Just publist a new blog on DNS server how dns server works and how your website name convets into IP address

SELinux In Linux Server CentOS 7

Security-Enhanced Linux 

Security-Enhanced Linux as its name suggests it is security enhancement in Red Hat distribution. As we know in Linux the main benefit is that we can modify the kernel according to our needs and make our own flavor.  So SELinux is a kernel module(Centos) with more security by more security I mean access control security.

Before the introduction of SELinux which works on Mandatory access control(MAC), Discretionary access control was used.The DAC means the access control is based on the file owner and its permission. The root user has full access control with a DAC system.If the system is a normal workstation then using the DAC may be a good choice but if it a Red Hat-based Linux server the use of DAC is not a good practice. Giving all access control to one user is not advisable.

But after the MAC policy introduction by SELinux, there is an administratively prebuilt policy for access means if the DAC policy or its setting changes on the file, directory then SELinux policies are there to prevent the misuse of permission. Of course, SELinux gives flexibility to limit access between users for files, directory, and more. So, now comes the benefits of this hole thing we discussed, suppose you are running a Linux server(centos) with disable SELinux on it. if Your Linux server hosting many webpages and website, if any hacker can gain access through one of the vulnerability on these website vulnerabilities like

1. Web ports HTTP(80) and https(443)2. File transfer services FTP or proftpd3. Through ssh service4. Vulnerable plugin and theme installed on the website

After finding vulnerability first approach hackers is to put the shell inside the web server and gain the reverse shell to get the root access if we use old access policy like DAC then our hole server compromises and it makes easier for the hacker to do his job but with SELinux, there are some changes to protect our server. SELinux isolates the working of processes run by the local user to remove this type of chance of privilege escalation. The policies used by Mandatory access control are prebuilt we can’t change it but can make custom policy according to our needs.

Configuration files of SELinux There are two methods to configure the config file SELinux   1. Using GUI: You can access GUI through                              system>Administrator>SELinux management   

2. Manually via config file You can directly access the config file using any text editor like vim    using the location /etc/selinux/config Command to edit config file After the modification in config file we need to reboot the system and after that login to your system and view the cat /var/log/messages if you do not see any error then all is fine and all MAC policy are implemented successfully but if you observer any error then the chances are policy is not implemented successfully.When SELinux denies an action an Access vector is generated called AVC(access vector cache) which shows its message to /var/log/audit/audit.log and /var/log/messages, for troubleshooting use research to find any recent AVC messages. Config file of SELinux There are three basic mode for SELinux Permissive: SELinux is enabled but the MAC policies that are not                       Enforcing on the system only the warring to the user shows and a log of it displays.Enforcing: The default mode, strict mode enabling all policies and restrictions on the system.Disabled:  The default mode which is mainly present on the  system, SELinux is off in this mode. We can view the status of the current running mode of SELinux before editing the config file through “SEStatus” SEStatus Inside the config file, we also see SELINUXTYPE this option is used to set policy type which you want to use the default one is Targeted policy

Targeted:  default one which implements all the MAC policy (most restricted)

Minimum: Only selected processes are protected we have the                     liberty of modification of some  targeted made policy

Mis: server follows Multi-level security protection to prevent users from obtaining access to information for which they don’t authorize.

Hit this link to know more:

https://securitythread.blogspot.com/2020/06/selinux-in-linux-server-centos-7.html

Linux terminal types

The terminal subsystem consists of three layers

The upper layer implements the character device interface ( open, read, write, close …)

The line discipline

The lower layer which communicates with the hardware or the pseudoterminal.

A Unix based system processes communicate with the terminal through terminal character device file, all the text we write in the terminal are store in the input buffer of this file and then the process may read from this to get the data.

In this mechanism file descriptor 0 SDTIN used for read data from device file and file descriptor 1 STDOUT used for writing data to the file this type of terminal are called hardware-based terminal used in the past.

Now we emulate the terminal using software, a personal computer can run terminal emulator software that replicates the function of a terminal, sometimes allowing concurrent use of local programs and access to a distant terminal host system. The terminal emulators on most Unix-like systems such as gnome-terminal, qterminal, xterm, do emulate physical terminal including support for escaping sequences.

X windows system the program that controls the display, drawing the boxes and buttons.  Suppose we open a terminal emulator in X windows and start writing text in the terminal, the text we write goes from the X window server to terminal emulator which writes the text in the input buffer of "master" pseudo-terminal character device file. The operating system copies data from master to its associated "slave" pseudo-terminal character device file to be read by the process. Each terminal emulator has its own master and slave pseudo-terminal pair.

Usually, the master is connected to a terminal emulator (such as xterm) and the slave is connected to a program being run, most commonly a shell (such as bash). Thus, the slave behaves exactly like a classical terminal

dev/tty :

TTY is the abbreviation of Tele-Typewriter (or Tele-Type)Originally, a TTY was physically connected to a Unix machine as an input/output device, usually on an RS-232 cable. The input was fed on a keyboard. In the beginning, the computer's output was going to a printer and later also to screens It is a special kind of file, it doesn't represent the character device. When a program opens /dev/tty file they get the file descriptor for the so-called controlling terminal that is terminal associated with their process. In simple words, it used for controlling the terminal file. A TTY (or terminal) device is a special class of a character device.

dev/pts :

When a process opens /dev/ptmx, it gets a file descriptor for a pseudoterminal master (PTM), and a pseudoterminal slave (PTS) device is created in the /dev/pts directory.  Each file descriptor obtained by opening /dev/ptmx is an independent PTM with its own associated PTS, whose path can be found bypassing the file descriptor to its name. Before opening the pseudoterminal slave, you must pass the master's file descriptor to grantpt() and unlockpt(). Once both the pseudoterminal master and slave are open, the slave provides processes with an interface that is identical to that of a real terminal. Data written to the slave is presented on the master file descriptor as input. Data written to the master is presented to the slave as input.

for detail explanation follow: https://securitythread.blogspot.com/2020/05/linux-terminal-subsystem.html

IIS server binding types in Windows server 2012R2

Before entering into the digital world and making your own hashtag#website it is important to know types of web hashtag#hostingservices so this blog may help you