β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Share several IDS open source systems :
1) Prelude IDS
From the perspective of design, it is positioned to meet the needs of large-scale networks, and realizes network detectors, log analyzers, and alarm information centralized viewing and analysis tools. The network detector part is basically a copy of Snort's functions and is fully compatible with Snort's rule set. ( http://www.prelude-ids.org/ )
2) Firestorm
It is a very high-performance network intrusion detection system (NIDS). Currently it only implements the detector part and is fully compatible with Snort's rule set, but plans include real support for analysis, reporting, remote console and real-time sensor configuration. It is fully pluggable, so it is very flexible. It can record alarm information to the Prelude IDS manager. It claims to be much better than Snort in performance. http://www.scaramanga.co.uk/firestorm/
3) NetSTAT
Based on the research results of STAT (State Transition Analysis Technique) describing the attack, using the unique STATL language to describe the attack, the attack description text is converted into C++ code by the STATL interpretation tool and compiled into the detection engine to realize the detection function. It has been released. STATL language interpretation conversion tool and a basic example network detector part (a few examples of detection functions). To be proficient in using this IDS tool requires relatively strong programming skills, but with this IDS, very complex detection functions can be achieved.
http://www.cs.ucsb.edu/~rsg/STAT/
4) It is a real-time network intrusion detection software implemented by Vern Paxson. It was released in 1998 under the BSD license. Its original design goal was to achieve a real-time alarm, separation of mechanism and strategy, and highly scalable intrusion detection and network under a 100M network. Monitor the audit system.
https://www.bro.org/
5) Suricata
It is a system that supports IDS, IPS, and NSM. The system has a Snort-like architecture and relies on signatures like Snort. It can even use the same Emerging Threat rule set used by VRT Snort rules and Snort itself. Suricata is newer than Snort and it will have a chance to overtake Snort. https://suricata-ids.org/
6) OSSEC
OSSEC open source security information management system (OPEN SOURCE SECURITY INFORMATION MANAGEMENT) is an open source host-based intrusion detection system, which can be referred to as HIDS for short. It has log analysis, file integrity check, policy monitoring, rootkit detection, real-time alarm and linkage response functions. https://ossec.github.io/
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Share several IDS open source systems :
1) Prelude IDS
From the perspective of design, it is positioned to meet the needs of large-scale networks, and realizes network detectors, log analyzers, and alarm information centralized viewing and analysis tools. The network detector part is basically a copy of Snort's functions and is fully compatible with Snort's rule set. ( http://www.prelude-ids.org/ )
2) Firestorm
It is a very high-performance network intrusion detection system (NIDS). Currently it only implements the detector part and is fully compatible with Snort's rule set, but plans include real support for analysis, reporting, remote console and real-time sensor configuration. It is fully pluggable, so it is very flexible. It can record alarm information to the Prelude IDS manager. It claims to be much better than Snort in performance. http://www.scaramanga.co.uk/firestorm/
3) NetSTAT
Based on the research results of STAT (State Transition Analysis Technique) describing the attack, using the unique STATL language to describe the attack, the attack description text is converted into C++ code by the STATL interpretation tool and compiled into the detection engine to realize the detection function. It has been released. STATL language interpretation conversion tool and a basic example network detector part (a few examples of detection functions). To be proficient in using this IDS tool requires relatively strong programming skills, but with this IDS, very complex detection functions can be achieved.
http://www.cs.ucsb.edu/~rsg/STAT/
4) It is a real-time network intrusion detection software implemented by Vern Paxson. It was released in 1998 under the BSD license. Its original design goal was to achieve a real-time alarm, separation of mechanism and strategy, and highly scalable intrusion detection and network under a 100M network. Monitor the audit system.
https://www.bro.org/
5) Suricata
It is a system that supports IDS, IPS, and NSM. The system has a Snort-like architecture and relies on signatures like Snort. It can even use the same Emerging Threat rule set used by VRT Snort rules and Snort itself. Suricata is newer than Snort and it will have a chance to overtake Snort. https://suricata-ids.org/
6) OSSEC
OSSEC open source security information management system (OPEN SOURCE SECURITY INFORMATION MANAGEMENT) is an open source host-based intrusion detection system, which can be referred to as HIDS for short. It has log analysis, file integrity check, policy monitoring, rootkit detection, real-time alarm and linkage response functions. https://ossec.github.io/
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NETFLIX SIMILARS APPS :new list
https://www.hoopladigital.com/
https://www.popcornflix.com/
https://tubitv.com/
https://pluto.tv/
https://www.vudu.com/content/movies/free
https://www.imdb.com/tv/
https://www.sonycrackle.com/
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NETFLIX SIMILARS APPS :new list
https://www.hoopladigital.com/
https://www.popcornflix.com/
https://tubitv.com/
https://pluto.tv/
https://www.vudu.com/content/movies/free
https://www.imdb.com/tv/
https://www.sonycrackle.com/
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hoopladigital
hoopla digital: audiobooks, ebooks, movies, tv and comics.
hoopla is a groundbreaking digital media service offered by your local public library that allows you to borrow movies, music, audiobooks, eBooks, comics β¦
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Heartbleeding OpenSSL :
Last year, OpenSSL broke the most serious security vulnerability in history. This vulnerability was named a "heart bleeding" vulnerability in the hacker community. The 360 ββwebsite guard security team analyzed the vulnerability and found that the vulnerability is not only related to URLs beginning with https, but also products and services that indirectly use OpenSSL code, such as VPN, mail system, FTP tools and other products and services, or even possible The source code of some other security facilities will be involved.
A) Affected version
OpenSSL1.0.1, 1.0.1a, 1.0.1b, 1.0.1c, 1.0.1d, 1.0.1e, 1.0.1f, Beta 1 of OpenSSL 1.0.2 and other versions.
B) Vulnerability description
1) OpenSSL has coding flaws when implementing the heartbeat processing logic of TLS and DTLS. OpenSSL's heartbeat processing logic does not detect whether the length field in the heartbeat packet matches the subsequent data field. Attackers can use this to construct an abnormal data packet to obtain subsequent data in the memory area where the heartbeat data is located. These data may contain sensitive information such as certificate private keys, user names, user passwords, and user mailboxes. This vulnerability allows an attacker to read up to 64KB of data from memory.
2) The vulnerability analysis articles of the past few days mainly focused on websites with HTTPS enabled, and ordinary netizens may think that only the website's own business will be affected by this vulnerability. From the monitoring data of the 360 ββwebsite guard Openssl Heartbleed Vulnerability Online Detection Platform (wangzhan.360.cn/heartbleed), the radiation range of the Heartbleed Vulnerability has been extended from the HTTPS-enabled website to the VPN system and mail system. At present, a total of 251 in China have been found. A VPN system and 725 mail systems also have vulnerabilities, many of which are government websites, key universities and related security vendors.
3) In order to better let everyone understand which part of the Openssl painstaking loophole is the problem, we use the OpenSSL lib library to write an independent server program that does not depend on any business, to actually debug the code step by step to prove that it is not only https There is a problem with the website of, as long as the application using the OpenSSL libssl.so library with the vulnerability has a security vulnerability!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Heartbleeding OpenSSL :
Last year, OpenSSL broke the most serious security vulnerability in history. This vulnerability was named a "heart bleeding" vulnerability in the hacker community. The 360 ββwebsite guard security team analyzed the vulnerability and found that the vulnerability is not only related to URLs beginning with https, but also products and services that indirectly use OpenSSL code, such as VPN, mail system, FTP tools and other products and services, or even possible The source code of some other security facilities will be involved.
A) Affected version
OpenSSL1.0.1, 1.0.1a, 1.0.1b, 1.0.1c, 1.0.1d, 1.0.1e, 1.0.1f, Beta 1 of OpenSSL 1.0.2 and other versions.
B) Vulnerability description
1) OpenSSL has coding flaws when implementing the heartbeat processing logic of TLS and DTLS. OpenSSL's heartbeat processing logic does not detect whether the length field in the heartbeat packet matches the subsequent data field. Attackers can use this to construct an abnormal data packet to obtain subsequent data in the memory area where the heartbeat data is located. These data may contain sensitive information such as certificate private keys, user names, user passwords, and user mailboxes. This vulnerability allows an attacker to read up to 64KB of data from memory.
2) The vulnerability analysis articles of the past few days mainly focused on websites with HTTPS enabled, and ordinary netizens may think that only the website's own business will be affected by this vulnerability. From the monitoring data of the 360 ββwebsite guard Openssl Heartbleed Vulnerability Online Detection Platform (wangzhan.360.cn/heartbleed), the radiation range of the Heartbleed Vulnerability has been extended from the HTTPS-enabled website to the VPN system and mail system. At present, a total of 251 in China have been found. A VPN system and 725 mail systems also have vulnerabilities, many of which are government websites, key universities and related security vendors.
3) In order to better let everyone understand which part of the Openssl painstaking loophole is the problem, we use the OpenSSL lib library to write an independent server program that does not depend on any business, to actually debug the code step by step to prove that it is not only https There is a problem with the website of, as long as the application using the OpenSSL libssl.so library with the vulnerability has a security vulnerability!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Send Emails in Laravel Using SMTP :
A) SMTP Setup and Configuration
1) Open the .env file from the root folder of the Laravel project and set up the configuration according to your Gmail account. You must enable the βLess secure appβ option of your Gmail account to send an email using the Gmail SMTP server.
MAIL_MAILER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=465
MAIL_USERNAME=YOUR_EMAIL_ADDRESS
MAIL_PASSWORD=YOUR_PASSWORD
MAIL_ENCRYPTION=ssl
***Note:
2) You may receive the SMTP authentication error while sending emails using the SMTP Gmail account server. Open the StreamBuffer.php file from the following location.
3) /var/www/html/laravelpro/vendor/swiftmailer/swiftmailer/
lib/classes/Swift/Transport/StreamBuffer.php
Find and replace line 259 with the following line to authenticate the Gmail SMTP server.
$options['ssl'] = array('verify_peer' => false, 'verify_peer_name' => false,
'allow_self_signed' => true);
4) Sending Emails Using SMTP
Perform the following steps to send email using the contact form by creating a controller, view, and mail class.
π¦Steps:
5) Run the following command from the terminal to create EmailController to show the contact form and send an email using Laravel mail class.
$ php artisan make:controller EmailController
6) Run the following command to create a mail class named sendingEmail.
7) This will create the class under the App\Mail folder.
$ php artisan make:mail sendingEmail
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Send Emails in Laravel Using SMTP :
A) SMTP Setup and Configuration
1) Open the .env file from the root folder of the Laravel project and set up the configuration according to your Gmail account. You must enable the βLess secure appβ option of your Gmail account to send an email using the Gmail SMTP server.
MAIL_MAILER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=465
MAIL_USERNAME=YOUR_EMAIL_ADDRESS
MAIL_PASSWORD=YOUR_PASSWORD
MAIL_ENCRYPTION=ssl
***Note:
2) You may receive the SMTP authentication error while sending emails using the SMTP Gmail account server. Open the StreamBuffer.php file from the following location.
3) /var/www/html/laravelpro/vendor/swiftmailer/swiftmailer/
lib/classes/Swift/Transport/StreamBuffer.php
Find and replace line 259 with the following line to authenticate the Gmail SMTP server.
$options['ssl'] = array('verify_peer' => false, 'verify_peer_name' => false,
'allow_self_signed' => true);
4) Sending Emails Using SMTP
Perform the following steps to send email using the contact form by creating a controller, view, and mail class.
π¦Steps:
5) Run the following command from the terminal to create EmailController to show the contact form and send an email using Laravel mail class.
$ php artisan make:controller EmailController
6) Run the following command to create a mail class named sendingEmail.
7) This will create the class under the App\Mail folder.
$ php artisan make:mail sendingEmail
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to check available network interfaces, related IP addresses, MAC addresses and interface speed on Linux :
1) By default, when you configure the server, you configure the main network interface.
Sometimes, you may need to configure an additional network interface for several reasons.
2) This can be network connection / grouping or high availability, or a separate interface for applications or backups.
To do this, you need to know how many interfaces your computer has and their speed to configure.
3) There are many commands to check the available network interfaces, but we will only use the IP command.
4) Later we will write a separate article with all these tools.
In this guide, we are going to show you how to find out information about the available network interface card (NIC), such as the interface name, associated IP address, MAC address, and interface speed.
π¦What the IP team does?
1) The IP command is similar to ifconfig, which is used to assign a static IP address, routing and default gateway, etc.
# ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
link / loopback 00: 00: 00: 00: 00: 00 brd 00: 00: 00: 00: 00: 00
inet 127.0.0.1/8 scope host lo
inet6 :: 1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link / ether fa: 16: 3e: a0: 7d: 5a brd ff: ff: ff: ff: ff: ff
inet 192.168.1.101/24 brd 192.168.1.101 scope global eth0
inet6 fe80 :: f816: 3eff: fea0: 7d5a / 64 scope link
valid_lft forever preferred_lft forever
What the ethtool command does
Ethtool is used to query or control the network driver and hardware settings.
# ethtool eth0
1) How to check available network interfaces in Linux using IP command
When you run the IP command without any arguments, it gives you a lot of information, but if you only want the available network interfaces, use the following IP command:
# ip a | awk '/ state UP / {print $ 2}'
eth0:
eth1:
2) How to check IP address of network interface in Linux using IP command
If you want to see which IP address is assigned to which interface, use the following command:
# ip -oa show | cut -d '' -f 2.7
or
ip a | grep -i inet | awk '{print $ 7, $ 2}'
lo 127.0.0.1/8
192.168.1.101/24
192.168.1.102/24
3) How to check the MAC address of a network card in Linux using the IP command
If you only want to see the network interface name and the corresponding MAC address use the following format
# ip link show dev eth0 | awk '/ link / {print $ 2}'
00: 00: 00: 55: 43: 5c
How to check the MAC address of all network interfaces
# vi /opt/scripts/mac-addresses.sh
#! / bin / sh
ip a | awk '/ state UP / {print $ 2}' | sed 's /: //' | while read output;
do
echo $ output:
ethtool -P $ output
done
Run the above script to get the MAC addresses of multiple network interfaces on the screen.
# sh /opt/scripts/mac-addresses.sh
eth0:
Permanent address: 00: 00: 00: 55: 43: 5c
eth1:
Permanent address: 00: 00: 00: 55: 43: 5d
4) How to check the speed of a network interface in Linux using the ethtool command
If you want to check the port speed of a network interface on Linux, use the ethtool command.
To check the speed of a specific port on a network interface.
# ethtool eth0 | grep "Speed:"
Speed: 10000Mb / s
To check the port speed of all network interfaces:
# vi /opt/scripts/port-speed.sh
#! / bin / sh
ip a | awk '/ state UP / {print $ 2}' | sed 's /: //' | while read output;
do
echo $ output:
ethtool $ output | grep "Speed:"
done
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§ How to check available network interfaces, related IP addresses, MAC addresses and interface speed on Linux :
1) By default, when you configure the server, you configure the main network interface.
Sometimes, you may need to configure an additional network interface for several reasons.
2) This can be network connection / grouping or high availability, or a separate interface for applications or backups.
To do this, you need to know how many interfaces your computer has and their speed to configure.
3) There are many commands to check the available network interfaces, but we will only use the IP command.
4) Later we will write a separate article with all these tools.
In this guide, we are going to show you how to find out information about the available network interface card (NIC), such as the interface name, associated IP address, MAC address, and interface speed.
π¦What the IP team does?
1) The IP command is similar to ifconfig, which is used to assign a static IP address, routing and default gateway, etc.
# ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
link / loopback 00: 00: 00: 00: 00: 00 brd 00: 00: 00: 00: 00: 00
inet 127.0.0.1/8 scope host lo
inet6 :: 1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link / ether fa: 16: 3e: a0: 7d: 5a brd ff: ff: ff: ff: ff: ff
inet 192.168.1.101/24 brd 192.168.1.101 scope global eth0
inet6 fe80 :: f816: 3eff: fea0: 7d5a / 64 scope link
valid_lft forever preferred_lft forever
What the ethtool command does
Ethtool is used to query or control the network driver and hardware settings.
# ethtool eth0
1) How to check available network interfaces in Linux using IP command
When you run the IP command without any arguments, it gives you a lot of information, but if you only want the available network interfaces, use the following IP command:
# ip a | awk '/ state UP / {print $ 2}'
eth0:
eth1:
2) How to check IP address of network interface in Linux using IP command
If you want to see which IP address is assigned to which interface, use the following command:
# ip -oa show | cut -d '' -f 2.7
or
ip a | grep -i inet | awk '{print $ 7, $ 2}'
lo 127.0.0.1/8
192.168.1.101/24
192.168.1.102/24
3) How to check the MAC address of a network card in Linux using the IP command
If you only want to see the network interface name and the corresponding MAC address use the following format
# ip link show dev eth0 | awk '/ link / {print $ 2}'
00: 00: 00: 55: 43: 5c
How to check the MAC address of all network interfaces
# vi /opt/scripts/mac-addresses.sh
#! / bin / sh
ip a | awk '/ state UP / {print $ 2}' | sed 's /: //' | while read output;
do
echo $ output:
ethtool -P $ output
done
Run the above script to get the MAC addresses of multiple network interfaces on the screen.
# sh /opt/scripts/mac-addresses.sh
eth0:
Permanent address: 00: 00: 00: 55: 43: 5c
eth1:
Permanent address: 00: 00: 00: 55: 43: 5d
4) How to check the speed of a network interface in Linux using the ethtool command
If you want to check the port speed of a network interface on Linux, use the ethtool command.
To check the speed of a specific port on a network interface.
# ethtool eth0 | grep "Speed:"
Speed: 10000Mb / s
To check the port speed of all network interfaces:
# vi /opt/scripts/port-speed.sh
#! / bin / sh
ip a | awk '/ state UP / {print $ 2}' | sed 's /: //' | while read output;
do
echo $ output:
ethtool $ output | grep "Speed:"
done
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is HTTP and what port does it use?
1) HTTP or HyperText Transfer Protocol is the main protocol responsible for content on the Internet.
2) Most web pages still use this protocol to convey their main website content and allow you to display and view "hypertext" or links.
3) lthough HTTP can use several different media protocols to transition from system to system, the main protocol and port used is TCP port 80.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is HTTP and what port does it use?
1) HTTP or HyperText Transfer Protocol is the main protocol responsible for content on the Internet.
2) Most web pages still use this protocol to convey their main website content and allow you to display and view "hypertext" or links.
3) lthough HTTP can use several different media protocols to transition from system to system, the main protocol and port used is TCP port 80.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is SSH and what port does it use?
1) SSH or Secure Shell is most familiar to Linux users, but ssh has many features that users can use.
2)SSH is designed to create a secure tunnel between devices, be they systems, switches, thermostats, toasters, etc.
3)SSH also has the unique ability to tunnel other programs through it, similar to the VPN concept, so even unsafe programs or programs that run on unsecured connections can be used in a secure state if configured correctly. SSH runs over TCP port 22.
#FastTips
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is SSH and what port does it use?
1) SSH or Secure Shell is most familiar to Linux users, but ssh has many features that users can use.
2)SSH is designed to create a secure tunnel between devices, be they systems, switches, thermostats, toasters, etc.
3)SSH also has the unique ability to tunnel other programs through it, similar to the VPN concept, so even unsafe programs or programs that run on unsecured connections can be used in a secure state if configured correctly. SSH runs over TCP port 22.
#FastTips
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The working principle of sniffer attack
Generally, all network interfaces in the same network segment have the ability to access all data transmitted on the physical media, and each network interface should also have a hardware address, which is different from other network interfaces existing in the network. Hardware address, and at least one broadcast address for each network. (Representing all interface addresses). Under normal circumstances, a legal network interface should only respond to these two data frames:
1) The target area of ββthe frame has a hardware address that matches the local network interface.
2) The target area of ββthe frame has a "broadcast address".
When receiving the data packets in the above two situations, nc generates a hardware interrupt through the cpu, which can attract the attention of the operating system, and then transmit the data contained in the frame to the system for further processing.
3) And sniffer is a kind of software that can set the local nc state to (promiscuous) state. When nc is in this "promiscuous" mode, the nc has a "broadcast address", and it generates one for every frame encountered The hardware interrupts to remind the operating system to process every packet that flows through the physical media. (Most ncs have the ability to be set to promiscuous mode)
4) Visible, sniffer works at the bottom of the network environment, it will intercept all the data being transmitted on the network, and through the corresponding software processing, can analyze the data in real time Content, and then analyze the network status and overall layout. It is worth noting that: sniffer is extremely quiet, it is a negative security attack.
don't clone our tutorials :)
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The working principle of sniffer attack
Generally, all network interfaces in the same network segment have the ability to access all data transmitted on the physical media, and each network interface should also have a hardware address, which is different from other network interfaces existing in the network. Hardware address, and at least one broadcast address for each network. (Representing all interface addresses). Under normal circumstances, a legal network interface should only respond to these two data frames:
1) The target area of ββthe frame has a hardware address that matches the local network interface.
2) The target area of ββthe frame has a "broadcast address".
When receiving the data packets in the above two situations, nc generates a hardware interrupt through the cpu, which can attract the attention of the operating system, and then transmit the data contained in the frame to the system for further processing.
3) And sniffer is a kind of software that can set the local nc state to (promiscuous) state. When nc is in this "promiscuous" mode, the nc has a "broadcast address", and it generates one for every frame encountered The hardware interrupts to remind the operating system to process every packet that flows through the physical media. (Most ncs have the ability to be set to promiscuous mode)
4) Visible, sniffer works at the bottom of the network environment, it will intercept all the data being transmitted on the network, and through the corresponding software processing, can analyze the data in real time Content, and then analyze the network status and overall layout. It is worth noting that: sniffer is extremely quiet, it is a negative security attack.
don't clone our tutorials :)
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β