Add tech guides.
This commit is contained in:
42
content/posts/guides/ssh-keys.md
Normal file
42
content/posts/guides/ssh-keys.md
Normal file
@@ -0,0 +1,42 @@
|
||||
---
|
||||
title: "SSH Key Access"
|
||||
author: "Hyperling"
|
||||
date: "2025-11-13"
|
||||
tags:
|
||||
- "tech"
|
||||
categories:
|
||||
- "guide"
|
||||
series:
|
||||
- "server administration"
|
||||
---
|
||||
|
||||
How to set up an SSH key and use it to access a remote machine.
|
||||
|
||||
### Generate Key
|
||||
|
||||
``` bash
|
||||
ssh-keygen
|
||||
```
|
||||
|
||||
### Copy the Key
|
||||
|
||||
``` bash
|
||||
ssh-copy-id [-p port_nbr] username@server_or_IP
|
||||
```
|
||||
|
||||
So this may look like one of the below.
|
||||
|
||||
``` bash
|
||||
ssh-copy-id sftp@12.34.56.78
|
||||
ssh-copy-id -p 2222 leethaxor@pwnnoobs.pro
|
||||
```
|
||||
|
||||
### Profit
|
||||
|
||||
Now you should be able to log in or copy files without needing to type a password.
|
||||
|
||||
```
|
||||
ssh [-p port_nbr] username@server_or_IP
|
||||
scp [-P port_nbr] username@server_or_IP:file_to_pull local_path_to_save
|
||||
scp [-P port_nbr] local_path_to_send username@server_or_IP:remote_path_to_save
|
||||
```
|
||||
115
content/posts/guides/system-hardening.md
Normal file
115
content/posts/guides/system-hardening.md
Normal file
@@ -0,0 +1,115 @@
|
||||
---
|
||||
draft: yes
|
||||
title: Preventing Hacks
|
||||
author: Hyperling
|
||||
date: TBD
|
||||
tags:
|
||||
- tbd
|
||||
categories:
|
||||
- tbd
|
||||
series:
|
||||
- tbd
|
||||
# TBD/TODO: Is the theme oreventing this from working properly?
|
||||
toc: true
|
||||
toc_start_level: 3
|
||||
toc_end_level: 5
|
||||
---
|
||||
|
||||
How to check for system vulnerabilities.
|
||||
|
||||
*A few of these tools can be used offensively. It is bad etiquette to use them on systems which you do not own. Please respect others and do not attempt to cause harm.*
|
||||
|
||||
### Lynis
|
||||
|
||||
Local testing suite which not only tests for security weaknesses, but also that best practices are being used in a POSIX environment (UNIX/Linux type standard).
|
||||
|
||||
#### Install
|
||||
|
||||
```
|
||||
$ sudo su -
|
||||
# git clone https://github.com/CISOfy/lynis lynis
|
||||
# chmod -R 644 lynis
|
||||
# chmod 755 lynis/lynis
|
||||
```
|
||||
|
||||
#### Testing
|
||||
|
||||
```
|
||||
# /root/lynis/lynis audit system
|
||||
```
|
||||
|
||||
If placing the contents into a file, you'll want to disable the colors.
|
||||
|
||||
```
|
||||
# lynis audit system --no-colors > /root/lynix_results.txt 2>&1
|
||||
```
|
||||
|
||||
### NMap
|
||||
|
||||
***This tool can be considered aggressive and should not be used against any systems you do not own or have explicit permission to test against.***
|
||||
|
||||
#### Setup
|
||||
|
||||
Install `nmap` from your package manager.
|
||||
|
||||
- Debian Distros
|
||||
```
|
||||
$ sudo apt update && sudo apt install -y nmap
|
||||
```
|
||||
- Fedora Distros
|
||||
```
|
||||
$ sudo dnf install -y nmap
|
||||
```
|
||||
- Arch Distros
|
||||
```
|
||||
$ sudo pacman -Syq nmap
|
||||
```
|
||||
|
||||
#### Testing
|
||||
|
||||
**Never run the `-A` parameter against an unsuspecting system.**
|
||||
|
||||
Run this command to get a good summary of ports with an attackable surface.
|
||||
|
||||
```
|
||||
$ nmap -A -p- --script=vuln server_or_IP
|
||||
```
|
||||
|
||||
To simply see the open ports on a device, you may use the `--open` parameter.
|
||||
|
||||
```
|
||||
$ nmap --open server_or_IP
|
||||
```
|
||||
|
||||
This program executes more quickly if run from the local machine by using `localhost`, `127.0.0.1`, `0.0.0.0`, etc.
|
||||
|
||||
If you'd like the output saved into a file, pipe it with `>` to your desired directory.
|
||||
|
||||
For example, to place a local vulnerability scan into your Downloads directory:
|
||||
|
||||
```
|
||||
$ nmap -A -p- --script=vuln localhost > ~/Downloads/nmap_report.txt 2>&1
|
||||
```
|
||||
|
||||
#### Resolving Discoveries
|
||||
|
||||
If any vulnerabilities show up they usually come with a CVE which can be researched, such as `CVE-2007-6750`.
|
||||
|
||||
There are many reputable sites which come up when placing this in a search engine. [`cve.org`](https://www.cve.org]) is also supposed to be a centralized repository,
|
||||
|
||||
Here's an example for the provided ID.
|
||||
|
||||
- [https://www.suse.com/security/cve/CVE-2007-6750.html](https://www.suse.com/security/cve/CVE-2007-6750.html)
|
||||
- [https://www.cve.org/CVERecord?id=CVE-2007-6750](https://www.cve.org/CVERecord?id=CVE-2007-6750)
|
||||
|
||||
Most vulnerabilities are fixed by upgrading software, migrating to safer software, and by following best practices such as not exposing databases to the Internet.
|
||||
|
||||
### Metasploit
|
||||
|
||||
***This tool IS aggressive and should NEVER be used against any systems you do not own or have explicit permission to test against.*** Thank you.
|
||||
|
||||
I recommend playing with Metasploit if you have extra time so that you can learn how easy it is to penetrate an exploit once it is found with NMap.
|
||||
|
||||
Please be sure to test against your own machines, such as setting up a VM running an old Ubuntu LTS, starting up some services like CUPS, SSH, Apache, etc.
|
||||
|
||||
There are also VMs available such as Metasplotable 2 and 3 which come with the attack surfaces already set up for you.
|
||||
Reference in New Issue
Block a user