Get Kali Linux first.
https://www.kali.org/downloads/
Then lets DD to our thumbdrive. ( Replace iso image and sdb for your device )
dd if=kali-linux-1.0.8-amd64.iso of=/dev/sdb bs=1M
Or you can use those windows GUI such as Win32DiskImager for the job.
To enable persistence so your work is saved between reboots ( Linux image with gparted best )
Insert bootable disk.
Run gparted.
For the thumbdrive partition, you should see /dev/sdb1 and /dev/sdb2 with an unallocated area.
Right click unallocated area and make it as a ext4 file system with label: persistence.
Add and apply.
Run the following commands:
For unencrypted partition.
mkdir -p /mnt/my_usb
mount /dev/sdb3 /mnt/my_usb
echo "/ union" > /mnt/my_usb/persistence.conf
umount /dev/sdb3
For an encrypted partition
cryptsetup --verbose --verify-passphrase luksFormat /dev/sdb3
cryptsetup luksOpen /dev/sdb3 my_usb
mkfs.ext4 -L persistence /dev/mapper/my_usb
e2label /dev/mapper/my_usb persistence
mkdir -p /mnt/my_usb
mount /dev/mapper/my_usb /mnt/my_usb
echo "/ union" > /mnt/my_usb/persistence.conf
umount /dev/mapper/my_usb
cryptsetup luksClose /dev/mapper/my_usb
Copied from: https://forums.kali.org/showthread.php?22166-Making-a-Persistent-usb-flash-drive-with-kali-linux-1-08
Thursday, February 19, 2015
Sunday, February 08, 2015
Tun missing! Find them!
And so I had this problem when my TUN disappeared.
It all started when my OPENVPN suddenly did not want to work.
When i manually tried to openvpn the server.conf file. All i got was this.
Wed Feb 4 10:05:18 2015 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014
Wed Feb 4 10:05:18 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Feb 4 10:05:18 2015 Diffie-Hellman initialized with 1024 bit key
Wed Feb 4 10:05:18 2015 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Feb 4 10:05:18 2015 Socket Buffers: R=[133120->131072] S=[133120->131072]
Wed Feb 4 10:05:18 2015 ROUTE: default_gateway=UNDEF
Wed Feb 4 10:05:18 2015 Note: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
Wed Feb 4 10:05:18 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Feb 4 10:05:18 2015 /sbin/ifconfig 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
SIOCSIFADDR: No such device
: ERROR while getting interface flags: No such device
SIOCSIFDSTADDR: No such device
: ERROR while getting interface flags: No such device
SIOCSIFMTU: No such device
Wed Feb 4 10:05:18 2015 Linux ifconfig failed: external program exited with error status: 1
Wed Feb 4 10:05:18 2015 Exiting
As you can see, there was an error opening the TUN interface with error number 2.
I then checked with my VPS provider and apparently the fault was on their end.
They then make TUN appear.
To show that TUN was there:
root@xxx:/# cat /dev/net/tun
cat: /dev/net/tun: File descriptor in bad state
root@xxx:/#
However, running the openvpn server.conf now produces a different kind of error.
root@xxx:/etc/openvpn# openvpn server.conf
Thu Feb 5 15:33:14 2015 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014
Thu Feb 5 15:33:14 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Feb 5 15:33:14 2015 Diffie-Hellman initialized with 1024 bit key
Thu Feb 5 15:33:14 2015 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Feb 5 15:33:14 2015 Socket Buffers: R=[133120->131072] S=[133120->131072]
Thu Feb 5 15:33:14 2015 ROUTE: default_gateway=UNDEF
Thu Feb 5 15:33:14 2015 Note: Cannot open TUN/TAP dev /dev/net/tun: Operation not permitted (errno=1)
Thu Feb 5 15:33:14 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Feb 5 15:33:14 2015 /sbin/ifconfig 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
SIOCSIFADDR: No such device
: ERROR while getting interface flags: No such device
SIOCSIFDSTADDR: No such device
: ERROR while getting interface flags: No such device
SIOCSIFMTU: No such device
Thu Feb 5 15:33:14 2015 Linux ifconfig failed: external program exited with error status: 1
Thu Feb 5 15:33:14 2015 Exiting
root@xxx:/etc/openvpn#
It now shows that errno is 1.
I then ding dong with the VPS but they could not help me out as my SLA did not cover 3rd party.
Thus, i am left with the harsh choice of reinstalling my VPS.
However, after reinstalling, the problem exist.
Out of the blue, i just issue the ultimate command.
rm /dev/net/tun && reboot
SUDDENLY, all was fine....
So if next time you have such an error, just remove the god dam tun....
It all started when my OPENVPN suddenly did not want to work.
When i manually tried to openvpn the server.conf file. All i got was this.
Wed Feb 4 10:05:18 2015 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014
Wed Feb 4 10:05:18 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Feb 4 10:05:18 2015 Diffie-Hellman initialized with 1024 bit key
Wed Feb 4 10:05:18 2015 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Feb 4 10:05:18 2015 Socket Buffers: R=[133120->131072] S=[133120->131072]
Wed Feb 4 10:05:18 2015 ROUTE: default_gateway=UNDEF
Wed Feb 4 10:05:18 2015 Note: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
Wed Feb 4 10:05:18 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Feb 4 10:05:18 2015 /sbin/ifconfig 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
SIOCSIFADDR: No such device
: ERROR while getting interface flags: No such device
SIOCSIFDSTADDR: No such device
: ERROR while getting interface flags: No such device
SIOCSIFMTU: No such device
Wed Feb 4 10:05:18 2015 Linux ifconfig failed: external program exited with error status: 1
Wed Feb 4 10:05:18 2015 Exiting
As you can see, there was an error opening the TUN interface with error number 2.
I then checked with my VPS provider and apparently the fault was on their end.
They then make TUN appear.
To show that TUN was there:
root@xxx:/# cat /dev/net/tun
cat: /dev/net/tun: File descriptor in bad state
root@xxx:/#
However, running the openvpn server.conf now produces a different kind of error.
root@xxx:/etc/openvpn# openvpn server.conf
Thu Feb 5 15:33:14 2015 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014
Thu Feb 5 15:33:14 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Feb 5 15:33:14 2015 Diffie-Hellman initialized with 1024 bit key
Thu Feb 5 15:33:14 2015 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Thu Feb 5 15:33:14 2015 Socket Buffers: R=[133120->131072] S=[133120->131072]
Thu Feb 5 15:33:14 2015 ROUTE: default_gateway=UNDEF
Thu Feb 5 15:33:14 2015 Note: Cannot open TUN/TAP dev /dev/net/tun: Operation not permitted (errno=1)
Thu Feb 5 15:33:14 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Feb 5 15:33:14 2015 /sbin/ifconfig 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
SIOCSIFADDR: No such device
: ERROR while getting interface flags: No such device
SIOCSIFDSTADDR: No such device
: ERROR while getting interface flags: No such device
SIOCSIFMTU: No such device
Thu Feb 5 15:33:14 2015 Linux ifconfig failed: external program exited with error status: 1
Thu Feb 5 15:33:14 2015 Exiting
root@xxx:/etc/openvpn#
It now shows that errno is 1.
I then ding dong with the VPS but they could not help me out as my SLA did not cover 3rd party.
Thus, i am left with the harsh choice of reinstalling my VPS.
However, after reinstalling, the problem exist.
Out of the blue, i just issue the ultimate command.
rm /dev/net/tun && reboot
SUDDENLY, all was fine....
So if next time you have such an error, just remove the god dam tun....
Setting up the openvpn server ( again )
Lets install OpenVPN
apt-get install openvpn
Lets create the easy-rsa and copy some sample files over
cd /etc/openvpn
mkdir easy-rsa
cp -R /usr/share/doc/openvpn/examples/easy-rsa/2.0/* easy-rsa/
Lets clean the easy rsa folder first
cd easy-rsa
source ./vars
./clean-all
Lets build the CA
./build-ca
Lets build the server
./build-key-server server
Lets build the DH parameters
./build-dh
For each client
./build-key clientname
Lets make sure that ipv4_forward and iptables can jump here and there.
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -j SNAT --to-source
Lets save the IPtables
iptables-save > /etc/iptables.up.rules
Lets create the openvpn server config
nano /etc/openvpn/server.conf
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt # generated keys
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key # keep secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 10.9.8.0 255.255.255.0 # internal tun0 connection IP
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo # Compression - must be turned on at both end
persist-key
persist-tun
status log/openvpn-status.log
verb 3 # verbose mode
client-to-client
cd /etc/openvpn
mkdir -p log/
touch log/openvpn-status.log
#This is needed if you want to route all traffic through the VPN
push "redirect-gateway def1 bypass-dhcp"
#Push down DNS just in case
push "dhcp-option DNS 8.8.8.8"
apt-get install openvpn
Lets create the easy-rsa and copy some sample files over
cd /etc/openvpn
mkdir easy-rsa
cp -R /usr/share/doc/openvpn/examples/easy-rsa/2.0/* easy-rsa/
Lets clean the easy rsa folder first
cd easy-rsa
source ./vars
./clean-all
Lets build the CA
./build-ca
Lets build the server
./build-key-server server
Lets build the DH parameters
./build-dh
For each client
./build-key clientname
Lets make sure that ipv4_forward and iptables can jump here and there.
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -j SNAT --to-source
Lets save the IPtables
iptables-save > /etc/iptables.up.rules
Lets create the openvpn server config
nano /etc/openvpn/server.conf
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/keys/ca.crt # generated keys
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key # keep secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 10.9.8.0 255.255.255.0 # internal tun0 connection IP
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo # Compression - must be turned on at both end
persist-key
persist-tun
status log/openvpn-status.log
verb 3 # verbose mode
client-to-client
cd /etc/openvpn
mkdir -p log/
touch log/openvpn-status.log
#This is needed if you want to route all traffic through the VPN
push "redirect-gateway def1 bypass-dhcp"
#Push down DNS just in case
push "dhcp-option DNS 8.8.8.8"
Restart the openvpn service and it should be up and running!
For the client config:
client
dev tun
port 1194
proto udp
remote VPNSERVER_IP 1194 # VPN server IP : PORT
nobind
ca ca.crt
cert clientname.crt
key clientname.key
comp-lzo
persist-key
persist-tun
verb 3
Copied from : https://wiki.debian.org/OpenVPN
Saturday, February 07, 2015
Email alert when SSH logged in!
cd /home/username/
nano .bashrc
Add this line last
echo 'ALERT - Root Shell Access (ServerName) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" your@yourdomain.com
EG:
ALERT - Root Shell Access (Database Replica) on: Thu Nov 28 16:59:40 IST 2013 tecmint pts/0 2013-11-28 16:59 (172.16.25.125)
Copied from: http://www.tecmint.com/get-root-ssh-login-email-alerts-in-linux/
nano .bashrc
Add this line last
echo 'ALERT - Root Shell Access (ServerName) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" your@yourdomain.com
EG:
ALERT - Root Shell Access (Database Replica) on: Thu Nov 28 16:59:40 IST 2013 tecmint pts/0 2013-11-28 16:59 (172.16.25.125)
Copied from: http://www.tecmint.com/get-root-ssh-login-email-alerts-in-linux/
Subscribe to:
Posts (Atom)