Postale Emaile

This is interesting my signature went to limbo, which is a good thing in this blog, but it is useful in a forum and shit like that.
but it can be done here just a few modifications.

Re: Authentication:This is it!

> This is it! Nobody can pretend to be me, I authenticated it, From now on at
> least I signed what I posted
> This should be an SOP so the scammer cannot get through on this. I am a
> little bit worried where should
> I store my private key. You know technology sucks sometimes if you lost it
> even though you know the password
> I won't make as my official pub key. At least it is spoof resistance for
> now.
>
Should I try a better ones?

Authentication:This is it!

This is it! Nobody can pretend to be me, I authenticated it, From now on at least I signed what I posted
This should be an SOP so the scammer cannot get through on this. I am a little bit worried where should
I store my private key. You know technology sucks sometimes if you lost it even though you know the password
I won't make as my official pub key. At least it is spoof resistance for now.

I'm stupid more than I thought

It takes courage and humility to accept you are wrong to the things you thought you were right. It is a fucking cognitive dissonace,
It is self inflicting paradox, I just haven't realized this thing as I grew older I should have known better and do better. As I get older
and death is waving at me from afar, I just feel regret in many things, and say cliche things, you know.
I should decide to break this bad habit of mine, that I am too slow, that I scrutinize things or overthink I acquired this habit in my mid 20s
'cause when I was younger I tend to believe things right away when I was in my teens, I was 19 that time I didn't grew up in good neigborhood
I let's say was not in the good crowd and then I decided to get rid of it, I am grateful it helped me a lot. And decide to associate myself
to a better crowd. It is like a school there is no perfect school, they have their own pros and cons.

I should decide when I think it's better because at the end of the day it's my life, I should know it better than anyone else.

Apolitical Virus

I've been so apathetic or let's say I wasn't care about politics until the
pandemic sored our lives and the decisions of the government officials
is a big thing it will make a big impact whether it is good or bad.

We were envy New Zealand so much its leaders listened to science and set
aside the politics and made a good outcome for their people.
Most of Nations leader failed to handle downplayed the seriousness of Covid-19 until hits our

It made people lives harder, until now as I write this down China is having lockdown
until now.

Let's get back what I was saying about being apolitical, it made me realized
the we should choice wisely who will be become our leaders because it will
affect us if they failed, we should choose the wise and sane leaders those
pragmatic ones, the ones who do their job.

So I care about politics now.

Testing Mutt

Yeah just a test mutt

Torture=Culture

I cannot confess it publicly, I would be ridiculed. In my culture if you are a little bit
deviant you will be considered weird, or unusual. There is a little or total absence of concept
of introversion, personal space and mental health is ridicously downplayed, or unaccepted or
something to be embarassed.
Critical thinking is foreign, you should have go with the flow, which is sucks.
In my culture people love drama, we are having fascination, more than adulation it is almost
worshipping someone, we are having cult behavior, it seems like it ingrained in our DNA.
We love the personality the idolism or idolatry more than the concept.
We are like those minions who always seek for a leader. I guess we would never learn in the
next 100 years.

RTOS - Real Time O.S.

Real Time Operating System it is cool thing for critical device and infrastructure, from self-driving car to medical equipment to war machines. It is an O.S. for critical device when you are talking about nano seconds. It is differ from known operating system
that we use commercially at home, for our games (GPOS General Purpose Operating System). When it come to multi tasking RTOS is the real deal. I want to learn this stuff, we can say it is a little bit too late to me, but if will make me happier why not?

Wether or not it is the Weather

The weather today is getting weirder and weirder, there are days that so sweaty and colder the next day
and hotter in noon. Climate change is real!
--
Weather report: Bay, Philippines

 \ / Partly cloudy
 _ /"".-.  +25(28) °C
 \_( ).  ← 9 km/h
 /(___(__)  10 km
0.0 mm

Twitah

I've heard the news about When Elon Musk acquired twitter and fires 50 percent of its employees, it doen't sound sane to me, but it looks like there is something....will he rebranded it to something else?

Humanity

As human being there are thing that you couldn't just take away from you, even you know
what is right and what is wrong, sometimes you couldn't just do right thing when
egotism takes over your decision. You know narsicism is not always good to you but
it prevails when you are threaten.
The moral lesson you couldn't just view the humanity to the point of view you
already knew, it evolves, it devolves, it changes all the time. I guess it takes
more than a life time to know what is like to be a human.
We thought we learned about Hitler about world war I and II swear to ourselves that it won't happen
again, and yet there is war in eastern Europe and threaten the humanity with WORLD WAR III, this time
with Nuclear Bombs!
This important thing I learned: Dictatorship and Authoritarianism will not think about humanity.
Nobody but, nobody but us will annihilate ourselves!

Human

Human As human being there are thing that you couldn't just take away from you, even you know

The moral lesson you couldn't just view the humanity to the point of view you
already knew, it evolves, it devolves, it changes all the time. I guess it takes
more than a life time to know what is like to be a human.

We thought we learned about Hitler about world war I and II swear to ourselves that it won't happen
again, and yet there is war in eastern Europe and threaten the humanity with WORLD WAR III, this time
with Nuclear Bombs!

This important thing I learned: Dictatorship and Authoritarianism will not think about humanity.
Nobody but, nobody but us will annihilate ourselves!

Missiles

Today, I've heard the news about Russian missiles hit Poland, it is not confirmed if this is deliberate or just
an accident. They are talking about it right now. Again it is about to be confirmed.
If NATO will involve it means a bigger war in Europe.

Telephone Number

Telephone Number verification can cause more problem than a solution It threatens one's privacy, you jeopardize more when
you lose your device or you forget about it and it ends in the wrong hand, there are people here buying broken cellphone that you
forget your emails and some of your credentials picture (It could be compromising ones).

Picture you shouldn't share to public. But the unwary people just sell and saying there's nothing to worry about because they delete those compromising thing,
but they neglect or unknown to them that there is a chance that deleted files in the computer could be recovered.

But those unlogged Facebook, Instagram accounts, emails could be compromised once they fix the phones you sold to them. We should removed the device
storage if we are desperate sell them.

TEXT MESSEGE

Text messages becoming thing in the past
because social media´s messaging system it kills
the SMS

Soy Un Pendedor

I cant say anything about by the way
--
Tue Nov 15 02:16:02 PST 2022

Existential crisis

The opposite of this thing are those people who want quit this life they don´t even bothered about it.

Personal E-mail Server is Dying

The major mail servers discriminating personal mail servers it blocks them or it dinies them. And The social media becomes the major communications medium between people and it becomes very voyeur

Javascript less

When java becomes thing it eats some of our computing resources and it keeps going. what good about javascript less site it uses less resources and it is more faster

Uploaded textfile blog

I uploaded text files and becomes a blog that is a nice things in the time of
vloggers I am here in the old school blogging. I like videos I am now a telegenic guy
Expect me to upload more, because I've lost a lot of knowledge dump that's what i all it
to this cheatsheet

Linux Journal Copy Cat

CHEATCODES
GNU/LINUX RAMB MANUAL,TWEAKS AND TRICKS

INTRODUCTION:
Many people is misconcepted or misinformed about LINUX. Linux is not an O.S. but it is a kernel. It is useless when it is used alone it needs distros to make it a powerful operating system.There are are many Linux-Distros--Debian, Slackware, OpenSuse, Fedora, Gentoo, Ubuntu, Red Hat, CentOS, Kali and the list goes on and on everyday.Many of us have no clue that Android O.S. use LINUX kernel or else it will be just a cripple. Many of us don’t recognize how powerful a linux distro is. Most of us are not aware that 85 to 97 percent of websites in the wold run in Linux Distros.

WHY I WROTE THIS?:
I wrote this for a personal reason. Linux is good when it comes to security but is hard to use ---> It will be only hard If you don’t know what to do. Just invest some brain cells and it will be useful.Hoping would be a beginning for those who just learning the ropes.I intend it to be cheatsheet for newbie.Empirical Experience there are many times I have been in a forum, not all the posts there are useful. I chose the best of
them. So I have a reference when it comes tweaking.My last reason. I don’t want to forget it.

I. MAY COMMAND LIVE AND PERSIST
Don’t get intimidated by black screen and flickering green text on screen like those we’ve seen on those Hacker movies and claim to be a
super genious. Those overated and bullshits.

CLI --> Command Line Interface. CLI is useful use lesser memmory unlike its opponent GUI (Graphical Use’s Interface) use much memmory

BASH or Bourne Again SHell:A Linux/Unix shell that you type your command there are alternatives like xterm and konsole. The counterpart of bash in Windows is Batch files like Batch file, BASH does not need to be compiled to run. it just runs, and could change the code on the fly.

One of the useful tool Xterm shell is the crontab. I used to delete those files over and over again with this tool you can elimate
those habitual deletion of file and saves a lot times. In Linux shell type “crontab -l”
in my case : this is my crojobs it includes of the file path of my bash script---xhistory.sh
To edit the crontab type the “crontab -e" on linux shell

johndoe@linuxdistros:~$ crontab -e
Put the following lines of command and save it then restart your machine. It supposed to
work.

#every 15 minutes the machine will execute this bash script file
*/15 * * * * sh "/home/john/cronjobs/xhistory.sh"

And the xhistory.sh contains the following lines of script commands.

#It fills .bash_history with ramdom characters for 34 times
shred -n 34 "/home/charm/.bash_history"
#Then emptying the file by filling with null bytes

cat /dev/null > /home/john/.bash_history
history -c
history -w

shred -n 34 "/home/john/.local/share/recently-used.xbel"
cat /dev/null > /home/john/.local/share/recently-used.xbel

shred -n 34 "/home/john/.config/smplayer/smplayer.ini"
cat /dev/null > "/home/john/.config/smplayer/smplayer.ini"

The exections secure delete the contents of history files. It is a little bit
counter hacking but it is good when you used it mysql shell, rlogin, ssh passwords
it prevents the attacker to exploit you passwords. And one more thing it saves disk space.
Minute Hour Day MONTH YEAR commands
* * * * * /root/run_me.sh

HARDENED NETWORK SECURITY

iptables --> it is a very versatile firewall native in linux kernel. You don’t need to install a a 3rd party software, you just need
know how it works

YOUR SECURITY IS VITAL. You could avoid hackers scanning and launching ARP Network poisoning (Like wifikill on android devices )
which can cut you out from internet. And the worse is they can still information, passwords and even credit card number by
launching ssl strip tools. You could avoid that and become stealth in a network like in a public internet network.
Somebody can ping scan your machine your machine and that is start of the vulnerability. You are also vulnerale of what they call it
“Ping of death” which is a kind of DOS (Denial of Service) Attack and MITM (Man inn The Middle Attack) Attak which can totally strip naked
your privacy and it allows someone to steal your passwords in the site your visited. You could avoid those threat by utilizing
the following commands in linux system shell.

NOTE: It requires root access

#DISALLOWING REMOTE ACCESS in x11
root@linuxshell:~$iptables -A INPUT -p tcp --destination-port 6000 -j REJECT
root@linuxshell:~$iptables -A OUTPUT -p tcp --destination-port 6000 -j REJECT
root@linuxshell:~$ip6tables -A INPUT -p tcp --destination-port 6000 -j REJECT
root@linuxshell:~$ip6tables -A OUTPUT -p tcp --destination-port 6000 -j REJECT

#Disallowing ping from someone. Your machine rejects ping it does not reply.
root@linuxshell:~$iptables -A INPUT -p icmp --icmp-type echo-request -j REJECT
root@linuxshell:~$iptables -A OUTPUT -p icmp --icmp-type echo-reply -j REJECT
iptables -A INPUT -s 192.168.1.103 -J DROP --> Drop all packets from specific IPaDD

To Check it out if the code works

root@linuxshell:$ iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
REJECT tcp -- anywhere anywhere tcp dpt:x11 reject-with icmp-port-unreachable
REJECT icmp -- anywhere anywhere icmp echo-request reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
REJECT tcp -- anywhere anywhere tcp dpt:x11 reject-with icmp-port-unreachable
REJECT icmp -- anywhere anywhere icmp echo-reply reject-with icmp-port-unreachable

This one will prevent your machine from WifiKill and MITM and DOS attack in Local Network.
NOTE: It requires root access.
This one is wlan or wifi

root@linuxshell:~$echo "1" > /proc/sys/net/ipv4/conf/wlan0/arp_ignore
root@linuxshell:~$echo "8" > /proc/sys/net/ipv4/conf/wlan0/arp_announce

This one is for LAN or Ethernet card:
root@linuxshell:~$echo "1" > /proc/sys/net/ipv4/conf/wlan0/arp_ignore
root@linuxshell:~$echo "8" > /proc/sys/
net/ipv4/conf/wlan0/arp_announce

#######################################
YOU SHOULD TRY sysctl -a
You can set some firewall rules
and it retains even the system is restarted
the path of config file is
/etc/sysctl.conf
######################################

HARDENED PRIVACY ( needs to be edited)

In this section I will tackle more advance security. If you are an average internet users you don’t need to do this stuff, but if you are a journalist, eloectronic privacy
advocate or a wistleblower you want to expose some corruptions and it is definitely a matter of life and death. You have to be careful I advice to turnoff your swap before encrypting files and send it to someone.

I highly recommend to use “Tails” linux distro. A bootable OS can be booted on usb and CD. But if you want to leave any digital fingerprint and you want to hide an
incriminating data. (just google it)

After your machine boot up. Do this first in Linux Shell.

swapoff -a

a - all. turn of swap totaly
you can check it out by: typing the following command on Bash
htop - swap memmory should appear 0.
freem -a

The swap memmory also can be encrypted. just google it.

Creation of 6MB file
dd if=/dev/urandom of=swapfile.crypt bs=1M count=64
loop=$(losetup -f)
losetup ${loop} swapfile.crypt
cryptsetup open --type plain --key-file /dev/urandom ${loop} swapfile
mkswap /dev/mapper/swapfile
swapon /dev/mapper/swapfile

The result:

# swapon -s
Filename Type Size Used Priority
/dev/mapper/swap0 partition 4000176 0 -1
/dev/mapper/swap1 partition 2000084 0 -2
/dev/mapper/swapfile partition 65528 0 -3

swap0 and swap1 are real partitions.
shareimprove this answer
edited Feb 12 '13 at 22:39
cjm
20.3k57073
answered Feb 12 '13 at 21:10
ott--
7661512

5

This Configuration uses randomly generated keys at boot and will not support Hibernation to hard disk! You Should Disable Hibernation through your respectie DE Power Management Utility and set it to Shutdown on Critical to avoid Data Loss!

Make sure to run sudo -s or su before running the following.

Disable Swap:

# swapoff -a

Locate the existing Swap Partition

# lsblk

You will get something like this:

sda3 8:3 0 8G 0 part [SWAP]

Overwrite Old Swap

# dd if=/dev/zero bs=1024000 of=/dev/sda<#>

for example:

# dd if=/dev/zero bs=1024000 of=/dev/sda3

fstab setup

# vim /etc/fstab

Replace old SWAP device with crypttab mapper name: /dev/mapper/cswap

#<file system> <mount point> <type> <options> <dump> <pass>
/dev/mapper/cswap none swap pri=1,defaults 0 0

Crypto Setup

# ls -lF /dev/disk/by-id

For Example:

ata-HGST_HTS545050A7E680_TEK55D4F0BU3GV-part3 -> ../../sda3

# vim /etc/crypttab

# <name> <device> <password> <options>
cswap /dev/disk/by-id/ata-HGST_HTS545050A7E680_TEK55D4F0BU3GV-part3 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256

Active Encrypted Swap

# reboot

Verify Enctypted Swap Operations

For example:

# dmsetup -C info
cswap 253 0 L--w 2 1 0 CRYPT-PLAIN-cswap
# lsblk
â"œâ"€sda3 8:3 0 8G 0 part
â"‚ â""â"€cswap 253:0 0 8G 0 crypt [SWAP]
# cat /proc/swaps
Filename Type Size Used Priority
/dev/dm-0 partition 8385532 0 -1

####################################################################
ENVIRONMENTAL VARIABLES

You can also edit environmental variables. In your home directory search for .bahrc
if there’s none in existence make one. This is a cool thing you can decide what you wanted
to do with your bash shell environment. Open “.bashrc" and add this line:
PS1='\u@\h:\w\$ '

When you open the cosole the display would be like this.

john@bashshell:~$

you can just change it whatever you want to do with it like:
PS1='\u@\h:\w\# '

It results:
john@bashshell:~#______

There is another one useful for changing environmental variables.
this one is like a starup folder in windows.

open the file path /etc/profile.d/

If you ought to install software in another folder besides the nstandard installation folder (like your new downloaded firefox you want it to install in other folder like an encrypted disk beside the standard disk)you have to change the environmental variables like in this case the java is installed in none standard way. you can check it out by typing “which java” in my case java could not found because it is installed in none standard way.
First I move The jkd7 folder from /usr/lib64/jdk7 to /usr/jdk7 (you can also do this in umounted devices encrypted volume like truecrypt and luks you program runs there)

if i type java -version in bash I recieve this
bash: java: command not found

This the original path
#!/bin/sh
export JAVA_HOME=/usr/lib64/jdk7
export PATH='/usr/lib64/jvm/bin:/usr/lib64/jvm/jre/bin:/usr/lib64/jvm/bin:/usr/lib64/jvm/jre/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/usr/games:/usr/lib64/kde4/libexec:/usr/lib64/qt/bin'

This is the modified path
#!/bin/sh
export JAVA_HOME=/usr/jdk7
export PATH='/usr/jdk7/bin:/usr/jdk7/jre/bin:/usr/jdk7/bin:/usr/jdk7/jre/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/jdk7/bin:/bin:/usr/games:/usr/lib64/kde4/libexec:/usr/lib64/qt/bin'

restart your machine.
on conssole type: java -version
Java version "1.7.0_55"
Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.55-b03, mixed mode)

You supposed to see the java vesion. In that case it should work all the way.

feb 3, 2016
If you want to torrify your download. run tor first and do the
next step: this time i download the file with name “youtube-dl”
i tunnel the connection in TOR using socks5
curl --socks5-hostname 127.0.0.1:9150 http://youtube-dl.org/latest/youtube-dl -o youtube-dl

The good thing about “curl” if the download is interupted or experinced disconnection you can still resume your download. if the file is too large and you want continue the download the next day you can still resume the remaining bytes.

OPENSSL OPEN SSL
There was something in my machine always bothering me I can’t install
openssl properly it was always butt-in the older installed ssl version
the problem is I was so stupid that I din’t think about the path name of the old one just to overight my machine is a little bit eccentric it din’t install openssl in the standard directory so i have no configure the installation first this is the path that work in my machine: ./config --prefix=/usr/local --openssldir=/usr/local/openssl
./config
make
make test
make install

I just browsed it on the web I don't know if it is working

HOW TO ANONYMIZE FIREFOX on 2010-08-10

wrote :

change in about:config

browser.download.manager.scanWhenDone = false
browser.send_pings = false
dom.disable_window_open_feature.menubar = true
dom.disable_window_open_feature.scrollbars = true
intl.accept_charsets;utf-8
intl.accept_languages;en
intl.charset.default;utf-8
intl.charsetmenu.browser.cache;UTF-8
keyword.enabled = false
layout.css.visited_links_enabled = false
network.http.sendRefererHeader;0
network.http.accept.default;*/*
network.prefetch-next = false
network.proxy.socks_remote_dns = true

########################################################################

add to about:config (for faking the user agent)

new - string: general.useragent.override - value: Mozilla/5.0 (en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2

########################################################################

change settings
(in firefox 3.5 and higher first choose "user default" to change some settings)

javascript:disabled
java: disabled
history: disabled
chronicle: disabled
save data: disabled
cookies: disabled
clear private data: enabled (all)
remember passwords: disabled
offline storage: 0 mb cache

########################################################################

search engines disable/uninstall

PACKET WARS
#to forward the traffic to your machine between your target and router.
echo 1 > /proc/sys/net/ipv4/ip_forward

MORE ABOUT NETWORK SECURITY
SSH - Safe shell. A future network admin should know how to use telnet, rlogin , sftp, gopher and ssh.
Safe shell is secure. You should know how configure ssh server and client for encrypted connection. In my case I
use OpenSSH for BSD
https://archive.is/o/zCaQN/www.ssh.com/support/documentation/online/ssh/adminguide/32/Generating_the_Host_Key.html
-----------------------------------------------
SSH PROXY connection

ssh -p 443 -C2qTnN -D 52233 skyssh.com-florp@146.185.160.149


ssh -D 12345 myuser@remote_ssh_server
SOCKS Host: 127.0.0.1 port: 12345 (I, actually, used 8080) with
ssh -C2qTnN -D 8080 user@my_server

create.sshgoogle.com
fastssh.com
skyssh.com

sshagan.net
go-ssh.com

http://www.phcorner.net
un: json***
pw: cro*****

tcpvpn.com
bestvpnssh.com
mytunneling.com
createssh.com


ssh -C2qTnN -D 8080 -p 443 skyssh.com-anonme@188.166.190.87

ssh -C2qTnN -D 51234 skyssh.com-krang@45.32.147.45
-------------------------------------------------------------------------------------

PUT YOUR WIRELESS CARD IN MONITOR MODE
(It depends on your wlan card if it is supported listening or monitor mode.

ON YOUR SHELL
ifconfig wlan0 down
iwconfig wlan0 mode monitor
ifconfig wlan0 up

ifconfig wlan0 down
iwconfig wlan0 mode managed
ifconfig wlan0 up


#redirect all of torify's traffic to localhost
sudo iptables -t nat -A OUTPUT -m owner --uid-owner torify -j DNAT --to-destination 127.0.0.1
#allow vm to access privoxy, tor
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -p tcp --dport 8118 -j ACCEPT
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -p tcp --dport 9050 -j ACCEPT
#allow tor to access vm
sudo iptables -A OUTPUT -o lo -m owner --uid-owner debian-tor -p tcp --dport 5022 -j ACCEPT
#if we allow it outgoing, allow it incoming and don't interfere with prior connections
sudo iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -p tcp -m state --state RELATED -j ACCEPT
sudo iptables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -m state --state RELATED -j ACCEPT
#don't let anything access vm on localhost
sudo iptables -A OUTPUT -o lo -p tcp --dport 5022 -j DROP
#don't let torify snoop around on listening localhost ports
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -j DROP
#don't allow external machines to access vm
sudo iptables -A INPUT ! -i lo -p tcp --dport 5022 -j DROP
#drop all torify traffic failsafe and protocol agnostic
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -j DROP

To make sure the rules stay after reboot, type the following command: sudo iptables-save
Next we'll need to make sure Privoxy works with Tor. Type this command: sudo gedit /etc/privoxy/config
Delete everything in the file and replace it with this:
# Generally, this file goes in /etc/privoxy/config
#
# Tor listens as a SOCKS4a proxy here:
forward-socks4a / 127.0.0.1:9050 .
confdir /etc/privoxy
log /etc/privoxy
#actionsfile standard # Internal purpose, recommended
#actionsfile default # Main actions file
#actionsfile user # User customizations
#filterfile default.filter
# Don't log interesting things, only startup messages, warnings and errors
#logfile logfile
#jarfile jarfile
#debug 0 # show each GET/POST/CONNECT request
#debug 4096 # Startup banner and warnings
#debug 8192 # Errors - *we highly recommended enabling this*
user-manual /usr/share/doc/privoxy/user-manual
listen-address 127.0.0.1:8118
toggle 1
enable-remote-toggle 0
enable-edit-actions 0
enable-remote-http-toggle 0
Now, type this command:

sudo /etc/init.d/privoxy restart


Well, that didn’t work like intended. We dropped ARP related traffic to the IP address, but not on IP level. This is also visible in the arp -n list:
root@ubuntu:/data# arp -n
Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.1.20             ether   00:a7:22:23:d1:f3   C                     eth0
192.168.1.1              ether   d8:d7:21:22:5a:f4   C                     eth0
So to make this work, we simply have to flush the ARP cache. We delete the related ARP entry:
root@ubuntu:/data# arp -d 192.168.1.1
root@ubuntu:/data# arp -n
Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.1.20             ether   00:a7:22:23:d1:f3   C                     eth0
192.168.1.1                      (incomplete)                              eth0


Specific traffic filtering
Back to our original mission: only allow our router to exchange ARP packets.
root@ubuntu:/data# Block ARP traffic from all machines (default: DENY)
arptables -P INPUT DROP

root@ubuntu:/data# Allow router (fixed ARP)
arptables -A INPUT --source-mac d8:d7:21:22:5a:f4 -j ACCEPT
All ARP packets are blocked now. Each system which will transmitting traffic will end up as an (incomplete) entry.
Enable all ARP traffic
If we want to allow traffic again:
root@ubuntu:/data# arptables -P INPUT ACCEPT
root@ubuntu:/data# arptables --flush
Flushing the full ARP cache can be done with ip utility:
root@ubuntu:/data# ip -s neighbour flush all
Conclusion
Arptables is a very powerful utility to filter traffic and avoid an unexpected router taking over our connectivity. However, keep in mind that connectivity is not fully blocked. Only ARP traffic is blocked (layer 2/3 on the OSI model). If someone is able to manually add an entry to the ARP table, traffic is able to flow again.

One hardening trick I like is to turn off ARP completely with:
ip link set dev eth0 arp off
Then add a static ARP entry for the router so you can get to that:
arp -s 10.0.0.2 00:0c:29:c0:94:bf

------------------------------

gpg --keyserver pgpkeys.mit.edu --recv 8B48AD6246925553

#######################
To update java download java.33.3..gz and extract the files in the current directory of java installation just a sort of copy and paste
######################################
you could secure delete klipboard it is located in /.kde/ but you can disable the saving in klipboard in options

Set Environmental variables
export MYHOME=/mnt/live/memory/data/AdwCleaner/

###############################
# TO DISABLE BASH HISTORY PERMANENTLY #
# echo 'set +o history' >> ~/.bashrc #
###############################

JUST DISABLE HISTORY IN A CURRENT SHELL

set +o history

##############################################
The OpenSSH 7+ does not support deffie-hellman handshake by default
you should config it or type it specifically in CLI. And does not display the key in md5 hexadecimal string format but a series of gibberish. To make it work in that way one should edit this config as I explain below:

/home/user/.ssh/config
Host 192.168.1.1
KexAlgorithms +diffie-hellman-group1-sha1
FingerprintHash md5

/home/user/.ssh/config
What I did is to make something in old format md5 display and old
Host * # anyhost
ForwardX11 yes
Compression yes
X11 is also cool thing
==============================
Linux command line show directory sizes
du -sh *
http://112.203.90.24//admin/pldt.asp --might be exploited
=========================================
LEARNING APACHE MORE
This is substantial
http proxy using apache “proxy-html.conf <--Im gonna study about that



f2592419@mvrht.comf2592419@mvrht.com

=================================
DNS/NameServer
I find a more effective way to customize dns server

=========================================================
#add into .bashrc
genpasswd() {
local l=$1
[ "$l" == "" ] && l=16
tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs
}

===============================================================================

unix tools
fc ---edit .bash_history
LINUX/unix MONITORING TOOLS
iptraf --network
top --process
vmstat --process
iostat
iftop --network
du -sh * --> show directory sizes
1. Fire up airodump-ng, lock to the channel that has the network AP you are interested in.
2. Note the BSSID of the AP and the MAC of a connected client.
3. Use aireplay-ng to force a deauth. Since Association and Re-Association packets contain the SSID whether hidden or not,
when the client reconnects, your airodump-ng session should capture the SSID and report that in your session window.
Basic syntax is:
aireplay-ng -0 3 -a $BSSID -c $CLIENTMAC $INTERFACE
aireplay-ng --ignore-negative-one -0 30 -a C4:6E:1F:48:DB:E4 -c 04:1B:BA:44:A3:E8 mon0
aireplay-ng --ignore-negative-one -0 -a 00:13:33:F3:84:9B -c 9C:B7:0D:26:0D:59 mon2
B315_9487D



root@bt:~# /pentest/password/jtr/john --stdout --incremental:all | aircrack-ng -b 00:19:5B:52:AD:F7 -w - /tmp/wpa2*.cap



-----------------------------------------------------------------------------------------------------------------------------------
iptables -I FORWARD 5 -s 10.42.0.52 -p tcp -m quota --quota 104857600 -j ACCEPT
456 iptables -I FORWARD 1 -s 10.42.0.52 -p tcp -m quota --quota 104857600 -j ACCEPT
457 iptables -I FORWARD 2 -s 10.42.0.52 -j DROP
------------------------------------------------------------------------------
Conserning about bandwith quota In my own machine not the forwarding or shared
connections ones. this is 20 mb limit 20 971 520
iptables -A INPUT -p tcp -m quota --quota 20000000 -j ACCEPT
iptables -A INPUT -j DROP

1000/1024 bytes = 1 kb

 1 MiB = 220 bytes = 1024 kibibytes = 1048576bytes

ssh -C2qTnN -D 8090 usrname@hostname -p 443

###################################################
NETWORK SECURITY!
MITM NO PROBLEM IGNORE ICMP OR BROADCAST REQUEST
Add the following line “/etc/sysctl.conf”

Ignore ICMP request:
net.ipv4.icmp_echo_ignore_all = 1
Ignore Broadcast request:
net.ipv4.icmp_echo_ignore_broadcasts =1
#load new setting by typing the following command# sysctl -p

to show all the rules: sysctl -a

IT IS ALSO A GOOD THING IF YOU DISABLE YOUR IPV6 IF YOU DON'T
USE IT:
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6

another method permanent effect edit the following file:
/etc/sysctl.conf
#with this lines
#disable ipv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

#############################################

CREATING A BOGUS SSID OR AN EVIL TWIN
airbase-ng -a 00:09:5B:6F:64:1E --essid
"Fakeaccesspoint" -c 11 mon0

#########################################################
miselenious tricks display time in the upper left of the terminal
while sleep 1;do tput sc;tput cup 0 $(($(tput cols)-29));date;tput rc;done &

07/05/17 07:30:58 PM
Adding the rule
iptables -A OUTPUT -p udp --dport 53 -j DROP

removing the rules
iptables -D OUTPUT -p udp --dport 53 -j DROP
Sunday, November 12, 2017
If you were having a problem in your default DNS server e.g. your pesky router. Just dont forget the resolve.conf in “/etc/resolve.conf”
and add the following line:

nameserver 8.8.8.8 #invoking google server as you dns server

##########################################################################
What’s more surprising I solved a long time problem in sshd put it in booting up. And might solve other problem like putting httpd servic in startup
just change the chmod 0777 the file specific file in this directory “/etc/rc.d/”

#AUTO START SCRIPT IN MY MACHINE WITHOUT ERROR
# FILENAME: rc.local
# DESCRIPTION: This script enable tap functions of touchpad in this machine
# lenovo.modprobe startup script is not functioning and I dont know why.
# INSTRUCTION: Add the following script on rc.local the directory /etc/rc.local
# if does not exist create it or Simply copy this file [/etc/rc.local]
# and execute this command: [service rc.local restart] without the square brackets
# This procedure must have effect already your touchpad tapping function. Reboot your machine
# init 6
modprobe -r psmouse
modprobe psmouse proto=imps

It more

######################################################################

Sunday, November 19, 2017
In this moment in time I completely configured working dnsmasq DNS server in
this machine but sandly my linux machine at home is broken. It saddens me the fact that I have good internet connection at home and cound not even practice stardard networking practice at home I had to be a snitch. To digest everything I learned in a short period at time. I know it is wrong but I coudn’t help myself to solve something (a long time problem) . I eager to learn more that’s how I get my drive to insist my persitence in learning.
By the way I wanted to write down details how I solved that DNS (dnsmasq problem)
saving queries in a text file
dnsmasq --no-daemon --log-queries --log-facility=/var/log/dnsmasq.log
just show log queries
dnsmasq --no-daemon --log-queries

Slax DEBIAN BASED ERA

2018-04-09 07:51:

I have installed new linux base OS
It is in its infancy but I guess I would learn a lotfrom it
The first and foremost problem I encountered and solved is about
the autologin of Debian OS even though it has password(It is modified version of Debian it is sort of minimalist OS so many features are not includedin the system. like the desktop manager ). I just googled it unlike
before I had to do it all by myself.

systemctl set-default multi-user.target

To make it back in autologin

systemctl set-default graphical.target

As I have said, I don’t have Desktop manager I couldn’t
even adjust the brightness. Just like I did in the first I googled it
Debian has a lot of community support unlike the former distro I had.
This is the solution.

echo 1000 > /sys/class/backlight/intel_backlight/brightness
just like that. But it depends on your hardware you should follow the /sys/class/backlight and browse the directory to find out which is which.
script to make it automated

#################################################
#!/bin/sh
if [ $1 -le 0 ]
then
echo "1" > /sys/class/backlight/intel_backlight/brightness
else
echo $((2400 * $1 / 100 )) > /sys/class/backlight/intel_backlight/brightness
fi

#################################################

MORE GOOD FIREWALL RULES FROM EXPERTS JUST PASTED WHOLE THING HERE JUST FIGURE IT OUT
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#

#kernel.domainname = example.com

# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3

##############################################################3
# Functions previously found in netbase
#

# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1

# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1

# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1

# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
#net.ipv6.conf.all.forwarding=1

###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#

###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1

###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0
net.ipv4.icmp_echo_ignore_all = 1

If you have issues on your touchpad here is the solution
https://forums.kali.org/showthread.php?221-Touchpad-Synaptics-Tapping-issue-Solved
on the command line:
modprobe -r psmouse //disable touchpad first
modprobe psmouse proto=imps //it should function your touchpad

If you want to make it automated. modify the file of the
following path /etc/modprobe.d/anyname.conf
add the following line
options psmouse proto=imps

Insert date from cli output VIM editor
:r !date

Sat May 5 04:11:45 EDT 2018

I dont like Windows OS specially windows10 it is the biggest
spyware. It captures screen shots and the plain text of the text file
is being spied so I tranfered this text on a volume
I googled and it said you can make a virtual disk, like ext4 file system
you can make it, but you must make a file container first you can use

fallocate or dd (google it stupid). and make it by use some
tools like mkfs, e.g. mkfs.ext4 <nameofthefile) and you can mount it
like you just mounting a regular disk.

Creation of 500mb container:

dd if=/dev/zero of=MyDrive.img bs=1M count=500
This one is pretend to be a broken disk

dd if=/dev/zero bs=1k count=100 | tr "\000" "\377" > /dev/sdb
My discovery it can be used to wipe ssd/hhd
dd if=/dev/zero of=foo.bar bs=300k count=1 conv=notrunc
Formatting of the Container:

mkfs -t ext3 MyDrive.img
Now you can mount it.
mount MyDrive.img /mnt/mountfolder

--------------------------------------------------------------
THIS COULD BE SOLUTION TO MY LONG TERM PROBLEM
DNS SERVER WITH CUSTOM PORT

87.118.100.175 (Ports: 53, 110)
94.75.228.29 (Ports: 53, 110, DNSSEC)
87.118.104.203 (Ports: 53, 110,DNSSEC)
62.141.58.13 (Ports: 53, 110, HTTPS-DNS, DNSSEC)
87.118.109.2 (Ports: 53, 110, DNSSEC)

09.12.2019

ULTIMATE SOLUTION FOR SECURE E2EE FOR DNS ASIDES FROM HTTP-DNS
dnscrypt-proxy
# FileName: dnscrypt-proxy.conf
# A more comprehensive example config can be found in
#
# /usr/share/doc/dnscrypt-proxy/examples/dnscrypt-proxy.conf

ResolverName random
ResolversList /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv
#cloudflare
#yandex
#ipredator
Daemonize no
#fallback_resolver = 77.88.8.7:53
# LocalAddress only applies to users of the init script. systemd users must
# change the dnscrypt-proxy.socket file.
# to edit systemctl edit dnscrypt-proxy.socket
LocalAddress 127.0.2.1:53
----------------------------------------------
# To Edit systemctl edit dnscrpt-proxy.socket
#fileName dnscrypt-proxy.socket
[Socket]
ListenStream=
ListenDatagram=
ListenStream=127.0.2.1:53
ListenDatagram=127.0.2.1:53

https://forums.gentoo.org/viewtopic-t-164165-start-0.html

Fri Jun 1 09:41:01 CST 2018
Open_SSH7.4p1 disables the following key exhange algorithms and
cipher by default. so I need to define the following
line in ~/.ssh/config to pull this out.

Host 10.0.0.1
FingerprintHash md5
KexAlgorithms +diffie-hellman-group1-sha1
Ciphers 3des-cbc

--------------------------------------------
disable a certain linux service
-------------------------------------------
systemctl disable dnsmasq.service

#check status
systemctl status dnsmasq
------------------------
show services and etc
systemctl --all

Monday, October 08, 2018
NOTE TO MYSELF
Just searching all over again for something. Those pesky files stored in a removable SSD storage
I fear it is gone for good.
use “dd” command to overwrite file with zeros or make a container file “mkfs” at least I have a clue
doing something than nothing.
I’ve got the best solution before.

Create your image file of the size you want:

dd if=/dev/zero of=./your.img bz=1M count=<number of megabytes you want>
Format it

mkfs.ext3 ./your.img
(Recheck that command before running it, do read what is printed out.)

Mount it:

mount -o loop ./your.img /some/mount/point
And you're done. Don't forget to unmount before you copy/send that image file anywhere.

dd if=/dev/zero of=~/theFile.img bs=1M count=10
$ /sbin/mkfs.ext4 theFile.img
$ sudo mount -o loop theFile.img /mnt/tmp/

Oct 11, 2018
In any GNU LINUX distros if you install something related to video or audio and if it does
not work in non-root user try to add that user(s) in that group video/audio/graphic shits shits.

October 17, 2018
IMAGE AND DEVICE ENCRYPTION
LUKS / CRYPTSETUP
Sample of creation of encrypted image file
fallocate -l 100M encryptedimage.bin
mkfs.ext4 -j encryptedimage.bin
cryptsetup -y luksFormat encryptedimage.bin

MOUNT LUKS IMAGE / DISK CONTAINER

cryptsetup luksOpen enk.bin enkVolume
mkfs.ext4 /dev/mapper/enkVolume
TO UNMOUNT LUKS IMAGE / DEVICE
cryptsetup luksClose /dev/mapper/enkVolume

November 15, 2018
I just discovered tcplay means tru3 crypt play it can create and mount TC volume
HERE ARE some of the procedures according to your need
Encrypting a file as a virtual volume
Invoke

$ losetup -f
to find the first unused loopback device; in this example, /dev/loop0.

Note: As of udev 181-5, the loop device module is no longer auto-loaded.
Create a new container foo.tc, 20M in size for instance, in the working directory:

# fallocate -l 20M foo.tc
# losetup /dev/loop0 foo.tc
# tcplay -c -d /dev/loop0 -a whirlpool -b AES-256-XTS
Enter a secure password for the volume, and confirm the query to overwrite foo.tc with the new volume. tcplay will then write random data into the volume. Map the volume and create a filesystem on it in order to mount

# tcplay -m foo.tc -d /dev/loop0
# mkfs.ext4 /dev/mapper/foo.tc
# mount /dev/mapper/foo.tc /mnt/truecrypt/
To unset the container,

# umount /mnt/truecrypt
# dmsetup remove foo.tc
# losetup -d /dev/loop0
Mounting an existing container for a user
Consider /dev/loop0 the first unused loop device, foo.tc the TrueCrypt container, /home/you/truecrypt/ the desired mount point. The user you in this example has uid=1000 and gid=100. The steps for mounting the container as a virtual volume are:

Associate loop device with the container
Map the container to the loop device
Mount the container in the filesystem
The following commands perform the above actions.

# losetup /dev/loop0 foo.tc
# tcplay -m foo.tc -d /dev/loop0
# mount -o nodev,nosuid,uid=1000,gid=100 /dev/mapper/foo.tc /home/you/truecrypt/
Note, if the container uses ext4 or another filesystem that supports file ownership, the uid and gid parameters aren't needed and will not work. Therefore the third command would be simply:

# mount -o nodev,nosuid /dev/mapper/foo.tc /home/you/truecrypt/
To reverse them:

# umount /home/you/truecrypt/
# dmsetup remove foo.tc
# losetup -d /dev/loop0
Using tcplay-helper
The tcplay-helper-gitAUR[broken link: package not found] tool simplifies the process of creating, mounting and unmounting tc-play containers. The tool is still a work-in-progress, but should work fine for most users wanting to work with simple secure tc-play containers.

The following command creates a 3Mb container called foo.tc.

# tcplay-helper create foo.tc 3M
To mount the container file we can either mount it as root with the following command. The container will be mounted under /mnt/truecrypt/

# tcplay-helper open foo.tc
Alternatively, we can supply a username to mount the container as.

# tcplay-helper open foo.tc archie
Finally, to close the container this command does the trick.

# tcplay-helper close foo.tc

ovember 16, 2018
FOR THE BROADER KNOWLEDGE ABOUT FILE SYSTEM
LET TRY SQUASH FILE SYSTEM
It can be mounted but it just a read-only filesystem
you can use tar, zip, 7zip etc instead

bash# mksquashfs /var/arch /var/arch.sqsh
bash# mkdir /mnt/tmp
bash# mount /var/arch.sqsh /mnt/tmp -t squashfs -o loop
bash# ls /mnt/tmp

CHANGE VLC USERAGENT
vlc 'http://wiki.videolan.org/' :http-user-agent='FooBar/1.2.3'

may 20, 2019
I Learned things in a hardway because I am stupid
Learn How to PURGE
apt remove package ----just remove to program the config files not included
apt-get purge dnsmasq ----> remove programs dependencies including config files

# SET UP FAKE CAM
#!/bin/sh
# install v4l2looback first
# card label that would be your camera name
printf "Requires root access"
modprobe v4l2loopback video_nr=5 card_label="Intergrated Webcam"

#--------------------------------
# this one works well you could play even file in url
ffmpeg -re -i sadak.mp4 -r 10 -pix_fmt yuyv422 -f v4l2 /dev/video5

ffmpeg -f x11grab -r 15 -s 1280x720 -i :0.0+0,0 -vcodec rawvideo -pix_fmt yuv420p -threads 0 -f v4l2 /dev/video0
ffmpeg -re -i video.mp4 -c:v rawvideo -pix_fmt yuv420p -f v4l2 -s 640*360 /dev/video0
ffmpeg -re -i input.mp4 -map 0:v -f v4l2 /dev/video0

Sept.12.2019
Useful tools ipcalc
root@ibm~# ipcalc 10.0.0.1/8
Address: 10.0.0.1 00001010. 00000000.00000000.00000001
Netmask: 255.0.0.0 = 8 11111111. 00000000.00000000.00000000
Wildcard: 0.255.255.255 00000000. 11111111.11111111.11111111
=>
Network: 10.0.0.0/8 00001010. 00000000.00000000.00000000
HostMin: 10.0.0.1 00001010. 00000000.00000000.00000001
HostMax: 10.255.255.254 00001010. 11111111.11111111.11111110
Broadcast: 10.255.255.255 00001010. 11111111.11111111.11111111
Hosts/Net: 16777214 Class A, Private Internet
So I discovered open host slots

############################################################
#HOW To convert unixtime to readable format vice versa. [tag unix time]

bash# date -d "2019-11-09 18:24:30" "+%s"
1573323870

bash#date --date='@1573323870'
Sat Nov 9 18:24:30 UTC 2019
##################################################################
Samba client
mount.cifs //[IP_ADDR]/SERVER_NAME/FOLDER_NAME /mountpoint

nmblookup '*'
nmblookup -S WORKGROUP
#######################################################
GET SUM IN FILES
NOTE: IT ALSO COMPUTES DECIMAL NUMBERS
awk '{ sum += $1 } END { print sum }' Oct24-Nov30.txt
#######################################################
###################################
Get the sum of list of number
Warning It ignores decimal places
###################################
grep -oE '[0-9]+' Oct24-Nov30.txt | paste -s -d + - | bc
ou can use grep + paste + bc

$ grep -oE '[0-9]+' file
10
10
20
20
20

$ grep -oE '[0-9]+' file | paste -s -d + -
10+10+20+20+20

$ grep -oE '[0-9]+' file | paste -s -d + - | bc
80

tr 'A-Za-z0-9' 'N-ZA-Mn-za-m5-90-4'
################################################3
bssid: Upper Room
BC:C0:0F:BF:90:80
1john3v16
chrome.exe --proxy-server="socks5://localhost:9050" --host-resolver-rules="MAP * 0.0.0.0 , EXCLUDE localhost"
===========================
screen capture FFMPEG
https://ffmpeg.org/ffmpeg-devices.html#x11grab
===========================
ffmpeg -f x11grab -framerate 25 -video_size cif -i :0.0 out.mp4

Sun Jun 6 03:56:34 CST 2021
NEW TRICKS IN MY SLEEVES
Can execute command in text stream
The nice thing about it different
command from everyline
just press CTRL-C for the next command
line in the next line.
$/bin/sh -c "$(cat IoT.txt)"

Thu Jul 8 06:26:40 UTC 2021

pgrep firefox | xargs kill
ps -auxf
ps firefox
ps -A

Thu Jul 8 07:41:44 UTC 2021
A Golmine
Ctrl-c kill foreground process
Ctrl-z Suspend fg process
Ctrl-d Terminate input, or exit shell
Ctrl-s Suspend output
Ctrl-q Resume output
Ctrl-o Discard output
Ctrl-l Clear screen

CHEATCODES
GNU/LINUX RAMB MANUAL,TWEAKS AND TRICKS

INTRODUCTION:
    Many people is misconcepted or misinformed about LINUX. Linux is not an O.S. but it is a kernel. It is useless when it is used alone it needs distros to make it a powerful operating system.There are are many Linux-Distros--Debian, Slackware, OpenSuse, Fedora, Gentoo, Ubuntu, Red Hat, CentOS, Kali  and the list goes on and on everyday.Many of us have no clue that Android O.S. use LINUX kernel or else it will be just a cripple. Many of us don't recognize how powerful a linux distro is. Most of us are not aware that 85 to 97 percent of websites in the wold run in Linux Distros.

WHY I WROTE THIS?:
    I wrote this for a personal reason. Linux is good when it comes to security but is hard to use ---> It will be only hard If you don't know what to do. Just invest some brain cells and it will be useful.Hoping would be a beginning for those who just learning the ropes.I intend it to be cheatsheet for newbie.Empirical Experience there are many times I have been in a forum, not all the posts there are useful. I chose the best of
them. So I have a reference when it comes tweaking.My last reason. I don't want to forget it.



I. MAY COMMAND LIVE AND PERSIST
    Don't get intimidated by black screen and flickering green text on screen like those we've seen on those Hacker movies and claim to be a
super genious. Those overated and bullshits.

    CLI --> Command Line Interface. CLI is useful use lesser memmory unlike its opponent GUI (Graphical Use's Interface) use much memmory

BASH or Bourne Again SHell:A Linux/Unix shell that you type your command there are alternatives like xterm and konsole. The counterpart of bash in Windows is Batch files like Batch file, BASH does not need to be compiled to run. it just runs, and could change the code on the fly.

One of the useful tool Xterm shell is the crontab. I used to delete those files over and over again with this tool you can elimate
those habitual deletion of file and saves a lot times. In Linux shell type "crontab -l"
in my case : this is my crojobs it includes of the file path of my  bash script---xhistory.sh
To edit the crontab type the "crontab -e" on linux shell

johndoe@linuxdistros:~$ crontab -e                  
Put the following  lines of command and save it then restart your machine. It supposed to
work.

#every  15 minutes the machine will execute this bash script file
*/15 * * * *  sh "/home/john/cronjobs/xhistory.sh"

And the xhistory.sh contains the following lines of script commands.


#It fills .bash_history with ramdom characters for 34 times
shred -n 34 "/home/charm/.bash_history"
#Then emptying the file by filling with null bytes

cat /dev/null > /home/john/.bash_history
history -c
history -w

shred -n 34 "/home/john/.local/share/recently-used.xbel"
cat /dev/null > /home/john/.local/share/recently-used.xbel

shred -n 34 "/home/john/.config/smplayer/smplayer.ini"
cat /dev/null > "/home/john/.config/smplayer/smplayer.ini"

The exections secure delete the contents of history files. It is a little bit
counter hacking but it is good when you used it mysql shell, rlogin, ssh passwords
it prevents the attacker to exploit you passwords. And one more thing it saves disk space.
Minute   Hour    Day   MONTH   YEAR      commands
 *        *       *     *        *       /root/run_me.sh

HARDENED NETWORK SECURITY

iptables --> it is a very versatile firewall native in linux kernel. You don't need to install a a 3rd party software, you just need
            know how it works

YOUR SECURITY IS VITAL. You could avoid hackers scanning and launching ARP Network poisoning (Like wifikill on android devices )
which can cut you out from internet. And the worse is they can still information, passwords and even credit card number by
launching ssl strip tools. You could avoid that and become stealth in a network like in a public internet network.
Somebody can ping scan your machine your machine and that is start of the vulnerability. You are also vulnerale of what they call it
"Ping of death" which is a kind of DOS (Denial of Service) Attack and MITM (Man inn The Middle Attack) Attak which can totally strip naked
your privacy and it allows someone to steal your passwords in the site your visited. You could avoid those threat by utilizing
the following commands in linux system shell.

NOTE: It requires root access

#DISALLOWING REMOTE ACCESS in x11
root@linuxshell:~$iptables -A INPUT -p tcp --destination-port 6000  -j REJECT
root@linuxshell:~$iptables -A OUTPUT -p tcp --destination-port 6000  -j REJECT
root@linuxshell:~$ip6tables -A INPUT -p tcp --destination-port 6000 -j REJECT
root@linuxshell:~$ip6tables -A OUTPUT -p tcp --destination-port 6000 -j REJECT

#Disallowing ping from someone. Your machine rejects ping it does not reply.
root@linuxshell:~$iptables -A INPUT -p icmp --icmp-type echo-request -j REJECT
root@linuxshell:~$iptables -A OUTPUT -p icmp --icmp-type echo-reply -j REJECT
iptables -A INPUT -s 192.168.1.103 -J DROP --> Drop all packets from specific IPaDD

To Check it out if the code works

root@linuxshell:$ iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
REJECT     tcp  --  anywhere             anywhere             tcp dpt:x11 reject-with icmp-port-unreachable
REJECT     icmp --  anywhere             anywhere             icmp echo-request reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
REJECT     tcp  --  anywhere             anywhere             tcp dpt:x11 reject-with icmp-port-unreachable
REJECT     icmp --  anywhere             anywhere             icmp echo-reply reject-with icmp-port-unreachable




This one will prevent your machine from WifiKill and MITM and DOS attack in Local Network.
NOTE: It requires root access.
This one is wlan or wifi

root@linuxshell:~$echo "1"  > /proc/sys/net/ipv4/conf/wlan0/arp_ignore
root@linuxshell:~$echo "8" > /proc/sys/net/ipv4/conf/wlan0/arp_announce

This one is for LAN or Ethernet card:
root@linuxshell:~$echo "1"  > /proc/sys/net/ipv4/conf/wlan0/arp_ignore
root@linuxshell:~$echo "8" > /proc/sys/
net/ipv4/conf/wlan0/arp_announce


#######################################
YOU SHOULD TRY sysctl -a
You can set some firewall rules
and it retains even the system is  restarted
the path of config file is
/etc/sysctl.conf
######################################



HARDENED PRIVACY ( needs to be edited)

In this section I will tackle more advance security. If you are an average internet users you don't need to do this stuff, but if you are a journalist, eloectronic privacy
advocate or a  wistleblower you want to expose some corruptions and it is definitely  a matter of life and death. You have to be careful I advice to turnoff your swap before encrypting files and send it to someone.

I highly recommend to use "Tails" linux distro. A bootable OS can be booted on usb  and CD. But if you want to leave any digital fingerprint and you want to  hide an
incriminating data.  (just google it)

After your machine boot up. Do this first in Linux Shell.

swapoff -a

a -  all. turn of swap totaly
you can check it out by: typing the following command on Bash
    htop  -  swap memmory should appear 0.
          freem -a

The swap memmory also can be encrypted. just google it.




Creation of 6MB file
dd if=/dev/urandom of=swapfile.crypt bs=1M count=64
loop=$(losetup -f)
losetup ${loop} swapfile.crypt
cryptsetup open --type plain --key-file /dev/urandom ${loop} swapfile
mkswap /dev/mapper/swapfile
swapon /dev/mapper/swapfile

The result:

# swapon -s
Filename                                Type            Size    Used    Priority
/dev/mapper/swap0                       partition       4000176 0       -1
/dev/mapper/swap1                       partition       2000084 0       -2
/dev/mapper/swapfile                    partition       65528   0       -3

swap0 and swap1 are real partitions.
shareimprove this answer
edited Feb 12 '13 at 22:39
cjm
20.3k57073
answered Feb 12 '13 at 21:10
ott--
7661512

5

This Configuration uses randomly generated keys at boot and will not support Hibernation to hard disk! You Should Disable Hibernation through your respectie DE Power Management Utility and set it to Shutdown on Critical to avoid Data Loss!

Make sure to run sudo -s or su before running the following.

    Disable Swap:

    # swapoff -a

    Locate the existing Swap Partition

    # lsblk

    You will get something like this:

    sda3    8:3    0     8G  0 part [SWAP]

    Overwrite Old Swap

    # dd if=/dev/zero bs=1024000 of=/dev/sda<#>

    for example:

    # dd if=/dev/zero bs=1024000 of=/dev/sda3

    fstab setup

    # vim /etc/fstab

    Replace old SWAP device with crypttab mapper name: /dev/mapper/cswap

    #<file system>      <mount point>   <type>  <options>   <dump>  <pass>
    /dev/mapper/cswap   none            swap    pri=1,defaults  0   0

    Crypto Setup

    # ls -lF /dev/disk/by-id

    For Example:

    ata-HGST_HTS545050A7E680_TEK55D4F0BU3GV-part3 -> ../../sda3

    # vim /etc/crypttab

    # <name>    <device>                            <password>  <options>
      cswap     /dev/disk/by-id/ata-HGST_HTS545050A7E680_TEK55D4F0BU3GV-part3   /dev/urandom    swap,cipher=aes-cbc-essiv:sha256,size=256

    Active Encrypted Swap

    # reboot

    Verify Enctypted Swap Operations

    For example:

    # dmsetup -C info
    cswap      253   0 L--w    2    1      0 CRYPT-PLAIN-cswap  
    # lsblk
    ├─sda3                8:3    0     8G  0 part  
    │ └─cswap             253:0    0     8G  0 crypt [SWAP]
    # cat /proc/swaps
    Filename                Type        Size    Used    Priority
    /dev/dm-0               partition   8385532 0       -1


####################################################################
ENVIRONMENTAL VARIABLES

You can also edit environmental variables. In your home directory search for .bahrc
 if there's none in existence make one. This is a cool thing you can decide what you wanted
 to do with your bash shell environment. Open ".bashrc" and add this line:
PS1='\u@\h:\w\$ '

When you open the cosole the display would be like this.

john@bashshell:~$

you can just change it whatever you want to do with it like:
PS1='\u@\h:\w\# '

It results:
 john@bashshell:~#______


There is another one useful for changing environmental  variables.
this one  is like a starup folder in windows.

open the file path  /etc/profile.d/

If you ought to install software in another  folder besides the nstandard installation folder (like your new downloaded firefox you want it to install in other folder like an encrypted disk beside the standard disk)you have to change the environmental variables like in this case the java is installed in none standard way. you can check it out by typing  "which java" in my case java could not found because it is installed in none standard way.
First I move The jkd7 folder from /usr/lib64/jdk7 to  /usr/jdk7   (you can also do this in umounted devices encrypted volume like truecrypt and luks you program runs there)

if i type java -version  in bash I recieve this
bash: java: command not found

This the original path
#!/bin/sh
export JAVA_HOME=/usr/lib64/jdk7
export PATH='/usr/lib64/jvm/bin:/usr/lib64/jvm/jre/bin:/usr/lib64/jvm/bin:/usr/lib64/jvm/jre/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/usr/games:/usr/lib64/kde4/libexec:/usr/lib64/qt/bin'

This is the modified path
#!/bin/sh
export JAVA_HOME=/usr/jdk7
export PATH='/usr/jdk7/bin:/usr/jdk7/jre/bin:/usr/jdk7/bin:/usr/jdk7/jre/bin:/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/jdk7/bin:/bin:/usr/games:/usr/lib64/kde4/libexec:/usr/lib64/qt/bin'
 
restart your machine.
on conssole type: java -version
Java version "1.7.0_55"
Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.55-b03, mixed mode)



You supposed to see the java vesion. In that case it should work all the way.


feb 3, 2016
If you want to torrify your download. run tor first and do the
next step: this time i download the file with name "youtube-dl"
i tunnel the connection in TOR using socks5
 curl --socks5-hostname 127.0.0.1:9150 http://youtube-dl.org/latest/youtube-dl -o youtube-dl

The good thing about "curl" if the download is interupted or  experinced disconnection you can still resume your download. if the file is too large and you want continue the download the next day you can still resume the remaining bytes.

OPENSSL OPEN SSL
There was something in my machine always bothering me I can't install
openssl properly it was always butt-in the older installed ssl version
the problem is I was so stupid that I din't think about the path name of the old one just to overight my machine is a little bit eccentric it din't install openssl in the standard directory so i have no configure the installation first this is the path that work in my machine: ./config --prefix=/usr/local --openssldir=/usr/local/openssl
./config
make
make test
make install

 I just browsed it on the web I don't know if it is working

HOW TO ANONYMIZE FIREFOX on 2010-08-10


wrote :

change in about:config


browser.download.manager.scanWhenDone = false
browser.send_pings = false
dom.disable_window_open_feature.menubar = true
dom.disable_window_open_feature.scrollbars = true
intl.accept_charsets;utf-8
intl.accept_languages;en
intl.charset.default;utf-8
intl.charsetmenu.browser.cache;UTF-8
keyword.enabled = false
layout.css.visited_links_enabled = false
network.http.sendRefererHeader;0
network.http.accept.default;*/*
network.prefetch-next = false
network.proxy.socks_remote_dns = true

########################################################################

add to about:config (for faking the user agent)


new - string: general.useragent.override - value: Mozilla/5.0 (en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2

########################################################################

change settings
(in firefox 3.5 and higher first choose "user default" to change some settings)


javascript:disabled
java: disabled
history: disabled
chronicle: disabled
save data: disabled
cookies: disabled
clear private data: enabled (all)
remember passwords: disabled
offline storage: 0 mb cache

########################################################################

search engines disable/uninstall


PACKET WARS
#to forward the traffic to your machine between your target and router.
echo 1 > /proc/sys/net/ipv4/ip_forward

MORE ABOUT NETWORK SECURITY
SSH - Safe shell. A future network admin should know how to use telnet, rlogin , sftp, gopher and ssh.
Safe shell is secure. You should know how configure ssh server and client for encrypted connection. In my case I
use OpenSSH for BSD
https://archive.is/o/zCaQN/www.ssh.com/support/documentation/online/ssh/adminguide/32/Generating_the_Host_Key.html
-----------------------------------------------
SSH PROXY connection

ssh -p 443 -C2qTnN -D 52233 skyssh.com-florp@146.185.160.149




ssh -D 12345 myuser@remote_ssh_server
SOCKS Host: 127.0.0.1 port: 12345 (I, actually, used 8080) with
 ssh -C2qTnN -D 8080 user@my_server


create.sshgoogle.com
 fastssh.com
 skyssh.com

 sshagan.net
 go-ssh.com

http://www.phcorner.net
un: json***
pw: cro*****

tcpvpn.com
 bestvpnssh.com
 mytunneling.com
 createssh.com



 ssh -C2qTnN -D 8080 -p 443  skyssh.com-anonme@188.166.190.87




ssh -C2qTnN -D 51234 skyssh.com-krang@45.32.147.45
-------------------------------------------------------------------------------------



PUT YOUR WIRELESS CARD IN MONITOR MODE
(It depends on your wlan card if it is supported listening or monitor mode.

ON YOUR SHELL
ifconfig wlan0 down
iwconfig wlan0 mode monitor
ifconfig wlan0 up
     

ifconfig wlan0 down
iwconfig wlan0 mode managed
ifconfig wlan0 up





#redirect all of torify's traffic to localhost
sudo iptables -t nat -A OUTPUT -m owner --uid-owner torify -j DNAT --to-destination 127.0.0.1
#allow vm to access privoxy, tor
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -p tcp --dport 8118 -j ACCEPT
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -p tcp --dport 9050 -j ACCEPT
#allow tor to access vm
sudo iptables -A OUTPUT -o lo -m owner --uid-owner debian-tor -p tcp --dport 5022 -j ACCEPT
#if we allow it outgoing, allow it incoming and don't interfere with prior connections
sudo iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A INPUT -p tcp -m state --state RELATED -j ACCEPT
sudo iptables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -m state --state RELATED -j ACCEPT
#don't let anything access vm on localhost
sudo iptables -A OUTPUT -o lo -p tcp --dport 5022 -j DROP
#don't let torify snoop around on listening localhost ports
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -j DROP
#don't allow external machines to access vm
sudo iptables -A INPUT ! -i lo -p tcp --dport 5022 -j DROP
#drop all torify traffic failsafe and protocol agnostic
sudo iptables -A OUTPUT -o lo -m owner --uid-owner torify -j DROP

To make sure the rules stay after reboot, type the following command: sudo iptables-save
Next we'll need to make sure Privoxy works with Tor. Type this command: sudo gedit /etc/privoxy/config
Delete everything in the file and replace it with this:
# Generally, this file goes in /etc/privoxy/config
#
# Tor listens as a SOCKS4a proxy here:
forward-socks4a / 127.0.0.1:9050 .
confdir /etc/privoxy
log /etc/privoxy
#actionsfile standard # Internal purpose, recommended
#actionsfile default # Main actions file
#actionsfile user       # User customizations
#filterfile default.filter
# Don't log interesting things, only startup messages, warnings and errors
#logfile logfile
#jarfile jarfile
#debug 0 # show each GET/POST/CONNECT request
#debug 4096 # Startup banner and warnings
#debug 8192 # Errors - *we highly recommended enabling this*
user-manual /usr/share/doc/privoxy/user-manual
listen-address 127.0.0.1:8118
toggle 1
enable-remote-toggle 0
enable-edit-actions 0
enable-remote-http-toggle 0
Now, type this command:

sudo /etc/init.d/privoxy restart


Well, that didn't work like intended. We dropped ARP related traffic to the IP address, but not on IP level. This is also visible in the arp -n list:
root@ubuntu:/data# arp -n
 Address                  HWtype  HWaddress           Flags Mask            Iface
 192.168.1.20             ether   00:a7:22:23:d1:f3   C                     eth0
 192.168.1.1              ether   d8:d7:21:22:5a:f4   C                     eth0
So to make this work, we simply have to flush the ARP cache. We delete the related ARP entry:
root@ubuntu:/data# arp -d 192.168.1.1
root@ubuntu:/data# arp -n
 Address                  HWtype  HWaddress           Flags Mask            Iface
 192.168.1.20             ether   00:a7:22:23:d1:f3   C                     eth0
 192.168.1.1                      (incomplete)                              eth0








Specific traffic filtering
Back to our original mission: only allow our router to exchange ARP packets.
root@ubuntu:/data# Block ARP traffic from all machines (default: DENY)
arptables -P INPUT DROP

root@ubuntu:/data# Allow router (fixed ARP)
arptables -A INPUT --source-mac d8:d7:21:22:5a:f4 -j ACCEPT
All ARP packets are blocked now. Each system which will transmitting traffic will end up as an (incomplete) entry.
Enable all ARP traffic
If we want to allow traffic again:
root@ubuntu:/data# arptables -P INPUT ACCEPT
root@ubuntu:/data# arptables --flush
Flushing the full ARP cache can be done with ip utility:
root@ubuntu:/data# ip -s neighbour flush all
Conclusion
Arptables is a very powerful utility to filter traffic and avoid an unexpected router taking over our connectivity. However, keep in mind that connectivity is not fully blocked. Only ARP traffic is blocked (layer 2/3 on the OSI model). If someone is able to manually add an entry to the ARP table, traffic is able to flow again.




One hardening trick I like is to turn off ARP completely with:
ip link set dev eth0 arp off
Then add a static ARP entry for the router so you can get to that:
arp -s 10.0.0.2 00:0c:29:c0:94:bf


------------------------------

gpg --keyserver pgpkeys.mit.edu --recv 8B48AD6246925553

#######################
To update java download java.33.3..gz and extract the files in the current directory of java installation just a sort of copy and paste
######################################
you could secure delete klipboard it is located in /.kde/ but you can disable the saving in klipboard in options


Set Environmental variables
export MYHOME=/mnt/live/memory/data/AdwCleaner/


###############################
# TO DISABLE BASH HISTORY PERMANENTLY #
# echo 'set +o history' >> ~/.bashrc                    #
###############################

JUST DISABLE HISTORY IN A CURRENT SHELL

set +o history


##############################################
The OpenSSH 7+ does not support deffie-hellman handshake by default
you should config it or type it specifically in CLI. And does not display the key in md5 hexadecimal string format but a series of gibberish. To make it work in that way one should edit this config as I explain below:
 
/home/user/.ssh/config
Host 192.168.1.1
        KexAlgorithms +diffie-hellman-group1-sha1
        FingerprintHash md5



/home/user/.ssh/config
What I did is to make something in old format md5 display and old
Host *  # anyhost
 ForwardX11 yes
 Compression yes
X11 is also cool thing
==============================
Linux command line show directory sizes
du -sh *
http://112.203.90.24//admin/pldt.asp --might be exploited
=========================================
LEARNING APACHE MORE
This is substantial
http proxy using apache "proxy-html.conf  <--Im gonna study about that








f2592419@mvrht.comf2592419@mvrht.com



=================================
DNS/NameServer
I find a more effective way to customize dns server






=========================================================
#add into .bashrc
genpasswd() {
    local l=$1
           [ "$l" == "" ] && l=16
          tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs
}

===============================================================================

unix tools
fc ---edit .bash_history
LINUX/unix MONITORING TOOLS
iptraf --network
top   --process
vmstat --process
iostat
iftop --network
du -sh *  --> show directory sizes
1. Fire up airodump-ng, lock to the channel that has the network AP you are interested in.
 2. Note the BSSID of the AP and the MAC of a connected client.
 3. Use aireplay-ng to force a deauth. Since Association and Re-Association packets contain the SSID whether hidden or not,
when the client reconnects, your airodump-ng session should capture the SSID and report that in your session window.
 Basic syntax is:
 aireplay-ng -0 3 -a $BSSID -c $CLIENTMAC $INTERFACE
aireplay-ng --ignore-negative-one -0 30 -a C4:6E:1F:48:DB:E4 -c 04:1B:BA:44:A3:E8 mon0
aireplay-ng --ignore-negative-one -0 -a 00:13:33:F3:84:9B -c 9C:B7:0D:26:0D:59 mon2
B315_9487D



root@bt:~# /pentest/password/jtr/john --stdout --incremental:all | aircrack-ng -b 00:19:5B:52:AD:F7 -w - /tmp/wpa2*.cap





-----------------------------------------------------------------------------------------------------------------------------------
iptables -I FORWARD 5 -s 10.42.0.52 -p tcp -m quota --quota 104857600 -j ACCEPT
  456  iptables -I FORWARD 1 -s 10.42.0.52 -p tcp -m quota --quota 104857600 -j ACCEPT
  457  iptables -I FORWARD 2 -s 10.42.0.52 -j DROP
------------------------------------------------------------------------------
Conserning about bandwith quota In my own machine not the forwarding or shared
connections ones. this is 20 mb limit 20 971 520
iptables  -A INPUT -p tcp  -m quota --quota 20000000 -j ACCEPT
iptables -A INPUT -j DROP

1000/1024  bytes = 1 kb

 1 MiB = 220 bytes = 1024 kibibytes = 1048576bytes


ssh -C2qTnN -D 8090 usrname@hostname -p 443

###################################################
NETWORK SECURITY!
MITM NO PROBLEM IGNORE ICMP OR BROADCAST REQUEST
Add the following line "/etc/sysctl.conf"

Ignore ICMP request:
net.ipv4.icmp_echo_ignore_all = 1
Ignore Broadcast request:
net.ipv4.icmp_echo_ignore_broadcasts =1
#load new setting by typing the following command# sysctl -p

to show all the rules: sysctl -a


IT IS ALSO A GOOD THING IF YOU DISABLE YOUR IPV6 IF YOU DON'T
USE IT:
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6

another method permanent effect edit the following file:
/etc/sysctl.conf
#with this lines
#disable ipv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1



#############################################

CREATING A BOGUS SSID OR AN EVIL TWIN
airbase-ng -a 00:09:5B:6F:64:1E --essid
"Fakeaccesspoint" -c 11 mon0

#########################################################
miselenious tricks display time in the upper left of the terminal
while sleep 1;do tput sc;tput cup 0 $(($(tput cols)-29));date;tput rc;done &

07/05/17 07:30:58 PM
Adding the rule
iptables -A OUTPUT  -p udp --dport 53 -j DROP

removing the rules
iptables -D OUTPUT -p udp --dport 53 -j DROP
Sunday, November 12, 2017
If you were having a problem in your default DNS server e.g. your pesky router. Just dont forget the resolve.conf in "/etc/resolve.conf"
and add the following line:

nameserver 8.8.8.8 #invoking google server as you dns server

##########################################################################
What's more surprising I solved a long time problem in sshd put it in booting up. And might solve other problem like putting httpd servic in startup
just change the chmod 0777 the file specific file in this directory "/etc/rc.d/"


#AUTO START SCRIPT IN MY MACHINE WITHOUT ERROR
# FILENAME: rc.local
# DESCRIPTION: This script enable tap functions of touchpad in this machine
# lenovo.modprobe startup script is not functioning and I dont know why.
# INSTRUCTION: Add the following script on rc.local the directory /etc/rc.local
#               if does not exist create it or Simply copy this file [/etc/rc.local]
#   and execute this command: [service rc.local restart] without the square brackets
# This procedure must have effect already your touchpad tapping function. Reboot your machine
# init 6
modprobe -r psmouse
modprobe psmouse proto=imps

It more


######################################################################

Sunday, November 19, 2017
In this moment in time I completely configured working dnsmasq DNS server in
this machine but sandly my linux machine at home is broken. It saddens me the fact that I have good internet connection at home and cound not even practice stardard networking practice at home I had to be a snitch. To digest everything I learned in a short period at time. I know it is wrong but I coudn't help myself to solve something (a long time problem) . I eager to learn more that's how I get my drive to insist my persitence in learning.
By the way I wanted to write down details how I solved that DNS (dnsmasq problem)
saving queries in a text file
dnsmasq --no-daemon --log-queries --log-facility=/var/log/dnsmasq.log
just show log queries
dnsmasq --no-daemon --log-queries

Slax DEBIAN BASED ERA

2018-04-09 07:51:

I have installed new linux base OS
It is in its infancy but I guess I would learn a lotfrom it
The first and foremost problem I encountered and solved is about
the autologin of Debian OS even though it has password(It is modified version of Debian it is sort of minimalist OS so many features are not includedin the system. like the desktop manager ). I just googled it unlike
before I had to do it all by myself.

systemctl set-default multi-user.target

To make it back in autologin

systemctl set-default graphical.target

As I  have said, I don't have Desktop manager I couldn't
even adjust the brightness. Just like I did in the first I googled it
Debian has a lot of community support unlike the former distro I had.
This is the solution.

echo 1000 > /sys/class/backlight/intel_backlight/brightness
just like that. But it depends on your hardware you should follow the /sys/class/backlight and browse the directory to find out which is which.
script to make it automated

#################################################
#!/bin/sh
if [ $1 -le 0 ]
then
echo  "1" > /sys/class/backlight/intel_backlight/brightness
else
echo $((2400 * $1 / 100 )) > /sys/class/backlight/intel_backlight/brightness
fi

#################################################










MORE GOOD FIREWALL RULES FROM EXPERTS JUST PASTED WHOLE THING HERE JUST FIGURE IT OUT
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#

#kernel.domainname = example.com

# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3

##############################################################3
# Functions previously found in netbase
#

# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.all.rp_filter=1

# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1

# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1

# Uncomment the next line to enable packet forwarding for IPv6
#  Enabling this option disables Stateless Address Autoconfiguration
#  based on Router Advertisements for this host
#net.ipv6.conf.all.forwarding=1


###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#

###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1

###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0
net.ipv4.icmp_echo_ignore_all = 1



If you have issues on your touchpad  here is the solution
https://forums.kali.org/showthread.php?221-Touchpad-Synaptics-Tapping-issue-Solved
on the command line:
modprobe -r psmouse //disable touchpad  first
modprobe psmouse proto=imps //it should function your touchpad

If you want to make it automated. modify the file of the
following path /etc/modprobe.d/anyname.conf
add the following line
options psmouse proto=imps

Insert date from cli output VIM editor
:r !date



Sat May  5 04:11:45 EDT 2018

I dont like Windows OS specially windows10 it is the biggest
spyware. It captures screen shots and the plain text of the text file
is being spied so I tranfered this text on a volume
I googled and it said you can make a virtual disk, like ext4 file system
you can make it, but you must make a file container first you can use

fallocate or dd (google it stupid). and make it by use some
tools like mkfs, e.g. mkfs.ext4 <nameofthefile) and you can mount it
like you just mounting a regular disk.

Creation of 500mb container:

dd if=/dev/zero of=MyDrive.img bs=1M count=500
This one is pretend to be a broken disk


dd if=/dev/zero bs=1k count=100 | tr "\000" "\377" > /dev/sdb
My discovery it can be used to wipe ssd/hhd
dd if=/dev/zero of=foo.bar bs=300k count=1 conv=notrunc
Formatting of the Container:

mkfs -t ext3 MyDrive.img
Now you can mount it.
mount MyDrive.img /mnt/mountfolder

--------------------------------------------------------------
THIS COULD BE SOLUTION TO MY LONG TERM PROBLEM
DNS SERVER WITH CUSTOM PORT

    87.118.100.175 (Ports: 53, 110)
    94.75.228.29 (Ports: 53, 110, DNSSEC)
    87.118.104.203 (Ports: 53, 110,DNSSEC)
    62.141.58.13 (Ports: 53, 110, HTTPS-DNS, DNSSEC)
    87.118.109.2 (Ports: 53, 110, DNSSEC)

09.12.2019

ULTIMATE SOLUTION FOR SECURE E2EE FOR DNS ASIDES FROM HTTP-DNS
dnscrypt-proxy
# FileName: dnscrypt-proxy.conf
# A more comprehensive example config can be found in
#
# /usr/share/doc/dnscrypt-proxy/examples/dnscrypt-proxy.conf

ResolverName random
ResolversList /usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv
#cloudflare
#yandex
#ipredator
Daemonize no
#fallback_resolver = 77.88.8.7:53
# LocalAddress only applies to users of the init script. systemd users must
# change the dnscrypt-proxy.socket file.
# to edit systemctl edit dnscrypt-proxy.socket
LocalAddress 127.0.2.1:53
----------------------------------------------
# To Edit systemctl edit dnscrpt-proxy.socket
#fileName dnscrypt-proxy.socket
[Socket]
ListenStream=
ListenDatagram=
ListenStream=127.0.2.1:53
ListenDatagram=127.0.2.1:53


https://forums.gentoo.org/viewtopic-t-164165-start-0.html



Fri Jun  1 09:41:01 CST 2018
Open_SSH7.4p1 disables the following key exhange algorithms and
cipher by default. so I need to define the following
line in ~/.ssh/config  to pull this out.

Host 10.0.0.1
FingerprintHash md5
KexAlgorithms +diffie-hellman-group1-sha1
Ciphers 3des-cbc

--------------------------------------------
disable a certain linux service
-------------------------------------------
systemctl disable dnsmasq.service

#check status
systemctl status dnsmasq
------------------------
show services and etc
systemctl --all


Monday, October 08, 2018
NOTE TO MYSELF
Just searching all over again for something. Those pesky files stored in a removable SSD storage
I fear it is gone for good.
use  "dd" command to overwrite file with zeros or make a container file "mkfs" at least I have a clue
doing something than nothing.
I've got the best solution before.


Create your image file of the size you want:

dd if=/dev/zero of=./your.img bz=1M count=<number of megabytes you want>
Format it

mkfs.ext3 ./your.img
(Recheck that command before running it, do read what is printed out.)

Mount it:

mount -o loop ./your.img /some/mount/point
And you're done. Don't forget to unmount before you copy/send that image file anywhere.

dd if=/dev/zero of=~/theFile.img bs=1M count=10
$ /sbin/mkfs.ext4 theFile.img
$ sudo mount -o loop theFile.img /mnt/tmp/


Oct 11, 2018
In any GNU LINUX distros if you install something related to video or audio and if it does
not work in non-root user try to add that user(s) in that group video/audio/graphic shits shits.


October 17, 2018
IMAGE AND DEVICE ENCRYPTION
LUKS / CRYPTSETUP
Sample of creation of encrypted image file
fallocate -l 100M encryptedimage.bin
mkfs.ext4 -j encryptedimage.bin
cryptsetup -y luksFormat encryptedimage.bin

MOUNT LUKS IMAGE / DISK CONTAINER

cryptsetup luksOpen enk.bin enkVolume
mkfs.ext4 /dev/mapper/enkVolume
TO UNMOUNT LUKS IMAGE / DEVICE
cryptsetup luksClose /dev/mapper/enkVolume

November 15, 2018
I just discovered tcplay means tru3 crypt play it can create and mount TC volume
HERE ARE some of the procedures according to your need
Encrypting a file as a virtual volume
Invoke

 $ losetup -f
to find the first unused loopback device; in this example, /dev/loop0.

Note: As of udev 181-5, the loop device module is no longer auto-loaded.
Create a new container foo.tc, 20M in size for instance, in the working directory:

 # fallocate -l 20M foo.tc
 # losetup /dev/loop0 foo.tc
 # tcplay -c -d /dev/loop0 -a whirlpool -b AES-256-XTS
Enter a secure password for the volume, and confirm the query to overwrite foo.tc with the new volume. tcplay will then write random data into the volume. Map the volume and create a filesystem on it in order to mount

 # tcplay -m foo.tc -d /dev/loop0
 # mkfs.ext4 /dev/mapper/foo.tc
 # mount /dev/mapper/foo.tc /mnt/truecrypt/
To unset the container,

 # umount /mnt/truecrypt
 # dmsetup remove foo.tc
 # losetup -d /dev/loop0
Mounting an existing container for a user
Consider /dev/loop0 the first unused loop device, foo.tc the TrueCrypt container, /home/you/truecrypt/ the desired mount point. The user you in this example has uid=1000 and gid=100. The steps for mounting the container as a virtual volume are:

Associate loop device with the container
Map the container to the loop device
Mount the container in the filesystem
The following commands perform the above actions.

 # losetup /dev/loop0 foo.tc
 # tcplay -m foo.tc -d /dev/loop0
 # mount -o nodev,nosuid,uid=1000,gid=100 /dev/mapper/foo.tc /home/you/truecrypt/
Note, if the container uses ext4 or another filesystem that supports file ownership, the uid and gid parameters aren't needed and will not work. Therefore the third command would be simply:

 # mount -o nodev,nosuid /dev/mapper/foo.tc /home/you/truecrypt/
To reverse them:

 # umount /home/you/truecrypt/
 # dmsetup remove foo.tc
 # losetup -d /dev/loop0
Using tcplay-helper
The tcplay-helper-gitAUR[broken link: package not found] tool simplifies the process of creating, mounting and unmounting tc-play containers. The tool is still a work-in-progress, but should work fine for most users wanting to work with simple secure tc-play containers.

The following command creates a 3Mb container called foo.tc.

 # tcplay-helper create foo.tc 3M
To mount the container file we can either mount it as root with the following command. The container will be mounted under /mnt/truecrypt/

 # tcplay-helper open foo.tc
Alternatively, we can supply a username to mount the container as.

 # tcplay-helper open foo.tc archie
Finally, to close the container this command does the trick.

 # tcplay-helper close foo.tc




ovember 16, 2018
FOR THE BROADER KNOWLEDGE ABOUT FILE SYSTEM
LET TRY SQUASH FILE SYSTEM
It can be mounted but it just a read-only filesystem
you can use tar, zip, 7zip etc instead

bash# mksquashfs /var/arch /var/arch.sqsh
    bash# mkdir /mnt/tmp
    bash# mount /var/arch.sqsh /mnt/tmp -t squashfs -o loop
    bash# ls /mnt/tmp

CHANGE VLC USERAGENT
vlc 'http://wiki.videolan.org/' :http-user-agent='FooBar/1.2.3'

may 20, 2019
I Learned things in a hardway because I am stupid
Learn How to PURGE
apt remove package ----just remove to program the config files not included
apt-get purge dnsmasq ----> remove programs dependencies including config files


# SET UP FAKE CAM
#!/bin/sh
# install v4l2looback first
# card label that would be your camera name
printf  "Requires root access"
modprobe v4l2loopback video_nr=5 card_label="Intergrated Webcam"

#--------------------------------
# this one works well you could play even file in url
ffmpeg -re -i sadak.mp4 -r 10 -pix_fmt yuyv422 -f v4l2 /dev/video5



ffmpeg -f x11grab -r 15 -s 1280x720 -i :0.0+0,0 -vcodec rawvideo -pix_fmt yuv420p -threads 0 -f v4l2 /dev/video0
ffmpeg -re -i video.mp4 -c:v rawvideo -pix_fmt yuv420p -f v4l2 -s 640*360 /dev/video0
ffmpeg -re -i input.mp4 -map 0:v -f v4l2 /dev/video0

Sept.12.2019
Useful tools ipcalc
root@ibm~# ipcalc 10.0.0.1/8
Address:   10.0.0.1             00001010. 00000000.00000000.00000001
Netmask:   255.0.0.0 = 8        11111111. 00000000.00000000.00000000
Wildcard:  0.255.255.255        00000000. 11111111.11111111.11111111
=>
Network:   10.0.0.0/8           00001010. 00000000.00000000.00000000
HostMin:   10.0.0.1             00001010. 00000000.00000000.00000001
HostMax:   10.255.255.254       00001010. 11111111.11111111.11111110
Broadcast: 10.255.255.255       00001010. 11111111.11111111.11111111
Hosts/Net: 16777214              Class A, Private Internet
So I discovered open host slots

############################################################
#HOW To convert unixtime to readable format vice versa. [tag unix time]

bash# date -d "2019-11-09 18:24:30" "+%s"
1573323870

bash#date --date='@1573323870'
Sat Nov  9 18:24:30 UTC 2019
##################################################################
Samba client
mount.cifs //[IP_ADDR]/SERVER_NAME/FOLDER_NAME /mountpoint

nmblookup '*'
nmblookup -S WORKGROUP
#######################################################
GET SUM IN FILES
NOTE: IT ALSO COMPUTES DECIMAL NUMBERS
 awk '{ sum += $1 } END { print sum }' Oct24-Nov30.txt
#######################################################
###################################
Get the sum of list of number
Warning It ignores decimal places
###################################
grep -oE '[0-9]+' Oct24-Nov30.txt | paste -s -d + - | bc
ou can use grep + paste + bc

$ grep -oE '[0-9]+' file
10
10
20
20
20

$ grep -oE '[0-9]+' file | paste -s -d + -
10+10+20+20+20

$ grep -oE '[0-9]+' file | paste -s -d + - | bc
80

tr 'A-Za-z0-9' 'N-ZA-Mn-za-m5-90-4'
################################################3
bssid: Upper Room
BC:C0:0F:BF:90:80
1john3v16
chrome.exe --proxy-server="socks5://localhost:9050" --host-resolver-rules="MAP * 0.0.0.0 , EXCLUDE localhost"
===========================
screen capture FFMPEG
https://ffmpeg.org/ffmpeg-devices.html#x11grab
===========================
ffmpeg -f x11grab -framerate 25 -video_size cif -i :0.0 out.mp4


Sun Jun  6 03:56:34 CST 2021
NEW TRICKS IN MY SLEEVES
Can execute command in text stream
The nice thing about it different
command from everyline
just press CTRL-C for the next command
line in the next line.
$/bin/sh -c "$(cat IoT.txt)"

Thu Jul  8 06:26:40 UTC 2021

pgrep firefox | xargs kill
ps -auxf
ps firefox
ps -A

Thu Jul  8 07:41:44 UTC 2021
A Golmine
Ctrl-c kill foreground process
Ctrl-z Suspend fg process
Ctrl-d Terminate input, or exit shell
Ctrl-s Suspend output
Ctrl-q Resume output
Ctrl-o Discard output
Ctrl-l Clear screen