β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How to evaluate OS security full by UnderCode :
twitter.com/UndercOdeTC
π¦LETS START:
1) ---- With the development of the network, enterprises are connecting their local area network into a wide area network or their internal network into the Internet. This gives more and more people (internal and external) the opportunity to access internal network resources. As a result of this exposure, companies urgently need to address cybersecurity issues.
2) ---- A major part of providing effective security is assessing how well the existing security mechanisms are integrated with the company's network security policiesβthat is, determining whether the security policies are effectively implemented. The increasing complexity of the network makes it more and more difficult to implement security policies.
3) ---- Assessing the effectiveness of each network security component is necessary to ensure effective network security. The two main components that provide network security are: the firewall and the operating system (OS).
4) ---- Many companies focus their efforts on firewalls, and according to reports provided by the Aberdeen Group, the most vulnerable security holes are those that exist in the operating environment. Some vendors are committed to providing a reliable version of the operating environment, while most offer only optional, installable security services.
5) ---- The security mechanism of the operating system helps protect the machine running the OS from unauthorized access. Special protection is given to unauthorized access to specific information within the machine, specific machine instructions, and UNIX superuser instructions. Most firewalls and the Internet themselves are built on a standard, unsecured UNIX operating environment. This is why everyone is not surprised by the existence of security threats. UNIX is very insecure, it is difficult to configure, and configuration errors can lead to vulnerabilities.
π¦ The following two factors make the OS security mechanism very important:
1) A second line of defense is provided behind the firewall. Hackers often break through or bypass firewalls, and OS security policies can effectively protect the system against such intruders.
2) Defense against intruders in the enterprise. Internal intruders are already inside the firewall, and FBI reports indicate that more than 60% of computer crimes originate from within the enterprise. In most cases, the offenders are those angry employees or contract contractors.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How to evaluate OS security full by UnderCode :
twitter.com/UndercOdeTC
π¦LETS START:
1) ---- With the development of the network, enterprises are connecting their local area network into a wide area network or their internal network into the Internet. This gives more and more people (internal and external) the opportunity to access internal network resources. As a result of this exposure, companies urgently need to address cybersecurity issues.
2) ---- A major part of providing effective security is assessing how well the existing security mechanisms are integrated with the company's network security policiesβthat is, determining whether the security policies are effectively implemented. The increasing complexity of the network makes it more and more difficult to implement security policies.
3) ---- Assessing the effectiveness of each network security component is necessary to ensure effective network security. The two main components that provide network security are: the firewall and the operating system (OS).
4) ---- Many companies focus their efforts on firewalls, and according to reports provided by the Aberdeen Group, the most vulnerable security holes are those that exist in the operating environment. Some vendors are committed to providing a reliable version of the operating environment, while most offer only optional, installable security services.
5) ---- The security mechanism of the operating system helps protect the machine running the OS from unauthorized access. Special protection is given to unauthorized access to specific information within the machine, specific machine instructions, and UNIX superuser instructions. Most firewalls and the Internet themselves are built on a standard, unsecured UNIX operating environment. This is why everyone is not surprised by the existence of security threats. UNIX is very insecure, it is difficult to configure, and configuration errors can lead to vulnerabilities.
π¦ The following two factors make the OS security mechanism very important:
1) A second line of defense is provided behind the firewall. Hackers often break through or bypass firewalls, and OS security policies can effectively protect the system against such intruders.
2) Defense against intruders in the enterprise. Internal intruders are already inside the firewall, and FBI reports indicate that more than 60% of computer crimes originate from within the enterprise. In most cases, the offenders are those angry employees or contract contractors.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Assessing OS security is quite difficult, especially for UNIX, because it has many variants and vendors. Assessing the security of a UNIX system requires proficiency in the following three areas:
instagram.com/UnderCodeTestingCompany
π¦LETS START:
1) setting up a UNIX system
2) Weaknesses brought by various versions of UNIX applications, including sending mail, FTP, NFS (Network File System) and TFTP (Simple File Transfer Protocol)
3) Security Patches-The
operating system is constantly patching BUGS and adding features to complicate assessments, and these updates introduce new security vulnerabilities. What is needed is a way to automatically assess operating system vulnerabilities and automatically enforce security policies. Only in this way can the gap between security policy and security enforcement be effectively assessed and closed.
4) The OS security scan file provides exactly the required solution. Scanning software runs on each machine and probes each machine through a series of tests to unearth potential weaknesses. This software evaluates the stand-alone security environment from an operating system perspective and generates a detailed report of the vulnerabilities it finds and proposes solutions.
5) System Security Scanner (S3) from ISS is a security assessment tool that facilitates the management and implementation of security policies. It enables enterprises to implement security policies across heterogeneous operating platforms. Currently, S3 supports most popular UNIX versions, including Linux, SunOS 4.1.3, Solaris, HP-UX, and AIX. It helps companies automate security assessments and maintenance on their operating system platforms. With this effective tool, companies can use the full potential of their networks to continuously increase their competitivenessβwithout having to worry about security.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Assessing OS security is quite difficult, especially for UNIX, because it has many variants and vendors. Assessing the security of a UNIX system requires proficiency in the following three areas:
instagram.com/UnderCodeTestingCompany
π¦LETS START:
1) setting up a UNIX system
2) Weaknesses brought by various versions of UNIX applications, including sending mail, FTP, NFS (Network File System) and TFTP (Simple File Transfer Protocol)
3) Security Patches-The
operating system is constantly patching BUGS and adding features to complicate assessments, and these updates introduce new security vulnerabilities. What is needed is a way to automatically assess operating system vulnerabilities and automatically enforce security policies. Only in this way can the gap between security policy and security enforcement be effectively assessed and closed.
4) The OS security scan file provides exactly the required solution. Scanning software runs on each machine and probes each machine through a series of tests to unearth potential weaknesses. This software evaluates the stand-alone security environment from an operating system perspective and generates a detailed report of the vulnerabilities it finds and proposes solutions.
5) System Security Scanner (S3) from ISS is a security assessment tool that facilitates the management and implementation of security policies. It enables enterprises to implement security policies across heterogeneous operating platforms. Currently, S3 supports most popular UNIX versions, including Linux, SunOS 4.1.3, Solaris, HP-UX, and AIX. It helps companies automate security assessments and maintenance on their operating system platforms. With this effective tool, companies can use the full potential of their networks to continuously increase their competitivenessβwithout having to worry about security.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Introduction to common Linux network security tools by UnderCode
pinterest.com/UnderCodeOfficial
π¦LETS START:
1) Although various versions of Linux distribution comes with a lot of free open-source software, but there are still a large number of useful tools are not default.
γγ
2) Included in their installation CDs are, in particular, some toolkits that can enhance Linux network security, and most of them are also open source free software.
π¦ Here is a brief introduction to several tools to enhance Linux network security.
1) sudo
γγ sudo is a program used by system administrators to allow some users to run some / all system commands as root. An obvious use is to enhance the security of the site. If you need to do some daily work as root every day and often execute some fixed commands that can only be executed by root, then sudo is very suitable for you.
sudo's homepage is at: http://www.courtesan.com/courtesan/products/sudo/
γγ
2) Take Redhat as an example, the following describes the installation and setup process:
γγ
3) First, you can download the rpm package for Redhat Linux from the sudo homepage.
It's at ftp://ftp.freshmeat.net/pub/rpms/sudo/ currently the latest stable version 1.5.9p4.
4) γExecute #rpm -ivh sudo * to install, then edit / etc / sudoers file with / usr / sbin / visudo.
5) If you are prompted that you cannot find / usr / bin / vi but you actually have the vi program in the directory / bin, you need
ln -sf / bin / vi / usr / bin / vi creates a symbolic link for vi under / usr / bin. (Note: I encountered this on Redhat 6.1, and this problem does not exist on Redhat 5.x)
γγ
6) In addition, if some other error occurs, you may also need #chmod 700 / var / run / sudo
π¦ Below is my / etc / sudoers Example file:
[root @ sh-proxy / etc] # more sudoers
Host_Alias ββSERVER = sh-proxy
# User alias specification
User_Alias ββADMIN = jephe, tome
# Cmnd alias specification
Cmnd_Alias ββSHUTDOWN = / etc / halt, / etc / shutdown, / etc / reboot
ADMIN SERVER = SHUTDOWN
jephe SERVER = / usr / bin / tail -f / var / log / maillog
jephe SERVER = / usr / bin / tail -f / var / log / messages
# User privilege specification
root ALL = (ALL) ALL
-----------
1) Since I often need to log in to the server remotely to observe the changes in the email log file / var / log / maillog, I added this line to / etc / sudoers so that I do nβt need to log in as root to complete my daily work and improve safety.
2) Sniffit Sniffit
γγis a well-known network port probe. You can configure it to run in the background to detect which TCP / IP ports the user's input / output information is on.
γ
3) The most commonly used function is that an attacker can use it to detect the data transfer on your 23 (telnet) and 110 (pop3) ports to easily get your login password and mail account password. Sniffit is basically used by the vandal. Tools, but if you want to know how to enhance the security of your site, you should first know the various tools used by intruders.
4) sniffit's homepage is at http://reptile.rug.ac.be/~coder/sniffit/sniffit.html You can download the latest version from there. Installation is very easy, just run #tar xvfz sniff * solution in the root directory Open all files to the corresponding directory.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Introduction to common Linux network security tools by UnderCode
pinterest.com/UnderCodeOfficial
π¦LETS START:
1) Although various versions of Linux distribution comes with a lot of free open-source software, but there are still a large number of useful tools are not default.
γγ
2) Included in their installation CDs are, in particular, some toolkits that can enhance Linux network security, and most of them are also open source free software.
π¦ Here is a brief introduction to several tools to enhance Linux network security.
1) sudo
γγ sudo is a program used by system administrators to allow some users to run some / all system commands as root. An obvious use is to enhance the security of the site. If you need to do some daily work as root every day and often execute some fixed commands that can only be executed by root, then sudo is very suitable for you.
sudo's homepage is at: http://www.courtesan.com/courtesan/products/sudo/
γγ
2) Take Redhat as an example, the following describes the installation and setup process:
γγ
3) First, you can download the rpm package for Redhat Linux from the sudo homepage.
It's at ftp://ftp.freshmeat.net/pub/rpms/sudo/ currently the latest stable version 1.5.9p4.
4) γExecute #rpm -ivh sudo * to install, then edit / etc / sudoers file with / usr / sbin / visudo.
5) If you are prompted that you cannot find / usr / bin / vi but you actually have the vi program in the directory / bin, you need
ln -sf / bin / vi / usr / bin / vi creates a symbolic link for vi under / usr / bin. (Note: I encountered this on Redhat 6.1, and this problem does not exist on Redhat 5.x)
γγ
6) In addition, if some other error occurs, you may also need #chmod 700 / var / run / sudo
π¦ Below is my / etc / sudoers Example file:
[root @ sh-proxy / etc] # more sudoers
Host_Alias ββSERVER = sh-proxy
# User alias specification
User_Alias ββADMIN = jephe, tome
# Cmnd alias specification
Cmnd_Alias ββSHUTDOWN = / etc / halt, / etc / shutdown, / etc / reboot
ADMIN SERVER = SHUTDOWN
jephe SERVER = / usr / bin / tail -f / var / log / maillog
jephe SERVER = / usr / bin / tail -f / var / log / messages
# User privilege specification
root ALL = (ALL) ALL
-----------
1) Since I often need to log in to the server remotely to observe the changes in the email log file / var / log / maillog, I added this line to / etc / sudoers so that I do nβt need to log in as root to complete my daily work and improve safety.
2) Sniffit Sniffit
γγis a well-known network port probe. You can configure it to run in the background to detect which TCP / IP ports the user's input / output information is on.
γ
3) The most commonly used function is that an attacker can use it to detect the data transfer on your 23 (telnet) and 110 (pop3) ports to easily get your login password and mail account password. Sniffit is basically used by the vandal. Tools, but if you want to know how to enhance the security of your site, you should first know the various tools used by intruders.
4) sniffit's homepage is at http://reptile.rug.ac.be/~coder/sniffit/sniffit.html You can download the latest version from there. Installation is very easy, just run #tar xvfz sniff * solution in the root directory Open all files to the corresponding directory.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Pinterest
UndercOde (UNDERCODEOFFICIAL) on Pinterest
UndercOde | πππππ£βπ ππ πππ€π₯πππ βπ ππ‘πππͺ:
Programming, Web & Applications makers, Host, bugs fix, Satellite Reicivers Programming..
Started Since 2011
Programming, Web & Applications makers, Host, bugs fix, Satellite Reicivers Programming..
Started Since 2011
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Linux Network-Tools PART 2 :
> You can run sniffit -i with an interactive graphical interface to view all input / output information on the specified network interface:
π¦LETS START:
1) For example: In order to get the pop3 account and password that all users enter when receiving mail through an interface abcd, you can run
#sniffit -p 110 -t abcd &
#sniffit -p 110 -s abcd &
log files in the directory / usr / doc / sniffit * below:
2) The log file is named according to the visitor's IP address, a random high-end port number, and the network interface IP address and detection port used for detection. It takes advantage of the inherent weakness of the TCP / IP protocol, because the username and password information transmitted by ordinary telnet and pop3 are in plain text, without any encryption. So for telnet / ftp. You can use ssh / scp instead. The ssh / scp information detected by sniffit is basically a bunch of garbled characters, so you don't need to worry about the username and password information transmitted by ssh being stolen by a third party.
3) ttysnoop (s)
ttysnoop is a program that redirects all input / output to one terminal number to another terminal. At present, the website I know of is http://uscan.cjb.net , but I can't connect to it all the time. I got ttysnoop-0.12c-5 from other channels, and the address is http://rpmfind.net/linux /RPM/contrib/libc6/i386/ttysnoop-0.12c-5.i386.html This version does not seem to support shadow password. After installation, you need to manually create the directory / var / spool / ttysnoop to test this program is interesting, below Related instructions:
4) First change the in.telnetd in /etc/inetd.conf to call the login login program to / sbin / ttysnoops by default, as follows:
[root @ jephe / etc] # more inetd.conf | grep in.telnetd
telnet stream tcp nowait root / usr / sbin / tcpd in.telnetd -L / sbin / ttysnoops
5) Be sure to run killall -HUP inetd after the change to make it effective, make sure not to use shadow passwords, use #pwunconv to disable shadow passwords.
Then edit the file / etc / snooptab to configure the default configuration.
[root @ jephe / etc] # more snooptab
ttyS1 / dev / tty7 login / bin / login
ttyS2 / dev / tty8 login / bin / login
* socket login / bin / login
------
6) Finally, if in a terminal Someone logged in (you can use the w command to see which terminal it is on), if the terminal device is ttyp0, you can log in to the server and type # / bin / ttysnoop ttyp0 (prompt for the root password, again, the above mentioned This version does not support shadow passwords) to monitor user login windows.
π¦ nmap
nmap is a tool used to perform port scanning on a relatively large network. It can detect which TCP / IP ports are currently open on the server. You can run it to ensure that unsafe port numbers that should not be opened are blocked.
nmap's homepage gives a simple example at http://www.insecure.org/nmap/index.html
[root @ sh-proxy / etc] # / usr / local / bin / nmap public.sta.net .cn
1) Starting nmap V. 2.12 by Fyodor ( fyodor@dhp.com, www.insecure.org/nmap/)
Interesting ports on public.sta.net.cn (202.96.199.97):
Port State Protocol Service
21 open tcp ftp
23 open tcp telnet
25 open tcp smtp
109 open tcp pop-2
110 open tcp pop-3
143 open tcp imap2
513 open tcp login
514 open tcp shell
7000 open tcp afs3-fileserver
2) Nmap run completed-1 IP address (1 host up) scanned in 15 seconds
π¦ John the ripper
1) In Linux, the password is hashed The format is stored. You cannot analyze the password from the hash data table in the reverse direction, but you can compare it with a set of word hash, and guess the password if the same. Therefore, it is critical to have a password that is difficult to guess. In general you must not use a word in a dictionary as a password, it is quite easy to guess. In addition, some common regular alphanumeric arrangements cannot be used as the password, such as 123abc.
π¦ Linux Network-Tools PART 2 :
> You can run sniffit -i with an interactive graphical interface to view all input / output information on the specified network interface:
π¦LETS START:
1) For example: In order to get the pop3 account and password that all users enter when receiving mail through an interface abcd, you can run
#sniffit -p 110 -t abcd &
#sniffit -p 110 -s abcd &
log files in the directory / usr / doc / sniffit * below:
2) The log file is named according to the visitor's IP address, a random high-end port number, and the network interface IP address and detection port used for detection. It takes advantage of the inherent weakness of the TCP / IP protocol, because the username and password information transmitted by ordinary telnet and pop3 are in plain text, without any encryption. So for telnet / ftp. You can use ssh / scp instead. The ssh / scp information detected by sniffit is basically a bunch of garbled characters, so you don't need to worry about the username and password information transmitted by ssh being stolen by a third party.
3) ttysnoop (s)
ttysnoop is a program that redirects all input / output to one terminal number to another terminal. At present, the website I know of is http://uscan.cjb.net , but I can't connect to it all the time. I got ttysnoop-0.12c-5 from other channels, and the address is http://rpmfind.net/linux /RPM/contrib/libc6/i386/ttysnoop-0.12c-5.i386.html This version does not seem to support shadow password. After installation, you need to manually create the directory / var / spool / ttysnoop to test this program is interesting, below Related instructions:
4) First change the in.telnetd in /etc/inetd.conf to call the login login program to / sbin / ttysnoops by default, as follows:
[root @ jephe / etc] # more inetd.conf | grep in.telnetd
telnet stream tcp nowait root / usr / sbin / tcpd in.telnetd -L / sbin / ttysnoops
5) Be sure to run killall -HUP inetd after the change to make it effective, make sure not to use shadow passwords, use #pwunconv to disable shadow passwords.
Then edit the file / etc / snooptab to configure the default configuration.
[root @ jephe / etc] # more snooptab
ttyS1 / dev / tty7 login / bin / login
ttyS2 / dev / tty8 login / bin / login
* socket login / bin / login
------
6) Finally, if in a terminal Someone logged in (you can use the w command to see which terminal it is on), if the terminal device is ttyp0, you can log in to the server and type # / bin / ttysnoop ttyp0 (prompt for the root password, again, the above mentioned This version does not support shadow passwords) to monitor user login windows.
π¦ nmap
nmap is a tool used to perform port scanning on a relatively large network. It can detect which TCP / IP ports are currently open on the server. You can run it to ensure that unsafe port numbers that should not be opened are blocked.
nmap's homepage gives a simple example at http://www.insecure.org/nmap/index.html
[root @ sh-proxy / etc] # / usr / local / bin / nmap public.sta.net .cn
1) Starting nmap V. 2.12 by Fyodor ( fyodor@dhp.com, www.insecure.org/nmap/)
Interesting ports on public.sta.net.cn (202.96.199.97):
Port State Protocol Service
21 open tcp ftp
23 open tcp telnet
25 open tcp smtp
109 open tcp pop-2
110 open tcp pop-3
143 open tcp imap2
513 open tcp login
514 open tcp shell
7000 open tcp afs3-fileserver
2) Nmap run completed-1 IP address (1 host up) scanned in 15 seconds
π¦ John the ripper
1) In Linux, the password is hashed The format is stored. You cannot analyze the password from the hash data table in the reverse direction, but you can compare it with a set of word hash, and guess the password if the same. Therefore, it is critical to have a password that is difficult to guess. In general you must not use a word in a dictionary as a password, it is quite easy to guess. In addition, some common regular alphanumeric arrangements cannot be used as the password, such as 123abc.
nmap.org
Nmap: the Network Mapper - Free Security Scanner
Nmap Free Security Scanner, Port Scanner, & Network Exploration Tool. Download open source software for Linux, Windows, UNIX, FreeBSD, etc.
3) John the ripper is an efficient and easy-to-use password guessing program.http://www.openwall.com/john/
Download the tar.gz format program for UNIX, and then use tar xvfz john * .tar.gz to extract it to any directory. After entering the src directory and typing make linux-x86-any-elf (I use redhat 6.1), several execution files will be generated in the run directory, including the main program john. Now run Crack./john / etc / passwd for the Crack password.
> John can also crack the password generated by htpasswd to verify the apache user password. If you create a user user with htpasswd -c apachepasswd user and generate a password, you can also use john apachepasswd to guess. John outputs it to the terminal when guessing the password, and stores the guessed password in the john.pot file.
π¦ Another password cracker is the classic Cracker that everyone knows. The homepage is at http://www.users.dircon.co.uk/~crypto/II .
1) Logcheck
Logcheck is used to automatically check the system security intrusion events and abnormal activity records. Tool, which analyzes various Linux log files,
such as / var / log / messages, / var / log / secure, / var / log / maillog, etc., and then generates a problem report that may have security issues and automatically sends email to the administrator . You can set it to run on an hourly, or daily basis with crond.
2) The homepage of the logcheck tool is at http://www.psionic.com/abacus/logcheck/After downloading, use tar xvfz logcheck * to extract to a temporary directory such as / tmp, and then use ./make linux to automatically generate the corresponding files to / usr / local / etc, / usr / local / bin / and other directories. Change settings such as who can send email notifications to the root account by default. You can set root's email alias account to a group of people. Change the settings to ignore certain types of messages such as plug-gw in your mail log file. Because plug-gw does a reverse IP lookup, if it can't find it, it will log a warning message to / var / log / maillog. Logcheck logs all these warnings to you by default. You can ignore them by setting.
3) Using the logcheck tool to analyze all your logfiles avoids you having to manually check them daily, saving time and improving efficiency.
4) Three. Tripwire
Tripwire is a very useful tool for verifying file integrity. You can define which files / directories need to be checked, but the default settings can meet most requirements. It runs in four modes: database generation mode , Database update mode, file integrity check, interactive database update. When the initialization database is generated, it generates a database file of various information on existing files. In case your system files or various configuration files are accidentally changed, replaced, or deleted, it will be based on the original database every day. Compare the existing files to find out which files have been changed. You can judge whether there are any unexpected events such as system intrusion based on the results of email.
5) Tripwire's homepage is at http://www.tripwiresecurity.com , and you can use tripwire-1.2.3 for free. If you use Redhat Linux 6.1, you can also get the latest Tripwire-1.2.3 rebuilt for 6.1
(http://rufus.w3.org/linux/RPM/powertools/6.1/i386/tripwire-1.2-3.i386.html ) When you manually change the configuration file or program in the system, you can manually generate it again
6) Database files, run tripwire-initialize to create the databases directory under the current directory and generate a new system database file under this directory, then cp to the / var / spool / tripwire directory to overwrite the old one.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Download the tar.gz format program for UNIX, and then use tar xvfz john * .tar.gz to extract it to any directory. After entering the src directory and typing make linux-x86-any-elf (I use redhat 6.1), several execution files will be generated in the run directory, including the main program john. Now run Crack./john / etc / passwd for the Crack password.
> John can also crack the password generated by htpasswd to verify the apache user password. If you create a user user with htpasswd -c apachepasswd user and generate a password, you can also use john apachepasswd to guess. John outputs it to the terminal when guessing the password, and stores the guessed password in the john.pot file.
π¦ Another password cracker is the classic Cracker that everyone knows. The homepage is at http://www.users.dircon.co.uk/~crypto/II .
1) Logcheck
Logcheck is used to automatically check the system security intrusion events and abnormal activity records. Tool, which analyzes various Linux log files,
such as / var / log / messages, / var / log / secure, / var / log / maillog, etc., and then generates a problem report that may have security issues and automatically sends email to the administrator . You can set it to run on an hourly, or daily basis with crond.
2) The homepage of the logcheck tool is at http://www.psionic.com/abacus/logcheck/After downloading, use tar xvfz logcheck * to extract to a temporary directory such as / tmp, and then use ./make linux to automatically generate the corresponding files to / usr / local / etc, / usr / local / bin / and other directories. Change settings such as who can send email notifications to the root account by default. You can set root's email alias account to a group of people. Change the settings to ignore certain types of messages such as plug-gw in your mail log file. Because plug-gw does a reverse IP lookup, if it can't find it, it will log a warning message to / var / log / maillog. Logcheck logs all these warnings to you by default. You can ignore them by setting.
3) Using the logcheck tool to analyze all your logfiles avoids you having to manually check them daily, saving time and improving efficiency.
4) Three. Tripwire
Tripwire is a very useful tool for verifying file integrity. You can define which files / directories need to be checked, but the default settings can meet most requirements. It runs in four modes: database generation mode , Database update mode, file integrity check, interactive database update. When the initialization database is generated, it generates a database file of various information on existing files. In case your system files or various configuration files are accidentally changed, replaced, or deleted, it will be based on the original database every day. Compare the existing files to find out which files have been changed. You can judge whether there are any unexpected events such as system intrusion based on the results of email.
5) Tripwire's homepage is at http://www.tripwiresecurity.com , and you can use tripwire-1.2.3 for free. If you use Redhat Linux 6.1, you can also get the latest Tripwire-1.2.3 rebuilt for 6.1
(http://rufus.w3.org/linux/RPM/powertools/6.1/i386/tripwire-1.2-3.i386.html ) When you manually change the configuration file or program in the system, you can manually generate it again
6) Database files, run tripwire-initialize to create the databases directory under the current directory and generate a new system database file under this directory, then cp to the / var / spool / tripwire directory to overwrite the old one.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Openwall
John the Ripper password cracker
A fast password cracker for Unix, macOS, Windows, DOS, BeOS, and OpenVMS
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 2020 The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering :
T.me/UnderCodeTesting
π¦LETS START:
1) git clone https://github.com/OWASP/owasp-mstg/
2) cd owasp-mstg/Tools/
3) ./generate_document.sh
4) Clone the repository and run the gitbook generator.
π¦ This produces PDF, Epub and Mobi files in the "Generated" subdirectory.
1) git clone https://github.com/OWASP/owasp-mstg/
2) cd owasp-mstg/Tools/
3) ./gitbookandpdf.sh
check more on same git link
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ 2020 The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering :
T.me/UnderCodeTesting
π¦LETS START:
1) git clone https://github.com/OWASP/owasp-mstg/
2) cd owasp-mstg/Tools/
3) ./generate_document.sh
4) Clone the repository and run the gitbook generator.
π¦ This produces PDF, Epub and Mobi files in the "Generated" subdirectory.
1) git clone https://github.com/OWASP/owasp-mstg/
2) cd owasp-mstg/Tools/
3) ./gitbookandpdf.sh
check more on same git link
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Automate dns spoof - traffic hack :
T.me/UndercOdeTesting
π¦πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/Trackbool/DerpNSpoof'
You need the Scapy Python module. You can install the requirements
2) with: 'pip3 install -r requirements.txt' (recomended) or manually 'pip3 install scapy'
3) Scapy uses tcpdump
4) To execute the tool, you will need root permissions
Help menu:
π¦commands :
<ip> - Spoof the DNS query packets of a certain IP address
<all> - Spoof the DNS query packets of all hosts
[!] Examples:
# python3 DerpNSpoof.py 192.168.1.20 myfile.txt
# python3 DerpNSpoof.py all myfile.txt
The file format to save the records is very simple. You have to store the domain name, and separated by a space, the fake IP in the same line
Domain to Spoof IP address
example.com 1.1.1.1
example2.com 3.3.3.3
example3.com 3.3.3.3
Note:
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Automate dns spoof - traffic hack :
T.me/UndercOdeTesting
π¦πβπππΈπππππΈπππβ & βπβ:
1) git clone https://github.com/Trackbool/DerpNSpoof'
You need the Scapy Python module. You can install the requirements
2) with: 'pip3 install -r requirements.txt' (recomended) or manually 'pip3 install scapy'
3) Scapy uses tcpdump
4) To execute the tool, you will need root permissions
Help menu:
π¦commands :
<ip> - Spoof the DNS query packets of a certain IP address
<all> - Spoof the DNS query packets of all hosts
[!] Examples:
# python3 DerpNSpoof.py 192.168.1.20 myfile.txt
# python3 DerpNSpoof.py all myfile.txt
The file format to save the records is very simple. You have to store the domain name, and separated by a space, the fake IP in the same line
Domain to Spoof IP address
example.com 1.1.1.1
example2.com 3.3.3.3
example3.com 3.3.3.3
Note:
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ MANY BEGINERS NEEDS HOW TO USE SMALL PYTHON SCRIPTS- OTHERS PERFER WRITTEN TUTORIALS, WHAT YOU PREFERE ?
Anonymous Poll
73%
Written general tutorials ?
42%
New release small bash/python scripts ?
UNDERCODE COMMUNITY
π¦ MANY BEGINERS NEEDS HOW TO USE SMALL PYTHON SCRIPTS- OTHERS PERFER WRITTEN TUTORIALS, WHAT YOU PREFERE ?
Mm so Guyz want written Tutorials, well let s send some PHp Shell By UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ shell-log in for a limited time :
instagram.com/UnderCodeTestingCompany
π¦ ππΌππ πππΈβπ :
time-limited login can be achieved by calling at and system maintenance functions through the following three script programs:
1) In the specified When the script is executed within a certain time, a file named nologin will be generated under / etc. When the login program is executed, it will automatically determine whether this file exists. If it exists, the user will not be allowed to log in. The content is:
vi /sbin/login.denied
echo "Login Denied"> / etc / nologin
chmod 700 login.denied
2) Execute the script at the specified time, delete the nologin file under / etc / to allow users to log in, the content is:
vi /sbin/login.allowed
if [ -f / etc / nologin]; then
rm / etc / nologin
fi
chmod 700 login.allowed
3) Write a time-limited script that reads:
vi /sbin/login.rollback
if [-f /sbin/login.denied] ; then
at -f /sbin/login.denid 22:00
fi
if [-f /sbin/login.allowed]; then
at -f /sbin/login.allowed 8:00
if
chmod 744 /sbin/login.rollback is
4) created, put the /sbin/login.rollback script into crontab , Executed in the early morning every day:
crontab -e
# roll login script
00 1 * * * /sbin/login.rollback
5) The function of this setting is: from 10:00 PM to 8:00 AM the next day, a non-root user logs in, Displayed as system maintenance status.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ shell-log in for a limited time :
instagram.com/UnderCodeTestingCompany
π¦ ππΌππ πππΈβπ :
time-limited login can be achieved by calling at and system maintenance functions through the following three script programs:
1) In the specified When the script is executed within a certain time, a file named nologin will be generated under / etc. When the login program is executed, it will automatically determine whether this file exists. If it exists, the user will not be allowed to log in. The content is:
vi /sbin/login.denied
echo "Login Denied"> / etc / nologin
chmod 700 login.denied
2) Execute the script at the specified time, delete the nologin file under / etc / to allow users to log in, the content is:
vi /sbin/login.allowed
if [ -f / etc / nologin]; then
rm / etc / nologin
fi
chmod 700 login.allowed
3) Write a time-limited script that reads:
vi /sbin/login.rollback
if [-f /sbin/login.denied] ; then
at -f /sbin/login.denid 22:00
fi
if [-f /sbin/login.allowed]; then
at -f /sbin/login.allowed 8:00
if
chmod 744 /sbin/login.rollback is
4) created, put the /sbin/login.rollback script into crontab , Executed in the early morning every day:
crontab -e
# roll login script
00 1 * * * /sbin/login.rollback
5) The function of this setting is: from 10:00 PM to 8:00 AM the next day, a non-root user logs in, Displayed as system maintenance status.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ shell-Can you use Shell to query, modify, delete, etc. SQL?
pinterest.com/UnderCodeOfficial
π¦ ππΌππ πππΈβπ :
#! / Usr / bin / ksh
SQL_EXEC ()
{
sqlplus the USER $ / $ @ $ DB the PASSWD <<!
SET LINESIZE 1024
SET pageSize 1024
$ SQLCOMM
quit
!
}
#select
SQLCOMM = "SELECT 'XXX', username from the all_users;"
SQL_EXEC | grep XXX
#insert, Delete omitted
with INformIX yo prompts what to do if sql_exec cannot be found.
I think this should work,
#vi query.sh
sqlplus $ USER / $ PASSWD << EOF
select β¦β¦ from β¦β¦β¦β¦
insert β¦β¦β¦β¦β¦β¦
delete β¦β¦β¦β¦β¦β¦
EOF
: wq
# query.sh
isql <<!
database dbname;
select * from tbname where fieldname="xxxxx";
delete from tbname;
.....
close database;
!
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ shell-Can you use Shell to query, modify, delete, etc. SQL?
pinterest.com/UnderCodeOfficial
π¦ ππΌππ πππΈβπ :
#! / Usr / bin / ksh
SQL_EXEC ()
{
sqlplus the USER $ / $ @ $ DB the PASSWD <<!
SET LINESIZE 1024
SET pageSize 1024
$ SQLCOMM
quit
!
}
#select
SQLCOMM = "SELECT 'XXX', username from the all_users;"
SQL_EXEC | grep XXX
#insert, Delete omitted
with INformIX yo prompts what to do if sql_exec cannot be found.
I think this should work,
#vi query.sh
sqlplus $ USER / $ PASSWD << EOF
select β¦β¦ from β¦β¦β¦β¦
insert β¦β¦β¦β¦β¦β¦
delete β¦β¦β¦β¦β¦β¦
EOF
: wq
# query.sh
isql <<!
database dbname;
select * from tbname where fieldname="xxxxx";
delete from tbname;
.....
close database;
!
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Pinterest
UndercOde (UNDERCODEOFFICIAL) on Pinterest
UndercOde | πππππ£βπ ππ πππ€π₯πππ βπ ππ‘πππͺ:
Programming, Web & Applications makers, Host, bugs fix, Satellite Reicivers Programming..
Started Since 2011
Programming, Web & Applications makers, Host, bugs fix, Satellite Reicivers Programming..
Started Since 2011
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ PHP can also be used as Shell Script Why PHP is so
popular Recently PHP (Personal Hypertext Preprocessor) seems to have become the most widely used web processing language on Linux by Underc0de :
instagram.com/UnderCodeTestingCompany
π¦ ππΌππ πππΈβπ :
1) Unix in the past two years. Its convenience, powerful functions and OpenSource features have gradually eroded it. In the traditional CGI and even the MicroSoft ASP (Active Server Page) market, almost every major website recruits people with PHP as its basic condition.
2) PHP does have this qualification and can be so
popular for several reasons: PHP is OpenSource software, completely free and can be distributed freely, so it has attracted a lot of people to use it, and because of this, it has attracted commercial companies to develop it better Engine and optimization software
3) PHP itself is very simple and easy to understand, with a simple instruction syntax, plus some basic object-oriented processing capabilities, so that novices can learn in the shortest time.
PHP provides quite a lot of functions, including mathematical processing, string processing, network-related functions, support for various databases, image processing functions, and a large number of developers are developing various new functions for PHP, expanding Excellent sex.
4) PHP is very easy to combine with Apache. It is used as an Apache module, and it is quite simple to set up and install. Because Apache has already occupied 60% of the global Web Server market, PHP naturally becomes the best combination of Apache.
> However, the topic this time is not the application of PHP in web design, but the application of PHP in Shell Script. Generally known Shell Script is about tcsh, bash, perl or python. It's all about using PHP as a shell script.
π¦I nstallation of PHP executable files
1) Generally, PHP as a webpage processing language is compiled into Apache modules. Of course, it is not necessary to do this, so it is very easy to compile. As long as you are root, perform the following actions:
Unzip php-3.0.xx. After tar.gz
> cd php
> configure
> make is
2) compiled, there is an executable file in the php directory named php and you can copy it to / usr / local / bin. Note that if the file is too large, you can use the strip command to remove unnecessary information from PHP, so the file will be much smaller.
π¦ The first program
starts writing our first PHP Shell Script program. This example prints "Hello world!":
#! / Usr / local / bin / php -q
<?
Echo "Hello, world!";
?>
Note that PHP was originally used in web applications, so it will definitely send HTML headers, but here we are using PHP as a shell script, "-q"
1) In this example, / usr / local / bin / php is meant to execute PHP under / usr / local / bin / because we just installed it there. The echo command prints "Hello, world!", where the "" character is a newline character.
Note that after saving this program as a file, you must change its chmod to an executable attribute (chmod + x file name) before you can run it.
Advanced use of I
2) Sometimes we need to input some parameters when the program is executed, such as the ls command, followed by the -l parameter. PHP Shell Script also supports this usage. There are two special variables: $ argc keeps track of the number of arguments passed in, and the $ argv [] array argument holds the contents of the argument. For example, I want to design a program that calculates the sum of two numbers:
#! / Usr / local / bin / php -q
<?
$ Sum = 0;
$ sum = $ sum + $ argv [1] + $ argv [2] ;
echo $ sum;
?>
3) Assuming this program is named sum.php3, execute sum.php3 1 2 Press enter and it will print 3.
4) If you want to calculate an unspecified number of parameters, you need to use the special variable $ argc:
#! / Usr / local / bin / php -q
<?
$ Sum = 0;
for ($ t = 1; $ t <= $ argc; $ t ++)
$ sum = $ sum + $ argv [$ t];
echo $ sum;
?>
π¦ PHP can also be used as Shell Script Why PHP is so
popular Recently PHP (Personal Hypertext Preprocessor) seems to have become the most widely used web processing language on Linux by Underc0de :
instagram.com/UnderCodeTestingCompany
π¦ ππΌππ πππΈβπ :
1) Unix in the past two years. Its convenience, powerful functions and OpenSource features have gradually eroded it. In the traditional CGI and even the MicroSoft ASP (Active Server Page) market, almost every major website recruits people with PHP as its basic condition.
2) PHP does have this qualification and can be so
popular for several reasons: PHP is OpenSource software, completely free and can be distributed freely, so it has attracted a lot of people to use it, and because of this, it has attracted commercial companies to develop it better Engine and optimization software
3) PHP itself is very simple and easy to understand, with a simple instruction syntax, plus some basic object-oriented processing capabilities, so that novices can learn in the shortest time.
PHP provides quite a lot of functions, including mathematical processing, string processing, network-related functions, support for various databases, image processing functions, and a large number of developers are developing various new functions for PHP, expanding Excellent sex.
4) PHP is very easy to combine with Apache. It is used as an Apache module, and it is quite simple to set up and install. Because Apache has already occupied 60% of the global Web Server market, PHP naturally becomes the best combination of Apache.
> However, the topic this time is not the application of PHP in web design, but the application of PHP in Shell Script. Generally known Shell Script is about tcsh, bash, perl or python. It's all about using PHP as a shell script.
π¦I nstallation of PHP executable files
1) Generally, PHP as a webpage processing language is compiled into Apache modules. Of course, it is not necessary to do this, so it is very easy to compile. As long as you are root, perform the following actions:
Unzip php-3.0.xx. After tar.gz
> cd php
> configure
> make is
2) compiled, there is an executable file in the php directory named php and you can copy it to / usr / local / bin. Note that if the file is too large, you can use the strip command to remove unnecessary information from PHP, so the file will be much smaller.
π¦ The first program
starts writing our first PHP Shell Script program. This example prints "Hello world!":
#! / Usr / local / bin / php -q
<?
Echo "Hello, world!";
?>
Note that PHP was originally used in web applications, so it will definitely send HTML headers, but here we are using PHP as a shell script, "-q"
1) In this example, / usr / local / bin / php is meant to execute PHP under / usr / local / bin / because we just installed it there. The echo command prints "Hello, world!", where the "" character is a newline character.
Note that after saving this program as a file, you must change its chmod to an executable attribute (chmod + x file name) before you can run it.
Advanced use of I
2) Sometimes we need to input some parameters when the program is executed, such as the ls command, followed by the -l parameter. PHP Shell Script also supports this usage. There are two special variables: $ argc keeps track of the number of arguments passed in, and the $ argv [] array argument holds the contents of the argument. For example, I want to design a program that calculates the sum of two numbers:
#! / Usr / local / bin / php -q
<?
$ Sum = 0;
$ sum = $ sum + $ argv [1] + $ argv [2] ;
echo $ sum;
?>
3) Assuming this program is named sum.php3, execute sum.php3 1 2 Press enter and it will print 3.
4) If you want to calculate an unspecified number of parameters, you need to use the special variable $ argc:
#! / Usr / local / bin / php -q
<?
$ Sum = 0;
for ($ t = 1; $ t <= $ argc; $ t ++)
$ sum = $ sum + $ argv [$ t];
echo $ sum;
?>
Β»π¦ php/shell full by under0de
5) Assuming this program is named bigsum.php3, then running bigsum.php3 1 2 3 4 5 Pressing enter will print 15; executing bigsum.php3 1 2 3 4 5 6 pressing enter will Print out 21.
6) Sometimes we need to input data during the execution of the program, but PHP is originally used for web design, and the data input on the webpage is naturally input by FORM, so the problem comes when PHP is used as the shell script In PHP, a file opening function is provided. Under Linux / Uinx, inputting can be done by opening files. We need to open the device file / dev / stdin (stdin is (Meaning standard input), the program is as follows:
#! / Usr / local / bin / php -q
<?
$ Fp = fopen ("/ dev / stdin", "r");
$ inputstr = fgets ($ fp, 100 );
fclose ($ fp);
echo "\ n ---------------------- \ n";
echo $ inputstr;
?>
7) where fgets ($ fp , 100) refers to the file $ fp (that is, "/ dev / stdin" ) Read out 100 bytes of data, the program will stop at this line and wait for our input. After we enter and press enter, the program will print out the data we just entered.
Advanced Use II
8) Although it can already handle input, such a function is obviously too simple to cope with larger applications. For example, I need a function to remove the HTML from a data stream. At this time, it needs to be complete. The ability to handle output and input redirection, we can first design the program as follows: #! / Usr / local / bin / php -q
<?
$ Fp = fopen ("/ dev / stdin", "r");
while (! Feof ( $ fp)) {
$ c = fgetc ($ fp);
$ inputstr = $ inputstr. $ c;
};
fclose ($ fp);
echo $ inputstr;
?>
9) Assuming this program is named filt.php3, if you directly Run this program, it will wait for your input, it will not print your input data until you press Ctrl + D, we can run it like this :
more filt.php3 | filt.php3
10) This way is to filter The .php3 program is shown with more and switched to the program filt.php3. Filt.php3 will continue to accept information (in fact, the code of the filt.php3 program), and finally print it out.
We can add HTML filtering to it:
#! / Usr / local / bin / php -q
<?
$ Fp = fopen ("/ dev / stdin", "
while (! feof ($ fp)) {
$ c = fgetc ($ fp);
$ inputstr = $ inputstr. $ c;
};
fclose ($ fp);
$ inputstr = ereg_replace ("<([^ <>] * )> "," ", $ inputstr);
echo $ inputstr;
?> We can add HTML filtering to it
#! / Usr / local / bin / php -q
π¦Assuming this program is named filt2.php3, then the filtering function is completed. If you do nβt believe me, please try an HTML file:
more xxx.html filt2.php3
You will see that the HTML TAG file has been deleted.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
5) Assuming this program is named bigsum.php3, then running bigsum.php3 1 2 3 4 5 Pressing enter will print 15; executing bigsum.php3 1 2 3 4 5 6 pressing enter will Print out 21.
6) Sometimes we need to input data during the execution of the program, but PHP is originally used for web design, and the data input on the webpage is naturally input by FORM, so the problem comes when PHP is used as the shell script In PHP, a file opening function is provided. Under Linux / Uinx, inputting can be done by opening files. We need to open the device file / dev / stdin (stdin is (Meaning standard input), the program is as follows:
#! / Usr / local / bin / php -q
<?
$ Fp = fopen ("/ dev / stdin", "r");
$ inputstr = fgets ($ fp, 100 );
fclose ($ fp);
echo "\ n ---------------------- \ n";
echo $ inputstr;
?>
7) where fgets ($ fp , 100) refers to the file $ fp (that is, "/ dev / stdin" ) Read out 100 bytes of data, the program will stop at this line and wait for our input. After we enter and press enter, the program will print out the data we just entered.
Advanced Use II
8) Although it can already handle input, such a function is obviously too simple to cope with larger applications. For example, I need a function to remove the HTML from a data stream. At this time, it needs to be complete. The ability to handle output and input redirection, we can first design the program as follows: #! / Usr / local / bin / php -q
<?
$ Fp = fopen ("/ dev / stdin", "r");
while (! Feof ( $ fp)) {
$ c = fgetc ($ fp);
$ inputstr = $ inputstr. $ c;
};
fclose ($ fp);
echo $ inputstr;
?>
9) Assuming this program is named filt.php3, if you directly Run this program, it will wait for your input, it will not print your input data until you press Ctrl + D, we can run it like this :
more filt.php3 | filt.php3
10) This way is to filter The .php3 program is shown with more and switched to the program filt.php3. Filt.php3 will continue to accept information (in fact, the code of the filt.php3 program), and finally print it out.
We can add HTML filtering to it:
#! / Usr / local / bin / php -q
<?
$ Fp = fopen ("/ dev / stdin", "
while (! feof ($ fp)) {
$ c = fgetc ($ fp);
$ inputstr = $ inputstr. $ c;
};
fclose ($ fp);
$ inputstr = ereg_replace ("<([^ <>] * )> "," ", $ inputstr);
echo $ inputstr;
?> We can add HTML filtering to it
#! / Usr / local / bin / php -q
π¦Assuming this program is named filt2.php3, then the filtering function is completed. If you do nβt believe me, please try an HTML file:
more xxx.html filt2.php3
You will see that the HTML TAG file has been deleted.
Written by Underc0de
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ACTIVE IP USED IN ATTACKING NOW:-UnderCode-Report-2020
T.me/UndercOdeTesting
IP Country Block Count
160.153.147.141 United States 5
37.9.169.9 Slovakia 4
47.254.89.228 United States 4
160.153.147.143 United States 3
64.71.32.73 United States 3
160.153.154.6 United States 2
198.71.238.7 United States 2
207.246.240.124 United States 2
198.71.238.5 United States 2
207.246.240.119 United States 2
62.210.185.4 France 2
160.153.147.161 United States 2
198.71.238.3 United States 2
198.71.239.46 United States 2
91.208.99.2 United Kingdom 2
198.71.238.9 United States 1
184.168.46.161 United States 1
64.71.32.78 United States 1
160.153.147.142 United States 1
184.168.27.169 United States 1
160.153.153.30 United States 1
160.153.154.26 United States 1
103.228.112.110 India 1
160.153.154.19 United States 1
160.153.147.160 United States 1
185.129.248.187 Spain 1
160.153.154.7 United States 1
@Underc0deoFFICIAL
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ACTIVE IP USED IN ATTACKING NOW:-UnderCode-Report-2020
T.me/UndercOdeTesting
IP Country Block Count
160.153.147.141 United States 5
37.9.169.9 Slovakia 4
47.254.89.228 United States 4
160.153.147.143 United States 3
64.71.32.73 United States 3
160.153.154.6 United States 2
198.71.238.7 United States 2
207.246.240.124 United States 2
198.71.238.5 United States 2
207.246.240.119 United States 2
62.210.185.4 France 2
160.153.147.161 United States 2
198.71.238.3 United States 2
198.71.239.46 United States 2
91.208.99.2 United Kingdom 2
198.71.238.9 United States 1
184.168.46.161 United States 1
64.71.32.78 United States 1
160.153.147.142 United States 1
184.168.27.169 United States 1
160.153.153.30 United States 1
160.153.154.26 United States 1
103.228.112.110 India 1
160.153.154.19 United States 1
160.153.147.160 United States 1
185.129.248.187 Spain 1
160.153.154.7 United States 1
@Underc0deoFFICIAL
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Secure your linux first Network Filtering-Use netfilter-iptables to configure a firewall for Linux Part 1 full
netfilter / iptables is Integrated IP packet filtering system for the latest 2.4.x version of the Linux kernel(old and stable version)
> If the Linux system is connected to the Internet or a LAN, a server, or a proxy server that connects to the LAN and the Internet, the system facilitates better control of IP packet filtering and firewall configuration on the Linux system
> undercode will introduce the netfilter / iptables system, how it works, its advantages, installation and configuration, and how to use it to configure a firewall on a Linux system to filter IP packets.
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
1) Among Linux packet filtering solutions such as ipfwadm and ipchains, the netfilter / iptables IP packet filtering system is the latest solution and the first solution integrated into the Linux kernel.
2) Netfilter / iptables system for Linux system
administrators, network administrators, and home users who want to configure a firewall based on their specific needs, save money on firewall solutions, and have full control over IP packet filtering Very ideal.
3) Understand firewall configuration and packet filtering
For Linux systems connected to the network, a firewall is an essential defense mechanism. It only allows legitimate network traffic to enter and leave the system, and prohibits any other network traffic.
4) To determine whether network traffic is legitimate, the firewall relies on a set of rules it contains that are predefined by the network or system administrator. These rules tell the firewall whether certain traffic is legitimate and what to do with network traffic from a source, a destination, or a protocol type. The term "configure firewall" means adding, modifying, and removing these rules. I will discuss these rules in detail later in undercode grps
5) Network traffic consists of IP packets (or packets for short) βsmall pieces of data that are transmitted in a stream from the source system to the destination system. These packets have headers, which are data bits that accompany each packet and contain information about the source, destination, and protocol type of the packet.
6) The firewall checks these headers against a set of rules to determine which packets to accept and which packets to reject. We call this process packet filtering.
Written by UnderCode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Secure your linux first Network Filtering-Use netfilter-iptables to configure a firewall for Linux Part 1 full
netfilter / iptables is Integrated IP packet filtering system for the latest 2.4.x version of the Linux kernel(old and stable version)
> If the Linux system is connected to the Internet or a LAN, a server, or a proxy server that connects to the LAN and the Internet, the system facilitates better control of IP packet filtering and firewall configuration on the Linux system
> undercode will introduce the netfilter / iptables system, how it works, its advantages, installation and configuration, and how to use it to configure a firewall on a Linux system to filter IP packets.
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
1) Among Linux packet filtering solutions such as ipfwadm and ipchains, the netfilter / iptables IP packet filtering system is the latest solution and the first solution integrated into the Linux kernel.
2) Netfilter / iptables system for Linux system
administrators, network administrators, and home users who want to configure a firewall based on their specific needs, save money on firewall solutions, and have full control over IP packet filtering Very ideal.
3) Understand firewall configuration and packet filtering
For Linux systems connected to the network, a firewall is an essential defense mechanism. It only allows legitimate network traffic to enter and leave the system, and prohibits any other network traffic.
4) To determine whether network traffic is legitimate, the firewall relies on a set of rules it contains that are predefined by the network or system administrator. These rules tell the firewall whether certain traffic is legitimate and what to do with network traffic from a source, a destination, or a protocol type. The term "configure firewall" means adding, modifying, and removing these rules. I will discuss these rules in detail later in undercode grps
5) Network traffic consists of IP packets (or packets for short) βsmall pieces of data that are transmitted in a stream from the source system to the destination system. These packets have headers, which are data bits that accompany each packet and contain information about the source, destination, and protocol type of the packet.
6) The firewall checks these headers against a set of rules to determine which packets to accept and which packets to reject. We call this process packet filtering.
Written by UnderCode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Why configure your own firewall on kernel linux ?
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) For various reasons and reasons, you need to configure your firewall based on your specific needs. Perhaps the most important reason is security.
2) Administrators may want their firewall to be able to prevent unauthorized sources from accessing their Linux systems, such as through Telnet. They may also want to restrict network traffic to and from their systems so that only traffic from trusted sources can enter their systems, and only authorized traffic can go out. Home users may configure the firewall to a lower security level by allowing all outbound packets to pass through.
3) Another reason behind this is that bandwidth can be saved by blocking excess traffic from sources like advertising sites.
4) Thus, the firewall configuration can be customized to meet any specific needs and any security level needs. This is where the netfilter / iptables system comes in.
π¦ How does the netfilter / iptables system work?
1) netfilter / iptables IP packet filtering system is a powerful tool for adding, editing, and removing rules. These rules are rules that the firewall follows and composes when making packet filtering decisions.
2) These rules are stored in dedicated packet filtering tables, which are integrated in the Linux kernel. In the packet filtering table, rules are grouped into what we call a chain. I will discuss these rules in detail and how to build them and group them in chains.
3) Although the netfilter / iptables IP packet filtering system is called a single entity, it actually consists of two components, netfilter and iptables.
4) The netfilter component, also called kernelspace, is part of the kernel and consists of some packet filtering tables. These tables contain the set of rules that the kernel uses to control packet filtering processing.
5) The iptables component is a tool, also known as userspace, that makes it easy to insert, modify, and remove rules from packet filtering tables. Unless you are using Red Hat Linux 7.1 or later, you need to download the tool from netfilter.org and install it.
6) By using user space, you can build your own custom rules that are stored in a packet filter table in kernel space. These rules have destinations that tell the kernel what to do with packets that come from some source, go to some destination, or have certain protocol types. If a packet matches the rule, the destination ACCEPT is used to allow the packet to pass. You can also use target DROP or REJECT to block and kill packets. There are many other goals for other operations that can be performed on packets.
Written by UnderCode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Why configure your own firewall on kernel linux ?
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) For various reasons and reasons, you need to configure your firewall based on your specific needs. Perhaps the most important reason is security.
2) Administrators may want their firewall to be able to prevent unauthorized sources from accessing their Linux systems, such as through Telnet. They may also want to restrict network traffic to and from their systems so that only traffic from trusted sources can enter their systems, and only authorized traffic can go out. Home users may configure the firewall to a lower security level by allowing all outbound packets to pass through.
3) Another reason behind this is that bandwidth can be saved by blocking excess traffic from sources like advertising sites.
4) Thus, the firewall configuration can be customized to meet any specific needs and any security level needs. This is where the netfilter / iptables system comes in.
π¦ How does the netfilter / iptables system work?
1) netfilter / iptables IP packet filtering system is a powerful tool for adding, editing, and removing rules. These rules are rules that the firewall follows and composes when making packet filtering decisions.
2) These rules are stored in dedicated packet filtering tables, which are integrated in the Linux kernel. In the packet filtering table, rules are grouped into what we call a chain. I will discuss these rules in detail and how to build them and group them in chains.
3) Although the netfilter / iptables IP packet filtering system is called a single entity, it actually consists of two components, netfilter and iptables.
4) The netfilter component, also called kernelspace, is part of the kernel and consists of some packet filtering tables. These tables contain the set of rules that the kernel uses to control packet filtering processing.
5) The iptables component is a tool, also known as userspace, that makes it easy to insert, modify, and remove rules from packet filtering tables. Unless you are using Red Hat Linux 7.1 or later, you need to download the tool from netfilter.org and install it.
6) By using user space, you can build your own custom rules that are stored in a packet filter table in kernel space. These rules have destinations that tell the kernel what to do with packets that come from some source, go to some destination, or have certain protocol types. If a packet matches the rule, the destination ACCEPT is used to allow the packet to pass. You can also use target DROP or REJECT to block and kill packets. There are many other goals for other operations that can be performed on packets.
Written by UnderCode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β