Linux, Cloud, Security and beyond
Download and install the stress test tool
sudo amazon-linux-extras install epel -y
sudo yum install stress -y
Launch the stress test in background (for 800 seconds in that example)
sudo stress --cpu 8 --timeout 800 &
Check the stress test processes with the top command
top
Manually stop the stress test (if needed)
sudo killall stress
When trying to connect to amazon container services, ECR ( Elastic Container Registry), there are a few steps you need to configure first before successfully connecting, otherwise you will get the error like below.
Error: Cannot perform an interactive login from a non TTY device
check docker version, if no docker installed, install it first.
$docker –version
check AWS CLI version, if no AWS CLI installed, install link below.
https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html
$aws –version
Configure AWS CLI
$AWS configure
You will need Access Key ID and Secret Access Key
680501633545.dkr.ecr.us-west-1.amazonaws.com/repo1
for more information, please refer below link.
There are different ways you can capture Network traffic using Wireshark.
1) Locally on host interface
2) Wire Tapping
3) Port Mirroring or SPAN
1) Simplest way of capturing traffic from local traffic (your own computer).
Just select the interface that you want to monitor and hit RUN. Nothing is simpler.
2) Wire Tapping
Another sneaky way of capturing the traffic is to tap the wire.
Instead of Network devices connected directly to each other, simply put a device in between.
Devices like below will do the job. Connect to this device with your wireshark computer and start capturing.
3) Port Mirroring
Switchport analyzer or SPAN is feature on Cisco switches where you can forward the captured packets from one interface to another for monitoring and analyzing.
Its simple to set up, on the device you want to set up span, configure as per below. in below config, fa0/1 will be the interface we want to capture and the packets will be forwarded to fa0/24. A Wireshark PC will be connected to fa0/24.
#config t
#monitor session 1 source int fa0/1 both
#monitor session 1 destination int fa0/24
#do show monitor
If you want to read more about SPAN, below is a link from Cisco on it.
https://www.cisco.com/assets/sol/sb/Switches_Emulators_v2_3_5_xx/help/250/index.html#page/tesla_250_olh/span_overview.html
The SPAN feature, which is sometimes called port mirroring or port monitoring, selects network traffic for analysis by a network analyzer. The network analyzer can be a Cisco SwitchProbe device or other Remote Monitoring (RMON) probes. Port mirroring is used on a network device to send a copy of network packets, seen on a single device port, multiple device ports, or an entire VLAN, to a network monitoring connection on another port on the device. This is commonly used when monitoring of network traffic, such as for an intrusion-detection system, is required. A network analyzer, connected to the monitoring port, processes the data packets. The device can mirror up to four interfaces per session.A packet, which is received on a network port and assigned to a VLAN that is subject to mirroring, is mirrored to the analyzer port even if the packet was eventually trapped or discarded. Packets sent by the device are mirrored when Transmit (Tx) mirroring is activated.Mirroring does not guarantee that all traffic from the source port(s) is received on the analyzer (destination) port. If more data is sent to the analyzer port than it can support, some data might be lost.
Its always good to change the default password of your Network Devices.
Below is the instruction on how to change the default password for your Huawei ONT.
It works for Huawei ONT model H545M5 but I am sure it works the same of other Huawei ONTs as well.
──╼ $echo -n newpasswd | md5sum
e08df5d370e3a10fb6a005763877b60d –
$# Now Convert e08df5d370e3a10fb6a005763877b60d to SHA256
└──╼ $echo -n e08df5d370e3a10fb6a005763877b60d | sha256sum
9be816fc0bf890f4700b60e8ecf1102deeb66fc9c54475d74570126d1e9586f3 –
With your new SHA256 hash, update your config text file and upload config text file to your ONT.
Reboot the ONT and login with the new password.
Mind you again , its always a good idea to keep the backup of your config file in case something goes wrong.
Cheers
Teza
When you do Wireless pen-testings, you want to use these tools.
airmon-ng
airodump-ng
aireplay-ng
Basically what that means is you want your wireless cards to be able to perform these tasks.
Change monitor mode
Packet capturing
Packet Injection.
If you want to go fancier, you might also want to have a look at TX gain, band etc but nevermind that for now.
Not all wireless cards support above functions.
And its hard to tell if you get the right wireless adapter, because there are many different wifi adapters brands out there, but you need to find one with the right chipset.
Here is a link for you to consult with. See if you wireless card has the right chipset.
https://www.kali.org/docs/nethunter/wireless-cards/
It will help you to find the right wireless cards, but sometimes you can get lucky even if your card is not on that list.
For me, I have a built in Relatek chipset, which is not listed in the link above, but does all the required tasks to perform the wifi testing.
I also happened to buy a TP-Link TL-WN722N which happens to be version 2/3 (only version 1 has the right chipset) but I heard there is a way to get it working with different driver.
So, the best way to get the right wireless card, you need to find the right chipset . Do a bit of research on the card that you have or you are buying.
You wont know what chipset it uses, so you have to dig a bit into that as well.
use lspci to find out what chipset installed for your wireless
use lsusb to find out which chipset your wifi adapter uses.
Start off by changing to monitor mode and see if monitor mode is supported. Then carry on with other tools.
iwconfig wlan0 mode monitor
man info for the tools I mentioned earlier –
airmon-ng This script can be used to enable monitor mode on wireless interfaces. It may also be used to go back from monitor mode to managed mode. Entering the airmon-ng command without parameters will show the interfaces status. It can also list/kill programs that can interfere with the wireless card operation.
airodump-ng is used for packet capturing of raw 802.11 frames for the intent of using them with aircrack-ng. If you have a GPS receiver connected to the computer, airodump-ng is capable of logging the coordinates of the found access points. Additionally, airodump-ng writes out a text file containing the details of all access points and clients seen.
aireplay-ng is used to inject/replay frames. The primary function is to generate traffic for the later use in aircrack-ng for cracking the WEP and WPA-PSK keys. There are different attacks which can cause deauthentications for the purpose of capturing WPA handshake data, fake authentications, Interactive packet replay, hand-crafted ARP request injection and ARP-request reinjection. With the packetforge-ng tool it’s possible to create arbitrary frames.
Cheers
Teza
After installing Parrot Security OS, I was not able to connect to wifi anymore. The reason being Parrot OS not supporting my laptop’s Realtek wifi chipset.
Long story short and get to the troubleshooting steps, that got me going.
ifconfig
See if your wifi interface is up, normally you should see a loopback interface, LAN interface and a WLAN interface.
lspci
Check your chipset model. Below is my wifi card. If you see something similar but WLAN interface is not showing up on ifconfig, then its most likely the driver issue.
03:00.0 Network controller: Realtek Semiconductor Co., Ltd. RTL8821CE 802.11ac PCIe Wireless Network Adapter
Temporary internet connection
You will need an Internet connection
I know it sounds silly when your WLAN interface is not showing up, but trust me its alot easier to try to connect to internet first. Get a wifi adapter or an Ethernet cable to connect to the internet first.
Step 5 – Disable Secure Boot in Bios
reboot your computer, in Bios configuration, Enable Legacy and disable Secure Boot.
Save and Exit. Depending on your Laptop make, F key will be different. For HP, it is F10.
Git Clone driver for Linux
sudo git clone https://github.com/tomaspinho/rtl8821ce
change to download folder
cd rtl8821ceChange permissions
chmod +x dkms-install.sh
chmod +x dkms-remove.sh
Run the Installer
sudo bash dkms-install.sh
Reboot your computer
For whatever reason, you want to change your DNS, you need to change it at resolv.conf
First change your directory to /etc.
cd /etc
if you type in ls -l, you will see resolv.conf file.
you have to sudo or su to make changes
sudo nano resolv.conf
if there is existing dns, you can hash it out. Just put # in front of the address
and then type in the new nameservers
you can use openDNS, Googles DNS or any DNS that you prefer.
OpenDNS 1: 208.67.222.222
OpenDNS 2: 208.67.220.220
ctrl + O
Enter
ctrl +x
First, install proxychains. sudo apt-get update -y
$ sudo apt-get install -y proxychains
$ locate proxychains
Then change the config files. The config files are in the code below.
$ nano proxychains4.conf
If you wish, you can add more proxy address.
At the bottom of the conf file, add your proxy addresses.
Format should be
proxy type IP address Port Username password
Example socks5 101.2.3.123 12356
There are many websites which you can find proxy addresses. just search for socks proxy.
Use dynamic chain and link it with Tor
All you need to do is just unhash the lines that you want to enable.
$ service tor status
$ service tor stop /start
$ proxychains4 curl ipinfo.io/city #this will tell you where your current location is. Check this first to make sure you are hidden.
Now you can browse securely.
$ proxychain firefox google.com
You can also use proxychain with other services. You just need to run the proxychain command first.
Example proxychain nmap 213.12.123.12
Continue reading “Using Proxy Chains to tunnel traffic over network”Yes, we are based in New Zealand.
You know what that means?
It means we are NOT half way around the world.
We are just at your door steps READY to help you with whatever technical issues that you may have.
And the cool thing about Kiwis?
We take pride in our works. Yes we do.