Tuesday, December 27, 2016

Centos 7 Firewall

In order to allow port 22 on centos 7  I followed what was given in the following link


Monday, December 19, 2016

A processes elapsed time (etime)

Using ps we can find the elapsed time for a process, when we know its process ID.

ps -eo pid,etime,command | grep

Monday, December 5, 2016

Screen - Linux Utility

Screen is an linux utility to do tasks on many terminal, with just one SSH connection to a server.  We can consider it somewhat like the tabs on our browser.

To start Screen

$ screen -S Bala
The word Bala will be attached to this version of screens.  This means to say that I can open another screen which has its one set of tables with another name of Test with the command "screen -S Test"

CTRL+A & press c
To create a new Tab inside the screen
CTRL+A & press n
To switch between the tabs.
CTRL+A & press d
To detach from this screen instance to be reconnected later.
Screen -ls
This can be used to list all screen process like Bala or Test.
Screen -r
This can be used to reattach to the detached screen.
CTRL+A & Shift s
To Split the screen horizontally
CTRL+A & Tab
To move to the split screen.
CTRL+A & press c
To get the prompt here
CTRL+A & Shift x
To remove the split screen.
10        CTRL+A [                              To scroll in the screen and press ESC to get out of copy mode.


Put this in .screenrc

# skip the startup message
startup_message off

# go to home dir

# Automatically detach on hangup. 
autodetach on

# Change default scrollback value for new windows
defscrollback 10000

# start with visual bell as default
vbell on
vbell_msg "bell on %t (%n)"

# look and feel
caption always "%{= bb}%{+b w}%n %t %h %=%l %H %c"
hardstatus alwayslastline "%-Lw%{= BW}%50>%n%f* %t%{-}%+Lw%<"

activity "Activity in %t(%n)"

shelltitle "shell"
shell -$SHELL

Wednesday, June 1, 2016

snort oinkmaster

To modify Signatures using oinkmaster.

modifysid 1000000 "\$EXTERNAL_NET" | "!\$HOME_NET"

modifysid 1000001 "\$EXTERNAL_NET" | "![,]"

modifysid 1000001 "\-> any" | "\-> ![]"

disablesid 1000002

DANGER:  Don't you dare leave spaces between the IP address while you are negating them in modifysid shown in the second line.  The reference for that is shown below from snort manual.

Wednesday, April 6, 2016

Auto shutdown - Debian



5 1 6 4 * /sbin/shutdown -h now /var/log/shut.log

Sunday, March 20, 2016

Different EAP

* Cisco purely password-based Lightweight EAP(LEAP).

* Other vendors&Microsoft, use EAP and Transport Layer Security (EAP-TLS), which carries out authentication through digital certificates.

If EAP-TLS is being used, the authentication server and wireless device exchange digital certificates for authentication purposes.

When EAP-TLS is being used, the steps the server takes to authenticate to the wireless device are basically the same as when an SSL connection is being set up between a web server and web browser. Once the wireless device receives and validates the server’s digital certificate, it creates a master key, encrypts it with the server’s public key, and sends it over to the authentication server. Now the wireless device and authentication server have a master key, which they use to generate individual symmetric session keys. Both entities use these session keys for encryption and decryption purposes, and it is the use of these keys that sets up a secure channel between the two devices.

* Protective EAP (PEAP), where only the server uses a digital certificate.

 If PEAP is being used instead, the user of the wireless device sends the server a password and the server authenticates to the wireless device with its digital certificate.

* EAP-TTLS provides authentication that is as strong as EAP-TLS, but it does not require user certificate. however require server certificates.

User authentication is performed by password, but the password credentials are transported in a securely encrypted tunnel established based upon the server certificates.

* EAP-Tunneled TLS (EAP-TTLS) is an EAP protocol that extends TLS. 

Thursday, February 11, 2016

Using Tar

We can use TAR to get a bulk of files and directories from one machine with their absolute path and move to another machine in the same absolute path with the following commands.

$ cat files.txt

Now for creating a tar file with the directory structure shown above issue the following command.
$ tar cvpfP a.tar -T files.txt

c will create the archive called a.tar
v will give us a verbose output
p will preserve the permission of the file
f will use the following archive file name
P will not ignore the / before the tmp.

Now for deflating all the files and folders in the corresponding absolute path use the following command.
$ tar xvpfP a.tar

Saturday, January 2, 2016