Difference between revisions of "LMDE"
Jump to navigation
Jump to search
m (→elec/embedded) |
m |
||
| Line 164: | Line 164: | ||
</pre> |
</pre> |
||
| − | ===security=== |
||
| − | ====network==== |
||
| − | <pre> |
||
| − | arping - sends IP and/or ARP pings (to the MAC address) |
||
| − | dsniff - Various tools to sniff network traffic for cleartext insecurities |
||
| − | etherwake - tool to send magic Wake-on-LAN packets |
||
| − | iodine - tool for tunneling IPv4 data through a DNS server |
||
| − | kismet - wireless sniffer and monitor - core |
||
| − | kismet-plugins - wireless sniffer and monitor - plugins |
||
| − | ndisc6 - IPv6 diagnostic tools |
||
| − | netcat - TCP/IP swiss army knife -- transitional package |
||
| − | netsniff-ng - packet sniffing beast |
||
| − | nmap - The Network Mapper |
||
| − | socat - multipurpose relay for bidirectional data transfer |
||
| − | sshfs - filesystem client based on SSH File Transfer Protocol |
||
| − | themole - automatic SQL injection exploitation tool |
||
| − | </pre> |
||
| − | ====forensics==== |
||
| − | <pre> |
||
| − | autopsy - graphical interface to SleuthKit |
||
| − | chkrootkit - rootkit detector |
||
| − | cruft - program that finds any cruft built up on your system |
||
| − | dc3dd - patched version of GNU dd with forensic features |
||
| − | dcfldd - enhanced version of dd for forensics and security |
||
| − | ext4magic - recover deleted files from ext3 or ext4 partitions |
||
| − | foremost - forensic program to recover lost files |
||
| − | gpart - Guess PC disk partition table, find lost partitions |
||
| − | logkeys - keylogger for GNU/Linux systems |
||
| − | mac-robber - collects data about allocated files in mounted filesystems |
||
| − | memdump - utility to dump memory contents to standard output |
||
| − | pdfresurrect - tool for extracting/scrubbing versioning data from PDF documents |
||
| − | recover - Undelete files on ext2 partitions |
||
| − | recoverdm - recover files/disks with damaged sectors |
||
| − | recoverjpeg - tool to recover JPEG images from a filesystem image |
||
| − | rkhunter - rootkit, backdoor, sniffer and exploit scanner |
||
| − | tiger - Report system security vulnerabilities |
||
| − | unhide.rb - Forensic tool to find processes hidden by rootkits |
||
| − | vinetto - A forensics tool to examine Thumbs.db files |
||
| − | wipe - Secure file deletion |
||
| − | vbindiff - visual binary diff, visually compare binary files |
||
| − | </pre> |
||
| − | ====stegano==== |
||
| − | <pre> |
||
| − | outguess - Universal Steganographic tool |
||
| − | steghide - A steganography hiding tool |
||
| − | </pre> |
||
| − | ====crypto==== |
||
| − | <pre> |
||
| − | fcrackzip - password cracker for zip archives |
||
| − | john - active password cracking tool |
||
| − | password-gorilla - cross-platform password manager |
||
| − | pdfcrack - PDF files password cracker |
||
| − | ssss - Shamir's secret sharing scheme implementation |
||
| − | rotix - A program to generate rotational obfuscations |
||
| − | </pre> |
||
| − | ====reverse-engineering==== |
||
| − | <pre> |
||
| − | flasm - assembler and disassembler for Flash (SWF) bytecode |
||
| − | </pre> |
||
| − | ====coding==== |
||
| − | <pre> |
||
| − | ckport - portability analysis and security checking tool |
||
| − | cppcheck - tool for static C/C++ code analysis |
||
| − | flawfinder - examines source code and looks for security weaknesses |
||
| − | pychecker - tool to find common bugs in Python source code |
||
| − | pylint - python code static checker and UML diagram generator |
||
| − | </pre> |
||
===data=== |
===data=== |
||
<pre> |
<pre> |
||
| Line 543: | Line 476: | ||
apt-get install libfreefare-bin libfreefare-dev libfreefare-doc |
apt-get install libfreefare-bin libfreefare-dev libfreefare-doc |
||
| − | ==Install |
+ | ==Install Security software== |
| + | See [[Security packages]]. |
||
| − | See [[Kali]] for a full list and how to add this repository |
||
Revision as of 21:58, 3 April 2014
Intro
Notes while replacing my Debian by LMDE.
This included recovery of some settings so those are not notes for an install from scratch.
LMDE 201403
Installation
See http://www.linuxmint.com/download_lmde.php
Linux Mint has a nice graphical tool for manual repartitioning but not yet LMDE...
Install LMDE with manual partitioning
- it tells us we should mount target partition ourselves under /target
- crypsetup luksOpen /dev/sda1 sda1_crypt # has to be the same ref as in the crypttab later
- mount /dev/sda1_crypt /target
- continue installation
- inject proper config in /etc/crypttab and /etc/fstab
First I mount /home in /home.old (mkdir /home.old) so I can access both fresh user homedir and old one, then move content of /home into /home.old and change fstab to mount on /home next time
Add Debian repositories
LMDE is based on Debian testing but with some delay and I had quickly the issue that my chromium profile was saved by a chroimum version newer than the one in LMDE repos.
/etc/apt/sources.list.d/debian.list :
deb http://ftp.be.debian.org/debian/ jessie main contrib non-free deb-src http://ftp.be.debian.org/debian/ jessie main contrib non-free
We need some pinning to avoid jessie taking over the LMDE repositories. The problem is that they have both the exact same keywords:
$ apt-cache policy [...] 500 http://debian.linuxmint.com/latest// testing/main amd64 Packages release o=Debian,a=testing,n=jessie,l=Debian,c=main 500 http://ftp.be.debian.org/debian/ jessie/main amd64 Packages release o=Debian,a=testing,n=jessie,l=Debian,c=main
So we can only differentiate by origin:
/etc/apt/preferences.d/debian-package-repositories.pref:
+Package: * Pin: origin ftp.be.debian.org Pin-Priority: 400
apt-get update
And to use Jessie repo e.g.:
apt-get install chromium/jessie
Tuning
To be able to use encfs & sshfs:
adduser <myuser> fuse
Cinnamon tuning:
- pin progs to panel: drag & drop from menu
- change user picture: Settings / Account details
- Hide Icons on the Desktop: Settings / Desktop
- Add a Program Shortcut to the Mint Menu: Right-click the Mint Menu, select "Configure" then "Open the menu editor", Click a software category / "New Item".
applet Multicode System Monitor: see http://cinnamon-spices.linuxmint.com/applets/view/79
apt-get install gir1.2-gtop-2.0
Settings / Applets / Get more / search network -> NMulticode System Monitor
Right click on bar / add applets
Install software
First ones
First ones are:
etckeeper - store /etc in git, mercurial, bzr or darcs
to save /etc with git
intel-microcode - Processor microcode firmware for Intel CPUs
to fix some warnings at boot time about some missing ucode:
platform microcode: firmware: agent aborted loading intel-ucode/06-2a-07 (not found?)
debian
apt-listchanges - package change history notification tool apt-rdepends - Recursively lists package dependencies dlocate - fast alternative to dpkg -L and dpkg -S equivs - Circumvent Debian package dependencies
system tools
bridge-utils - Utilities for configuring the Linux Ethernet bridge extlinux - collection of boot loaders (ext2/3/4 and btrfs bootloader) memtest86+ - thorough real-mode memory tester openssh-server - secure shell (SSH) server, for secure access from remote machines openvpn - virtual private network daemon pcscd - Middleware to access a smart card using PC/SC (daemon side) pcsc-tools - Some tools to use with smart cards and PC/SC smartmontools - control and monitor storage systems using S.M.A.R.T. usbview - USB device viewer uuid - the Universally Unique Identifier Command-Line Tool wfrench - French dictionary words for /usr/share/dict wine - Windows API implementation - standard suite
utils
an - very fast anagram generator baobab - GNOME disk usage analyzer bleachbit - delete unnecessary files from the system calibre - e-book converter and library management comix - GTK Comic Book Viewer gnumeric - spreadsheet application for GNOME - main program gt5 - shell program to display visual disk usage with navigation htop - interactive processes viewer impressive - PDF presentation tool with eye candies iotop - simple top-like I/O monitor link-grammar - Carnegie Mellon University's link grammar parser mc - Midnight Commander - a powerful file manager mosh - Mobile shell that supports roaming and intelligent local echo polygen - generator of random sentences from grammar definitions powertop - diagnose issues with power consumption and management psutils - PostScript document handling utilities pv - Shell pipeline element to meter data passing through pyp - sed/awk-like tool with Python language screen - terminal multiplexer with VT100/ANSI terminal emulation signing-party - Various OpenPGP related tools synergy - Share mouse, keyboard and clipboard over the network transgui - Front-end to remotely control Transmission unetbootin - installer of Linux/BSD distributions to a partition or USB drive unison - file-synchronization tool for Unix and Windows wodim - command line CD/DVD writing tool
devel
ddd - The Data Display Debugger, a graphical debugger frontend dissy - graphical frontend for objdump git-annex - manage files with git, without checking their contents into git gitk - fast, scalable, distributed revision control system (revision tree visualizer) git-svn - fast, scalable, distributed revision control system (svn interoperability) gperf - Perfect hash function generator hexedit - view and edit files in hexadecimal or in ASCII indent - C language source code formatting program lua5.1 - Simple, extensible, embeddable programming language meld - graphical tool to diff and merge files nasm - General-purpose x86 assembler uncrustify - C, C++, C#, D, Java and Pawn source code beautifier wdiff - Compares two files word by word
ipython - enhanced interactive Python shell python-tk - Tkinter - Writing Tk applications with Python python-setuptools - Python Distutils Enhancements (setuptools compatibility) libpython2.7-dev - Header files and a static library for Python (v2.7)
autoconf - automatic configure script builder automake - Tool for generating GNU Standards-compliant Makefiles colormake - simple wrapper around make to colorize output libpcsclite-dev - Middleware to access a smart card using PC/SC (development files) libssl-dev - Secure Sockets Layer toolkit - development files libtool - Generic library support script libusb-1.0-0-dev - userspace USB programming library development files libusb-dev - userspace USB programming library development files
elec/embedded
android-tools-adb - Android Debug Bridge CLI tool android-tools-fastboot - Android Fastboot protocol CLI tool arduino - AVR development board IDE and built-in libraries gerbv - Gerber file viewer for PCB design opensc - Smart card utilities with support for PKCS#15 compatible cards
data
antiword - Converts MS Word files to text, PS and PDF cabextract - Microsoft Cabinet file unpacker catdoc - MS-Word to TeX or plain text converter dos2unix - convert text file line endings between CRLF and LF furiusisomount - ISO, IMG, BIN, MDF and NRG image management utility gpsprune - visualize, edit, convert and prune GPS data lsdvd - read the content info of a DVD mtd-utils - Memory Technology Device Utilities mtp-tools - Media Transfer Protocol (MTP) library tools page-crunch - PDF and PS manipulation for printing needs pdfchain - graphical user interface for the PDF Tool Kit pdftk - tool for manipulating PDF documents pgpdump - PGP packet visualizer pst-utils - tools for reading Microsoft Outlook PST files qprint - encoder and decoder for quoted-printable encoding recode - Character set conversion utility
audio
id3v2 - A command line id3v2 tag editor mp3blaster - Full-screen console mp3 and Ogg Vorbis player musescore - Full featured WYSIWYG score editor sox - Swiss army knife of sound processing
picture
darktable - virtual lighttable and darkroom for photographers exif - command-line utility to show EXIF information in JPEG files gifsicle - Tool for manipulating GIF images gimp-data-extras - An extra set of brushes, palettes, and gradients for The GIMP gimp-lensfun - Gimp plugin to correct lens distortion using the lensfun library gimp-texturize - generates large textures from a small sample gnuplot - Command-line driven interactive plotting program graphviz - rich set of graph drawing tools inkscape - vector-based drawing program jhead - manipulate the non-image part of Exif compliant JPEG files jpeginfo - Prints information and tests integrity of JPEG/JFIF files jpegpixi - Remove hot spots from JPEG images with minimal quality loss netpbm - Graphics conversion tools between image formats plotutils - GNU plotutils command line tools based on libplot pngtools - series of tools for PNG (Portable Network Graphics) images rawtherapee - raw image converter and digital photo processor
hugin - panorama photo stitcher - GUI tools autopano-sift-c - Automatically create control points for panorama image
video
cheese - tool to take pictures and videos from your webcam gaupol - subtitle editor for text-based subtitle files mencoder - MPlayer's Movie Encoder metacam - extract EXIF information from digital camera files mkvtoolnix - Set of command-line tools to work with Matroska files mkvtoolnix-gui - Set of tools to work with Matroska files - GUI frontend mp4tools - Suite of scripts to encode Audio and Video in many formats mpegdemux - MPEG1/2 system stream demultiplexer mplayer2 - next generation movie player for Unix-like systems
cclive - lightweight command line video extraction tool mimms - mms (e.g. mms://) stream downloader quvi - command line program to extract video download links youtube-dl - downloader of videos from YouTube and other sites
net
chromium-inspector - page inspector for the Chromium browser chromium - Chromium web browser esniper - simple, lightweight tool for sniping ebay auctions iftop - displays bandwidth usage information on an network interface ipcalc - parameter calculator for IPv4 addresses ipmitool - utility for IPMI control with kernel driver or LAN interface iptraf - Interactive Colorful IP LAN Monitor ipv6calc - small utility for manipulating IPv6 addresses mozplugger - Plugin allowing external viewers to be launched inside Mozilla subnetcalc - IPv4/IPv6 Subnet Calculator upnp-inspector - Python UPnP framework analyser upnp-router-control - UPnP compliant router manager
icedove - mail/news client with RSS and integrated spam filter support enigmail - GPG support for Thunderbird and Debian Icedove
Install special software
pwsafe
Have to backport from squeeze: get and install those
http://ftp.de.debian.org/debian/pool/main/o/openssl/libssl0.9.8_0.9.8o-4squeeze14_amd64.deb http://ftp.de.debian.org/debian/pool/main/p/pwsafe/pwsafe_0.2.0-3_amd64.deb
virtualbox
wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add - echo "deb http://download.virtualbox.org/virtualbox/debian wheezy contrib" > /etc/apt/sources.list.d/virtualbox.list apt-get update apt-get install virtualbox-4.3 /etc/init.d/vboxdrv setup
And extension pack at https://www.virtualbox.org/wiki/Downloads
google-musicmanager
https://dl.google.com/linux/direct/google-musicmanager-beta_current_amd64.deb
bp-tools
From http://www.eftlab.co.uk/index.php/downloads/bp-tools
Needs libpthread-stubs0:
http://ftp.de.debian.org/debian/pool/main/libp/libpthread-stubs/libpthread-stubs0_0.3-3_amd64.deb
apt-get install libsqlite3-dev sqlite3 dpkg --purge bp-tools dpkg -i bp-tools_14.04_amd64_free.deb
dropbox
apt-get install nemo-dropbox
To avoid autostart:
- Settings / Startup Apps Prefs / disable Dropbox
Belgian eID
cf http://eid.belgium.be/fr/utiliser_votre_eid/installer_le_logiciel_eid/linux/
-> debian 64
See also https://code.google.com/p/eid-mw/wiki/ChromeLinux :
libnss3-tools - Network Security Service tools
Close Chrome
cd modutil -dbdir sql:.pki/nssdb/ -add "Belgium eID" -libfile /usr/lib/libbeidpkcs11.so modutil -dbdir sql:.pki/nssdb/ -list
EMV-CAP
python setup.py install
And install:
python-pyscard - Python wrapper above PC/SC API
IDA Pro
See http://blog.stalkr.net/2014/01/ida-on-debian-amd64-with-python.html
Run installation file
It requires libglib2.0-0 but because of chromium/jessie we need the jessie one:
apt-get install -t jessie libglib2.0-0:i386 libselinux1:i386
apt-get install libstdc++6:i386 libc6-i686:i386 libexpat1:i386 libffi6:i386 libfontconfig1:i386 libfreetype6:i386 libgcc1:i386 libglib2.0-0:i386 \
libice6:i386 libpcre3:i386 libpng12-0:i386 libsm6:i386 libstdc++6:i386 libuuid1:i386 libx11-6:i386 libxau6:i386 libxcb1:i386 \
libxdmcp6:i386 libxext6:i386 libxrender1:i386 zlib1g:i386
apt-get install libpython2.7:i386
Skype
Take Debian 7 multiarch version: http://www.skype.com/en/download-skype/skype-for-linux/downloading/?type=debian32
dpkg -i skype-debian_4.2.0.13-1_i386.deb apt-get -f install dpkg -i skype-debian_4.2.0.13-1_i386.deb
Problem of sound? see http://forums.linuxmint.com/viewtopic.php?f=48&t=143634
Edit /etc/pulse/default.pa:
-load-module module-udev-detect +load-module module-udev-detect tsched=0
Googleearth
apt-get install googleearth-package make-googleearth-package dpkg -i googleearth_6.0.3.2197+1.1.0-1_amd64.deb apt-get -f install (dpkg -i googleearth_6.0.3.2197+1.1.0-1_amd64.deb)
Psi-plus
psi-plus - Qt-based XMPP/Jabber client (basic version) psi-plus-plugins - plugins for Psi+ libqca2-plugin-ossl - SSL/TLS support for the Qt Cryptographic Architecture
Recover backuped config:
~/.cache/psi+ ~/.config/psi+ ~/.local/share/psi+
Gogoc
gogoc - Client to connect to IPv6 tunnel brokers
Recover backuped config:
/etc/gogoc/
Avoid it to start automatically:
update-rc.d gogoc disable
logkeys
apt-get install logkeys
Find keyboard device to see which eventX to use:
grep "^[NH]" /proc/bus/input/devices
Edit /etc/default/logkeys:
ENABLED=1 LOGFILE=/var/log/logkeys DEVICE=/dev/input/event0
Avoid it to start automatically:
update-rc.d logkeys disable
Allow starting it without password prompt:
Create /etc/sudoers.d/logkeys:
<myuser> ALL = NOPASSWD: /etc/init.d/logkeys
Provide stealth hooks, under your choice name, e.g. "sl" (for mispelled "ls") etc:
#!/bin/bash sudo /etc/init.d/logkeys start >/dev/null echo "bash: $(basename $0): command not found" exit 127
#!/bin/bash sudo /etc/init.d/logkeys stop >/dev/null echo "bash: $(basename $0): command not found" exit 127
Wireshark
tshark - network traffic analyzer - console version wireshark - network traffic analyzer - GTK+ version
apt-get install wireshark tshark dpkg-reconfigure wireshark-common adduser <myuser> wireshark
GUFW
Firewall:
apt-get install gufw
Add entry in menu manually... see /usr/share/applications/gufw.desktop
Right-click the Mint Menu, select "Configure" then "Open the menu editor", Click a software category / "New Item".
libnfc
apt-get install libnfc5 libnfc-bin libnfc-examples libnfc-dev libnfc-pn53x-examples apt-get install libfreefare0 libfreefare-bin libfreefare-dev libfreefare-doc modprobe -r pn533 adduser <myuser> plugdev
Exim4
apt-get install exim4-daemon-light bsd-mailx
Check /etc/mailname for your machine FQDN
Add to /etc/aliases:
root: <myuser>
Add to /etc/email-addresses:
<myuser>: <myemail>
Add to /etc/exim4/passwd.client:
<mysmtpserver>:<myuser>:<mypwd>
Edit /etc/exim4/update-exim4.conf.conf:
+dc_eximconfig_configtype='satellite' +dc_other_hostnames= +dc_readhost='<mydomain>' +dc_smarthost='<mysmtpserver>::<mysmtpserverport>' +dc_hide_mailname='true'
mitmproxy
mitmproxy - SSL-capable man-in-the-middle HTTP proxy
apt-get install mitmproxy/jessie python-netlib/jessie
After first run of mitmproxy, certs are created.
Install ~/.mitmproxy/mitmproxy-ca-cert.cer as authority or:
Run mitmproxy, visit http://mitm.it and install certificate
To run mitmproxy on a router as transparent proxy, e.g. on the exit node of my VPN:
I keep same certs as my local ones
scp -r .mitmproxy myvpn.box:
On myvpn.box I've the following scripts:
./mitmproxy:
iptables -t nat -A PREROUTING -i tap0 -p tcp --dport 80 -j REDIRECT --to-port 8765
iptables -t nat -A PREROUTING -i tap0 -p tcp --dport 443 -j REDIRECT --to-port 8765
export LANG=en_US.UTF-8
mitmproxy -T --host -p 8765 $*
iptables -t nat -D PREROUTING -i tap0 -p tcp --dport 80 -j REDIRECT --to-port 8765
iptables -t nat -D PREROUTING -i tap0 -p tcp --dport 443 -j REDIRECT --to-port 8765
./mitmdump:
iptables -t nat -A PREROUTING -i tap0 -p tcp --dport 80 -j REDIRECT --to-port 8765
iptables -t nat -A PREROUTING -i tap0 -p tcp --dport 443 -j REDIRECT --to-port 8765
export LANG=en_US.UTF-8
mitmdump -T --host -p 8765 $*
iptables -t nat -D PREROUTING -i tap0 -p tcp --dport 80 -j REDIRECT --to-port 8765
iptables -t nat -D PREROUTING -i tap0 -p tcp --dport 443 -j REDIRECT --to-port 8765
And I can call them remotely:
vpn_mitmproxy:
ssh -t myvpn.box ./mitmproxy $*
vpn_mitmdump:
ssh myvpn.box ./mitmdump $*
PyCryptoPlus
$ git clone https://github.com/doegox/python-cryptoplus $ cd python-cryptoplus/ # python setup.py install
Install Debian software
libnfc/libfreefare
libfreefare-bin - MIFARE card manipulations binaries libfreefare-dev - MIFARE card manipulations library (development files) libfreefare-doc - documentation for libfreefare libnfc-bin - Near Field Communication (NFC) binaries libnfc-dev - Near Field Communication (NFC) library (development files) libnfc-examples - Near Field Communication (NFC) examples libnfc-pn53x-examples - Near Field Communication (NFC) examples for PN53x chips only
Better to pin what we always want from Debian directly:
Add to /etc/apt/preferences.d/debian-package-repositories.pref
Package: libnfc* Pin: origin ftp.be.debian.org Pin-Priority: 990 Package: libfreefare* Pin: origin ftp.be.debian.org Pin-Priority: 990
Then
apt-get install libnfc-bin libnfc-dev libnfc-examples libnfc-pn53x-examples apt-get install libfreefare-bin libfreefare-dev libfreefare-doc
Install Security software
See Security packages.