X-Git-Url: http://git.grml.org/?a=blobdiff_plain;f=grml_tips;h=d53fa20d0b78a7e0dd3fc5bf230e0c237fe58129;hb=17bd99efa9c1586bf6cb4048753ee32598ff72e2;hp=29fa9963917ed0c64bcaf037d22b5504fc427ad8;hpb=ec4516da3042ce4f53d5c2c07dbbd957f6801afd;p=grml-tips.git

diff --git a/grml_tips b/grml_tips
index 29fa996..d53fa20 100644
--- a/grml_tips
+++ b/grml_tips
@@ -704,9 +704,9 @@ Write back the guessed table:
 Develop, test and use exploit code with the Metasploit Framework:
 
 cd /tmp
-wget http://www.metasploit.com/tools/framework-2.7-snapshot.tar.gz
-unp framework-2.7-snapshot.tar.gz
-cd framework*
+wget http://framework-mirrors.metasploit.com/msf/downloader/framework-3.0.tar.gz
+unp framework-3.0.tar.gz
+cd framework-3.0
 ./msfcli
 -- 
 Useful documentation:
@@ -1088,7 +1088,7 @@ EOF
 See also: http://www.debian.org/releases/stable/i386/apcs04.html.en
 Avoid all of the above steps - use grml-debootstrap(8) instead!
 -- 
-Convert files from Unicode / UTF to ISO:
+Convert files from Unicode / UTF-8 to ISO:
 
 % iconv -f utf8 -t iso-8859-15 < utffile > isofile
 
@@ -1758,6 +1758,8 @@ Start X and lock console via exiting:
 -- 
 Which process is writing to disk and/or causes the disk to spin up?
 
+First of all use lsof to check what's going on. Does not help? ->
+
 # echo 1 > /proc/sys/vm/block_dump
 
 The command sets a sysctl to cause the kernel to log all disk
@@ -2075,10 +2077,13 @@ xfs without vol_id:
 # xfs_admin -l /dev/sda1
 
 reiserfs without vol_id:
-# debugreiserfs /dev/sda1 | grep UUID
+# debugreiserfs /dev/sda1 | grep -i label
+
+jfs without vol_id:
+# jfs_tune -l /dev/sda1 | grep -i label
 
 reiser4 without vol_id:
-# debugfs.reiser4 /dev/sda1 | grep uuid
+# debugfs.reiser4 /dev/sda1 | grep -i label
 -- 
 Check filesystem's UUID:
 
@@ -2086,16 +2091,41 @@ generic way:
 # vol_id -u /dev/sda1
 
 ext2/3 without vol_id:
-# dumpe2fs /dev/sda1 | grep UUID
+# dumpe2fs /dev/sda1 | grep -i UUID
 
 xfs without vol_id:
 # xfs_admin -u /dev/sda1
 
 reiserfs without vol_id:
-# debugreiserfs /dev/sda1 | grep LABEL
+# debugreiserfs /dev/sda1 | grep -i UUID
 
 reiser4 without vol_id:
-# debugfs.reiser4 /dev/sda1 | grep label
+# debugfs.reiser4 /dev/sda1 | grep -i UUID
+-- 
+Change a filesystem's LABEL:
+
+swap:
+# mkswap -L $LABEL /dev/sda1
+
+ext2/ext3:
+# e2label /dev/sda1 $LABEL
+# tune2fs -L $LABEL /dev/sda1
+
+reiserfs:
+# reiserfstune -l $LABEL /dev/sda1
+
+jfs:
+# jfs_tune -L $LABEL /dev/sda1
+
+xfs:
+# xfs_admin -L $LABEL /dev/sda1
+
+fat/vfat:
+# echo 'drive i: file="/dev/sda1"' >> ~/.mtoolsrc
+# mlabel -s i:$LABEL
+
+ntfs:
+# ntfslabel $LABEL /dev/sda1
 -- 
 Disable pdiffs feature of APT:
 
@@ -2118,7 +2148,7 @@ Restore the backup using unzsplit:
 
 More usage examples: man zsplit + man unzsplit
 -- 
-Measure network performance using ipserf
+Measure network performance using iperf:
 
 Server side:
 % iperf -s -V
@@ -2470,7 +2500,11 @@ Configuration options relevant on harddisk installation:
   # tzconfig
 
   which adjusts /etc/timezone and /etc/localtime according
-  to the provided information.
+  to the provided information. Running:
+
+  # dpkg-reconfigure tzdata
+
+  might be useful as well.
 
 * /etc/default/rcS: set variable UTC according to your needs,
   whether your system clock is set to UTC (UTC='yes') or
@@ -2516,3 +2550,224 @@ Further information:
   http://www.debian.org/doc/manuals/system-administrator/ch-sysadmin-time.html
   http://wiki.debian.org/TimeZoneChanges
 -- 
+Recorder shellscript session using script:
+
+% script -t 2>~/upgrade.time -a ~/upgrade.script
+% scriptreplay ~/upgrade.time ~/upgrade.script
+-- 
+Test UTF-8 capabilities of terminal:
+
+wget http://melkor.dnp.fmph.uniba.sk/~garabik/debian-utf8/download/UTF-8-demo.txt.gz
+zcat UTF-8-demo.txt.gz
+
+or:
+
+wget http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt
+cat UTF-8-test.txt
+-- 
+UTF-8 at grml / some general information regarding Unicde/UTF-8:
+
+  http://wiki.grml.org/doku.php?id=utf8
+-- 
+
+This allows one ssh connection attepmt per minute per source ip, with a initial
+burst of 10.  The available burst is like a counter which is initialised with
+10. Every connection attempt decrements the counter, and every minute where the
+connection limit of one per minute is not overstepped the counter is
+incremented by one.  If the burst counter is exhausted the real rate limit
+comes into play. This gives you 11 connectionattepmts in the first minute
+before blocked for 10minutes.  After 10 minutes block the game restarts.
+
+Hint: you could set the burst value to 5 and the block time to only 5 minutes
+to achive the same average connection rate but with halve the block time.
+
+iptables -A inet_in -p tcp --syn --dport 22 -m hashlimit --hashlimit-name ssh \
+         --hashlimit 1/minute \ --hashlimit-burst 10 --hashlimit-mode srcip   \
+         --hashlimit-htable-expire 600000 -j ACCEPT
+iptables -A inet_in -p tcp --dport 22 -m state --state NEW -j REJECT
+-- 
+Tunnel a specific connection via socat:
+
+On the client:
+% socat TCP4-LISTEN:8003 TCP4:gateway:500
+
+On the gateway:
+# socat TCP4-LISTEN:500,fork TCP4:target:$PORT
+
+Using localhost:8003 on the client uses the tunnel now.
+-- 
+Set date:
+
+# date --set=060916102007
+
+where the bits are month(2)/day(2)/hour(2)/minute(2)/year(4)
+
+Set date using a relative date:
+
+# date -s '+3 mins'
+
+or
+
+# date -s '+tomorrow'
+
+Display a specific relative date:
+
+# date -d '+5 days -2 hours'
+
+Don't forget to set hardware clock via:
+
+# hwlock -w
+-- 
+Booting grml via network / PXE:
+
+Start grml-terminalserver on a system with network access
+and where grml is running:
+
+# grml-terminalserver
+
+Then booting your client(s) via PXE should work without
+any further work.
+-- 
+Debugging SSL communications:
+
+% openssl s_client -connect server.adress:993
+
+or
+
+# ssldump -a -A -H -i eth0
+
+See http://prefetch.net/articles/debuggingssl.html for more details.
+-- 
+Remove bootmanager from MBR:
+
+# lilo -M /dev/hda -s /dev/null
+-- 
+Rewrite grub to MBR:
+
+# mount /mnt/sda1
+# grub-install --recheck --no-floppy --root-directory=/mnt/sda1 /dev/sda
+-- 
+Rewrite lilo to MBR:
+
+# mount /mnt/hda1
+# lilo -r /mnt/hda1
+-- 
+Create screenshot of plain/real console - tty1:
+
+# fbgrab -c 1 screeni.png
+-- 
+Create screenshot when running X:
+
+% scrot
+
+Tip: use the gkrellshoot plugin when using gkrellm
+-- 
+Redirect all connections to hostA:portA to hostB:portB, where hostA and hostB are
+different networks:
+
+Run the following commands on hostA:
+
+echo 1 > /proc/sys/net/ipv4/ip_forward
+iptables -t nat -A PREROUTING -p tcp --dport portA -j DNAT --to hostB:portB
+iptables -A FORWARD -i eth0 -o eth0 -d hostB -p tcp --dport portB -j ACCEPT
+iptables -A FORWARD -i eth0 -o eth0 -s hostB -p tcp --sport portB -j ACCEPT
+iptables -t nat -A POSTROUTING -p tcp -d hostB --dport portB -j SNAT --to-source hostA
+-- 
+Flash BIOS without DOS/Windows:
+
+Dump flash info and set the flash chip to writable:
+# flashrom
+
+Backup the original BIOS:
+# flashrom -r backup.bin
+
+Notice: the following step will overwrite your current BIOS!
+So make sure you really know what you are doing.
+
+Flash the BIOS image:
+# flashrom -wv newbios.bin
+
+Also check out LinuxBIOS: http://linuxbios.org/
+-- 
+Enable shadow passwords:
+
+# shadowconfig on
+-- 
+Set up an IPv6 tunneln on grml:
+
+# ipv6-tunnel start
+-- 
+Set up console newsreader slrn for use with Usenet:
+
+% grml-slrn
+-- 
+Calculate with IPv6 addresses:
+
+% ipv6calc
+
+For usage examples refer to manpage ipv6calc(8).
+-- 
+Common network debugging tools for use with IPv6:
+
+% ping6
+% tracepath6
+% traceroute6
+% tracert6
+% nc6
+% tcpspray6
+-- 
+Set up NFS (Network File System):
+
+Server-side
+~~~~~~~~~~~
+Make sure the relevant services are running on the server side:
+
+# /etc/init.d/portmap start
+# /etc/init.d/nfs-common start
+# /etc/init.d/nfs-kernel-server start
+
+Export shares via /etc/exports:
+
+/backups 192.168.1.100/24(rw,wdelay,no_root_squash,async,subtree_check)
+
+... or manually export a directory running:
+
+# exportfs -o rw,wdelay,no_root_squash,async,subtree_check 192.168.1.100:/backups
+
+and unexport a share running:
+
+# exportfs -u 192.168.1.100:/backups
+
+and every time when you modify /etc/exports file run
+
+# exportfs -ra
+
+Display what NFS components are running:
+
+# rpcinfo -p
+
+Display list of exported shares:
+
+# exportfs -v
+or
+# showmount -e
+
+Client-side
+~~~~~~~~~~~
+Make sure the relevant services are running on the client side:
+
+# /etc/init.d/portmap start
+# /etc/init.d/nfs-common start
+
+Verify that the server allows you to access its RPC/NFS services:
+
+# rpcinfo -p server_name
+
+Check what directories the server exports:
+
+# showmount -e server_name
+
+On the client side you can use something like the following in /etc/fstab:
+
+192.168.1.101:/backups /mnt/nfs nfs defaults,users,wsize=8192,rsize=8192 0 0
+--