Install FIO on Ubuntu/Debian:
sudo apt update
sudo apt install -y fio lshw
Install FIO on Fedora:
{ | |
"dns": { | |
"servers": [ | |
{ | |
"tag": "dns_proxy", | |
"address": "https://1.1.1.1/dns-query", | |
"address_resolver": "dns_resolver", | |
"strategy": "ipv4_only", | |
"detour": "select" | |
}, |
Install FIO on Ubuntu/Debian:
sudo apt update
sudo apt install -y fio lshw
Install FIO on Fedora:
#!/bin/bash | |
# A script to limit the outgoing bandwidth of the consensus and execution layers by port | |
# We do this because the highest cost for running a node in AWS is the outgoing bandwidth | |
# Define your ports and their corresponding rate limits | |
declare -A ports=([30303]="500kbit" [9000]="1mbit") | |
# Define arbitrary class IDs for each port | |
declare -A class_ids=([30303]=1 [9000]=2) |
laptop ssh -> laptop stunnel -> evil network -> internet -> your server -> your server ssh
Sets up a stunnel process listening externally on port 2443/tcp, forwards to localhost 22/tcp
yum install stunnel
/etc/stunnel/stunnel.conf
##TCP FLAGS## | |
Unskilled Attackers Pester Real Security Folks | |
============================================== | |
TCPDUMP FLAGS | |
Unskilled = URG = (Not Displayed in Flag Field, Displayed elsewhere) | |
Attackers = ACK = (Not Displayed in Flag Field, Displayed elsewhere) | |
Pester = PSH = [P] (Push Data) | |
Real = RST = [R] (Reset Connection) | |
Security = SYN = [S] (Start Connection) |
# https://www.percona.com/blog/2008/11/07/poor-mans-query-logging/ | |
tcpdump -i eth0 -s 0 -l -w - dst port 3306 | strings | perl -e ' | |
while(<>) { chomp; next if /^[^ ]+[ ]*$/; | |
if(/^(SELECT|UPDATE|DELETE|INSERT|SET|COMMIT|ROLLBACK|CREATE|DROP|ALTER)/i) { | |
if (defined $q) { print "$q\n"; } | |
$q=$_; | |
} else { | |
$_ =~ s/^[ \t]+//; $q.=" $_"; | |
} |
# install netctl | |
sudo pacman -S netctl --noconfirm | |
# check network card name | |
ip link | |
### Config Static IP Address ### | |
# Card Name : eth0 | |
sudo cp /etc/netctl/examples/ethernet-static /etc/netctl/eth0 |
A network bridge allows us to have a virtual router that we can plug multiple network interfaces into. The IP address is assigned to the bridge rather than the individual network interface.
Create the bridge device, br0 :
#!/bin/bash | |
## Create the response FIFO | |
rm -f response | |
mkfifo response | |
function handle_GET_home() { | |
RESPONSE=$(cat home.html | \ | |
sed "s/{{$COOKIE_NAME}}/$COOKIE_VALUE/") | |
} |