Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Dutch_Mike

Pages: [1]
1
https://www.bleepingcomputer.com/news/security/nearly-11-million-ssh-servers-vulnerable-to-new-terrapin-attacks/

Almost 11 million internet-exposed SSH servers are vulnerable to the Terrapin attack that threatens the integrity of some SSH connections.

The Terrapin attack targets the SSH protocol, affecting both clients and servers, and was developed by academic researchers from Ruhr University Bochum in Germany.

It manipulates sequence numbers during the handshake process to compromise the integrity of the SSH channel, particularly when specific encryption modes like ChaCha20-Poly1305 or CBC with Encrypt-then-MAC are used.

An attacker could thus downgrade the public key algorithms for user authentication and disable defenses against keystroke timing attacks in OpenSSH 9.5.

A notable requirement for the Terrapin attack is the need for attackers to be in an adversary-in-the-middle (AitM) position to intercept and modify the handshake exchange.

It is worth noting that threat actors often compromise networks of interest and wait for the right moment to progress their attack.

A recent report by security threat monitoring platform Shadowserver warns that there are nearly 11 million SSH servers on the public web - identified by unique IP addresses, that are vulnerable to Terrapin attacks.

Another issue that i am not sure about how much it affects our CWP servers. Also another thing to look at byt our " Einsteins "

2
DNS / DNS Server Vulnerability: Single DNS Packet can Bring Down the System
« on: February 23, 2024, 02:08:29 PM »
https://gbhackers.com/critical-dnssec-flaw/

A new flaw has been discovered in DNSSEC, which, when exploited by threat actors, could result in the unavailability of technologies such as web browsing, email, and instant messaging. This new class of attacks has been termed “KeyTrap” by researchers.

Moreover, a threat actor could completely disable large parts of the worldwide internet. KeyTrap attacks affect not only DNS but also the applications using it. The “KeyTrap” class of attacks has been assigned with CVE-2023-50387, and the severity is yet to be categorized.  As of December 2023, 31.47% of the web clients used DNSSEC-validating DNS resolvers worldwide.

Im am not sure in how much our DNS server in the CWP servers are affected by this.. but maybe something for the " Einsteins " amongst us to look at.

3
DNS / New addresses for b.root-servers.net per 2023-05-16
« on: February 02, 2024, 08:52:16 PM »
https://b.root-servers.org/news/2023/05/16/new-addresses.html

New addresses for b.root-servers.net
2023-05-16

USC/ISI is renumbering both its IPv4 and IPv6 addresses for b.root-servers.net on 2023-11-27. Our new IPv4 address will be 170.247.170.2 and our new IPv6 address will be 2801:1b8:10::b. USC/ISI will continue to support root service over our current IPv4 and IPv6 addresses for at least one year (until 2024-11-27) in order to provide a stable transition period while new root hints files are distributed in software and operating system packages.

We are renumbering to increase the resilience of the Root Servers System by further diversifying the number of Regional Internet Registries (RIRs) that have allocated IP addresses to Root Server Operators. Our addresses will be the first in the Root Server System to have been allocated by LACNIC and our routes will be verifiable through LACNIC’s Resource Public Key Infrastructure (RPKI) Trust Anchor Location (TAL). We thank LACNIC for helping make this renumbering possible, and ARIN for supporting our prior addressing assignments.

Update on 2023-05-30: LACNIC posted a separate announcement about this renumbering.


The named.root or named.ca file in our centos distrubutions were made in 2018. They not have been Updated since.

4
Other / Cant post a reply on my own started topic
« on: January 30, 2024, 01:51:25 PM »
Forbidden
You don't have permission to access this resource.

is what i get after i pushed the post button.
As you see i dont have troubles creating a new post.

HELP

5
PHP / php-fpm83 not installing well / working
« on: January 29, 2024, 09:46:25 PM »
I have tried installing php-fpm83 about 10 times . i did 2 times a new setup of my bare metal server. i downloaded and have used the latest 8 stream version ( Kernel: Linux 4.18.0-535.el8.x86_64) and the version before that. no matt what i do, i can not get 8,3 installed working. during install i get multiple errors. can not find can not make. I installed while firewall was disabled as i found out that a rule in my firewall ( ip that tried to gain access and was automatic banned, but no idea wich) was blocking access to the repositories. so that cant be the issue either.

Im honestly a bit done with CWP. i have so many little issues that not getting solved.... and i after 10 times reinstalling im a bit done honestly.

anyone any clue what i can do ?

i will paste some messages from the cli
this is the last part of the installation with errors.

Code: [Select]
Package libsodium-devel-1.0.18-2.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
chdir: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 28505  100 28505    0     0  51360      0 --:--:-- --:--:-- --:--:-- 51360
/usr/local/cwpsrv/htdocs/resources/conf/el8/php-fpm_selector/external_modules/8.3/sodium.sh: line 9: /opt/alt/php-fpm83/usr/bin/phpize: No such file or directory
/usr/local/cwpsrv/htdocs/resources/conf/el8/php-fpm_selector/external_modules/8.3/sodium.sh: line 10: ./configure: No such file or directory
make: *** No targets specified and no makefile found.  Stop.
make: *** No rule to make target 'install'.  Stop.
/usr/local/cwpsrv/htdocs/resources/conf/el8/php-fpm_selector/external_modules/8.3/sodium.sh: line 14: /opt/alt/php-fpm83/usr/bin/php-config: No such file or directory
ERROR: Missing extension file /sodium.so

Build Completed
###################


Notification added
this is the result when i do a " systemctl status php-fpm83 "
Code: [Select]
]# systemctl status php-fpm83
● php-fpm83.service - The PHP FastCGI Process Manager
   Loaded: loaded (/usr/lib/systemd/system/php-fpm83.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Mon 2024-01-29 22:20:55 CET; 7min ago
  Process: 554732 ExecStart=/opt/alt/php-fpm83/usr/sbin/php-fpm --nodaemonize --fpm-config /opt/alt/php-fpm83/usr/etc/php-fpm.conf (code=exited, status=203/EXEC)
 Main PID: 554732 (code=exited, status=203/EXEC)

Jan 29 22:20:55 stdwwwsrv001.standerhosting.nl systemd[1]: Started The PHP FastCGI Process Manager.
Jan 29 22:20:55 stdwwwsrv001.standerhosting.nl systemd[1]: php-fpm83.service: Main process exited, code=exited, status=203/EXEC
Jan 29 22:20:55 stdwwwsrv001.standerhosting.nl systemd[1]: php-fpm83.service: Failed with result 'exit-code'.

when i do a "ls /opt/alt/php-fpm83/usr/lib/php/extensions"
This is the output
Code: [Select]
ls: cannot access '/opt/alt/php-fpm83/usr/lib/php/extensions': No such file or directory
When i do "systemctl | grep php "
This is the output
Code: [Select]
cwp-phpfpm.service                                                                               loaded active running   The PHP FastCGI Process Manager
  cwpsrv-phpfpm.service                                                                            loaded active running   The PHP FastCGI Process Manager
  php-fpm53.service                                                                                loaded active running   The PHP FastCGI Process Manager
  php-fpm72.service                                                                                loaded active running   The PHP FastCGI Process Manager
  php-fpm82.service                                                                                loaded active running   The PHP FastCGI Process Manager
● php-fpm83.service                                                                                loaded failed failed    The PHP FastCGI Process Manager

I have tried to install with the basic settings. turned off ioncube, and still same.
I have zipped and uploaded the complete php-selector-rebuild.log
https://gofile.io/d/5rzfxS
Hope someone can figure out whats wrong,
So im serious in need of help / assistance.

6
I may have a suggestion for those running the CWP on a linux distribution.
To improve the  upload to your webclients you can implement a different way how the TCP stack is handeling the requests.

Quote
Enable TCP BBR and other network stack optimizations
BBR is a new congestion control agorithm which dramatically decreases the time needed for a TCP connection to ramp up to maximum speed. It also contains improvements to counter other problems like router buffer bloat which causes network latency spikes.

To enable BBR you need you have kernel version 4.9 or higher. See your kernel version with uname -a. On Ubuntu you can upgrade to a newer kernel by enabling HWE.

Create a file called /etc/sysctl.d/60-bbr.conf with the following contents:

Code: [Select]
net.core.default_qdisc = fq_codel
net.ipv4.tcp_congestion_control = bbr
net.ipv4.tcp_notsent_lowat = 16384
net.ipv4.tcp_slow_start_after_idle = 0

After doing that you can run sysctl -p or reboot to apply the changes.
Verify that it’s working with this command: sysctl net.ipv4.tcp_congestion_control. It should return bbr.

Here a link to get more information on how to test it before and after implementation. https://www.cyberciti.biz/cloud-computing/increase-your-linux-server-internet-speed-with-tcp-bbr-congestion-control/

7
PHP / Failed to Download PHP version 8.1.2!
« on: January 31, 2022, 01:17:07 PM »
After going to the PHPO switcher and telling i want to upgrad from 8.1.1 to 8.1.2 the tail log gives me this  message after about 3 minutes

/usr/local/src/php-rebuild.sh: line 78: [: -ge: unary operator expected
Failed to Download PHP version 8.1.2!

i tried this on 2 equal same machines and both have same error.

the machine doesnt finish anything and the version stays 8.1.1


8
Hello,

I wanted to redirect a domain name i host on my server to another server that i dont own, so i was looking for the redirect option under domain options in the userpanel. It is not there to be found as you can see.


However, when for example i click one of the modules under the domain option and i click with my mouse on the address bar and change the clicked module name into "redirect" i do get the redirect page / module and i can do the things i wanted... and it is still functioning as you can see


So my request to the makers / programmers, is it possible you just put the redirect link in function back in the domain menu again ? That is more convenient to access and a less hassle

Thanks in advance
regards,
Mike

im running centos 8 stream updated to the last updates

9
CentOS-WebPanel Bugs / cwp8
« on: October 16, 2020, 01:01:31 AM »
Hi,
I installed as a vm a new centos 8 minimal and choose for cwp8 with the installation.
But after i logged in it still shows me cwp7 pro in the upper left corner.
Is that ok ? or did something went wrong ?
Does it has to show somewhere cwp8 pro ?

Regards,
Mike

10
Hi,

i tried to install PHP-FPM 7.4 through the selector in the panel, but it doesn do anything.
When i look in the log file and in my console with the command tail -f /var/log/php-selector-rebuild.log i get this as output:

-2020-06-17 03:38:07--  http://dl1.centos-webpanel.com/files/php/selector/el7/php-dependencies.sh
Resolving dl1.centos-webpanel.com (dl1.centos-webpanel.com)... 37.187.72.216
Connecting to dl1.centos-webpanel.com (dl1.centos-webpanel.com)|37.187.72.216|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1011 [application/x-sh]
Saving to: '/usr/local/src/php-dependencies.sh'

     0K                                                       100% 98.1M=0s

2020-06-17 03:38:07 (98.1 MB/s) - '/usr/local/src/php-dependencies.sh' saved [1011/1011]

Redirecting to /bin/systemctl restart httpd.service

Build Completed
###################


Error:Can't add notification!

Help ?

Regards,
Mike

11
Backup / New Backup 2
« on: February 16, 2020, 10:12:26 PM »
Implementation of improvement requested.

So far im using the new back up  and its functioning well. I am just missing the option to name the file.
I would like the output file name to be able to manual configured, or that you guys put the date of creation in the file name.
Now the file name on the remote location is the same everytime.

I have no idea where the scripts are that i can do it myself, otherwise i would.

But just add / append the creation date and time to the file name so u can have multiple offsite file backups a day

Regards
Mike

12
CentOS-WebPanel Bugs / Missing start buttons in service status windows
« on: September 14, 2019, 09:42:19 PM »
Hi

I had a working installation before.. and after updates i noticed im missing the start buttons in the service status window.
I been checking and testing but could not find a solution. Since im still learning and playing around.. i decided to make a new installatation on a VM and work from there.
I was even more surprised that after a fresh installation the buttons still missing.

Ido run cwp pro

See attachment

so what to do ?

Pages: [1]