Blocking https sites with IPFire

Got a request from “dedu mihail” & “Amandeep Singh” on how to block https sites. In this quick walk-through we show how to use the proxy with manual settings which is needed to block https urls / sites. It does not work via transparent mode. (We could not find a simple way to make it work via transparent mode).

1. Configure the end user machine to use the proxy.

2. Configure the proxy on IPFire to use the url filter capability.

3. Configure the url filter to block the https url 4. Configure the url filter to allow restriction bypass for listed IP’s.

Your free & private VPN solution! Use it while on the go! (A how to guide)

Ever been away from home or office and wanted to use a VPN securing your network connection. (You should always use a VPN when on un-trusted networks!) You also never sure what the “Free” VPN providers are doing with your logs. Why not setup your own VPN, that you have full control off. In this how to guide we will go through the installation of IPFire with OpenVPN and the relevant configurations. This will enable you to make use of your own private VPN when away from home or the office.

NextCloud Setup – Azure

In this walk-through we will demonstrate the basic steps used to install NextCloud on Azure.

This walk-through will include:

1) Create the Virtual Machine running Ubuntu

2) Install snap & NextCloud via snap on the Virtual Machine.

3) Configure Static IP with DNS / FQDN.

4) Configure Firewall rules.

5) Configure HTTPS with lets Encrypt

6) Test the the NextCloud instance is accessible.

Commands used:

  1. sudo apt-get update
  2. sudo apt-get install snap
  3. sudo snap install nextcloud
  4. sudo nextcloud.enable-https lets-encrypt

Keep in mind this is only a basic install and will need to be secured using best security practices etc. If enough demand, we might do a future walk through on how to secure your public facing systems. 

NextCloud Setup – Raspberry Pi !

In this walk-through we will take you through the steps on how to install NextCloud on your Raspberry Pi.

This walk-through will include:

1) How-to format and mount an external usb disk for data storage.

2) How-to install and setup MariaDB for the SQL backend.

3) How-to instal the NextCloud Software.

Steps – Pdf NextCloud Setup – Raspberry Pi  or follow below.

NextCloud Setup – Raspberry Pi !


Url’s used: Rasbian

https://www.raspberrypi.org/downloads/raspbian/


Components:

  • Raspberry Pi 3
  • 32 GB SD Card
  • USB Keyboard
  • Monitor with HDMI
  • 2TB External HDD (usb)

Steps:

Setup your raspberry Pi

  1. Download the arm image from https://www.raspberrypi.org/downloads/raspbian/
  2. Extract the image from the file you have downloaded.
  3. Flash your SD Card with the image you extracted using Etcher. (Or your preferred tool)
  4. Remove the SD Card from your computer and insert it into the Raspberry Pi.
  5. Connect all the components to the Raspberry Pi and power it on
  6. Complete the usual installation / configuration steps. (https://www.raspberrypi.org/documentation/installation/installing-images/README.md)
  7. Set a static IP. We will use 192.168.1.253 for our lab demosud.
  8. ssh to your raspberry pi and follow the below sections.

Preparing the External HDD (usb)

  1. Before you plug in the usb disk, Tail the messages file with the command below:

~$ tail -f /var/log/messages | grep disk

Our output:

We now know that the disk is on ## /dev/sda

  1. Let us now create a partition.

~$ sudo fdisk /dev/sda

Our inputs used in order (m | d | F | n | y | w)

Visual below:

  1. Create the filesystem.

~$ sudo mkfs -t ext4 /dev/sda1

  1. Create a directory to test the mount.

~$ sudo mkdir /mnt/NCSTORE

  1. Verify the disk is able to mount

~$ sudo mount /dev/sda1 /mnt/NCSTORE

  1. list the currently mounted disks.

~$ df -lh

You should see the volume mounted:


Hendgrow Lab df

  1. If all working as expected, edit the /etc/fstab to make the mount permanent. As per our example we added the following line:

HendGrow Lab fstab pic

Update the installation.

~$ sudo apt-get update

~$ sudo apt-get upgrade


MariaDB Install & DB / User creation.

  1. Install MariaDB and secure it.

~$ sudo apt install mariadb-server

~$ sudo mysql_secure_installation

Our inputs used in order (y | y | y | y | y)

Don’t forget the password you set during this step!

Create the NextCloud Database & DB user

  1. Login to the SQL server and provide the password you set in the previous step.

~$ sudo mysql -u root -p

  1. Create the Database to be used by NexCloud

CREATE DATABASE ncdb;

  1. Create the user we will use to access the DB we just created

CREATE USER ‘ncdbuser’@’localhost’ IDENTIFIED BY ‘yourpasswordhere’;

  1. Grant the user permissions to use the DB we created

GRANT ALL PRIVILEGES ON ncdb.* TO ‘ncdbuser’@’localhost’;

  1. Finalize the setting with

FLUSH PRIVILEGES;


Install NextCloud

  1. Install Apache, PHP & PHP SQL Connector.

~$ sudo apt-get install apache2 php-mysql php7.3 php7.3-gd php7.3-curl php7.3-zip php7.3-xml php7.3-mbstring

  1. Now restart Apache

~$ sudo service apache2 restart

  1. Fetch NextCloud and extract it.

At the time of this walk through version nextcloud-17.0.2. is the most current.

To view what is available see: https://download.nextcloud.com/server/releases/

~$ cd /var/www/html

~$ curl https://download.nextcloud.com/server/releases/nextcloud-17.0.2.tar.bz2 | sudo tar -jxv

  1. We need to set the correct permissions

~$ sudo chown -R www-data:www-data /var/www/html/nextcloud/

~$ sudo chown -R www-data:www-data /mnt/NCSTORE

~$ sudo chmod 750 /mnt/NCSTORE

  1. Open your browser and navigate to your Raspberry pi ip/nextcloud

http://192.168.1.253/nextcloud

  1. Enter the details requested.

Enabling Network-Wide Ad blocking!

In this walk through we will show you how to install Pi-Hole to enable network wide ad blocking on your network. We will also show you how to configure a windows machine and the basic steps on how to enable it network wide via your router.

–START–

Url’s used: Pi-Hole – https://pi-hole.net/

Debian 9 (Stretch) – https://www.debian.org/releases/stretch/debian-installer/

DD-WRT – https://dd-wrt.com/

Prerequisites

Prerequisites

Steps

  1. Install one of the supported operating systems
  2. ssh to the OS you decided to use after the OS installation. (We used Debian 9 for the walk through.)– $ su– # wget -O basic-install.sh https://install.pi-hole.net– # bash basic-install.sh
  3. login you our device/s and point its dns settings to the Pi-Hole server. Alternatively change the settings on your router to provide the Pi-Holes ip as your networks dns via DHCP. For more detail refer to the video provided by the link below or reach out to us.

Star Wars : Episode IV in ASCII

Star Wars : Episode IV in ASCII. Found this old gem on the internet while working on another project. Thought it’s worth sharing. For more information regarding Star Wars Episode IV in ASCII visit:

—http://asciimation.co.nz & http://blinkenlights.nl—

Star Wars : Episode IV in ASCII

Watch it via Telnet

Install telnet on your preferred OS. Then telnet to the url. We used Ubuntu 18.04 LTS

  • Install telnet
    hendgrow@HGMCSRV01:/$ sudo apt-get install telnet
  • Kick it off
    hendgrow@HGMCSRV01:/$ telnet towel.blinkenlights.nl

Watch it via your web browser

Open your web browser and navigate to – http://asciimation.co.nz

uniCenta oPOS – Installation walk-through, Start to Finish

uniCenta oPOS is a Powerful commercial-grade open source Point of Sale system.

In this walk-through we will show you the steps to install a fully functional enterprise grade Point of Sale system. We personally have installed this system and its in use daily.

The guide or steps used in this tutorial can be found in the YouTube description section of the video guide.

Url’s used

Unicenta – https://sourceforge.net/projects/unicentaopos/

Java – https://www.java.com/en/download/win10.jsp

Visual C++ – https://download.microsoft.com/download/0/5/6/056dcda9-d667-4e27-8001-8a0c6971d6b1/vcredist_x64.exe

MySQL – https://dev.mysql.com/downloads/windows/installer/5.7.html


Steps:

Once you have downloaded the software with the provided links. Install the software. During the walkthrough it was done in the following order.

Note: It is required to install “Visual C++ 2013 Redistributable x64” before starting the “ MySQL 5.7” install. The version of MySQL is important.

  1. Java
  2. Visual C++ 2013 Redistributable x64
  3. MySQL 5.7 (Server)
  4. Extracted unicentaopos-4.3.2_no_installer.zip

Configuration

  1. One you have install the MySQL server and created a user, Open the MySQL command line utility and create the database “ unicentaopos”

# CREATE DATABASE unicentaopos;

  1. Extract the unicentaopos-4.3.2_no_installer.zip and run the “start.bat” file.
  2. Select the tab database and enter the detail of the database, username and password you created during the MySQL install.
  3. run “start.bat” this time it should prompt you to create the database as none is detected. Select yes.


Posted in POS

QRadar 7.3.1 (CE) Community Edition – Install – Start to Finish – (Unofficial)

QRadar Community Edition 7.3.1 is a fully-featured version of QRadar that you can use at home or in your lab. A new feature of QRadar Community Edition 7.3.1 enables IBM Security X-Force® Threat Intelligence IP reputation for use.

Note: “# sudo /opt/qradar/support/changePasswd.sh -a” command is used to set the QRadar WUI admin password at the end of the installation.

QRadar Community Edition v7.3.0 is the previous release.

Q1 LABS, QRADAR and the ‘Q’ Logo are trademarks or registered trademarks of IBM Corp. All other trademarks are the property of their respective owners.

This is an unofficial video.

Disclaimer – https://www.hendgrow.com/disclaimer/