Networks Guru

Tag: unix

Apache – Mapping URL PATH to a Directory on the FileSystem

Well, Mapping a URL Path to a directory can be useful in many scenarios,

Ex:

  • As a proof of ownership, some sites may ask you to publish certain files in certain directories “Google WebSite Ownership Verification, etc…
  •  Publishing Django static files while proxying all the other URLs. Django Developers will relate 🙂
  • etc…

Patching WordPress DoS Vulnerability CVE-2018-6389 using Modsecurity

The Vulnerability as explained in https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html relies in executing high number of requests, So by temporarily applying rate limiting, the impact of this vulnerability maybe mitigated using various methods one of them is by using Modsecurity until a fix is released.

Other References:

https://wpvulndb.com/vulnerabilities/9021
https://baraktawily.blogspot.fr/2018/02/how-to-dos-29-of-world-wide-websites.html
https://github.com/quitten/doser.py
https://thehackernews.com/2018/02/wordpress-dos-exploit.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389

Creating a dummy Interface on a Linux/Unix based Systems

A dummy interface maybe created for various reasons like:

  • Publishing Services
  • A 2nd loopback interface with a public IP

Verifying a route on a Linux System

With the existence of the IP package in a linux/unix system the routing table can be viewed using the below command

$ ip route

ex:

Changing the Wireless Card’s Transmission Power

The current value of the wireless card’s TX-Power can be verified using the below command

user@pc:~ $ iwconfig
wlan0 IEEE 802.11 ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=22 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Power Management:on

user@pc:~ $ iw reg get
country GB: DFS-ETSI
(2402 - 2482 @ 40), (N/A, 20), (N/A)
(5170 - 5250 @ 80), (N/A, 20), (N/A)
(5250 - 5330 @ 80), (N/A, 20), (0 ms), DFS
(5490 - 5710 @ 160), (N/A, 27), (0 ms), DFS
(57000 - 66000 @ 2160), (N/A, 40), (N/A)

The Tx-Power value is in dBm “Decibel (referenced to milliwatts)” This value can be converted to milliwatts using this function

P(mW) = 1mW â‹… 10(P(dBm)/ 10)

Before changing the value of the Tx-Power, You need to make sure that you comply with the legal limits within your country and you’ll not end up frying the wireless card

The below commands can be used to change the current value of the transmission power

The max value cannot be set over the limit specified by the assigned country’s regulations

So, for education Purpose only the country may be set to a country allowing higher Transmission power “ex: Bolivia <BO>”

 

ifconfig wlan0 down
iw reg set BO
ifconfig wlan0 up
iwconfig wlan0 txpower 30

 

So,  By verifying the results of the last commands, we see that the values have been set successfully

user@pc:~ $ iwconfig wlan0
wlan0 IEEE 802.11 ESSID:off/any
Mode:Managed Access Point: Not-Associated Tx-Power=30 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Power Management:on

user@pc:~ $ iw reg get
country BO: DFS-JP
(2402 - 2482 @ 40), (N/A, 20), (N/A)
(5250 - 5330 @ 80), (N/A, 30), (0 ms), DFS
(5735 - 5835 @ 80), (N/A, 30), (N/A)

 

 

 

Powered by WordPress & Theme by Anders Norén