How to Enable ssl nginx on Ubuntu 22.04

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem

sudo openssl dhparam -out /etc/nginx/dhparam.pem 4096

sudo nano /etc/nginx/snippets/ssl-params.conf

cd /etc/nginx/sites-available

sudo cp defaul ssl-default

sudo nano ssl-default

---> enable port 443

include snippets/snakeoil.conf;

include snippets/ssl-params.conf;

save and exit nano

sudo ln -s /etc/nginx/sites-available/ssl-default /etc/nginx/sites-enabled/ssl-default

sudo nginx -t

sudo systemctl restart nginx

ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem; 
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_ecdh_curve secp384r1;
ssl_session_timeout  10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
# Disable strict transport security for now. You can uncomment the following
# line if you understand the implications.
#add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

Read More

How to Install Docker on Ubuntu 22.04

cd ~

sudo apt update

sudo apt install apt-transport-https ca-certificates curl software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update

apt-cache policy docker-ce

sudo apt install docker-ce

sudo systemctl status docker

sudo usermod -aG docker ${USER}

su - ${USER}

Source:
https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-22-04

Read More

How to Enable snmp Daemon

$ sudo apt update

$ sudo apt install snmp snmpd snmp-mibs-downloader

$ sudo nano /etc/snmp/snmpd.conf

Then set rocommunity password securely:

agentaddress  udp:161

view   systemonly  included   .1.3.6.1.2.1

view   systemonly  included   .1.3.6.1.4.1
rocommunity  public1234xA12 default -V systemonly

$ sudo systemctl restart snmpd

Securing SNMP Configuration

Security is a critical aspect when configuring SNMP. Always ensure that community strings are complex and not easily guessable. Additionally, restrict access to your SNMP service to trusted hosts only.

Cikarang, West Java - 20240810/06:11AM.

Read More

How to test your Linux Antivirus (eicar)

Here are the step I follow to test if antivirus is working: 

Download these antivirus test file, do not be afraid they are will not harm to your server. 

$ cd ~ && mkdir virustest

$ wget https://secure.eicar.org/eicarcom2.zip 

$ wget https://secure.eicar.org/eicar_com.zip 

$ wget https://secure.eicar.org/eicar.com.txt 

$ wget https://secure.eicar.org/eicar.com 

$ clamscan ./

Note: these virus pattern testing file also recognized by Windows antivirus, just make a try there.

Read More

Antivirus for Linux (clamav)

Antivirus for linux mostly delivered as commercial product, rare to be a free. Among free of charge antivirus for linux, but with limited features is clamav. 

How to install clamav? 

$ sudo apt update 

$ sudo apt install clamav 

How use use clamav to scan virus? 

$ clamscan /path/to/target

How to update clamav virus definition file?

$ sudo freshclam 

How to see version? 

$ clamscan --version

Ddy/@Pekanbaru, Jul 2024.

Read More

Ansible Ubuntu 24.04 LTS

Ansible installation on Ubuntu 24.04LTS sudo apt update sudo apt upgrade sudo apt install ansible sudo mkdir /etc/ansible sudo chown user:user /etc/ansible ansible-config init --disabled > /etc/ansible/ansible.cfg nano /etc/ansible/hosts Test ping ansible all -m ping

Read More

Tutorial Network 01

 Jaringan sederhana berikut terdiri dari 2 komputer.

Read More

Download Raspberry Pi Toolchain - Cross Compiler

Develop, test, run your application on Linux desktop, and deploy on Rasberry Pi2 board, x86_64 and other Linux machine.....
Cross compiler application development for Raspberry Pi is now available for Linux. This ide/toolchain known to work and already tested on Ubuntu 14.04-LTS Trusty Tahr.

wget https://raw.githubusercontent.com/dveltool/toolchain/master/installer/dveltool_installer.sh
chmod 755 dveltool_installer.sh
./dveltool_installer.sh

For installation packages, please check on following url:

https://github.com/dveltool/toolchain

Toolchain is generated using awesome build system called buildroot, and make use of prominent eclipse ide.

Please make try this application, and would like to hear your feedback ....

wxRibbon, another sample wxWidgets/GTK2 application running on Raspbian Jessie:

Read More