Scratchpaper.txt - the intestinal tract of linux notes
From Free Knowledge Base- The DUCK Project: information for everyone
| scratchpaper.txt - the intestinal tract of linux notes | created June 1998 |
| /sbin/ifconfig | pico -w disables word wrap | |
| /sbin/ifup eth0 | su -l login as root | |
| *from telnet CTRL-H backspace, CTRL-D delete |
- /etc/sysconfig/network-scripts/ifcfg-eth0
- ONBOOT YES
- /usr/sbin/in.telnetd
- /var/log/*
- /etc/inetd.conf
- talcon=zygotech@itsnet.com
- /etc/passwd
- /etc/securetty
ftp.linpeople.org/pub/incoming
- diff ls -la .xdefaults
- .Xmodmap 22=backspace
/--> DontZap in section 'ServerFlags' in /etc/X11/XF86Config < \--> shift-control-alt-backspace /etc/skel
- Jun 7 12:37:43 host inetd[736]:getpwnam:root:No such user
telnet stream tcp nowait root /usr.sbin/tcpd in.telnetd
- modprobe /lib/modules/2.0.32/net/tulip.o
- /sbin/ifup eth0
| #!/bin/bash | ||
| PATH=/sbin/:/usr/sbin | ||
| route del -net 192.168.12.0 | ||
| /etc/sysconfig/network-scripts/dwifup | route add 192.168.12.0 gw 192.168.12.254 | |
| /sbin/ifup | ||
| route add default gw 192.168.12.254 eth0 | ||
| /proc/net/socket | ||
| /proc/net/dev | ||
| /etc/init.d/network | sysctl: ip forwarding off | |
192.168.12.128
network mask: 255.255.255.0
network address: 192.168.12.0
gateway: 192.168.12.254
route -v
- 3c59c.c 3com 905B
- 192.168.12.253
- net-tools-1.33-4.src.rpm
- netcfg-2.19-3.src.rpm
- netkit-base-0.10-5.src.rpm
- /lib/modules/2.0.32/net
- /etc/rc.d/rc2.d
warning: unknown PCI device (10b7:9055) please read include/linux/pci.h
/msdos 502 / hda1 78 LN /usr 1004 /usr hda5 1004 LN /home 1004 /home hda6 1004 LN /usr/local 1004 /usr/local hda7 1004 LN /sur/src 282 /msdos hda8 502 dos 16bit >=32 /tmp 133 /usr/src hda9 282 LN / 78 /tmp hda10 133 LN SWAP 125 SWAP hda11 125 swap
- /tmp/install.log
- 300hex 10irq cc000 8013
[root@bigdog /root]# cat /etc/sysconfig/network NETWORKING=yes FORWARD_IPV4=no HOSTNAME=bigdog.robotz.com GATEWAYDEV=eth0 GATEWAY=192.168.12.254
if [ "${GATEWAY}" != "" ]; then
if [ "${GATEWAYDEV}" = "" -o "${GATEWAYDEV}" = "${DEVICE}" ]; then
# set up default gateway
route add default gw ${GATEWAY} ${DEVICE}
DEFGW=${GATEWAY}
fi
fi
_______________________________________
| |
| this is really old and inacurate: |
| 1114mb 222x5 |
| |
| /usr 300 |
| /home 264 |
| /usr/local 300 |
| /usr/src 200 |
| /tmp 50 |
| / 80 |
| SWAP 32 |
| -------------------- |
|_______________________________________|
I am trapped in telnet: press CNTRL-] to get telnet> prompt
There are three: (port 113), time (port 37), and daytime (port 13).
NTP runs on port 123 using udp
- ipchains -A input -p udp -j ACCEPT -s 10.0.0.0/8 -d 0.0.0.0/0 123
- ipchains -A input -p udp -j ACCEPT -s some.trusted.host -d 0.0.0.0/0 123
- ipchains -A input -p udp -j DENY -s 0.0.0.0/0 -d 0.0.0.0/0 123
More on ipchains
First estable default policies
You may deny all or accept all depending on how paranoid you are.
:input ACCEPT :forward DENY :output ACCEPT ipchains -A input -s 0/0 -d 0/0 -i lo -j ACCEPT
This annoying tosser doesn't even get to see our web site***
ipchains -A input -p tcp -s x.x.x.x -d 0/0 80 -y -j REJECT
Below we block access to port 110 pop3 and ssh so we let a few friends in***
ipchains -A input -p tcp -s x.x.x.x -d 0/0 22 -y -j ACCEPT ipchains -A input -p tcp -s x.x.x.x -d 0/0 110 -y -j ACCEPT
Since we were not paranoid we should block ports not being used.
ipchains -A input -p tcp -s 0/0 -d 0/0 0:19 -y -j REJECT ipchains -A input -p tcp -s 0/0 -d 0/0 23:24 -y -j REJECT ipchains -A input -p tcp -s 0/0 -d 0/0 26:79 -y -j REJECT ipchains -A input -p tcp -s 0/0 -d 0/0 81:1023 -y -j REJECT
You may wish to block udp on all standard ports below 1024
ipchains -A input -p udp -s 0/0 -d 0/0 0:1023 -j REJECT
Do not reply to ICMP TIMESTAMP packets
ipchains -A output -j REJECT -i eth0 -p icmp -s x.x.x.x/yy -d 0/0 --icmp-type timestamp-request -l ipchains -A output -j REJECT -i eth0 -p icmp -s x.x.x.x/yy -d 0/0 --icmp-type timestamp-reply -l
