How Do You Troubleshoot The Kerberos Error ‘kinit: Cannot find KDC for realm “CONTINUALINTEGRATION.COM” while getting initial credentials’?

0 Comments

Problem Scenario
You run a “kinit” command. But you receive this:

‘kinit: Cannot find KDC for realm “CONTINUALINTEGRATION.COM” while getting initial credentials’

What should you do?

Solution
Look at the /etc/krb5.conf file. Look at the REALM section. Does it look like this?

[realms]
EXAMPLE.COM =

You need to change “EXAMPLE.COM” to your domain name.

Look also at the libdefaults section.

Continue reading “How Do You Troubleshoot The Kerberos Error ‘kinit: Cannot find KDC for realm “CONTINUALINTEGRATION.COM” while getting initial credentials’?”

What is a Container Breakout?

0 Comments

Question
What is a container breakout?

Answer
A container breakout is an the act of a user or process in a container gaining access to its underlying host server. Containerization is the isolation of processes and/or disk space on a server. A container is isolated from the host server via cgroups and namespaces. Bypassing the cgroup(s) and namespace(s) through intentional acts can be desirable for legitimate systems engineers.

Continue reading “What is a Container Breakout?”

Do the Credentials “****” in Jenkins, Taken from the Credentials Plugin, Have the Username or the Password?

0 Comments

Problem Scenario
You want to use the credentials from the Jenkins credentials plugin in a Jenkins pipeline. When you assign the credentials to a variable in a pipeline, is it the username, the password, both or something else?

Solution
It is the username and password, but the two are separated by a colon. You will only see “****” in the console output (for security reasons).

Continue reading “Do the Credentials “****” in Jenkins, Taken from the Credentials Plugin, Have the Username or the Password?”

What Common Utility Can Provide Compression and Encryption for Files on Linux and How Would You Use It?

0 Comments

Problem scenario
You want to use the same command for encryption and compression. You want to avoid installing other packages. What should you do?

Solution
Use zip. The tar command by itself does NOT do compression (according to this external posting).

One advantage of zip is that it is usually pre-installed on most Linux servers. The user and group of the files thus compressed will be retained automatically.

Continue reading “What Common Utility Can Provide Compression and Encryption for Files on Linux and How Would You Use It?”

A List of I.T. Security Books

0 Comments

This is a list of I.T. Security books.

Applied Cryptography: Protocols, Algorithms and Source Code in C

Building Secure and Reliable Systems: SRE and Security Best Practices

Database Security

Defend I.T.: Security by Example

Hack I.T. – Security Through Penetration Testing

Hacking Exposed Web Applications, Third Edition

Hacking Web Apps: Detecting and Preventing Web Application Security Problems

Hadoop Security: Protecting Your Big Data Platform

Hands-On Security in DevOps: Ensure continuous security,

Continue reading “A List of I.T. Security Books”

How Do You Troubleshoot Permissions Errors in the /home/ directory of a Linux server?

0 Comments

Problem scenario
You want to create files in the /home/ directory of your user. You are getting permission errors in the /home/ directory but the permissions are 777 and you are the user who is the owner of the directory, what should you do?

Possible Solution #1

1. Run this command: sudo service autofs stop
2. Make files or directories in home.

Continue reading “How Do You Troubleshoot Permissions Errors in the /home/ directory of a Linux server?”

How Do You Troubleshoot the Error “Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock”?

0 Comments

Problem scenario
You try to run a Docker command, but you get this error: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.29/containers/json?all=1: dial unix /var/run/docker.sock: connect: permission denied

What should you do?

Solution
Have you added the user who was trying to execute the command to the “docker” group?

This command would add the user jdoe to the “docker” group:
sudo usermod -aG docker jdoe

If you ran the above command as the jdoe user,

Continue reading “How Do You Troubleshoot the Error “Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock”?”

How Do You Install AppArmor on a Debian or Ubuntu Linux server?

0 Comments

Problem scenario
 You want to protect your Debian/Ubuntu Linux server. You do not want to run SELinux. What should you do?

Solution
Run this command:
sudo apt install apparmor-profiles

Check the status with this command:
sudo apparmor_status

You are done. If you want to learn more go to this site.

AppArmor comes installed and configured with many Debian distributions of Linux.

Continue reading “How Do You Install AppArmor on a Debian or Ubuntu Linux server?”

How Do You Test if a REST API Call Is Reaching a Linux Server?

0 Comments

Problem scenario
You have a Linux server with a web service listening on port 443 (or some other port). You are not sure if another server can reach this Linux server. There could be firewall issues or network problems restricting connectivity on a given port. You have used ping to test connectivity. You have used nmap to verify the port is listening. But you are not 100% sure the REST calls are reaching the intended server on the correct port (e.g.,

Continue reading “How Do You Test if a REST API Call Is Reaching a Linux Server?”