Misc

From Network Security Wiki
Jump to navigation Jump to search


Network

TFTP Server Installation

sudo apt-get install tftpd-hpa
sudo apt-get install tftp
sudo nano /etc/defualt/tftpd-hpa
  TFTP_USERNAME="tftp"
  TFTP_DIRECTORY="/home/amana/Public"
  TFTP_ADDRESS="0.0.0.0:69"
  TFTP_OPTIONS="--secure --create"
sudo service tftpd-hpa restart
tftp 192.168.1.2
tftp> get test
  Sent 159 bytes in 0.0 seconds
tftp> quit
cat test

Ser2Net

Terminal servers:

The main advantage of a terminal server is that you can get console access to your hardware from a distance, using a network connection. It doesn’t matter if you are in the next room or in another country as long as you have connectivity to your terminal server. You have 3 options:

Use a terminal server specifically made to do that. Cisco, Cyclades or another brand,  it doesn’t really matter.
Use a Cisco router as a terminal server by adding serial cards.
Make your own terminal server using a PC.

It is easy to set up the terminal server using a program called Ser2net. Once your USB adapters are detected by Linux (check with dmesg), they are usually named ttyUSB0, ttyUSB1 etc. Next step is to install ser2net:

apt-get install ser2net.

Configuring Ser2net: Ser2net is a service that maps TCP ports to your USB ports. You need to make changes in its configuration file.

sudo nano /etc/ser2net.conf

The file should look like the following, for instance if you have 5 USB adapters:

2000:telnet:0:/dev/ttyUSB0:9600 8DATABITS NONE 1STOPBIT banner
2001:telnet:0:/dev/ttyUSB1:9600 8DATABITS NONE 1STOPBIT banner
2002:telnet:0:/dev/ttyUSB2:9600 8DATABITS NONE 1STOPBIT banner
2003:telnet:0:/dev/ttyUSB3:9600 8DATABITS NONE 1STOPBIT banner
2004:telnet:0:/dev/ttyUSB4:9600 8DATABITS NONE 1STOPBIT banner

The first number corresponds to the TCP port to reach respective switches linked by USB serial adapters.

Finally restart set2net.

sudo /etc/init.d/ser2net restart

Let’s suppose your terminal server has the 192.168.1.2 IP address, you should be able to connect to your Cisco device using telnet.

telnet 192.168.1.2 2000
ser2net port 2000 device /dev/ttyUSB0 [9600 N81] (Debian GNU/Linux)
SW1#

Minicom: USB Serial Console

Purchase a USB to Serial adapter that supports Linux & do not require a driver in Linux Make sure the item is plugged in at boot time

Install Minicom:

dmesg | grep tty
  name="/dev/ttyUSB0" 
sudo minicom -s
  select "Serial Port Setup"
  Change the line speed (press E) & change to "9600"
  Change the hardware flow control (press F) & change to "No"
  Change the serial device (press A) & change to "/dev/ttyS0"
  Or to use your USB port, change the serial device to "/dev/ttyUSB0"
  "Escape" 
  "Save setup as dfl"
  "Exit Minicom"

To find out if you have configured Minicom correctly:

sudo minicom

you should be connected to your Cisco device.

If you see a bunch of gibberish every time you connect to a device:

sudo minicom -s
"Modem and dialing"
 Press "A" to edit the Init string, delete all characters
"Save setup as dfl"

Firefox Speedup

about:config
 network.http.pipelining -> true
  network.http.pipelining.maxrequests -> 8 (default=32)
  network.http.proxy.pipelining -> true
  network.dns.disableIPv6 -> true
  plugin.expose_full_path -> true
  Right click -> New -> Integer -> "nglayout.initialpaint.delay"  ->  0 in value
  Right click -> New -> Integer -> "content.notify.backoffcount"  ->  5 in value
  Right click -> New -> Integer -> ui.submenuDelay -> 0 in value

Some more Tweaks

  • Enable the spellchecker for inputfields and textareas (default is textareas only) layout.spellcheckDefault=2 (default=1)
  • Open lastfm://-links directly in amarok -> network.protocol-handler.app.lastfm=amarok & network.protocol-handler.external.lastfm=true

Firefox Memory Leak Fix

  • Right-click -> New -> Integer -> browser.cache.memory.capacity

This is where you decide how much memory to allocate to Firefox. This depends on how much RAM your computer has. A good recommended setting is 16MB. If you want 16MB, enter this value into the dialog prompt: 16384 then close all instances of Firefox and restart. If your Firefox still uses the same amount of memory, give it a few minutes and it should slowly clear up. If that fails, try a system reboot.

Firefox open Tabs in Background

about:config
browser.tabs.loadDivertedInBackground    =>   true

Test IPv6 Web access

nslookup
 > set type=AAAA
 > www.facebook.com

Ntop

sudo apt-get install ntop -y
sudo ntop --set-admin-password
sudo ntop -u ntop -d

Change interfaces:

sudo gedit /var/lib/ntop/init.cfg
sudo /etc/init.d/ntop start
http://127.0.0.1:3000

For Latest Version:

sudo apt-get install libpcap-dev libgdbm-dev libevent-dev librrd-dev python-dev libgeoip-dev
svn co https://svn.ntop.org/svn/ntop/trunk/ntop
./autogen.sh
make
install the latest libpcap from internet
make install

Netstat

List out all connections from different protocols like tcp, udp and unix sockets:

netstat -a

List only TCP or UDP connections

netstat -at
netstat -au

Disable reverse dns lookup for faster output

netstat -ant

List out only listening connections

netstat -tnl

Get process name/pid and user id

sudo netstat -nlpt   =PID
sudo netstat -ltpe   =User

Print statistics

netstat -s

Display kernel routing information

netstat -rn

Print network interfaces

netstat -i
netstat -ie   = Human friendly

Get netstat output continuously

netstat -ct

Display multicast group information

netstat -g

Print active connections

netstat -atnp | grep ESTA

Check if a service is running

sudo netstat -aple | grep ntp


Parameters

a - All
t - TCP
u - UDP
n - No DNS lookup
l - Listening
i - Interface
o - PID (windows)
p - PID (Linux)
s - statistics

DIG

View Short Output

dig redhat.com +short

Display Only the ANSWER SECTION

dig redhat.com +nocomments +noquestion +noauthority +noadditional +nostats
dig redhat.com +noall +answer

Use a Specific DNS server Using dig @dnsserver

dig @ns1.redhat.com redhat.com

DNS Reverse Look-up

dig -x 209.132.183.81 +short

View ALL DNS Records Types

dig redhat.com ANY +noall +answer
dig @ns1.redhat.com redhat.com ANY +noall +answer

Query MX Records

dig redhat.com  MX +noall +answer



Misc

Install NST to Flash or HDD

 
livecd-iso-to-disk --reset-mbr --noverify --overlay-size-mb 1024 --home-size-mb 256 --unencrypted-home /tmp/nst-2.13.0.x86_64.iso /dev/sdc1

Play RAR Video

sudo apt-get install unrar vlc
unrar p -inul /example/path/to/Some.Scene.Release/some.sr.r00 | vlc -
  p      = outputs the extraction data of the file
  -inul  = disables error messages

can only pause and play the file, but not rewind or fast forward.

Shortcut:

gedit ~/.bashrc
PATH=$PATH:$HOME/bin
mkdir ~/bin
gedit ~/bin/rarvideo
#! /bin/sh
unrar p -inul $1 | vlc -
chmod u+x ~/bin/rarvideo
bash
rarvideo somerarfile.r00

you can also right click a rar file in nautilus and choose "open with" and type in rarvideo

Change IP address of Tor

(echo authenticate '"password"'; echo signal newnym; echo quit) | nc localhost 9051

Edit Grub

Press Alt+F2 > gksudo gedit /etc/default/grub
   GRUB_DEFAULT=0                                                        ==>> Default OS
   GRUB_HIDDEN_TIMEOUT=0
   GRUB_HIDDEN_TIMEOUT_QUIET=true
   GRUB_TIMEOUT=10                                                       ==>> Grub Menu Timeout
   GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
   GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
   GRUB_CMDLINE_LINUX=""
sudo update-grub

Enable Desktop Notifications in VLC on Ubuntu

VLC > Tools > Preferences.
Click the circle next to ‘all’.
search > Enter ‘notify’
Select 'Control Interfaces’ and check the box next to ‘LibNotify Notification Plugin’.

CLI QR Encoder

​sudo apt-get install qrencode
qrencode -t ANSI "Hello World"​

Create Hotspot in Ubuntu

Source ubuntuhandbook.org

  • Verify if AP mode is supported:
iw list | grep AP
  • Install Connection Editor:
sudo apt-get install plasma-nm
kde-nm-connection-editor
  • Click Add button and choose “Wireless (shared)” from the drop-down list.
  • Type in a name, ssid, and select Access Point mode. Set up a password under Wireless Security tab if required.
  • Connected to Wired internet.
  • Click Network Manager applet on Unity panel and then choose the connection you created in previous step and click Connect button.


PPPoE Router Testing

I used this Lab to verify if my WiFi router is working properly or is faulty.
My ISP was insisting that the router is faulty.
So I decided to test it myself using GNS3.

Pppoe testing.png
ISP Router Config - PPPoE Server - R1
username Cust1 password 0 ciscopppoe

bba-group pppoe global
 virtual-template 1
interface Ethernet0/0
 no ip address
  
pppoe enable group global

interface Virtual-Template1 
 mtu 1492
 ip address 10.0.0.254 255.255.255.0
 peer default ip address pool PPPoEPOOL
 ppp authentication chap callin

ip local pool PPPoEPOOL 10.0.0.1 10.0.0.10
PPPoE Client(to verify configuration of R1) - R2
interface Ethernet0/0
 no ip address
 half-duplex
 pppoe enable group global
 pppoe-client dial-pool-number 1

interface Dialer1
 mtu 1492
 ip address negotiated
 encapsulation ppp
 dialer pool 1
 ppp authentication chap callin
 ppp chap hostname Cust1
 ppp chap password 0 ciscopppoe
ip route 0.0.0.0 0.0.0.0 Dialer1
  • Now Test the PPPoE Server by running following commands:
ISP Router
debug ppp authentication
debug pppoe events
PPPoE Client
show pppoe session
show ip interface brief
  • If the above setup is working as expected, Open the WebUI of the Router and assign the username as "Cust1" and password "ciscopppoe" to the PPPoE connection.
  • Now connect a LAN Cable from the Internet port of your Router to the LAN Port of your PC.
  • If the Router/Ports are fine, the connection should be UP now. Verify from the debug commands.


Installing WebKeePass

Source: Raman-kumar.blogspot.in

Installing WebKeePass Server in CentOS:

  • Installing Java JDK:
sudo yum install java-1.7.0-openjdk-devel
java -version
  • Setting JAVA_HOME:
find / -name java | grep -i jdk
  /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/bin/java
  /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/bin/java
nano .bash_profile
  JAVA_HOME=/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64

or

export JAVA_HOME=/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64

Verify:

echo $JAVA_HOME
/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64


wget http://sourceforge.net/projects/webkeepass/files/WebKeePass-3.121122.zip/download
unzip WebKeePass-3.121122.zip
cd WebKeePass-3.121122
chmod 777 Install.sh
./Install.sh
Select Y
Installation Path:      /usr/local/webkeepass-3.12
JAVA_HOME' Path:        /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64
chmod u+x ./jakarta-tomcat-5.5.7/bin/*.sh
chmod u+x ./startup.sh
./startup.sh
 Using CATALINA_BASE:   /usr/local/webkeepass-3.12/jakarta-tomcat-5.5.7
 Using CATALINA_HOME:   /usr/local/webkeepass-3.12/jakarta-tomcat-5.5.7
 Using CATALINA_TMPDIR: /usr/local/webkeepass-3.12/jakarta-tomcat-5.5.7/temp
 Using JAVA_HOME:       /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64
  • To stop service/tomcat
/usr/local/webkeepass-3.12/jakarta-tomcat-5.5.7/bin/shutdown.sh
  • Add exception in the iptables firewall:
iptables -A INPUT -p tcp --dport 8443 -j ACCEPT
  • The WebUI must be accessbible from the following URL:
https://x.x.x.x:8443




blog comments powered by Disqus