Latest Server related questions

I am trying to do a homework for a lab but have a quick question.

How do I find a malicious TCP service that is still running and the adversary has achieved persistence by creating a systemd service?

I think I have to use netstat to find the name of the malicious TCP service, but what command should I use to find that service?

Thank You

This question is about configuring a WireGuard relay that routes all its peer's traffic to another WireGuard server, but the relay itself does not use that WireGuard server as the default gateway.

I am doing some self-hosting stuff. Currently my network contains three nodes, a gateway, an ownCloud server and my mobile phone. These nodes connected in mesh. The gateway is hosted on a VPS, and the m ...

If my proxy server already is using HTTPS/SSL, is there still any sense for my other applications to implement it too?

I'm trying out microservices architecture through Docker/Kubernetes, and I am using Nginx as a reverse proxy for multiple applications/services. Only the proxy server has its ports exposed.

And in case it is still big deal to implement it, how to produce these kind of certificates f ...

like lets say 72.72.72.72 is the client ip and i wanted to compare it to token or a header that had an IP of 72.72.73.72. basically i want to compare if 72.72.72.72 and 72.72.73.72 but dynamically without an ACL.

I have two sites connected at L3 by Wireguard, with allowedips containing only the Wireguard subnet 172.30.100.0/24. There is also a VXLAN device vx0 attached to bridge br0 along with ens18.

The VXLAN tunnel establishes provided I install a static route 10.X.0.0/24 dev br0 at each site. I'm now trying to make use of iBGP to provide control plane learning, but since BGP shares routes I am wondering  ...

I got problem in disk of my database which is xfs file system. I tried to repair

[root@scan /]# xfs_repair /dev/md127
xfs_repair: cannot open /dev/md127: Device or resource busy
[root@scan /]# ls /data
ls: cannot access /data: Input/output error

and dmesg

[35749034.608871] XFS (md127): Metadata corruption detected at xfs_inode_buf_verify+0x142/0x150 [xfs], xfs_inode block 0x410 xfs_inode_buf_veri ...

I'm seeing the following in /var/log/auth.log

Jun  1 06:32:49 [redacted] su: (to nobody) root on none
Jun  1 06:32:49 [redacted] su: pam_unix(su:session): session opened for user nobody(uid=65534) by (uid=0)
Jun  1 06:32:49 [redacted] systemd: pam_unix(systemd-user:session): session opened for user nobody(uid=65534) by (uid=0)
Jun  1 06:32:49 [redacted] su: pam_unix(su:session): session closed for user no ...

I'm setup a new Ubuntu Server 22.04 VM and am following the documentation here:

https://guacamole.apache.org/doc/gug/jdbc-auth.html

Guacamole 1.4 installs fine along with Tomcat9 and Nginx proxy; I can access the site fine with user-mapping.xml

After installing MariaDB, importing the schema files and placing extensions / lib files I am getting an error on the site:

ERROR
An error has occurred and thi ...

Trying to copy files from one server to another because the amount of files is not feasible to do by copying to my home pc and then out to second server.

SSH, rync, and scp all hang from either server, but works fine to log in directly over SSH either from web terminal or from putty over SSH.

• I whitelisted IP of server 1 to CSF on server 2.
• I whitelisted IP of server 2 to CSF on server 1.
• I comp ...