Choose Server

Posted by root on Tuesday Mar 14, 2017 Under Bash, Debian, Linux, Server

Dedicated Server parameters and requirements to consider on choosing a server:

-Price
-Location of the Server
-Hosting Company Reputation
-Managed / Unmanaged Server
-Debian / Centos / Freebsd
-Operating system encrypted?
-connection ssl?
-Certificate ssl ?
-Internet T1 line / bandwidth / unmetered connection
-Memory Ram / ecc amount and type / encrypted ram?
-Type Disk (ssd preferably) / self encrypted drives? / SAS hard drives?
-uptime company
-backups
-brand hardware used (samsung / asus / intel / western digital)
-Datacenter Infrastructure (power, fire detection etc)
-Firewall Iptables / router / ddos protection
-Control Panel- plesk / cpanel / webmin / ajentis / zpanel / ispconfig
-connection ipv4 or ipv6
-type of Raid or lvm chosen
-server hardware dust filters
-cooling type
-remote reboot / wake on wan / remote access
-bios type & brand
-Power / energy consumption
-Software used on server server
-automation-scripts
-technical support response time
-contact company before purchasing services package
-test panel demos

Access to the server using:
-sftp
-ssh v3
-vpn
-file permissions
-sstp

Security
-used protocols
-disable root
-close ports + services
-IDS snort (intrusion detecting system)
-mail filters / spamassassin + failban
-Logs / Backlog
-Password Policy
-Types of Encryption and ciphers used (sha1, md5, des, diffie hellman etc)
-backups
-Access control list
-All passwords different and complex

Plataformas teste Vulnerabilidades:
https://pentesterlab.com
http://vulnhub.com/
https://www.lunarpages.com/uptime/securing-your-linux-dedicated-server

 

Documentação extra ler:
https://en.wikipedia.org/wiki/Server_(computing)
http://uptime.netcraft.com/


http://wikibon.org/wiki/v/Server_Options:_When_to_Lease_vs._When_to_Buy
http://www.cyberciti.biz/faq/data-center-standard-overview/
http://www.cyberciti.biz/tips/linux-security.html

Lista Datacenter internacionais:
http://wiredre.com/international-data-center-list/
http://uptimeinstitute.com/TierCertification/

Empresas Hosting :
https://www.ovh.pt/servidores_dedicados/
https://www.hetzner.de/
http://www.server4you.com/
http://www.online.net/

Observação- sempre comprar no país que oferece  preço mais baixo!

Hosting Companies Extra:
http://english.keyweb.de/products/server/dedicated-server/
https://www.hosteurope.de/en/Server/Root-Server/
http://www.df.eu/

Products


https://www.1and1.co.uk/server-dedicated-l?linkOrigin=dedicated-server&linkId=ct.btn.server-dedicated-l
http://www.webtropia.com/en/root-server/root-server-details.html?pid=RootS
http://www.serversfree.com/server-features/
https://www.copahost.com/en/managed-dedicated-servers

VPS
https://www.linode.com/
https://www.digitalocean.com/
http://contabo.com
https://www.time4vps.eu/cart.php?a=view
http://www.server4you.com/vps/
https://ramnode.com/vps.php

Servidores Dedicados

Análises Seg:
http://www.inguardians.com/
http://www.modzero.ch/en/contact.html
http://www.offensive-security.com/

SOFTWARE
foreman
openstack
puppet
squid
ferm
fail2ban
snort
spam assassin
dnswall
setup dns

Tags : | add comments

crypt irc+tor+sasl

Posted by zh on Tuesday Mar 14, 2017 Under Uncategorized

Bemvindos a mais um artigo:

Neste post vamos usar crypto em clientes de IRC com Otr, , Fish, AES ou derivados e ligar com TOR e SASL se o servidor suportar ou estiver configurado ao IRC.

De forma a instalar o Otr:

Vamos usar o cliente de irc “hexchat” mas em muitos outros o esquema é semelhante.

Debian

apt-get install hexchat

sudo apt-update
sudo apt-get -y install hexchat gcc make pkg-config libglib2.0-dev git automake autoconf-archive libtool glibc-source libcrypt-gcrypt-perl libotr5-dev

Existe ainda a hipótese de fazerem isto com backports onde o comando é o mesmo mas incluem “-t release-backports” a release seria por exemplo “stretch”, mas só fazem isto se os pacotes do vosso debian estiverem com backports e adicionados os repositórios na sources list. Este passo é opcional.

sudo apt-get -y install -t jessie-backports hexchat gcc make pkg-config libglib2.0-dev git automake autoconf-archive libtool glibc-source libcrypt-gcrypt-perl libotr5-dev

git clone https://github.com/TingPing/hexchat-otr
cd hexchat-otr

# compilar
./autogen.sh ; make -s
sudo make install

Existe ainda

https://github.com/TingPing/hexchat-otr

Dentro do cliente IRC hexchat executar comandos na janela de private do nick em questão:

/otr start

/otr finish

 

Fish

Por default já vem no cliente de irc Hexchat

Comandos na janela de private do cliente de irc ou canal

No nick de utilizador:

/setkey password

/delkey nick

No canal

/setkey password
/delkey #channel

 

Windows

Otr

Fish

Brevemente….

 

SASL

Para quem não sabe é uma framework de authenticação e segurança de dados em protocolos internet.

1-Abrir a lista de Redes no Hexchat (Ctrl+S) e escolhem a rede que querem.

2-No Campo de username colocar o vosso nick primário

3- Selecionar (username+password) no método de login

4- No campo de SASL password colocar a password.

 

TOR

Hexchat

/set net_proxy_host 127.0.0.1
/set net_proxy_type 3
/set net_proxy_port 9050 ou 9150 depende config
/set net_proxy_use 0

/set irc_user_name

/server -ssl hidden.onion 443 YourPasswordHere

ou

/server -ssl ipv6.url.pt 6697

Tags : | add comments

Arch linux vbox install

Posted by zh on Tuesday Mar 14, 2017 Under Uncategorized

Primeiramente instalar o virtualbox ou outra plataforma de virtualização de forma a criar uma máquina virtual no SO este pode ser Windows, GNU/Linux, Mac os x, BSD ou outros, neste caso vamos usar GNU/Linux

 

Depois fazer o download do ISO no site do ArchLinux:

https://www.archlinux.org/download/ na forma que mais preferirem magnet, torrent ou http.

Iremos criar uma nova entrada no vbox com as seguintes caracteristicas:

 

Selecionar type linux, arch linux 64bits

e indicar

Ram- 1GB ram

disco 20gb espaço

 

Comandos inseridos na vhd da vbox

loadkeys pt-latin9

timedatectl set-ntp true

cfdisk

mkfs.ext4 /dev/sda2

mount /dev/sda2 /mnt

mkswap /dev/sda1

swapon /dev/sda1

mkdir /mnt/boot

mount /dev/sda2 /mnt/boot

pacstrap /mnt base base-devel

 

genfstab -U -p /mnt >> /mnt/etc/fstab

arch-chroot /mnt

ln -sf /usr/share/zoneinfo/Europe/Lisbon /etc/localtime

hwclock –systohc

locale-gen

echo “LANG=pt_PT.UTF-8” > /etc/locale.conf

echo “KEYMAP=pt-latin9” > /etc/vconsole.conf

echo “planet” > /etc/hostname

 

pacman -S grub-bios

grub-install /dev/sda

grub-mkconfig -o /boot/grub/grub.cfg

mkinitcpio -p linux

 

echo “127.0.1.1 planet.localdomain planet” > /etc/hosts

127.0.0.1 localhost.localdomain localhost

::1 localhost.localdomain localhost

127.0.1.1 myhostname.localdomain myhostname

 

passwd

exit

 

useradd -m -g users -s /bin/bash test

useradd -m -g users -G wheel -s /bin/bash test

passwd test

 

visudo (add sudoers)

User ALL=(ALL) ALL

Ambiente Gráfico XFCE

pacman -Syy

pacman -S xorg-server xorg-server-utils xorg-xinit xf86-video-amdgpu xfce4 xfce4-goodies lightdm

echo “exec startxfce4” > ~/.xinitrc

systemctl enable lightdm.service

systemctl enable dhcpcd.service

umount –R /mnt

 

Tags : | add comments

#hydra example

Posted by root on Tuesday Mar 14, 2017 Under Uncategorized

Hydra is a very fast network logon cracker that support many different services.

hydra -l lifefilta -P passwords.txt ftp://192.168.122.5

hydra ssh -l -P -s 22 -vV

Tags : , , | add comments

#tcpdump examples

Posted by root on Tuesday Mar 7, 2017 Under Bash, Network

In most cases you will need root permission to be able to capture packets on an interface. Using tcpdump (with root) to capture the packets and saving them to a file to analyze with Wireshark (using a regular account) is recommended over using Wireshark with a root account to capture packets on an “untrusted” interface. See the Wireshark security advisories for reasons why.

See the list of interfaces on which tcpdump can listen:

tcpdump -D

Listen on interface eth0:

tcpdump -i eth0

Listen on any available interface (cannot be done in promiscuous mode. Requires Linux kernel 2.2 or greater):

tcpdump -i any

Be verbose while capturing packets:

tcpdump -v

Be more verbose while capturing packets:

tcpdump -vv

Be very verbose while capturing packets:

tcpdump -vvv

Be verbose and print the data of each packet in both hex and ASCII, excluding the link level header:


tcpdump -v -X

Be verbose and print the data of each packet in both hex and ASCII, also including the link level header:

tcpdump -v -XX

Be less verbose (than the default) while capturing packets:

tcpdump -q

Limit the capture to 100 packets:

tcpdump -c 100

Record the packet capture to a file called capture.cap:

tcpdump -w capture.cap

Record the packet capture to a file called capture.cap but display on-screen how many packets have been captured in real-time:

tcpdump -v -w capture.cap

Display the packets of a file called capture.cap:

tcpdump -r capture.cap

Display the packets using maximum detail of a file called capture.cap:

tcpdump -vvv -r capture.cap

Display IP addresses and port numbers instead of domain and service names when capturing packets (note: on some systems you need to specify -nn to display port numbers):

tcpdump -n

Capture any packets where the destination host is 192.168.1.1. Display IP addresses and port numbers:

tcpdump -n dst host 192.168.1.1

Capture any packets where the source host is 192.168.1.1. Display IP addresses and port numbers:

tcpdump -n src host 192.168.1.1

Capture any packets where the source or destination host is 192.168.1.1. Display IP addresses and port numbers:


tcpdump -n host 192.168.1.1

Capture any packets where the destination network is 192.168.1.0/24. Display IP addresses and port numbers:

tcpdump -n dst net 192.168.1.0/24

Capture any packets where the source network is 192.168.1.0/24. Display IP addresses and port numbers:

tcpdump -n src net 192.168.1.0/24

Capture any packets where the source or destination network is 192.168.1.0/24. Display IP addresses and port numbers:

tcpdump -n net 192.168.1.0/24

Capture any packets where the destination port is 23. Display IP addresses and port numbers:

tcpdump -n dst port 23

Capture any packets where the destination port is is between 1 and 1023 inclusive. Display IP addresses and port numbers:

tcpdump -n dst portrange 1-1023

Capture only TCP packets where the destination port is is between 1 and 1023 inclusive. Display IP addresses and port numbers:

tcpdump -n tcp dst portrange 1-1023

Capture only UDP packets where the destination port is is between 1 and 1023 inclusive. Display IP addresses and port numbers:

tcpdump -n udp dst portrange 1-1023

Capture any packets with destination IP 192.168.1.1 and destination port 23. Display IP addresses and port numbers:

tcpdump -n "dst host 192.168.1.1 and dst port 23"

Capture any packets with destination IP 192.168.1.1 and destination port 80 or 443. Display IP addresses and port numbers:

tcpdump -n "dst host 192.168.1.1 and (dst port 80 or dst port 443)"

Capture any ICMP packets:

tcpdump -v icmp

Capture any ARP packets:

tcpdump -v arp

Capture either ICMP or ARP packets:


tcpdump -v "icmp or arp"

Capture any packets that are broadcast or multicast:

tcpdump -n "broadcast or multicast"

Capture 500 bytes of data for each packet rather than the default of 68 bytes:

tcpdump -s 500

Capture all bytes of data within the packet:

tcpdump -s 0

Based on Article first published March 13, 2010. Last updated October 1, 2014 by RationallyPARANOID.com

Tags : , , | add comments