@wirestyle22 said in Wazuh Manager Install - Ubuntu:

A few things:

The manager label is wrong. It says manger instead of manager.

@IRJ said in Wazuh Manager Install - Ubuntu:

Install Filebeat

There are two entries for "Install Filebeat"

I tried to install Filebeat going command by command and it can't find it.

Thanks I fixed the guide.

What you need to do is this:

#*********************************************************** #Install GPG keys and add repository #*********************************************************** curl -s https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | tee /etc/apt/sources.list.d/elastic-6.x.list #*********************************************************** # APT Update #*********************************************************** sudo apt update #*********************************************************** #Install Filebeat #*********************************************************** sudo apt install -y filebeat=6.7.1 #*********************************************************** #Download Filebeat config file to forward logs #*********************************************************** sudo curl -so /etc/filebeat/filebeat.yml https://raw.githubusercontent.com/wazuh/wazuh/3.8/extensions/filebeat/filebeat.yml #*********************************************************** #Edit Filebeat config file to point to Elastic Server IP (In this lab environment I am using 127.0.0.1) #*********************************************************** sed -i 's/YOUR_ELASTIC_SERVER_IP/192.168.122.181/' /etc/filebeat/filebeat.yml #*********************************************************** #Start Filebeat service and configure it to automatically start at boot #*********************************************************** sudo systemctl daemon-reload sudo systemctl enable filebeat.service sudo systemctl start filebeat.service

make sure to change 192.168.122.181 with your ip or localhost if you are using a single server for wazuh and ELK

@black3dynamite said in Cannot boot to LUKS encrypted drive on Ubuntu - freezes after unlocking drive:

@travisdh1 Is it possible that AppArmor installed by default on all ubuntu installation? Having AppArmor and SELinux both active can cause problems.

I'd love to hear a bit more about apparmor. I am not familiar with it at all. This should be a new thread.

@black3dynamite said in Setting Up a Standard MySQL or MariaDB Database for an Application:

@JaredBusch said in Setting Up a Standard MySQL or MariaDB Database for an Application:

I like my approach to setting this up.

Obviously, install MySQL/MariaDB first as noted above.

Then do the following. This all needs done in the same SSH session, but otherwise things are simple.

Choose once of these exports for your DB root password.

The first one is for you to specify, the second generates a random one and echo's it back to you.

# Specify your own password for MariaDB root user export DB_ROOT_PASS="somebigpasswordgoeshere" # Generate a random password for MariaDB root user export DB_ROOT_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 30)" echo "This is your MariaDB root password: $DB_ROOT_PASS" Specify the application database name and application user name # Database user to use for application export DB_USER='yourusername' # Database name to use for application export DB_NAME='yourdatabasename' Generate or specify a random password for the database user # Specify your own password for the application's database user export DB_PASS="somebigpasswordgoeshere" # Generate a random password for the application's database user export DB_PASS="$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 30)" echo "This is your password for the application user: $DB_PASS" Then create the application database, use, and grant access. mysql -e "CREATE DATABASE $DB_NAME;" mysql -e "CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '$DB_PASS';" mysql -e "GRANT ALL ON $DB_NAME.* TO '$DB_USER'@'localhost';" mysql -e "FLUSH PRIVILEGES;" Finally, lock down the system without the interactive requirement of mysql_secure_installation # Secure MariaDB (this does what mysql_secure_installation performs without interaction) mysql -e "UPDATE mysql.user SET Password=PASSWORD('$DB_ROOT_PASS') WHERE User='root';" mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');" mysql -e "DELETE FROM mysql.user WHERE User='';" # Beginning on some version of MariaDB after Fedora 29 was released, the test DB is no longer there by defualt. mysql -e "DROP DATABASE test;" mysql -e "FLUSH PRIVILEGES;"

Your approach makes it easier to use as part of a script.

It also generates random passwords, which I prefer.

@Emad-R said in Ubuntu: history -c doesn't clear:

@gjacobse

you can disable history all together if you want,

https://www.cyberciti.biz/faq/disable-bash-shell-history-linux/

Thank you, I have seen that. But I use history as a track of what I have installed and how I did it. I clear it periodically once I have exported it to a text file.

I do this also to share with my brother - as he's asked me how I've done something a number of times.

@scottalanmiller said in Ubuntu: System Program Problem detected:

That's a desktop pop up, but Ubuntu 18.04 LTS. Why the combination of old Ubuntu, but a desktop?

Why 18.04 -

Well,.. very long obtuse story cut short. having re-installed Ubuntu a time or two due to software / boot issues, I hadn't upgraded to 'save time and stress.' I felt not push to upgrade to 18.10 if I had to yet again kill and install the system. However, things appear stable - so upgrading currently.

I do see on the article, that the crashes could be past - and as such, i can delete the files (several days old) and move on.

@dafyre said in Running Xrdp on Ubuntu:

Not sure what to do about the EFI issue....

What I do when I want to use mine like that is set up x11vnc-server and then run it through XRDP (and choose the console option). It's faster than stock VNC... Don't ask me why, lol. I haven't gotten instructions for that yet, I don't think.

If I remember right, after a reboot, you have to connect, close the connection, and then reconnect back using the XRDP+VNC option. I don't have any installation instructions for that setup on hand though. I can work it out and post them if you like.

This is likely where I went 'rouge' in that I didn't use x11vnc-server.. I had notes on that,.. at least I believe and have misplaced them. so I had forget that.

As I was starting to have other 'OS' Kernel issues (the mouse and keyboard wasn't working correctly) I nuked that partition from Windows, and will rebuild. Maybe it'll survive as I am of course getting grub 'errors' since that partition is gone.

@JaredBusch said in Dual Boot: Unable to access Windows NTFS Filesystem from Ubuntu 18.04:

@Dashrender said in Dual Boot: Unable to access Windows NTFS Filesystem from Ubuntu 18.04:

@gjacobse said in Dual Boot: Unable to access Windows NTFS Filesystem from Ubuntu 18.04:

Windows DUMBASS-ory..

Talking to my brother, he mentioned some 'issues' with Windows not releasing the lock on the partition. He suggested and this is the really dumb part on windows.

To boot Windows and RESTART normally.

Since grub starts Ubuntu by default, it booted normally into Ubuntu.

I did the lsblk -f as before, only this time for /dev/sda4 - there is a UID for it. AND it shows as NTFS..

so,.. FFS Windows,.. FYS. now,.. to see how to prevent this stupidness in the future.

This why someone suggested that you go into Windows and do a full shutdown with shift shutdown.... normal shutdowns now aren’t full shut downs to allow the system to boot faster.

But he did that and it made no difference

Yup - a FULL shutdown didn't do anything more that the SHIFT shutdown.

I've run Pi-Hole in Docker, now I have it on Raspbian on Rpi 3+, I might deploy it inside Docker Swarm on my Rpi cluster at some point. I'm also trying out alternative, Adguard Home, on Rpi too, although installation is not as straightforward as Pi-Hole.

@StorageNinja said in Why I Feel KVM Is the Easiest HyperVisor to Learn the Basics On:

@Dashrender said in Why I Feel KVM Is the Easiest HyperVisor to Learn the Basics On:

The question is - why is the quality so bad? Isn't the process supposed to catch bad quality?

Their process is consider the windows insider group (extreme power users) to be a good enough replacement for proper QE teams, and writing automated build tests.

Right, the new process isn't to catch bad things, it's actually to see bad things as "not all that bad." Presumably because a shift from viewing their products as being for business to being for entertainment. Remember when Windows 95 was a key tool for businesses, but by Windows 98 they had made sure to put a "for entertainment purposes only" label on the product to make sure no one confused it with something that was intended for business use?

I feel like that's where they are now. At least internally, no one is really thinking of this as a business tool.

@gjacobse said in Fedora: Support for Hauppauge?:

Well - unless it's in there some where,.. the Official support page for Hauppauge states that they Support Ubuntu - ... So, It would seemingly be that here is another device I am unable to run under Fedora...

Or - Is that true?

@scottalanmiller - Is there options for running the WinTV-HVR 950q USB TV Stick in Fedora - or am I looking at either;

dual booting going Ubuntu only going back to Windows -

Whats wrong with Ubuntu, I rarely see the difference nowadays between Ubuntu and Fedora, both are great. And trust me there are no apps in Fedora that are not In Ubuntu actually it is the opposite

I haven't got to muck around with Netplan yet...

@gjacobse said in Security while Traveling -:

Could something like this or similar be supplemental?

Seems pretty silly.

So here is the question....

What threat do you perceive there being? How do you feel this device addresses that thread?

I don't really see any threat in the first place, and so that makes it extra hard to know how to assuage your fears. But how this device is supposed to help, I'm really unsure.

@jaredbusch said in Error While Updating Ubuntu 18.04 to 18.10:

Always reboot before doing system updates, IMO.

It was freshly powered up just to do the update. So it was.

Wow this must be an old server. pam_tally was replaced with faillock in RHEL 6.

@ccwtech said in Unifi 5.7 on Ubuntu 18.04:

Scott, why did you go with Ubuntu vs. Fedora? (Asking for a friend)

Because it's the official OS of the product. Absolutely no reason to use Fedora here. Unifi only supports Ubuntu and Debian, and Jared and I have opposite views here. Ubuntu is the business product of the Debian family, Debian is the hobby project that is used as the basis for it. Debian is great, I love the project and they do great work, but it doesn't have primary vendor support, you are at the mercy of a hobby project. Ubuntu uses that basis and turns it into a production ready release with vendor and market support options.

Ubuntu isn't Fedora, but it's still extremely good.

@moonraccoon said in Ubuntu 18.04 Live exfat:

@wrcombs My newbness is about to show again.

Hey, its okay. Im a newb too! I just have good research "skillz" (if you can call google savvy a skill....)
We can always learn more. Maybe even starting your own thread with your problems would give everyone a better idea, and the ability to help you out.