Access point setting may be a little difficult for general linux user, I would like to introduce a one step way to use your linux box with a USB wifi dongle to change it to a wireless AP
1. Identify your USB wifi dongle support AP mode or not.
In order to turn your USB wifi to Access Point, your USB dongle must support AP Mode. you may check if it is supported by following:
$iw list
Wiphy phy1
max # scan SSIDs: 4
max scan IEs length: 2285 bytes
Retry short limit: 7
Retry long limit: 4
Coverage class: 0 (up to 0m)
Device supports RSN-IBSS.
Supported Ciphers:
* WEP40 (00-0f-ac:1)
* WEP104 (00-0f-ac:5)
* TKIP (00-0f-ac:2)
* CCMP (00-0f-ac:4)
* 00-0f-ac:10
* GCMP (00-0f-ac:8)
* 00-0f-ac:9
* CMAC (00-0f-ac:6)
* 00-0f-ac:13
* 00-0f-ac:11
* 00-0f-ac:12
Available Antennas: TX 0 RX 0
Supported interface modes:
* IBSS
* managed
* AP
* AP/VLAN
* monitor
* mesh point ...
If you plug in your usb dongle and the Supported Interface modes do not have the "AP" mode, you need another usb module. Most likely for my personsal recommendation Atheros Chipset is a good choice.
2. Introduce to you a create_ap script. You may find it in the following link:
https://bbs.archlinux.org/viewtopic.php?pid=1269258
or from AUR
https://aur.archlinux.org/packages/create_ap/
Just install it and with the dependencies.
Just simply run a command
#create_ap wlan0 eth0 MyAccessPoint MyPassPhrase
And it is Done!! How come it is so easy.
There is a word for Chinese People "前人種樹後人蔭" "People plant trees, childen cools under tree"
Thanks for open source
2015年5月19日 星期二
[How to] Block ssh brute-force attack using sshguard in linux
In case your Linux box have provided a ssh function and connect to a public internet IP directly, in most case you will face a lot of brute-force attack. For this case, sshguard can help to lower the rate of the attack.
How it works
For simply, sshguard read logs from sshd and block suspicious attack by iptables.
In order to view if you are being attacked:
$journalctl -axe
...
5▒▒▒ 19 12:28:10 localhost sshd[22109]: Connection closed by 70.60.248.30 [preauth] <==== Port Scan
5▒▒▒ 19 12:28:34 localhost sshd[22111]: Did not receive identification string from 195.154.55.58
5▒▒▒ 19 12:28:35 localhost sshd[22112]: Invalid user ubnt from 195.154.55.58
5▒▒▒ 19 12:28:35 localhost sshd[22112]: input_userauth_request: invalid user ubnt [preauth]
5▒▒▒ 19 12:28:36 localhost sshd[22112]: pam_tally(sshd:auth): pam_get_uid; no such user
5▒▒▒ 19 12:28:36 localhost sshd[22112]: pam_unix(sshd:auth): check pass; user unknown
5▒▒▒ 19 12:28:36 localhost sshd[22112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos
5▒▒▒ 19 12:28:38 localhost sshd[22112]: Failed password for invalid user ubnt from 195.154.55.58 port 54126 ssh2
5▒▒▒ 19 12:28:38 localhost sshd[22112]: error: Received disconnect from 195.154.55.58: 3: com.jcraft.jsch.JSchException: Auth
5▒▒▒ 19 12:28:38 localhost sshd[22112]: Disconnected from 195.154.55.58 [preauth]
5▒▒▒ 19 12:28:39 localhost sshd[22115]: Invalid user admin from 195.154.55.58
5▒▒▒ 19 12:28:39 localhost sshd[22115]: input_userauth_request: invalid user admin [preauth]
5▒▒▒ 19 12:28:40 localhost sshd[22115]: pam_tally(sshd:auth): pam_get_uid; no such user <=== Attack
5▒▒▒ 19 12:28:40 localhost sshd[22115]: pam_unix(sshd:auth): check pass; user unknown
5▒▒▒ 19 12:28:40 localhost sshd[22115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos
5▒▒▒ 19 12:28:42 localhost sshd[22115]: Failed password for invalid user admin from 195.154.55.58 port 51840 ssh2
5▒▒▒ 19 12:28:43 localhost sshd[22115]: error: Received disconnect from 195.154.55.58: 3: com.jcraft.jsch.JSchException: Auth
5▒▒▒ 19 12:28:43 localhost sshd[22115]: Disconnected from 195.154.55.58 [preauth]
5▒▒▒ 19 12:28:44 localhost sshd[22117]: pam_tally(sshd:auth): Tally overflowed for user root <=== Attack
5▒▒▒ 19 12:28:44 localhost sshd[22117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos
5▒▒▒ 19 12:28:46 localhost sshd[22117]: Failed password for root from 195.154.55.58 port 54190 ssh2 <=== Attack
...
Installation
Very simple
# pacman -S sshguard
# iptables -N sshguard
# iptables -A INPUT -p tcp --dport 22 -j sshguard
# iptables-save > /etc/iptables/iptables.rules
# systemctl start sshguard.service
# systemctl enable sshguard.service
And you may find from the log
$journalctl -axe
5▒▒▒ 19 12:28:46 localhost sshguard[26588]: Blocking 195.154.55.58:4 for >630secs: 40 danger in 4 attacks over 12 seconds (all
Nice and done
2015年5月4日 星期一
Android X86 native experience - Android-x86 4.4r2
Android X86 is a project that can run android natively on X86 computer. I have downloaded and tested the latest release of "Android-x86 4.4r2" which was released on 1Jan 2015, as live CD. The experience is as follows:
1. Hardware
- Lenovo Thinkpad X61 (intel T8300, i965 4GB DDR2, ABGN4965)
- Desktop Computer (intel core 2 duo 6420, G33, 4GB DDR2, AMD HD4670)
2. Testing
It is strange that the laptop gives a very poor experience that the OS crash on the first screen of checking wifi status during inputing the Google Account. I have tested for a couple of times and it still not work. Seems cannot found a solution on web yet. I have tried to use a USB wifi and the issue is still the same.
For the Desktop computer, it is strange that everything works out of box.
Performance is great, very fast and no a little lag.
CPU works great with Speedstep
Graphics card works well with acclaration
Most app works
Just wanna know if it support MCE remote, or I will buy one or the android x86 media center.
= = =
Download Link:
http://www.android-x86.org/
1. Hardware
- Lenovo Thinkpad X61 (intel T8300, i965 4GB DDR2, ABGN4965)
- Desktop Computer (intel core 2 duo 6420, G33, 4GB DDR2, AMD HD4670)
2. Testing
It is strange that the laptop gives a very poor experience that the OS crash on the first screen of checking wifi status during inputing the Google Account. I have tested for a couple of times and it still not work. Seems cannot found a solution on web yet. I have tried to use a USB wifi and the issue is still the same.
For the Desktop computer, it is strange that everything works out of box.
Performance is great, very fast and no a little lag.
CPU works great with Speedstep
Graphics card works well with acclaration
Most app works
Just wanna know if it support MCE remote, or I will buy one or the android x86 media center.
= = =
Download Link:
http://www.android-x86.org/
2015年5月2日 星期六
[How to] Fix the kernel module issues for VirtualBox
As some of the linux users may face issues related to kernel modules, just would like to document how I fix the issue
I was face the issue on the log
VBoxManage: error: Failed to create the host-only adapter
VBoxManage: error: VBoxNetAdpCtl: Error while adding new interface: failed to open /dev/vboxnetctl: No such file or directory
VBoxManage: error: Details: code NS_ERROR_FAILURE (0x80004005), component HostNetworkInterface, interface IHostNetworkInterface
VBoxManage: error: Context: "int handleCreate(HandlerArg*, int, int*)" at line 66 of file VBoxManageHostonly.cpp
To fix it, just load all kernel modules at boot up
# cat /etc/modules-load.d/virtualbox.conf
vboxnetadp
vboxnetflt
vboxpci
vboxdrv
= = =
Nice and Done
I was face the issue on the log
VBoxManage: error: Failed to create the host-only adapter
VBoxManage: error: VBoxNetAdpCtl: Error while adding new interface: failed to open /dev/vboxnetctl: No such file or directory
VBoxManage: error: Details: code NS_ERROR_FAILURE (0x80004005), component HostNetworkInterface, interface IHostNetworkInterface
VBoxManage: error: Context: "int handleCreate(HandlerArg*, int, int*)" at line 66 of file VBoxManageHostonly.cpp
To fix it, just load all kernel modules at boot up
# cat /etc/modules-load.d/virtualbox.conf
vboxnetadp
vboxnetflt
vboxpci
vboxdrv
= = =
Nice and Done
訂閱:
文章 (Atom)