Archive for November 2020

Proxmox Mail Gateway is one of the leading open-source email security solution which helps to protect mail server against many email threats from the moment they emerge [https://www.proxmox.com/en/proxmox-mail-gateway]. There are several ways of installing Proxmox Mail Gateway in your node but what we explain here is how it is installed on Debian 10 platform.

Resources

OS : Debian 10 (Buster)
RAM : 4GB (Recmmend)
Hostname : pmg.test.lk (It is very Important to set host name before the installation begins)

STEP 01 - Setting up the installation environment

First add the host name to "hosts" file.

root@pmg:~vim /etc/hosts

x.x.x.x pmg.test.lk pmg

Then configure the Package repositories. (Required repositories are available in the PMG documentation.

root@pmg:~# vi /etc/apt/sources.list

deb http://ftp.debian.org/debian buster main contrib
# PMG pmg-no-subscription repository provided by proxmox.com
# NOT recommended for production use
deb http://download.proxmox.com/debian/pmg buster pmg-no-subscription

In PMG documentation there is another repository which is used for security updates. This security update related repository is available in the source file of Debian 10 by default.

# security updates
deb http://security.debian.org/debian-security buster/updates main contrib

If this repository is not available in your source file please add it too. Otherwise do not add it as it gives a warning regarding the duplicate repositories when you run the "apt update" command.

After configuring the Package repositories, you need to update the system.

root@pmg:~# apt update

At this point you may get the below mentioned errors:

Error 01:
Err:6 http://download.proxmox.com/debian/pmg buster InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7BF2812E8A6E88E0

Solution:

Add the key which is given in the error. You can use the below command to add the given key.

root@pmg:~# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7BF2812E8A6E88E0

When you run the above command it may gives the below error too.

Error 02:
E: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation

Solution:

Install the required packages.

root@pmg:~# apt install gnupg gnupg1 gnupg2

After installing the above packages you can add the key without any issue.

Then run "apt update" command and it will be completed successfully.

Once update completed then you need to do a Upgrade.
root@pmg:~# apt upgrade

STEP 02 - Install Proxmox Mail Gateway

Now install the proxmox mail gateway.

root@pmg:~# apt install proxmox-mailgateway

At this point you may get the below mentioned errors

Error 01:
hostname lookup 'pmg' failed - got local IP address ''
dpkg: error processing package pmg-api (--configure):
installed pmg-api package post-installation script subprocess returned error exit status 22
dpkg: dependency problems prevent configuration of proxmox-mailgateway:
proxmox-mailgateway depends on pmg-api; however:
Package pmg-api is not configured yet.

Error 02:
Errors were encountered while processing:
pmg-api
proxmox-mailgateway
E: Sub-process /usr/bin/dpkg returned an error code (1)

Solution:

If you didn't add the host name to your hosts file before the installation you may get this error. So the solution is to add the IP and host name to the hosts file as mentioned in the STEP 01.

Error 03:

The following packages have unmet dependencies:
proxmox-mailgateway : Depends: pmg-api but it is not going to be installed
E: Unable to correct problems, you have held broken packages.

Solution:

For the above error, solution is to install pmg-api.

root@pmg:~# apt install pmg-api

If the installation completed without errors you can continue to mail gateway installation again.

root@pmg:~# apt install proxmox-mailgateway

Error 04:

The following packages have unmet dependencies:
pmg-api : Depends: postfix (>= 2.5.5) but it is not going to be installed
E: Unable to correct problems, you have held broken packages.

Solution:

Install postfix

root@pmg:~# apt install postfix

Ones you start postfix installation it will pop up the postfix configuration. select Internet Site from it. If you need to configure your server to work as Smart host you need to select Internet with smart host.

Then add the system mail name. (ex: pmg.test.lk)

After the postfix installation continue the mail gateway installation again.

root@pmg:~# apt install proxmox-mailgateway

STEP 03 - Web Logging

Further configurations need to be done via the Proxmox web interface.

Just point your browser to the IP address given during installation with the port.

URL :- https://youripaddress:8006

root login is having the server's root password

For more Proxmox configurations, refer the below link.

https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#chapter_pmgconfig

Nikto is an Open source web server scanner and it can use with any web servers like Apache, Nginx, IHS, OHS, Litespeed etc. It is capable to perform web server scanning over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers.It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.

Let's start installation process of NiktoScan on RHEL/ centos 7

First you have to install rpms from following codes.

rpm -Uvh http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-20.el7.art.noarch.rpm

rpm  -Uvh http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-21.art.noarch.rpm

rpm -Uvh  http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/atomic-release-1.0-21.art.noarch.rpm

Next use yum install to install NiktoScan package.

yum install nikto -y

Then you can check the installation process is success or not from following command.

nikto -v

If the output looks like this, you have successfully installed NiktoScan on your

computer.

Ok. Let's start scanning process.

You can use following command to scan website using hostname and this is the

basics command of NiktoScan.

niktoscan -h <hostname or IP>

Eg.: nikto -h www.domains.lk

in here -h is for hostname.

It takes some time to deliver the output and it looks like this.

You can find all command line options from this link and its usage.

In the bottom of the scan result you can see number of request to the host and

errors on that remote host.

In the NiktoScan you can scan specific port of a remote server by using following

command.

 niktoscan -h <hostname> -p <port>

Eg.:

nikto -h www.domains.lk -p 80

nikto -h www.domains.lk -p 80,111,443

“Nikto -list-plugins” will display a list of additional plugins which may help to scan a target or confirm a vulnerability reported by Nikto.

 nikto -h www.domains.lk -Plugins "apache_expect_xss(verbose,debug)"

I think you have an basic idea to perform a nikto scan to web server and next

time we will be discussed about how to analyse Nikto scan report and identifyinf

vulnerabilities.

STEP 01 - Setting up the installation environment

STEP 02 - Install Proxmox Mail Gateway

Solution:

STEP 03 - Web Logging

ABOUT US

Popular Posts

SUBSCRIBE & FOLLOW

Followers

Categories

Total Pageviews

Contributors