SSHChat

SSH Chat how to run your own SSH Chat Server Setup # add go pkg_add go # add user 'sshchat' adduser # switch user su - sshchat ftp https://github.com/shazow/ssh-chat/archive/v1.10.tar.gz tar zxf v1.10.tar.gz cd ssh-chat-1.10/ make build # back to root exit cp /home/sshchat/ssh-chat-1.10/ssh-chat /usr/local/bin/ sshchat - ipfile manage whiteliste ip in dedicated file # create folder mkdir -p /etc/pf.d # sample file echo "127.0.0.1" > /etc/pf.d/sshchat # set permission chmod 600 /etc/pf.

PyProject 1

Sample PyProject from: https://github.com/volfpeter/motorhead/tree/main PyProject poetry init poetry add motor pydantic poetry add mkdocs-material mkdocstrings[python] mypy ruff poethepoet pytest pytest-asyncio pytest-random-order --group dev [project] name = "motorhead" description = "Async MongoDB with vanilla Pydantic v2+ - made easy." readme = "README.md" license = { text = "MIT" } authors = [ { name = "Peter Volf", email = "do.volfp@gmail.com" }, ] requires-python = ">=3.10" dependencies = ["pydantic", "motor"] classifiers = [ "Intended Audience :: Information Technology", "Operating System :: OS Independent", "Programming Language :: Python :: 3", "Development Status :: 4 - Beta", "Topic :: Internet", "Topic :: Software Development :: Libraries", "Topic :: Software Development", "Typing :: Typed", "Environment :: Web Environment", "Framework :: FastAPI", "Intended Audience :: Developers", "License :: OSI Approved :: MIT License", "Topic :: Internet :: WWW/HTTP", ] [project.

Borgbackup

Prerequisite you need a remote Borg Server (Unix/Linux Machine with Borg installed) valid User and Key for SCP Transfer SSH Key -> /backup/id_ed25519 Create Local Folder test -d /backup || (mkdir /backup; chmod 700 /backup) Borg Backup Script cat << 'EOF2' > /backup/borg.sh #!/usr/bin/env bash # BorgBackup Script, v1.0, 2024-04-09, by @stoege # Remote server details REMOTE_USER="borguser" REMOTE_HOST="your.remote.borg.server" REMOTE_REPO="mysamplerepo" # Local directory to backup LOCAL_DIR="/" # List of directories to exclude EXCLUDE_DIRS=( "*/.

Python MTR

Setup Project Poetry poetry init poetry add twisted poetry add twisted-mtr Build Python Script cat << 'EOF' > main.py #!/usr/bin/env python3 ''' An example usage for twisted-mtr which initiates multiple async traceroutes to multiple IPv4 and IPv6 target IP addresses at the same time. You will need to set your source IP addresses correctly and have a working dual IPv4/IPv6 networking stack to run this example. ''' import sys import signal import logging import ipaddress from twisted.

Python Twisted

WebServer with Python Twisted cat << 'EOF' > main.py from twisted.web import server, resource from twisted.internet import reactor, endpoints class Counter(resource.Resource): isLeaf = True numberRequests = 0 def render_GET(self, request): client_ip = request.getClientAddress().host r=request.uri.decode('utf-8') if not r =="/favicon.ico": self.numberRequests += 1 request.setHeader(b"content-type", b"text/plain") content = u"I am request #{} from {}\n".format(self.numberRequests, client_ip) return content.encode("ascii") endpoints.serverFromString(reactor, "tcp:8080").listen(server.Site(Counter())) reactor.run() EOF Run poetry init poetry add twisted poetry run python main.py Browse Open your Browser: http://ip-of-your-host:8080

XZ

MacOS even MacOS seems not hardly affected, better safe than sorry ! # get Version brew info xz # Cleanup Cache brew cleanup -v -s --prune=all # Downgrade brew reinstall xz # Update brew update # Upgrade brew upgrade # reboot reboot # confirm, 5.4.6 should be fine xz -V Links https://www.openwall.com/lists/oss-security/2024/03/29/4 https://nvd.nist.gov/vuln/detail/CVE-2024-3094 https://www.wiz.io/blog/cve-2024-3094-critical-rce-vulnerability-found-in-xz-utils https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/ https://github.com/orgs/Homebrew/discussions/5243 https://github.com/amlweems/xzbot https://www.nzz.ch/technologie/xz-luecke-der-verrueckteste-angriff-ein-programmierer-entdeckt-per-zufall-eine-gefaehrliche-hintertuere-im-code-wohl-von-einem-geheimdienst-ld.1824766 https://www.deepfactor.io/an-accidental-discovery-of-a-backdoor-likely-prevented-thousands-of-infections/ fun: https://infosec.exchange/@tinker/112196180295212632 Any Comments ? sha256: d2d6b0518ee60fc80381a2fb44dee61d06c02a7d4182045ff25d59f4894d1a10

OpenBSD Bridge

Bridge Interfaces on APU Let’s assume you have an APU2/3/4 and you wanna Bridge some of it’s Interfaces, em0/em1/em2 Create Bridge, add Interfaces cat << 'EOF' > /etc/hostname.bridge0 add vether0 add em0 add em1 add em2 up EOF Create Interfaces echo "up" >> /etc/hostname.em0 echo "up" >> /etc/hostname.em1 echo "up" >> /etc/hostname.em2 Create L3 Interface cat << 'EOF' > /etc/hostname.vether0 inet autoconf inet6 autoconf -temporary -soii up EOF Bring Up all together sh /etc/netstart or do a simpy reload

OpenBSD 7.5

OpenBSD 7.5 finally released The 56th Release of OpenBSD was announced. My Upgrade Script is available here. Highlights added support for various new hardware, numerous performance improvements and of course security enhancements. IPv6 support in ppp(4) see the Post on Undeadly for more Details, or the OpenBSD Page … Script doas su - cd /root ftp https://blog.stoege.net/scripts/{.helpers,upgrade_to_75.sh} chmod u+x upgrade_to_75.sh Execute do the Upgrade ./upgrade_to_75.sh after the reboot Upgrade Packages just run the Script again

FreeSwitch

Basic Commands Logging set Level 1..7 fsctl loglevel 7 Any Comments ? sha256: c8bd29c15fa6239c45d9f1c161bf625e6ced9ae690a971b4ead212769dfba55f

PF Basics

Basic Ruleset Full Connectifity v4/v6 allow SSH in from RFC1918 allow all outgoing # Backup cp /etc/pf.conf /etc/pf.conf.bak-$(date "+%s") # Paste new Ruleset cat << 'EOF' > /etc/pf.conf ####################################################################################################################### # # OpenBSD PF Template # ####################################################################################################################### ######################## ### DEFAULT SETTINGS ### ######################## set block-policy drop set limit states 100000 set limit table-entries 1000000 set optimization normal set ruleset-optimization none set skip on { lo0 enc0 } set syncookies adaptive (start 25%, end 12%) ######################## ### MACROS ### ######################## # log block lb = "log" # log pass lp = "log" ######################## ### NORMALIZATION ### ######################## match inet scrub (no-df max-mss 1380) match inet6 scrub (max-mss 1360) ######################## ### Block all / uRPF ### ######################## block log block in log quick from urpf-failed label uRPF ############################ ### DHCP & IPv6 Stuff ### ############################ # Allow DHCP pass $lp quick inet proto udp from any port 68 to 255.