18 October 2016

connect to wifi wpa2

This doc show how to connect to wpa2 essid using command line

DISABLE NETWORK_MANAGER dulu


 wpa_passphrase SSID PASSWORD > CONFIG_FILE
eg:
# wpa_passphrase myWifi mypassword > wpa.conf


 to list available driver
#      wpa_supplicant



# sudo wpa_supplicant -iwlan0 -c wpa.conf -Dwext
// -i  wireless card
// -c  config file
// -D  driver



ref: http://askubuntu.com/questions/16584/how-to-connect-and-disconnect-to-a-network-manually-in-terminal

15 October 2016

vlan Membership Flag

Here are the definitions that I pulled from page 126 of the User Guide:

T          --  The interface is a member of a VLAN. All packets forwarded by the interface are tagged. The packets contain VLAN information.
U          --  The interface is a VLAN member. Packets forwarded by the interface are untagged.
F          --  The interface is denied membership to a VLAN.
Blank    --  The interface is not a VLAN member. Packets associated with the interface are not forwarded.




ref:
http://en.community.dell.com/support-forums/network-switches/f/866/t/19495197

28 September 2016

download laju: aria

aria2c  -c -s 16 -x 16 http://10.0.7.10/buf/HDP_2.5_vmware.ova

c: continue
s: split connection
x: max con per server

21 September 2016

Isu screen 'screen.xterm-256color'

Sejak update LTS 16, ada masalah utk run screen pada remote server.
Error:
 Cannot find terminfo entry for 'screen.xterm-256color'


Penyelesaian:
Sebelum run screen, run command di bawah pada remote server.
  export TERM=xterm-256color




FREEBSD / pfsense
   setenv TERM xterm-256color

08 September 2016

Android DNS


Display dns use by android:
-getprop net.dns1
-getprop net.dns2


Set dns to use by android
-setprop net.dns1 113.113.113.113

10 August 2016

ospf

Router(config)#router opsf 10
Router(config-router)#network 10.10.0.0 0.0.255.255 area 0


R1#show ip route 
R1#show ip route ospf 


R1#show ip ospf neighbor
R1#show ip ospf route
R1#show ip ospf database
R1#show ip ospf interface





CommandDescription
Router(config)#router opsf 10Enable OSPF routing protocol under process ID 10.
Router(config-router)#network 10.10.0.0
0.0.255.255 area 0
Enable OSPF with area 0 on matching interface.

Router#show ip routeDisplay all routes from routing table
Router#show ip route ospfDisplay all routers learned through OSPF from routing table


Router#show ip ospf Display basic information about OSPF
Router#show ip ospf interfaceDisplay information about all OSPF active interfaces
Router#show ip ospf neighbor [detail]
Router#show ip ospf databaseOSPF neighbors with basic info
Router#show ip ospf interfacefsdf

ref: http://www.computernetworkingnotes.com/ccna-study-guide/ospf-configuration-step-by-step-guide.html

02 August 2016

Proksi web

The leading proxies are Burp and Zap. Burp pro edition just about has the edge on Zap, but Zap is completely free. The free edition of Burp is usable, but lacks advanced features like the active scanner.
Paros and Webscarab were once leading proxies, but they are no longer cutting edge. Zap is actually a fork of Paros, but it has moved on a lot.
Squid is a proxy, that's true, but it's not an interactive proxy. It's not much help for testing a web app.


ref: http://security.stackexchange.com/questions/53557/which-opensource-proxy-is-better-and-easier-to-use  (march 2014)

05 July 2016

setup permulaan router Cisco IOS


List nic
  • show interfaces description
Gi0/0                          up             up
Gi0/1                          admin down     down
Gi0/2                          admin down     down
Lo0                            up             up




Configure vIOS routers as following.
Router>en
Router#conf t
Router(config)#hostname vOS-I
vIOS-I(config)#interface GigabitEthernet 0/0
vIOS-I(config-if)#ip address 172.16.1.1 255.255.255.0
vIOS-I(config-if)#no shutdown
vIOS-I(config-if)#do wr




List Routing Table
Router2#show ip route

Default GW
Router(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.6



Enable SSh @ router
http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/1100-cisco-routers-ssh-support-configuration-rsa-key-generation.html

Router (config)# username admin privilege 15 secret Firewall.cx      (Firewall.cx <- nbsp="" password="" ssh="" strong="" to="">
Router (config)# aaa new-model
Router (config)# aaa authentication login default local
Router (config)# enable secret $FirewAll.cx!           <- en="" mode="" nbsp="" password="" strong="" to="">
Router (config)# service password-encryption


R1(config)# line vty 0 4
R1(config-line)# transport input ssh
R1(config-line)# login authentication default
R1(config-line)# password $Cisco!    <- aaa="" authentication="" cisco="" guna="" nbsp="" ni="" pakai="" password="" sebab="" strong="" tak="">


Generating RSA key  (selagi takde key, ssh port tak enable)
R1 (config)#  ip domain-name firewall.cx
R1(config)# crypto key generate rsa 
The name for the keys will be: R1.firewall.cx
Choose the size of the key modulus in the range of 360 to 4096 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.                                                                                                                                                                                                     How many bits in the modulus [512]: 4096
% Generating 4096 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 183 seconds)



OSPF:

Remove ospf process:
R1(conf)#  no router ospf 1

09 June 2016

git branch

ref:  https://git-scm.com/book/en/v2/Git-Branching-Branches-in-a-Nutshell

06 May 2016

Python virtual environment


mkvirtualenv [-a project_path] [-i package] [-r requirements_file] [virtualenv options] ENVNAME
lsvirtualenv [-b] [-l] [-h]

showvirtualenv [env]

rmvirtualenv ENVNAME

workon [(-c|--cd)|(-n|--no-cd)] [environment_name|"."]

deactivate

lssitepackages

virtualenvwrapper
ref: http://virtualenvwrapper.readthedocs.io/en/latest/command_ref.html

04 April 2016

Domain Shadowing

In an attack that includes domain shadowing, an attacker will log into the domain register's website to set up a new subdomain registered to a new server IP address. By registering many subdomain names and IP addresses, attackers are able to avoid blacklists, but it does not allow attackers to bypass reputation-based filters.


ref:
http://searchsecurity.techtarget.com/answer/What-is-domain-shadowing-and-how-can-enterprises-defend-against-it

angler Exploit Kit

reading for non technical


https://heimdalsecurity.com/blog/ultimate-guide-angler-exploit-kit-non-technical-people/

23 March 2016

Milik siapa fail itu

mencari fail tertentu milik pakej yang mana.

M4700:~$ dpkg --search /usr/include/openssl/ssl.h
libssl-dev:amd64: /usr/include/openssl/ssl.h

19 February 2016

LAG on PowerConnect

Notes:

LAG(Ling Agregation Group) adalah features utk kombine 2 atau lebih kabel/port utk bekerja sebagai satu group. Boleh pilih mode:
  1) failover(master mati, secondary ambil alih),
  2) LACP(Link Agregation Control Protocol)

Kalau nak guna LACP, both end kena suport dan enable dulu.

Untuk PowerConnect, boleh pilih utk enable atau tak pada menu:
   Switching --> Link Agregation -->  LAG Membership
Enable LACP on channel 1 and 2





Tapi ada kemungkinan pada remote port tak support LACP, maka setiap kali enable LACP, kena semak status LAG samaada up atau down di:
   Switching --> Porst --> LAG Configuration (ShowAll)
LAG Status pada Channel 2 Down




ref:
http://www.juniper.net/documentation/en_US/junos15.1/topics/concept/interfaces-lag-overview.html

18 February 2016

11 February 2016

SELinux


How SELinux Works

Consider these pieces of the SELinux puzzle:
  • Subjects
  • Objects
  • Policy
  • Mode
When a subject (such as an application) attempts to access an object (such as a file), the SELinux Security Server (inside the kernel) runs a check against the Policy Database. Depending on the current mode, if the SELinux Security Server grants permission, the subject is given access to the object. If the SELinux Security Server denies permission, a denied message is logged in /var/log/messages.

The Modes

SELinux has three modes (which can be set by the user). These modes will dictate how SELinux acts uponsubject request. The modes are: 
  • Enforcing — SELinux policy is enforced and subjects will be denied or granted access to objects based on the SELinux policy rules
  • Permissive — SELinux policy is not enforced and does not deny access, although denials are logged
  • Disabled — SELinux is completely disabled





ref:
http://www.linux.com/learn/docs/ldp/883671-an-introduction-to-selinux

contacts not sync with gmail contacts


Google Contacts Sync Adapter app installed?

Can be found in :
/system/GoogleContactsSyncAdapter/googleContactsSyncAdapter.apk









ref:
https://www.reddit.com/r/cyanogenmod/comments/3vxd58/google_sync_contacts_option_missing_in_cm13_on/

27 January 2016

Setup Wizard has stopped

Annoying popup after upgrade to mashmallow(cyanogenmod 13)

pm disable com.google.android.setupwizard

flash recovery for S5



1) open phone(S5) to download mode (Power + VolDown + home)

2) connect usb cable to phone
3) heimdall flash --RECOVERY recovery.img --no-reboot

4) disconnect cable and power off phone

ref: https://wiki.cyanogenmod.org/w/Install_CM_for_kltechn