inclusion Vulnerability into Java JDK7 Website!.

After his Exploitation, he noticed that Important Sensible Server-Side Data(s) were contained in it.

The Vulnerability nor only allowed him to display the Web Server Credentials including the R00T Access but into his Vulnerable Source Code they have (wrongly) disclosed more than 460+ Private Email Addresses of their Employees! - is a BIG Issue if you're worried about BlackHat Hackers ;-)

After his finding, he Fastly reported it to their Security Team which fixed it in 1 Single Day and decided to Acknowledge Christian for his Ethical Behaviour by adding him into their Next CPU (Critical Patch Update) for the next roll of 14 April 2015!.

- See more at:

106 0 2615

Oracle Security at Risk: Pwn3d By a White Hat Hacker!

Usually, Big Companies are in a Top-Level in terms of Cyber Security! Unfortunately is not the case of ORACLE, the notorious software-house of Java.

An Information Security Researcher, Christian Galeone - Italy, demonstrated how a Single BIG Security Vulnerability. May represent a Severe Threat to Big Companies and even to their Employees!.

What he has found was a Path Traversal / LFI - Local File Inclusion Vulnerability into Java JDK7 Website!.

After his Exploitation, he noticed that Important Sensible Server-Side Data(s) were contained in it.

The Vulnerability nor only allowed him to display the Web Server Credentials including the R00T Access but into his Vulnerable Source Code they have (wrongly) disclosed more than 460+ Private Email Addresses of their Employees! - is a BIG Issue if you're worried about BlackHat Hackers ;-)

After his finding, he Fastly reported it to their Security Team which fixed it in 1 Single Day and decided to Acknowledge Christian for his Ethical Behaviour by adding him into their Next CPU (Critical Patch Update) for the next roll of 14 April 2015!.

- See more at: