Webconn Technology

Blog

  • How to set up RDP with Xfce in Kali Linux

    Kali Linux is supported on multiple devices. On some systems, you will only get CLI mode installation and may not have direct access to GUI. One way to have GUI on Kali Linux is to install Xfce and setting up RDP. You can do this with the simple script as follows:

    #!/bin/sh
    echo "[+] Installing Xfce, this will take a while"
    apt-get update
    apt-get dist-upgrade -y
    apt-get install -y kali-desktop-xfce xrdp
    echo "[+] Configuring XRDP to listen to port 3390 (but not starting the service)..."
    sed -i 's/port=3389/port=3390/g' /etc/xrdp/xrdp.ini

    • To execute the above script, do the following:

    wget https://gitlab.com/kalilinux/build-scripts/kali-wsl-chroot/-/raw/master/xfce4.sh
    chmod +x xfce4.sh
    sudo ./xfce4.sh

    • If you are not using WSL, you need to start service and connect as follows:
      sudo systemctl enable xrdp --now
    • If you are using WSL, you should install dbus-x11 for Xfce and RDP to connect.

    sudo apt install -y dbus-x11

    • Start xrdp as follows:

    sudo /etc/init.d/xrdp start

    • Open RDP client on Windows system, enter the IP address of the Kali Linux server and port 3390, which is the default port if you have used the script above.

    192.168.1.1:3390

  • How to use rsync command to copy directory structure without copying files

    Add “filter rules” in rsync command to include only directories and exclude files. An example is shown below:

    rsync -av -f"+ */" -f"- *" dir-a/ dir-b

    Consult man pages of rsync to get details on “filter rules”.

  • How to allow two clients connect to the same VNC server session

    • To allow multiple users to connect to the same vnc display, start vncviewer from the client machine with the following command:

    vncviewer --shared VNC-SERVER-IP:DISPLAY

    • Make sure, you start vnc server with the --alwaysshared option.

     

  • How to connect to/setup VNC via tunnel over SSH

    If you want to connect to vnc via an ssh tunnel, you must have a user account on the machine running vnc server. You should also know that which display the vnc server is running. These details can be found in /etc/sysconfig/vncservers or via the ps command output.

    • Use the following SSH command to connect to vnc server.

    ssh -L 590X:127.0.0.1:590Y -N -f -l user-name server-name

    • Make sure to replace Y in the above command with the display number on which vnc server is running. With the new versions of vncviewer, you can create ssh-tunnel with the -via flag.

    vncviewer -via user-name@server-name server-name:1

  • How to disable ssh access for a user/group but allow command execution

    You can restrict users as well as groups to execute all commands over ssh without having access to the server.

    • The first step is to add a new option in /etc/ssh/sshd_config file as follows:
    • For user restriction, add the following and make sure to replace the username with the actual username:

    Match User username
    PermitTTY no

    • For group restriction, add the following and make sure to replace testgroup with the actual group:

    Match Group testgroup
    PermitTTY no

    • Reboot the server or restart the service until the new change takes effect.

    systemctl restart sshd

  • How to restrict the maximum simultaneous ssh logins from a specific user on AlmaLinux, CentOS

    • There should be pam_limits.conf module present in /etc/pam.d/system-auth. On older systems, this entry must also be in system-auth and password-auth files.

    grep limit /etc/pam.d/system-auth
    session required pam_limits.so

    • Add maxlogins entry in /etc/security/limits.conf as follows:

    username hard maxlogins 'number of max logins'

    • Enable PAM in /etc/ssh/sshd_config file as follows:

    UsePAM yes

  • Why AlmaLinux server receiving very slow incoming ssh connections?

    • For quick resolution, though not a permanent fix in the DNS environment, add IP hostname entries in /etc/hosts file. If you use this method, make sure the following entries are in /etc/nsswitch.conf file:

    hosts: files dns

    • The second method is to add/update the below directive in the /etc/ssh/sshd_config file:

    UseDNS no

    The default for the UseDNS directive is yes. UseDNS specifies whether sshd should look up the remote hostname and make sure that the resolved hostname for the remote IP address maps back to the same IP address.

    • If you do not want to change UseDNS directive to no and keep the directive option to yes, consider running the below command on the server.

    tcpdump -n -i any port 53 -w /tmp/ssh-whyslow.pcap

    The above command will cause simultaneous query requests reaching all name servers. If the primary DNS server is slow and secondary/tertiary are responding quickly then consider exchanging secondary with primary DNS server. Always check ssh-whyslow.pcap file to find out which DNS server is slow.

    Change nameserver orders in /etc/resolv.conf file and again ssh from the client and hopefully, a slow connection error will be resolved.

  • Does AlmaLinux provide support for mod_lua module?

    Yes, module mod_lua is supported in AlmaLinux 8 as part of httpd.

  • Does AlmaLinux provide any modules for XSS prevention in Apache httpd?

    Protection against some types of XSS attacks can be mitigated by OWASP ModSecurity Core Rule Set (CRS). You can install in AlmaLinux 8 using yum as below:

    yum install mod_security_crs

  • After joining AD, realmd do not register DNS hostname

    The error may be caused by an incorrect entry in the /etc/hosts file added by the provisioning script. To resolve this error;

    • Remove SSSD from the AD domain

    realm leave webconn.tech

    • Rename the host to use FQDN hostname

    hostname set-hostname metal.webconn.tech

    • Ensure /etc/hosts have correct entries for hosts or create forward and reverse DNS records of the server.

    192.168.1.1 metal.webconn.tech metal

    • Re-join SSSD to AD domain with the following command;

    realm join webconn.tech