Posted on by Hend Grow

The HendGrow site & YouTube channel was created to share knowledge by sharing how-to guides, book reviews, general knowledge etc, with the aim to empower the reader, viewer with the information to implement various solutions on their own or gain knowledge on various topics. Maybe you wondering what that book or topics is about, could be looking for a free firewall solution to protect the family or business. Have decided to open a store and need an open source web or retail Point of Sale (POS) system. The HendGrow site and channel provides walk-throughs on these and various other topics. The topics are either directly from our subscriber requests or derived from solutions we have implemented, that we believe could add value to the community. It’s our way to give back and hopefully help a few people along the way. If only one person gets value out of the how-to / walk-through guides then to us the effort was worth it.

[47/48] 10 simple rules, factors for great portfolio and investment success.

Posted on by Hend Grow

Shared this as it’s good advice I have followed from Jake Bogle regarding investing for the long term. Hope you also get value from it, especially in this time of market uncertainty, which we face in 2025.

Jack Bogle (May 8, 1929 – January 16, 2019) was a notable American investor, business magnate, and philanthropist. He established The Vanguard Group, serving as its chief executive, and is recognised for introducing the first index fund.

[47] 10 Simple rules for investment success with John C. Bogle

This is a snippet from The Lange Money Hour with Guest John C. Bogle. They go over the 10 simple rules for investment success.

Attribution: The Lange Money Hour with Guest John C. Bogle. https://youtu.be/Oj_hcwYtijI

Here is the portfolio I set up a while back that follows the principles of Jack Bogle: https://www.trading212.com/pies/ltzEZDRVMCu39uR3EZZRP8ItzCanq

[48] Factors that define a great portfolio – Jack Bogle

In this interview with Andrew Lo, Jack gives his view on what a good portfolio could look like. It’s diversified, low-cost, passively managed, and focused on the long term, tailored to an individual’s own risk tolerance and goals. His ideas revolutionised investing by buying the market with a cost-effective approach that could provide the best chance for success, influencing countless investors and financial advisors to this day.

Attribution: In Pursuit of the Perfect Portfolio: John C. Bogle Full interview: https://www.youtube.com/watch?v=3uJbHREmUs4&t=1s

NOTE: This information is not financial advice. It is not tailored to your circumstances. Reliance on this content is at your own risk! The material provided is for informational purposes only and does not constitute a recommendation or endorsement of any investment strategy. Always consult a qualified financial advisor before making investment decisions, as your financial situation, goals, and risk tolerance may differ.

[46] RTIR – Request Tracker Incident Response – ONE SCRIPT INSTALL!

Posted on by Hend Grow

This post is in response to a request we received via a comment from our youtube.com/HendGrow channel on a guide on RT installation.

NOTE: This guide and the included script will only work if you have followed our guide on installing an RT5 base with our script. (Scrtip is editable and can be found within guide [45] REQUEST TRACKER – ONE SCRIPT INSTALL!


The script used for this install -> https://hendgrow.com/ugs/hendgrow_auto_install_rtir_v5.sh

—Guide Start Here—

Check the base RT5 is installed and working. A quick check via the web UI.

Login to your RT5 server. In our instance, the server IP is 192.168.2.125 as can be seen by the URL.

ssh hendgrow@192.168.2.125

Download the RT auto-install script.

wget https://hendgrow.com/ugs/hendgrow_auto_install_rtir_v5.sh

Make it executable

sudo chmod +x hendgrow_auto_install_rtir_v5.sh

Now let us kick it off

sudo ./hendgrow_auto_install_rtir_v5.sh

Refresh your browser, you should now see an RTIR tab as shown in the below image.

—End—

There is still a lot to do, like configuring the domain to use, SSL, RT email gateway, task scheduler, full-text search, general system security etc etc….

If you would rather have the Virtual machine in OVA format we used in this guide? Reach out details on our contact page.

This guide does not cover server/application hardening, or security as it is a broad topic dependent on many variables and not the aim of this guide. That’s potentially for a future guide should there be demand.

You should always harden your servers by default!

Some useful links:

Secure your MariaDB installation – https://mariadb.com/kb/en/mysql_secure_installation/

Apache2 Security Tips – https://httpd.apache.org/docs/2.4/misc/security_tips.html

Ubuntu Security and Server hardening – https://ubuntu.com/security

Consider subscribing & following us if you find this content helps! It enables this type of content to reach others who might also find it useful & valuable. Also, feel free to leave a comment or message directly if you have questions:

youtube.com/HendGrow

x.com/HendGrow

[45] Request Tracker – ONE SCRIPT INSTALL!

Posted on by Hend Grow

Due to the popularity, good feedback, and support requests we received for our original request tracker guide, we decided to respond to a request to look at how to automate this installation a bit more than the previous guide. So, we created an install script that installs Request Tracker 5.0.7 from a base Ubuntu server to the point of the web UI login. An overview diagram is below.

Below is the Bash installation script to install Request Tracker (RT) 5.0.7 on an Ubuntu 24.04.2 LTS base server. (Should work on any Debian-based system 😉). This script assumes a fresh system, installs the necessary dependencies, downloads RT 5, configures it with MariaDB as the database, and sets up Apache as the web server. It’s designed to be run as root (using sudo) and includes basic error handling.

Please note:

  • This script is tailored for a typical setup and may need adjustments based on your specific environment.
  • It uses the latest stable version of RT 5 (5.0.7) available as of March 2025
  • You should first review and test this script in a non-production environment.

The script used for this install can be found here -> https://hendgrow.com/ugs/hendgrow_auto_install_rt5.sh

—Guide Start Here—

Login to your Ubuntu server. (Ubuntu install guide)

Download the RT auto-install script. 

wget https://hendgrow.com/ugs/hendgrow_auto_install_rt5.sh

Make it executable

sudo chmod +x hendgrow_auto_install_rt5.sh

Now let us kick it off

sudo ./hendgrow_auto_install_rt5.sh

During the installation, you will receive prompts that require a response. Below, I have captured the responses we used for the prompts during the creation of this walk-through guide.

1st prompt: Would you like to configure as much as possible automatically? [yes] –> Response = yes

Note: Don’t be concerned about seeing the MISSING messages. the script will rectify this at a later stage.

2nd prompt: Continue anyways? [y] –> Response = y

3rd prompt: Check for a new version of the Public Suffix List? [N] –> Response = N

4th prompt: Do you want to run external tests? These tests *will* *fail* if you do not have network connectivity. [n] –> Response = n

5th prompt: These test will detect if there are network problems and fail soft, so please disable them only if you definitely dont’t want to have any network traffic to external sites. [Y/n] –> Response = Y

6th prompt: Do you want to build the XS Stash module? [y] –> Response = y

7th prompt: Do you want to use the XS Stash by default? [y] –> Response = y

8th prompt: Password: –>  Just press the return/enter key.

Open your browser and enter the IP Address of your server. In our example it is

192.168.2.125

Login with Username = root & Password = password

How to remove the “Possible cross-site request forgery” message RT 5.0.7 will show when making changes via the Web UI.

Possible Cross-site request forgery message RT5

Edit the RT_SiteConfig.pm and add your server’s IP Address. this will remove the “Possible cross-site request forgery” message.

Steps below:

sudo vi /opt/rt5/etc/RT_SiteConfig.pm 

Set( $WebDomain, 'your-servers-ip' );

or

Set( $WebDomain, 'your-domain' );

Restart Apache

sudo systemctl restart apache2

—End—

If you would rather have the Virtual machine in OVA format we used in this guide? Reach out details on our contact page.

If you got to this stage of the guide, congratulations you now have a basic installed and working instance of Request Tracker 5.0.7! There is still a lot to do, like configuring the domain to use and linking it, SSL, RT email gateway, task scheduler, full-text search, general system security etc etc.

This guide does not cover server/application hardening, or security as it is a broad topic dependent on many variables and not the aim of this guide. That’s potentially for a future guide should there be demand.

You should always harden your servers by default!

Some useful links:

Secure your MariaDB installation – https://mariadb.com/kb/en/mysql_secure_installation/

Apache2 Security Tips – https://httpd.apache.org/docs/2.4/misc/security_tips.html

Ubuntu Security and Server hardening – https://ubuntu.com/security

Consider subscribing & following us if you find this content helps! It enables this type of content to reach others who might also find it useful & valuable. Also, feel free to leave a comment or message directly if you have questions:

youtube.com/HendGrow

x.com/HendGrow

[44] Installing Ubuntu 24.04.2 LTS base server

Posted on by Hend Grow

—Install Guide Starts Here—

Download the ISO file.

Burn to CD, make bootable USB or mount to your hypervisor’s virtual CD/DVD etc.

Turn on your machine boot off the media and follow the video below.

Login and confirm ssh is running and you can connect remotely to the server

# ssh hendgrow@192.168.2.140

[43] Install and configure a Vulnerability Scanner for Small Networks

Posted on by Hend Grow

In this quick How-To guide we go through the steps we used to install and configure Vulnerability Scanner for our small network. The product we decided on was Nessus Essentials (formally Nessus Home) from Tenable. We decided on this product as its free to use up to 16 IP addresses per scanner and has many enterprise grade capabilities. We needed a product that could scan our 5-production servers for vulnerabilities. It helped us tremendously in December 2021 when log4j hit and will add value for the current spring4shell we are looking into.

More information on this product can be found on the tenable website. https://www.tenable.com/products/nessus/nessus-essentials

[42] How to configure RT5 & E-mail.

Posted on by Hend Grow

—Guide Start Here–

Configure mail account

Navigate to Outlook.com and login or create a new account.

Once logged in, enable the account to use POP.

Settings -> Email -> Sync email. Set “Let devices and apps use POP” to yes.

You will also need to provision an Application Password.

Select My Account

Then Security -> Update

Advanced security options -> Get Started

App passwords -> Create a new app password

Copy your app password that was generated we will use this later in postfix and fetchmail

Install and configure Postfix

Now that the Outlook.com portion is sorted lets login to our RT5 server

ssh to your RT server

ssh hendgrow@172.16.52.6

Install Postfix

sudo apt-get install postfix

Select “Internet with smarthost”

Enter the SMTP server for Outlook.com = smtp.office365.com

We now need to edit a few things for Postfix to work as expected by editing the main.cf file and add the below

Our config used during this how-to can be found here – > HendGrow_Sample_Main.cf

sudo vi /etc/postfix/main.cf

smtp_sasl_password_maps = static:hendgrow@outlook.com:pbjxdgxauybypskz

smtp_sasl_auth_enable = yes

smtp_tls_security_level = may

smtp_sasl_security_options = noanonymous

relayhost = [smtp.office365.com]:587

Restart Postfix for the changes to take

sudo service postfix restart

RT user creation and assign mail address.

Login to RT and Create a new user for use with this email address. We will create user HendGrow that will be used to respond to support requests.

Login to your RT instance and create the support user /user as shown below

Admin -> Users -> Create

Under “E-Mail” capture the email address you wish to use. in our case it is hendgrow@outlook.com

Grant permissions to General queue for the new support user.

Admin -> Queues-> Select

Select the General queue

Select User Rights

Select the user and assign the required permissions.

Apply changes by clicking Save Changes

Testing outgoing mail

login as the support user you created in the previous step. Send a test mail to confirm postfix is working with office365.com by creating a new ticket.

On the RT server check the /var/log/mail.log log file for any issues. You should get a response as below. we looking for the status=sent

tail -20f /var/log/mail.log

Installing and configuring Fetchmail

To enable RT to fetch mail from our mailbox and generate tickets we need to install fetchmail.

ssh to your RT server

ssh hendgrow@172.16.52.6

Install Fetchmail

sudo apt-get install fetchmail

Ensure that fetchamail is not running and create the fethcmailrc file.

sudo service fetchmail stop

sudo vi /etc/fetchmailrc

Our config used during this how-to can be found here – > fetchmailrc

Navigate back to RT and set create permissions for “Everyone” on the General Queue.

Admin -> Queues -> Select

Select General

Grant Everyone “Create Tickets” rights.

Testing incoming mail and ticket generation.

Send an email to the mailbox so fetchmail has content it can fetch. (We sent a mail from support@hendgrow.com to our mailbox hendgrow@outlook.com)

Set permissions and run fetchmail manually for the test.

sudo chmod 0700 /etc/fetchmailrc 

sudo fetchmail -f /etc/fetchmailrc

Login to RT and verify a new ticket has been created for the incoming email.

Edit the crontab to ensure fetchmail checks for new mail in the mailbox every 5min.

sudo crontab -e

Add the following line

*/5 * * * * fetchmail  -f /etc/fetchmailrc

Your RT5 ticket system should now have the capability of sending and receiving emails for ticket creation and correspondence.

—Guide End Here–

[41] Installing Ubuntu 64-bit Server on a Raspberry Pi 4

Posted on by Hend Grow

In this quick How-To we go through the steps we use to install Ubuntu Server on a Raspberry Pi 4. We use these devices for many standard tasks on our network. As ubuntu is one of our prefered operating systems for servers. Decided to record the steps we go through while preparing a new Raspberry Pi 4 that will run ubuntu 64 bit server in the environment.

Raspberry Pi Imager: https://www.raspberrypi.org/downloads/

Ubuntu for Raspberry Pi: https://ubuntu.com/raspberry-pi

[40] Walk through – Camera SD Card picture recovery using Ubuntu and Foremost.

Posted on by Hend Grow

I deleted the images from my cameras SD card as I knew I had downloaded the images prior. What I did not know at the time was that one of my family members took additional photos! I now needed to find a way to recover these images. Well I did manage to recover all the photos. After this ordeal thought it would be valuable to share the process I used to recover data with the community. Hope you get value out of this walk through! 😉

—Guide Start Here–

Foremost Installation

$ sudo apt-get install foremost

Create the disk image of the SD Card using DD

$sudo dd if=/dev/mmcblk0p1 of=/home/hendgrow/file_recovery/images/Camera_SDCard.img status=progress

Using Foremost to recover the images from the SD card image we just created.

$ sudo foremost –t png,jpg –i /home/hendgrow/file_recovery/images/Camera_SDCard.img

Need to change the folder and file permissions as we executed the command as root.

$ sudo chown –R hendgrow:hendgrow /home/hendgrow/file_recovery/output/putput/

Thats It

—End—

Common file carving tools that might be of interest:

Foremost

http://foremost.sourceforge.net/

PhotoRec

https://www.cgsecurity.org/wiki/PhotoRec

TestDisk

https://www.cgsecurity.org/wiki/TestDisk

Scalpel 

https://github.com/sleuthkit/scalpel

[39] How to Install MediaWiki on Raspberry-Pi

Posted on by Hend Grow

—Walk Through Starts Here—

SSH to your Raspberry Pi

ssh pi@your-ip-address

Ensure the Raspberry-Pi is up-to-date

sudo apt update
sudo apt upgrade

Install the LAMP Stack on the Raspberry Pi
sudo apt-get install apache2 mariadb-server php php-mysql libapache2-mod-php php-xml php-mbstring php-apcu php-intl imagemagick inkscape php-gd php-cli php-curl php-bcmath git

sudo service apache2 reload

Download and extract MediaWiki
You can find the latest version here -> https://www.mediawiki.org/wiki/Download

As of writing this, the latest version is 1.36.1

cd /tmp/

wget https://releases.wikimedia.org/mediawiki/1.36/mediawiki-1.36.1.tar.gz

tar -xvzf /tmp/mediawiki-*.tar.gz

sudo mkdir /var/lib/mediawiki

sudo mv mediawiki-*/* /var/lib/mediawiki

sudo ln -s /var/lib/mediawiki /var/www/html/mediawiki

Configuring the MariaDB Database

sudo mysql -u root -p

Note: If you have not configured password it will be blank, so just press enter.

Create the User
mysql> CREATE USER 'wikidbadmin'@'localhost' IDENTIFIED BY 'YourPasswordHere';

Create the Database
mysql> CREATE DATABASE hendgrow_wiki;

mysql> use hendgrow_wiki;

Give the new user access to the new database
mysql> GRANT ALL ON hendgrow_wiki.* TO 'wikidbadmin'@'localhost';

mysql> commit;

mysql> quit;

Open your web browser and navigate to your server
Example: http://your-ip-address/mediawiki/

Our example: http://192.168.2.200/mediawiki/

You should see the following:

Download the “Localsettings.php” and copy it to your servers base wiki installation folder.

Refresh your browser. you should see page below.