Network Tools

There are several tools within linux to work with network settings and to help find information about the network that you are on. One thing that you will see if that I have hidden the mac address of my stuff here for this tutorial. The reason is that the mac address is considered to be the physical address of your network interface. If was brought up that it is similar to your home address.

 

Disclaimer: These should not be used to malicious activity and I do not condone and am not responsible for any malicious act committed by any command shown.

 

  • ifconfig -a – In the example below, the ether name shows the MAC Address assigned to your network interface which is unique to each card. The inet is the network address given to your network interface in an IPV4 format. The inet 6 is also known as IPV6 and is not used by a lot of internet service providers yet.

 

 

 

 

  • iwconfig – The iwconfig command give information about the wifi network that you are connected to. The Access Point that I marked through is the MAC address of that access point.

 

 

  • sudo ifconfig wlp2s0 promisc – To place a wireless interface in promiscuous mode for monitoring your local wifi network, use the ifconfig command shown with the wireless interface. Keep in mind that you need to do this with sudo as you are making changes to the network interface.

 

  • sudo ifconfig wlp2s0 -promisc – This command will take you out of promiscuous mode and back to normal wifi operations.

 

Before the change to promiscuous mode:

 

 

 

 

After the change to promiscuous mode:

 

 

 

—===—===—===—

—===—===—===—

Routing

 

  • route command – The route command in linux shows the kernel routing table information. Under flags, the U is showing up while G is showing Gateway. Show UG is an up gateway.

 

 

  • route -n – The route with the -n switch changes the host names in the route table is IP Address instead of showing the actual name itself.

 

 

  • route add -net default gw gatewayname dev wlp2s0

 

  • route -Cn – Shows the cache route table for faster network traffic routing. There may not be any cache available so don’t be concerned if you don’t see anything here.

 

 

 

—===—===—===—
—===—===—===—
One thing that become an issue is when someone tries to brute force your machine or network. Most companies have way to deter this but what if you are a home user and don’t have the fancy network firewalls and IDS systems? This will help in taking care of the problem.
These notes were something that I had used from time to time while working in the linux hosting industry which work well. If there is a problem IP Address, just nullroute the IP using route command. Lets say that the IP Address causing problem is 65.21.34.4, just type following command at your command line.
  • route add 65.21.34.4 gw 127.0.0.1 lo
You can verify it with following command:
  • netstat -nr OR route -n
You can also reject target:
  • route add -host IP-ADDRESS reject
  • route add -host 64.1.2.3 reject
To confirm the null routing status, use ip command as follows:
  • ip route get 64.1.2.3
Output: RTNETLINK answers: Network is unreachable
Drop entire subnet 192.67.16.0/24:
  • route add -net 192.67.16.0/24 gw 127.0.0.1 lo
You can also use ip command to null route network or ip, enter:
  • ip route add blackhole 202.54.5.2/29
  • route -n
If you would like to remove a null route or a blocked IP Address, just enter the following:
  • route delete 65.21.34.4

 

—===—===—===—

—===—===—===—

 

 

Manjaro Mate or Ubuntu 17.04 Mate

Hey guys,

As there have been some issues showing up in the Manjaro / Arch realm, it may be time to make a switch in architectures that may be somewhat more stable. I am still checking through some things, and I totally understand that Arch is bleeding edge but sometimes, depending on what we use the OS for, we may need to step back and take another path. I really do like Arch as I have been able to find most if not all of the packages that I want to use in either the arch community or AUS repositories. But there have been a few issues that have started cropping up are as follows.

  • Dependency issues with packages. An example has to do with the winff and ffmpeg. I have started seeing dependency issues showing up during install. Below shows an install that I was trying to do in OBRevenge for the packages WinFF which needs ffmpeg to run. You can easily see the issue that I highlighted.

  • In order to fix the above issue, I had to manually install the ffmpeg-full-git package using yaourt. If yaourt is not installed, do the following.

  • Once yaourt is installed, go ahead and install ffmpeg-full-git using the following

  • Downstream driver issues. There was an issue about a week or so ago which broke a lot of people desktops which contained nvidia video cards. An update was introduced without warning and several machines refused to boot into a gui and screens went black. This is not good at all.
  • Don’t get me wrong, I really do like Manjaro and actually arch in general. I find that it runs much better on my laptop than Ubuntu, but in order to stay with it, I need to figure out how to get past the dependency issues that all of the sudden cropped up. It is possible that they have been there all a long and I am just now noticing them, but who knows. This is something that we need to live with or figure out while working in Arch.

 

—===—===—===—

—===—===—===—

As you can see below, I have a package called pia-nm which appears to be broken via the AUR repository.

It looks like that I did find a potential fix or work around for the package dependency issue that was cropping up in arch. The following help make the install easier if there is a dependency issue. An example of when I had to use these steps was installing PIA VPN. I have not tried this with ffmpeg yet but need to try it out.

  • packer -G packagename
  • cd packagename
  • makepkg -g >> PKGBUILD
  • makepkg
  • sudo pacman -U packagename.pkg.tar.xz

[kf4bzt@tim-laptop ~]$ packer -G pia-nm

[kf4bzt@tim-laptop ~]$ cd pia-nm

[kf4bzt@tim-laptop pia-nm]$ makepkg -g >> PKGBUILD
==> Retrieving sources…
-> Downloading ca.rsa.4096.crt…
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2719 100 2719 0 0 10884 0 –:–:– –:–:– –:–:– 10876
-> Downloading servers…
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 9431 100 9431 0 0 23204 0 –:–:– –:–:– –:–:– 23229
-> Found process_servers
==> Generating checksums for source files…

[kf4bzt@tim-laptop pia-nm]$ makepkg
==> Making package: pia-nm 24-1 (Tue Apr 18 17:08:29 CDT 2017)
==> Checking runtime dependencies…
==> Checking buildtime dependencies…
==> Retrieving sources…
-> Found ca.rsa.4096.crt
-> Found servers
-> Found process_servers
==> Validating source files with sha512sums…
ca.rsa.4096.crt … Passed
servers … Passed
process_servers … Passed
==> Extracting sources…
==> Starting prepare()…
PIA username (pNNNNNNN): Enter username here
==> Entering fakeroot environment…
==> Starting package()…
==> Tidying install…
-> Removing libtool files…
-> Purging unwanted files…
-> Removing static library files…
-> Stripping unneeded symbols from binaries and libraries…
-> Compressing man and info pages…
==> Checking for packaging issue…
==> Creating package “pia-nm”…
-> Generating .PKGINFO file…
-> Generating .BUILDINFO file…
-> Generating .MTREE file…
-> Compressing package…
==> Leaving fakeroot environment.
==> Finished making: pia-nm 24-1 (Tue Apr 18 17:09:21 CDT 2017)

[kf4bzt@tim-laptop pia-nm]$ sudo pacman -U pia-nm-24-1-x86_64.pkg.tar.xz
loading packages…
resolving dependencies…
looking for conflicting packages…

Packages (1) pia-nm-24-1

Total Installed Size: 0.04 MiB

:: Proceed with installation? [Y/n] y
(1/1) checking keys in keyring [######################] 100%
(1/1) checking package integrity [######################] 100%
(1/1) loading package files [######################] 100%
(1/1) checking for file conflicts [######################] 100%
(1/1) checking available disk space [######################] 100%
:: Processing package changes…
(1/1) installing pia-nm [######################] 100%

 

—===—===—===—

 

The issue with Ubuntu is that not all packages are available and you either have to find PPA’s or download directly from the developers site. This can be a pain in the rear when you need something right then. Luckily, I haven’t ran into the issue of needing something yesterday.

 

As several apps are not available in the repository, below are links to some that I use.

Wavebox (Replacement for wmail) – https://wavebox.io/download

kaption (Was able to install in Manjaro and OBRevenge, but requires certain KDE files in Ubuntu to be able to install) – https://www.linux-apps.com/content/show.php/Kaption?content=139302

slack – https://slack.com/downloads/linux

zoom – https://www.zoom.us/download

angryip – http://angryip.org/download/#linux

etcher – https://etcher.io

 

 

Free Certificates Through letsencrypt.org

One thing that I found cool while in training is how SSL certificates could be going free with a service called letsencrypt. The paid certs are still around $75 a year which is not bad at all, but for us that don’t have the funds to spend or don’t have secure content the free SSL is a great way to go. The certificates need to be renewed every 6 months but it is still the way to go when saving customers money with their web hosting packages. Some customers would rather use paid SSL services when they have some major secure connection, this may not be worth it. it is up to the customer.

 

The links below take you to the content for an awesome project

 

https://letsencrypt.org/getting-started/

https://certbot.eff.org/

 

—===—===—===—

—===—===—===—

 

Below is from the certbot documentation on installing this upon different platforms:

 

Operating System Packages

Arch Linux

sudo pacman -S certbot

Debian

If you run Debian Stretch or Debian Sid, you can install certbot packages.

sudo apt-get update
sudo apt-get install certbot python-certbot-apache

If you don’t want to use the Apache plugin, you can omit the python-certbot-apache package.

Packages exist for Debian Jessie via backports. First you’ll have to follow the instructions at http://backports.debian.org/Instructions/ to enable the Jessie backports repo, if you have not already done so. Then run:

sudo apt-get install certbot python-certbot-apache -t jessie-backports

Fedora

sudo dnf install certbot python2-certbot-apache

FreeBSD

  • Port: cd /usr/ports/security/py-certbot && make install clean
  • Package: pkg install py27-certbot

Gentoo

The official Certbot client is available in Gentoo Portage. If you want to use the Apache plugin, it has to be installed separately:

emerge -av app-crypt/certbot
emerge -av app-crypt/certbot-apache

When using the Apache plugin, you will run into a “cannot find a cert or key directive” error if you’re sporting the default Gentoo httpd.conf. You can fix this by commenting out two lines in /etc/apache2/httpd.conf as follows:

Change

<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
</IfDefine>

to

#<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
#</IfDefine>

For the time being, this is the only way for the Apache plugin to recognise the appropriate directives when installing the certificate. Note: this change is not required for the other plugins.

NetBSD

  • Build from source: cd /usr/pkgsrc/security/py-certbot && make install clean
  • Install pre-compiled package: pkg_add py27-certbot

OpenBSD

  • Port: cd /usr/ports/security/letsencrypt/client && make install clean
  • Package: pkg_add letsencrypt

Other Operating Systems

OS packaging is an ongoing effort. If you’d like to package Certbot for your distribution of choice please have a look at the Packaging Guide.

 

—===—===—===—

—===—===—===—

 

The following example are for a Debian 8 server that I have. Make sure that you have port 443 open and accessible.

 

root@timknowsstuff-vm:~# sudo apt-get install python-certbot-apache -t jessie-backports

root@timknowsstuff-vm:~# a2enmod ssl 
Considering dependency setenvif for ssl: 
Module setenvif already enabled 
Considering dependency mime for ssl: 
Module mime already enabled 
Considering dependency socache_shmcb for ssl: 
Enabling module socache_shmcb. 
Enabling module ssl. 
See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates. 
To activate the new configuration, you need to run: service apache2 restart
root@timknowsstuff-vm:~# a2ensite default-ssl
Enabling site default-ssl.
To activate the new configuration, you need to run:
  service apache2 reload
root@timknowsstuff-vm:~# systemctl restart apache2
root@timknowsstuff-vm:~# netstat -paunt | grep apache2
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      31195/apache2   
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      31195/apache2   

root@timknowsstuff-vm:~# certbot --apache

---===---===---===---
---===---===---===---

Below shows the options within the certbot application:


root@timknowsstuff-vm:~# certbot ?
usage: 
  certbot [SUBCOMMAND] [options] [-d domain] [-d domain] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
cert. Major SUBCOMMANDS are:

  (default) run        Obtain & install a cert in your current webserver
  certonly             Obtain cert, but do not install it (aka "auth")
  install              Install a previously obtained cert in a server
  renew                Renew previously obtained certs that are near expiry
  revoke               Revoke a previously obtained certificate
  register             Perform tasks related to registering with the CA
  rollback             Rollback server configuration changes made during install
  config_changes       Show changes made to server config during installation
  plugins              Display information about installed plugins

Hello All!!

While working in IT, I have come across different topics of interest which make my job easier to understand so that I can give my customers a much better customer service experience. I have spun up this WordPress instance on Google Cloud to consolidate this information and present it to everyone. I plan on not making this site exclusive to IT administration but different topics of interest.

The topics could include but not limited to:

  • Operating System Topics
  • Linux Administration Topics
  • Arduino Topics
  • Raspberry Pi Topics
  • 3D Printing Topics