修正cisco switch ssh無法連線問題

指令

switch#conf t

switch#crypto key zeroize

switch#crypto key generate rsa general-keys modulus 2048

switch#end

switch#wr

連線時出現的錯誤訊息

Unable to negotiate with 192.168.0.1 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 

修改後的連線方式

ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 -c aes256-cbc user@192.168.0.1

OpenVAS on CentOS 8

參考網站

https://www.libellux.com/openvas/#install-openvas-20-08-centos

 == 更新 CentOS ==

server@centos:~$ sudo yum -y update

== 關閉root可以登入ssh ==

server@centos:~$ sudo nano /etc/ssh/sshd_config

PermitRootLogin no

server@centos:~$ sudo systemctl restart sshd.service

server@centos:~$ sudo yum update

server@centos:~$ sudo nano /etc/ssh/sshd_config

PermitRootLogin no

server@centos:~$ sudo systemctl restart sshd.service

server@centos:~$ sudo yum update

== 查看SELinux狀態 ==

server@centos:~$ sudo sestatus

SELinux status:                 enabled

== 關閉SELinux ==

server@centos:~$ sudo setenforce 0

server@centos:~$ sudo nano /etc/selinux/config

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#     enforcing - SELinux security policy is enforced.

#     permissive - SELinux prints warnings instead of enforcing.

#     disabled - No SELinux policy is loaded.

SELINUX=disabled

 

== 重新開機 ==

server@centos:~$ sudo shutdown -r now

== 再次確認SELinux狀態 ==

server@centos:~$ sudo sestatus

SELinux status:                 disabled

== 安裝 wget ==

server@centos:~$ sudo yum install wget

== download the Atomicorp installer ==

server@centos:~$ wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo sh

For supported software packages please contact us at: 

  sales@atomicorp.com

Do you agree to these terms? (yes/no) [Default: yes] yes

Enable repo by default? (yes/no) [Default: yes]: yes

== Enable PowerTools and install extra packages ==

server@centos:~$ sudo yum config-manager --set-enabled PowerTools

server@centos:~$ sudo yum install epel-release

== 安裝 gvm ==

server@centos:~$ sudo yum install gvm

== 更新及設定admin密碼(這個跑很久) ==

server@centos:~$ sudo gvm-setup

== 進入網站 ==

https://127.0.0.1/

https://ipv4/

https://[ipv6]/

Chrome 啟動參數

路徑

"C:\Users\Duck\AppData\Local\Google\Chrome\Application\chrome.exe" 

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"

參數

--proxy-server=myproxy:3128	設定proxy
--incognito	無痕模式
--kiosk	啟動時全螢幕(F11無效)
--disable-pinch	禁止兩指縮放螢幕
--overscroll-history-navigation=0	禁止螢幕滑動
--disable-javascript	禁止javascript
--disable-ipv6	禁止ipv6
--disable-desktop-notifications	禁止提示
--disable-audio	禁止audio

VirtualBox cli 控制命令

 啟動ＶＭ

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" startvm {name / uuid}

背景啟動ＶＭ

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" startvm {name / uuid} --type headless

列出所有的ＶＭ

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" list vms

列出所有執行中的ＶＭ

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" list runningvms

暫停ＶＭ

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" controlvm {name / uuid} pause

啟動暫停的ＶＭ

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" controlvm {name / uuid} resume

重設ＶＭ

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" controlvm {name / uuid} reset

強制關機

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" controlvm {name / uuid} poweroff

關機

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" controlvm {name / uuid} acpipowerbutton

查看ＶＭ裡的ＩＰ設定 （需安裝agent)

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" guestproperty get {name / uuid} "/VirtualBox/GuestInfo/Net/0/V4/IP"

FreeBSD apache24 with letsencrypt

安裝

pkg install py37-certbot

----------

先測試是否可正常下載憑證

certbot certonly --standalone -d example.tw --dry-run

成功的話再下

certbot certonly --standalone -d example.tw

檔案會放在

/usr/local/etc/letsencrypt/live/example.tw/

----------

編輯httpd.conf

Listen 443

LoadModule ssl_module libexec/apache24/mod_ssl.so

<VirtualHost *:443>

    ServerName example.tw

    DocumentRoot /home/example/www

    SSLEngine on

    SSLCertificateFile "/usr/local/etc/letsencrypt/live/example.tw/cert.pem"

    SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/example.tw/privkey.pem"

    SSLCertificateChainFile /usr/local/etc/letsencrypt/live/example.tw/chain.pem

</VirtualHost>

FreeBSD apache24 with mod_security

 安裝

pkg install ap24-mod_security

----------

apache24啟用mod_security

*把註解拿掉

ee /usr/local/etc/apache24/modules.d/280_mod_security.conf

LoadModule unique_id_module libexec/apache24/mod_unique_id.so

LoadModule security2_module libexec/apache24/mod_security2.so

Include /usr/local/etc/modsecurity/*.conf

Include /usr/local/etc/modsecurity/activated_rules/*.conf

----------

抓取core rule set檔案

fetch https://github.com/coreruleset/coreruleset/archive/v3.3.0.tar.gz

tar zxvf v3.3.0.tar.gz

cd coreruleset-3.3.0

cp crs-setup.conf.example /usr/local/etc/modsecurity/

cd rules

cp * /usr/local/etc/modsecurity/

----------

重新啟動apache

service apache24 restart

----------

測試

開啟一個不存在的網頁

http://example.com/aaaa.php

or

curl -Ik https://example.tw/?abc=../../

可以在/var/log/modsec_audit.log看到紀錄

FreeBSD 刪除 n 天前的檔案

 find ./ -mtime +7d -exec rm {} \;

7就是7天，更改天數數字即可。