3C健忘人 - 疑難排除不求人 - no more ask for IT help

1. change to root $ su - 2. download and install the public signing key: $ rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch 3. produce .repo files inorder to downlowd from YUM $ touch /etc/yum.repos.d/elasticsearch.repo $ vim /etc/yum.repos.d/elasticsearch.repo             4. produce .repo files inorder to downlowd from YUM $ touch /etc/yum.repos.d/logstash.repo $ vim /etc/yum.repos.d/logstash.repo              5. Such as step 4 to edit /etc/yum.repos.d/kibana.repo 6. build as step 4 to edit /etc/yum.repos.d/elastic.repo also 7. yum install elasticsearch logstash kibana filebeat 8. systemctl enable elasticsearch.service     systemctl enable kibana.service     systemctl enable filebeat.service 9. systemctl restart elasticsearch.service     systemctl restart kibana.service     systemctl restart filebeat.service 10. firewall-cmd --permanent --add-port=5601/tcp or firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.0.0/24

 https://www.browserling.com/ 若有懷疑的網址，可從該沙箱瀏覽器開啟網址測試 https://www.hybrid-analysis.com/ https://www.virustotal.com/gui/home/upload   Refernces  https://zeltser.com/lookup-malicious-websites/ https://talosintelligence.com/

 1. Download CentOS 7/  security onion( https://securityonionsolutions.com/software) form official ISO image  https://3ctipsmemo.blogspot.com/2021/04/centos-linux-7-and-8-isos-download-urls.html and install it in Virtual Machine Apps(Virtualbox or VMware)   2. Setting firewall rules for allowing  all link in but denying all link out with firewalld   3. Setting a extremely complexity root password to avoid brute-force cracking 4. Opening general service ports to serve outside connection. 5. Monitoring /var/log/message/secure to verify malicious connection behavior such as root fraud is to try many times with ssh connection, dovecot users fraud is to try use smtp service... 6. If they try to hack service over six times, we can coordinate these malicious connections hostnames/source IPs/destination ports to insert firewall blacklist reference https://access.redhat.com/discussions/3238521 https://firewalld.org/documentation/man-pages/firewall-cmd.html https://unix.stackexchange.com/questi

CentOS 7 http://isoredirect.centos.org/centos/7/isos/x86_64/  with RPMs https://www.centos.org/download/  http://mirror.centos.org/centos/7/ Source at Taiwan http://ftp.twaren.net/Linux/CentOS/7.9.2009/isos/x86_64/ http://ftp.ksu.edu.tw/pub/CentOS/7.9.2009/isos/x86_64/ http://ftp.stu.edu.tw/Linux/CentOS/7.9.2009/isos/x86_64/ http://mirror01.idc.hinet.net/centos/7.9.2009/isos/x86_64/ http://centos.cs.nctu.edu.tw/7.9.2009/isos/x86_64/ http://ftp.tc.edu.tw/Linux/CentOS/7.9.2009/isos/x86_64/ http://free.nchc.org.tw/centos/7.9.2009/isos/x86_64/ CentOS 8 http://isoredirect.centos.org/centos/8/isos/x86_64/  with RPMs https://www.centos.org/download/ http://mirror.centos.org/centos/8/ Source at Taiwan http://mirror01.idc.hinet.net/centos/8.3.2011/isos/x86_64/ http://ftp.tc.edu.tw/Linux/CentOS/8.3.2011/isos/x86_64/ http://ftp.twaren.net/Linux/CentOS/8.3.2011/isos/x86_64/ http://ftp.ksu.edu.tw/pub/CentOS/8.3.2011/isos/x86_64/ http://centos.cs.nctu.edu.tw/8.3.2011/isos/x86_64/ http://

RFC 1918 10.0.0.0/255.0.0.0(8) 172.16.0.0/255.240.0.0(12) 192.168.0.0/255.255.0.0(16) RFC 6598 100.64.0.0/255.252.0.0 (10)  ISP internal RFC 2544 192.18.0.0/255.127.0.0   for a testing device were to be accidentally connected to partt of the Internet RFC 5737 192.0.2.0/255.255.255.0 (24) 198.51.100.0/255.255.255.0 (24) 203.0.113.0/255.255.255.0 (24) References https://en.wikipedia.org/wiki/Private_network https://www.ietf.org/standards/rfcs/ https://www.rfc-editor.org/search/rfc_search.php https://tools.ietf.org/html/rfc1918 https://tools.ietf.org/html/rfc6598 https://tools.ietf.org/html/rfc2544 https://tools.ietf.org/html/rfc5737

  https://www.brainyquote.com/authors/bob-dylan-quotes    https://www.goodreads.com/author/quotes/8898.Bob_Dylan   “If you're not busy being born, you're busy dying.” ― Bob Dylan    

 1. Ctrl +R to go into Configuration Utility 2. To opt disks to convert to RAID 3 Comfirm RAID property

 1. Services.msc 2. control.exe ->  open / close windows function -> enable SMB permanently, it is a key point in connection speed If you use rdpwrapper library, please modify gpedit.msc -> computer configuration -> administrative template -> windows accessories -> remote desktop  service-> remote desktop client Extra. How to speed up remote desktop processing   low down encryption in intranet references https://docs.microsoft.com/zh-tw/windows-server/administration/performance-tuning/role/remote-desktop/session-hosts

 IF the system show Blue Screen and describe WHEA_UNRATABLA_ERROR suddenly on Windows 10 Because the automatic update cause the on Windows 10, you can path the updated error  from update latest patch files and reset the BIOS configuration to default in your system. https://docs.microsoft.com/zh-tw/windows/deployment/update/windows-update-errors windows update catalog website https://www.catalog.update.microsoft.com/ references https://www.intel.com.tw/content/www/tw/zh/support/articles/000028099/processors/intel-core-processors.html https://support.microsoft.com/en-us/windows/how-to-fix-whea-uncorrectable-error-7c49d78a-2792-96cf-2268-abbe9d9eb29f https://neosmart.net/wiki/0x0000124-whea-uncorrectable-error/