dock23 https://dock23.de (Sittin' On) The Dock23 Of The Bay Sun, 14 May 2017 11:11:31 +0000 de-DE hourly 1 https://wordpress.org/?v=4.8.1 HD sicher löschen / shreddern / wipen /47 /47#respond Sun, 14 May 2017 11:11:31 +0000 /?p=47 /dev/null | base64)" -nosalt]]> Schnell mal eine Festplatte löschen, shreddern oder wipen:

openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt

]]>
/47/feed 0
Some Nmap Commands /45 /45#respond Mon, 13 Mar 2017 10:51:33 +0000 /?p=45 …  ]]> Turn on OS and version detection scanning script (IPv4)

nmap -A 192.168.1.254
nmap -v -A 192.168.1.1
nmap -A -iL /tmp/scanlist.txt

Find out if a host/network is protected by a firewall

nmap -sA 192.168.1.254

Scan a host when protected by the firewall

nmap -PN 192.168.1.1

Scan a network and find out which servers and devices are up and running
This is known as host discovery or ping scan:

nmap -sP 192.168.1.0/24

Sample outputs:

Host 192.168.1.1 is up (0.00035s latency).
MAC Address: BC:AE:C5:C3:16:93 (Unknown)
Host 192.168.1.2 is up (0.0038s latency).
MAC Address: 74:44:01:40:57:FB (Unknown)
Host 192.168.1.5 is up.
Host nas03 (192.168.1.12) is up (0.0091s latency).
MAC Address: 00:11:32:11:15:FC (Synology Incorporated)
Nmap done: 256 IP addresses (4 hosts up) scanned in 2.80 second

Only show open (or possibly open) ports

nmap --open 192.168.1.1

Show all packets sent and received

nmap --packet-trace 192.168.1.1

Scan a host using TCP ACK (PA) and TCP Syn (PS) ping
If firewall is blocking standard ICMP pings, try the following host discovery methods:

nmap -PS 192.168.1.1
nmap -PS 80,21,443 192.168.1.1
nmap -PA 192.168.1.1
nmap -PA 80,21,200-512 192.168.1.1

How do I detect remote operating system?
You can identify a remote host apps and OS using the -O option:

nmap -O 192.168.1.1
nmap -O --osscan-guess 192.168.1.1
nmap -v -O --osscan-guess 192.168.1.1

]]>
/45/feed 0
How to Clear DNS Cache in MacOS Sierra /44 /44#respond Sun, 12 Mar 2017 10:39:28 +0000 /?p=44 …  ]]>
  • Open the Terminal application, found in the Utilities folder within Applications
  • Enter the following command syntax exactly (use copy and paste if in doubt about syntax accuracy):
    sudo killall -HUP mDNSResponder;say DNS cache has been flushed
  • Hit the Return/Enter key and enter the admin password when requested (this is necessary because of sudo privileges)
  • Wait a few moments for the DNS cache to be cleared
  • ]]>
    /44/feed 0
    WordPress: REST-API unter WordPress 4.7.x deaktivieren /32 /32#respond Wed, 08 Feb 2017 11:10:05 +0000 /?p=32 …  ]]> Die ersten erfolgreichen Angriffe sind in der Mache. WordPress patchen nicht vergessen!!!

    Oder REST-API in der functions.php für nicht eingeloggte User deaktivieren:

    // Remove the WP REST API JSON Endpoints for logged out users
    add_filter( 'rest_authentication_errors', function( $access ) {
    if( ! is_user_logged_in() ) {
    return new WP_Error( 'rest_API_cannot_access', __( 'Only authenticated users can access the REST API.', 'disable-json-api' ), array( 'status' => rest_authorization_required_code() ) );
    }
    return $access;
    });

    ]]>
    /32/feed 0
    Freie unzensierte DNS-Server /30 /30#respond Sun, 15 Jan 2017 22:49:39 +0000 /?p=30 …  ]]> Eure DNS-Anfragen werden inzwischen von vielen Provider gespeichert und ausgewertet. Google hat das mal zusammengefasst was alles von DNS-Anfragen gespeichert wird. Wer das nicht möchte, der sollte seine DNS-Server ändern und auf freie unzensierte DNS-Server setzen. Hier einige alternative DNS-Server:

    Ohne DNSSEC:
    Digitalcourage: 85.214.20.141
    Chaos Computer Club: 213.73.91.35
    Serverstandort: Deutschland

    Mit DNSSEC:

    DNS.WATCH:

    • IPv4: 84.200.69.80, 84.200.70.40
    • IPv6: 2001:1608:10:25::1c04:b12f, 2001:1608:10:25::9249:d69b
    • Serverstandort: Deutschland

    xiala.net:

    • IPv4: 77.109.148.136, 77.109.148.137
    • IPv6: 2001:1620:2078:136::, 2001:1620:2078:137::
    • Serverstandort: Deutschland

    Wer zusätzlich noch DNSCrypt (komplette Verschlüsselung der DNS-Anfrage) nutzen möchte, der sollte sich mal die DNS Server-Liste von openNIC anschauen.

    ]]>
    /30/feed 0
    CLI: General OpenSSL Commands /27 /27#respond Fri, 23 Dec 2016 14:44:44 +0000 /?p=27 Generate a new private key and Certificate Signing Request
    openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key

    Remove a passphrase from a private key
    openssl rsa -in privateKey.pem -out newPrivateKey.pem

    ]]>
    /27/feed 0
    CLI: Converting Using OpenSSL /26 /26#respond Fri, 23 Dec 2016 14:40:08 +0000 /?p=26 …  ]]> Convert a DER file (.crt, .cer, .der) to PEM
    openssl x509 -inform der -in certificate.cer -out certificate.pem

    Convert a PEM file to DER
    openssl x509 -outform der -in certificate.pem -out certificate.der

    Convert a PKCS#12 file (.pfx, .p12) containing a private key and certificates to PEM
    openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
    You can add -nocerts to only output the private key or add -nokeys to only output the certificates.

    openssl pkcs12 -in filename.pfx -clcerts -nokeys -out certificate.cer
    openssl pkcs12 -in filename.pfx -nocerts -out privatekey-encrypted.key

    Convert a PEM certificate file and a private key to PKCS#12 (.pfx .p12)
    openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

    ]]>
    /26/feed 0
    CLI: Live dmesg output in human readable format (colors, timing) /24 /24#respond Tue, 22 Nov 2016 20:42:25 +0000 /?p=24 Live dmesg output in human readable format (colors, timing)
    dmesg -wH

    ]]>
    /24/feed 0
    CLI: Nmap – Offene Ports anzeigen /16 /16#respond Wed, 09 Nov 2016 07:08:37 +0000 /?p=16 Offene Ports mit Nmap anzeigen:

    nmap -sT -O localhost
    oder
    nmap -sT -O myserver.example.com

    ]]>
    /16/feed 0
    CLI: Netstat – Offene Ports anzeigen /15 /15#respond Tue, 08 Nov 2016 07:08:10 +0000 /?p=15 Offene Ports und die zugeordneten Programme anzeigen:

    netstat -tulpn

    ]]>
    /15/feed 0