1) Upgrade kernel higher than 5.15.76 because TigerLake drivers added to the kernel after that.
2) With non-free drivers of nvidia
2-a) if kernel is 6.x family add ibt=off to the kernel parameters within grub config and run update-grub
2-b) if hybrid mode runs with nvidia-prime then intel becomes primary monitor. So you cannot reach the HDMI output. To fix this you must set prime mode to nvidia.
This project helps this on Manjaro:
--> envycontrol
Here is to step by step how to create an ssh tunnel and bind browser on it:
1) Create a tunnel by using SSH Dynamic Port Forwarding
Assume that our remote ssh server's IP is 166.167.168.169 and the remote port is 2525 (default is 22)
Also i am using private-public key pair to communicate with my server.
We must run
ssh -q -C -N -D 9001 user@166.167.168.169 -p 2525&
-q: quiet
-C: compress
-D: Dynamic port (this will set our connection as socks proxy)
-N: tells ssh not to try reading a command from standard input which, being connected to /dev/null, would return EOF and thereby terminate the tunnel immediately.
& : means send process to background and bind the process to init (not ssh spesific)
Note: You must put this shell piece into a bash file and autostart with your desktop if you want to stay connected all the time
Now we have a socks proxy running on our local machine.
2) Now it is time to configure your browser:
You can connect to local socks server by adding a socks proxy in your browser's proxy configuration but i dont prefer that always. So I prefer to use that plugin to connect my server whenever I want.
Here is the link of plugin ->https://chromewebstore.google.com/detail/proxy-switcher/iejkjpdckomcjdhmkemlfdapjodcpgih
Now configure it as below and voila!
List boots
journalctl --list-boots
Logs of a previous boot
journalctl -b -1
-b -1 means boot logs of -1 index of boot list
Errors since boot
sudo journalctl -p 3 -xb-p 3 means priority err
-x provides extra message information
-b means since last boot
priorities
- 0: emerg
- 1: alert
- 2: crit
- 3: err
- 4: warning
- 5: notice
- 6: info
- 7: debug
Logs of spesific daemon from a previous time
- journalctl -u nginx.service -u php-fpm.service --since today
e.g.:
--since 09:00 --until "1 hour ago"
Display Kernel Logs
- journalctl -k
No Pager
- journalctl --no-pager
Tail Like
-n and -f works just like in tail
- journalctl -k
- journalctl --no-pager
Optimize
Get disk usage
- journalctl --disk-usage
Compress
- sudo journalctl --vacuum-size=1G
- sudo journalctl --vacuum-time=1years
Configure
- sudo mkdir -p /var/log/journal # if you planning to make it persistent to see previous bot logs
- sudo nano /etc/systemd/journald.conf
[Journal]
#Storage=auto # make persistent if you want to keep logs
#Compress=yes
#Seal=yes
#SplitMode=uid
#SyncIntervalSec=5m
#RateLimitIntervalSec=30s
#RateLimitBurst=10000
SystemMaxUse=100M # max size of logs
#SystemKeepFree=
#SystemMaxFileSize=
#SystemMaxFiles=100
#RuntimeMaxUse=
#RuntimeKeepFree=
#RuntimeMaxFileSize=
#RuntimeMaxFiles=100
#MaxRetentionSec=
#MaxFileSec=1month
#ForwardToSyslog=no
#ForwardToKMsg=no
#ForwardToConsole=no
#ForwardToWall=yes
#TTYPath=/dev/console
#MaxLevelStore=debug
#MaxLevelSyslog=debug
#MaxLevelKMsg=notice
#MaxLevelConsole=info
#MaxLevelWall=emerg
#LineMax=48K
#ReadKMsg=yes
#Audit=yes
#Storage=auto # make persistent if you want to keep logs
#Compress=yes
#Seal=yes
#SplitMode=uid
#SyncIntervalSec=5m
#RateLimitIntervalSec=30s
#RateLimitBurst=10000
SystemMaxUse=100M # max size of logs
#SystemKeepFree=
#SystemMaxFileSize=
#SystemMaxFiles=100
#RuntimeMaxUse=
#RuntimeKeepFree=
#RuntimeMaxFileSize=
#RuntimeMaxFiles=100
#MaxRetentionSec=
#MaxFileSec=1month
#ForwardToSyslog=no
#ForwardToKMsg=no
#ForwardToConsole=no
#ForwardToWall=yes
#TTYPath=/dev/console
#MaxLevelStore=debug
#MaxLevelSyslog=debug
#MaxLevelKMsg=notice
#MaxLevelConsole=info
#MaxLevelWall=emerg
#LineMax=48K
#ReadKMsg=yes
#Audit=yes
1) Be sure you are a member of the lp group . İf not :
sudo gpasswd -a YOUR_USER lp
then relogin or reboot
2) Then install capt-src from aur
i used yay for it. An be sure cups installed as a dependency of capt-src
yay -S capt-src
sudo pacman -S cups
3) Enable and check cups
systemctl start org.cups.cupsd.service
systemctl status org.cups.cupsd.service
# At this point you must see "active" status without errors as an output.
# If you see some errors that means that you are missing something
# After everything goes well enable the service permenantly
systemctl enable org.cups.cupsd.service
4) Check where is your printer rested. In py pc it is on lp1
ls /dev/usb/lp*
5) Enable and check capt
sudo /usr/sbin/lpadmin -p LBP2900 -m CNCUPSLBP2900CAPTK.ppd -v ccp://localhost:59687 -E
sudo /usr/sbin/ccpdadmin -p LBP2900 -o /dev/usb/lp1 # lp1 is our printers port that we checked before
sudo systemctl start ccpd.service
sudo systemctl status ccpd.service # Status must be active without any errors
sudo systemctl enable ccpd.service
6) If everything goes well you must see "Redy to print!" mesage after below lines
captstatusui -P LBP2900
Note: Restarting or relogin is important after you add yourself to the lp group
Yeni bir systemd servisi oluşturuyoruz:
sudo nano /etc/systemd/system/SERVIS_ADI.service
İçeriği:
[Unit]
Description=BASIT_ACIKLAMA
[Service]
ExecStart=KOSACAK_UYGULAMA
[Install]
WantedBy=multi-user.target
5 basit parametre ile kontrol edebiliyoruz:
# yeni bir dosya olusturdugunuzda veya degistirdiginizde calistrimeniz gerekir.
sudo systemctl daemon-reload SERVIS_ADI.service
# Bilgisayar açılışında otomatik başlatır
sudo systemctl enable SERVIS_ADI.service
# Servisi başlatır
sudo systemctl start SERVIS_ADI.service
# Servisi durdurur
sudo systemctl stop SERVIS_ADI.service
# Bilgisayar açılışında otomatik başlatmasını durdurur
sudo systemctl disable SERVIS_ADI.service
ubuntu 16.04 üzerinde bazı ssh ataklarını görmüyor.
Çözümü:
USERDEF_FAILED_ENTRY_REGEX=.*sshd.* Connection closed by (?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) port \d{1,5} \[preauth\]
Örnek Yapılandrma:
########################################################################
#
# SECURE_LOG: the log file that contains sshd logging info
# if you are not sure, grep "sshd:" /var/log/*
#
# The file to process can be overridden with the --file command line
# argument
#
# Redhat or Fedora Core:
#SECURE_LOG = /var/log/secure
#
# Mandrake, FreeBSD or OpenBSD:
#SECURE_LOG = /var/log/auth.log
#
# SuSE or Gentoo:
#SECURE_LOG = /var/log/messages
#
# Mac OS X (v10.4 or greater -
# also refer to: http://www.denyhost.net/faq.html#macos
#SECURE_LOG = /private/var/log/asl.log
#
# Mac OS X (v10.3 or earlier):
#SECURE_LOG=/private/var/log/system.log
#
# Debian and Ubuntu
SECURE_LOG = /var/log/auth.log
########################################################################
########################################################################
#
# HOSTS_DENY: the file which contains restricted host access information
#
# Most operating systems:
HOSTS_DENY = /etc/hosts.deny
#
# Some BSD (FreeBSD) Unixes:
#HOSTS_DENY = /etc/hosts.allow
#
# Another possibility (also see the next option):
#HOSTS_DENY = /etc/hosts.evil
#######################################################################
########################################################################
#
# PURGE_DENY: removed HOSTS_DENY entries that are older than this time
# when DenyHosts is invoked with the --purge flag
#
# format is: i[dhwmy]
# Where 'i' is an integer (eg. 7)
# 'm' = minutes
# 'h' = hours
# 'd' = days
# 'w' = weeks
# 'y' = years
#
# never purge:
PURGE_DENY =
#
# purge entries older than 1 week
#PURGE_DENY = 1w
#
# purge entries older than 5 days
#PURGE_DENY = 5d
#######################################################################
#######################################################################
#
# PURGE_THRESHOLD: defines the maximum times a host will be purged.
# Once this value has been exceeded then this host will not be purged.
# Setting this parameter to 0 (the default) disables this feature.
#
# default: a denied host can be purged/re-added indefinitely
#PURGE_THRESHOLD = 0
#
# a denied host will be purged at most 2 times.
PURGE_THRESHOLD = 2
#
#######################################################################
#######################################################################
#
# BLOCK_SERVICE: the service name that should be blocked in HOSTS_DENY
#
# man 5 hosts_access for details
#
# eg. sshd: 127.0.0.1 # will block sshd logins from 127.0.0.1
#
# To block all services for the offending host:
BLOCK_SERVICE = ALL
# To block only sshd:
#BLOCK_SERVICE = sshd
# To only record the offending host and nothing else (if using
# an auxilary file to list the hosts). Refer to:
# http://denyhost.sourceforge.net/faq.html#aux
#BLOCK_SERVICE =
#
#######################################################################
#######################################################################
#
# DENY_THRESHOLD_INVALID: block each host after the number of failed login
# attempts has exceeded this value. This value applies to invalid
# user login attempts (eg. non-existent user accounts)
#
DENY_THRESHOLD_INVALID = 5
#
#######################################################################
#######################################################################
#
# DENY_THRESHOLD_VALID: block each host after the number of failed
# login attempts has exceeded this value. This value applies to valid
# user login attempts (eg. user accounts that exist in /etc/passwd) except
# for the "root" user
#
DENY_THRESHOLD_VALID = 10
#
#######################################################################
#######################################################################
#
# DENY_THRESHOLD_ROOT: block each host after the number of failed
# login attempts has exceeded this value. This value applies to
# "root" user login attempts only.
#
DENY_THRESHOLD_ROOT = 5
#
#######################################################################
#######################################################################
#
# DENY_THRESHOLD_RESTRICTED: block each host after the number of failed
# login attempts has exceeded this value. This value applies to
# usernames that appear in the WORK_DIR/restricted-usernames file only.
#
DENY_THRESHOLD_RESTRICTED = 1
#
#######################################################################
#######################################################################
#
# WORK_DIR: the path that DenyHosts will use for writing data to
# (it will be created if it does not already exist).
#
# Note: it is recommended that you use an absolute pathname
# for this value (eg. /home/foo/denyhost/data)
#
WORK_DIR = /var/lib/denyhosts
#
#######################################################################
#######################################################################
#
# ETC_DIR: the path that DenyHosts will use for reading data when
# we need configuration information.
#
# Note: it is recommended that you use an absolute pathname
# for this value (eg. /etc or /usr/local/etc)
#
ETC_DIR = /etc
#
#######################################################################
#######################################################################
#
# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS
#
# SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES|NO
# If set to YES, if a suspicious login attempt results from an allowed-host
# then it is considered suspicious. If this is NO, then suspicious logins
# from allowed-hosts will not be reported. All suspicious logins from
# ip addresses that are not in allowed-hosts will always be reported.
#
SUSPICIOUS_LOGIN_REPORT_ALLOWED_HOSTS=YES
######################################################################
######################################################################
#
# HOSTNAME_LOOKUP
#
# HOSTNAME_LOOKUP=YES|NO
# If set to YES, for each IP address that is reported by Denyhosts,
# the corresponding hostname will be looked up and reported as well
# (if available).
#
HOSTNAME_LOOKUP=NO
#
######################################################################
######################################################################
#
# LOCK_FILE
#
# LOCK_FILE=/path/denyhosts
# If this file exists when DenyHosts is run, then DenyHosts will exit
# immediately. Otherwise, this file will be created upon invocation
# and deleted upon exit. This ensures that only one instance is
# running at a time.
#
# Redhat/Fedora:
#LOCK_FILE = /var/lock/subsys/denyhosts
#
# Debian or Gentoo
LOCK_FILE = /run/denyhosts.pid
#
# Misc
#LOCK_FILE = /tmp/denyhosts.lock
#
######################################################################
############ THESE SETTINGS ARE OPTIONAL ############
#######################################################################
#
# IPTABLES: if you would like DenyHost to block incoming connections
# using the Linux firewall IPTABLES, then set the following variable
# to the path of the iptables executable. Typically this is
# /sbin/iptables
# If this option is not set or commented out then the iptables
# firewall is not used.
IPTABLES = /sbin/iptables
#
# Warning: If you are running IPTABLES, please make sure to comment
# out the PFCTL_PATH and the PF_TABLE variables below. PF and
# IPTABLES should not be running together on the same operating system.
#
# By default DenyHost will ask IPTables to block incoming connections
# from an aggressive host on ALL ports. While this is usually a good
# idea, it may prevent some botted machines from being able to access
# services their legitmate users want, like a web server. To only
# block specific ports, enable the following option.
# BLOCKPORT = 22
#
#######################################################################
#######################################################################
#
# On FreeBSD/OpenBSD/TrueOS/PC-BSD/NetBSD we may want to block incoming
# traffic using the PF firewall instead of the hosts.deny file
# (aka tcp_wrapper).
# The admin can set up a PF table that is persistent
# and DenyHost can add new addresses to be blocked to that table.
# The TrueOS operating system enables this by default, blocking
# all addresses in the "blacklist" table.
#
# To have DenyHost update the blocking PF table in real time, uncomment
# these next two options. Make sure the table name specificed
# is one created in the pf.conf file of your operating system.
# The PFCTL_PATH variable must point to the pfctl extectuable on your OS.
# PFCTL_PATH = /sbin/pfctl
# PF_TABLE = blacklist
# Note, a good rule to have in your pf.conf file to enable the
# blacklist table is:
#
# table <blacklist> persist file "/etc/blacklist"
# block in quick from <blacklist> to any
#
# Warning: If you are using PF, please make sure to disable the
# IPTABLES rule above as these two packet filters should not be
# run together on the same operating system.
# Note: Even if you decide to run DenyHost with PF filtering
# only and no hosts.deny support, please still create an empty
# file called /etc/hosts.deny for backward compatibility.
# Also, please make sure PF is enabled prior to launching
# DenyHosts. To do this run "pfctl -e".
#######################################################################
#######################################################################
#
# ADMIN_EMAIL: if you would like to receive emails regarding newly
# restricted hosts and suspicious logins, set this address to
# match your email address. If you do not want to receive these reports
# leave this field blank (or run with the --noemail option)
#
# Multiple email addresses can be delimited by a comma, eg:
# ADMIN_EMAIL = foo@bar.com, bar@foo.com, etc@foobar.com
#
#ADMIN_EMAIL = root@localhost
ADMIN_EMAIL =
#
#######################################################################
#######################################################################
#
# SMTP_HOST and SMTP_PORT: if DenyHosts is configured to email
# reports (see ADMIN_EMAIL) then these settings specify the
# email server address (SMTP_HOST) and the server port (SMTP_PORT)
#
#
SMTP_HOST = localhost
SMTP_PORT = 25
#
#######################################################################
#######################################################################
#
# SMTP_USERNAME and SMTP_PASSWORD: set these parameters if your
# smtp email server requires authentication
#
#SMTP_USERNAME=foo
#SMTP_PASSWORD=bar
#
######################################################################
#######################################################################
#
# SMTP_FROM: you can specify the "From:" address in messages sent
# from DenyHosts when it reports thwarted abuse attempts
#
SMTP_FROM = DenyHosts <nobody@localhost>
#
#######################################################################
#######################################################################
#
# SMTP_SUBJECT: you can specify the "Subject:" of messages sent
# by DenyHosts when it reports thwarted abuse attempts
SMTP_SUBJECT = DenyHosts Report
#
######################################################################
######################################################################
#
# SMTP_DATE_FORMAT: specifies the format used for the "Date:" header
# when sending email messages.
#
# for possible values for this parameter refer to: man strftime
#
# the default:
#
#SMTP_DATE_FORMAT = %a, %d %b %Y %H:%M:%S %z
#
######################################################################
######################################################################
#
# SYSLOG_REPORT
#
# SYSLOG_REPORT=YES|NO
# If set to yes, when denied hosts are recorded the report data
# will be sent to syslog (syslog must be present on your system).
# The default is: NO
#
#SYSLOG_REPORT=NO
#
SYSLOG_REPORT=YES
#
######################################################################
######################################################################
#
# ALLOWED_HOSTS_HOSTNAME_LOOKUP
#
# ALLOWED_HOSTS_HOSTNAME_LOOKUP=YES|NO
# If set to YES, for each entry in the WORK_DIR/allowed-hosts file,
# the hostname will be looked up. If your versions of tcp_wrappers
# and sshd sometimes log hostnames in addition to ip addresses
# then you may wish to specify this option.
#
ALLOWED_HOSTS_HOSTNAME_LOOKUP=NO
#
######################################################################
######################################################################
#
# AGE_RESET_VALID: Specifies the period of time between failed login
# attempts that, when exceeded will result in the failed count for
# this host to be reset to 0. This value applies to login attempts
# to all valid users (those within /etc/passwd) with the
# exception of root. If not defined, this count will never
# be reset.
#
# See the comments in the PURGE_DENY section (above)
# for details on specifying this value or for complete details
# refer to: http://denyhost.sourceforge.net/faq.html#timespec
#
AGE_RESET_VALID=5d
#
######################################################################
######################################################################
#
# AGE_RESET_ROOT: Specifies the period of time between failed login
# attempts that, when exceeded will result in the failed count for
# this host to be reset to 0. This value applies to all login
# attempts to the "root" user account. If not defined,
# this count will never be reset.
#
# See the comments in the PURGE_DENY section (above)
# for details on specifying this value or for complete details
# refer to: http://denyhost.sourceforge.net/faq.html#timespec
#
AGE_RESET_ROOT=25d
#
######################################################################
######################################################################
#
# AGE_RESET_RESTRICTED: Specifies the period of time between failed login
# attempts that, when exceeded will result in the failed count for
# this host to be reset to 0. This value applies to all login
# attempts to entries found in the WORK_DIR/restricted-usernames file.
# If not defined, the count will never be reset.
#
# See the comments in the PURGE_DENY section (above)
# for details on specifying this value or for complete details
# refer to: http://denyhost.sourceforge.net/faq.html#timespec
#
AGE_RESET_RESTRICTED=25d
#
######################################################################
######################################################################
#
# AGE_RESET_INVALID: Specifies the period of time between failed login
# attempts that, when exceeded will result in the failed count for
# this host to be reset to 0. This value applies to login attempts
# made to any invalid username (those that do not appear
# in /etc/passwd). If not defined, count will never be reset.
#
# See the comments in the PURGE_DENY section (above)
# for details on specifying this value or for complete details
# refer to: http://denyhost.sourceforge.net/faq.html#timespec
#
AGE_RESET_INVALID=10d
#
######################################################################
######################################################################
#
# RESET_ON_SUCCESS: If this parameter is set to "yes" then the
# failed count for the respective ip address will be reset to 0
# if the login is successful.
#
# The default is RESET_ON_SUCCESS = no
#
#RESET_ON_SUCCESS = yes
#
#####################################################################
######################################################################
#
# PLUGIN_DENY: If set, this value should point to an executable
# program that will be invoked when a host is added to the
# HOSTS_DENY file. This executable will be passed the host
# that will be added as its only argument.
#
#PLUGIN_DENY=/usr/bin/true
#
######################################################################
######################################################################
#
# PLUGIN_PURGE: If set, this value should point to an executable
# program that will be invoked when a host is removed from the
# HOSTS_DENY file. This executable will be passed the host
# that is to be purged as its only argument.
#
#PLUGIN_PURGE=/usr/bin/true
#
######################################################################
######################################################################
#
# USERDEF_FAILED_ENTRY_REGEX: if set, this value should contain
# a regular expression that can be used to identify additional
# hackers for your particular ssh configuration. This functionality
# extends the built-in regular expressions that DenyHosts uses.
# This parameter can be specified multiple times.
# See this faq entry for more details:
# http://denyhost.sf.net/faq.html#userdef_regex
#
USERDEF_FAILED_ENTRY_REGEX=.*sshd.* Connection closed by (?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) port \d{1,5} \[preauth\]
#
#
######################################################################
######### THESE SETTINGS ARE SPECIFIC TO DAEMON MODE ##########
#######################################################################
#
# DAEMON_LOG: when DenyHosts is run in daemon mode (--daemon flag)
# this is the logfile that DenyHosts uses to report its status.
# To disable logging, leave blank. (default is: /var/log/denyhosts)
#
DAEMON_LOG = /var/log/denyhosts
#
# disable logging:
#DAEMON_LOG =
#
######################################################################
#######################################################################
#
# DAEMON_LOG_TIME_FORMAT: when DenyHosts is run in daemon mode
# (--daemon flag) this specifies the timestamp format of
# the DAEMON_LOG messages (default is the ISO8061 format:
# ie. 2005-07-22 10:38:01,745)
#
# for possible values for this parameter refer to: man strftime
#
# Jan 1 13:05:59
#DAEMON_LOG_TIME_FORMAT = %b %d %H:%M:%S
#
# Jan 1 01:05:59
#DAEMON_LOG_TIME_FORMAT = %b %d %I:%M:%S
#
######################################################################
#######################################################################
#
# DAEMON_LOG_MESSAGE_FORMAT: when DenyHosts is run in daemon mode
# (--daemon flag) this specifies the message format of each logged
# entry. By default the following format is used:
#
# %(asctime)s - %(name)-12s: %(levelname)-8s %(message)s
#
# Where the "%(asctime)s" portion is expanded to the format
# defined by DAEMON_LOG_TIME_FORMAT
#
# This string is passed to python's logging.Formatter contstuctor.
# For details on the possible format types please refer to:
# http://docs.python.org/lib/node357.html
#
# This is the default:
#DAEMON_LOG_MESSAGE_FORMAT = %(asctime)s - %(name)-12s: %(levelname)-8s %(message)s
#
#
######################################################################
#######################################################################
#
# DAEMON_SLEEP: when DenyHosts is run in daemon mode (--daemon flag)
# this is the amount of time DenyHosts will sleep between polling
# the SECURE_LOG. See the comments in the PURGE_DENY section (above)
# for details on specifying this value or for complete details
# refer to: http://denyhost.sourceforge.net/faq.html#timespec
#
#
DAEMON_SLEEP = 30s
#
#######################################################################
#######################################################################
#
# DAEMON_PURGE: How often should DenyHosts, when run in daemon mode,
# run the purge mechanism to expire old entries in HOSTS_DENY
# This has no effect if PURGE_DENY is blank.
#
DAEMON_PURGE = 1d
#
#######################################################################
######### THESE SETTINGS ARE SPECIFIC TO ##########
######### DAEMON SYNCHRONIZATION ##########
#######################################################################
#
# Synchronization mode allows the DenyHosts daemon the ability
# to periodically send and receive denied host data such that
# DenyHosts daemons worldwide can automatically inform one
# another regarding banned hosts. This mode is disabled by
# default, you must uncomment SYNC_SERVER to enable this mode.
#
# for more information, please refer to:
# http:/denyhost.sourceforge.net/faq.html
#
#######################################################################
#######################################################################
#
# SYNC_SERVER: The central server that communicates with DenyHost
# daemons.
#
# To disable synchronization (the default), do nothing.
#
# To enable synchronization, you must uncomment the following line:
#SYNC_SERVER = http://xmlrpc.denyhosts.net:9911
#
#######################################################################
#######################################################################
#
# SYNC_PROXY_SERVER: HTTP proxy to use when connecting to the
# SYNC-SERVER
#
# To disable using a proxy (the default), do nothing.
#
# To enable an HTTP proxy, you must uncomment and edit the following line:
#SYNC_PROXY_SERVER = http://my.web.proxy:3128
#
#######################################################################
#######################################################################
#
# SYNC_INTERVAL: the interval of time to perform synchronizations if
# SYNC_SERVER has been uncommented. The default is 1 hour.
#
#SYNC_INTERVAL = 1h
#
#######################################################################
#######################################################################
#
# SYNC_UPLOAD: allow your DenyHosts daemon to transmit hosts that have
# been denied? This option only applies if SYNC_SERVER has
# been uncommented.
# The default is SYNC_UPLOAD = yes
#
SYNC_UPLOAD = no
#SYNC_UPLOAD = yes
#
#######################################################################
#######################################################################
#
# SYNC_DOWNLOAD: allow your DenyHosts daemon to receive hosts that have
# been denied by others? This option only applies if SYNC_SERVER has
# been uncommented.
# The default is SYNC_DOWNLOAD = yes
#
SYNC_DOWNLOAD = no
#SYNC_DOWNLOAD = yes
#
#
#
#######################################################################
#######################################################################
#
# SYNC_DOWNLOAD_THRESHOLD: If SYNC_DOWNLOAD is enabled this parameter
# filters the returned hosts to those that have been blocked this many
# times by others. That is, if set to 1, then if a single DenyHosts
# server has denied an ip address then you will receive the denied host.
#
# See also SYNC_DOWNLOAD_RESILIENCY
#
#SYNC_DOWNLOAD_THRESHOLD = 10
#
# The default is SYNC_DOWNLOAD_THRESHOLD = 3
#
#SYNC_DOWNLOAD_THRESHOLD = 3
#
#######################################################################
#######################################################################
#
# SYNC_DOWNLOAD_RESILIENCY: If SYNC_DOWNLOAD is enabled then the
# value specified for this option limits the downloaded data
# to this resiliency period or greater.
#
# Resiliency is defined as the timespan between a hackers first known
# attack and its most recent attack. Example:
#
# If the centralized denyhosts.net server records an attack at 2 PM
# and then again at 5 PM, specifying a SYNC_DOWNLOAD_RESILIENCY = 4h
# will not download this ip address.
#
# However, if the attacker is recorded again at 6:15 PM then the
# ip address will be downloaded by your DenyHosts instance.
#
# This value is used in conjunction with the SYNC_DOWNLOAD_THRESHOLD
# and only hosts that satisfy both values will be downloaded.
# This value has no effect if SYNC_DOWNLOAD_THRESHOLD = 1
#
# The default is SYNC_DOWNLOAD_RESILIENCY = 5h (5 hours)
#
# Only obtain hackers that have been at it for 2 days or more:
#SYNC_DOWNLOAD_RESILIENCY = 2d
#
# Only obtain hackers that have been at it for 5 hours or more:
#SYNC_DOWNLOAD_RESILIENCY = 5h
#
#######################################################################
Network Scan
sudo arp-scan -l #Scans the local network
fping -g 192.168.1.0/24 #Scans for who is alive
nmap -sn 192.168.0.0/24 #Scans for who is alive
netdiscover -p #Scans network on passive mode dont send any package, only sniff
wavemon #Scans the wifi networks around
# aktif olan çözünürlük
v4l2-ctl -V
# Seçili format
v4l2-ctl --list-formats
# Tümü
v4l2-ctl --list-formats-ext
########################################
lsusb
# >> Bus 001 Device 032: ID 046d:089d Logitech, Inc. QuickCam E2500 series
lsusb -s 001:032 -v | egrep "Width|Height"
#>> wWidth 640
#>> wHeight 480
#>> wWidth 1280
#>> wHeight 1024
rar a -R -m5 -v10m myarchive.rar compress_directory
a= add
r= recursive
m= compression ratio (1-5)
This driver :
1) Creates a character device called kbdozgur
2) Handles an interrupt(keyboard) , buffers it
- send buffered data when kbdozgur opened for read
- prints into dmesg when you put a message in kbdozgur
#include <linux/init.h> // Macros used to mark up functions e.g. __init __exit
#include <linux/module.h> // Core header for loading LKMs into the kernel
#include <linux/device.h> // Header to support the kernel Driver Model
#include <linux/kernel.h> // Contains types, macros, functions for the kernel
#include <linux/fs.h> // Header for the Linux file system support
#include <asm/uaccess.h> // Required for the copy to user function
#include <linux/interrupt.h>
#include <asm/io.h>
#define DEVICE_NAME "kbdozgur" ///< The device will appear at /dev/kbdozgur using this value
#define CLASS_NAME "kbdozgur" ///< The device class -- this is a character device driver
MODULE_AUTHOR("Mehmet Ozgur Bayhan");
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Kill all the white men!");
MODULE_VERSION("0.2");
#define BUFFER_SIZE 200
static unsigned char messageFromInterrupt[BUFFER_SIZE]; //buffer that holds interrupt values
static short bufferCounter = 0; //buffer counter for loop
static int majorNumber; ///< Stores the device number -- determined automatically
static char messageFromUser[BUFFER_SIZE] = { 0 }; ///< Memory for the string that is passed from userspace
//static short size_of_message; ///< Used to remember the size of the string stored
static int numberOpens = 0; ///< Counts the number of times the device is opened
static struct class* kbdozgurcharClass = NULL; ///< The device-driver class struct pointer
static struct device* kbdozgurcharDevice = NULL; ///< The device-driver device struct pointer
// The prototype functions for the character driver -- must come before the struct definition
static int dev_open(struct inode *, struct file *);
static int dev_release(struct inode *, struct file *);
static ssize_t dev_read(struct file *, char *, size_t, loff_t *);
static ssize_t dev_write(struct file *, const char *, size_t, loff_t *);
static struct file_operations fops = { .open = dev_open, .read = dev_read, .write = dev_write, .release = dev_release, };
irq_handler_t irq_handler(int irq, void *dev_id, struct pt_regs *regs) {
static unsigned char scancode;
//Read keyboard status
scancode = inb(0x60);
if (scancode == 0x01) {
printk(KERN_INFO "MOB: Inputs are > %s\n", messageFromInterrupt);
bufferCounter = 0;
memset(&messageFromInterrupt[0], 0, sizeof(messageFromInterrupt));
}
else if (scancode == 0x1E) {
messageFromInterrupt[bufferCounter] = 'a';
bufferCounter++;
}
else if (scancode == 0x1F) {
messageFromInterrupt[bufferCounter] = 's';
bufferCounter++;
}
else if (scancode == 0x20) {
messageFromInterrupt[bufferCounter] = 'd';
bufferCounter++;
}
else if (scancode == 0x21) {
messageFromInterrupt[bufferCounter] = 'f';
bufferCounter++;
}
else if (scancode == 0x22) {
messageFromInterrupt[bufferCounter] = 'g';
bufferCounter++;
}
else if (scancode == 0x23) {
messageFromInterrupt[bufferCounter] = 'h';
bufferCounter++;
}
else if (scancode == 0x24) {
messageFromInterrupt[bufferCounter] = 'j';
bufferCounter++;
}
if (bufferCounter >= BUFFER_SIZE) {
bufferCounter = 0;
memset(&messageFromInterrupt[0], 0, sizeof(messageFromInterrupt));
}
return (irq_handler_t) IRQ_HANDLED;
}
static int init_mod(void) {
int result;
/*
*****************************
* Create Character device
*****************************
*/
// Try to dynamically allocate a major number for the device
majorNumber = register_chrdev(0, DEVICE_NAME, &fops);
if (majorNumber < 0) {
printk(KERN_ALERT "MOB: kbdozgurcharClass failed to register a major number\n");
return majorNumber;
}
printk(KERN_INFO "MOB: registered correctly with major number %d\n", majorNumber);
// Register the device class
kbdozgurcharClass = class_create(THIS_MODULE, CLASS_NAME);
if (IS_ERR(kbdozgurcharClass)) { // Check for error and clean up if there is
unregister_chrdev(majorNumber, DEVICE_NAME);
printk(KERN_ALERT "MOB: Failed to register device class\n");
return PTR_ERR(kbdozgurcharClass); // Correct way to return an error on a pointer
}
printk(KERN_INFO "MOB: device class registered correctly\n");
// Register the device driver
kbdozgurcharDevice = device_create(kbdozgurcharClass, NULL, MKDEV(majorNumber, 0), NULL, DEVICE_NAME);
if (IS_ERR(kbdozgurcharDevice)) { // Clean up if there is an error
class_destroy(kbdozgurcharClass); // Repeated code but the alternative is goto statements
unregister_chrdev(majorNumber, DEVICE_NAME);
printk(KERN_ALERT "MOB: Failed to create the device\n");
return PTR_ERR(kbdozgurcharDevice);
}
printk(KERN_INFO "MOB: device class created correctly\n"); // Made it! device was initialized
/*
*****************************
* Bind interrupt
*****************************
*/
// Request IRQ 1, the keyboard IRQ, to go to our irq_handler SA_SHIRQ means we're willing to have othe handlers on this IRQ. SA_INTERRUPT can be used to make the handler into a fast interrupt.
result = request_irq(1, (irq_handler_t) irq_handler, IRQF_SHARED, "kbdozgur", (void *) (irq_handler));
if (result) printk(KERN_INFO "MOB: can't get shared interrupt for keyboard\n");
printk(KERN_INFO "MOB: kbdozgur loaded.\n");
return result;
}
static void exit_mod(void) {
/*
* ****************************
* Destroy Character Device
* ****************************
*/
device_unregister(kbdozgurcharDevice);
device_destroy(kbdozgurcharClass, MKDEV(majorNumber, 0)); // remove the device
class_unregister(kbdozgurcharClass); // unregister the device class
class_destroy(kbdozgurcharClass); // remove the device class
unregister_chrdev(majorNumber, DEVICE_NAME); // unregister the major number
printk(KERN_INFO "MOB: Goodbye from the LKM!\n");
/*
* ****************************
* Free IRQ bind
* ****************************
*/
free_irq(1, (void *) (irq_handler));
printk(KERN_INFO "MOB: kbdozgur unloaded.\n");
}
// Default open function for device
static int dev_open(struct inode *inodep, struct file *filep) {
numberOpens++;
printk(KERN_INFO "MOB: Device has been opened %d time(s)\n", numberOpens);
return 0;
}
/** @brief This function is called whenever device is being read from user space i.e. data is
* being sent from the device to the user. In this case is uses the copy_to_user() function to
* send the buffer string to the user and captures any errors.
* KERNEL SPACE > USER SPACE
* @param filep A pointer to a file object (defined in linux/fs.h)
* @param buffer The pointer to the buffer to which this function writes the data
* @param len The length of the buffer
* @param offset The offset if required
*/
static ssize_t dev_read(struct file *filep, char *buffer, size_t len, loff_t *offset) {
size_t size_requested;
if (len >= bufferCounter) size_requested = bufferCounter;
else size_requested = len;
// if (copy_to_user(buffer, messageFromInterrupt, size_requested)) {
// bufferCounter = bufferCounter - size_requested;
// memset(&messageFromInterrupt[0], 0, sizeof(messageFromInterrupt));
// return -EFAULT;
// }
// else return size_requested;
copy_to_user(buffer, messageFromInterrupt, size_requested);
bufferCounter = bufferCounter - size_requested;
memset(&messageFromInterrupt[0], 0, sizeof(messageFromInterrupt));
return size_requested;
}
/** @brief This function is called whenever the device is being written to from user space i.e.
* data is sent to the device from the user. The data is copied to the messageFromUser[] array in this
* LKM using the sprintf() function along with the length of the string.
* USER SPACE > KERNEL SPACE
* @param filep A pointer to a file object
* @param buffer The buffer to that contains the string to write to the device
* @param len The length of the array of data that is being passed in the const char buffer
* @param offset The offset if required
*/
static ssize_t dev_write(struct file *filep, const char *buffer, size_t len, loff_t *offset) {
short size_of_message;
copy_from_user(messageFromUser, buffer, len);
size_of_message = strlen(messageFromUser); // store the length of the stored message
printk(KERN_INFO "MOB: Received %d characters from the user >> %s", len, messageFromUser);
return len;
}
/** @brief The device release function that is called whenever the device is closed/released by
* the userspace program
* @param inodep A pointer to an inode object (defined in linux/fs.h)
* @param filep A pointer to a file object (defined in linux/fs.h)
*/
static int dev_release(struct inode *inodep, struct file *filep) {
printk(KERN_INFO "MOB: Device successfully closed\n");
return 0;
}
module_init(init_mod);
module_exit(exit_mod);