2020年11月12日 星期四

修正cisco switch ssh無法連線問題

指令

switch#conf t

switch#crypto key zeroize

switch#crypto key generate rsa general-keys modulus 2048

switch#end

switch#wr


連線時出現的錯誤訊息

Unable to negotiate with 192.168.0.1 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 


修改後的連線方式

ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 -c aes256-cbc user@192.168.0.1

2020年10月26日 星期一

OpenVAS on CentOS 8

參考網站

https://www.libellux.com/openvas/#install-openvas-20-08-centos


 == 更新 CentOS ==

server@centos:~$ sudo yum -y update


== 關閉root可以登入ssh ==

server@centos:~$ sudo nano /etc/ssh/sshd_config

PermitRootLogin no

server@centos:~$ sudo systemctl restart sshd.service

server@centos:~$ sudo yum update

server@centos:~$ sudo nano /etc/ssh/sshd_config

PermitRootLogin no

server@centos:~$ sudo systemctl restart sshd.service

server@centos:~$ sudo yum update


== 查看SELinux狀態 ==

server@centos:~$ sudo sestatus

SELinux status:                 enabled


== 關閉SELinux ==

server@centos:~$ sudo setenforce 0

server@centos:~$ sudo nano /etc/selinux/config

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#     enforcing - SELinux security policy is enforced.

#     permissive - SELinux prints warnings instead of enforcing.

#     disabled - No SELinux policy is loaded.

SELINUX=disabled

 

== 重新開機 ==

server@centos:~$ sudo shutdown -r now


== 再次確認SELinux狀態 ==

server@centos:~$ sudo sestatus

SELinux status:                 disabled


== 安裝 wget ==

server@centos:~$ sudo yum install wget


== download the Atomicorp installer ==

server@centos:~$ wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo sh

For supported software packages please contact us at: 

  sales@atomicorp.com

Do you agree to these terms? (yes/no) [Default: yes] yes

Enable repo by default? (yes/no) [Default: yes]: yes


== Enable PowerTools and install extra packages ==

server@centos:~$ sudo yum config-manager --set-enabled PowerTools

server@centos:~$ sudo yum install epel-release


== 安裝 gvm ==

server@centos:~$ sudo yum install gvm


== 更新及設定admin密碼(這個跑很久) ==

server@centos:~$ sudo gvm-setup


== 進入網站 ==

https://127.0.0.1/

https://ipv4/

https://[ipv6]/

2020年10月6日 星期二

Chrome 啟動參數

路徑

"C:\Users\Duck\AppData\Local\Google\Chrome\Application\chrome.exe" 

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"


參數
--proxy-server=myproxy:3128設定proxy
--incognito無痕模式
--kiosk啟動時全螢幕(F11無效)
--disable-pinch禁止兩指縮放螢幕
--overscroll-history-navigation=0禁止螢幕滑動
--disable-javascript禁止javascript
--disable-ipv6禁止ipv6
--disable-desktop-notifications禁止提示
--disable-audio禁止audio

2020年8月27日 星期四

VirtualBox cli 控制命令

 啟動VM

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" startvm {name / uuid}


背景啟動VM

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" startvm {name / uuid} --type headless


列出所有的VM

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" list vms


列出所有執行中的VM

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" list runningvms


暫停VM

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" controlvm {name / uuid} pause


啟動暫停的VM

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" controlvm {name / uuid} resume


重設VM

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" controlvm {name / uuid} reset


強制關機

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" controlvm {name / uuid} poweroff


關機

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" controlvm {name / uuid} acpipowerbutton


查看VM裡的IP設定 (需安裝agent)

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" guestproperty get {name / uuid} "/VirtualBox/GuestInfo/Net/0/V4/IP"

2020年8月24日 星期一

FreeBSD apache24 with letsencrypt

安裝

pkg install py37-certbot


----------

先測試是否可正常下載憑證

certbot certonly --standalone -d example.tw --dry-run

成功的話再下

certbot certonly --standalone -d example.tw

檔案會放在

/usr/local/etc/letsencrypt/live/example.tw/


----------

編輯httpd.conf

Listen 443

LoadModule ssl_module libexec/apache24/mod_ssl.so

<VirtualHost *:443>

    ServerName example.tw

    DocumentRoot /home/example/www

    SSLEngine on

    SSLCertificateFile "/usr/local/etc/letsencrypt/live/example.tw/cert.pem"

    SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/example.tw/privkey.pem"

    SSLCertificateChainFile /usr/local/etc/letsencrypt/live/example.tw/chain.pem

</VirtualHost>

FreeBSD apache24 with mod_security

 安裝

pkg install ap24-mod_security


----------

apache24啟用mod_security

*把註解拿掉


ee /usr/local/etc/apache24/modules.d/280_mod_security.conf


LoadModule unique_id_module libexec/apache24/mod_unique_id.so

LoadModule security2_module libexec/apache24/mod_security2.so

Include /usr/local/etc/modsecurity/*.conf

Include /usr/local/etc/modsecurity/activated_rules/*.conf


----------

抓取core rule set檔案

fetch https://github.com/coreruleset/coreruleset/archive/v3.3.0.tar.gz


tar zxvf v3.3.0.tar.gz


cd coreruleset-3.3.0

cp crs-setup.conf.example /usr/local/etc/modsecurity/


cd rules

cp * /usr/local/etc/modsecurity/


----------

重新啟動apache

service apache24 restart


----------

測試

開啟一個不存在的網頁

http://example.com/aaaa.php

or

curl -Ik https://example.tw/?abc=../../

可以在/var/log/modsec_audit.log看到紀錄

2020年8月13日 星期四