- iptables -t filter -nL display all the chain rules
- iptables -nL
- iptables -t nat -L show all chain rules NAT-table
- iptables -t filter -F clear all the rules in the chain of filter-table
- iptables -t nat -F clear all the rules in the chain of NAT-table
- iptables -t filter -X remove all user-chain rules in filter-table
- iptables -t filter -A INPUT -p tcp --dport telnet -j ACCEPT allow telnet incoming connection
- iptables -t filter -A OUTPUT -p tcp --dport http -j DROP block http outcoming connection
- iptables -t filter -A FORWARD -p tcp --dport pop3 -j ACCEPT allow forwarding
Wednesday, December 17, 2008
Quik Note: iptables
Sunday, December 7, 2008
Quik Note: Monitoring and debugging
- ps -eafw display running processes and resources that they use
- ps -e -o pid,args --forest display PIDs and process as a tree
- pstree display process tree
- kill -TERM 98989 complete correctly the process with PID 98989
- kill -1 98989 make the process with PID 98989 reread configuration file
- lsof -p 98989 display files opened by process with PID 98989
- lsof /home/user1 display opened file from home user1 directory
- strace -c ls >/dev/null display syscalls list that take and gave ls
- strace -f -e open ls >/dev/null display library's syscalls
- watch -n1 'cat /proc/interrupts' display interrupts in real time
- last reboot display system reboot history
- last user1 display login's history user1
- lsmod display loaded kernel mdule
- free -m dysplay RAM state in mb
- smartctl -A /dev/hda control hard drive /dev/hda with SMART
- smartctl -i /dev/hda check SMART accessibility on hard drive /dev/hda
- tail /var/log/dmesg print 10 last write from kernel load log
- tail /var/log/messages print last 10 write from system log
Tuesday, October 21, 2008
Kernel way in Wi-Fi securiry
Introduction.
Currently, the topic of security in Wi-Fi networks is extremely popular. There are a lot of HOWTO for break WEP and WPA in the WEB. But there is no article about protecting WI-FI. In this article we will try to share our resech.
Note: Those who do not see anything terrible in that your neighbor will get a few of clips from your WI-FI, please remember such things as snifing, sending spam from you, compromise access point, the creation of fake DNS servers and other fun.
Note: Those who do not see anything terrible in that your neighbor will get a few of clips from your WI-FI, please remember such things as snifing, sending spam from you, compromise access point, the creation of fake DNS servers and other fun.
Wardriwer's nightmare.
Imagine that you read all those articles about security. So you want practice. You took kismet, ettercap etc. You find victim, a network of your neighbor John Smith. Everything is on the scenario, you get a key and connect to the network. You can You can ping all nod's in network. And all the wonderful. But you coudnot work with network at else, you can not go on the Internet, you coudn't go to neighbor's share, you coudn't sniff any password. And any else think "What the shit?.."
What was this shit.
There is not only possible but fairly easy, to realise this nightmare. You need to install on al nods in network spesial kernel module, aka stelth-patch, which will intercept packets at the network level, to take data of the package and convert it for you given algorithm. Why the network level? The fact is that at this level checksum considered only for header. (Of course checksum considered CRC32 through which it is possible to break down. But we think that this staet theme of the next article. Until we have enough of that)
Realization.
It describes the creation of a special kernel module for Unix - like operating systems.
Why Linux? Well, in - first because the kernel is based on a modular principle, and these modules will find it easy to apply; in - the second is open source that helped deal with the interaction of the system kernel sockets.
Kernel module is a special way compile program. You can download sources here. Encoding algorithm the easiest, but it certainly can be replaced. For configuring and install module you must write your Wi-Fi device name in /etc/ip_hack.conf and start /etc/init.d/ip_hack. Thats al ;)
We want to note that module must be at the side of the workstation and at the access point. Almost all access points has Unix-like OS as operating system. And you can change firmware with intergated module.
P. S. How to change firmware we tell next time.
Why Linux? Well, in - first because the kernel is based on a modular principle, and these modules will find it easy to apply; in - the second is open source that helped deal with the interaction of the system kernel sockets.
Kernel module is a special way compile program. You can download sources here. Encoding algorithm the easiest, but it certainly can be replaced. For configuring and install module you must write your Wi-Fi device name in /etc/ip_hack.conf and start /etc/init.d/ip_hack. Thats al ;)
We want to note that module must be at the side of the workstation and at the access point. Almost all access points has Unix-like OS as operating system. And you can change firmware with intergated module.
P. S. How to change firmware we tell next time.
What about this blog
This blog is about programming, operation system, network and "Life, The Universe And Everything" ;).
We want publish something interesting, usefull or just appeared us interesting and useful. Authors responsible for information as well as you neighbor who recommend clean gums with gasoline.
If someone will find here something useful, we will be pleasher, if not so what;)
We want publish something interesting, usefull or just appeared us interesting and useful. Authors responsible for information as well as you neighbor who recommend clean gums with gasoline.
If someone will find here something useful, we will be pleasher, if not so what;)
Subscribe to:
Posts (Atom)
View Alina Stepina's profile