Install command in Linux Ubuntu/Debian:
sudo apt-get install nbtscan
The Windows version can be downloaded from http://www.unixwiz.net/tools/nbtscan.html
Network scan example:
I will describe the possible startup keys:
-O FILENAME (output information to file)
-v (more detailed information output)
-p (port indication)
-H (generate HTTP header)
-m (MAC address indication)
-n (do not convert names to DNS, display only IP)
-t NUMBER (response time in seconds, default 1)
-v (display version nbtscan)
On the test, I configure DHCP Snooping on the Cisco Catalyst 6509-E to block third-party DHCP servers, on the other Cisco switches, the configuration is basically the same.
After connecting to the device immediately go to the configuration mode:
Continue reading “Blocking third-party DHCP on Cisco via DHCP Snooping”
The appropriate solution I found for running MySQL server on specific IP addresses is to run it at all and then filter the connected clients through iptables.
For the test, I used Ubuntu Server 16.04.5 LTS, which had more than 200 external white IPs and was highly loaded.
Continue reading “How to run MySQL server on specific IP”
To configure the timeout for SSH sessions, let’s see where the SSH server configuration file is located:
sudo find / -name sshd_config
Open it in any text editor, for example nano:
sudo nano /etc/ssh/sshd_config
Continue reading “Configuring SSH session timeout”
Let’s say that several users are connected through SSH.
First look at the list of online users:
Suppose the following information is displayed (where test is the user’s login):
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
test tty1 11:20 1:07 0.03s 0.03s -bash
test pts/0 192.168.1.5 11:21 13.00s 0.02s 0.02s -bash
test pts/1 192.168.1.3 11:21 0.00s 0.02s 0.00s w
tty1 – it is a client logged in locally, that is, it is located near the computer.
pts/1 – judging for example on IP and WHAT, let’s assume that it’s us, accordingly pts/0 is the client of which we want to disconnect.
See the list of processes and their PID:
ps faux |grep sshd
At me it was displayed:
root 946 0.0 0.5 65508 5368 ? Ss 12:00 0:00 /usr/sbin/sshd -D
root 1147 0.0 0.6 92828 6920 ? Ss 12:01 0:00 \_ sshd: test [priv]
test 1178 0.0 0.3 92828 3384 ? S 12:01 0:00 | \_ sshd: test@pts/0
root 1192 0.0 0.6 92828 6592 ? Ss 12:02 0:00 \_ sshd: test [priv]
test 1223 0.0 0.3 92828 3532 ? S 12:02 0:00 \_ sshd: test@pts/1
test 1248 0.0 0.0 15468 956 pts/1 S+ 12:25 0:00 \_ grep --color=auto sshd
We find test@pts/0 and accordingly 1178 is the required PID.
We terminate the process by specifying its ID, after which the user will immediately disconnect:
sudo kill -9 1178
See also my articles:
Configuring SSH session timeout
Installing and Configuring SSH
Clam AntiVirus — a package of antivirus software running on many operating systems.
Continue reading “Installing and using ClamAV antivirus”
Suppose Fail2Ban is already installed, if not, then see my article – Installing and Configuring Fail2ban.
By default, Bind9 does not write logs, so open its configuration file in any text editor:
Continue reading “Configuring Fail2Ban for Bind9”
To see from the computer where the iPhone is located:
Continue reading “How to find iPhone from a computer?”
On the test I will install ACME client Certbot in Ubuntu 16.04 (xenial), which will help to get Free SSL certificates Let’s Encrypt for 90 days and automatically update them.
Continue reading “Installing Certbot in Ubuntu”
For other versions of Ubuntu, the Certbot client is installed similarly.
On the test I will install Let’s Encrypt which allows you to install free SSL certificates for 90 days and automatically re-issue them.
Continue reading “Installing and Configuring Let’s Encrypt SSL”