Category: Unix-Linux


Following commands to be added twice to Linux and Windows :

Linux:

net ads dns register -P

Windows:

ipconfig /registerdns

Advertisements

Security News!

Security News:

 

2019/03/11:

Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, which used to find the Availability of a host on an Internet Protocol (IP) network.

https://gbhackers.com/operating-systems-can-be-detected-using-ping-command/

 

2019/02/22:

Corporate firewalls can block reverse and bind TCP connections.However, corporate firewalls are behind internal networks.So we can use PING ICMP Shell:

https://gbhackers.com/icmp-shell-secret/

 

2019/02/03:

Exploiting Malwarebytes antimalware!

https://acru3l.github.io/2019/02/02/exploiting-mb-anti-exploit/

 

2019/01/24: redteam

Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. The major difference is that Koadic does most of its operations using Windows Script Host (a.k.a. JScript/VBScript):

https://github.com/zerosum0x0/koadic

 

 

 

A collection of security articles and web sites, KB, tips and tricks especially for System and Network Administrators, DevOps, Pentesters or Security Researchers.

https://github.com/trimstray/the-book-of-secret-knowledge

 

hacking web sites:

https://thehackernews.com/

https://www.bleepingcomputer.com/

https://www.zataz.com/

 

Passwords databases:

https://haveibeenpwned.com/

https://www.dehashed.com/

https://ghostproject.fr/

https://leaksify.com/

 

The Cyber Swiss Army Knife – a web app for encryption, encoding, compression and data analysis:

https://gchq.github.io/CyberChef/

 

 

 

Basic network capture methods: https://blogs.technet.microsoft.com/askpfeplat/2016/12/27/basic-network-capture-methods/

  1. Network Monitor 3.4 (Netmon) – https://www.microsoft.com/en-us/download/details.aspx?id=4865 (NOTE: Network Monitor is no longer under active development)
  2. Wireshark (v 2.2.2 as of 11/16/16) – https://wireshark.org/#download
  3. Netsh Trace – built-in to operating system
  4. Microsoft Message Analyzer (MMA) (v 1.4 as of 6/13/16) – https://www.microsoft.com/en-us/download/details.aspx?id=44226

Message analyzer operating guide: http://technet.microsoft.com/en-us/library/jj649776.aspx

How to message analyzer on YouTube: https://www.youtube.com/watch?v=e0v0RsQVdT8

As you might guess from the name, Message Analyzer is much more than a network sniffer or packet tracing tool.  Key capabilities include:

  • Integrated “live” event and message capture at various system levels and endpoints (client and server remotely !)
  • Remote capture (capture multiple point concurrently)
  • Parsing and validation of protocol messages and sequences
  • Automatic parsing of event messages described by ETW manifests
  • Summarized grid display – top level is  “operations”, (requests matched with responses)
  • User controlled “on the fly” grouping by message attributes
  • Ability to browse for logs of different types (.cap, .etl, .txt) and import them together
  • Automatic re-assembly and ability to render payloads
  • Ability to import text logs, parsing them into key element/value pairs
  • Support for “Trace Scenarios” (one or more message providers, filters, and views)

Other articles:

Use message analyzer to convert a .etl to .cap: https://blogs.msdn.microsoft.com/benjaminperkins/2018/03/09/analyze-netsh-traces-with-wireshark-or-network-monitor/

 

Capture a network trace using netsh:

https://blogs.msdn.microsoft.com/benjaminperkins/2018/03/09/capture-a-netsh-network-trace/

 

  1. To learn more about your nmcap options, enter “nmcap /?” or “nmcap /examples”
  2. Wireshark training can be found at https://www.wireshark.org/#learnWS.
  3. For more information on Message Analyzer, check out the blog at https://blogs.technet.microsoft.com/messageanalyzer/.
  4. Message Analyzer training videos can be found at https://www.youtube.com/playlist?list=PLszrKxVJQz5Uwi90w9j4sQorZosTYgDO4.
  5. Message Analyzer Operating Guide – https://technet.microsoft.com/en-us/library/jj649776.aspx
  6. Information on the Message Analyzer PowerShell module can be found at https://technet.microsoft.com/en-us/library/dn456518(v=wps.630).aspx.
  7. Remote captures with MMA – https://blogs.technet.microsoft.com/messageanalyzer/2013/10/17/remote-capture-with-message-analyzer-and-windows-8-1/

Centrifydc.conf optimization:

https://centrify.force.com/support/Article/KB-0291-Recommended-settings-in-centrifydc-conf-for-high-load-CPU-servers/

 

Centrifydc reference guide:

https://centrify.force.com/support/servlet/fileField?retURL=%2Fsupport%2Fapex%2FCentrify_KB_ArtDetail%3FId%3DkA080000000H6iQCAS%26search%3D&entityId=ka080000000HVUHAA4&field=Attachment_1__Body__s

https://blogs.technet.microsoft.com/askpfeplat/2018/10/29/ssh-on-windows-server-2019/

General methodology:

  • Insert a USB flash drive into your computer. Your USB flash drive should plug into one of the rectangular or oval USB or USB-C ports on your computer’s housing. Traditional flash drives only fit one way, so don’t force the drive if it doesn’t fit.
    • If your Mac uses USB-C ports, your USB-C flash drive should fit any way in which you insert it.
    • The USB flash drive should be at least 8 gigabytes in space so that it can accommodate most operating system installation files.
  • Make sure that you have an ISO file. If you want to create a bootable USB drive on a Mac, you’ll need to have an ISO file (or an image file, if you’re backing up your computer’s hard drive) ready to drag and drop into Terminal.

    • This is different than how Windows handles bootable flash drives, since you can make a flash drive bootable and then save it for later when using Windows.
  • Open Spotlight

    . Click the magnifying glass icon in the top-right corner of the screen. A search bar will appear.

  • Type in terminal. This will search your Mac for the Terminal application.
  • Double-click Terminal

    . It’s a black box in the middle of the Spotlight search results. Doing so will open Terminal.

  • Open a list of connected drives. Type diskutil list into Terminal, then press Return.
  • Find your USB drive. Look for the USB drive that you plugged into your computer, then look at the USB drive’s name under the “IDENTIFIER” heading. You’ll usually find your USB drive under the “(external, physical)” heading near the bottom of the Terminal window.

    • Your USB flash drive’s name under the “IDENTIFIER” heading will normally be something like “disk1” or “disk2”.
  • Select the USB drive. Type diskutil unmountDisk /dev/disknumber—making sure to replace “disknumber” with the disk’s “IDENTIFIER” name and number (e.g., disk2)—into Terminal, then press Return.
  • Enter the formatting command. Type in sudo dd if= but don’t press the Return key just yet.
  • Drag the ISO file into the Terminal window. Click and drag the ISO file (or disk image file) that you want to boot into using the USB drive into the Terminal window. This will copy the file’s address into the Terminal command.

    • You can also type in the folder path to the ISO file.
  • Press the Space key. This will put a space at the end of the file’s address, making room for the next command.
  • Enter the rest of the command. Type in of=/dev/disknumber bs=1m, again making sure to replace “disknumber” with the USB flash drive’s number (e.g., disk2), and press Return.
  • Type in your password. This is the password that you use to log into your Mac. As you type, you’ll notice that the letters don’t appear in Terminal; this is normal.
  • Press Return. Doing so submits your password and prompts your Mac to begin creating a bootable USB flash drive with your selected ISO or image file.

    • This process can take several hours to complete, so just leave Terminal open and your Mac plugged in.

 

Linux security in a nutshell

 

 

How to register IP+hostname on DNS with AD-domain joined Linux with SSSD:

https://access.redhat.com/discussions/1547813

https://serverfault.com/questions/783864/windows-dns-server-register-a-non-dhcp-client-server-into-2008r2/783976#783976

https://www.freeipa.org/images/a/ae/FreeIPA33-sssd-dns-ad.pdf

 

 

https://dnschecker.org

 

https://www.whois.net/

 

https://mxtoolbox.com/

 

https://whatismyipaddress.com/

 

http://ping-test.org/

 

https://www.portcheckers.com/