β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ ftp service-is Pure-FTPd really strong :
instagram.com/UnderCodeTestingCompany
π¦ ππΌππ πππΈβπ :
1) whole Spring Festival has been studying proftpd, but the results of the study feels better than Serv_U under windows Still not very flexible, I accidentally read another article today Pure-FTPd + LDAP + MySQL + PGSQL + Virtual-Users + Quota How To, and found that Pure-FTPd is very powerful, I do nβt need to look at anything else,
2) just looked at it The database structure combined with mysql knows that this software is very flexible. He can even use the database to configure the bandwidth, upload / download rate, and IP access restrictions. These three points are better than the proftpd database.
3) A master once said to me, if you are proficient in configuring proftpd, but you will not apply security patches to proftp, it is better not to use them. I really will not patch proftpd, although I am already familiar with him now It seems proftpd's security is very problematic. I don't know how secure Pure-FTPd is. If I can, I will abandon proftpd without any concerns. With Pure-FTPd, vsftp is safe, but the implementation of the function is really uncomfortable.
After a few days to study Pure-FTPd, it seems that I have a holiday with FTP this month, haha.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ ftp service-is Pure-FTPd really strong :
instagram.com/UnderCodeTestingCompany
π¦ ππΌππ πππΈβπ :
1) whole Spring Festival has been studying proftpd, but the results of the study feels better than Serv_U under windows Still not very flexible, I accidentally read another article today Pure-FTPd + LDAP + MySQL + PGSQL + Virtual-Users + Quota How To, and found that Pure-FTPd is very powerful, I do nβt need to look at anything else,
2) just looked at it The database structure combined with mysql knows that this software is very flexible. He can even use the database to configure the bandwidth, upload / download rate, and IP access restrictions. These three points are better than the proftpd database.
3) A master once said to me, if you are proficient in configuring proftpd, but you will not apply security patches to proftp, it is better not to use them. I really will not patch proftpd, although I am already familiar with him now It seems proftpd's security is very problematic. I don't know how secure Pure-FTPd is. If I can, I will abandon proftpd without any concerns. With Pure-FTPd, vsftp is safe, but the implementation of the function is really uncomfortable.
After a few days to study Pure-FTPd, it seems that I have a holiday with FTP this month, haha.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Traditional proxy, transparent proxy, plug-gw, Apache reverse proxy, IP masquerading full by UnderCode :
> fb.com/UnderCodeTesting
π¦ ππΌππ πππΈβπ :
Squid traditional proxy and transparent proxy: The
most widely used traditional proxy and transparent proxy on Linux is Squid. The default Squid is configured as the traditional proxy method.
In this way, the windows client needs to set the address and port number of the proxy server in the browser, and the client has
little work to do . You only need to specify the IP address and port number of the proxy server, and everything else is left to the proxy server
. An obvious feature in this mode is that when a windows client browses a webpage, a URL is also entered, and the DNS is also performed by the proxy
server. The DNS resolution process is based on the resolution order in the /etc/host.conf file set on the Linux server.
The general order is to first find / etc / hosts, and then find the DNS database bind. An interesting example in this case is if you set the
domain name of a site as a server on your intranet, then go to the intranet server first. If you set
192.168.11.3 www.yahoo.com, your browser will not be able to access yahoo sites on the Internet.
But if you set a transparent proxy, the DNS order will be changed to
windowshosts and then the Linux DNS database. It is no longer possible to check the / etc / hosts file on a Linux server.
About the introduction of transparent proxy, see another article in the article "How to set up transparent proxy in Linux"
package rewriting process of traditional proxy and transparent proxy: see the following figure
[PC] A [Linux squid server] B
192.168.11.12_ | _____ 192.168.11.5 | ___ 1.2.3.4 _________ Internet
(Figure 1)
Set the proxy on the browser of user A to 192.168.11.5, the port number to 3128, and access the Internet through B.
If you visit www.linuxforum.net, as long as you set a proxy, the browser on the client side only
communicates with the Linux Squid server and never talks to the www.linuxforum.net server on the Internet. First, the squid proxy server
www.linuxforum.net performs resolution (find the resolution order in /etc/host.conf, first / etc / hosts and then DNS lookup)
to the IP address 202.106.124.185, and finally the proxy server replaces the client with the IP address For HTTP access,
the information returned is cached in the squid cache, and a copy is made to the client. The next time the user or other users access the same page,
they can be called from the squid cache to save time.
The process of transparent proxy is similar to traditional proxy, the difference is
1) The DNS resolution process is different, as mentioned earlier
2) The transparent proxy gateway must be set to the IP address of the Squid proxy server, which is not required for traditional proxy.
#) The transparent proxy needs to set the input rules of the fire protection chain. The
rest are the same as Squid's traditional proxy method.
plug-gw:
plug-gw is a common agent included with FWTK. Can be used to proxy applications such as POP3, HTTP and other services.
[PC] A [Linux POP3] C [Linux plug-gw] B
192.168.11.12_ | ______ | 192.168.11.1 ____ 192.168.11.5 | ___ 1.2.3.4__Internet
(Figure 2)
If there is a Linux on the internal network segment POP3 server C (192.168.11.1), I hope that external users can receive mail. You
can set the POP3 proxy of plug-gw on machine B as follows:
Put the following line in /etc/rc.d/rc.local
/ usr / local / etc / plug-gw -daemon 1.2.3.4:110 -name plug-gw-pop3 &
file / usr / local / etc / netperm-table has the following line
plug-gw-pop3: port 110 * -plug-to 192.168. 11.1 -port 110 The
user sets the POP3 server address in outlook express to 1.2.3.4. When receiving mail, the external
interface of machine B accepts user requests on port 110 of 1.2.3.4 and is subsequently plug-gw Processing, on the internal network segment,
a request is made by 192.168.11.5 to port 110 of 192.168.11.1. Copy the obtained data to the
external user through the 1.2.3.4 interface .
π¦ Traditional proxy, transparent proxy, plug-gw, Apache reverse proxy, IP masquerading full by UnderCode :
> fb.com/UnderCodeTesting
π¦ ππΌππ πππΈβπ :
Squid traditional proxy and transparent proxy: The
most widely used traditional proxy and transparent proxy on Linux is Squid. The default Squid is configured as the traditional proxy method.
In this way, the windows client needs to set the address and port number of the proxy server in the browser, and the client has
little work to do . You only need to specify the IP address and port number of the proxy server, and everything else is left to the proxy server
. An obvious feature in this mode is that when a windows client browses a webpage, a URL is also entered, and the DNS is also performed by the proxy
server. The DNS resolution process is based on the resolution order in the /etc/host.conf file set on the Linux server.
The general order is to first find / etc / hosts, and then find the DNS database bind. An interesting example in this case is if you set the
domain name of a site as a server on your intranet, then go to the intranet server first. If you set
192.168.11.3 www.yahoo.com, your browser will not be able to access yahoo sites on the Internet.
But if you set a transparent proxy, the DNS order will be changed to
windowshosts and then the Linux DNS database. It is no longer possible to check the / etc / hosts file on a Linux server.
About the introduction of transparent proxy, see another article in the article "How to set up transparent proxy in Linux"
package rewriting process of traditional proxy and transparent proxy: see the following figure
[PC] A [Linux squid server] B
192.168.11.12_ | _____ 192.168.11.5 | ___ 1.2.3.4 _________ Internet
(Figure 1)
Set the proxy on the browser of user A to 192.168.11.5, the port number to 3128, and access the Internet through B.
If you visit www.linuxforum.net, as long as you set a proxy, the browser on the client side only
communicates with the Linux Squid server and never talks to the www.linuxforum.net server on the Internet. First, the squid proxy server
www.linuxforum.net performs resolution (find the resolution order in /etc/host.conf, first / etc / hosts and then DNS lookup)
to the IP address 202.106.124.185, and finally the proxy server replaces the client with the IP address For HTTP access,
the information returned is cached in the squid cache, and a copy is made to the client. The next time the user or other users access the same page,
they can be called from the squid cache to save time.
The process of transparent proxy is similar to traditional proxy, the difference is
1) The DNS resolution process is different, as mentioned earlier
2) The transparent proxy gateway must be set to the IP address of the Squid proxy server, which is not required for traditional proxy.
#) The transparent proxy needs to set the input rules of the fire protection chain. The
rest are the same as Squid's traditional proxy method.
plug-gw:
plug-gw is a common agent included with FWTK. Can be used to proxy applications such as POP3, HTTP and other services.
[PC] A [Linux POP3] C [Linux plug-gw] B
192.168.11.12_ | ______ | 192.168.11.1 ____ 192.168.11.5 | ___ 1.2.3.4__Internet
(Figure 2)
If there is a Linux on the internal network segment POP3 server C (192.168.11.1), I hope that external users can receive mail. You
can set the POP3 proxy of plug-gw on machine B as follows:
Put the following line in /etc/rc.d/rc.local
/ usr / local / etc / plug-gw -daemon 1.2.3.4:110 -name plug-gw-pop3 &
file / usr / local / etc / netperm-table has the following line
plug-gw-pop3: port 110 * -plug-to 192.168. 11.1 -port 110 The
user sets the POP3 server address in outlook express to 1.2.3.4. When receiving mail, the external
interface of machine B accepts user requests on port 110 of 1.2.3.4 and is subsequently plug-gw Processing, on the internal network segment,
a request is made by 192.168.11.5 to port 110 of 192.168.11.1. Copy the obtained data to the
external user through the 1.2.3.4 interface .
Facebook
UndercOde Testing Company
UndercOde Testing Company. 97 likes Β· 3 talking about this. Programming, Hacking,Security, Web & Applications Developpements, Fix Errors , Hosts, Server Security, Hacking Pentest, Phone softwares &...
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Apache reverse proxy.
fb.com/undercodeTesting
π¦ ππΌππ πππΈβπ :
The package rewriting process is similar to plug-gw
Note: In the three cases mentioned above, the request process is separated twice, and the middle is usually a squid proxy server or
plug-gw, Apache server, the data is copied between the two network cards of the server, but
the source address of the two requests is a randomly assigned high-end address, which is different. Between 1024 and 65535. But in general,
most of the random high-end addresses allocated by TCP / IP are allocated between 1024--5000. For example: For plug-gw:
if the IP address of an external dial-up user is 5.6.7.8. If the address and port are as follows: The
source address and port number and the destination address and port are:
5.6.7.8 1038 1.2.3.4 110
is rewritten by the plug-gw request is:
192.168.11.5 1045 192.168.11.1 110
The data returned by 192.168.11.1 is Copy to external customers.
But not all cases the source high end randomly assigned addresses are between 1024--5000. IP masquerading is an exception:
IP masquerading:
[PC] A [Linux MASQ server] B
192.168.11.12_ | _____ 192.168.11.5 | ___ 1.2.3.4 _________ Internet
As shown above, PC A wants to surf the Internet through B masquerade. If you want to visit www.linuxforum.net, the packet rewriting process during masquerading is as follows:
source address / port number and destination address / port number are:
192.168.11.12 1047 202.106.124.185 80
masqueraded
source address and port number and The destination address / port number is:
1.2.3.4 62334 202.106.124.185 80 The
returned packet is
202.106.124.185 80-1.2.3.4 62334
is rewritten to PC A as:
202.106.124.185 80-192.168.11.12 1047
Generally speaking, the IP The source address is usually> 60000 and is between 61000--64999.
A checklist of IP masquerading is maintained on the firewall. Use the command / sbin / ipchains -M -L -n to see, for
example:
[root @ proxy etc] # / sbin / ipchains -M -L -n
IP masquerading entries
prot expire source destination ports
UDP 02: 18.86 192.168.11.12 205.188 .179.41 1215 (62615)-> 4000
TCP 17: 03.20 192.168.11.12 205.188.248.57 1049 (62584)-> 80
From the ports column you can check the match of the source address twice.
Port forwarding (port forwarding):
See another article in the blend article, "port forwarding by the internal network of external network services,"
the second part of the application of ways and the advantages and disadvantages of various agents of
the role of various agents of ways:
1) IP For masquerading, Squid's traditional proxy and transparent proxy are suitable for users without real IP addresses on the LAN to access the Internet.
2) Apache reverse proxy, plug-gw universal proxy, port forwarding is suitable for external users to access
the server without real IP address in the LAN .
π¦ The advantages and disadvantages of various proxy methods:
1) The advantage of Squid is that it requires few clients, as long as it can connect to the Squid server.
But each machine needs to set the proxy server IP address and port number
2) The advantage of Squid transparent proxy is that it does not need to set the proxy address and port of each client, which simplifies the
configuration of the client . However, the default gateway of each client needs to be set to Squid proxy server, and the client is required to do
DNS resolution
3) IP spoofing can be suitable for most application layer services, unlike Squid, which only supports http and ftp. The default
gateway is set to the address of the firewall. And unlike Squid, it has a cache function
4) plug-gw can proxy various servers like HTTP, POP3, etc. But Apache reverse proxy can only proxy http reverse requests.
5) Port forwarding is suitable for most services. It has nothing to do with the specific application. It is fast and implemented at the core IP layer. No special
application layer services are required to run. However, you may need to recompile the kernel.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Apache reverse proxy.
fb.com/undercodeTesting
π¦ ππΌππ πππΈβπ :
The package rewriting process is similar to plug-gw
Note: In the three cases mentioned above, the request process is separated twice, and the middle is usually a squid proxy server or
plug-gw, Apache server, the data is copied between the two network cards of the server, but
the source address of the two requests is a randomly assigned high-end address, which is different. Between 1024 and 65535. But in general,
most of the random high-end addresses allocated by TCP / IP are allocated between 1024--5000. For example: For plug-gw:
if the IP address of an external dial-up user is 5.6.7.8. If the address and port are as follows: The
source address and port number and the destination address and port are:
5.6.7.8 1038 1.2.3.4 110
is rewritten by the plug-gw request is:
192.168.11.5 1045 192.168.11.1 110
The data returned by 192.168.11.1 is Copy to external customers.
But not all cases the source high end randomly assigned addresses are between 1024--5000. IP masquerading is an exception:
IP masquerading:
[PC] A [Linux MASQ server] B
192.168.11.12_ | _____ 192.168.11.5 | ___ 1.2.3.4 _________ Internet
As shown above, PC A wants to surf the Internet through B masquerade. If you want to visit www.linuxforum.net, the packet rewriting process during masquerading is as follows:
source address / port number and destination address / port number are:
192.168.11.12 1047 202.106.124.185 80
masqueraded
source address and port number and The destination address / port number is:
1.2.3.4 62334 202.106.124.185 80 The
returned packet is
202.106.124.185 80-1.2.3.4 62334
is rewritten to PC A as:
202.106.124.185 80-192.168.11.12 1047
Generally speaking, the IP The source address is usually> 60000 and is between 61000--64999.
A checklist of IP masquerading is maintained on the firewall. Use the command / sbin / ipchains -M -L -n to see, for
example:
[root @ proxy etc] # / sbin / ipchains -M -L -n
IP masquerading entries
prot expire source destination ports
UDP 02: 18.86 192.168.11.12 205.188 .179.41 1215 (62615)-> 4000
TCP 17: 03.20 192.168.11.12 205.188.248.57 1049 (62584)-> 80
From the ports column you can check the match of the source address twice.
Port forwarding (port forwarding):
See another article in the blend article, "port forwarding by the internal network of external network services,"
the second part of the application of ways and the advantages and disadvantages of various agents of
the role of various agents of ways:
1) IP For masquerading, Squid's traditional proxy and transparent proxy are suitable for users without real IP addresses on the LAN to access the Internet.
2) Apache reverse proxy, plug-gw universal proxy, port forwarding is suitable for external users to access
the server without real IP address in the LAN .
π¦ The advantages and disadvantages of various proxy methods:
1) The advantage of Squid is that it requires few clients, as long as it can connect to the Squid server.
But each machine needs to set the proxy server IP address and port number
2) The advantage of Squid transparent proxy is that it does not need to set the proxy address and port of each client, which simplifies the
configuration of the client . However, the default gateway of each client needs to be set to Squid proxy server, and the client is required to do
DNS resolution
3) IP spoofing can be suitable for most application layer services, unlike Squid, which only supports http and ftp. The default
gateway is set to the address of the firewall. And unlike Squid, it has a cache function
4) plug-gw can proxy various servers like HTTP, POP3, etc. But Apache reverse proxy can only proxy http reverse requests.
5) Port forwarding is suitable for most services. It has nothing to do with the specific application. It is fast and implemented at the core IP layer. No special
application layer services are required to run. However, you may need to recompile the kernel.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦HOSTING BY UNDERCODE TUTORIAL FOR BEGINER
t.me/UnderCodeTesting
π¦ ππΌππ πππΈβπ :
> httpd.conf file comments for Apache ServerThe reference here is the Apache Server
1) ServerType standalone #Set whether the
server is to be started in standalone mode or by the internet server program inetd. The former is generally used.
2) ServerRoot "d: / Apache" #Set the home
directory of the server, which is used to store server settings files, error files, and log files.
3) PidFile logs / httpd.pid #When the
program starts, save the process ID (process id) of the parent process httpd in this file. This file name can be changed with the PidFile command.
4) ScoreBoardFile logs / apache_status #Set
the log files of some execution programs of the WWW server on the network.
#ResourceConfig conf / srm.conf
#AccessConfig conf / access.conf #The
contents of these two files are already included in the httpd.conf file.
5) Timeout 300 #If the
client has not been connected for 300 seconds, or the server has not transmitted data to the client for 300 seconds, it will automatically disconnect.
6) KeepAlive On #Set
whether to support the resume function.
7) MaxKeepAliveRequests 100 #Set
the number of functions that support resume transmission . The larger the number, the more hard disk space is wasted. Set to 0 for more than continuous transmission.
8) KeepAliveTimeout 15 #If
the user has not sent a request to the server after 15 seconds, then he cannot resume the transmission.
9) MaxRequestsPerChild 0
#Set the number of child processes in the same time.
ThreadsPerChild 50 #Set
the number of processes used by the server.
#Listen 3000
#Listen 12.34.56.78:80 #Allow
access to the server using another port or IP. In this example, the Port is 3000 and the IP is 12.34.56.78:80.
#BindAddress * #Set
Apache to listen on all IP, you can also specify it specifically.
#LoadModule anon_auth_module modules / ApacheModuleAuthAnon.dll
... #Open
the module that is not currently active.
#ExtendedStatus On #Set
the status information generated by the server.
π¦ The reference here is the Apache Server1_3_12_win32 version.
Port 80 #Set the port
used by the server.
ServerAdmin you@your.address #Set
the E-Mail address of the server administrator.
#ServerName new.host.name
#Host name of the server. If you have a fixed IP address, you don't need to set it.
DocumentRoot "d: / Apache / htdocs" #Set
the directory where the html files of the site are stored.
<Directory />
Options FollowSymLinks
AllowOverride None
</ Directory>
π¦ # Set / Directory directive. Specifically:
Option: defines the operations that can be performed in the directory. None means that you can only browse. FollowSymLinks allows pages to be connected elsewhere. ExecCGI allows CGI to be performed. MultiViews allows you to watch animations or listen to music. Indexes allows the server to return a formatted list of directories. Includes allows SSI. These settings can be checked. All can do anything but excludes MultiViews.
AllowOverride: Adding the None parameter means that anyone can browse the files in this directory. Other parameters are: FileInfo, AuthConfig, Limit.
UserDir "d: / Apache / users /"
#Define the directory where users store html files.
DirectoryIndex index.html #Defines
the file to be displayed first.
AccessFileName .htaccess #Define
the name of the access control file for each directory.
#CacheNegotiatedDocsDefines the
proxy server not to cache your pages. Not recommended for use.
UseCanonicalName On #The
server uses the server name specified by ServerName and the port address specified by Port.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦HOSTING BY UNDERCODE TUTORIAL FOR BEGINER
t.me/UnderCodeTesting
π¦ ππΌππ πππΈβπ :
> httpd.conf file comments for Apache ServerThe reference here is the Apache Server
1) ServerType standalone #Set whether the
server is to be started in standalone mode or by the internet server program inetd. The former is generally used.
2) ServerRoot "d: / Apache" #Set the home
directory of the server, which is used to store server settings files, error files, and log files.
3) PidFile logs / httpd.pid #When the
program starts, save the process ID (process id) of the parent process httpd in this file. This file name can be changed with the PidFile command.
4) ScoreBoardFile logs / apache_status #Set
the log files of some execution programs of the WWW server on the network.
#ResourceConfig conf / srm.conf
#AccessConfig conf / access.conf #The
contents of these two files are already included in the httpd.conf file.
5) Timeout 300 #If the
client has not been connected for 300 seconds, or the server has not transmitted data to the client for 300 seconds, it will automatically disconnect.
6) KeepAlive On #Set
whether to support the resume function.
7) MaxKeepAliveRequests 100 #Set
the number of functions that support resume transmission . The larger the number, the more hard disk space is wasted. Set to 0 for more than continuous transmission.
8) KeepAliveTimeout 15 #If
the user has not sent a request to the server after 15 seconds, then he cannot resume the transmission.
9) MaxRequestsPerChild 0
#Set the number of child processes in the same time.
ThreadsPerChild 50 #Set
the number of processes used by the server.
#Listen 3000
#Listen 12.34.56.78:80 #Allow
access to the server using another port or IP. In this example, the Port is 3000 and the IP is 12.34.56.78:80.
#BindAddress * #Set
Apache to listen on all IP, you can also specify it specifically.
#LoadModule anon_auth_module modules / ApacheModuleAuthAnon.dll
... #Open
the module that is not currently active.
#ExtendedStatus On #Set
the status information generated by the server.
π¦ The reference here is the Apache Server1_3_12_win32 version.
Port 80 #Set the port
used by the server.
ServerAdmin you@your.address #Set
the E-Mail address of the server administrator.
#ServerName new.host.name
#Host name of the server. If you have a fixed IP address, you don't need to set it.
DocumentRoot "d: / Apache / htdocs" #Set
the directory where the html files of the site are stored.
<Directory />
Options FollowSymLinks
AllowOverride None
</ Directory>
π¦ # Set / Directory directive. Specifically:
Option: defines the operations that can be performed in the directory. None means that you can only browse. FollowSymLinks allows pages to be connected elsewhere. ExecCGI allows CGI to be performed. MultiViews allows you to watch animations or listen to music. Indexes allows the server to return a formatted list of directories. Includes allows SSI. These settings can be checked. All can do anything but excludes MultiViews.
AllowOverride: Adding the None parameter means that anyone can browse the files in this directory. Other parameters are: FileInfo, AuthConfig, Limit.
UserDir "d: / Apache / users /"
#Define the directory where users store html files.
DirectoryIndex index.html #Defines
the file to be displayed first.
AccessFileName .htaccess #Define
the name of the access control file for each directory.
#CacheNegotiatedDocsDefines the
proxy server not to cache your pages. Not recommended for use.
UseCanonicalName On #The
server uses the server name specified by ServerName and the port address specified by Port.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
This media is not supported in your browser
VIEW IN TELEGRAM
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦So Now The posted Tutorials :
1) ftp service-is Pure-FTPd really strong tutorial
2) Traditional proxy, transparent proxy, plug-gw
3) Apache reverse proxy, IP masquerading full
4) HOSTING BY UNDERCODE TUTORIAL FOR BEGINER (About httpd.config
5) BIN Crunchyroll
6) BIN SCRIBD
MORE COMING LATER ...
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦So Now The posted Tutorials :
1) ftp service-is Pure-FTPd really strong tutorial
2) Traditional proxy, transparent proxy, plug-gw
3) Apache reverse proxy, IP masquerading full
4) HOSTING BY UNDERCODE TUTORIAL FOR BEGINER (About httpd.config
5) BIN Crunchyroll
6) BIN SCRIBD
MORE COMING LATER ...
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Firewall in Network :
fb.com/UnderCodeTesting
π¦ ππΌππ πππΈβπ :
> Firewall technology is an important element in network security. It is a barrier and a sentinel when communicating between the external network and the internal network. In addition to deeply understanding the types and working principles of firewall technology, as a network security manager, you should also be familiar with the configuration and maintenance of various common firewalls.At a minimum, you should know the simple configuration of the firewall:
1) Use of common personal firewall software;
2) ACL-based packet filtering firewall configuration (such as Windows-based IPSec configuration, Cisco router-based ACL configuration, etc.)
3) Firewall configuration (Ipchains / Iptables) based on Linux operating system;
4) ISA configuration;
5) Cisco PIX configuration;
6) Check Point firewall configuration;
7) VPN configuration based on Windows, Unix, Cisco router.Reference books: "Network Security and Firewall Technology", "Linux Firewall", "Advanced Firewall ISA Server 2000", "Cisco Access Table Configuration Guide", "Check Point NG Security Management", "Virtual Private Network (VPN) Refinement"
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Firewall in Network :
fb.com/UnderCodeTesting
π¦ ππΌππ πππΈβπ :
> Firewall technology is an important element in network security. It is a barrier and a sentinel when communicating between the external network and the internal network. In addition to deeply understanding the types and working principles of firewall technology, as a network security manager, you should also be familiar with the configuration and maintenance of various common firewalls.At a minimum, you should know the simple configuration of the firewall:
1) Use of common personal firewall software;
2) ACL-based packet filtering firewall configuration (such as Windows-based IPSec configuration, Cisco router-based ACL configuration, etc.)
3) Firewall configuration (Ipchains / Iptables) based on Linux operating system;
4) ISA configuration;
5) Cisco PIX configuration;
6) Check Point firewall configuration;
7) VPN configuration based on Windows, Unix, Cisco router.Reference books: "Network Security and Firewall Technology", "Linux Firewall", "Advanced Firewall ISA Server 2000", "Cisco Access Table Configuration Guide", "Check Point NG Security Management", "Virtual Private Network (VPN) Refinement"
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Facebook
UndercOde Testing Company
UndercOde Testing Company. 97 likes Β· 3 talking about this. Programming, Hacking,Security, Web & Applications Developpements, Fix Errors , Hosts, Server Security, Hacking Pentest, Phone softwares &...
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Who can give a network security learning route-THEORICAL ?
twitter.com/UnderCodeNews
π¦ ππΌππ πππΈβπ :
> Decryption and encryptionSoftware
1) encryption and decryption is a fascinating field of research, and it can be closely integrated with almost any computer technology-cryptography, programming languages, operating systems, data structures.
2) Without encryption technology, any network security is a piece of paper.
3) The application of cryptography runs through the entire network security learning process.First look at the programs in your computer. Programs written in high-level languages ββare compiled into machine language and executed in the CPU, such as Visual C ++.
4) Because machine language and assembly language have a one-to-one correspondence, machine language can be converted into assembly language. This process is called disassembly. The assembly language may be more readable, so that you can analyze the program flow and analyze its functions. This process is decryption (commonly known as cracking). In other words, the foundation of decryption is based on the assembly language level, so if you want to get involved in this field, assembly language must be learned well.
5) After the assembly is learned, it is recommended to master Win32 programming.Learning to decrypt and encrypt is very tiring, it takes a lot of time, and it will often run into a wall.
6) No progress for three or five days is very common. There is no other secret except hard work and persistence. But mastering this technology can improve your debugging skills, understand other people's program ideas, and write better programs through tracking software.Reference books: "Windows Programming", "32-Bit Assembly Language Programming in the Windows Environment", "Cryptography",
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Who can give a network security learning route-THEORICAL ?
twitter.com/UnderCodeNews
π¦ ππΌππ πππΈβπ :
> Decryption and encryptionSoftware
1) encryption and decryption is a fascinating field of research, and it can be closely integrated with almost any computer technology-cryptography, programming languages, operating systems, data structures.
2) Without encryption technology, any network security is a piece of paper.
3) The application of cryptography runs through the entire network security learning process.First look at the programs in your computer. Programs written in high-level languages ββare compiled into machine language and executed in the CPU, such as Visual C ++.
4) Because machine language and assembly language have a one-to-one correspondence, machine language can be converted into assembly language. This process is called disassembly. The assembly language may be more readable, so that you can analyze the program flow and analyze its functions. This process is decryption (commonly known as cracking). In other words, the foundation of decryption is based on the assembly language level, so if you want to get involved in this field, assembly language must be learned well.
5) After the assembly is learned, it is recommended to master Win32 programming.Learning to decrypt and encrypt is very tiring, it takes a lot of time, and it will often run into a wall.
6) No progress for three or five days is very common. There is no other secret except hard work and persistence. But mastering this technology can improve your debugging skills, understand other people's program ideas, and write better programs through tracking software.Reference books: "Windows Programming", "32-Bit Assembly Language Programming in the Windows Environment", "Cryptography",
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Twitter
UNDERCODE TESTING (@UndercodeNews) | Twitter
The latest Tweets from UNDERCODE TESTING (@UndercodeNews). πΈππ§πππππ & πΈππ¨ππͺπ€ ππ‘πππ₯ππ. Lebanon-North
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What is Protocol layer security ?
fb.com/undercodeTesting
π¦ ππΌππ πππΈβπ :
1) Protocol layer securityProtocol layer security mainly involves content related to the TCP / IP layered model, including the working principles and characteristics of common protocols, defects, protection or alternative measures, and so on. There are many reasons why a system learns TCP / IP.
2) To properly implement firewall filtering, security administrators must have a deep understanding of the IP and TCP / UDP layers of TCP / IP, and hackers often use parts of the TCP / IP stack or to breach network security. So you must also understand these things clearly
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What is Protocol layer security ?
fb.com/undercodeTesting
π¦ ππΌππ πππΈβπ :
1) Protocol layer securityProtocol layer security mainly involves content related to the TCP / IP layered model, including the working principles and characteristics of common protocols, defects, protection or alternative measures, and so on. There are many reasons why a system learns TCP / IP.
2) To properly implement firewall filtering, security administrators must have a deep understanding of the IP and TCP / UDP layers of TCP / IP, and hackers often use parts of the TCP / IP stack or to breach network security. So you must also understand these things clearly
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 updated topic > Create native Mac applications from command line scripts
t.me/undercodeTesting
π¦ ππΌππ πππΈβπ :
>https://github.com/sveinbjornt/Platypus (official git)
>open term and type brew cask install platypus
π¦Features
1) Supports shell scripts, Python, Perl, Ruby, PHP, Swift, Expect, Tcl, AWK, JavaScript, AppleScript or any other user-specified interpreter
2) Apps can display graphical feedback of script execution as a progress bar, text window with script output, droplet, WebKit HTML rendering or status item menu
3) Apps support receiving dragged and dropped files or text snippets, which are then passed to the script as arguments
4) Apps can execute scripts with root privileges via the macOS Security Framework
5) Apps can register as handlers for URI schemes
6) Apps can be configured to run in the background (LSUIElement)
7)Set own application icon or select from presets
8) Set app's associated file types, identifier, version, author, etc.
9)Graphical interface for bundling support files with the script
10) Command line tool for automation and build process integration
"Profiles" can be used to save app configurations
11) Built-in script editor, or linking with external editor of choice
Extensive documentation and many built-in examples to help you get started
12) Fast, responsive native app written in Objective-C/Cocoa
π¦Tested by UnderCode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 updated topic > Create native Mac applications from command line scripts
t.me/undercodeTesting
π¦ ππΌππ πππΈβπ :
>https://github.com/sveinbjornt/Platypus (official git)
>open term and type brew cask install platypus
π¦Features
1) Supports shell scripts, Python, Perl, Ruby, PHP, Swift, Expect, Tcl, AWK, JavaScript, AppleScript or any other user-specified interpreter
2) Apps can display graphical feedback of script execution as a progress bar, text window with script output, droplet, WebKit HTML rendering or status item menu
3) Apps support receiving dragged and dropped files or text snippets, which are then passed to the script as arguments
4) Apps can execute scripts with root privileges via the macOS Security Framework
5) Apps can register as handlers for URI schemes
6) Apps can be configured to run in the background (LSUIElement)
7)Set own application icon or select from presets
8) Set app's associated file types, identifier, version, author, etc.
9)Graphical interface for bundling support files with the script
10) Command line tool for automation and build process integration
"Profiles" can be used to save app configurations
11) Built-in script editor, or linking with external editor of choice
Extensive documentation and many built-in examples to help you get started
12) Fast, responsive native app written in Objective-C/Cocoa
π¦Tested by UnderCode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ xss vulnerabilities everyone should know by undercode :
> When reading materials about XSS, we usually see the classic <script> alert (1) </ script> as proof of this vulnerability (PoC-Proof of Concept). Although it is correct, it does not go beyond this range, which allows novices in the field to find more solutions to deal with this situation. Therefore, this is something everyone should know and be able to exploit the 7 XSS vulnerabilitiesare :
fb.com/undercodeTesting
π¦ ππΌππ πππΈβπ :
1) At the beginning of the source code, there is an HTML comment with all the parameters used to trigger each case, and they apply to both GET and POST requests.
2) We can see that all cases are source-based, which means that the injection always appears in the source code retrieved by the HTTP response body. Independent of the types being reflected or stored, what matters here is the context in which they appear when displayed, so we will always use the reflected type as the main example. Some XSS flaws do not appear in the source code, and DOM-based flaws are not covered here.
> Remember to try the following example only in browsers without local XSS filtering (such as Mozilla Firefox ).
3) URL reflection
When the URL is reflected somehow in the source code, we can add our own XSS vector / payload to it. For PHP pages, you can use a slash (/) to add anything in the URL after the page name (no changes needed).
> check out undercode picture sended here
The leading label dash (">") needs to be used to break through the current label so that we can insert a new label.
>Although there are multiple reasons for using different languages ββ(reflection may also appear in path or URL parameters), for PHP, the reason is usually the global variable $ _SERVER ["PHP_SELF"] in the action field of the submit form
π¦ xss vulnerabilities everyone should know by undercode :
> When reading materials about XSS, we usually see the classic <script> alert (1) </ script> as proof of this vulnerability (PoC-Proof of Concept). Although it is correct, it does not go beyond this range, which allows novices in the field to find more solutions to deal with this situation. Therefore, this is something everyone should know and be able to exploit the 7 XSS vulnerabilitiesare :
fb.com/undercodeTesting
π¦ ππΌππ πππΈβπ :
1) At the beginning of the source code, there is an HTML comment with all the parameters used to trigger each case, and they apply to both GET and POST requests.
2) We can see that all cases are source-based, which means that the injection always appears in the source code retrieved by the HTTP response body. Independent of the types being reflected or stored, what matters here is the context in which they appear when displayed, so we will always use the reflected type as the main example. Some XSS flaws do not appear in the source code, and DOM-based flaws are not covered here.
> Remember to try the following example only in browsers without local XSS filtering (such as Mozilla Firefox ).
3) URL reflection
When the URL is reflected somehow in the source code, we can add our own XSS vector / payload to it. For PHP pages, you can use a slash (/) to add anything in the URL after the page name (no changes needed).
> check out undercode picture sended here
The leading label dash (">") needs to be used to break through the current label so that we can insert a new label.
>Although there are multiple reasons for using different languages ββ(reflection may also appear in path or URL parameters), for PHP, the reason is usually the global variable $ _SERVER ["PHP_SELF"] in the action field of the submit form
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
π¦2) Simple HTMLi (HTML injection)
The simplest input is reflected directly in the code between or after existing tags. No need to escape or break anything, any simple XSS vector (such as <tag handler = jsCode>) will do the job.
3)Inline HTMLi
Almost as simple as the previous one, but preceded by a lowercase ">" to break the current label.
4) Inline HTMLi: no broken tags
When the input is placed in an HTML attribute and the filter condition is greater than the character (>), the current tag cannot be broken as in the previous case.
The simplest input is reflected directly in the code between or after existing tags. No need to escape or break anything, any simple XSS vector (such as <tag handler = jsCode>) will do the job.
3)Inline HTMLi
Almost as simple as the previous one, but preceded by a lowercase ">" to break the current label.
4) Inline HTMLi: no broken tags
When the input is placed in an HTML attribute and the filter condition is greater than the character (>), the current tag cannot be broken as in the previous case.
This will turn the value off and provide space for inserting the onmouseover event handler. Point to alert (1) followed by double slashes to comment out the hanging quotes. When the victim points the mouse to the affected input field, a js popup window will be triggered.