Fios Network Extender WCB3000N

Over the years, I have tried several options shy of wiring the house from one end to the other with Cat6. A couple of options were discussed here. A different option that had never occurred to me until recently is the use of the Fios Network Extender WCB3000N. It was worth the risk at only $16.19 on Amazon, but will...Read More »

Y2K20 Problem?

eBay will send some sort of notification of an auction that is about to end.  The results are usually something that is about to end within the next several hours or so.  However, for auctions that are ending near the year 2020, this has been the latest result.  8742h 9m 7s remaining.  Wow.  By the way, this auction has already...Read More »

iPhone Sucks! Another Reason

As a user of Windows and Linux desktop and server operating systems and a user for Android phones, I find it particularly annoying to have to figure out a problem on an iPhone.  A little background.  Someone I know became an iPhone user several years back because they wanted a stable phone with good support, battery life, and ease of...Read More »

Install AWX or Ansible Tower without Docker on CentOS7

Ansible Tower (formerly ‘AWX’) is a web-based solution that makes Ansible even more easy to use for IT teams of all kinds. It’s designed to be the hub for all of your automation tasks. Installation There are quite a few good scripts that are already circulating around. This script resolves a few issues with the others I have seen.  I...Read More »

Install duo client on CentOS

DUO is a self-described "easy-to-use" two-factor authentication method that protects access to federated cloud and on-premises applications and servers.  DUO offers several pricing plans and a free tier.  The free tier is quite generous providing dual factor authentication to up to 10 users.   This article assumes that you have created a DUO account, logged into the admin dashboard and ready...Read More »

Install Apache Tomcat 9 Complete with Updated Scripts

In this exercise, Tomcat 9 will be installed with OpenJDK 8 using a self-signed certificate using the http2.Http2Protocol protocol.  I've updated and simplified the script since my last attempt at a similar Tomcat 9 installation.  I have also added SELinux context, log rotation, and speed! Enjoy Tomcat Screenshot from an earlier version, but the end result is the same.  Read More »

MySQL Plugin FEDERATED is disabled resolution

MySQL 5.6.xx  logs may contain a "Note" message that the "Plugin 'FEDERATED' is disabled." The plugin has been available since MySQL 5.0.3 and is a storage engine that accesses data in tables of remote databases rather than local tables. There is a resolution to this. Log Entries 2019-11-12 21:52:18 2338 [Note] Plugin 'FEDERATED' is disabled. Resolution Then edit the my.cnf...Read More »

MySQL RSA private key file not found resolution

MySQL 5.6  logs may contain a "Note" message that the RSA private key file not found ... and [s]ome authentication plugins will not work. There is a resolution to this. Log Entries 2019-11-12 21:22:15 897 [Note] RSA private key file not found: /var/lib/mysql//private_key.pem. Some authentication plugins will not work. 2019-11-12 21:22:15 897 [Note] RSA public key file not found: /var/lib/mysql//public_key.pem....Read More »

Thin Provisioned Logical Volumes

One virtual machine for some unknown reason is utilizing thin provisioned logical volumes.  This one virtual machine is the only one in a series of virtual machines.  In any case, I didn't understand what it meant to have a system running thin provisioned logical volumes until it crashed and I couldn't revive it.  Fortunately, there was a snapshot that the...Read More »

Sudo Flaw Permits Restricted Root Runas Access

Sudo Flaw Permits Restricted Root Runas Access.  sudo configured to allow a user run commands as another user with the ALL keyword using the runas command specifying the user ID -1 or 4294967295 can run commands as root even when explicitly disallowed.  The PAM session will not run for the command.  This vulnerability is assigned as CVE-2019-14287 and affects sudo...Read More »

How to Create a Centralized Log Server with Rsyslog in CentOS/RHEL 7.4+

The syslog server comes standard on CentOS/RHEL 7+ and is a system utility providing support for message logging. Support of both internet and unix domain sockets enables this utility to support both local and remote logging.  With a couple of configuration changes can become a central monitoring server. There are syntax changes pre CentOS/RHEL 7.4 and CentOS/RHEL 7.4+ for semanage...Read More »

Create an Ansible script for DISA STIG and execute it in CentOS 7

Securing a CentOS 7 install doesn't have to be tough.  Code already exists, we just have to find it and execute it. Prerequisites yum install openscap scap-security-guide -y Verification The version of the scap-security-guide that was tested is 0.1.40. scap-security-guide.noarch 0.1.40-13.el7.centos @updates Test The purpose of this test is to determine if the scap-security-guide supports DISA STIG. oscap info /usr/share/xml/scap/ssg/content/ssg-centos7-ds.xml...Read More »