- aircrack utilities:
airodump-ng: packet capture (e.g.airodump-ng --channel 1 --write ciao eth2)
aireplay-ng: packet injection
aircrack-ng: statik WEP & WPA-PSK cracking
airdecap-ng: decrypt WEP/WPA capture files - Other Utilities:
dsniff (without parms): searches the net for passwords
filesnarf: get files from NFS traffic
mailsnarf: get mails from SMTP and POP traffic
urlsnarf: get requested URLs
webspy: display sniffed URLs in netscape in real-time
ettercap: boh - tcptraceroute
like traceroute but instead of using UDP it uses TCP in order to avoid to be stopped by firewalls - lft
like traceroute but somehow different.
In order to get the real IP address from your router you can download the configuration file with:
wget --user= --password= /doc/home.htm - The webmin admin port is https://localhost:10000
- To create a mirror /relay for http try:
socat TCP4-LISTEN:80 TCP4::80 - Syntax of lftp is:
lftp -u
To upload a directory to the remote server, after that use:
mirror -RL - To change in Webmind (gentoo) the password of a user type:
/usr/libexec/webmin/changepass.pl /etc/webmin - The password for apache2 is generated by htpasswd2 or htdigest2 depending on the auth method used.
- IP-Address + Port = Socket.
- To spoof/wardrive/listen to wireless traffic/communications not intended for the local pc using a Centrino wireless adapter (which uses ipw2200 drivers) do:
- Shutdown the network (e.g. /etc/init.d/net.eth2 stop)
- Type "echo 1 > /sys/bus/pci/drivers/ipw2200/*/rtap_iface"
- Shutdown the interface driver with "modprobe -r ipw2200"
- Restart the interface driver with "modprobe ipw2200" - Use "mtr" for a better combination of traceroute and ping.
- Use ifconfig in order to change the MAC address of the network card:
ifconfig eth2 hw ether 00:01:02:03:04:05 - Use "scp" to copy files from one machine to another through ssh:
scp username@10.0.0.1:/dir1/dir2/* . - Use "nmap" to discover your home network. A good article about it is http://www.enterprisenetworkingplanet.com/netos/article.php/3650131. E.g.:
nmap 10.0.0.* discovers the network.
nmap -sP 10.0.0.* reports all kind of stuff.
nmap -sS -O 10.0.0.* guesses the operating system that is running on the target hosts.
knetscan does the same (uses nmap in the background) but has a graphical user interface.
nmap -p0-65535 10.0.0.* scans all ports of all 10.0.0.*-hosts. - Use Knocker to check your system for open ports.
- The config file for NFS is /etc/exports. After changing it run the commands exportfs -ra && /etc/init.d/nfs reload.
- Read this in order to know how to install the drivers needed by Intel's 4965AGN's wireless adapter on Linux. Source files are here (the driver should be included in future 2.6.24 kernels). The drivers for mac80211 do not need to be installed as they're already included in the kernel (>= 2.6.23). For Gentoo, put the firmware drivers under /lib/firmware (create the directory if it does not exist yet). Use iwconfig in order to know how the net.* is called. Run iwconfig while attempting to connect to the access point in order to be able to see its MAC and appropriately configure the access point. Additionally in /etc/conf.d/rc, set RC_PLUG_SERVICES="!net.*", so that the ethernet connection does not get automatically started, and finally in /etc/modules.autoload.d/kernel-2.6 mention the module ieee80211_crypt_wep (or the wpa one, if you're using WPA) that you selected in the kernel. If the wlan is failing to start when booting, add a timeout - the modules need some time in order to become active.
- How to create a HTTP tunnel: http://linuxwiki.de/HttpTunnel
- Configuration to setup SMTP to be able to send emails: http://gentoo-wiki.com/HOWTO_Gmail_and_sSMTP
- If the network connection using KVM is slow (e.g. copying a file), make sure that only the network module "8139cp" is compiled and running. Eventually give as parameter "model=rtl8139" to the option "-net".
- If mounting a NFS doesn't work with the error message "mount.nfs: rpc.statd is not running but is required for remote locking", make sure "rpc.statd" is not only running on the server, but as well on the client.
- To know to which interface a network card was assigned (by UDEV), have a look at /sys/class/net. There will be e.g. eth0, eth1, and so on... listed. Going into one of those directories and having a look at uevent will show you to which module (PHYSDEVDRIVER) that interface belongs to. It will be e.g. e1000e and with lspci -v | less and searching for e1000e you will know to which physical device it will belong.
- Use iperf to test the network speed. You'll have to run two of them - one on the server, one on the client.
- Set "ChallengeResponseAuthentication" to "no" in sshd_conf to avoid that users can login using ssh using the password-challenge. Only a known public certificate will allow the login.
- Pidgin - a very good irc client.
- For the openfire chat server, after installing it make sure to run chown -R jabber:jabber /opt/openfire to change file permissions to the user jabber. Without this, the server will always listen to the port 9090, doesn't matter what you put into /opt/openfire/conf/openfire.xml and the configuration won't save anything, always looping endlessly.
- To configure the iptables firewall use Firewall Builder (package fwbuilder) or KMyFirewall (package kmyfirewall).
- Create tunnels using OpenSSH:
- Let's say that the current situation is that:
- I have on server 123.123.123.123 a VNC server running, listening to the default port 5901.
- On that server I don't want to open in the firewall config the port 5901 as it would be unsecure.
- Normally if on that server the port would be open I would connect to VNC using the command:
vncviewer 123.123.123.123:1
- I have on that server sshd listening on port 56666 - I can create a SSH-tunnel for the VNC connection with:
ssh -L localhost:5901:123.123.123.123:5901 -p 56666 root@123.123.123.123 - And afterwards I can connect to it with:
vncviewer localhost:1 - Use additionally "-f -N" to make ssh go to the background ("-f") and to establish the connection in this case ("-N"). Use then the "kill" command to terminate this connection.
- Let's say that the current situation is that:
- To copy files and/or directories which contain special chars using sftp escape each special char. Directories containing blanks must be enclosed in quotes. Example:
sftp 123.123.123.123:"/a blank dir \!/my special f\&le.txt" . - To generate using OpenSSL a public RSA certificate using an already existing private one:
openssl rsa -in my_priv_cert.pem -pubout > my_pub_cert.pem - List programs listening on which IP address and port:
netstat -anp - Citadel and Webcit: how to access the "Edit your push email settings" menu entry under "Advanced":
Change in the file "/usr/share/citadel-webcit/static/t/menu/your_info.html" (path might differ for non-Gentoo distributions) on the line that contains the entry "Edit your push email settings" the string "prefs_pushemail" with "display_pushemail". Restart Webcit. - Use ncat to read/write data through the network without ssh, sftp, etc... .
- Show the activity (in bytes) that ipfilter is having:
iptables -L -v
e.g. iptables -L fail2ban-banallports -v - IPv6 at home:
- SixXS registration: Provides IPv4/IPv6 tunneling.
- SixXS client instructions: SixXS Aiccu installation instructions.
- SixXS Gentoo instructions: SixXS Aiccu installation instructions for Gentoo.
- SixXS FAQ: 10 easy mini steps to IPv6.
- Gentoo IPv6 Router Guide: Gentoo IPv6 activation instructions.
- Loadbalancing configuration for an Apache virtual server:
(please replace the characters "[" and "]" with the arrows)
=============================
[VirtualHost *:80]
ServerName changethisservername.com#Create a cookie deployed on the client's browser to make the session sticky
Header add Set-Cookie "MYCOOKIE=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED[Proxy balancer://anyname]
BalancerMember http://changethistargethost1.com route=1
BalancerMember http://changethistargethost2.com route=2
Order allow,deny
Allow from all#For session stickyness
ProxySet stickysession=MYCOOKIE
[/Proxy]ProxyPass / balancer://anyname/
ProxyPassReverse / balancer://anyname/
[/VirtualHost]
=============================