Profile cover photo
Profile photo
Ranjith P
60 followers
60 followers
About
Posts

Post has attachment
How to install openstack in ubuntu 16.04
The hardware we’ll be using is based on the following specifications: 1 x MAAS Rack with Region controller: 8GB RAM, 2 CPUs, 1 NIC, 40GB storage 1 x Juju node: 4GB RAM, 2 CPUs, 1 NIC, 40GB storage 4 x OpenStack cloud nodes: 8GB RAM, 2 CPUs, 2 NICs, 80GB sto...
Add a comment...

Post has attachment
HTTP TRACE / TRACK Methods Enabled (CVE-2004-2320, CVE-2010-0386, CVE-2003-1567)
Treat: "The remote Web server supports the TRACE and/or TRACK HTTP methods, which makes it easier for remote attackers to steal cookies and authentication credentials or bypass the HttpOnly protection mechanism.   Track / Trace are required to be disabled t...
Add a comment...

Post has attachment
Disable TLSv1.0 protocol in apache
Disable the use of TLSv1.0 protocol in favor of a cryptographically stronger protocol such as TLSv1.2. The following openssl commands can be used to do a manual test: openssl s_client -connect ip:port -tls1 If the test is successful, then the target support...
Add a comment...

Post has attachment
CVE-2016-2183: Disable and stop using DES and 3DES ciphers in tomcat
Title: Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32) CVEID: CVE-2016-2183 Threat: "Legacy block ciphers having block size of 64 bits are vulnerable to a practical collision attack when used in CBC mode.  All versions of ...
Add a comment...

Post has attachment
Disable TLSv1 in java
Check which Java is currently running [root@test ~]# java -version java version "1.7.0_141" OpenJDK Runtime Environment (rhel-2.6.10.1.el7_3-x86_64 u141-b02) OpenJDK 64-Bit Server VM (build 24.141-b02, mixed mode) Make changes in respective java.security fi...
Add a comment...

Post has attachment
CVE-2016-2183 : Disable and stop using DES and 3DES ciphers in Red Hat Linux
TITLE: Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32) CVEID: CVE-2016-2183 We need to add DES and 3DES in /etc/httpd/conf.modules.d/ssl.conf file in order to disable it. Look for SSLCipherSuite line [root@test ~]# grep SS...
Add a comment...

Post has attachment
ansible playbook to check selinux status
# ansible-playbook selinux.yml --user ranjith --extra-vars "host=10.10.10.11" --- - hosts: "{{ host }}"   become: yes   become_method: sudo   tasks:     - name: getting selinux status       command: getenforce       register: result     - name: removing old...
Add a comment...

Post has attachment
Ansible playbook to register rhel 6 and rhel 7 clients to satellite 6
Below playbook can be used to register rhel 6/7 clients to get unregistered from existing satellite 5 and registers it to satellite 6. The clients gets registered with respective activation key in my case the activation key names are RHEL6 and RHEL7. # ansi...
Add a comment...

Post has attachment
Ansible playbook to patch and reboot RHEL 6 and RHEL 7 servers
How to run: If single host give host ip like below in the command else for group
patch, update the /etc/ansible/hosts file with server list and give the group
name as host variable value. The playbook also collects required information like mount status res...
Add a comment...

Post has attachment
INTRODUCTION TO SYSTEMD
Systemd is a system and service manager for Linux operating
systems. It is designed to be backwards compatible with SysV init scripts, and provides
a number of features such as parallel startup of system services at boot time,
on-demand activation of daemon...
Add a comment...
Wait while more posts are being loaded