Monday, 29 February 2016

SARG

proxy:~ # rpm -ivh sarg-2.3.9-33.1.i586.rpm
warning: sarg-2.3.9-33.1.i586.rpm: Header V3 DSA signature: NOKEY, key ID e69ffc9d
Preparing...                ########################################### [100%]
   1:sarg                   ########################################### [100%]
Updating etc/sysconfig/sarg...
proxy:/etc/sysconfig # vim /etc/sarg.conf
output_dir /srv/www/htdocs
proxy:/etc/sysconfig # sarg -x
proxy:/srv/www/htdocs # rcapache2 start

Now you can test to access: http://localhost

SQUID Default Configuration File

### Squid web proxy default Config

### ACLs
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8

### You will need to comment these 3 lines and create your own
acl localnet src 10.0.0.0/8
acl localnet src 172.16.0.0/12
acl localnet src 192.168.0.0/16

acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT

### Apply ACLs
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

### If you comment 'localnet' ACL, you need to comment this line
http_access allow localnet

http_access allow localhost
http_access deny all

### If you comment 'localnet' ACL, you need to comment this line
icp_access allow localnet
icp_access deny all

### Proxy service port
http_port 3128


### Proxy access log
access_log /var/log/squid/access.log squid

### Default config
hierarchy_stoplist cgi-bin ?
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
acl shoutcast rep_header X-HTTP09-First-Line ^ICY\s[0-9]
upgrade_http0.9 deny shoutcast
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
coredump_dir /var/cache/squid

NMAP - Network Mapper

NMAP - Commands


# One IP
nmap 192.168.56.1

# One Range
nmap 192.168.56.1-255

#Scan IP/Computer
nmap -sP 192.168.56.0/24

#Check the type of the computer info:
nmap -sS -Pn -A 192.168.56.1

# scan the information of the operating system and its version
nmap -A 192.168.56.1
nmap -v -A 192.168.56.1

# check if a firewall is in place at the target network/IP
nmap -sA 192.168.1.254

# Detect different services running on the remote target
nmap –sV 192.168.56.1

# Specific port
nmap 192.168.56.1 –p 80

# Entire subnet with a specific port range
nmap 192.168.56.0/24 –p 1-1000

# Exclude host, hosts
nmap 192.168.56.0/24 --exclude 192.168.1.5
nmap 192.168.56.0/24 --exclude 192.168.1.5,192.168.1.254

# Speedy
nmap -F 192.168.56.1