November 2020 – Hackfi

cockpit to manage virtual machines in centos8

why?
– Access vm via webconsole
– Easy to manage services
– Create/manage VM
– Create/manage podman

dnf install cockpit -y

systemctl start cockpit.socket

systemctl enable cockpit.socket

Browse https://127.0.0.1:9090 or https://YOUR_IP:9090

more : https://cockpit-project.org

install openvas in centos8

sed -i 's/enforcing/disabled/g' /etc/selinux/config

reboot

dnf update

yum config-manager --set-enabled PowerTools
yum install epel-release

wget -q -O - http://www.atomicorp.com/installers/atomic |sh

yum install openvas

openvas-setup

More : https://github.com/Atomicorp/gvm

Cronjob to update CVE database

10 1 * * * /usr/sbin/greenbone-nvt-sync > /dev/null
10 2 * * * /usr/sbin/greenbone-scapdata-sync > /dev/null
10 3 * * * /usr/sbin/greenbone-certdata-sync > /dev/null

Openvas API:


gvm-cli --gmp-username USRENAME --gmp-password PASSWORD socket --sockpath /var/run/gvm/gvmd.sock --xml "<get_tasks/>"

gvm-cli socket --sockpath /var/run/gvm/gvmd.sock --xml "<get_version/>"

iptables port allow/block

//Block port 8080

iptables  -A INPUT -p tcp --dport 8080 -j DROP

//Allow port 8080

iptables -A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT

//Delete rule from same command(-D)

iptables  -D INPUT -p tcp --dport 8080 -j DROP

//Delete iptable rule for 8080 as per line number

iptables -L --line-numbers
iptables -D INPUT 1

//List rules

iptables -S
iptables -S TCP
iptables -L INPUT
iptables -L INPUT -v

#save
service iptables save

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30