09 Sep 2008 Disable IPv6 on Redhat RHEL5
This post describes how to disable IPv6 on a Redhat (RHEL5) installation. I haven’t had the time to test it on other version of Redhat.
Edit /etc/sysconfig/network and change
NETWORKING_IPV6=no
Edit /etc/modprobe.conf and add these lines
alias net-pf-10 off alias ipv6 off
Stop the ipv6tables service
# service ip6tables stop
Disable the ipv6tables service
# chkconfig ip6tables off
IPv6 will be disabled after the next reboot.
Tags: ip6tables, RedHat, rhel5
Posted by Hans-Henry Jakobsen
08 Sep 2008 Using sudo in RedHat
This post describes how to allow users in the wheel group to use the sudo command without being prompted for the root password
- Edit /etc/sudoers
Uncomment the line%WHEEL ALL=(ALL) NOPASSWD: ALL
- Add a user to the wheel group
# gpasswd -a username wheel
This does also work on Fedora and other Redhat based distributions.
Posted by Hans-Henry Jakobsen
03 Sep 2008 Using arp_announce
It is possible to control which source address is put in to ARP headers using the ARP_ANNOUNCE option in the kernel.
It takes the following values.
0 (default) Any local address 1 Use address from the same subnet as the target address 2 prefer primary address.
This is worth knowing because the default can give some very strange results when routing packets with linux.
To test this you can run the following command
# sysctl -w net.ipv4.conf.all.arp_announce=1
To make it a permanent solution add a line like this to /etc/sysctl.conf
net.ipv4.conf.all.arp_announce = 1
Posted by Hans-Henry Jakobsen
14 Apr 2008 Determine rkhunter false positive on Redhat
rkhunter has given several warnings (“One or more warnings have been found while checking the system.”) lately and this has forced me to check the installations repeatedly only to determine the fact that it was a false positive.
On Redhat systems and their derivatives (Fedora, CentOS…) a easy check can be performed to determine if a file has been tampered with. I’ve made this little oneliner to help me determine if any RPM packages has been altered
rpm -qas | grep -v normal > ~/rpm_check.txt
If everything is OK you should end up with a file containing a file like this
(contains no files) (contains no files) (contains no files) (contains no files) (contains no files) (contains no files) (contains no files) (contains no files)
Posted by Hans-Henry Jakobsen
26 Feb 2008 List rpm package content
To list the contents of a package just run the command
# rpm -ql packagename
Example
# rpm -ql nmap /usr/bin/nmap /usr/share/doc/nmap-3.70 /usr/share/doc/nmap-3.70/COPYING /usr/share/doc/nmap-3.70/COPYING.OpenSSL /usr/share/doc/nmap-3.70/README /usr/share/doc/nmap-3.70/nmap-fingerprinting-article.txt /usr/share/doc/nmap-3.70/nmap.deprecated.txt /usr/share/doc/nmap-3.70/nmap.usage.txt /usr/share/doc/nmap-3.70/nmap_doc.html /usr/share/doc/nmap-3.70/nmap_manpage.html /usr/share/man/man1/nmap.1.gz /usr/share/nmap /usr/share/nmap/nmap-mac-prefixes /usr/share/nmap/nmap-os-fingerprints /usr/share/nmap/nmap-protocols /usr/share/nmap/nmap-rpc /usr/share/nmap/nmap-service-probes /usr/share/nmap/nmap-services
Tags: CentOS, Fedora, RedHat, rpm
Posted by Hans-Henry Jakobsen
