Arch Linux: Windows OS not apearing in Grub boot loader.

  July 30, 2021 Raaz   , , , , , ,   No comments   Edit
As I have installed Endeavour Linux operating system, on first boot I could see Windows OS option in boot menu. Later its gone. After searching a while, I came across below solution which worked.

Main reason is the os-prober is disabled by default so it wont be able to detect other OS available in the same system. So first we have to enable it.

Open file `/etc/default/grub` and add `GRUB_DISABLE_OS_PROBER=false` to the very end of the file. If you have already have this property, set it to `true`.

You can also execute below command, make sure you are in root shell or sudo user to execute this command. 

echo "GRUB_DISABLE_OS_PROBER=false" >> /etc/default/grub


Then, execute below commands 


sudo pacman -Syu
sudo pacman -S grub-tools
sudo pacman -S grub os-prober
sudo grub-mkconfig -o /boot/grub/grub.cfg


Actually if you `os-prober` command you can see the output that Windows detected right away 


[agastya@agastya-thinkpad ~]$  sudo os-prober 
/dev/nvme0n1p1@/efi/Microsoft/Boot/bootmgfw.efi:Windows Boot Manager:Windows:efi
[agastya@agastya-thinkpad ~]$


Once grub configuration generated, restart your machine and you can see Windows in the grub menu.

Thank you.
Hope it helps.

Arch Linux - Frequent or Random Freezes

  July 30, 2021 Raaz   , , , , , , ,   No comments   Edit

I have bought a new Leveno Thinkpad AMD Series laptop and installed EndeavourOS in it. Endeavour is a Arch flavour and Arch is known for stability. Usually I am CentOS fan but as Corporate made its choice with CentOS future, I did research thoughting of sticking with one of my favorite Arch Linux. But Arch, you have to setup everything and its an interesting process though time taking. So I have chosen its flavour which comes with everything setup from GUI to Stack OS

One problem kept me frustrated that its freezes randomly and started connecting Ethernet adapter suddenly and that hangs the entire OS and sometimes I have experienced restarts as well.

On searching around Arch Linux forums I came across installed a LTS kernel solving the issue.

If you are also facing the issue you can solve it by installing LTS kernel with below commands


sudo pacman -S linux-lts linux-lts-headers
sudo grub-mkconfig -o /boot/grub/grub.cfg

And reboot your machine. While Booting make sure you are selecting the LTS kernel instead of regular one.

Hope it helps.

How to start sonarqube using dockers ?

  July 29, 2021 Raaz   , ,   No comments   Edit

SonarQube is an open-source platform developed by SonarSource for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages. SonarQube offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, comments, bugs, and security vulnerabilities.

If you have Docker installed, then its very easy to have a SonarQube instance running your machine below instructions.


docker pull sonarqube

docker run -d --name sonarqube_container -p 9000:9000 sonarqube

In your browser access http://localhost:9000

And login with default credentials as below

username = admin password = admin

Hope it helps.
Thank you.

Javascript: Custom exceptions

  July 28, 2021 Raaz   , , ,   No comments   Edit
In Javascript custom exception can be created and make them caught by `catch`.
For example lets see below code 

let json = '{ "age": 30 }'; // incomplete data
try {
  let user = JSON.parse(json);  
  if (!user.name) {
    throw new Error("Incomplete data: no name"); 
  }
  alert( user.name );
} catch (err) {
  alert( "JSON Error: " + err.message ); // JSON Error: Incomplete data: no name
}
Hope it helps.
Thank you.

Computer Security Series - Part 2 - Basic Terminology

  July 21, 2021 Raaz   , ,   No comments   Edit

                                    Security Series

Part 2

Part-1

Weakness: A Quality or feature that prevents something from being secure. A weakness encourages Attackers to use the specific app which has weakness as Attack surface.

Vulnerability: A weakness in a system, application or network that is subject to exploitation or misuse.

Exploit: A program that allows attackers to automatically break into a system.

Attack: An attempt to gain unauthorized access.

Mitigation: Steps taken to eliminate or diminish a threat or risk.

Exposure: A period of time during which a vulnerability can possibly be exploited.

Security Framework
    - Identify: Identify the risks or gaps in your environment and the people, process and tools you need.

    - Protect: protect your environment. You need to tune and see areas to protect continuously,

    - Detection: Detection is vital, check for alarms and alerts, the quicker you detect a potential exploit or a potential bad actor entering your network, the faster your response time is.

- Response: Response is critical, once you get an alarm, you need to respond to that immediately.

- Recover: Get your systems back online, review the lessons learned.

This is full life cycle Identify -> Protect -> Detection -> Response -> Recovery
                           
                        Security Teams
Red Team: Technical and penetration testers. actively trying to attack the network in an ethical way to see if they can find any vulnerabilities or weakness.

Blue Team: protecting environment daily like SOC ( security operations center). These analysts are reading alarms and triaging. Always looks for false positives. They are trying to see what is a real attack and whats not.

Purple Team: When read and blue team come together and simulate an attack and work together to improve the entire security posture.

Zero Day Exploit: A repeatable implementation of an attack unknown to the community or O-Day exploit. Nobody ever heard of it before, so don't know how to defend against it. Attackers can use ZDE to gain access to the system as nobody ever heard of it or know how to defend it.

Back Door: A Means of accessing your computer that bypasses computer security mechanism. Often developers will put backdoor into apps or products as a troubleshooting mechanism. They think no one will ever know its there. But attackers will hunt and search for them. They find where the backdoor is and publicize it across internet. Never build backdoor to your product.

Access control: A means of restricting access to files, referenced functions, URLs and data based on the identity of users and or groups to which they belong.

Authentication: The verification of the claimed identity of an application user. Its starts in HR process where we verify identity through background checks.

*In Order to recognize and mitigate an attack, you must understand the methods of attack*

Part-1

Computer Security Series - Part 1 - Basic Terminology

  July 21, 2021 Raaz   , ,   No comments   Edit

 Security Series

Part 1

Hello Everyone, I am starting a security series. At this moment I don't have much information where we would be landing.

Lets just get started!!!

In this post I am coming up with security terminology and their definition, this is complete theory so you can also read in your mobile.

Secure environment is a combination of people, process and tools( 3 tiers of security). All these 3 entities must work together and play vital role to have a secure environment.

Process: Have standards to apply security at everything we do.

Tools: find and fix problems to have the most secure offering at the end of the day

Attacker: An Adversary seeking to exploit potential vulnerabilities of a system.

Application Security: Measures taken to improve the security of a an application by finding, fixing and preventing security problems.

Software security: Engineering software so that it continues to function correctly under malicious attack.

Threat: Possible danger that might breach security and cause harm.

Risk: the possibility of a negative or undesirable occurrence.

Attack Surface: The interface an attacker could use to attempt to compromise a product or system.

Builders - Breakers - Defenders


Builder is a developer who builds something and must make sure that the build is secure by leveraging right tools, techniques and processes to ensure whatever they are creating is secure.

Breakers: People looking at the build and then trying to break into it.

Defenders: look at the overall system and secure it to prevent bad actors from getting in and doing something to the system

Employing a common vocabulary encourages effective security communication within the organization.

   CIA Triad - Foundational building blocks of application security

 
- Confidentiality : Information is protected from unauthorized disclosure. Nobody should be looking at or reading the information they shouldn't have access to if we have confidentiality.

- Integrity: The assurance that information is trustworthy accurate and has not been modified.

- Availability: A guarantee of reliable access to information by authorized people
 



Vagrantfile: In a more ruby way to customize RAM and CPU core.

  July 11, 2021 Raaz   , , , ,   No comments   Edit

Hello Everyone,

    Here is my new Vagrantfile which coded in more ruby way. This code helps you with customize RAM, CPU and OS based provision script.

Most of the code is self explanatory if you have basic understanding of Vagrant.



# -*- mode: ruby -*-
# vi: set ft=ruby :

# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.

$hostnames = <<-script echo="" master.mypuppetsetup.com="" puppet="" puppetmaster="">> /etc/hosts
echo "192.168.66.20 k8sworker1 k8sworker1.mypuppetsetup.com" >> /etc/hosts
echo "192.168.66.30 k8sworker2 k8sworker2.mypuppetsetup.com" >> /etc/hosts
SCRIPT

$centos_setup = <<-script -y="" :hostname="" apt-get="" epel-release="" install="" script="" servers="[" ubuntu_setup="<<-SCRIPT" update="" yum=""> "puppetmaster",
    :ip => "192.168.66.10",
    :box => "centos/7",
    :ram => 4096,
    :cpu => 2
  },
  {
    :hostname => "k8sworker1",
    :ip => "192.168.66.20",
    :box => "centos/7",
    :ram => 2048,
    :cpu => 1
  },
   {
    :hostname => "k8sworker2",
    :ip => "192.168.66.30",
    :box => "ubuntu/trusty64",
    :ram => 2048,
    :cpu => 1
  }
]
Vagrant.configure("2") do |config|

  servers.each do |machine|
    config.vm.define machine[:hostname] do |node|
      node.vm.box = machine[:box]
      node.vm.hostname = machine[:hostname]
      node.vm.network "private_network", ip:machine[:ip]
      node.vm.provision "shell", inline: $hostnames
      node.vm.provider "virtualbox" do |vb|
        vb.customize ["modifyvm", :id, "--memory", machine[:ram]]
        vb.customize ["modifyvm", :id, "--cpus", machine[:cpu]]
      end
    node.vm.provision "shell" ,inline: $hostnames
    
    if machine[:box] == "centos/7"
      node.vm.provision "shell" ,inline: $centos_setup
    end

    if machine[:box] == "ubuntu/trusty64"
      node.vm.provision "shell" ,inline: $ubuntu_setup
    end

    end
  end
end
 
 
Hope it helps
Thank you.
Subscribe to: Posts (Atom)