Too bad.
 |
| https://www.time.com.my/omnimesh |
Jan 27, 2022
Jan 18, 2022
Linux System Monitoring Tools
One thing I like Linux is about "command line", and the other is the terminal-based system monitoring tools.
Other the the standard "top" utility that helps to display al the running processes and gives some important information on the performance of the system.
Here are a list of "top" alternatives.
- htop - http://hisham.hm/htop/
- atop - https://www.atoptool.nl/index.php
- nmon - http://nmon.sourceforge.net/pmwiki.php?n=Main.HomePage
- vtop - https://github.com/MrRio/vtop
- bashtop - https://github.com/aristocratos/bashtop#installation
- gtop - https://github.com/aksakalli/gtop
- glance - https://nicolargo.github.io/glances/
Jan 17, 2022
Getting started with Vim visual mode
Just learn about VIM's visual mode today.
Visual mode can be useful for manipulate chunks of text. It has 3 modes: character, line and block.
- character mode : v [lowercase]
- line mode: V [uppercase]
- block mode: ctrl+v
Character Mode
- Press <v> to activate visual character mode. [VISUAL]
- Use <arrow key> to highlight the desired text.
- Press <d> to delete the text.
- Press <u> to undo.
- Press <p> to paste the text.
- Press <c> to change the text. [INSERT]
Line Mode
- Press <shirt-v> (or capital V) to enter line mode. [VISUAL LINE]
- Use <arrow key> to highlight multiple lines.
- Press <d> to delete those lines.
- Press <y> to yank those lines.
- Press > to increase the indentation of those lines.
- Press < to decrease the indentation of those lines.
Block Mode
- Useful for manipulation of specific tabular data.
- Press <ctrl-v> to enter visual block mode. [VISUAL BLOCK]
- Use <arrow key> to highlight the single character column and verify the indentation
Links:
- https://www.freecodecamp.org/news/vim-editor-modes-explained/
Jan 15, 2022
noPac Vulnerabilty for DC
Tags:
ADsec,
exploitation,
malware
Finally noPac exploit is confirmed and released. As mentioned in last month post, these 2 vulnerabilities (cve-2021-42278 and cve-2021-42287) effectively allow a regular domain user to take control of a domain controller. This is a serious concern as the exploit was confirmed as a low-effort exploit with critical impact.
Gaining domain privileges allows threat actors to gain control over a domain and use it as a starting point to deploy malware, including ransomware.
Immediate Actions:
Make sure all the domain controllers (DC) are patched and make no exception. The whole domain remains vulnerable even with one DC remain not patched successfully. The patch is available since Nov 2021.
Also do start with any detection and apply mitigation in my previous post.
Links:
Jan 14, 2022
Linux Package Managers
Tags:
linux
Package managers may do the same general things, like installing managing, and uninstalling applications, but they don't do everything the same.
Common Linux package managers such as:
- dpkg - Debian Package
- apt - Advanced Package Tool
- rpm - Redhat Packaging Manager
- yum -Yellowdog Updater Modified
- dnf - Dandified YUM
DNF uses 'libsolv' for dependency resolution with improved performance over YUM. DNF has fully documented API and well documented for creating new features. Most importantly, it uses less memory (to sync metadata from repositories), because it contains around 29K lines of code.
| dnf | apt |
|---|---|
| Searching for applications | |
| $ sudo dnf search zsh | $ sudo apt search ^zsh |
| Finding an application's package | |
| $ sudo dnf provides pgrep | $ sudo apt install apt-file |
| Installing applications | |
| $ sudo dnf install zsh $ sudo dnf group list -v $ sudo dnf group install design-suite $ sudo dnf install @design-suite |
$ sudo apt install zsh |
| Upgrading applications | |
| $ sudo dnf update | $ sudo apt update && apt upgrade |
| Removing applications | |
| $ sudo dnf remove zsh | $ sudo apt remove zsh $ sudo apt purge zsh |
Links:
- https://opensource.com/article/21/7/dnf-vs-apt
Subscribe to:
Posts (Atom)