CentOS

So one TPM with a BIOS setting to change its mode and the right mode needs to be chosen. I understand his post now. My TPM chip is 2.0 though. I can convert it to a v1.2 TPM chip. Is there something wrong with 2.0? My TPM chip was freshly installed into the machine. The machine never had a TPM chip...

I've seen this on Lenovo T460p laptop provided by my empoloyer. The workaround which works for me is to switch TPM from Intel PTT to discrete TPM 1.2 chip in the BIOS. Downgrade is also another option but unfortunately this prevents kernel upgrade. Are you saying you have two TPM chips in your lapt...

The top set? They look fairly nearly identical to the default rules you get when you install using iptables-services in the first place. Yes, I disabled firewalld and installed the iptables-services and ip6tables-services, then modified the default rules. To me, they look pretty secure and seem to ...

It might not be the best solution, but I believe I have it now. This is my new script: IP_ADDR=$( grep -o -E '192\.168\.2\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-4])\b' fake_ips | tr '\n' ' '|sed -e 's/[[:space:]]*$//' ) SSHD_CONFIG="sshd_config.test" function update_sshd_config() { EXPANDED...

Hi! Not sure if this is the right place to ask but I couldn't really think of any others. I have a script that searches for a string in a file. If it finds the string, it replaces the string with a variable in the script. The variable in the script can (but doesn't mean it will) contain multiple wor...

I figured out the ssh port stuff. Does that iptables rules look good?

Would something like this be a secured start? *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m tcp --dport <my sshd port> --source 192.168.2.0/24 -j AC...

I found an article on digital ocean, https://www.digitalocean.com/community/tutorials/a-deep-dive-into-iptables-and-netfilter-architecture It provides answers to a lot of my questions. For the ssh connection, I'd want it in the INPUT chain and the filter table. So now I can look at the iptables fire...

It's ever so much easier to read if you post the output from the iptables-save command. Despite its name it just prints the rules to stdout. Oh, and all those rules make it look like you're running firewalld in which case you should not be fiddling with the rules behind its back with iptables. Fire...

Hi! I have a server I am running and I struggle a little bit understanding iptables. Currently, I would like to deny all traffic coming from the outside my private network (unless I make the connection), and I'd like to open one port for a daemon I'm running, but only allow connections from the loca...