DOCSLIB.ORG

Connection and VPN Bonding Objective Ideas Custom Linux

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Connection and VPN Bonding Objective Ideas Custom Linux Connection and VPN Bonding From Hack Sphere Labs Wiki Contents 1 Objective 2 Ideas 2.1 Notes 3 Custom Linux 3.1 Server Configuration 3.1.1 OpenVPN 3.1.2 Bonding Script 3.1.3 Cleanup Script 3.2 Client Configuration 3.2.1 USB Drive/Modem CD Rom Eject 3.2.2 Testing Modem with wvdial 3.2.3 ppd and chat scripts 3.2.4 OpenVPN on the Client 3.2.5 Bonding Script 3.2.6 Cleanup Script 3.3 NAT Forwarding as Internet Gateway 4 Notes 5 pfSense 5.1 Notes 6 ZeroShell 6.1 Notes 7 udev/cdcontrol Creation Objective Perferablly bond multiple 3G modems together to create a stable faster connection. I am trying to aggregate 3 unstable connections into one. Ideas Bond 2-3 OpenVPN tun interfaces. LAGG Kernel Bonding LACP (Stable connections, same BW) Linux Advanced Routing & Traffic Control - http://lartc.org/ Notes http://serverfault.com/questions/171333/how-exactly-specifically-does-layer-3-lacp-destination-address-hashing-work It should have been easy: http://evilprojects.org/2009/09/howto-setup-openvpn-channel-bonding-on-multiple-umts-uplinks.html Route VPNs through interfaces using port numbers. Custom Linux I tested with debian. Once it get greater then two modems I will post some real results. I was able to get what I wanted working but it did not seem that much faster over the 2x 3g modems. I do not know if it was the latent speed or whatnot but we will see. I would like to try 3 to 4 of them and really see what happends. Server Configuration I used a Debian VPS because I wanted to route all my traffic out to the internet through the bond. OpenVPN su - aptitude update aptitude upgrade aptitude install openvpn tap configuration is a bit different then tun configuration. Since it works via layer two you do not need to worry about layer 3 stuff like IPs in the config file. Setup a CA, Certs, ta.key: http://wiki.hackspherelabs.com/index.php?title=OpenVPN#Setup but here are some commands for reference: mkdir /etc/openvpn/easy-rsa cp /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa cd /etc/openvpn/easy-rsa/ source ./vars ./clean-all ./build-ca ./build-key-server servername ./build-dh cd keys openvpn --genkey --secret ta.key cd .. ./build-key-pkcs12 clientx You need some openvpn config files in /etc/openvpn/ and here is an example of a tap server openvpn config file: openvpntapserver.conf proto udp dev tap1 port 36214 ca /etc/openvpn/easy-rsa/keys/ca.crt cert /etc/openvpn/easy-rsa/keys/server.crt key /etc/openvpn/easy-rsa/keys/server.key dh /etc/openvpn/easy-rsa/keys/dh1024.pem tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0 keepalive 2 10 server 10.123.148.0 255.255.255.0 tls-server client-to-client max-clients 10 tun-mtu 1500 #daemon verb 3 cipher AES-256-CBC comp-lzo #status /var/log/openvpn-status35214.log persist-key persist-tun log-append openvpn.36214.log You need a vpn server for each modem that you want to bond. You will need to configure a different port and ip for each one while also a different tap interface. You need to stop and disable openvpn from starting because the bonding.sh script will call openvpn. /etc/init.d/openvpn stop update-rc.d openvpn disable Bonding Script You also need the utilities that this script calls aptitude install uml-utilities ifenslave bonding.sh #!/bin/bash modprobe bonding mode=0 miimon=100 modprobe tun ifconfig tap0 down ifconfig tap1 down tunctl -u root -g root -t tap0 tunctl -u root -g root -t tap1 ifconfig tap0 up ifconfig tap1 up openvpn /etc/openvpn/server1.conf & openvpn /etc/openvpn/server2.conf & sleep 10 ifconfig bond0 hw ether 00:11:22:33:44:55 ifconfig bond0 10.10.0.1 netmask 255.255.255.252 broadcast 10.10.0.3 up ifenslave bond0 tap0 tap1 ip addr add 10.10.10.1/24 dev tap0 scope link ip addr add 10.10.11.1/24 dev tap1 scope link Take note of the 'modprobe bonding mode=0 miimon=100' line. I use zero because I would like to try and combine the BW of both modems. The bonding mode is important depending on what you would like to do: Possible values are: balance-rr or 0 - Round-robin policy: Transmit packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance. active-backup or 1 - Active-backup policy: Only one slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond's MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. balance-xor or 2 - XOR policy: Transmit based on the selected transmit hash policy. The default policy is a simple ( {source} \oplus {destination} ) % n_{slaves} - Alternate transmit policies may be selected via the xmit_hash_policy option. This mode provides load balancing and fault tolerance. broadcast or 3 - Broadcast policy: transmits everything on all slave interfaces. This mode provides fault tolerance. 802.3ad or 4 - IEEE 802.3ad Dynamic link aggregation. Creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification. (Need Switch Support) balance-tlb or 5 - Adaptive transmit load balancing: channel bonding that does not require any special switch support. The outgoing traffic is distributed according to the current load (computed relative to the speed) on each slave. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed receiving slave. Need Switch Support) balance-alb or 6 - Adaptive load balancing: includes balance-tlb plus receive load balancing (rlb) for IPV4 traffic, and does not require any special switch support. The receive load balancing is achieved by ARP negotiation. More info here: http://www.linuxfoundation.org/collaborate/workgroups/networking/bonding Cleanup Script You will also want to cleanup the bonding script after exit or when you need to: cleanup.sh #!/bin/bash ip addr del 10.10.0.1/32 dev lo ip addr del 10.10.10.1/24 dev tap1 ip addr del 10.10.11.1/24 dev tap0 killall -9 openvpn rmmod bonding rmmod tap Client Configuration Configuring the modems, vpns, bonding, forwarding, to connect adn route to the vpn server. USB Drive/Modem CD Rom Eject I have some novatel wireless usb modems. They have built in mini sd card holders and emulated cdrom drives on them for drivers. To get them to work in linux or bsd you need to eject the drive. The first step is to disble some settings for the usb devices in windows. You cannot get around it. I had to disable "Enable Removable Disk" and Enable CD- ROM Disk in my software card manager that I installed in windows. (VZAccess Manager) You would think that disabling the drive would disable it all the way. It does not. You have to make the OS eject it on plugin. The next step is to get the OS to eject the CD drive: After you plug the device in edit /etc/udev/70-persistent-cd.rules find your device (Novatel_Mass_Storage) and add: , RUN+="/usr/bin/eject %k" You will have to do this for each of these type of modems. Testing Modem with wvdial I used wvdial to test the modem. It looks like pppd accepts .chat scripts too. Here is my wvdial conf script: /etc/wvdial.conf [Dialer Defaults] Init1 = ATZ #Init2 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0 Init2 = ATQ V1 E1 S0=0 &C1 &D2 +FCLASS=0 Init3 - ATQ V1 E1 S0=0 &C1 &D2 +FCLASS=0 #? - Init5 = AT+CGDCONT=1,"IP","" Carrier Check = yes Dial Command = ATX1DT Modem Type = Analog Modem Baud = 460800 New PPPD = yes Modem = /dev/ttyUSB0 ISDN = 0 Phone = #777 Password = JustAnyOldPW Username = [email protected] Replace 5555555555 with your devices phone number. I cant remember what the no auth option is. It was actually working with any number...so... ppd and chat scripts We are going to use pppd to manage and connect to the modems. I used the commands: pppd updetach defaultroute usepeerdns noipdefault debug noauth asyncmap 0 ipcp-accept-local ipcp-accept-remote modem crtscts noauth connect '/usr/sbin/chat -t5 -v -e -E -f /etc/ppp/peers/vzw_chat' 100 460800 /dev/ttyUSB0 pppd updetach defaultroute usepeerdns noipdefault debug noauth asyncmap 0 ipcp-accept-local ipcp-accept-remote modem crtscts noauth connect '/usr/sbin/chat -t5 -v -e -E -f /etc/ppp/peers/vzw_chat' 100 460800 /dev/ttyUSB4 I put the command in a pppup.sh file along with an & char and they would not finish running. I have to look into it. This is the chat script I use for verizon: /etc/ppp/peers/vzw_chat ABORT BUSY ABORT 'NO CARRIER' ABORT ERROR REPORT CONNECT TIMEOUT 10 "" "ATZ" OK 'ATQ V1 E1 S0=0 &C1 &D2 +FCLASS=0' OK 'ATQ V1 E1 S0=0 &C1 &D2 +FCLASS=0' SAY "Dialing" TIMEOUT 30 OK "ATX1DT#777" CONNECT ' ' OpenVPN on the Client Install openvpn: aptitude install openvpn Disable automatic startup: /etc/init.d/openvpn stop update-rc.d openvpn disable You need your ta.key and client.p12 file from the server. Get them to the client. You need a client config for each modem: openvpnexampleclient.conf remote so.me.ip.add 55555 client dev tap1 proto udp ping 2 ping-restart 10 resolv-retry infinite cipher AES-256-CBC tls-client persist-key #persist-tun tun-mtu 1500 pkcs12 /etc/openvpn/thenameofyourcert.p12 tls-auth /etc/openvpn/ta.key 1 ns-cert-type server #comp-lzo verb 3 txqueuelen 10 no-replay Once again you will have to change the tap interface number and remote server port.
Load more

Recommended publications
  • Zeroshell-Manual-Spanish.Pdf
    Zeroshell HOWTO The multifunctional OS created by [email protected] www.zeroshell.net How to secure my private network ( Author: [email protected] ) Cómo proteger mi red privada: Esta breve guía nos permitirá configurar un firewall de red para nuestra red en menos de una hora. Zeroshell garantizará ourprivate red de ataques externos. Nuestra red privada está conectada a Internet a través de un router.Here xDSL los pasos a seguir: Primera puesta en marcha e inicio de sesión preparar un disco partición donde almacenar nuestras configuraciones de almacenamiento de nuestra configuración de los adaptadores de red de configuración de navegación en Internet Portal Cautivo de activación de servicio DNS del servicio DHCP rutas estáticas a redes remotas a servidores virtuales de Seguridad: control de las políticas por defecto En Zeroshell podemos encontrar muchas otras características importantes para las redes más complejas, lo cual es una solución escalable para nuestra red. Primera puesta en marcha e inicio de sesión: Después de arrancar desde el CD, el sistema es accesible con un navegador en el http seguro: https: / / 192.168.0.75 La aceptación de la conexión segura se nos pide usuario y contraseña para Entrar: Utilice los siguientes: Usuario: admin Contraseña: zeroshell Ahora podemos usar la interfaz web para configurar nuestro servidor de seguridad. Preparación de una partición en el disco para almacenar nuestras configuraciones: Es tan importante para salvar a nuestros Zeroshell cambios que nos permite guardar en un archivo de configuración. Se puede almacenar en un partición de un disco duro. No es necesario farmat las particiones existentes, podemos guardar nuestros archivos de configuración en particiones existentes, tales como: ext3, ReiserFS, ext2 o FAT32.
    [Show full text]
  • Hotspot Feature for Wi-Fi Clients with RADIUS User Authentication on Digi Transport
    Application Note 56 Hotspot feature for Wi-Fi clients with RADIUS User Authentication on Digi TransPort. Digi Support November 2015 1 Contents 1 Introduction ......................................................................................................................................... 4 1.1 Outline ......................................................................................................................................... 4 1.2 Assumptions ................................................................................................................................ 4 1.3 Corrections .................................................................................................................................. 4 2 Version .................................................................................................................................................5 3 Configuration .......................................................................................................................................5 3.1 Mobile Interface Configuration .....................................................................................................5 3.2 Ethernet Interface Configuration ................................................................................................. 6 3.2.1 ETH 0 Configuration ................................................................................................................. 6 3.2.2 ETH 12 Logical Interface Configuration ....................................................................................
    [Show full text]
  • PROPOSTA DE PROJETO INTEGRADOR Discente: Rodrigo
    PROPOSTA DE PROJETO INTEGRADOR Discente: Rodrigo Neitzke dos Santos Curso: Redes de Computadores E-mail: [email protected] Enderec¸o: Rua Sao˜ Paulo, 731 - Tresˆ vendas - Pelotas CEP: 96065-550 Fone(s): (53) 984047299 T´ITULO Soluc¸ao˜ de firewall com equipamento ARM. MOTIVAC¸ AO/JUSTIFICATIVA˜ Atualmente as redes de computadores ja´ estao˜ ligadas diretamente na criac¸ao˜ de uma empresa[Tanenbaum 1981], pois e´ nesta rede que trafegara´ os dados das aplicac¸oes˜ usadas no am- biente corporativo. Para a seguranc¸a da empresa e uma boa administrac¸ao˜ da seguranc¸a dos sistemas se faz necessario´ o uso de servidores firewall[Neto 2004], que tem a func¸ao˜ de proteger a rede de aces- sos nao˜ autorizados e agregado neste servidor podemos ter outros servic¸os como Roteamento, DHCP, Radius,failover, entre outros. As pequenas e ate´ medias empresas nao˜ costumam insvestir neste tipo de soluc¸ao,˜ em muitos dos casos este servic¸o nao˜ e´ aplicado e existem casos que o proprio´ modem ADSL realiza este servic¸o, no qual podera´ provocar vulnerabilidades e baixo desempenho nesta rede de computadores. Como soluc¸ao˜ de baixo custo para as empresas de pequeno porte, sera´ aplicado um conjunto de hardware embarcado com processador ARM[techtudo ], junto com uma distribuic¸ao˜ linux, no qual proporcionara´ desempenho e varias´ funcionalidades. OBJETIVO GERAL Instalar e configurar um servidor de firewall em equipamento ARM e analisar seu desempenho. OBJETIVOS ESPEC´IFICOS Os objetivos espec´ıficos sao:˜ • Definir modelo do hardware [Orangepi 2018] a ser usado no projeto. • Estudo do sistema linux[Ricciardi ] para criac¸ao˜ do firewall.
    [Show full text]
  • Debian \ Amber \ Arco-Debian \ Arc-Live \ Aslinux \ Beatrix
    Debian \ Amber \ Arco-Debian \ Arc-Live \ ASLinux \ BeatriX \ BlackRhino \ BlankON \ Bluewall \ BOSS \ Canaima \ Clonezilla Live \ Conducit \ Corel \ Xandros \ DeadCD \ Olive \ DeMuDi \ \ 64Studio (64 Studio) \ DoudouLinux \ DRBL \ Elive \ Epidemic \ Estrella Roja \ Euronode \ GALPon MiniNo \ Gibraltar \ GNUGuitarINUX \ gnuLiNex \ \ Lihuen \ grml \ Guadalinex \ Impi \ Inquisitor \ Linux Mint Debian \ LliureX \ K-DEMar \ kademar \ Knoppix \ \ B2D \ \ Bioknoppix \ \ Damn Small Linux \ \ \ Hikarunix \ \ \ DSL-N \ \ \ Damn Vulnerable Linux \ \ Danix \ \ Feather \ \ INSERT \ \ Joatha \ \ Kaella \ \ Kanotix \ \ \ Auditor Security Linux \ \ \ Backtrack \ \ \ Parsix \ \ Kurumin \ \ \ Dizinha \ \ \ \ NeoDizinha \ \ \ \ Patinho Faminto \ \ \ Kalango \ \ \ Poseidon \ \ MAX \ \ Medialinux \ \ Mediainlinux \ \ ArtistX \ \ Morphix \ \ \ Aquamorph \ \ \ Dreamlinux \ \ \ Hiwix \ \ \ Hiweed \ \ \ \ Deepin \ \ \ ZoneCD \ \ Musix \ \ ParallelKnoppix \ \ Quantian \ \ Shabdix \ \ Symphony OS \ \ Whoppix \ \ WHAX \ LEAF \ Libranet \ Librassoc \ Lindows \ Linspire \ \ Freespire \ Liquid Lemur \ Matriux \ MEPIS \ SimplyMEPIS \ \ antiX \ \ \ Swift \ Metamorphose \ miniwoody \ Bonzai \ MoLinux \ \ Tirwal \ NepaLinux \ Nova \ Omoikane (Arma) \ OpenMediaVault \ OS2005 \ Maemo \ Meego Harmattan \ PelicanHPC \ Progeny \ Progress \ Proxmox \ PureOS \ Red Ribbon \ Resulinux \ Rxart \ SalineOS \ Semplice \ sidux \ aptosid \ \ siduction \ Skolelinux \ Snowlinux \ srvRX live \ Storm \ Tails \ ThinClientOS \ Trisquel \ Tuquito \ Ubuntu \ \ A/V \ \ AV \ \ Airinux \ \ Arabian
    [Show full text]
  • Zeroshell HOWTO
    Zeroshell HOWTO The multifunctional OS created by [email protected] www.zeroshell.net How to secure my private network ( Author: [email protected] ) How to secure my private Network : This short guide will let us configure a network firewall for our network in less than one hour. Zeroshell will secure our private network from external attacks. Our private network is connected to internet through a xDSL router. Here the steps to follow : First start and login Preparing a partition disk where to store our configurations Storing our configuration Network adapters configuration Internet surfing Captive Portal activation DNS Service DHCP Service Static routes to remote networks Virtual Servers Security: check default policies In Zeroshell we can find many other important features for more complex networks; this is a great scalable solution for our network. First start and login: After booting from CD, the system is reachable with a browser at the http secure: https://192.168.0.75 Accepting the secure connection we are asked user and password to login: Use these: User: admin Password: zeroshell Now we can use web interface to setup our firewall. Preparing a partition disk where to store our configurations: It’s so important to save our changes that Zeroshell lets us save them in a configuration file. It can be stored in a partition on a hard disk. It’s not necessary to farmat any existing partitions, we can save our configuration files in existing partition such as: ext3, reiserfs, ext2 o fat32. For my own preference I prefer to create a new partition ext3.
    [Show full text]
  • Sintesi Catalogo Competenze 2
    Internet of Things Competenze Campi di applicazione • Progettazione e sviluppo di firmware su micro • Monitoraggio ambientale meteorologico di para- controllori a basso e bassissimo consumo quali ad metri climatici e parametri della qualità dell’aria, esempio Arduino, Microchip, NXP, Texas Instru- anche in mobilità ments e Freescale • Monitoraggio ambientale distribuito per l’agricol- • Sviluppo su PC embedded basati su processori tura di precisione ARM e sistema operativo Linux quali ad esempio • Monitoraggio della qualità dell’acqua e dei parame- Portux, Odroid, RaspberryPI ed Nvidia Jetson tri di rischio ambientale (alluvioni, frane, ecc.) • Progettazione e sviluppo di Wired e Wireless Sen- • Monitoraggio di ambienti indoor (scuole, bibliote- sor Networks basate su standard quali ZigBee, che, uffici pubblici, ecc) SimpliciTI, 6LoWPAN, 802.15.4 e Modbus • Smart building: efficienza energetica, comfort am- • Progettazione e sviluppo di sistemi ad alimentazio- bientale e sicurezza ne autonoma e soluzioni di Energy harvesting • Utilizzo di piattaforme microUAV per misure distri- • Ottimizzazione di software e protocolli wireless buite, per applicazioni di fotogrammetria, teleme- per l’uso efficiente dell’energia all’interno di nodi tria e cartografia, per sistemi di navigazione auto- ad alimentazione autonoma matica basata su sensoristica e image processing, • Design e prototipazione (con strumenti CAD, pianificazione e gestione delle missioni stampante 3D, ecc) di circuiti elettronici per l’inte- • Smart Grid locale per l’ottimizzazione
    [Show full text]
  • Application Note 48 WPA Enterprise Wi-Fi Client to Digi Transport
    Application Note 48 WPA Enterprise Wi-Fi Client to Digi TransPort September 2016 Contents 1 Introduction ............................................................................................................................................... 4 1.1 Outline ............................................................................................................................................... 4 1.2 Assumptions ...................................................................................................................................... 5 1.1 Corrections ........................................................................................................................................ 5 1.2 Version ............................................................................................................................................... 5 2 Digi TransPort router configuration .......................................................................................................... 6 2.1 Configuration overview ..................................................................................................................... 6 2.2 LAN interface configuration .............................................................................................................. 6 2.3 WAN interface configuration ............................................................................................................. 7 2.4 Wi-Fi Access Point configuration ......................................................................................................
    [Show full text]
  • Bab 1 Pendahuluan
    BAB 1 PENDAHULUAN 1.1 Latar Belakang Network Function Virtualization atau biasa yang disebut NFV merupakan sebuah konsep baru dalam mendesain, menyebarkan, dan mengelola sebuah layanan jaringan dengan cara pembuatan virtual sebuah perangkat jaringan dari yang sebelumnya berbentuk fisik atau perangkat keras sehingga dapat dipakai dan dipindahkan di berbagai lokasi jaringan yang diperlukan tanpa harus melakukan pemasangan alat baru. NFV memungkinkan beberapa perangkat jaringan dapat berjalan pada satu komputer. Perangkat – perangkat jaringan yang divirtualkan pada NFV disebut sebagai VNF (Virtual Network Function). Untuk menjalankan VNF dibutuhkan sebuah hypervisor yang mengatur manajemen hardware yang digunakan. Hypervisor atau yang dikenal sebagai virtual machine management dibagi menjadi 2 tipe, yaitu bare-metal hypervisor dan hosted hypervisor. Bare-metal hypevisor dapat berjalan langsung pada perangkat keras komputer sedangkan hosted hypervisor memerlukan operating system environment (OSE) untuk menjalankannya [1]. Salah satu contoh bare- metal hypervisor adalah XEN. Xen ProjectTM adalah platform virtualisasi open source yang mendukung beberapa cloud terbesar dalam produksi saat ini. Amazon Web Services, Aliyun, Rackspace Cloud Umum, Verizon Cloud dan banyak layanan hosting menggunakan software Xen [2]. Salah satu contoh VNF adalah virtual firewall. Kelebihan virtual firewall dibandingkan firewall fisik adalah mudah dikelola, dapat dipakai sesuai kebutuhan, dan efektivitas biaya [3]. Pada tugas akhir ini virtual firewall yang digunakan adalah OPNsense, pfSense, dan IPFire karena ketiga firewall tersebut bisa didapatkan secara gratis dan bersifat open source serta ketiga firewall tersebut dapat dikonfigurasi melalui web. pfSense merupakan firewall berbasis FreeBSD yang sangat populer untuk solusi keamanan serta user dapat melakukan modifikasi dan mudah dalam instalasi [4]. IPFire adalah sebuah distribusi Linux yang berfokus pada setup yang mudah, penanganan yang yang baik, dan tingkat keamanan yang tinggi [5].
    [Show full text]
  • GNU/Linux Distro Timeline LEAF Version 10.9 Skolelinux Lindows Linspire Authors: A
    1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 Libranet Omoikane (Arma) Gibraltar GNU/Linux distro timeline LEAF Version 10.9 Skolelinux Lindows Linspire Authors: A. Lundqvist, D. Rodic - futurist.se/gldt Freespire Published under the GNU Free Documentation License MEPIS SimplyMEPIS Impi Guadalinex Clonezilla Live Edubuntu Xubuntu gNewSense Geubuntu OpenGEU Fluxbuntu Eeebuntu Aurora OS Zebuntu ZevenOS Maryan Qimo wattOS Element Jolicloud Ubuntu Netrunner Ylmf Lubuntu eBox Zentyal Ubuntu eee Easy Peasy CrunchBang gOS Kiwi Ubuntulite U-lite Linux Mint nUbuntu Kubuntu Ulteo MoLinux BlankOn Elive OS2005 Maemo Epidemic sidux PelicanHPC Inquisitor Canaima Debian Metamorphose Estrella Roja BOSS PureOS NepaLinux Tuquito Trisquel Resulinux BeatriX grml DeadCD Olive Bluewall ASLinux gnuLiNex DeMuDi Progeny Quantian DSL-N Damn Small Linux Hikarunix Damn Vulnerable Linux Danix Parsix Kanotix Auditor Security Linux Backtrack Bioknoppix Whoppix WHAX Symphony OS Knoppix Musix ParallelKnoppix Kaella Shabdix Feather KnoppMyth Aquamorph Dreamlinux Morphix ZoneCD Hiwix Hiweed Deepin Kalango Kurumin Poseidon Dizinha NeoDizinha Patinho Faminto Finnix Storm Corel Xandros Moblin MeeGo Bogus Trans-Ameritech Android Mini Monkey Tinfoil Hat Tiny Core Yggdrasil Linux Universe Midori Quirky TAMU DILINUX DOSLINUX Mamona Craftworks BluePoint Yoper MCC Interim Pardus Xdenu EnGarde Puppy Macpup SmoothWall GPL SmoothWall Express IPCop IPFire Beehive Paldo Source Mage Sorcerer Lunar eIT easyLinux GoboLinux GeeXboX Dragora
    [Show full text]
  • Configure Zeroshell As a PPTP Server with MS-Chapv2 and MPPE Support
    Configure Zeroshell as a PPTP Server with MS-CHAPv2 and MPPE support Basics: Boot from zeroshell CD then log into your zeroshell box. Using just the default image that the CD starts up with you can start using zeroshell as a PPTP server with just a few changes. First enable RADIUS in the USERS/RADIUS menu. Zeroshell will use the same IP address scope located on the L2TP menu. You can also change it to whatever you want it to be for your application. Preview your settings in NETWORK/VPN/Host-to-LAN (L2TP/IPSec) Note: The L2TP Server does not have to be enabled to pass the IP address information to the PPTP server. Just change the numbers and hit save while it’s enabled or disabled. Last thing we need to do is enable ssh for the actual configurations that will enable the PPTP server. Use the SYSTEM/Setup/SSH menu to enable this feature. Advanced: This part of the configurations take place in the CLI so if you don’t follow these instructions closely or don’t feel confident using the CLI then you probably shouldn’t be using zeroshell. That statement will either inspire you or strike fear in your heart. Well go and start your ssh session with the zeroshell box and use the shell prompt. We will be working with 2 files to enable and configure the PPTP server. /etc/ pptpd.conf /etc/ppp/ options.pptpd Copy these 2 files to a location that will not get wiped every time you reboot. Use the / Database for any static files that you don’t want mangled after a reboot or service restart.
    [Show full text]
  • Une Box Nano-Serveur Autonome Raspberry Pi3 Mokhtar Ben Henda
    Une Box nano-serveur autonome Raspberry Pi3 Mokhtar Ben Henda To cite this version: Mokhtar Ben Henda. Une Box nano-serveur autonome Raspberry Pi3 : Pour diffuser localement des contenus Web y compris dans des milieux non connectés. [Rapport Technique] AUF (Agence Universitaire de la Francophonie); IFIC. 2018. hal-02532371 HAL Id: hal-02532371 https://hal.archives-ouvertes.fr/hal-02532371 Submitted on 5 Apr 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Distributed under a Creative Commons Attribution - ShareAlike| 4.0 International License Pour diffuser localement des contenus Web y compris dans des milieux non connectés Mokhtar BEN HENDA Octobre 2018 0 Table des matières Avant-propos ................................................................................................................................... 2 Introduction des concepts ............................................................................................................... 5 La réplication (mirroring)............................................................................................................
    [Show full text]
  • Zerotruth Multicp
    ZEROTRUTH MULTICP CENTRALIZED MANAGEMENT AND REMOTE ADMINISTRATION OF MULTIPLE CAPTIVE PORTALS TRUTHAHN Nello Dalla Costa - Johnathan Ferrarini http://www.zerotruth.net Revised by Matteo Guglielmi INTRODUCTION ZeroTruth (ZT) (http://www.zerotruth.net) was developed to extend the easy-to-use web inter- face of ZeroShell (ZS) (http://www.zeroshell.org), which is a “linux distribution for servers and em- bedded devices aimed at providing the main network services a LAN requires”, with particular attention to the Captive Portal (CP) network service. ZeroTruth, in a glance, adds a new section to the stock ZeroShell web interface allowing adminis- trators to manage multiple remote captive portals as if they were just one. The idea of creating ZeroTruth originated from one of the most requested features posted on the ZeroShell forum, which was two fold: 1. to manage one or more remote captive portals in a centralized fashion (this feature is available starting from ZeroTruth version 1.0.beta1), 2. to not eclipse the rich set of functions provided by ZeroShell. Out of this broadened interest, the ZeroTruth project was born. ZeroTruth extends the functionality of ZeroShell by adding a new set of functions such as self- registration, profile-shaping, time-limits, squid web-cache and others. Please note that ZeroTruth has profound roots into ZeroShell code therefore, ZeroTruth must be installed side by side with ZeroShell (ZeroTruth cannot be installed on its own). As a technical note, I would recommend to layout the logical network topology in the star con- figuration (see frontpage) in which only one central station (the hub) is configured as server, while all other stations (the spokes) are configured as clients.
    [Show full text]