First load the IP Alias module (you can skip this step if you compiled the module into the kernel): /sbin/insmod /lib/modules/`uname -r`/ipv4/ip_alias.o Second, setup the loopback, eth0 and all the IP #s beginning with the main IP # for the eth0 interface: /sbin/ifconfig lo 127.0.0.1 /sbin/ifconfig eth0 up /sbin/ifconfig eth0 172.16.3.1 /sbin/ifconfig eth0:0 172.16.3.10 /sbin/ifconfig eth0:1 172.16.3.100 172.16.3.1 is the main IP #, while .10 and .100 are the aliases. The magic is the eth0:x where x=0,1,2,...n for the different IP #s. The main IP # does not need to be aliased. Third, setup the routes. First route the loopback, then the net and, finally, the various IP #s starting with the default (originally allocated) one: /sbin/route add -net 127.0.0.0 /sbin/route add -net 172.16.3.0 dev eth0 /sbin/route add -host 172.16.3.1 dev eth0 /sbin/route add -host 172.16.3.10 dev eth0:0 /sbin/route add -host 172.16.3.100 dev eth0:1 /sbin/route add default gw 172.16.3.200 -------------------------------- ================================================== Router route add 127.0.0.1 route add -net 192.168.1.0 gw 192.168.1.99 dev eth1 route add -net 192.168.20.0 gw 192.168.20.99 dev eth0 route add default gw 192.168.1.252 route add default gw 10.9.63.1 metric 10 ================================================== keep ssh alive ? echo 500 > /proc/sys/net/ipv4/tcp_keepalive_time sh -c 'while sleep 45; do echo -en " \b"; done' & ================================================== IP-alias /sbin/insmod /lib/modules/`uname -r`/ipv4/ip_alias.o /sbin/ifconfig eth0:0 172.16.3.10 /sbin/route add -net 172.16.3.0 dev eth0 /sbin/route add -host 172.16.3.10 dev eth0:0 /sbin/route add default gw 172.16.3.200 ================================================== boot arp -s somehost mac-address pub ping somehost -------------------------------- ================================================== list open net files lsof -P | grep ":" http://oob.freeshell.org/nzwireless/nocat1.html ================================================== tcpdump ------ monitor all traffic except current ssh connection tcpdump -i eth0 -nN -vvv -xX -s 1500 port not 22 ------ filter out port 123 with the full length of the packet, (-s 0) tcpdump -i eth0 -nN -vvv -xX -s 0 port not 22 and port not 123 ------ filter only a certain host say 192.168.5.11 tcpdump -i eth0 -nN -vvv -xX port not 22 and host 192.168.5.11 ------ Collect IP addresses and 20 packets. tcpdump -i eth0 -nN -s 1500 port not 22 -c 20 ------ Watch for DOS attacks, (show only the SYN packets on all interfaces) tcpdump 'tcp[13] & 2 == 2' ================================================== http://oob.freeshell.org/nzwireless/nocat1.html http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux http://bayareafreefi.com http://www.wca.org ================================= iwconfig essid iwconfig eth0 essid tsunami key 3959387282... alias connect='iwconfig eth0 essid tsunami key 495jwkdhj83764' ================================= WAP - Wireless Access Point WPA - Wi-Fi Protected Access PSK - Pre-Shared Key TKIP - Temporal Key Integrity Protocol EAP - Extensible Authentication Protocol EAP-MD5 - MD5-hash-based credentials (poor chice for 802.1x auth in WPA context) EAP-TLS - TLS (descendant of SSL) encrypt. protocol; strong: uses digital certs. PEAP - Protected EAP (Microsoft, weak auth for MD5 and MS-CHAP) MS centric! EAP-TTLS - non-MS drivenalternative to PEAP. LEAP - Cisco Lightweight EAP EAP-SIM - MS's EAP-MSCHAPv2 PKI - Public Key Infrastructure WPA (Protocols) | |---> Authentication: 802.1x | | | |---> EAP-TLS | |---> EAP-MD5 | |---> PEAP | |---> EAP-TTLS | |---> (etc.) | ----> Encryption: TKIP ===== route del route del -net 169.254.0.0 netmask 255.255.0.0 dev eth0 ===== ipcalc i=0; for s in $(seq 0 8 255); do let i=i+1; echo -e "-----> subnet: $i\n"; ipcalc -n 192.168.3.$s/29; done > /tmp/ip-8 i=0; for s in $(seq 0 16 255); do let i=i+1; echo -e "-----> subnet: $i\n"; ipcalc -n 192.168.3.$s/28; done > /tmp/ip-16 i=0; for s in $(seq 0 32 255); do let i=i+1; echo -e "-----> subnet: $i\n"; ipcalc -n 192.168.3.$s/27; done > /tmp/ip-32 =====