Dear Experts, I'm testing Oracle 11g on Centos 7 64b.

I installed Oracle but could not connect to the globalDB by sqlplus, it keeps showing error: ORA-12514: TNS:listener does not currently know of service requested in connect even I start the Oracle Database



I also attached the response file from Installation process. These are the details of listener and tnsname files:


lsnrctl status:


Can you please help? Many thanks!
db.rsp

I'll need a Shell (Bash) script (rather an exact command) that outputs

a)  files' name in the Solaris system, one file per line in the UNIX systems
b) that were modified/created the last 1470 minutes
c) exclude FIFO files, symbolic links, sockets (ie *.sock)
d) names of files of between 1 byte to 20MB in size
e) files in /dev, /devices, /kernel, /cdrom, /platform, /proc, /net
f) files mounted on NFS

I have about 1million files so hoping the command/script of outputting
the file can complete in 30mins, so may need efficient coding.


I need to amend the following script to read (ie for AV to scan) the above output file:

#!/bin/bash
LOGFILE="/var/log/clamav/`hostname`-$(date +'%Y-%m-%d').log";
## suggest to change dirs below to root but exclude databases
DIRTOSCAN="/var /opt /home /etc /tmp /export";

for S in ${DIRTOSCAN}; do
DIRSIZE=$(du -sh "$S" |grep -v "/proc" |grep -v "/dev" |grep -v ...  /2>/dev/null | cut -f1);
## add to grep -v for any other file types to exclude

echo "Starting a daily scan of "$S" directory.
Amount of data to be scanned is "$DIRSIZE".";

clamscan -ri "$S" >> "$LOGFILE";

Hello,
We have 4 NTP servers (Solaris 9). All clients are getting date/time from these servers. These servers are getting data/time from 3 GPS devices. Over past weekend, GPS license was expired on 2 GPS devices and its time went back to 1999, while time remains same. One was still fine. Due to this, all clients went back 19 years back. Immediately we added two new new GPS devices and restarted NTP daemon on all NTP servers and all clients. Below is the output of updated IPs (after issue was corrected)

time-serv1 # cat /etc/inet/ntp.conf
server 192.168.xx.xx
server 172.28.42.xx
server 172.28.34.yy

driftfile /var/ntp/ntp.drift
statsdir /var/ntp/ntpstats/
filegen peerstats file peerstats type day enable
filegen loopstats file loopstats type day enable
filegen clockstats file clockstats type day enable

time-serv1 #
time-serv1 # ntpq -p
     remote           refid      st t when poll reach   delay   offset    disp
==============================================================================
*gps-clock3.	 .GPS.            1 u  715 1024  377     3.52    1.718    2.14
+172.28.42.xx   .GPS.            1 u  697 1024  377    44.37   -0.865    1.16
+172.28.34.yy   .GPS.            1 u  820 1024  377    70.02    0.865    1.01
time-serv1 #

Select all Open in new window

Is there setting, which can be applied on NTP servers or individual clients and tell it, do not sync with bad ones, because sudden 19 years drop doesn't make sense. Why it couldn't not have synced with good GPS device and picked date from bad ones ? There was one good, out of 3.
Any advice please ?

Thanks

I'll need to monitor several "privilege escalation related" Solaris 10 & RHEL6 files using
ACLs (Access Ctrl Lists) :

a) /etc/group, /etc/sudoers, /etc/cron.daily (or .weekly or any crons owned by root):
    ACL to send to syslog (so that we can pipe to SIEM) when permissions, ownership
    or contents of the above files are changed

b)visudo, sudo, usermod, useradd    command binary files :
   when these are being executed/run, ACL to send to syslog (who & when it's being
   executed)

Appreciate an exact  setacl (or the actual commands/settings in RHEL6 & Solaris 10
x86  samples

Need to harden a Solaris 10 that is connecting to Internet  from DMZ.

Anyone has a Solaris 10 hardening script that once run will harden for
a) Level 2 Profile
b) "Scored"

The attached which I got from GitHub doesn't seem quite fit to what's needed
& with all the "printf ...", it's more of listing out than actually doing hardening.


From CIS benchmark:

Scoring Information
================
A scoring status indicates whether compliance with the given recommendation impacts the assessed target's benchmark score. The following scoring statuses are used in this benchmark:
Scored  <==
Failure to comply with "Scored" recommendations will decrease the final benchmark score. Compliance with "Scored" recommendations will increase the final benchmark score.
Not Scored
Failure to comply with "Not Scored" recommendations will not decrease the final benchmark score. Compliance with "Not Scored" recommendations will not increase the final benchmark score.



Profile
=====

 Level 1
Items in this profile intend to:
o be practical and prudent;
o provide a clear security benefit; and
o not inhibit the utility of the technology beyond acceptable means.
 Level 2  <==
This profile extends the "Level 1" profile. Items in this profile exhibit one or more of the following characteristics:
o are intended for environments or use cases where security is paramount
o acts as defense in depth measure
o may negatively inhibit the utility or performance of the …

curl to download all artifacts from artifactory folder

https://www.manageengine.com/products/eventlog/system_requirement.html

We're trying to quickly set up ManageEngine Eventlog analyzer/SIEM for our
Solaris 10 x86   and  RHEL 6  servers : all are 64bit OS.

Somehow I can't locate anything for Solaris 10 x86 : need the agents installer.
Still looking for RHEL6.  I'm not too good with navigating.

Anyone can help locate & give the exact links?

What is difference between this two commands.

info_file_name=`echo $i | cut -d "/" -f 7`
 
info_file_name=`echo $i | cut -d "/" -f 6`

xhost executing successfully for the user who has the direct login access to the OS.

when I swtich to the other user (su) and which doesn't have the direct login access to OS, could not run the xhost command.

Kindly advice, how to achieve the same.

I started with asking what the different is between "mode" and "flag", see: https://www.experts-exchange.com/questions/29122213/What-is-the-difference-between-mode-and-flag.html

However, I see that people are using different definitions for a flag. So it's better to start with the question: what is the definition of a flag? I'm not asking for general definitions, or your own definition, but specifically use the definitions in this post (and if necessary correct them and tell me what's wrong about the existing definition).

See: https://techterms.com/definition/flag

In computer science, a flag is a value that acts as a signal for a function or process. The value of the flag is used to determine the next step of a program. Flags are often binary flags, which contain a boolean value (true or false). However, not all flags are binary, meaning they can store a range of values.

Let's start with:

a flag is a value

So apparently, according to this definition, a flag IS a value. So a flag can not be seen as something that be two different values (two different states).

The next sentence confirms that:

Flags are often binary flags, which contain a boolean value (true or false).

Let's say we have c++ std::bitset, but it's about 1 bit. Firstable, it's important to be aware of the difference between:

1. setting the flag
2. setting the bitset

The bitset can be 1 or 0  (in this case because we have one …

When it's about "flags", I've noticed that different people have different ideas of what a flag is. Some people start to talk about "bit set" when it's about flags. I think the problem lies with the underlaying definitions. It looks like things are not well defined. So for this question, forget about your own ideas/definitions of what a bit set is, just follow the definitions in this post (and change them if necessary). Also forget about flags, this post is specifically about "bitset". First let's start with some "definitions":

See: http://www.cplusplus.com/reference/bitset/bitset/ (std::bitset)

A bitset stores bits (elements with only two possible values: 0 or 1, true or false, ...).

And see: http://www.cplusplus.com/reference/bitset/bitset/set/ (std::bitset::set)

all bits (1)      
bitset& set();
single bit (2)      
bitset& set (size_t pos, bool val = true);

(1) all bits
Sets (to one) all bits in the bitset.
(2) single bit
Sets val as the value for the bit at position pos.

I understand this. But now first let's start at the beginning and let's define a "bit". Let's define it like this:

A bit is an element of two possible binary values: either 0 or 1.

So let's see a bit as a box that contains a ball or a box that doesn't contain a ball. Now let's take a look at a bitset that represents the number 4:

 -----------------------
|0     | 0     |  1     |
|0*2^0 | 0*2^1 |  1*2^2 |
 -----------------------
3 boxes: 
Box 1: no ball
Box 2: no ball
Box 3: ball

Select all Open in new window

…

In reality, the "open file table" is not really a table, but let's say we will see it as a table. Which columns does this table have?

For example, see: https://cseweb.ucsd.edu/classes/sp16/cse120-a/applications/ln/lecture15.html

The open file table contains several pieces of information about each file:

the current offset (the next position to be accessed in the file)
a reference count (we'll explain below in the section about fork())
the file mode (permissions),
the flags passed into the open() (read-only, write-only, create, &c),
a pointer to an in-RAM version of the inode (a slightly light-weight version of the inode for each open file is kept in RAM -- others are on disk), and a structure that contains pointers to all of the .
A pointer to the structure containing pointers to the functions that implement the behaviors like read(), write(), close(), lseek(), &c on the file system that contains this file. This is the same structure we looked at last week when we discussed the file system interface to I/O devices.

So according to this, I would say:

- offset
- reference count
- file mode (permission)
- the flags passed into the open() (read-only, write-only, create, &c),
- pointer to in-RAM inode
- pointer to "read(), write(), close(), lseek(), &c".

But the file descriptor also points to the open file table, so we need another column that connects the "file descriptor table" with the "open file table". So I would add a column like:
…

unix server keep sign out after 1 minute or so on production.

is there is a way i can run some process like

tail -f xyz.gz
to keep continuous rolling until i cancel that so that it wont sign out on me while i focus on some other work  for 30 miinutes and come back it should not signout
please advise