1. Create a dsa-key-pair on your linux client
ssh-keygen -t dsa -f id_dsa-android
Note: I named the key id_dsa-android because that’s my own convention
2. Copy the public key to your Android device
scp -P 2222 id_dsa-android.pub <your-ip-goes-here>:/sdcard
Note: This assumes you have password enabled and sshd running on port 2222
3. Validate the public key
cat /sdcard/id_dsa-android.pub >> /data/data/com.teslacoilsw.quicksshd/home/.ssh/authorized_keys
Note: Validating means in this case to copy the pubkey to authorized_keys (it’s located in /data/data/com.teslacoilsw.quicksshd/home/.ssh)
4. Configure Go to your QuickSSHD settings and remove the checkbox Password and check Shared Keys (If you did right the key added to authorized_keys should be listed right under the checkbox.
5. Test
ssh -i <your-home-goes-here>/.ssh/id_dsa-android -p 2222 <your-ip-goes-here>
If everything went fine you should get:
Enter passphrase for key '/home/sven/.ssh/id_dsa-android' source
echo 1 >/proc/sys/net/ipv4/ip_forward
iptables -t nat -I PREROUTING -p tcp –dport 888 -j DNAT –to-destination 10.0.0.1:443
iptables -t nat -I POSTROUTING -p tcp -d 10.0.0.1 –dport 443 -j MASQUERADE
Subsystem sftp internal-sftp
Match Group sftponly
ChrootDirectory %h
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp
source
8 out of 10 average PC users have their box’s system files altered by malwares, viruses, etc. We usually reinstall the OS if the antivirus and anti malware software did not perform their job well. Here’s one way to fix the corrupted system files without the need of restarting your Windows 7 box.
1. Run the Command Prompt as Administrator
2. Type the following command
3. C:\Windows\system32\> sfc /scannow
After the verification phase, you will receive a message about your system files’ integrity
Windows Resource Protection did not find any integrity violations.
WATOBO is intended to enable security professionals to perform highly efficient (semi-automated ) web application security audits. We are convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities.WATOBO has no attack capabilities and is provided for legal vulnerability audit purposes only.WATOBO works like a local proxy, similar to Webscarab, Paros or BurpSuite.
delete certs from /etc/ssl
dpkg-reconfigure dovecot-common
1. Download the ca.pem [1] and sub.class1.server.ca.pem [2] to /tmp/
2. Cat the CA certs to form a single CA certificate chain file
cat ca.pem sub.class1.server.ca.pem > ca_bundle.crt
3. Place server certificate in /tmp/ssl.crt.
4. Place the private key in /opt/zimbra/ssl/zimbra/commercial/commercial.key
5. Deploy the commercial certificate with zmcertmgr as the root user.
cd /opt/zimbra/bin ./zmcertmgr deploycrt comm /tmp/ssl.crt /tmp/ca_bundle.crt
6. Restart the zimbra services
su zimbra zmcontrol stop zmcontrol start source
Darik’s Boot and Nuke (“DBAN”) is a self-contained boot disk that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction.
ssh-keygen -f .ssh/id_dsa -p
sudo apt-get install unattended-upgrades update-notifier-common
/etc/apt/apt.conf.d/50unattended-upgrades:
Unattended-Upgrade::Allowed-Origins {
"Ubuntu lucid-security";
// "Ubuntu lucid-updates";
};
/etc/apt/apt.conf.d/10periodic:
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
Also check:
cat /etc/apt/apt.conf.d/20auto-upgrades
APT::Periodic::Update-Package-Lists “1″;
APT::Periodic::Unattended-Upgrade “1″;
log: /var/log/unattended-upgrades
source