Uberleet

Linux Systems Articles for better insights

#freeipa Articles


Audit, track and block FreeIPA attackers

Sometimes you work at places with some pretty dirty networks, and having to migrate everything from a public VLAN to private NATs is always a challange of skills in security. During the process I find so many hosts which have been exploited and turned against my own network. This is …

FreeIPA iptables setup

I personally find management easier using Iptables for FreeIPA because it allows you to easily add -s flags for source IP ranges when needed. FirewallD has an extended awkward syntax that can do it, but why? First disable Firewalld sudo systemctl disable firewalld sudo systtemctl stop firewalld Install Iptables Service …

FreeIPA admin account reset

Sometimes the 'admin' account can get locked with FreeIPA which will immediately shutdown the administration site with '500: Internal Server Error' and other symptoms. You will know a lockout is in effect if you run kinit admin on the IPA host and get kinit: Clients credentials have been revoked while …

Xen Hints

Add local iso images SR mkdir -p /var/opt/xen/iso_import/ xe sr-create name-label=ISO_IMAGES_LOCAL type=iso device-config:location=/var/opt/xen/iso_import/ device-config:legacy_mode=true content-type=iso host-uuid=ENTER SOMETHING HERE wget https://buildlogs.centos.org/rolling/7/isos/x86_64/CentOS-7-x86_64-Minimal-1609-01.iso Clone a VM VM must be halted …

The single biggest gripe I have with pfSense.

The single biggest gripe I have with pfSense. I install pfSense in network situations where I want to protect servers in a datacenter or colo, and have no clients on the LAN side. You can turn on SSH by the vga console, but getting the web GUI is a different …