Network management

Defense

Block all packets from a 1.2.3.0/24

$ sudo iptables -I INPUT -s 117.25.128.0/24 -j DROP


Tray

Making a samba share

  • Last tested on Ubuntu 16.04 LTS (xenial) & Windows 10.0.10586

at the end of /etc/samba/smb.conf add a share config.

[ea]
        comment = pistis - echo admin
        path = /var/www/ea
        admin users = mhan
        read only = No
        create mask = 0755

then add the Samba account.

$ sudo smbpasswd -a mhan

then restart samba

$ sudo systemctl restart smbd.service nmbd.service

then on Windows execute the following. For the username, you may have to enter it in the form mhan@pistis or pistis\mhan. Enter the password you used when you added the Samba account for the user.

C:\>net use Z: \\pistis\ea /savecred /persistent:yes


Checking the accessibility of a port through the network

Checking if port 8080 is accessible on pisteo.example.com

$ sudo hping3 -T -t 1 -p 8080 pisteo.example.com


Tracing a route

$ traceroute pisteo.example.com

Get public IP address from CLI

$ dig +short myip.opendns.com @resolver1.opendns.com // this one doesn't seem to work

$ dig TXT +short o-o.myaddr.l.google.com @ns1.google.com | awk -F'"' '{ print $2}'

$ wget -qO- http://ipecho.net/plain | xargs echo


Query DNS record

$ dig +short -t txt _acme-challenge.domain.com
"kjg8gWocWWlJXrQIVYsxT1b7JkPsQoI2iJlsaetnOAU"
$ host -t txt _acme-challenge.domain.com
_acme-challenge.domain.com descriptive text "kjg8gWocWWlJXrQIVYsxT1b7JkPsQoI2iJlsaetnOAU"


Get local IP address from CLI

$ hostname -I | awk '{print $1}'
192.168.86.21


Get server certificate fingerprint

$ gnutls-cli --insecure vpn.server.edu
Processed 0 CA certificate(s).
Resolving 'vpn.server.edu'...
Connecting to '129.24.220.45:443'...
- Certificate type: X.509
- Got a certificate list of 1 certificates.
- Certificate[0] info:
 - subject `C=US,postalCode=12331,ST=VA,L=Springfield,street=1 University of Muchakan,O=University of Muchakan,OU=IT,CN=vpn.server.edu', issuer `C=US,ST=MI,L=Ann Arbor,O=Internet2,OU=InCommon,CN=InCommon RSA Server CA', RSA key 2048 bits, signed using RSA-SHA256, activated `2019-04-04 00:00:00 UTC', expires `2020-04-03 23:59:59 UTC', SHA-1 fingerprint `9521c4b9db51e376a9527ca38d46925e09e171f1'
        Public Key ID:
                4390f7806426e1db181442a4b31dfe2887fb5b33
        Public key's random art:
                +--[ RSA 2048]----+
                | o+ =+=o         |
                | . + +o.o        |
                |o . o  ..o       |
                | = . = .  .      |
                |. o o . S        |
                | . o     .       |
                |o o o            |
                | + oE            |
                |..o...           |
                +-----------------+

- Status: The certificate is NOT trusted. The certificate issuer is unknown.
*** PKI verification of server certificate failed...
- Description: (TLS1.2)-(RSA)-(AES-128-CBC)-(SHA256)
- Session ID: BB:02:45:FF:1D:DB:E9:D3:25:FF:BA:80:8B:45:01:FF:27:04:26:41:50:A8:9D:9A:E6:62:C8:0F:50:4D:85:9B
- Version: TLS1.2
- Key Exchange: RSA
- Cipher: AES-128-CBC
- MAC: SHA256
- Compression: NULL
- Options: safe renegotiation,
- Handshake was completed

- Simple Client Mode:


^C
$


Network tracing using tools built in to Windows

c:\files> netsh trace start scenario=NetConnection capture=yes report=yes persistent=no maxsize=1024 correlation=no traceFile=C:\Temp\NetTrace.etl