connect to wifi wpa2

This doc show how to connect to wpa2 essid using command line

DISABLE NETWORK_MANAGER dulu


 wpa_passphrase SSID PASSWORD > CONFIG_FILE
eg:
# wpa_passphrase myWifi mypassword > wpa.conf


 to list available driver
#      wpa_supplicant



# sudo wpa_supplicant -iwlan0 -c wpa.conf -Dwext
// -i  wireless card
// -c  config file
// -D  driver



ref: http://askubuntu.com/questions/16584/how-to-connect-and-disconnect-to-a-network-manually-in-terminal

vlan Membership Flag

Here are the definitions that I pulled from page 126 of the User Guide:

T          --  The interface is a member of a VLAN. All packets forwarded by the interface are tagged. The packets contain VLAN information.

U          --  The interface is a VLAN member. Packets forwarded by the interface are untagged.

F          --  The interface is denied membership to a VLAN.

Blank    --  The interface is not a VLAN member. Packets associated with the interface are not forwarded.

ref:

http://en.community.dell.com/support-forums/network-switches/f/866/t/19495197

download laju: aria

aria2c  -c -s 16 -x 16 http://10.0.7.10/buf/HDP_2.5_vmware.ova

c: continue
s: split connection
x: max con per server

Isu screen 'screen.xterm-256color'

Sejak update LTS 16, ada masalah utk run screen pada remote server.
Error:
 Cannot find terminfo entry for 'screen.xterm-256color'


Penyelesaian:
Sebelum run screen, run command di bawah pada remote server.
  export TERM=xterm-256color




FREEBSD / pfsense
   setenv TERM xterm-256color

Android DNS

Display dns use by android:
-getprop net.dns1
-getprop net.dns2


Set dns to use by android
-setprop net.dns1 113.113.113.113

Photograph

ospf

Router(config)#router opsf 10
Router(config-router)#network 10.10.0.0 0.0.255.255 area 0


R1#show ip route 
R1#show ip route ospf 


R1#show ip ospf neighbor
R1#show ip ospf route
R1#show ip ospf database
R1#show ip ospf interface

Command	Description
Router(config)#router opsf 10	Enable OSPF routing protocol under process ID 10.
Router(config-router)#network 10.10.0.0 0.0.255.255 area 0	Enable OSPF with area 0 on matching interface.

Router#show ip route	Display all routes from routing table
Router#show ip route ospf	Display all routers learned through OSPF from routing table

Router#show ip ospf	Display basic information about OSPF
Router#show ip ospf interface	Display information about all OSPF active interfaces
Router#show ip ospf neighbor [detail]
Router#show ip ospf database	OSPF neighbors with basic info
Router#show ip ospf interface	fsdf

ref: http://www.computernetworkingnotes.com/ccna-study-guide/ospf-configuration-step-by-step-guide.html

Proksi web

The leading proxies are Burp and Zap. Burp pro edition just about has the edge on Zap, but Zap is completely free. The free edition of Burp is usable, but lacks advanced features like the active scanner.

Paros and Webscarab were once leading proxies, but they are no longer cutting edge. Zap is actually a fork of Paros, but it has moved on a lot.

Squid is a proxy, that's true, but it's not an interactive proxy. It's not much help for testing a web app.

ref: http://security.stackexchange.com/questions/53557/which-opensource-proxy-is-better-and-easier-to-use  (march 2014)

setup permulaan router Cisco IOS

List nic

• show interfaces description

Gi0/0                          up             up

Gi0/1                          admin down     down

Gi0/2                          admin down     down

Lo0                            up             up

Configure vIOS routers as following.

Router>en

Router#conf t

Router(config)#hostname vOS-I

vIOS-I(config)#interface GigabitEthernet 0/0

vIOS-I(config-if)#ip address 172.16.1.1 255.255.255.0

vIOS-I(config-if)#no shutdown

vIOS-I(config-if)#do wr

List Routing Table
Router2#show ip route

Default GW
Router(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.6

Enable SSh @ router

http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/1100-cisco-routers-ssh-support-configuration-rsa-key-generation.html

Router (config)# username admin privilege 15 secret Firewall.cx      (Firewall.cx <- nbsp="" password="" ssh="" strong="" to="">
Router (config)# aaa new-model
Router (config)# aaa authentication login default local
Router (config)# enable secret $FirewAll.cx!           <- en="" mode="" nbsp="" password="" strong="" to="">
Router (config)# service password-encryption

R1(config)# line vty 0 4
R1(config-line)# transport input ssh
R1(config-line)# login authentication default
R1(config-line)# password $Cisco!    <- aaa="" authentication="" cisco="" guna="" nbsp="" ni="" pakai="" password="" sebab="" strong="" tak="">

Generating RSA key  (selagi takde key, ssh port tak enable)

R1 (config)#  ip domain-name firewall.cx
R1(config)# crypto key generate rsa 
The name for the keys will be: R1.firewall.cx
Choose the size of the key modulus in the range of 360 to 4096 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.                                                                                                                                                                                                     How many bits in the modulus [512]: 4096
% Generating 4096 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 183 seconds)

OSPF:

Remove ospf process:

R1(conf)#  no router ospf 1

git branch

ref:  https://git-scm.com/book/en/v2/Git-Branching-Branches-in-a-Nutshell

Python virtual environment

mkvirtualenv [-a project_path] [-i package] [-r requirements_file] [virtualenv options] ENVNAME

lsvirtualenv [-b] [-l] [-h]

showvirtualenv [env]

rmvirtualenv ENVNAME

workon [(-c|--cd)|(-n|--no-cd)] [environment_name|"."]

deactivate

lssitepackages

virtualenvwrapper

ref: http://virtualenvwrapper.readthedocs.io/en/latest/command_ref.html

Domain Shadowing

In an attack that includes domain shadowing, an attacker will log into the domain register's website to set up a new subdomain registered to a new server IP address. By registering many subdomain names and IP addresses, attackers are able to avoid blacklists, but it does not allow attackers to bypass reputation-based filters.


ref:
http://searchsecurity.techtarget.com/answer/What-is-domain-shadowing-and-how-can-enterprises-defend-against-it

angler Exploit Kit

reading for non technical


https://heimdalsecurity.com/blog/ultimate-guide-angler-exploit-kit-non-technical-people/

Milik siapa fail itu

mencari fail tertentu milik pakej yang mana.

M4700:~$ dpkg --search /usr/include/openssl/ssl.h
libssl-dev:amd64: /usr/include/openssl/ssl.h

LAG on PowerConnect

Notes:

LAG(Ling Agregation Group) adalah features utk kombine 2 atau lebih kabel/port utk bekerja sebagai satu group. Boleh pilih mode:
  1) failover(master mati, secondary ambil alih),
  2) LACP(Link Agregation Control Protocol)

Kalau nak guna LACP, both end kena suport dan enable dulu.

Untuk PowerConnect, boleh pilih utk enable atau tak pada menu:
   Switching --> Link Agregation -->  LAG Membership

Enable LACP on channel 1 and 2

Tapi ada kemungkinan pada remote port tak support LACP, maka setiap kali enable LACP, kena semak status LAG samaada up atau down di:
   Switching --> Porst --> LAG Configuration (ShowAll)

LAG Status pada Channel 2 Down

ref:
http://www.juniper.net/documentation/en_US/junos15.1/topics/concept/interfaces-lag-overview.html

esxcli

List ARP

- esxcli network ip neighbor list

SELinux

How SELinux Works

Consider these pieces of the SELinux puzzle:

• Subjects
• Objects
• Policy
• Mode

When a subject (such as an application) attempts to access an object (such as a file), the SELinux Security Server (inside the kernel) runs a check against the Policy Database. Depending on the current mode, if the SELinux Security Server grants permission, the subject is given access to the object. If the SELinux Security Server denies permission, a denied message is logged in /var/log/messages.

The Modes

SELinux has three modes (which can be set by the user). These modes will dictate how SELinux acts uponsubject request. The modes are: 

• Enforcing — SELinux policy is enforced and subjects will be denied or granted access to objects based on the SELinux policy rules
• Permissive — SELinux policy is not enforced and does not deny access, although denials are logged
• Disabled — SELinux is completely disabled
• 
  

ref:
http://www.linux.com/learn/docs/ldp/883671-an-introduction-to-selinux

contacts not sync with gmail contacts

Google Contacts Sync Adapter app installed?

Can be found in :
/system/GoogleContactsSyncAdapter/googleContactsSyncAdapter.apk









ref:
https://www.reddit.com/r/cyanogenmod/comments/3vxd58/google_sync_contacts_option_missing_in_cm13_on/

Setup Wizard has stopped

Annoying popup after upgrade to mashmallow(cyanogenmod 13)

pm disable com.google.android.setupwizard

flash recovery for S5

1) open phone(S5) to download mode (Power + VolDown + home)

2) connect usb cable to phone
3) heimdall flash --RECOVERY recovery.img --no-reboot

4) disconnect cable and power off phone

ref: https://wiki.cyanogenmod.org/w/Install_CM_for_kltechn

available dir from Cyanogenmod recovery

selfnote:

S5
/tmp
/data/media/0/Download