10.07.2015
09.07.2015
Nmap/Hping3 [Scan tips]
[Dumb scan]
Hping3:
#hping3 192.168.1.254 -r
#hping3 192.168.1.1 -a 192.168.1.254 -p 3306 -S
//192.168.1.254 - подставной хост
//192.168.1.1 - таргет
----> id=n+1[open] , id=+1 [close]
Nmap:
#nmap -Pn -sI 192.168.1.254 192.168.1.1
// -sI - idle scan
2-3x раз, сверить результаты.
Nmap скрипты:
nmap -n -P0 -p80,443 -iL hostNP.lst --script=\
http-apache-server-status,\
http-auth-finder,\
http-backup-finder,\
http-comments-displayer,\
http-default-accounts,\
http-devframework,\
http-enum,\
http-headers,\
http-mobileversion-checker,\
http-php-version,\
http-robots.txt,\
http-svn-info,\
http-useragent-tester,
http-vhosts,\
http-webdav-scan,\
http-xssed\
-oA script_scan_np
Nmap exploits:
nmap -n -P0 -p80,443 -iL hostNP.lst --script=\
http-csrf,\
http-dombased-xss,\
http-fileupload-exploiter,\
http-shellshock,\
http-stored-xss,\
http-vuln-cve-2006-2293,\
http-vuln-cve-2009-3960,\
http-vuln-cve-2012-1823,\
http-vuln-cve-2013-0156,\
http-vuln-cve-2013-6786,\
http-vuln-cve-2013-7091,\
http-vuln-cve-2014-3704,\
http-vuln-cve-2014-8877,\
-oA nmap_plus
Hping3:
#hping3 192.168.1.254 -r
#hping3 192.168.1.1 -a 192.168.1.254 -p 3306 -S
//192.168.1.254 - подставной хост
//192.168.1.1 - таргет
----> id=n+1[open] , id=+1 [close]
Nmap:
#nmap -Pn -sI 192.168.1.254 192.168.1.1
// -sI - idle scan
2-3x раз, сверить результаты.
Nmap скрипты:
nmap -n -P0 -p80,443 -iL hostNP.lst --script=\
http-apache-server-status,\
http-auth-finder,\
http-backup-finder,\
http-comments-displayer,\
http-default-accounts,\
http-devframework,\
http-enum,\
http-headers,\
http-mobileversion-checker,\
http-php-version,\
http-robots.txt,\
http-svn-info,\
http-useragent-tester,
http-vhosts,\
http-webdav-scan,\
http-xssed\
-oA script_scan_np
Nmap exploits:
nmap -n -P0 -p80,443 -iL hostNP.lst --script=\
http-csrf,\
http-dombased-xss,\
http-fileupload-exploiter,\
http-shellshock,\
http-stored-xss,\
http-vuln-cve-2006-2293,\
http-vuln-cve-2009-3960,\
http-vuln-cve-2012-1823,\
http-vuln-cve-2013-0156,\
http-vuln-cve-2013-6786,\
http-vuln-cve-2013-7091,\
http-vuln-cve-2014-3704,\
http-vuln-cve-2014-8877,\
-oA nmap_plus
08.07.2015
Eset Nod32 Smart Security Server Update
настроить бесплатный сервер обновления:
HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info меняем значение параметра PackageFeatures на 0х0000003d
http://nod32.genesis.ua/nod326/ Eset Smart Security 4, 5, 6, 7, 8 и 9
HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info меняем значение параметра PackageFeatures на 0х0000003d
http://nod32.genesis.ua/nod326/ Eset Smart Security 4, 5, 6, 7, 8 и 9
http://www.ut21.ru/v7/ резервный сервер для всех версий
Unified Networking Lab vMX/VSRX
this is how to import vMX.ova in unetlab, it's working for me :
Upload the downloaded image : vMX.ova to the UNetLab
# mv vMX.ova vmx-14.1R1.10-domestic.ova
# mkdir tmp
# cd tmp
# tar xf ../vmx-14.1R1.10-domestic.ova
# mkdir -p /opt/unetlab/addons/qemu/vmx-14.1R1.10-domestic
# mv hda.qcow2 /opt/unetlab/addons/qemu/vmx-14.1R1.10-domestic
# cd ..
# rm -rf tmp
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
login : root
pass : root123
and this is all, enjoy !!!
IMPORTING JUNIPER VSRX IMAGES
The following procedure refers to the most recent and supported image only. Older images should work too. Remember that UNetLab image names are strongly suggested for lab portability.
Upload the downloaded image to the UNetLab master node using for example FileZilla or WinSCP. Then login as root using SSH protocol and uncompress it:
Upload the downloaded image : vMX.ova to the UNetLab
# mv vMX.ova vmx-14.1R1.10-domestic.ova
# mkdir tmp
# cd tmp
# tar xf ../vmx-14.1R1.10-domestic.ova
# mkdir -p /opt/unetlab/addons/qemu/vmx-14.1R1.10-domestic
# mv hda.qcow2 /opt/unetlab/addons/qemu/vmx-14.1R1.10-domestic
# cd ..
# rm -rf tmp
# /opt/unetlab/wrappers/unl_wrapper -a fixpermissions
login : root
pass : root123
and this is all, enjoy !!!
IMPORTING JUNIPER VSRX IMAGES
The following procedure refers to the most recent and supported image only. Older images should work too. Remember that UNetLab image names are strongly suggested for lab portability.
Upload the downloaded image to the UNetLab master node using for example FileZilla or WinSCP. Then login as root using SSH protocol and uncompress it:
mkdir tmp
cd tmp
tar xf ../junos-vsrx-12.1X44-D10.4-domestic.ova
/opt/qemu/bin/qemu-img convert -f vmdk -O qcow2 junos-vsrx-12.1X44-D10.4-domestic-disk1.vmdk hda.qcow2
mkdir -p /opt/unetlab/addons/qemu/vsrx-12.1X44-D10.4-domestic
mv hda.qcow2 /opt/unetlab/addons/qemu/vsrx-12.1X44-D10.4-domestic
cd ..
rm -rf tmp
/opt/unetlab/wrappers/unl_wrapper -a fixpermissions
07.07.2015
BCC. Postfix / MS Exchange + Fireeye EX
Postfix
always_bccAdd the following entry in /etc/postfix/main.cf to forward all mails in the server to fireeyebcc@fireeye.mycorp.com.
always_bcc = fireeyebcc@fireeye.mycorp.com
sender_bcc_maps and recipient_bcc_maps
..........................................
(Вариант с Postfix. BCC)
DNS server (внутренний/внешний, который используется как основной dns для Postfix):
;$TTL 86400
$ORIGIN mycorp.com.
$TTL 3D
После чего, Postfix будет копировать мыла на ip 192.168.1.116(адрес на интерфейсе patch3,Fireeye EX, который стоит в режиме BCC, (action - DROP, в настройках))
MS Exchange
Go To Organization Configuration > Hub Transport and select the Send Connectors tab
· Right-click to create a new send connector
· On the ‘Address Space’ page of the wizard, add your BCC domain (fetest.com in this example)
· On the ‘Network Settings’ page, choose ‘Route mail through the following smart hosts’ and
define a new smart host with the IP address of the FireEye (BCC) MTA
· Follow
On the ‘Network Settings’ page, choose ‘Route mail through the following smart hosts’ and
define a new smart host with the IP address of the FireEye (BCC) MTA
Follow the defaults to complete the rest of the wizard
Go To Organization Configuration > Hub Transport and select the Transport Rules tab
· Right-click to create a new transport rule
· On the ‘Conditions’ page of the rule wizard, do not select any conditions (so that the rule
applies unconditionally). You should get a warning that the rule will be applied to every
message
· On the ‘Actions’ page of the wizard, select ‘Blind Carbon Copy…’ and enter the BCC address
· Follow the defaults to complete the wizard and create the rule
..........................................
(Вариант с Postfix. BCC)
DNS server (внутренний/внешний, который используется как основной dns для Postfix):
;$TTL 86400
$ORIGIN mycorp.com.
$TTL 3D
...
fireeye A 192.168.1.116После чего, Postfix будет копировать мыла на ip 192.168.1.116(адрес на интерфейсе patch3,Fireeye EX, который стоит в режиме BCC, (action - DROP, в настройках))
MS Exchange
Go To Organization Configuration > Hub Transport and select the Send Connectors tab
· Right-click to create a new send connector
· On the ‘Address Space’ page of the wizard, add your BCC domain (fetest.com in this example)
· On the ‘Network Settings’ page, choose ‘Route mail through the following smart hosts’ and
define a new smart host with the IP address of the FireEye (BCC) MTA
· Follow
On the ‘Network Settings’ page, choose ‘Route mail through the following smart hosts’ and
define a new smart host with the IP address of the FireEye (BCC) MTA
· Right-click to create a new transport rule
· On the ‘Conditions’ page of the rule wizard, do not select any conditions (so that the rule
applies unconditionally). You should get a warning that the rule will be applied to every
message
· On the ‘Actions’ page of the wizard, select ‘Blind Carbon Copy…’ and enter the BCC address
· Follow the defaults to complete the wizard and create the rule
06.07.2015
Увеличение LVM диска в виртуальной машине на лету
Гипервизор сервер Supermicro с KVM и libvirt на Ubuntu.
Гости — Ubuntu с LVM2.
Задача:
Увеличить размер системного дисков без выключения/перезагрузки гостевой ОС.
Коротко это было так:
На гипервизоре:
Гости — Ubuntu с LVM2.
Задача:
Увеличить размер системного дисков без выключения/перезагрузки гостевой ОС.
На гипервизоре:
- virsh list
- virsh qemu-monitor-command vm-db --hmp «info block»
- virsh qemu-monitor-command vm-db --hmp «block_resize drive-virtio-disk0 1000G»
- df -h
- parted /dev/vda
- resizepart 2
- 1000GB
- resizepart 5
- 1000GB
- q
- pvresize /dev/vda5
- lvscan
- lvextend /dev/vm-db-vg/root -l +100%FREE
- resize2fs /dev/vm-db-vg/root
- df -h
Подписаться на:
Сообщения (Atom)