Wednesday, July 24, 2019
Simple Backup Rotate Script
#!/bin/bash
# Backup Filename : Backup_$(date +"%d-%m-%Y_%H%M%S").tar.bz2
set $(date +"%m %Y");
# Exec
/usr/bin/find /var/backup -type f -name 'Backup_*-'$1'-'$2'_*.tar.bz2' -mtime +7 -exec rm {} \;
# Logging
echo "Rotating Backup at : $( date +"%d-%m-%Y %H:%M:%S" )" | tee -a /var/log/messages
Saturday, July 20, 2019
Replace supervisord with pm2 to run node or apps
﷽
This is just short information howto replace supervisord with pm2 to run node or apps.
Install pm2 :
# npm install pm2 -g
# su appadm
Previous supervisord config :
$ cat /etc/supervisor/conf.d/apps-fe.conf
[program:apps-fe]
directory=/home/appadm/apps/apps-frontend/
command=npm run start
autostart=true
autorestart=true
startretries=30
user=appadm
stderr_logfile=/var/log/apps-fe.log
$ cat /etc/supervisor/conf.d/apps-be.conf
[program:apps-be]
directory=/home/appadm/apps/apps-backend/
command=npm run start
autostart=true
autorestart=true
startretries=30
user=appadm
stderr_logfile=/var/log/apps-be.log
Run with least privilege :
# su appadm
$ whoami
appadm
$ cd /home/appadm/apps/apps-frontend/
$ pm2 start --name=apps-fe npm -- start
[PM2] Starting /usr/local/bin/npm in fork_mode (1 instance)
[PM2] Done.
┌─────┬───────────┬─────────────┬─────────┬─────────┬──────────┬────────┬──────┬───────────┬──────────┬──────────┬──────────┬──────────┐
│ id │ name │ namespace │ version │ mode │ pid │ uptime │ ↺ │ status │ cpu │ mem │ user │ watching │
├─────┼───────────┼─────────────┼─────────┼─────────┼──────────┼────────┼──────┼───────────┼──────────┼──────────┼──────────┼──────────┤
│ 0 │ apps-fe │ default │ N/A │ fork │ 3057481 │ 0s │ 0 │ online │ 0% │ 27.0mb │ apps… │ disabled │
└─────┴───────────┴─────────────┴─────────┴─────────┴──────────┴────────┴──────┴───────────┴──────────┴──────────┴──────────┴──────────┘
[PM2][WARN] Current process list is not synchronized with saved list. App apps-be differs. Type 'pm2 save' to synchronize.
$ cd /home/appadm/apps/apps-backend/
$ pm2 start --name=apps-be npm -- start
[PM2] Starting /usr/local/bin/npm in fork_mode (1 instance)
[PM2] Done.
┌─────┬───────────┬─────────────┬─────────┬─────────┬──────────┬────────┬──────┬───────────┬──────────┬──────────┬──────────┬──────────┐
│ id │ name │ namespace │ version │ mode │ pid │ uptime │ ↺ │ status │ cpu │ mem │ user │ watching │
├─────┼───────────┼─────────────┼─────────┼─────────┼──────────┼────────┼──────┼───────────┼──────────┼──────────┼──────────┼──────────┤
│ 1 │ apps-be │ default │ N/A │ fork │ 3057534 │ 0s │ 0 │ online │ 0% │ 20.0mb │ apps… │ disabled │
│ 0 │ apps-fe │ default │ N/A │ fork │ 3057481 │ 16s │ 0 │ online │ 0% │ 57.0mb │ apps… │ disabled │
└─────┴───────────┴─────────────┴─────────┴─────────┴──────────┴────────┴──────┴───────────┴──────────┴──────────┴──────────┴──────────┘
$ pm2 save
[PM2] Saving current process list...
[PM2] Successfully saved in /home/appadm/.pm2/dump.pm2
$ pm2 status
┌─────┬───────────┬─────────────┬─────────┬─────────┬──────────┬────────┬──────┬───────────┬──────────┬──────────┬──────────┬──────────┐
│ id │ name │ namespace │ version │ mode │ pid │ uptime │ ↺ │ status │ cpu │ mem │ user │ watching │
├─────┼───────────┼─────────────┼─────────┼─────────┼──────────┼────────┼──────┼───────────┼──────────┼──────────┼──────────┼──────────┤
│ 1 │ apps-be │ default │ N/A │ fork │ 3057534 │ 5m │ 0 │ online │ 0% │ 59.9mb │ apps… │ disabled │
│ 0 │ apps-fe │ default │ N/A │ fork │ 3057481 │ 6m │ 0 │ online │ 0% │ 58.0mb │ apps… │ disabled │
└─────┴───────────┴─────────────┴─────────┴─────────┴──────────┴────────┴──────┴───────────┴──────────┴──────────┴──────────┴──────────┘
To restart :
$ pm2 restart 'id'
for example to restart apps-fe :
$ pm2 restart 0
That's it hope it useful.
Tuesday, July 2, 2019
Can not find tid 40006, utid 0 in threat database (Palo Alto Networks)
can not find tid 40006, utid 0 in threat database
This warning message is bothering me, when i try to gather more information, it's find out that the Threat ID 40006 has been removed/disabled officially in PAN OS 9.0.2, while this threat-exception 40006 still being use in my profiles vulnerability, and we can't disable this threat-exception 40006 from web interface.
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClmpCAC
The solution :
Access to PAN device either from telnet or ssh and perform CLI configuration :
1. Edit profiles vulnerability which is using the threat-exception.
2. Delete parameter related to threat-exception 40006.
This is what i do ( SP8-IN is my profiles vulnerability, adjust this parameter to meet your configuration ) :
rizkymd@PAN3050> configure
Entering configuration mode
[edit]
rizkymd@PAN3050# edit profiles vulnerability SP8-IN threat-exception 40006
[edit profiles vulnerability SP8-IN threat-exception 40006]
rizkymd@PAN3050# show
set profiles vulnerability SP8-IN threat-exception 40006 action block-ip
set profiles vulnerability SP8-IN threat-exception 40006 time-attribute interval 30
set profiles vulnerability SP8-IN threat-exception 40006 time-attribute threshold 5
set profiles vulnerability SP8-IN threat-exception 40006 time-attribute track-by source-and-destination
rizkymd@PAN3050# delete action
[edit profiles vulnerability SP8-IN threat-exception 40006]
rizkymd@PAN3050# delete time-attribute
[edit profiles vulnerability SP8-IN threat-exception 40006]
rizkymd@PAN3050# show
set profiles vulnerability SP8-IN threat-exception 40006
[edit profiles vulnerability SP8-IN threat-exception 40006]
rizkymd@PAN3050# commit
Commit job 3365 is in progress. Use Ctrl+C to return to command prompt
...........55%..70%.98%.........100%
Configuration committed successfully
#PALOALTO #NEXTGENERATIONFIREWALL #PANOS #INDONESIA #rizkymd
40 Hadist Seputar Keluarga Samawa (Bagian 3)
﷽ Ustadz Yusuf Abu Ubaidah As-Sidawi hafizahullohuta'ala Masjid Al-Aziz Jl. Soekarno Hatta No. 662 Bandung Hadist 11 : Doa Orangtua Bu...
-
﷽ This is just a 5 minutes article on howto install Anydesk on Debian based Linux (Kali/Parrot/Ubuntu). # Update and preparation : $ s...
-
﷽ Walkthrough WebGoat Assignment Crypto Basics #8 : First run the docker as requested : docker run -d webgoat/assignments:findthesecret ...