Remote Desktop (Xrdp) is a free and open-source implementation of the Microsoft RDP server that enables operating systems other than Microsoft Windows to provide a fully functional RDP-compatible remote desktop experience.
This tutorial will explain to you how to install and configure the Xrdp on Ubuntu 18.04.
Sudo access to your Ubuntu 18.04 server
This guide discusses how to Install and Use WPScan WordPress Vulnerability Scanner Ubuntu 18.04. WPScan, which is an acronym for WordPress Security Scanner, is a free black box vulnerability scanner written on Ruby programming language to help security professionals and blog maintainers to test the vulnerabilities on their WordPress sites. It helps unearth any vulnerability associated with WordPress themes, plugins, or any other security threat harbored on a WordPress site.
Before you can install WordPress Security Scanner (WPScan), ensure that the following dependencies are installed.Also ensure that your system is up-to-date. This can be done by running the commands below;
sudo apt update sudo apt upgrade sudo apt install curl git libcurl4-openssl-dev make zlib1g-dev gawk g++ gcc libreadline6-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 autoconf libgdbm-dev libncurses5-dev automake libtool bison pkg-config ruby ruby-bundler ruby-dev -y
WPScan can either be installed fron RubyGem repositories or from sources. The former is simpler as it involves a one line command.
To install WPScan from RubyGem repositories, run the command below;
gem install wpscan
You can at the same time uninstall WPScan by running the command;
gem uninstall wpscan
To install WPScan from sources, you first need to its Github repository.
git clone https:gem//github.com/wpscanteam/wpscan.git
Once the cloning is done, navigate to WPScan directory and run the commands below to do the installation.
cd wpscan/ bundle install sudo rake install
Do you have patience? If you don’t, this is where might have to learn to have a little since it may take some few mins to complete the installation. If the installation is successful, you should see such an output.
... 48) WPScan::Vulnerability behaves like WPScan::References references when references provided as array # Temporarily skipped with xit # ./spec/shared_examples/references.rb:45 Finished in 8 minutes 54 seconds (files took 15.12 seconds to load) 17914 examples, 0 failures, 48 pending Coverage report generated for RSpec to $HOME/wpscan/coverage. 1709 / 2006 LOC (85.19%) covered. wpscan 3.4.0 built to pkg/wpscan-3.4.0.gem. wpscan (3.4.0) installed.
Well, WPScan is successfully installed on Ubuntu 18.04. To obtain a description of various command line options used with WPScan, run wpscan
command with -h/--help
option;
wpscan -h _______________________________________________________________ __ _______ _____ \ \ / / __ \ / ____| \ \ /\ / /| |__) | (___ ___ __ _ _ __ ® \ \/ \/ / | ___/ \___ \ / __|/ _` | '_ \ \ /\ / | | ____) | (__| (_| | | | | \/ \/ |_| |_____/ \___|\__,_|_| |_| WordPress Security Scanner by the WPScan Team Version 3.4.0 Sponsored by Sucuri - https://sucuri.net @_WPScan_, @ethicalhack3r, @erwan_lr, @_FireFart_ _______________________________________________________________ Usage: wpscan [options] --url URL The URL of the blog to scan Allowed Protocols: http, https Default Protocol if none provided: http This option is mandatory unless update or help or hh or version is/are supplied -h, --help Display the simple help and exit --hh Display the full help and exit --version Display the version and exit -v, --verbose Verbose mode --[no-]banner Whether or not to display the banner Default: true -o, --output FILE Output to FILE -f, --format FORMAT Output results in the format supplied Available choices: cli-no-color, json, cli, cli-no-colour --detection-mode MODE Default: mixed Available choices: mixed, passive, aggressive --user-agent, --ua VALUE --random-user-agent, --rua Use a random user-agent for each scan --http-auth login:password <output cut>
Go through the whole output to see various options that can be used with wpscancommand.
In this guide, we are going to show you a few examples on how to perform WordPress blog vulnerability scanning. Ensure that you run the examples below against your OWN blog. It is illegal to scan other people’s sites.
wpscan --url wordpress.example.com
WPScan can scan both http and https protocols. If not specified, it will scan http by default.
If you want to save the scanner output results in a file, use the -o/--output
option.
wpscan --url http://wordpress.example.com -o scan-test
There are three detection modes in which wpscan can run against a WordPress site; passive
, aggressive
, mixed(default)
.
passive
mode runs a non-intrusive detection i.e it sents a few requests to the server. It commonly scans the home page for any vulnerability. The passive mode is less likely to be detected by IDS/IPS solutions.aggressive
mode on the other hand performs a more intrusive scan as it sents a thousand request to the server. It tries all the possible plugins even if the plugin has no known vulnerabilities linked to it. This may result in an increased load on the target server.mixed(default)
mode uses a mixture of both aggressive and passive.To specify detection mode;
wpscan --url wordpress.example.com -o test --detection-mode aggressive
To scan for vulnerable plugins on your WordPress blog, pass the -e/--enumerate [OPTS]
option to the wpscan command where [OPTS]
can be; vp (vulnerable plugins)
, ap(all plugins)
, p (plugins)
. For example to scan for every plugin which has vulnerabilities linked to it,
wpscan --url wordpress.example.com -e vp
Just like we used the -e/--enumerate [OPTS]
option to check for vulnerable plugins, the same can be done when checking for vulnerable themes with the [OPTS]
being any of the following; vt (Vulnerable themes)
, at (All themes)
, t (Themes)
. For example to scan for themes with known vulnerabilities;
wpscan --url wordpress.example.com -e vt
To find out the users that can login to WordPress site, you would pass the -e/--enumerate u
option to wpscan where u
basically means the user IDs.
wpscan --url wordpress.example.com -e u
Once you have enumerated the usernames, you can try to perform a brute-force attack again them as shown below. This process may be a bit slower depending on the number of passwords specified in the password file (-P, --passwords FILE-PATH)
and number of threads (-t, --max-threads VALUE)
you are using. For example to brute-force an admin,
wpscan --url wordpress.example.com -P password-file.txt -U admin -t 50
To test for password strength for multiple users, you would use the same command above this time round without the specific username specified.
wpscan --url wordpress.example.com -P password-file.txt -t 50
To run wpscan in a stealthy mode which basically means (--random-user-agent --detection-mode passive --plugins-version-detection passive)
, specify the --stealthy
option.
wpscan --url wordpress.example.com --stealthy
That is all about WPScan. Feel free to explore this useful tool. We hope this article was helpful.
SOURCE: https://kifarunix.com/install-use-wpscan-wordpress-vulnerability-scanner-ubuntu-18-04/
ClamAV, an open source antivirus engine for detecting and removing trojans, viruses, malware and other threats can easily be installed on Ubuntu to help protect your systems… You don’t usually hear antivirus and Linux in the same sentence… however, in today’s environments, viruses and malicious threats can live anywhere…
This brief tutorial shows students and new users how to install ClamAV on Ubuntu 16.04 / 17.10 and 18.04 systems…
ClamAV is by design, versatile…. it supports multiple file formats and multiple signature languages that most viruses use to exploit systems… It performs multi-threaded scans, and include a command-line utility for on demand file scanning and signatures updates..
When you’re ready to install ClamAV, continue with the steps below
On Uubntu desktop, open your terminal by press the Ctrl — Alt — T keys on your keyboard… this should open the terminal…
When the terminal opens, type the commands below to install ClamAV
sudo apt install clamav clamav-daemon
Now that ClamAV is installed, you can use the command line terminal to scan for viruses and malware…. to test out, run the commands below to scan your home folder…
clamscan --infected --remove --recursive /home
You should get a summary after a successful scan…
----------- SCAN SUMMARY -----------
Known viruses: 6541075
Engine version: 0.99.4
Scanned directories: 136
Scanned files: 401
Infected files: 0
Data scanned: 63.20 MB
Data read: 43.88 MB (ratio 1.44:1)
Time: 23.938 sec (0 m 23 s)
To scan for infected files and folder on the entire sysstem, you can run the commands below
sudo clamscan --infected --remove --recursive /
For downloading Clamav virus definitions..
sudo freshclam
1. Download the necessary archive and unpack it:
# wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.zip
# unzip ioncube_loaders_lin_x86-64.zip
2. Find the extension directory:
# php -i | grep extension_dir
extension_dir => /usr/lib/php/20151012 => /usr/lib/php/20151012
About Spamassassin
Spamassassin is a free and open-source mail filter written in Perl that is used to identify spam using a wide range of heuristic tests on mail headers and body text. It will save your mailbox from much unwanted spam emails.
1. Prerequisites
Before installing Spamassassin, you need to install and setup a mail transfer agent such as Postfix on your virtual private server.
You can find instructions on that here
2. Install Spamassassin
Use apt-get to install Spamassassin and spamc.
apt-get install spamassassin spamc
Once Spamassassin is installed, there are a few steps that has to be taken to make it fully functional.
3. Adding Spamassassin User
To run Spamassassin you need to create a new user on your VPS.
4. First add the group spams:
groupadd spamd
then add the user spamd with the home directory /var/log/spamassassin:
useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd
then create the directory /var/log/spamassassin:
mkdir /var/log/spamassassin
and change the ownership of the directory to spams:
chown spamd:spamd /var/log/spamassassin
Let's set up Spamassassin now.
5. Setting Up Spamassassin
Open the spamassassin config file using:
nano /etc/default/spamassassin
To enable Spamassassin find the line
ENABLED=0
and change it to
ENABLED=1
6. To enable automatic rule updates in order to get the latest spam filtering rules find the line
CRON=0
and change it to
CRON=1
Now create a variable named SAHOME with the Spamassassin home directory:
SAHOME="/var/log/spamassassin/"
Find and change the OPTIONS variable to
OPTIONS="--create-prefs --max-children 2 --username spamd -H ${SAHOME} -s ${SAHOME}spamd.log"
This specifies the username Spamassassin will run under as spamd, as well as add the home directory, create the log file, and limit the child processes that Spamassassin can run.
7. If you have a busy server, feel free to increase the max-children value.
Start the Spamassassin daemon by using the following code:
service spamassassin start
Now, let's config Postfix.
Configuring Postfix
The emails still do not go through Spamassasin. To do that, open Postfix config file using:
nano /etc/postfix/master.cf
Find the the line
smtp inet n - - - - smtpd
and add the following
-o content_filter=spamassassin
Now, Postfix will pipe the mail through Spamassassin.
To setup after-queue content filter add the following line to the end of the file
spamassassin unix - n n - - pipe
user=spamd argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
For the changes to take effect restart postfix:
service postfix restart
Now postfix will use spamassassin as a spam filter.
Configuring Spamassassin on your VPS
To get the maximum use of Spamassassin you have to create rules.
Open the Spamassassin default rules file using:
nano /etc/spamassassin/local.cf
To activate a rules uncomment line remove the # symbol.
To add a spam header to spam mail uncomment or add the line:
rewrite_header Subject [***** SPAM _SCORE_ *****]
Spamassassin gives a score to each mail after running different tests on it. The following line will mark the mail as spam if the score is more than the value specified in the rule.
required_score 3.0
To use bayes theorem to check mails, uncomment or add the line:
use_bayes 1
To enable bayes auto learning, uncomment or add the line:
bayes_auto_learn 1
After adding the above details, save the file and restart spam assassin.
service spamassassin restart
Testing
To see if Spamassassin is working, you can check the spamassassin log file using:
nano /var/log/spamassassin/spamd.log
or send the email from an external server and check the mail headers.
CNERIS is a company formed by young entrepreneurs from different sectors of the world of information. Our team consists of programmers, system administrators, graphic designers.