Posts

Posted on

How to install cockpit dashboard on older Raspberry Pi 3, running Bookworm

Cockpit dashboard is a convenient dashboard for home user or enthusiasts for monitoring several SOHO servers. It supports multiple Linux based operating system, however there are some caveats in installing in Raspberry Pi 3 as it runs on older Bookworm based operating system.

first your need to add bookworm-backports.

echo "deb http://deb.debian.org/debian ${VERSION_CODENAME}-backports main" | sudo tee /etc/apt/sources.list.d/backports.list

Then you need to configure the keyring

curl -O http://http.us.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2023.4_all.deb 

sudo dpkg -i debian-archive-keyring_2023.4_all.deb

Afterwards, you need to run this combo command to update software packages list

apt update  && apt -y upgrade

Then finally you install cockpit via bookworm-backports

apt install -t bookworm-backports cockpit

After everything is done, you may check cockpit dashboard by going to:
http://<ip address>:9090. and log in using your system username and password.

sample screenshot of cockpit on raspberry pi 3 / bookworm
Posted on

nmap scanning for ip camera in the network

Here’s an nmap snippet for scanning for hidden cctv / ip camera in the network

nmap -sV --script=http-enum,http-title,rtsp-url-brute -p 80,443,554,8000 <ip range>

Or you can write as :

sudo nmap -sV --script=http-enum,http-title,rtsp-url-brute -p 80,443,554,8000 192.168.0.0/24

Make sure you have permission to scan on the network!

Posted on

Getting Rid of /.well-known/traffic-advice 404 errors in nginx web server

It seems Google have implemented private prefetch proxy in Chrome for Android.

The upside of this private prefetch proxy is improved browsing experience for mobile users by reducing waiting time for web pages to load.

The downside is, as web server administrators – you might find a lot of 404 status in your web logs.

To solve this, you could either :

  • Write directive to ignore 404 logs for “traffic-advice”
  • Create “/.well-known/traffic-advice file for each domain and set the file to be served with “application/trafficadvice+json” MIME type [source]

Solution

Luckily, TechTitBits have come up with a convenient solution which only involves adding a few lines in configuration files to enable Chrome for Android prefetched proxy in nginx.

location = /.well-known/traffic-advice {
    types { }
    default_type "application/trafficadvice+json; charset=utf-8";
    return 200 '[{ "user_agent": "prefetch-proxy", "fraction": 1 }]';
}

With this solution, you would only need to add the location block within the server { } context in the site configurations.

Thank you for the tip: Traffic Advice configuration for Nginx

Posted on

Bash code for analyzing web server traffic to determine which ip accessed the web server the most

#!/bin/bash
# Check if a log file was specified
if [ "$#" -ne 1 ]; then
echo "Usage: $0 access.log"
exit 1
fi
LOG_FILE="$1"
if [ ! -f "$LOG_FILE" ]; then
echo "Error: Log file does not exist."
exit 1
fi
TOP_IPS=10
# Analyze the log file to find the top IP addresses
echo "Analyzing the log file to find the top $TOP_IPS IP addresses..."
awk '{print $1}' "$LOG_FILE" | sort | uniq -c | sort -nr | head -n "$TOP_IPS" | awk '{print "IP: " $2 ", Access Count: " $1}'
view raw nginxlogip.sh hosted with ❤ by GitHub

This handy script is useful for webserver traffic analysis task. It can be use to detect abusive IP address or spambots which accesses the webserver.

ystem administrators can utilize the generated list of IP addresses to enhance webserver security by blocking those IPs deemed potentially harmful or suspicious.

sample screenshot of cockpit on raspberry pi 3 / bookworm
sample screenshot of cockpit on raspberry pi 3 / bookworm