Hostpoco.com – Linux SSD cPanel based Plans $1 for 2 GB | $2.5 for 6 GB!

Hostpoco.com provides fast, simple, and secure web hosting services. All plans are Cpanel based and come with the best possible features. You can boost the loading speed of your website by 300% faster than those hosted on hard drive servers.
All shared hosting accounts are set up within 15 minutes of payment!*

Our Linux SSD Plan:

★Startup SSD:$1 /Monthly
~ 1 Domain Hosting
~ 2 GB Web Space
~ Unlimited Bandwidth
~ 1 GB RAM
~ 0 Addon Domains
~ Unlimited Email Accounts
~ Unlimited MySql Databases
★★★★

★Pro SSD:$2.5 /Monthly
~ 3 Domain Hosting
~ 6 GB Web Space
~ Unlimited Bandwidth
~ 1 GB RAM
~ 2 Addon Domains
~ Unlimited Email Accounts
~ Unlimited MySql Databases
★★★★

Website: https://hostpoco.com/
If you need any further information or help please feel free to mail us at Sales@hostpoco.com

Check Our Reviews:
https://hostadvice.com/hosting-company/h…o-reviews/

Thank You.

Independent C library or function (on Linux) to programmatically generate a self-signed certificate [closed]

Is there a simple C library or function to programmatically generate a self-signed certificate in C on Ubuntu? Of course, one can execute a simple system("....") call to execute a CLI. I am looking for a native, small, stand-alone library just for this purpose with possibly added functionality but not with the full-weight of TLS implementations such as openssl, boringssl, mbedTls, etc.

Kali Linux package installation error

I installed anonsurf on Kali Linux in VMware and now i can’t use apt-get install and i can’t uninstall it or stop it i don’t know why i can’t even remove any package.
this is the error when trying to install beef-xss for example:

You might want to run ‘apt –fix-broken install’ to correct these.
The following packages have unmet dependencies:
beef : Depends: libcattle-1.0-0 (>= 1.2.0) but it is not going to be installed
kali-anonsurf : Depends: i2p but it is not going to be installed
Recommends: gtkdialog but it is not installable
Recommends: gufw but it is not going to be installed
E: Unmet dependencies. Try ‘apt –fix-broken install’ with no packages (or specify a solution).

i tried the following:
apt-get remove anonsurf (unable to locate package)

rm -rf anonsurf (it worked and i the directory is deleted but anonsurf still works)

anonsurf stop

anonsurf stopi2p

  • stopping I2P services
    sudo: unknown user: i2psvc
    sudo: unable to initialize policy plugin

how to fix it
Thanks in Advance.

Checking system integrity after clicking scam email link on Linux

Earlier today, my mother opened an email thinking it was from my sister-inlaw, then clicked on the shortened link.

The link loaded a page of fairly nonsensical text. The source of the page had no explicit javascript code, but the text was formatted with a non-standard identifier. NoScript told me there were scripts on the page (but they weren’t trusted, so should have been blocked).

The system is Fedora 32, upgraded to this release a few days ago. The browser is Firefox with NoScript installed.

What should I do to confirm the integrity of the system? I’m concerned about the integrity of the Linux system, of course, but I’d also be concerned about any possible transfer of viruses or malware to Windows users my mother emails.

I’ve done this once before after a similar incident. I’m planning to create a live USB to scan the system for problems (which I did before) using one of the forensic Linux distros designed for this, but I’m pretty sure I did something else last time and can’t remember what.

What is necessary to ensure the system’s integrity?

I’ve read Clicked link in faked email and https://security.stackexchange.com/a/17854. https://security.stackexchange.com/a/73660 is fairly scary, though I’m somewhat sceptical of its claims.

I also read various online guides, but had difficulty finding anything specific to Linux and reasonably current. (I think I must be searching the wrong terms because I seem to remember finding this kind of information fairly easily before.)

Putting together an air-gap ephemeral linux OS to run off RAM

Idea: Have an operating system boot from a bootable medium completely into RAM. There is no storage attached to this system, so once it boots up and we eject the bootable medium, this system is completely running off RAM & its not capable of leaving a trace anywhere except RAM, contents of which are hard to recover without physical access to the system.

Premises: There is no physical access to this system, which makes a whole set of attacks possible, but lets compile a list of attacks like Cold boot attacks etc, that possess a threat to this setup, and we can assess the severity of each one of them.

Use-case: Using as a vault for cryptocurrency storage & signing transactions.

Stack:

  • Hardware: Raspberry Pi / Old Computer (which may or may not have wifi/bluetooth hardware available, latter preferred obviously)
  • Custom Linux OS (Functional Display + Touchscreen drivers + Camera drivers + Absence of WiFi / Bluetooth drivers + Modern Browser + On-screen keyboard)
  • Binary (Golang program running a local server & UI accessed via browser)

Things that may or may not matter:

  • CPU architecture: x86 / ARM
  • Bootable media: USB drive / SD card

Communication medium with air-gap system: QR codes

Since this only requires little information to be passed to & fro, using QR codes to encode/decode JSON payload seems ideal.

Explanation: Boot up the computer & eject bootable medium. Run the program and access UI in a browser by going to localhost:3000. Generate the keys (Sensitive information) or import if you already have those keys generated in a previous run. Scan QR code to receive the unsigned transaction, show confirmation, sign it and then encode signed transaction as QR code and display it.

The bootable media that’s in use, will never be plugged back into a system connected to the internet as an additional security measure, but with the ability to eject bootable medium after boot up, makes this unnecessary.

Building Custom Linux OS: This is where I want to crowd source knowledge:

  • What OS to choose to build upon + what packages to use + what packages to remove?
  • What would be a simpler approach to building this OS?
  • How to build a lean & minimal distro which can run on a system as low as 512 MB RAM (the less the better), provided the OS footprint is around 100-20 MB of RAM, leaving the rest for the program to use.
  • Expose attack vectors in this approach.

End Goal: Present the source-code + instructions and host the distro for download to use as a cryptocurrency vault along with the wallet app that will be open-sourced with the option of choosing a hosted service for that as well. Considering the architecture, people can simply use it without even requiring to trust/verify the system, as long as they can maintain the air-gap of the vault.

Any exploit details regarding CVE-2019-3846 : Linux Kernel ‘marvell/mwifiex/scan.c’ Heap Buffer Overflow Vulnerability

How to get this exploit working or any method for this.

I have seen and read a lot about this issue at various references

It is seen that various Linux version < 8 is vulnerable to this issue

Linux Kernel ‘marvell/mwifiex/scan.c’ Heap Buffer Overflow Vulnerability

Issue Description: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.

Can you share exploit details regarding this.?

https://vulners.com/cve/CVE-2019-3846 https://www.securityfocus.com/bid/69867/exploit : NO exploit there

Any tips on how to exploit this.

[Hostpoco.com] Linux Shared Hosting | $0.5/m | Free SSL, cpanel,24/7 Support.

Hostpoco.com provides Simple, Easy, Trusted, Reliable Web Hosting Service starting from $0.5 per month. All our hosting plans come with Cpanel as a control panel included with some smart features like no limit space, unmetered bandwidth, free auto SSL, free site builder, free migration service, free dedicated IP, and much more.

Just Sign up and be online within 2 minutes with our instant & free setup!

————————————-
Our Linux Shared Hosting plan:
————————————-

*Beginner:$0.5 /Monthly
– 1 Domain Hosting
– Unlimited Web Space
– Unlimited Bandwidth
– 10 Email Accounts
– 2 Parked Domains
– 2 MySQL Databases
– 10 Sub Domains
****

*Pro:$1 /Monthly
– 2 Domain Hosting
– Unlimited Web Space
– Unlimited Bandwidth
– Unlimited Email Accounts
– Unlimited Parked Domains
– 1 Addon Domains
– 4 MySQL Databases
– Unlimited Sub Domains
****

*Premium:$2.5 /Monthly
– 10 Domain Hosting
– Unlimited Web Space
– Unlimited Bandwidth
– Unlimited Email Accounts
– Unlimited Parked Domains
– 9 Addon Domains
– Unlimited MySQL Databases
– Unlimited Sub Domains
****

*Elite:$5 /Monthly
– Free Domain
– Unlimited Domain Hosting
– Unlimited Web Space
– Unlimited Bandwidth
– Unlimited Email Accounts
– Unlimited Parked Domains
– Unlimited Addon Domains
– Unlimited MySQL Databases
– Unlimited Sub Domains
****

For more offers please visit us at https://hostpoco.com/half-dollar-linux-shared-hosting.php

Thank you

Major security and usability flaw in Linux (root privileges and sudoers, folder access restriction, Ubuntu Linux)

Alright, let me give you the context. I am a business owner with strong technical background, say a programmer, though not an advanced system administrator. I’ve bought a VPS server where I want to host several applications and webpages. One of the apps consists of backend, admin frontend and user frontend, another one is just backend and frontend. So 5 different programmers develop those apps. From time to time, as the development takes its place, those programmers need to install and upgrade some packages, modify system configs and so on, i.e. they need ssh access and some root privileges.

And here is the tricky part. It is obvious that I don’t want them to see and gain access to the folders they are not supposed to see, i.e. the devs of the first app shouldn’t have access to the folders of the second app and vice versa. Moreover the backend dev of the first app shouldn’t have access to the frontend folders of the same app and the same goes for the second app. Also I would like to restrict access for them to certain commands like visudo or reboot, so they wouldn’t be able to lock me out of my own server or reboot it without my consent.

Now, if I give them sudo privileges for them to be able to run administrative tasks needed for their development – then they have access to everything and it becomes practically impossible to restrict access for them to certain folders and commands. On the other hand if I DON’T give them sudo privileges, then it becomes a huge pain for me to every time install packages and give them access to certain files and commands they need to continue development. There are over 1500 commands and the corresponding number of system files in Linux they could potentially need access to, so it’s very VERY unconvenient for me to spend so much time to administer the VPS, especially getting the fact that I’m not a very advanced system administrator and I don’t have much time because I need to run my business.

There are already numerous posts and threads on the Internet where people try to find solutions to somewhat close problems like these: One, Two, Three, Four, Five, Six, Seven, Eight, Nine, and they still have no reasonable solutions to them, only those that involve some supercomplex activities and anyway not giving a needed result.

So from my point of view as a business owner it should be something like this: there is a root user who can do everything. He can create admins and define access rights for them, for example in that very sudoers file. Then it’s his decision whether to give access to an admin to the sudoers file itself and any of the folders and commands of his choice. For example an admin could be able to run any command in the system except “reboot” and “visudo” and he can access all files and folders except /etc/sudoers and say /var/www/private_folder even WITH sudo privileges invoked (meaning he can’t even copy those files, overwrite them, chmod and chown them and so on, i.e. access them with any command).

That would immediately make the whole system administration A LOT more easier and logical, eliminating the need for complex solutions like chroot jails, separate bash environments, splitting servers into virtual machines, using containers and so on. And it’s so simple, a matter of a couple of conditions in the code, if I understand it correctly from a developer’s perspective. Also, I want to be in control of my VPS, not having to trust any other third person believing he/she won’t steal my information and/or destroy my whole system either by making a mistake or intentionally and basically it can be considered as a serious security vulnerability from a certain point of view.

This seems so obvious and logical for me, that I was really discouraged and embarrassed that it’s really isn’t like that in Linux. Maybe 20 years ago when Linux was created it was enough to have only a root and sudoers and the rest of users to accomplish tasks they had at that time, but today everything goes a bit different way already and that archaic approach is not usable anymore.

Of course I realize I can understand something wrong and there is a strong reason why it has to be as it is, then please let me know why is it so and what is a correct and easy way of solving my problem described above without a need to build a behemoth on my VPS or manually administering it all the time by myself. After all it should be user-friendly, right? Now it’s not.

On the other hand if there is no such a solution, then I would really be willing to even pay someone who could implement some kind of a patch or a package that will allow to solve this problem.