Category: Technology

General articles on technology

Posted on

Setting Up a SOCKS5 Proxy with Authentication on Ubuntu 22.04.4

Setting up a SOCKS5 proxy with authentication on Ubuntu 22.04.4 involves several steps, including installing the necessary software, configuring the proxy, and setting up authentication. Here’s a step-by-step guide:

Step 1: Update Your System

First, ensure your system is up to date by running:

# sudo apt update && sudo apt upgrade -y

Step 2: Install dante-server

Dante is a popular SOCKS proxy server. Install it using the following command:

# sudo apt install dante-server -y

Step 3: Configure dante-server

Create and edit the Dante server configuration file:

# sudo nano /etc/danted.conf

Replace the contents of the file with the following configuration:

logoutput: syslog
user.privileged: root
user.unprivileged: nobody

# The listening network interface or address.
internal: 0.0.0.0 port=1080

# The proxying network interface or address.
external: eno1

# socks-rules determine what is proxied through the external interface.
socksmethod: username

# client-rules determine who can connect to the internal interface.
clientmethod: none

client pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
}

socks pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
  • internal: Interface to listen on and the port number (e.g., eth0 and 1080).
  • external: Interface to use for outgoing traffic (e.g., eth0).

Adjust eth0 to your network interface name if different.

Step 4: Set Up User Authentication

Add users for proxy authentication. Use the following command to create a user (replace username with your desired username):

# sudo adduser username

Follow the prompts to set a password.

Step 5: Enable and Start the dante-server

Enable and start the Dante service using the following commands:

sudo systemctl enable danted
sudo systemctl start danted

Step 6: Verify the Proxy Server

To ensure the proxy server is running, use the following command:

sudo systemctl status danted

You should see output indicating that the service is active and running.

Step 7: Configure Firewall (Optional)

If you have a firewall enabled, allow traffic on the SOCKS5 port (e.g., 1080):

sudo ufw allow 1080/tcp
sudo ufw allow 1080/udp

Testing the SOCKS5 Proxy

To test the proxy server, you can use tools like curl. Replace username and password with the credentials you created:

curl -x socks5://username:password@your_server_ip:1080 http://ipinfo.io

You should see output with your server’s IP address.

Additional Security Measures

  1. Firewall Rules: Restrict access to the proxy server to specific IP addresses if needed.
  2. Logging: Configure logging to monitor usage and detect any potential issues.

Conclusion

Following these steps will set up a SOCKS5 proxy with authentication on Ubuntu 22.04.4. Ensure to keep the system and dante-server updated for security and performance improvements.

Posted on

Enabling Automatic Security Updates on Ubuntu 22

Security is a paramount concern for any software developer or system administrator. As such, keeping your system updated with the latest security patches is a critical step in safeguarding your infrastructure. Ubuntu, being one of the most popular Linux distributions, provides a streamlined way to manage these updates automatically. This article will guide you through the process of enabling automatic security updates on Ubuntu 22, ensuring that your system remains secure with minimal manual intervention.

Understanding the Unattended-Upgrades Package

Ubuntu leverages the unattended-upgrades package to manage automatic updates. This package can be configured to automatically install security updates, and, if required, update packages from other repositories as well. To ensure a seamless update process, it’s essential to install and configure this package properly.

Installation of Unattended-Upgrades

To begin, you must install the unattended-upgrades package if it’s not already present on your system. Open your terminal and execute the following command:

sudo apt-get install unattended-upgrades

Configuring Automatic Security Updates

After installation, you need to configure the package to handle security updates. The configuration file for unattended-upgrades is located at /etc/apt/apt.conf.d/50unattended-upgrades. You can edit this file using your preferred text editor, such as nano or vim:

sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

Inside the configuration file, ensure that the following lines are present and uncommented to enable security updates:

Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}-security";
};

This setting ensures that the package only installs updates from the security repository.

Scheduling the Update Frequency

The frequency of the updates can be controlled through the /etc/apt/apt.conf.d/20auto-upgrades file. Edit this file to set the update interval:

sudo nano /etc/apt/apt.conf.d/20auto-upgrades

Add or modify the following lines to set the frequency of updates:

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";

The above configuration will check for updates daily and clean up downloaded packages every week.

Monitoring Automatic Updates

Once configured, unattended-upgrades will run automatically. However, it’s good practice to monitor the logs to ensure that updates are being applied successfully. Logs for unattended upgrades can be found in /var/log/unattended-upgrades.

Conclusion and Next Steps

By enabling automatic security updates on Ubuntu, you reduce the risk of security vulnerabilities that could compromise your system. Automating this process allows you to focus on developing and maintaining your applications without the constant worry of manual updates.

Posted on

Bypass Windows 11 Internet Connection Requirement

To install Windows 11 (version 22H2 or 21H2) without an internet connection, use these steps:

  1. Start the PC with the Windows 11 USB flash drive.
  2. Press any key to continue.
  3. Click the Next button.
  4. Click the Install now button.
  5. lick the “I don’t have a product key” option if you are doing a reinstallation. If the Windows 11 installation were previously activated after the installation, reactivation would happen automatically.
  6. Select the edition of “Windows 11” that your license key activates (if applicable).
  7. Check the “I accept the license terms” option.
  8. Click the Next button.
  9. Select the “Custom: Install Windows only (advanced)” option.
  10. Select each partition in the hard drive you want to install Windows 11 and click the Delete button. (Usually, the “Drive 0” is the drive that contains all the installation files.)
    Note: It is recommended to delete ALL partitions on drive 0 and let Windows re-partition your system for you.
  11. Select the hard drive (Drive 0 Unallocated Space) to install Windows 11
  12. Click the Next button.
  13. Select your region setting after the installation on the first page of the out-of-the-box experience (OOBE).
  14. Click the Yes button.
  15. Select your keyboard layout setting.
  16. Click the Yes button.
  17. Click the Skip button if you do not need to configure a second layout.
  18. On the “Oops, you’ve lost internet connection” or “Let’s connect you to a network” page, use the “Shift + F10” keyboard shortcut.
  19. In Command Prompt, type the OOBE\BYPASSNRO command to bypass network requirements on Windows 11 and press Enter.
  20. The computer will restart automatically, and the out-of-box experience (OOBE) will start again.
  21. Click the “I don’t have internet” option.
  22. Click the “Continue with limited setup” option.
  23. Click the Accept button (if applicable).
  24. Continue your Windows 11 installation normally.
Posted on

Install Dell OpenManage Server Administrator on VMware ESXi 5.x

Dell OpenManage Server Administrator or OMSA  allows you to see detailed information regarding your Dell hardware. It also allows you to perform operations such as specifying hot spares, configure RAID arrays and setup hardware monitoring and alerts.

Download the OMSA Offline Bundle from the Dell Website

Visit http://support.dell.com, enter your servers ‘service tag’ then browse to ‘Drivers and Downloads’. Under ‘Operating System’ select the version of VMware ESXi you are using, e.g. VMware ESXi 5.5 then under the “Systems Management” download the “Dell OpenManageServer Administrator vSphere Installation Bundle (VIB) for ESXi X.X.X” where X.X.X is your version.

Enable SSH on your VMware Server

In order to upload the OMSA Offline Bundle and install it you will need to enable SSH access to your VMware server as follows:

Use the vSphere Client to enable local and remote access to the ESXi Shell:

  1. Log into a vCenter Server system using the vSphere Client.
  2. Select the host in the inventory panel.
  3. Click the Configuration tab and click Security Profile.
  4. In the Services section, click Properties.
  5. Select ESXi Shell from this list:
    ESXi Shell
    SSH
    Direct Console UI
  6. Click Options and select Start and stop manually.Note: When you select Start and stop manually, the service does not start when you reboot the host. If you want the service to start when you reboot the host, select Start and stop with host. Continue reading “Install Dell OpenManage Server Administrator on VMware ESXi 5.x”
Posted on

Cisco Wireless Access Points and the Google Chromecast

I recently purchased a few Google Chromecast’s to use for “wireless HDMI” within our business. The Chromecast allows for full screen browser streaming and for $35.00 USD on Amazon ($30.00 at Staples!) it is a great way to share notes during a meeting, project information and multimedia.

Our company leverages Cisco based Access Points for our 802.11n/ac wireless access. Out of the box, I found that Chromecast’s were able to connect but Chrome was unable to “cast” to the devices. Several articles here and here pointed to UPnP (IGMP) as being the issue.

Disabling IP IGMP snooping and the snooping helper within the access points resolved the issue:

1
2
 
no ip igmp snooping
no dot11 igmp snooping-helper

No restart of the Access Point or Chrome device is required after making this change.