VirtualMIN is not working yet on CentOS 8!

Good day!

I ran into problem when I decided to test drive the new CentOS 8 on my test lab. The install was good until I tried to install VirtualMIN! No luck it’s not compatible yet and will take a while to be compatible “Webmin” is compatible and working smooth!

I would suggest you stick with CentOS 7.

So far CentOS 8 is quite interesting. 😉

CentOS 8 Updated Features

Desktop Environment
Unlike previous CentOS versions where the default installation did not include a GUI, the CentOS 8 default desktop environment is GNOME 3.28. What’s more, the GNOME Display Manager now uses Wayland as the default display server (as opposed to the X.org server).

The newest GNOME (nicknamed Chongqing) includes a number of useful features including:

Extended Device Support
GNOME is now integrated with Thunderbolt 3 connection support. Whenever Thunderbolt 3 establishes a connection and becomes active, you will get notified. This feature allows you to monitor all connections closely and detect any security breaches or attempts at data breach or theft.

New Boxes Feature. There are a couple of new features included in GNOME’s application for managing remote and virtual machines. The updated version simplifies the process of creating virtual environments with its automatic downloading of operating systems. Also, its drag-and-drop feature lets you easily transfer files between machines.
New On-Screen Keyboard. The GNOME team rewrote the on-screen keyboard for the newest release in an attempt to resolve the pressing UI issues. Now, the feature has a variety of layouts supported for different locales, automatic keyboard activation, and view-shift, so the user has a clear view of the text when writing.

Upgraded UI. The new desktop environment also has several additional features added to improve UI, as well as UX. This includes multi-monitor handling, direct window handling, improved scaling, to list a few.

Networking
As far as networking features, there are two major updates:

CentOS now comes with the TCP Networking Stack version 4.16.
The default packet filtering framework used is nftables.
Most of all, these changes ensure better stability, scaling, and performance.

nftables replaces iptables, iptablesip6table, arptables, and ebtables, serving as a single framework for IPv4 and IPv6 protocols. In addition, the firewalld deamon will also use the same subsystem for filtering network transactions as its default backend.

Cockpit Web Console
The open web-based interface, Cockpit, now comes as part of the new CentOS release. Use this platform to easily manage your servers through a web console interface. Perform system tasks, create and manage virtual machines, configure networks, start containers, and inspect logs all via web browser.

Cockpit is highly integrated. Not only does it have an embedded terminal allowing you to switch from terminal to browser at any time, but it also works on mobile devices.

Therefore, when you install CentOS 8 it will automatically set up the Cockpit web console, along with opening the required firewall ports. However, you do not worry about it burdening the system. The software is quite efficient as it uses memory and CPU only when active.

Software Management
CentOS 8 comes with the YUM package manager version v4.0.4, which now uses DNF (Dandified YUM) technology as its backend. DNF is the next generation of YUM and the new OS version lets you use both for managing packages.

Integrated with DNF technology, the latest release has a much-improved software management system. It’s increased performance, has well-defined APIs, and support for modular content, software AppStreams for cloud, container workloads, and CI/CD.

Virtualization
CentOS version 8 comes with KVM (qemu-kvm 2.12) that supports:

A 5-level paging feature, extending the size of virtual addresses and increasing the addressable virtual memory.
User-Mode Instruction Prevention (UMIP), a security feature restricting access to user-space applications to system-wide settings.
Ceph storage, providing block storage capabilities on all RHEL CPU architectures.
Q35 machine type to which all the virtual machines are pre-set (the machine type includes a native PCIe hotplug, IOMMU, Secure Boot and many other newly integrated features).
Compatibility between NVIDIA vGPU and the VNC console.
A sandboxing feature, introduced by the QEMU emulator, to ensure secure code testing.

Upgraded Security
The CentOS team has improved security features to ensure data protection and prevent breaches. The latest release will now have OpenSSL 1.1.1 which by default includes TLS 1.3. This ensures that all your data, as well as your clients’ data, will be cryptographically protected.

Also, the OS comes with a system-wide cryptographic policy which means you will not have to modify security configurations for individual applications.

Install PHP 7.3 in CentOS 7

Good day! Here are the steps to install PHP v. 7.3 in CentOS 7

Step 1: Add PHP 7.3 Remi repository

PHP 7.3 is available for CentOS 7 and Fedora distributions from the Remi repository. Add it to your system by running

# sudo yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
# sudo yum -y install epel-release yum-utils

Step 2: Disable repo for PHP 5.4

By default, the enabled repository is for PHP 5.4. Disable this repo and enable on for PHP 7.3

# sudo yum-config-manager –disable remi-php54
# sudo yum-config-manager –enable remi-php73

Step 3: Install PHP 7.3 on CentOS 7

Once the repo has been enabled, install php 7.3 on CentOS 7 or Fedora using the command

# sudo yum -y install php php-cli php-fpm php-mysqlnd php-zip php-devel php-gd php-mcrypt php-mbstring php-curl php-xml php-pear php-bcmath php-json

Check version installed

# php -v

Enjoy!

The robertdavidgraham masscan!

This indicates detection of an attempted scan from Masscan port scanner.
Port scanners are used to probe computer networks to see which ports or services are available. An attacker may utilize a scanner to identify what services the target system is running and perform further attacks based on its findings. This signature detects for HTTP traffics associated with Masscan.

Affected Products

All web servers.

Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions
Monitor the traffic from the network for any suspicious activity.

Other References
https://github.com/robertdavidgraham/masscan

Log Example:

138.68.247.104 – – [10/Nov/2019:21:56:30 -0500] “GET / HTTP/1.0” 301 229 “-” “masscan/1.0