Windows 11 Insider Build is Out

Microsoft is releasing its first Windows 11 preview build today. Windows Insiders can download the Windows 11 preview (build 22000.51) right now, which includes access to the new Start menu, multitasking features, and overhauled Microsoft Store. Unlike the previous Windows 11 leak, this official preview also features an updated File Explorer that replaces the ribbon with a command bar to simplify file management a little more.

Most of the Windows 11 visual changes that Microsoft revealed last week will be available in this initial preview. The new Start menu with its centered launcher-like interface is part of this build, alongside rounded corners throughout the OS and improvements to the notification center, volume flyouts, and more. If your PC has an accelerometer, the Windows 11 lock screen will also include a parallax motion effect.

Windows 11’s new themes and dark / light mode improvements are also part of this preview, alongside the new Widgets feature. All of the new themes — Glow, Captured Motion, Sunrise, and Flow — are designed with the centered taskbar in mind, and Microsoft has coupled them with new sounds in Windows 11 as you use the OS.

Animated gif showing Snap layouts with 3 app windows.

Two big Windows 11 features are missing, though: Microsoft Teams integration and Android apps on Windows. Both are still being developed and tested by Microsoft but will appear in later preview builds.

This Windows 11 preview also includes Microsoft’s new Snap Groups and Snap Layouts features, to improve multitasking across a variety of screen sizes. These new Snap features build on a lot of the multitasking features that have been in Windows for years but make them easier to discover and more useful — particularly in multiple-monitor scenarios.

Microsoft is also overhauling the Settings section of Windows 11. This preview build include changes that make it easier to navigate around and find the setting you need. Settings now has a left-hand navigation panel that persists throughout, making it quicker to switch between sections. Microsoft has built new “hero” controls at the top that offer quick access to information or settings that are relevant for each section.

Alongside the Windows 11 preview today, Microsoft is also releasing a preview of its Office refresh for Windows 11. The updated UI includes rounded corners in Office apps to match Windows 11 and some changes to how the dark and light modes work.

If you’re interested in testing the Windows 11 preview build, you’ll need to enroll in the Windows Insiders program and then navigate to Settings > Update & Security > Windows Insider Program on a Windows 10 device to enable the Dev Channel and obtain Windows 11 builds.

You’ll need a compatible machine, although Microsoft says it’s waiving its new hardware requirements during this preview period for those who have been testing Windows builds prior to June 24th. Otherwise, you’ll need to use Microsoft’s PC Health Check app to see if your system is compatible.

Windows 11 TPM 2.0

Microsoft has updated its documentation around the minimum Trusted Platform Module (TPM) security requirements for installing Windows 11, saying now that PCs will be required to have a TPM 2.0 chip in order to run the operating system.

In the updated documentation, Microsoft has removed the reference to a “hard floor” for Windows 11 that would’ve allowed PCs with TPM 1.2 to still install the new OS.

Microsoft’s original documentation had characterized TPM 2.0 as a recommendation rather than a requirement. According to the original documentation, as long as a PC had at least TPM 1.2 – which was released in 2011 – it would meet the minimum security requirements for Windows 11. Microsoft had said that devices with TPM 1.2 would “receive a notification that upgrade is not advised,” but wouldn’t be prohibited from installing Windows 11.

For Intel Core chips, support for Windows 11 starts at the eighth-generation line, meaning that PCs with seventh-gen Intel Core chips and older would not be compatible with Windows 11, based on Microsoft’s disclosure.

The first builds of Windows 11 will begin rolling out to Windows Insider testers early next week, and Windows 11 will be generally available this holiday as a free update for compatible Windows 10 PCs, Microsoft said. Windows 11 will only see one major feature update per year, in contrast to the twice-a-year feature updates for Windows 10, the company disclosed.

Check for compatibility
Use the PC Health Check app to see if your current PC meets the requirements to run Windows 11. If so, you can get a free upgrade when it rolls out.

Download App here

Direct Download link on the official Microsoft website

You may also verified that your computer have the minimum TPM 2.0 installed by opening TPM.msc

You may need to activated it in your Bios option if it’s available.

Enjoy!

I will post a workaround method to be able to install windows 11 on older unsupported computer soon! Stay tuned 😉

To be able to install Windows 11 on unsupported computer you will need :

Install Windows directly into your existing OS, insert your USB key and just run setup

Workaround method 1

  1. Windows 10 ISO decompressed files
  2. You will need to go into the “sources” folder of windows 10 install
  3. Then you will need to delete the “install.esd” file and then copy the “sources” folder into your Windows 11 installation “sources” folder. “overwrite all files”
  4. Now you will be able to start the installation process of Windows 11 on your unsupported computer
  5. To bypass the account creation unplug your internet connection and select “sign-in options”. Select “Offline Account”, this will allow you to create a local account.
  6. Finish the installation setup

🙂

Workaround method 2

  1. Download the fix zip file here that contain appraiserres.dll
    (Download here)
  2. Unzip and copy & replace the appraiserres.dll files in the /sources folder of your Windows 11 installation
  3. Run the install and you should be good!

This is not for production and it’s only for you to see the new windows 11 on your unsupported computer.

Note that many device driver will not work yet!

Workaround method 3

Modify Registry

The first method involves simply editing Windows Registry during the installation process of the new operating system. On unsupported devices, if you try to install the new OS, a message will appear on your screen stating that the computer isn’t compatible.

At that screen, you need to press Shift+F10 to open Command Prompt window and modify the registry. In Command Prompt, you need to run regedit.exe and create a new key “LabConfig” under HKEY_LOCAL_MACHINE\SYSTEM\Setup. In the “LabConfig” key, create two new entries:

  • BypassTPMCheck=dword:00000001
  • BypassSecureBootCheck=dword:00000001

Save the changes and compatibility errors will disappear.

Otherwise, you can also create a .reg file with the following line of code:

Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\Setup\LabConfig] “BypassTPMCheck”=dword:00000001 “BypassSecureBootCheck”=dword:00000001

Save this (.reg) file in a USB drive and perform a clean installation of Windows 11 when it is officially released. During the installation process, press Shift + F10 and type notepad and hit enter.

In Notepad, open the file menu and locate and apply the reg file. This will bypass the TPM+SecureBoot requirements.

Here is a view of Windows 11 installed on Acer Aspire One with TPM 1.2

  • Open an elevated command prompt (Run as Administrator)
  • Enumerate the 3rd party drivers with the following command:
    pnputil /enum-drivers
  • Find the driver with the Original Name of wdcsam.inf (if the incompatible driver was wdcsam64_prewin8.sys) and note the Published Name for the driver, which is oem##.inf

    Fix to Enable Memory Integrity Core Isolation in Windows 10 on Surface Laptop 3 2

  • Run the command to uninstall the driver:
    pnputil /delete-driver oem##.inf
  • Back at the Memory Integrity setting, click Scan Again and it should allow you to enable Memory Integrity
  • After enabling Memory Integrity, you’ll need to restart your computer

Install Php 8.0 on CentOS7

Install PHP 8.0 alongside other PHP versions

# sudo yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# sudo yum -y install https://rpms.remirepo.net/enterprise/remi-release-7.rpm
# sudo yum -y install yum-utils
# sudo yum-config-manager –disable ‘remi-php*’
# sudo yum-config-manager –enable remi-safe
# sudo yum -y install php80

Videotron Ltee

We’re helping Quebec businesses get back to business!

The current situation is causing Québec businesses’ needs to evolve quickly and challenges to multiply. At Videotron Business and Fibrenoire, we are committed to supporting all our customers as they get ready to relaunch their activities. Discover the various measures, offers, and solutions we have implemented to help businesses of all kinds across Québec—big and small—rise to the challenges that come with our new reality.

Learn more!

Videotron Ltee

Revo Uninstaller

The Uninstaller module is Revo Uninstaller ‘s primary feature for situations when a program won’t uninstall normally or when you have some doubts that a program has not been uninstalled completely.

Also when a program is uninstalled, often times there are multiple files, folders, and/or Registry entries left on your system, which can cause various issues if not removed. This happens more frequently than you might think.

Revo Uninstaller acts as both a replacement and a supplement to the built-in functionality in Windows by first running the built-in uninstaller for the program, and then scanning for leftover data afterwards, making it your best choice when it comes to completely remove stubborn programs, temporary files, and other unnecessary program data that is left behind after the standard uninstall process.

Download it now!

ClearOS ~ Test Bench!

Why ClearOS?
Applications and an operating system come with your computer, tablet, and phone. So, why not on your server? HPE is redefining the small business server by offering ClearOS with HPE ProLiant servers. ClearOS is a simple, open, and affordable operating system with an intuitive graphical web-based user interface and an application marketplace with over 100 apps to choose from, with more being added every day. Leveraging open source software, you decide what applications you need and only pay for the applications and support you want.

HPE and ClearCenter are making it easy for small, home, remote, and branch offices to have a server ready to use, out of the box, at no additional cost. HPE ProLiant integrated with ClearOS offers a simple, affordable, and secure experience. Building the IT solution that is just right for you has never been easier.

https://montreal.poweredbyclear.com/

Powered by ClouDNS – ClearOS – Videotron Ltee, Montreal, Quebec

Install rkhunter on CentOS 7

Installing rkhunter 1.4.6 on CentOS 7

I think that rkhunter is a valuable tool no matter the distribution that is used.

In CentOS 7 rkhunter 1.4.6 is found in the EPEL repository, we must make sure that this is available to use first:

$ sudo yum install -y epel-release

The install then is straight forward using yum.

$ sudo yum install rkhunter
$ sudo rkhunter --update
$ sudo rkhunter --propupd

We may also want to manually copy the /etc/passwd and /etc/group file to /var/lib/rkhunter. I gerenerally do not as they are copied in the first scan. The ubuntu install makes copies of these files for you.

If we don’t the first scan will warn that the group file and passwd file could have changed.

$ sudo rkhunter --check --sk
...
Performing group and account checks
    Checking for passwd file                          [ Found ]
    Checking for root equivalent (UID 0) accounts     [ None found ]
    Checking for passwordless accounts                [ None found ]
    Checking for passwd file changes                  [ Warning ]
    Checking for group file changes                   [ Warning ]
    Checking root account shell history files         [ OK ]

Further details can be found in the log file /var/log/rkhunter/rkhunter.log. Note that with rkhunter 1.4.6 on CentOS 7 we have the extra rkhunter log directory.  As this is the first scan though, we know that the reference files did not exist.

They will exist now and on a second running the warning will not show. Of course, adding a new user will trigger the warning again but will also update the reference files, /var/lib/rkhunter/passwd and /var/lib/rkhunter/group. Each check will update the references.

By default the CentOS install does not check root access in SSH. We should enable this by editong /etc/rkhunter.conf. Look for the line:

ALLOW_SSH_ROOT_USER=unset

Change the line to read:

ALLOW_SSH_ROOT_USER=no

The file /etc/ssh/sshd_config can be configured with:

PermitRootLogin=no

Once set, restart the sshd service with:

$ sudo systemctl restart sshd

Running the rkhunter check now will report SSH root login as secured. The execution of rkhunter is enabled with cron by default.

Enjoy!

Lynis new version 3.0

Lynis is a security auditing tool for UNIX derivatives like Linux, macOS, BSD, Solaris, AIX, and others.

It performs an in-depth security scan. Software packages are available via https://packages.cisofy.com.

Michael Boelen

Michael Boelen is company founder and responsible for defining strategy and development efforts. He is a specialist in the field of Linux and UNIX security. Work experience includes small to Fortune 500 companies (Philips, T-Systems, and ASML).

Contributions to the field include open source security tools like Rootkit Hunter (rkhunter) and Lynis. He is also a regular contributor to our blog Linux Audit, covering Linux security.

Enjoy!

https://cisofy.com/downloads/lynis/

Install Mattermost 5.26 on CentOS 7 using PostgreSQL

Assuming that you have a running centos 7 server using webmin + virtualmin with a qualified domain name.

Mattermost is an open-source online chat service. Mattermost is developed by Mattermost Inc, and it is written in Golang and Javascript. Mattermost is designed as an internal chat server for organizations and being marketed as an alternate to Slack.

Mattermost has a simple web interface that can be used for administration as well as instant messaging. Besides that, there are various chat clients are available as Desktop and Mobile Apps for Mattermost chat server.

In this article, we are installing Mattermost 5 on CentOS 7 server. We are also installing PostgreSQL 11, as a prerequisite of Mattermost server software.

Install PostgreSQL yum repository as follows:

[root@easy-admin ~]# rpm -ivh https://download.postgresql.org/pub/repos/yum/reporpms/EL-7-x86_64/pgdg-redhat-repo-latest.noarch.rpm

The same PostgreSQL package provides the yum repositories for various versions of PostgreSQL database.

Therefore, we are disabling the PostgreSQL yum repositories other than version 11 as follows.

[root@easy-admin ~]# yum-config-manager –disable pgdg10 pgdg94 pgdg95 pgdg96

Build yum cache for PostgreSQL repository.

[root@easy-admin ~]# yum makecache fast

Install PostgreSQL client and server packages using yum command.

[root@easy-admin ~]# yum install -y postgresql11 postgresql11-server

Initialize PostgreSQL database instance as follows.

[root@easy-admin ~]# /usr/pgsql-11/bin/postgresql-11-setup initdb

Edit pg_hba.conf file to allow md5 based user authentication.

[root@easy-admin ~]# nano /var/lib/pgsql/11/data/pg_hba.conf

Find following directive:

host                   all               all            127.0.0.1/32             ident
and update it as:
host                   all               all            127.0.0.1/32             md5

Enable and start PostgreSQL service.

[root@easy-admin ~]# systemctl enable postgresql-11.service

Start PostgreSQL

[root@easy-admin ~]# systemctl start postgresql-11.service

Connect as postgres user and set password for admin user.

[root@easy-admin ~]# su – postgres

-bash-4.2$ psql

psql (11.4)

Type “help” for help.

postgres=# ALTER USER postgres WITH PASSWORD ‘123’;
ALTER ROLE

Create the Mattermost database.

postgres=# CREATE DATABASE mattermost;

Create the Mattermost user.

postgres=# CREATE USER mmuser WITH PASSWORD ‘123’;
CREATE ROLE

Grant all privileges on mattermost database to mmuser.

postgres=# GRANT ALL PRIVILEGES ON DATABASE mattermost to mmuser;
GRANT

Exit from psql and logout from postgres user.

postgres=# \q
-bash-4.2$ exit
logout

PostgreSQL 11 has been installed on CentOS 7 server.

Installing Mattermost 5 on CentOS 7 server:

Download Mattermost software using wget command.

[root@easy-admin ~]# cd /tmp

[root@easy-admin ~]# wget https://releases.mattermost.com/5.26.1/mattermost-5.26.1-linux-amd64.tar.gz

Extract downloaded TAR file using following command.

[root@easy-admin ~]# tar -C /opt -xvf mattermost-5.26.1-linux-amd64.tar.gz

Create the storage directory for Mattermost files. This storage directory is used to store files and images posted by Mattermost users.

[root@easy-admin ~]# cd

[root@easy-admin ~]# mkdir /opt/mattermost/data

Create OS user and group for Mattermost software.

[root@easy-admin ~]# useradd –system –user-group mattermost

Adjust file permissions and ownership of /opt/mattermost directory.

[root@easy-admin ~]# chown -R mattermost:mattermost /opt/mattermost [root@easy-admin ~]# chmod -R g+w /opt/mattermost

Edit /opt/mattermost/config/config.json file to set PostgreSQL database configurations.

[root@easy-admin ~]# nano /opt/mattermost/config/config.json

Search for “SqlSettings” section and update following directives therein.

“DriverName”: “postgres”, “DataSource”: “postgres://mmuser:123@127.0.0.1:5432/mattermost?sslmode=disable&connect_timeout=10”,

Testing Mattermost configurations by executing mattermost command.

[root@easy-admin ~]# cd /opt/mattermost/

[root@easy-admin ~]# sudo -u mattermost ./bin/mattermost
* Go get yourself a cup
of coffee and let it run a bit,

The server should run now!

Exit!

Create a systemd service unit for Mattermost.

[root@easy-admin ~]# cd

[root@easy-admin ~]# nano /usr/lib/systemd/system/mattermost

…and define the service unit directives as follows.

[Unit]
Description=Mattermost
After=syslog.target network.target postgresql-11.service

[Service]
Type=notify
WorkingDirectory=/opt/mattermost
User=mattermost
ExecStart=/opt/mattermost/bin/mattermost PIDFile=/var/spool/mattermost/pid/master.pid
TimeoutStartSec=3600 LimitNOFILE=49152

[Install]
WantedBy=multi-user.target

Save and close Nano.

Enable and start mattermost.service.

[root@easy-admin ~]# systemctl enable mattermost.service

[root@easy-admin ~]# systemctl start mattermost.service

Allow Mattermost service port in Linux firewall (I use CSF).

[root@easy-admin ~]# firewall-cmd –permanent –add-port=8065/tcp

[root@easy-admin ~]# firewall-cmd –reload

Open your browser and go to http://yourdomain:8065

Fill out the information requested!

Et Voilà

😉

Mattermost

This will work on the latest Mattermost 5.26.1 release.

Hope you enjoy!

Lost your password in Windows 10?

2 Effective Ways To Reset Windows Password If You Forgot It ...

Boot up your PC using your windows 10 install disk or usb

Choose Repair your computer

Go in Advanced Option

Select the Command Prompt option

Type diskpart
> diskpart

DISKPART > list volume

Choose your biggest partition or where your system32 directory is located

Exit DISKPART
> exit

Type the following in the command prompt
> move d:\windows\system32\utilman.exe d:\windows\system32\utilman.exe.bak
> copy d:\windows\system32\cmd.exe d:\windows\system32\utilman.exe

restart
> wpeutil reboot

Click on Easy of Access

You are now in the dos prompt

net user fullaccess /add

net localgroup administrators fullaccess password /add

reboot

Select fullaccess user

Go in Control Panel

Click on user account

Select the account you wish to reset the password

Reboot

Go back to /system32/

copy to your desktop utilman.exe.bak

rename it on your desktop to utilman.exe

copy the file back to /system32/

Reboot

Maybe it will work, maybe not! The last resort would be to fetch the user data on a backup usb drive and re-install the hole thing!

Enjoy!

Mamonga Film Trailer – SERBIA

DIRECTOR: Stefan Malešević
CAST: Marta Bjelica, Dražen Pavlović, Nabi Tang, Vuk Janošević, Radoje Čupić

Jovana works at a bakery in the small town where she lives with her father. Her somewhat shy peer Marko is supposed to follow in his own father’s footsteps and become a truck driver. But the events of one night change both their lives…

Prevent Bad Crawler Bots to overload your server!

Good day, we had some issues over the weekend at LiquidWeb! The problem was a large volume of crawling on some specific websites. Here is a good practice to prevent this from happening.

—————————————————————-
robot.txt (Block only those bots)
—————————————————————-
user-agent: AhrefsBot
user-agent: MJ12bot
user-agent: Semrushbot
disallow: /

—————————————————————-
robot.txt (Block all except google)
—————————————————————-
User-Agent: Googlebot
Allow: /
User-Agent: *
Disallow: /

This input will block access to your website to all bots apart of Google.

In Theory. Many bots don’t respect it so it is good idea to block them through .htaccess file.

—————————————————————-
.htaccess
—————————————————————-
RewriteEngine On
RewriteBase /

RewriteCond %{HTTP_USER_AGENT} .*Twice.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*Yand.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*Yahoo.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*Voil.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*libw.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*Java.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*Sogou.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*psbot.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*Exabot.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*boitho.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*ajSitemap.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*Rankivabot.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*DBLBot.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*MJ1.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*Rankivabot.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*ask.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*AhrefsBot.* [OR]
RewriteCond %{HTTP_USER_AGENT} .*Semrush.*
RewriteRule ^(.*)$ http://example.com/ [L,R=301]

Order Allow,Deny
Allow from all
Deny from 104.16.0.0/12
Deny from 110.0.0.0/8
Deny from 111.0.0.0/8
Deny from 112.0.0.0/5
Deny from 120.0.0.0/6
Deny from 124.0.0.0/8
Deny from 125.0.0.0/8
Deny from 147.0.0.0/8
Deny from 169.208.0.0
Deny from 175.0.0.0/8
Deny from 180.0.0.0/8
Deny from 182.0.0.0/8
Deny from 183.0.0.0/8
Deny from 202.0.0.0/8
Deny from 203.0.0.0/8
Deny from 210.0.0.0/8
Deny from 211.0.0.0/8
Deny from 218.0.0.0/8
Deny from 219.0.0.0/8
Deny from 220.0.0.0/8
Deny from 221.0.0.0/8
Deny from 222.0.0.0/8

# make your own list 😉 PlaySafe!

Note: RewriteCond ^(.*)$ ,…. will forward all crawler’s to http://example.com [L,R=301]

Enjoy!

VirtualMIN is not working yet on CentOS 8!

Good day!

I ran into problem when I decided to test drive the new CentOS 8 on my test lab. The install was good until I tried to install VirtualMIN! No luck it’s not compatible yet and will take a while to be compatible “Webmin” is compatible and working smooth!

I would suggest you stick with CentOS 7.

So far CentOS 8 is quite interesting. 😉

CentOS 8 Updated Features

Desktop Environment
Unlike previous CentOS versions where the default installation did not include a GUI, the CentOS 8 default desktop environment is GNOME 3.28. What’s more, the GNOME Display Manager now uses Wayland as the default display server (as opposed to the X.org server).

The newest GNOME (nicknamed Chongqing) includes a number of useful features including:

Extended Device Support
GNOME is now integrated with Thunderbolt 3 connection support. Whenever Thunderbolt 3 establishes a connection and becomes active, you will get notified. This feature allows you to monitor all connections closely and detect any security breaches or attempts at data breach or theft.

New Boxes Feature. There are a couple of new features included in GNOME’s application for managing remote and virtual machines. The updated version simplifies the process of creating virtual environments with its automatic downloading of operating systems. Also, its drag-and-drop feature lets you easily transfer files between machines.
New On-Screen Keyboard. The GNOME team rewrote the on-screen keyboard for the newest release in an attempt to resolve the pressing UI issues. Now, the feature has a variety of layouts supported for different locales, automatic keyboard activation, and view-shift, so the user has a clear view of the text when writing.

Upgraded UI. The new desktop environment also has several additional features added to improve UI, as well as UX. This includes multi-monitor handling, direct window handling, improved scaling, to list a few.

Networking
As far as networking features, there are two major updates:

CentOS now comes with the TCP Networking Stack version 4.16.
The default packet filtering framework used is nftables.
Most of all, these changes ensure better stability, scaling, and performance.

nftables replaces iptables, iptablesip6table, arptables, and ebtables, serving as a single framework for IPv4 and IPv6 protocols. In addition, the firewalld deamon will also use the same subsystem for filtering network transactions as its default backend.

Cockpit Web Console
The open web-based interface, Cockpit, now comes as part of the new CentOS release. Use this platform to easily manage your servers through a web console interface. Perform system tasks, create and manage virtual machines, configure networks, start containers, and inspect logs all via web browser.

Cockpit is highly integrated. Not only does it have an embedded terminal allowing you to switch from terminal to browser at any time, but it also works on mobile devices.

Therefore, when you install CentOS 8 it will automatically set up the Cockpit web console, along with opening the required firewall ports. However, you do not worry about it burdening the system. The software is quite efficient as it uses memory and CPU only when active.

Software Management
CentOS 8 comes with the YUM package manager version v4.0.4, which now uses DNF (Dandified YUM) technology as its backend. DNF is the next generation of YUM and the new OS version lets you use both for managing packages.

Integrated with DNF technology, the latest release has a much-improved software management system. It’s increased performance, has well-defined APIs, and support for modular content, software AppStreams for cloud, container workloads, and CI/CD.

Virtualization
CentOS version 8 comes with KVM (qemu-kvm 2.12) that supports:

A 5-level paging feature, extending the size of virtual addresses and increasing the addressable virtual memory.
User-Mode Instruction Prevention (UMIP), a security feature restricting access to user-space applications to system-wide settings.
Ceph storage, providing block storage capabilities on all RHEL CPU architectures.
Q35 machine type to which all the virtual machines are pre-set (the machine type includes a native PCIe hotplug, IOMMU, Secure Boot and many other newly integrated features).
Compatibility between NVIDIA vGPU and the VNC console.
A sandboxing feature, introduced by the QEMU emulator, to ensure secure code testing.

Upgraded Security
The CentOS team has improved security features to ensure data protection and prevent breaches. The latest release will now have OpenSSL 1.1.1 which by default includes TLS 1.3. This ensures that all your data, as well as your clients’ data, will be cryptographically protected.

Also, the OS comes with a system-wide cryptographic policy which means you will not have to modify security configurations for individual applications.

Install PHP 7.3 in CentOS 7

Good day! Here are the steps to install PHP v. 7.3 in CentOS 7

Step 1: Add PHP 7.3 Remi repository

PHP 7.3 is available for CentOS 7 and Fedora distributions from the Remi repository. Add it to your system by running

# sudo yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
# sudo yum -y install epel-release yum-utils

Step 2: Disable repo for PHP 5.4

By default, the enabled repository is for PHP 5.4. Disable this repo and enable on for PHP 7.3

# sudo yum-config-manager –disable remi-php54
# sudo yum-config-manager –enable remi-php73

Step 3: Install PHP 7.3 on CentOS 7

Once the repo has been enabled, install php 7.3 on CentOS 7 or Fedora using the command

# sudo yum -y install php php-cli php-fpm php-mysqlnd php-zip php-devel php-gd php-mcrypt php-mbstring php-curl php-xml php-pear php-bcmath php-json

Check version installed

# php -v

Enjoy!

The robertdavidgraham masscan!

This indicates detection of an attempted scan from Masscan port scanner.
Port scanners are used to probe computer networks to see which ports or services are available. An attacker may utilize a scanner to identify what services the target system is running and perform further attacks based on its findings. This signature detects for HTTP traffics associated with Masscan.

Affected Products

All web servers.

Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions
Monitor the traffic from the network for any suspicious activity.

Other References
https://github.com/robertdavidgraham/masscan

Log Example:

138.68.247.104 – – [10/Nov/2019:21:56:30 -0500] “GET / HTTP/1.0” 301 229 “-” “masscan/1.0

Flushing the swap file in Webmin without rebooting

Flushing the Swap file (Virtual Memory):

# swapoff -a && swapon -a

Disabling the Swap File:

# sudo swapoff -a

Permanently Disabling the Swap File:

# nano /etc/fstab

And # hash out the line indicated as swap then reboot:

/etc/fstab
/dev/mapper/centos-root / xfs defaults 0 0
UUID=5cd945c2-5ca7-48c5-b67b-0f3610534e8f /boot xfs defaults 0 0
/dev/mapper/centos-home /home xfs defaults 0 0
# /dev/mapper/centos-swap swap swap defaults 0 0

Remove Webmin Logo in Login Screen

Good day!

I am running the latest version: Webmin v1.932

I was searching for a while on how to remove the Webmin logo in the login screen and other stuff related to the Webmin admin page!

Here is the solution that worked for me.

Locate session_login.cgi” and edit it in here…,  /usr/libexec/webmin/authentic-theme/session_login.cgi and remove the Webmin heading and logo by taking out the code lines below:

Look for the line code: #114 to #119 and remove the code.

print '<i class="wbm-webmin"></i><h2 class="form-signin-heading">
<span>'
. (
&get_product_name() eq 'webmin'
? $Atext{'theme_xhred_titles_wm'}
: $Atext{'theme_xhred_titles_um'}
) . '</span></h2>' . "\n";

I removed the “must enter username and password…” text code by removing the line #126:

print '<p class="form-signin-paragraph">' .
&Atext('login_message') . '<strong> ' . $host .
'</strong></p>' . "\n";

Here is the semi-final result:

NOTE: After a Webmin update you will have to redo all steps!

We are not done yet!

Now let’s remove the “Login to Webmin” in the browser tab title.

Locate the file in /usr/libexec/webmin/authentic-theme/authentic-lib.pm

Comment out lines #1749 to #1755 to remove the page title.

Now verified that the title is gone! You will see your *”domain name” instead of the “Login to Webmin” title.

We are almost done here!

Now let’s remove or change the Webmin favicon.ico

Navigate to /usr/libexec/webmin/ and locate the favicon.ico and rename it to favicon.ico-renamed. Upload your own favicon.ico in /usr/libexec/webmin/

Here is the final result:

My last suggestion would be to change your webmin port 10000 to another one.

Here you go!

7 Days to Die Alpha 18 Release

With over 2.5 million copies sold on PC (digital download), 7 Days to Die has redefined the survival genre, crafting and world-building content. Set in a brutally unforgiving post-apocalyptic world overrun by the undead, 7 Days to Die is an open-world game that is a unique combination of first person shooter, survival horror, building, and role-playing games.

The best update so far!

Deploy date to public : 10-07-2019 (12:45pm Est Time)

Enjoy!

Add a Swap file on CentOS 7

Step 1: Open a terminal window

# su –  or # sudo -s

Step 2: Creation of the Storage File for the new swap file

Type the following command to create 512MB swap file (1024 * 512MB = 524288 block size):

# dd if=/dev/zero of=/swap bs=1024 count=524288

If you don’t want to have to reboot use the following commands:
(This is useful for debugging automout issue)

524288+0 records in
524288+0 records out
536870912 bytes (537 MB) copied, 3.23347 s, 354 MB/s

1. if=/dev/zero : Read from /dev/zero file. /dev/zero is a special file in that provides as many null characters to build storage file called /swap.
2. of=/swap : Read from /dev/zero write storage file to /swapf.
3. bs=1024 : Read and write 1024 BYTES bytes at a time.
4. Count=524288 : Copy only 523288 BLOCKS input blocks.

Step 3 : Secure the new created swap file

Setup the correct file permission:

# chown root:root /swap
# chmod 0600 /swap

A world-readable swap file is a huge local vulnerability.

Step 4: Set up a Centos 7 swap area

Type the following command to set up a Linux swap area in a file:

# mkswap /swap

Sample outputs:

Setting up swapspace version 1, size = 524284 KiB
no label, UUID=0e5e7c60-bbba-4089-a76c-2bb29c0f0839

Step 5: Enabling the swap file

Finally, activate /swap swap space immediately, enter:

# swapon /swapfile1

Step 6: Update /etc/fstab file

To activate /swap after CentOS 7 system reboot, add entry to /etc/fstab file. Open this file using a text editor such as nano:

# nano /etc/fstab

Copy & Paste the following line:

/swap none swap sw 0 0

Save and close the file.

Verify if your swap file is activated?

# free -m

total       used       free     shared    buffers     cached
Mem:          1876       1798         77          0        119       1440
-/+ buffers/cache:        237       1638
Swap:         4607          0       4607

Display swap usage summary

# swapon -s

Filename				Type		Size	Used	Priority
/dev/sda6                               partition	4194296	0	0
/swap                                   file		524280	0	0

Another option is to view /proc/meminfo file:

# less /proc/meminfo
# grep -i –color swap /proc/meminfo

SwapCached:        30748 kB
SwapTotal:       6291448 kB
SwapFree:        6154008 kB

Optional, test the new swap file:

# swapoff -a
# swapon -a

Enjoy!