Detect malicious traffic with MalTrail in Linux

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name, URL, IP address or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware).

Features

  • Uses multiple public blacklists (alientvault, autoshun, badips, sblam etc)
  • Has extensive static trails for identification (domain names, URLs, IPaddresses or User-Agent values)
  • Optional heuristic mechanisms for detection of unknown threats
  • Based on Traffic -> Sensor <-> Server <-> Client Architecture
  • Web reporting interface

Continue reading “Detect malicious traffic with MalTrail in Linux”

Build a virtual machine with VirtualBox in Linux

Virtualization is almost as old as our beloved integrated silicon chips.
At the beginning of the 1960s, there had been two major computing issues.
First, many individual mainframe models were bespoke, so incompatible.
The other stumbling block was that as integrated processors became more powerful, institutions wanted to implement flexible “timesharing” between multiple users.

VirtualBox 5.2 on Fedora

IBM dismissed this multi-user batch processing was definitely the future! But in 1963, it lost a large MIT contract to General Electric. Realising its huge mistake, IBM developed the general purpose S/360 architecture, which could be implemented on a wide range of compatible systems. In 1965, IBM released the S/360-76, the world’s first mainframe to support virtualisation. And the rest is very much history.

Continue reading “Build a virtual machine with VirtualBox in Linux”

Smart TV remote take-over

1 Install TakeTV

DLNA/UPnP devices such as smart TVs are known to have no security at all.
Now you can discover these devices and take control of them using your terminal thanks to TakeTV! Install it; clone its
repository first: git clone https://github.com/SvelizDonoso/taketv.git.

Then install its dependencies: sudo apt-get/dnf install youtube-dl.

2 Discover exposed devices

After installing the tool, use it to auto-discover any DLNA/UPnP-enabled devices on the network: python taketv.py –all –timeout 30.
Once the time’s up, a list of discovered devices will be shown.

3 Prepare some media

You can download media and store it on your local Apache HTTP server, or you can use the ‘assistent’ tool (yes, the spelling is wrong) included with TakeTV.
Download the classic ECB-Tux image:

python assistent.py –url https://blog.ilippo.io/content/images/2015/11/Tux-ECB.png –dimage.

You can download video and audio from
YouTube as well.

4 Start your local HTTP server

Start your HTTP server now: python assistent.py –httpserver –port 8000. Feel free to change the TCP port and make sure you allow the remote TV/device to connect to it: sudo iptables -I INPUT 1 -p tcp -s –dport 8000 -j ACCEPT.

5 Take over!

It’s time to take over the TV! You can cast the downloaded image/video/audio to it,
control its volume, mute/unmute it, and more:
python taketv.py –ip YOUR_TV_IP –play http://HTTPSERVERIP/imagen/Tux-ECB.png

See python taketv.py -h for help.

AMD USB 3.X with kernel/IOMMU issue fix

The MSI/Gigabyte AMD motherboards are well known having several issue with USB 3.X front port in combination with Linux for long time now. and here’s how to fix that.

The workaround that works is to enable IOMMU in the BIOS and then change the following line in bootmanager GRUB: (/etc/default/grub)
Change GRUB_CMDLINE_LINUX=”” to GRUB_CMDLINE_LINUX=”iommu=soft” ( As seen in screenshot below)

Now before you re-log or reboot first update your bootmanager GRUB, in Fedora related distro’s :

sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg

For Debian distro’s that’s:

sudo update-grub

Also in BIOS make sure these options are enabled: xHCI handoff, EHCI handoff, IOMMU controller.

This should fix issues not able to use USB 3.x on mobo to front case in Linux.

Linux Speed Up! Get a faster boot-up, a swifter desktop and more responsive apps.

Everyone loves a speedy computer. In this section we’ll look at some essential tricks to speed up your computer. You don’t have to be an experienced campaigner to get more mileage out of your Linux box. There are some techniques that even new users can employ to trick their Linux distro to boot faster.

Continue reading “Linux Speed Up! Get a faster boot-up, a swifter desktop and more responsive apps.”

Today’s the 24th first anniversary of 1st Linux kernel release.

Today’s the 24th first anniversary of 1st Linux kernel release. October 5th is the day when Linus Torvalds released the 1st Linux kernel.
red-hat-posters-3
If you remember, back in August, we celebrated the birthday of Linux. August 25th is the day when Linus Torvalds first told the world that he was working on a project named Linux. However, the Linux community celebrates October 5th as another anniversary of Linux.
So, is Linux confused about its birthday just like Google? Well, October 5th is the day when Linus released the first kernel.
pppt-5-638
Today, Linux is running the world and more companies are adopting it to run their systems.
On the occasion of Linux kernel birthday, The Linux Foundation shared some interesting facts about the same. Let’s take a look at them:
  • Version 0.01 of the Linux kernel had 10,239 lines of code.
  • Version 4.1, released in July 2015, has more than 19 million lines of code.
  • The current Linux kernel is the result of one of the largest collaborative projects ever attempted.
  • Nearly 12,000 developers from more than 1,200 companies have contributed to the Linux kernel since tracking began 10 years ago.
  • The rate of Linux development is unmatched. The average number of changes accepted into the kernel per hour is 7.71, which translates to 185 changes every day and nearly 1,300 per week.
  • As of last month, 115,013,302 total lines of source code were present in The Linux Foundation’s Collaborative Projects.
  • It would take a team of 1,356 developers over 30 years to recreate the code base in these projects.
  • The total economic value of this work is estimated at more than $5 billion.
These facts are taken from The Linux Foundation‘s anniversary post.

Do I need An antivirus in linux?

Afraid to answer a bit background knowledge is necessary first.

Viruses hardly exists any more. Programs that infect other executables, overwrite parts of them and/or add new code to them is not how malware spreads nowadays in most cases. In windows that distinction is not really necessary, windows users use the term “virus” to describe every form of malware (and user error, sorry, couldn’t resist 😉 ). But in Linux that distinction is important as virus scanners in Linux do exactly what the name says…they scan for viruses. They don’t protect you against attacks from websites in any form. And on top of that they hardly even scan for Linux viruses…there are only very few proof-of-concept Linux viruses at all. And due to people never installing anything themselves but always packages provided by the distro through the package manager there is almost no attack surface for traditional viruses…no spreading of .exe saying they are the most fancy screensaver or similar. So the Linux virus scanners actually mostly scan for windows viruses, for example in a mail server scanning email attachments before delivering the mails.

Continue reading “Do I need An antivirus in linux?”

Why Linux Distro’s Are More Secured Than Any Other Operation Systems

Linux is an open source operating system where everyone can read the entire codes but still it is considered more secure as compared to the other operating systems. Linux has been extensively deployed in the tech market as many of the gadgets are Linux based and that is why more people are building trust on the Linux platform. To throw more light on why Linux has superior internet security capabilities, let us check out some of its security features.

Linux

Continue reading “Why Linux Distro’s Are More Secured Than Any Other Operation Systems”

The Complete Guide for Hidden Services And Staying Anonymous

The free Internet that many of us loved has become a surveillance web, serving governments and mega-corps, while abusing the rest of us. For those whose eyes are opening to this sad fact, I’ve have assembled this guide.

This purpose of this guide is to make Internet privacy as simple and concise as possible. Our intention is not just for you to understand, but for you to
act upon the information we give you.

Learning to protect yourself online is simple, and does not need to interfere with your daily activity. This is the complete  guide to surfing anonymously. What steps you choose to take depend upon what you wish to guard against. Each level will require more work or money to achieve, but gives much greater protection.

Large Man Looking At Co-Worker With A Magnifying Glass --- Image by © Images.com/Corbis
Large Man Looking At Co-Worker With A Magnifying Glass — Image by © Images.com/Corbis

Continue reading “The Complete Guide for Hidden Services And Staying Anonymous”