Monday, July 19, 2021

Ubuntu logon info and message of the day (motd)

This post will show you how to determine your public-facing IP address from the command line.


Upon an interactive logon, Ubuntu prints some brief machine information. This includes a header, sysinfo from /usr/bin/landscape-sysinfo and a summary of available patches.

You may add your own scripts by creating a bash script in /etc/update-motd.d and set the execute permission on the file. The files in the directory have a particular naming convention, and are run in alphabetical (numeric) order.

On external facing machines, I often create a script which will print the external IP address following the networking info of the landscape-sysinfo script.

Create file /etc/update-motd.d/61-external-ip owned by root
and give it execute permission:
sudo chmod 755 /etc/update-motd.d/61-external-ip

 

Place the following in this new file:
#!/bin/sh

ONE=$(/usr/bin/curl -s checkip.amazonaws.com)
TWO=$(/usr/bin/curl -s ifconfig.me)

if [ $ONE = $TWO ]
  then
    printf "  External IPv4: "
    printf $ONE
  else
    printf "  External IPv4 may be: "
    printf $ONE
    printf " or"
    printf $TWO
fi
printf "\n"


Save the file, then logon to the machine and look at the interactive logon messages. Some of the output will look like:

Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.4.0-77-generic x86_64)

  System information as of Mon 19 Jul 2021 01:30:42 PM MDT

  System load:              0.58
  Usage of /:               5.4% of 1.79TB
  Memory usage:             15%
  Swap usage:               0%
  Temperature:              44.0 C
  Processes:                173
  Users logged in:          1
  IPv4 address for enp0s25: 192.168.0.9
  External IPv4: 123.456.7.89

No comments:

Friday, July 02, 2021

Fix Corrupt Microsoft Windows Files

Anyone who suspects they have corrupt Microsoft Windows system files (possibly from virus or malware) may try the built-in tools before re-installing the operating system. If you suspect Microsoft Windows Update is not running correctly, you may also try to repair it.


This Microsoft document describes file system checker tool with DISM and SFC. The following examples are for Microsoft Windows 10.


Open a command prompt with elevated privileges:
  • Press Start button
  • Type: cmd
  • Right-click on "Command Prompt" and choose "Run as administrator"


Set up the operating system deployment image. In the command prompt window, type:

  • DISM.exe /Online /Cleanup-image /Restorehealth

 

It will look like:

C:\WINDOWS\system32>DISM.exe /Online /Cleanup-image /Restorehealth

Deployment Image Servicing and Management tool
Version: 10.0.19041.844

Image Version: 10.0.19042.985

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

If after running DISM, you experience glitches or quirks in MS Windows, try running this file system checker command. It may take hours to run. 

  • sfc /scannow

 

If problems are found, it will look like:

C:\WINDOWS\system32>sfc /scannow

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files and successfully repaired them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.
 

Note the location of the log, which you may review.





Next, you may want to check that Microsoft Windows Update is running.

Run the troubleshooter which may be found in the old Control Panel.

  • Press Start button and type: control panel
  • Click on the Control Panel app to run it.
  • In the Control Panel app, top right search box, type: update

  • Click on Troubleshooting

  • Press Next to run the troubleshooter and then follow the prompts.


No comments:

Sunday, June 20, 2021

GSM data security in GPRS 2G

Mobile carriers have been phasing out older mobile technologies and frequencies. This makes older service using GPRS 2G less prevalent. One form of attack is to purposefully force downgrade to the older 2G service, which has weaknesses. This paper of June 2021, Cryptanalysis of the GPRS Encryption Algorithms GEA-1 and GEA-2, describes how the 64 bit security is effectively only 40 bit. The authors speculate the standard was purposefully weakened.


There is no practical reason to allow modern phones to use 2G service, so users should disable this service. Android users can typically look in settings to turn off 2G service.
















This leads to the obvious question of what vulnerabilities may exist in the newer 4G and 5G standards. Many people are beginning to use apps such as Signal which runs it's own security on top of whatever communications are being used (4G, 5G, or wifi).


While you are in Android settings, you may want to review the Google setting which allows for silent install of movement tracking applications. It is not clear if setting "COVID-19 Exposure Notifications" to off prevents silent install of the tracking apps, or if it allows the download but does not make the app visible to the user. Completely disabling installs will likely require stopping of Google Play Services.


No comments:
Subscribe to: Posts (Atom)