• Cerbot Free SSL

    Certbot has finally given instructions for majority of the Linux distros with various web-servers. You can find the all the instructions at this magical link: 

    https://certbot.eff.org/all-instructions  

    Here is an example of installing Certbot on a NagiosXI server:

    [root@nagios ~]# wget https://dl.eff.org/certbot-auto
    --2019-04-23 16:32:45-- https://dl.eff.org/certbot-auto
    Resolving dl.eff.org… 151.101.0.201, 151.101.64.201, 151.101.128.201, …
    Connecting to dl.eff.org|151.101.0.201|:443… connected.
    HTTP request sent, awaiting response… 200 OK
    Length: 63564 (62K) [application/octet-stream]
    Saving to: `certbot-auto'
    100%[================================================================================>] 63,564 --.-K/s in 0.003s
    2019-04-23 16:32:45 (17.8 MB/s) - `certbot-auto' saved [63564/63564]
    [root@nagios ~]# sudo mv certbot-auto /usr/local/bin/certbot-auto
    [root@nagios ~]# sudo chown root /usr/local/bin/certbot-auto
    [root@nagios ~]# sudo chmod 0755 /usr/local/bin/certbot-auto
    [root@nagios ~]# cert
    certbot-auto certutil
    [
    root@nagios ~]# certbot-auto
    Bootstrapping dependencies for RedHat-based OSes that will use Python3… (you can skip this with --no-bootstrap)
    yum is /usr/bin/yum
    yum is hashed (/usr/bin/yum)
    Loaded plugins: fastestmirror
    Setting up Install Process
    Loading mirror speeds from cached hostfile
    base: mirror.steadfastnet.com
    epel: fedora-epel.mirror.lstn.net
    extras: mirror.jaleco.com
    updates: mirror.hackingand.coffee
    Package gcc-4.4.7-23.el6.x86_64 already installed and latest version
    Package openssl-1.0.1e-57.el6.x86_64 already installed and latest version
    Package openssl-devel-1.0.1e-57.el6.x86_64 already installed and latest version
    Package redhat-rpm-config-9.0.3-51.el6.centos.noarch already installed and latest version
    Package ca-certificates-2018.2.22-65.1.el6.noarch already installed and latest version
    Package 1:mod_ssl-2.2.15-69.el6.centos.x86_64 already installed and latest version
    Resolving Dependencies
    --> Running transaction check
    ---> Package augeas-libs.x86_64 0:1.0.0-10.el6 will be installed
    ---> Package libffi-devel.x86_64 0:3.0.5-3.2.el6 will be installed
    ---> Package python34.x86_64 0:3.4.8-1.el6 will be installed
    --> Processing Dependency: python34-libs(x86-64) = 3.4.8-1.el6 for package: python34-3.4.8-1.el6.x86_64
    --> Processing Dependency: libpython3.4m.so.1.0()(64bit) for package: python34-3.4.8-1.el6.x86_64
    ---> Package python34-devel.x86_64 0:3.4.8-1.el6 will be installed
    --> Processing Dependency: python-rpm-macros for package: python34-devel-3.4.8-1.el6.x86_64
    --> Processing Dependency: python3-rpm-macros for package: python34-devel-3.4.8-1.el6.x86_64
    ---> Package python34-tools.x86_64 0:3.4.8-1.el6 will be installed
    --> Processing Dependency: python34-tkinter = 3.4.8-1.el6 for package: python34-tools-3.4.8-1.el6.x86_64
    --> Running transaction check
    ---> Package python-rpm-macros.noarch 0:3-14.el6 will be installed
    --> Processing Dependency: python-srpm-macros for package: python-rpm-macros-3-14.el6.noarch
    ---> Package python3-rpm-macros.noarch 0:3-14.el6 will be installed
    ---> Package python34-libs.x86_64 0:3.4.8-1.el6 will be installed
    ---> Package python34-tkinter.x86_64 0:3.4.8-1.el6 will be installed
    --> Processing Dependency: libtcl8.5.so()(64bit) for package: python34-tkinter-3.4.8-1.el6.x86_64
    --> Processing Dependency: libtk8.5.so()(64bit) for package: python34-tkinter-3.4.8-1.el6.x86_64
    --> Running transaction check
    ---> Package python-srpm-macros.noarch 0:3-14.el6 will be installed
    ---> Package tcl.x86_64 1:8.5.7-6.el6 will be installed
    ---> Package tk.x86_64 1:8.5.7-5.el6 will be installed
    --> Finished Dependency Resolution
    Dependencies Resolved
    ==========================================================================================================================
    Package Arch Version Repository Size
    Installing:
    augeas-libs x86_64 1.0.0-10.el6 base 314 k
    libffi-devel x86_64 3.0.5-3.2.el6 base 18 k
    python34 x86_64 3.4.8-1.el6 epel 50 k
    python34-devel x86_64 3.4.8-1.el6 epel 186 k
    python34-tools x86_64 3.4.8-1.el6 epel 426 k
    Installing for dependencies:
    python-rpm-macros noarch 3-14.el6 epel 6.6 k
    python-srpm-macros noarch 3-14.el6 epel 5.8 k
    python3-rpm-macros noarch 3-14.el6 epel 5.4 k
    python34-libs x86_64 3.4.8-1.el6 epel 8.4 M
    python34-tkinter x86_64 3.4.8-1.el6 epel 336 k
    tcl x86_64 1:8.5.7-6.el6 base 1.9 M
    tk x86_64 1:8.5.7-5.el6 base 1.4 M
    Transaction Summary
    Install 12 Package(s)
    Total download size: 13 M
    Installed size: 41 M
    Is this ok [y/N]: y
    Downloading Packages:
    (1/12): augeas-libs-1.0.0-10.el6.x86_64.rpm | 314 kB 00:00
    (2/12): libffi-devel-3.0.5-3.2.el6.x86_64.rpm | 18 kB 00:00
    (3/12): python-rpm-macros-3-14.el6.noarch.rpm | 6.6 kB 00:00
    (4/12): python-srpm-macros-3-14.el6.noarch.rpm | 5.8 kB 00:00
    (5/12): python3-rpm-macros-3-14.el6.noarch.rpm | 5.4 kB 00:00
    (6/12): python34-3.4.8-1.el6.x86_64.rpm | 50 kB 00:00
    (7/12): python34-devel-3.4.8-1.el6.x86_64.rpm | 186 kB 00:00
    (8/12): python34-libs-3.4.8-1.el6.x86_64.rpm | 8.4 MB 00:00
    (9/12): python34-tkinter-3.4.8-1.el6.x86_64.rpm | 336 kB 00:00
    (10/12): python34-tools-3.4.8-1.el6.x86_64.rpm | 426 kB 00:00
    (11/12): tcl-8.5.7-6.el6.x86_64.rpm | 1.9 MB 00:00
    (12/12): tk-8.5.7-5.el6.x86_64.rpm | 1.4 MB 00:00
    Total 11 MB/s | 13 MB 00:01
    Running rpm_check_debug
    Running Transaction Test
    Transaction Test Succeeded
    Running Transaction
    Installing : python34-libs-3.4.8-1.el6.x86_64 1/12
    Installing : python34-3.4.8-1.el6.x86_64 2/12
    Installing : 1:tcl-8.5.7-6.el6.x86_64 3/12
    Installing : 1:tk-8.5.7-5.el6.x86_64 4/12
    Installing : python34-tkinter-3.4.8-1.el6.x86_64 5/12
    Installing : python-srpm-macros-3-14.el6.noarch 6/12
    Installing : python-rpm-macros-3-14.el6.noarch 7/12
    Installing : python3-rpm-macros-3-14.el6.noarch 8/12
    Installing : python34-devel-3.4.8-1.el6.x86_64 9/12
    Installing : python34-tools-3.4.8-1.el6.x86_64 10/12
    Installing : augeas-libs-1.0.0-10.el6.x86_64 11/12
    Installing : libffi-devel-3.0.5-3.2.el6.x86_64 12/12
    Verifying : python-rpm-macros-3-14.el6.noarch 1/12
    Verifying : 1:tcl-8.5.7-6.el6.x86_64 2/12
    Verifying : python34-tkinter-3.4.8-1.el6.x86_64 3/12
    Verifying : python34-3.4.8-1.el6.x86_64 4/12
    Verifying : python3-rpm-macros-3-14.el6.noarch 5/12
    Verifying : python34-libs-3.4.8-1.el6.x86_64 6/12
    Verifying : libffi-devel-3.0.5-3.2.el6.x86_64 7/12
    Verifying : python-srpm-macros-3-14.el6.noarch 8/12
    Verifying : augeas-libs-1.0.0-10.el6.x86_64 9/12
    Verifying : 1:tk-8.5.7-5.el6.x86_64 10/12
    Verifying : python34-devel-3.4.8-1.el6.x86_64 11/12
    Verifying : python34-tools-3.4.8-1.el6.x86_64 12/12
    Installed:
    augeas-libs.x86_64 0:1.0.0-10.el6 libffi-devel.x86_64 0:3.0.5-3.2.el6 python34.x86_64 0:3.4.8-1.el6
    python34-devel.x86_64 0:3.4.8-1.el6 python34-tools.x86_64 0:3.4.8-1.el6
    Dependency Installed:
    python-rpm-macros.noarch 0:3-14.el6 python-srpm-macros.noarch 0:3-14.el6 python3-rpm-macros.noarch 0:3-14.el6
    python34-libs.x86_64 0:3.4.8-1.el6 python34-tkinter.x86_64 0:3.4.8-1.el6 tcl.x86_64 1:8.5.7-6.el6
    tk.x86_64 1:8.5.7-5.el6
    Complete!
    Creating virtual environment…
    Installing Python packages…
    Installation succeeded.
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator apache, Installer apache
    Enter email address (used for urgent renewal and security notices) (Enter 'c' to
    cancel):


    Please read the Terms of Service at
    https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
    agree in order to register with the ACME server at
    https://acme-v02.api.letsencrypt.org/directory

    (A)gree/(C)ancel: A

    Would you be willing to share your email address with the Electronic Frontier
    Foundation, a founding partner of the Let's Encrypt project and the non-profit
    organization that develops Certbot? We'd like to send you email about our work
    encrypting the web, EFF news, campaigns, and ways to support digital freedom.

    (Y)es/(N)o: Y
    No names were found in your configuration files. Please enter in your domain
    name(s) (comma and/or space separated) (Enter 'c' to cancel): nagios.xxx.com
    Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for nagios.xxx.com
    Cleaning up challenges
    Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
    IMPORTANT NOTES:
    Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.
    -------------------------
    So at this point I needed to add a <VirtualHost> entry in the /etc/apache/conf.d/nagios.conf to get this to work.
    ----------------------------

    $certbot-auto
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator apache, Installer apache
    Which names would you like to activate HTTPS for?

    1: nagios.xxx.com

    Select the appropriate numbers separated by commas and/or spaces, or leave input
    blank to select all options shown (Enter 'c' to cancel): Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for nagios.xxx.com
    Waiting for verification…
    Cleaning up challenges
    Created an SSL vhost at /etc/httpd/conf.d/nagios-le-ssl.conf
    Deploying Certificate to VirtualHost /etc/httpd/conf.d/nagios-le-ssl.conf
    Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.

    1: No redirect - Make no further changes to the webserver configuration.
    2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
    new sites, or if you're confident your site works on HTTPS. You can undo this
    change by editing your web server's configuration.

    Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1

    Congratulations! You have successfully enabled https://nagios.xxx.com
    You should test your configuration at:
    https://www.ssllabs.com/ssltest/analyze.html?d=nagios.xxx.com

    IMPORTANT NOTES:
    Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/nagios.xxx.com/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/nagios.xxx.com/privkey.pem
    Your cert will expire on 2019-07-22. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot-auto
    again with the "certonly" option. To non-interactively renew all
    of your certificates, run "certbot-auto renew"
    If you like Certbot, please consider supporting our work by:
    Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
    Donating to EFF: https://eff.org/donate-le
    [root@nagios conf.d]# service httpd restart
    Stopping httpd: [ OK ]
    Starting httpd: [ OK ]
    [root@nagios conf.d]#


  • Clearing Activity @ Google

    robert . . #Browser Security 

    In the main section of the My Activity section of your Google account, you’ll be able to view and delete your Android usage data, Voice & Audio data, Google Assistant data (searches, smart home control, etc.), search data, and ads.

    You can delete them one by one by simply clicking the three dots on the right of each entry and clicking Delete.

    You can also batch delete by activity type or date like this:

    1.) Visit the My Activity (https://myactivity.google.com/myactivity) section of your Google account.
    2.) Click the three vertical dots on upper right side of your screen.
    3.) Click Delete activity by.
    4.) Click Today to open the dropdown.
    5.) Click All time to delete all of your activity ever.
    6.) Click DELETE to simply delete all of your activity today. You can optionally set a date range. You can also choose to delete data based on keyword, Google product, or type of activity.
    7.) Click Delete in the pop-up.