Linux for Everyone

Did you ever got the error while doing any changes in Azure Application gateway which goes into failed state ? if yes then you are landed in correct blog post. here in this post i will try to share the solution for same issue i faced in past. B ut before that lets try to understand what is Azure AG (application gateway). Below diagram will help you to understand what is Application gateway. In simpler words, Application gateway consists of Load balancer (a device who decide where to send the traffic based on the configuration done on it, although that is completely different topic to discuss) and acts as WAF (Web Application Firewall - which monitors the incoming traffic based on the application behavior hosted on back-end servers) LB where considered as Network device (sometimes it might be software not just physical device and works at Network Layer of OSI model WAF considered as kind of Software and works at Application Layer of OSI model  Issue:   Application Gateway falling into f

If you ever worked on GULP installation as System Admin on Linux Servers, you might had come across below error  Error :   " WARNING: C++ compiler too old, need g++ 4.8 or clang++ 3.4 (CXX=g++) " Solution :  To Solve this error we need to install newer version of C++ and g++ rpm packages on linux servers. Try to get the exact version which error message is saying to you on screen. Or You can Download below rpm files for RHEL6/CENTOS6 operating System and then install it ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6x/external_products/devtoolset/x86_64/2/devtoolset-2-gcc-c++-4.8.2-15.el6.x86_64.rpm ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6x/external_products/devtoolset/x86_64/2/devtoolset-2-gcc-4.8.2-15.el6.x86_64.rpm ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6x/external_products/devtoolset/x86_64/2/devtoolset-2-runtime-2.1-4.el6.noarch.rpm ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6x/external_products/de

Ever tried to install or upgrade the OpenSSL package installed on linux server ? Ok. so I had similar experiance in my current company where i faced a error while doing the upgrade of openssl package on redhat machine. and I was doing that to get rid of vulnerabilities.                                                                      Error I faced: l ibssl.so.10(libssl.so.10)(64bit) is needed by  OR libz.so.1(zlib_1.2.0)(64bit) is needed                                                              Error cause because of: I was trying to upgrade the OpenSSL package on redhat/centos linux machine. Sometimes you can get this error while working on any other package upgrade as well. in that case too similar solution would be applicable which i mentioned below.                                                               Solution to the Error: Upgrade the installed OpenSSL version for below packages openssl openssl-devel Upgrade the zlib package by using YUM ====

Recently a new vulnerability has been discovered in the the internet market having target to Docker services. What is this Vulnerability: In short, Docker service uses another service called as runc which is container run time to spawn and run containers. which simply means if docker task is to create docker images then runc task would be running them and attaching a process to container. So as per the recent discovery by the maintainers of runc, the code of this service was having some bug which can be used by attackers to gain the root level of access of the host machine on which docker containers are running. How it can be Exploited: This vulnerability can be exploited in two ways (1) if the docker images are in use is vulnerable making the containers build from it vulnerable also (2) if somehow attacker got the access of containers and then trying to exploit using the bug present in runc and trying to get root privileges. Solution to Fix Vulnerability: Ce

If you are a developer you might be familiar with version control in your dev life. Even if you are system admin working on Windows/Linux/Unix then also you may come across version control. For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com                The point is if you know it its Good :) but if you do not know there is no need to worry. I will try to explain it to you as easy as possible.                                                                       What is Version Control A version control (VC) is a system which keeps an eye on your files (which you provide to him) over a period of time for all changes you are doing like updating, deleting etc and making a data for all these changes you are doing on files. Version Control normally was divided into 3 categories. 1) Local Version Control System 2) Central Version Control System 3) Distributed Version Control System Let see each Version Control one-by-

Recently there was another Vulnerability grab My attention which was related to DES and Tripple DES (3DES) , Any men in the middle can exploit this vulnerability by capturing large amount of encrypted data and thus recover plain text sensitive data. Severity : Medium CVE Number : CVE-2016-2183 For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com Remediation : You need to disable any ciphers starting with DES and 3DES supported by Server by any service present on server for example Apache Nginx etc   Important Point to Remember : 1 :   Normally old browser don't supports DES and 3DES ciphers. It is very important to note that in many cases, a software update (back-ported version provided by Operating System vendor ) won't be enough to resolve this issue. Usually software update doesn't overwrite manually tweaked configuration files, which means, DES/3DES can be still available, even if the software up

Recently World of Linux come across yet another bug which is haunting the nix users all over the world. This bug has given a name COW and its associated CVE number is CVE-2016-5195. Its kind of funny how this bug get their names, this too grab my attention when i first heard about it as COW ! i laughed out like what ? :) For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com Background : later when I started reading about this bug in details got to know how this bug got his name, which nothing but a " copy-on-write " technique which Linux kernel uses to maintain the private read -only memory mapping and this technique have some flaws in it since 2007 woohooo that was way long back. In other words if i have to say is this bugs allow a server to become completely compromised through local privilege escalation. This vulnerability is specific to the Linux Kernel, and exploiting this vulnerability does require a local system user