• Email Address: forum@outsourcepath.com
English
  • English
Topics related to apt

APT Security: What Are Advanced Persistent Threats?

This article covers an overview about APTs. An advanced persistent threat (APT) is among the most dangerous cyber threats a company can face.

These attacks are hard to detect and allow an intruder to hide within a network for months. While hackers stay in the system, a company suffers regular data losses and outages without knowing the cause of problems.

While advanced persistent threats were once considered specifically dangerous to government institutions and large enterprises, the threat landscape is constantly shifting. Now, no organization is safe from these types of attacks. 

Because they are difficult to detect, and remain in systems for long periods of time and cause devastating losses to their targets, it's important to educate ourselves.

Knowing what APTs are, how to recognize common signs of their presence in a network, and of course, staying diligent and having a good detection and response plan are essential in protecting any organization from this silent threat. 


What is difference between APTs and malware?

Most malware executes a quick damaging attack, but APTs take a different, more strategic and stealthy approach. 

The attackers come in through traditional malware like Trojans or phishing, but then they cover their tracks as they secretly move around and plant their attack software throughout the network.


Phases of APT attack:

A successful APT attack can be broken down into three stages: 

1. Network infiltration.

2. The expansion of the attacker's presence.

3. The extraction of amassed data—all without being detected.

Best Ubuntu APT Repository Mirror - How to get it

This article covers methods to find the best APT mirror on the Ubuntu server. 


To Find Best Ubuntu APT Repository Mirror Using Apt-smart:

Apt-smart is yet another command line tool written in Python. It helps you to find APT mirrors that provides best download rate for your location. It can smartly retrieve the mirrors by querying the Debian mirror list, Ubuntu mirror list and Linux mint mirror list and choose best mirror based on the country in which the user lives in. The discovered mirrors are ranked by bandwidth and their status (like up-to-date, 3-hours-behind, one-week-behind etc).

Another notable feature of Apt-smart is it will automatically switch to any other different mirrors when the current mirror is being updated. The new mirrors can be selected either automatically or manually by the user. Good thing is Apt-smart will backup the current sources.list before updating it with new mirrors.


To Install Apt-smart in Ubuntu:

Make sure you have installed Pip and run the following commands one by one to install Apt-smart:

$ pip3 install --user apt-smart
$ echo "export PATH=\$(python3 -c 'import site; print(site.USER_BASE + \"/bin\")'):\$PATH" >> ~/.bashrc
$ source ~/.bashrc


To List all mirrors based on rank:

To list all available ranked mirrors in the terminal, run:

$ apt-smart --list-mirrors

Or,

$ apt-smart -l


To Automatically update mirrors:

Instead of manually finding and updating the best mirror in Ubuntu, you can let Apt-smart to choose a best Apt mirror and automatically update the sources.list with new one like below:

$ apt-smart --auto-change-mirror

To get help, run:

$ apt-smart --help

Delete Repository And GPG Key On Ubuntu Systems

This article covers steps to delete the repository and GPG Key On Ubuntu. All packages are signed with a pair of keys consisting of a private key and a public key, by the package maintainer.

A user's private key is kept secret and the public key may be given to anyone the user wants to communicate.

Whenever you add a new repository to your system, you must also add a repository key so that the APT Package Manager trusts the newly added repository.

Once you've added the repository keys, you can make sure you get the packages from the correct source.


To remove Repository keys:

You can remove the repository key if it is no longer needed or if the repository has already been removed from the system.

It can be deleted by entering the full key with quotes as follows (which has a hex value of 40 characters):

$ sudo apt-key del "D320 D0C3 0B02 E64C 5B2B B274 3766 2239 8999 3A70"
OK

Alternatively, you can delete a key by entering only the last 8 characters:

$ sudo apt-key del 89993A70
OK

Once you have removed the repository key, run the apt command to refresh the repository index:

$ sudo apt update

You can verify that the above GPG key has been removed by running the following command:

$ sudo apt-key list

Ubuntu error Some index files failed to download

This article covers methods to fix #Ubuntu #error "Some index files failed to download". You can resolve this error by copying the contents of the sources list file from another functional Ubuntu system and paste them into your system's sources list file.

To install community-supported #software packages, proprietary packages, and packages not available under a completely free license, you might consider enabling the following repositories:
1. Universe – Community-maintained free and open-source software.
2. Restricted – Proprietary drivers for devices.
3. Multiverse – Software restricted by copyright or legal issues.

To enable these #repositories, invoke the commands below:
$ sudo add-apt-repository restricted
$ sudo add-apt-repository multiverse
$ sudo add-apt-repository universe

Then update your package lists:
$ sudo apt update

DEBIAN_FRONTEND noninteractive in Docker

This article will guide you on why you should not set the DEBIAN_FRONTEND value to noninteractive is a 'cosmetic' change. If you really need to change its setting, make sure to change it back to its default value afterward. Simply prepending an apt command with DEBIAN_FRONTEND=something does not persist after the single command to which it is applied. 

apt-get update downloads the package lists from the repositories and "updates" them to get information on the newest versions of packages and their dependencies. 

It will do this for all repositories and PPAs.

To Preserve Configuration Files:

During package installation or upgrade, Debian may wish to prompt the user on overwriting a configuration file. 

This preference can be appended to the installation command:

apt-get install -q -y \
-o Dpkg::Options::="--force-confdef" \
-o Dpkg::Options::="--force-confold" \
postfix

This command will instruct the installer to quiet any messages, assume yes, and then upgrade configuration files if no changes are present in the new package.

GlusterFS install CentOS 7

This article will guide you on the steps to install and setup #GlusterFS. 

GlusterFS is a scalable #network filesystem suitable for data-intensive tasks such as cloud storage and media streaming. 

GlusterFS has a client and #server component. Servers are typically deployed as storage bricks, with each server running a glusterfsd daemon to export a local file system as a #volume.

To install GlusterFS:

1. Have at least two nodes. CentOS 7 on two servers named "server1" and "server2".

2. Format and mount the bricks.

3. Installing GlusterFS.

4. #Iptables configuration.

5. Configure the trusted pool.

6. Set up a GlusterFS volume.

7. Testing the GlusterFS volume.

PowerShell Error clear

This article will guide you on how to tackle PowerShell $Error clear and method to clear errors with $Error. 

To clear error variable when you start #PowerShell, simply run $error. clear(). A downside of this method is that you lose all the errors that were generated before you clear the error variable.

To delete a variable, along with its value, use Remove-Variable or Remove-Item. This cmdlet does not delete the values of variables that are set as constants or owned by the #system, even if you use the Force parameter.

1. You can use this variable to represent an absent or undefined value in #commands and #scripts. 

2. #Windows PowerShell treats $null as an object with a value, that is, as an explicit placeholder, so you can use $null to represent an empty value in a series of values.

List installed software Linux

This article will guide you on different methods to #list all #software, the number of #packages available on the server along with the method to copy them and use them when we reinstall our operating system(#OS).
Yum automatically refreshes the list of packages, whilst with apt-get you must execute a command 'apt-get update' to get the fresh packages.
To list of installed programs in #Linux:
1. Aptitude-based distributions (#Ubuntu, #Debian, etc): dpkg -l.
2. RPM-based distributions (#Fedora, #RHEL, etc): rpm -qa.
3. pkg*-based distributions (#OpenBSD, #FreeBSD, etc): pkg_info.
4. Portage-based distributions (#Gentoo, etc): equery list or eix -I.
5. pacman-based distributions (Arch Linux, etc): pacman -Q.

Captcha Option error in DNN Websites

This article will guide you on how to fix #Captcha Option #error in DNN Websites. We resolved the image not visible error even after enabling the Captcha option by editing the web.config file and checking the ASP.net version in DNN websites. 

#DNN #websites have systematically been targeted for #Spam New User Registrations. There has been some discussion around the how and why, and as much as we can tell, the problem is this:

1. Some script kiddy has bothered to write a bot that finds DNN websites. It is not even a good bot, because it is not capable of validating registrations to automated active email addresses. (If you are the creator of the bot… “YOU ARE DOING IT WRONG” as it is not going to bring the Google results you are looking for.)

2. The bot will attempt access to:  www.yoursite.com /?ctl=Register

Recent Post