Tao-Of-Tmux Documentation 发布 V1.0.2
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Freenas® 11.0 User Guide
FreeNAS® 11.0 User Guide June 2017 Edition FreeNAS® IS © 2011-2017 iXsystems FreeNAS® AND THE FreeNAS® LOGO ARE REGISTERED TRADEMARKS OF iXsystems FreeBSD® IS A REGISTERED TRADEMARK OF THE FreeBSD Foundation WRITTEN BY USERS OF THE FreeNAS® network-attached STORAGE OPERATING system. VERSION 11.0 CopYRIGHT © 2011-2017 iXsystems (https://www.ixsystems.com/) CONTENTS WELCOME....................................................1 TYPOGRAPHIC Conventions...........................................2 1 INTRODUCTION 3 1.1 NeW FeaturES IN 11.0..........................................3 1.2 HarDWARE Recommendations.....................................4 1.2.1 RAM...............................................5 1.2.2 The OperATING System DeVICE.................................5 1.2.3 StorAGE Disks AND ContrOLLERS.................................6 1.2.4 Network INTERFACES.......................................7 1.3 Getting Started WITH ZFS........................................8 2 INSTALLING AND UpgrADING 9 2.1 Getting FreeNAS® ............................................9 2.2 PrEPARING THE Media.......................................... 10 2.2.1 On FreeBSD OR Linux...................................... 10 2.2.2 On WindoWS.......................................... 11 2.2.3 On OS X............................................. 11 2.3 Performing THE INSTALLATION....................................... 12 2.4 INSTALLATION TROUBLESHOOTING...................................... 18 2.5 UpgrADING................................................ 19 2.5.1 Caveats:............................................ -
Linux Hacking Case Studies Part 4: Sudo Horror Stories
Linux Hacking Case Studies Part 4: Sudo Horror Stories written by Scott Sutherland | March 26, 2020 This blog will cover different ways to approach SSH password guessing and attacking sudo applications to gain a root shell on a Linux system. This case study commonly makes appearances in CTFs, but the general approach for attacking weak passwords and sudo applications can be applied to many real world environments. This should be a fun walk through for people new to penetration testing. This is the fourth of a five part blog series highlighting entry points and local privilege escalation paths commonly found on Linux systems during network penetration tests. Below are links to the first three blogs in the series: Linux Hacking Case Study Part 1: Rsync Linux Hacking Case Study Part 2: NFS Linux Hacking Case Study Part 3: phpMyAdmin Below is an overview of what will be covered in this blog: Finding SSH Servers Dictionary Attacks against SSH Servers Viewing Sudoers Execution Options Exploiting Sudo sh Exploiting Sudo VI Exploiting Sudo Python Exploiting Sudo Nmap Finding SSH Servers Before we can start password guessing or attacking sudo applications, we need to find some SSH servers to go after. Luckily Nmap and similar port scanning tools make that pretty easy because most vendors still run SSH on the default port of 22. Below is a sample Nmap command and screenshot to get you started. nmap -sS -sV -p22 192.168.1.0/24 -oA sshscan Once you’ve run the port scan you can quickly parse the results to make a file containing a list of SSH servers to target. -
Getty Scholars' Workspace™ INSTALLATION INSTRUCTIONS
Getty Scholars’ Workspace™ INSTALLATION INSTRUCTIONS This document outlines methods to run the application locally on your personal computer or to do a full installation on a web server. Test Drive with Docker Getty Scholars' Workspace is a multi-tenant web application, so it is intended to be run on a web server. However, if you'd like to run it on your personal computer just to give it a test drive, you can use Docker to create a virtual server environment and run the Workspace locally. Follow the steps below to give it a spin. Scroll further for real deployment instructions. 1. Install Docker on your machine. Follow instructions on the Docker website: https://www.docker.com/ 2. If you are using Docker Machine (Mac or Windows), be sure to start it by using the Docker Quickstart Terminal. Docker is configured to use the default machine with IP 192.168.99.100. 3. At the command line, pull the Getty Scholars' Workspace image. $ docker pull thegetty/scholarsworkspace 4. Run the container. $ docker run -d -p 8080:80 --name=wkspc thegetty/scholarsworkspace supervisord -n 5. Point your browser to `<ip address>:8080/GettyScholarsWorkspace`. Use the IP address noted in Step 2. 6. The Drupal administrator login is `scholar` and the password is `workspace`. Be sure to change these in the Drupal admin interface. 7. To shut it down, stop the container: $ docker stop wkspc Web Server Installation These installation instructions assume you are installing Getty Scholars' Workspace on a server (virtual or physical) with a clean new instance of Ubuntu 14.04 as the operating system. -
'Building' Architects and Use of Open-Source Tools Towards Achievement of Millennium Development Goals
'Building' Architects and Use of Open-source Tools Towards Achievement of Millennium Development Goals. Oku, Onyeibo Chidozie Department of Architecture Faculty of Environmental Sciences Enugu State University of Science and Technology Email: [email protected] ABSTRACT Millennium Development Goals (MDGs) were established by the United Nations to improve the well-being of humans and their habitat. Whether they are the target beneficiaries or amongst the parties administering services for achieving the MDGs, humans must carry out these activities in a physical environment. Hence, the Seventh Goal of the MDG has an indirect and far-reaching relationship with the others because it deals with the sustainable development of the built environment. Architects deliver consultancy services that span the design, documentation and construction supervision of the built environment. This study sought to determine the extent to which these professionals can do this, with respect to the Seventh Millennium Development Goal, using mainly open-source tools. The study draws from literature reviews, end-user feedback or reports, interviews with developers of applicable open-source products, and statistics from a survey, launched in 2011, for capturing how architects use ICT in their businesses. Analysis of popular open-source technologies for the Architecture, Engineering and Construction (AEC) industry show a concentration of resources in favour of the later stages of the Architect's role, rather than the design and contract-drawing stages. Some of the better-implemented tools are either too cryptic for professionals who communicate in graphical terms, or heavily biased towards software engineering practices. The products that promise Building Information Modelling (BIM) capabilities are still at an early developmental stage. -
BSD UNIX Toolbox 1000+ Commands for Freebsd, Openbsd
76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page i BSD UNIX® TOOLBOX 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iv BSD UNIX® Toolbox: 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD® Power Users Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2008 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-37603-4 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 Library of Congress Cataloging-in-Publication Data is available from the publisher. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permis- sion should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions. -
Secure Automation: Achieving Least Privilege with SSH, Sudo and Setuid Robert A
Secure Automation: Achieving Least Privilege with SSH, Sudo and Setuid Robert A. Napier – Cisco Systems ABSTRACT Automation tools commonly require some level of escalated privilege in order to perform their functions, often including escalated privileges on remote machines. To achieve this, developers may choose to provide their tools with wide-ranging privileges on many machines rather than providing just the privileges required. For example, tools may be made setuid root, granting them full root privileges for their entire run. Administrators may also be tempted to create unrestricted, null-password, root-access SSH keys for their tools, creating trust relationships that can be abused by attackers. Most of all, with the complexity of today’s environments, it becomes harder for administrators to understand the far-reaching security implications of the privileges they grant their tools. In this paper we will discuss the principle of least privilege and its importance to the overall security of an environment. We will cover simple attacks against SSH, sudo and setuid and how to reduce the need for root-setuid using other techniques such as non-root setuid, setgid scripts and directories, sudo and sticky bits. We will demonstrate how to properly limit sudo access both for administrators and tools. Finally we will introduce several SSH techniques to greatly limit the risk of abuse including non-root keys, command keys and other key restrictions. Introduction to files writable only by a particular group. For exam- ple, in FreeBSD programs that read system memory Since its introduction in 1995 by Tatu Ylonen, are setgid to a special kmem group. -
Page 1 of 3 Sudo (Super User Do) Is a Very Useful
Sudo Sudo (Super User Do) is a very useful program that allows a system administrator to give certain users the ability to run some (or all) commands as root 1. Download the source code: The source of sudo is available from http://www.courtesan.com/sudo/. At the time of writing, the latest version is V1.6.3 and the source code is provided as a compressed tar archive in the file sudo- 1.6.3.tar.gz . Download this file to a temporary directory, such as /tmp. 2. Prepare the source code for compilation: Log in as root, make a directory at a convenient point in the file system to hold the source code and copy the source into this directory. For example: # mkdir -p /opt/source/sudo # cd /opt/source/sudo # cp /tmp/sudo-1.6.3.tar.gz . Unzip and untar the source and then change to the directory created by tar: # gunzip sudo # tar xvf sudo # cd sudo-1.6.3 At this point, you may like to have a look at the README, INSTALL and FAQ files. 3. Compile the source code and install sudo: Configure the compilation process for your system: # ./configure Compile the source code: # make And install the compiled code: # make install This install the sudo program into /usr/local/bin, the visudo script (see later) into /usr/local/sbin and the manual page into subdirectories of /usr/local/man. 4. Modify the search path: If you haven't already done so for other software, you now need to modify the search paths so that the system can find the sudo program and its manual pages. -
System Analysis and Tuning Guide System Analysis and Tuning Guide SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server 15 SP1 System Analysis and Tuning Guide System Analysis and Tuning Guide SUSE Linux Enterprise Server 15 SP1 An administrator's guide for problem detection, resolution and optimization. Find how to inspect and optimize your system by means of monitoring tools and how to eciently manage resources. Also contains an overview of common problems and solutions and of additional help and documentation resources. Publication Date: September 24, 2021 SUSE LLC 1800 South Novell Place Provo, UT 84606 USA https://documentation.suse.com Copyright © 2006– 2021 SUSE LLC and contributors. All rights reserved. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”. For SUSE trademarks, see https://www.suse.com/company/legal/ . All other third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its aliates. Asterisks (*) denote third-party trademarks. All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its aliates, the authors nor the translators shall be held liable for possible errors or the consequences thereof. Contents About This Guide xii 1 Available Documentation xiii -
Lab :: Snort (Ids)
LAB :: SNORT (IDS) # super user command. $ normal user command. Username apnic and password training . VM Details [group01.apnictraining.net] [192.168.30.1] [group02.apnictraining.net] [192.168.30.2] ...... [group10.apnictraining.net] [192.168.30.10] [group11.apnictraining.net] [192.168.30.11] ...... [group20.apnictraining.net] [192.168.30.20] [group21.apnictraining.net] [192.168.30.21] ...... [group30.apnictraining.net] [192.168.30.30] Install SNORT 1. Install SNORT: sudo apt update sudo apt install snort 2. It will ask for your HOME_NET address. For this lab define it as your host IP. Example, for group 11 it will 192.168.30.11/32 . If required we can change it later from snort.debian.conf file also. 3. Check the installation location of SNORT whereis snort Few important location SNORT configuration : /etc/snort/snort.conf SNORT debian configuration : /etc/snort/snort.debian.conf SNORT rules : /etc/snort/rules SNORT exuecuble : /usr/sbin/snort Configure SNORT 1. Check HOME_NET and Interface related configuration on /etc/snort/snort.debian.conf . During installation process if you had defined your HOME_NET properly; no need to edit it. Else, you can edit this file. 2. The main configuration file for SNORT is /etc/snort/snort.conf file. sudo vi /etc/snort/snort.conf This is a big configuration file; for the purpose of this lab we will disable all predefined rules (ruleset). Disable (comment out # ) all the line having include $RULE_PATH (in Step 7 of configuration file) except include $RULE_PATH/local.rules . We will put all our local rules in include $RULE_PATH/local.rules To enable alert log; comment out (adding # before the line) the following line (Step 6 in the configuration file): output unified2: filename snort.log, limit 128, nostamp, mpls_event_types, vlan_event_types Save and quit from snort.conf file :wq Start SNORT: sudo systemctl start snort or sudo /etc/init.d/snort start Check whether SNORT is running: sudo systemctl status snort or ps -ef|grep snort SNORT Rules Snort rules are divided into two logical sections: 1. -
Tmuxp Documentation 0.1-Dev
tmuxp Documentation 0.1-dev Tony Narlock 2014 01 15 Contents 1 (About) 3 1.1 tmuxinator / teamocil (Differences from tmuxinator / teamocil)....................3 1.2 (Additional Features)...........................................4 1.3 (Minor tweaks)..............................................4 2 (Command Line Interface) 5 2.1 (Freeze sessions).............................................5 2.2 (Load session)..............................................5 2.3 (Import)..................................................6 2.4 YAMLJSON(Convert between YAML and JSON)...........................6 2.5 Bash(Bash completion).........................................6 2.6 (Other commands)............................................7 3 (Quickstart) 9 3.1 (CLI)...................................................9 3.2 Pythonics.................................................9 4 (Examples) 11 4.1 (Short hand / inline)........................................... 11 4.2 (Blank panes)............................................... 12 4.3 (Start Directory)............................................. 13 4.4 (2 split panes).............................................. 15 4.5 (3 panes)................................................. 17 4.6 (4 panes)................................................. 18 4.7 (Automatic Rename)........................................... 19 4.8 (Main pane height)............................................ 20 4.9 (Super-advanced dev environment)................................... 21 4.10 (Kung fu)................................................ -
15-441: Computer Networks Project 1: Internet Relay Chat (IRC) Server
15-441: Computer Networks Project 1: Internet Relay Chat (IRC) Server Lead TA: Daegun Won <[email protected]> Assigned: January 21, 2010 Checkpoint 1 due: January 26, 2010 Checkpoint 2 due: February 4, 2010 Final version due: February 16, 2010 1 Introduction The purpose of this project is to give you experience in developing concurrent network applications. You will use the Berkeley Sockets API to write an Internet chat server using a subset of the Internet Relay Chat protocol (IRC)[1]. IRC is a global, distributed, real-time chat system that operates over the Internet. An IRC network consists of a set of interconnected servers. Once users are connected to an IRC server, they can converse with other users connected to any server in the IRC network. IRC provides for group communication, via named channels, as well as personal communication through “private” messages. For more information about IRC, including available client software and public IRC networks, please see The IRC Prelude[2]. If you have not used IRC before, you may want to try it out to get a feel for what it is. For a quick start, log in to an Andrew machine, and run irssi -c irc.freenode.net -n nickname where nickname is the nickname you want to use. Then type /join #networking to join a networking discussion channel. Other channels you might be interested include #gentoo, #redhat, #perl, and #c++. After you have tried out the text mode IRC client, you may want to try out graphical clients such as xchat and chatzilla (part of mozilla). -
A Quick and Easy Guide to Tmux
7/24/2018 A Quick and Easy Guide to tmux Ham Vocke writing stu about software (/) Home (/) Blog (/blog) About Me (/about) Talks (/talks) (https://github.com/hamvocke) (https://twitter.com/hamvocke) (http://www.hamvocke.com/feed.xml) A Quick and Easy Guide to tmux 16 Aug 2015 terminal 13 minutes read I love working with the command line. Seriously, I think there’s hardly any more productive and more versatile tool for a software developer than the terminal. Maybe it’s the hacker/wizard/neckbeard kind of feeling I get when using a terminal, I don’t know. At work we do lots of pair programming. Everyone’s got their own laptop and can set it up the way they like. And since I love working with the command line I’ve spent quite some time doing (only sane! I swear!) modications to my terminal environment that make working with the command line more pleasant and streamlined. This is why my pair usually will be greeted by something like this: https://www.hamvocke.com/blog/a-quick-and-easy-guide-to-tmux/ 1/21 7/24/2018 A Quick and Easy Guide to tmux If they’ve worked with me before they know what they are up to. But every once in a while there will be a new team member who doesn’t know my environment. Usually this is the point where they will ask something like “WTF am I looking at?” and it’s my time to shine! Because what they’re looking at is nothing less than the best thing since sliced bread.