I wrote a simple chkconfig compatible firewall init script for CentOS/RedHat/Fedora based Linux systems.
It will setup iptables firewall rules allowing anyone to access user defined ports (22,80 by default). It also has the ability to whitelist and blacklist IP’s. I’ve tested it with chkconfig on CentOS 5.
If your memory or mistyping leaves you without the right password to get into an account on a Linux computer, there’s no need to reformat. You’ll just need to reboot into single user mode to reset it. Here’s how to do it on a typical Ubuntu machine with the GRUB bootloader:
- Reboot the machine.
- Press the ESC key while GRUB is loading to enter the menu.
- If there is a ‘recovery mode’ option, select it and press ‘b’ to boot into single user mode.
- Otherwise, the default boot configuration should be selected. Press ‘e’ to edit it.
- Highlight the line that begins with ‘kernel’. Press ‘e’ again to edit this line.
- At the end of the line, add an additional parameter: ‘single’. Hit return to make the change and press ‘b’ to boot.
The system should load into single user mode and you’ll be left at the command line automatically logged in as root. Type ‘passwd’ to change the root password or ‘passwd someuser’ to change the password for your “someuser” admin account.
Once your done, give the three finger salute, or enter ‘reboot’ to restart into your machine’s normal configuration.
That’s all there is to it. Now just make sure to write your password down on a post-it and shove it somewhere safe like under your keyboard. 🙂
[ Source: Hackzine.com ]
It is possible to create a “reverse” SSH Tunnel. The reverse tunnel will allow you to create an SSH Tunnel from your work computer to your home computer, for example, and then login to your work machine from your home machine even if your work firewall does not permit ssh traffic initiated from your home machine!
For this to work, an SSH Server must be installed on your work and home computer, and ssh (TCP port 22) must be allowed outbound from your work computer to your home computer.
Syntax: ssh -R remote_port:localhost:22 your_home_computer
At home, you would then run ssh -p 2048 localhost to log into your work computer via ssh.
Here is a script that you can run through the cron facility on your work system to make sure the reverse SSH Tunnel to your home system is up and running. It is useful in case the system is rebooted.
# $REMOTE_HOST is the name of the remote system
# $REMOTE_PORT is the remote port number that will be used to tunnel
# back to this system
# $COMMAND is the command used to create the reverse ssh tunnel
COMMAND=”ssh -q -N -R $REMOTE_PORT:localhost:22 $REMOTE_HOST”
# Is the tunnel up? Perform two tests:
# 1. Check for relevant process ($COMMAND)
pgrep -f -x “$COMMAND” > /dev/null 2>&1 || $COMMAND
# 2. Test tunnel by looking at “netstat” output on $REMOTE_HOST
ssh $REMOTE_HOST netstat -an | egrep “tcp.*:$REMOTE_PORT.*LISTEN” \
> /dev/null 2>&1
if [ $? -ne 0 ] ; then
pkill -f -x “$COMMAND”
SSH Tunnelling is an excellent way to tunnel insecure protocols through a secure communication channel. In this example, I’ll tunnel POP3 traffic using SSH. Traditional POP3 traffic, including username and password information, travels clear-text across the network.
The syntax: ssh -f -N -L <local port>:<remote server>:<remote port> <userid>@<remote server>
To tunnel POP3 traffic using ssh:
- Make sure an ssh client is installed on your machine and an ssh server is installed on the POP3 server.
- Create a local SSH Tunnel on your machine (port 1234 for this example) to the POP3 server’s port 110. You will need to be the root user to bind to “privileged” ports (< 1024).
# ssh -f -N -L 1234:localhost:110 user@POP3_server
- Test the tunnel.
$ telnet localhost 1234
You should see the POP3 server’s banner information.est the tunnel.
- Configure your mail client to access your mail via POP3 using mail server localhost and port 1234.
You can determine which versions of the ssh protocol an ssh server supports by examining the service banner. The service banner includes both the remote protocol version and the remote software version.
telnet ssh_server 22
SSH-1.5-remote_software_version (supports ssh protocol 1 only)
SSH-1.99-remote_software_version (supports ssh protocols 1 and 2)
SSH-2.0-remote_software_version (supports ssh protocol 2 only)
ssh protocol 2:
1. Create a DSA or RSA key named foo. As of version 3.0 of the ssh.com server includes support for RSA keys.
$ cd ~/.ssh
$ ssh-keygen -t dsa -f foo
2. Convert the DSA or RSA key into “SECSH Public Key File Format,” the format used on an ssh.com server.
$ ssh-keygen -e -f foo > foo.pub
3. Copy the foo.pub file to the ssh.com server.
$ scp foo.pub email@example.com_host:.ssh2
If the remote server only allows ssh protocol 2, you may receive the following errors:
scp: warning: Executing scp1 compatibility.
scp: FATAL: Executing ssh1 in compatibility mode failed (Check that scp1 is in your PATH).
Use sftp instead to transfer the key:
$ sftp firstname.lastname@example.org_host
put foo.pub .ssh2
4. Add the appropriate ~/.ssh2/authorization file entry in the ssh.com server.
$ ssh email@example.com_host ‘echo “key foo.pub” >> .ssh2/authorization’
5. Login to the ssh.com server using the foo identity.
$ ssh -o IdentityFile2=~/.ssh/foo firstname.lastname@example.org_host
ssh protocol 1:
1. Create an RSA1 key.
$ cd ~/.ssh
$ ssh-keygen -t rsa1
2. Append the ~/.ssh/identity.pub file to the ~/.ssh/authorized_keys file on the ssh.com server.
$ cat ~/.ssh/identity.pub | ssh remote_server “cat – >> ~/.ssh/authorized_keys”
Note: Any ssh.com server only allowing ssh protocol 1 should be upgraded, as usage of ssh protocol 1 itself is not recommended.
Connecting two server running different type of SSH can be nightmare if you does not know how to convert the key. In this tutorial, I will try to explain on how to convert the public key from OpenSSH to SSH2 and SSH2 to OpenSSH. To convert the key, it must be done in OpenSSH server.
Convert OpenSSH key to SSH2 key
- Run the OpenSSH version of ssh-keygen on your OpenSSH public key to convert it into the format needed by SSH2 on the remote machine. This must be done on the system running OpenSSH.
#ssh-keygen -e -f ~/.ssh/id_dsa.pub > ~/.ssh/id_dsa_ssh2.pub
Convert SSH2 key to OpenSSH key
- Run the OpenSSH version of ssh-keygen on your ssh2 public key to convert it into the format needed by OpenSSH. This needs to be done on the system running OpenSSH.
#ssh-keygen -i -f ~/.ssh/id_dsa_1024_a.pub > ~/.ssh/id_dsa_1024_a_openssh.pub
Vulnerabilities in USB drivers for Windows could allow an attacker to take control of locked workstations using a specially programmed Universal Serial Bus device, according to an executive from SPI Dynamics, which discovered the security hole.
The buffer-overflow vulnerabilities could enable an attacker to circumvent Windows security and gain administrative access to a user’s machine.
[ Source: eWeek.com ]