Posts

Posted on

Keeping Things Private – Stripping JPEG Metadata

There are more things than we know that can be revealed by your JPEG EXIF metadata such as the type of camera you use, aperture settings, the type of focus, lens type and even the location of the picture taken that might compromise the privacy of the persons or locations depicted in the photograph.

Mypapit EXIF data gnome

One of the things that we can do to is to strip away the information from JPEG files before uploading them to the internet, by using exiftool or jhead.

Exiftool
Install libimage-exiftool-perl
sudo apt-get install libimage-exiftool-perl

and by running the command
exiftool -all= *.jpg

jhead
Install jhead package:
sudo apt-get install jhead

and by running the command
jhead -purejpg /path/to/*.jpg

Posted on

Howto solve ssh_exchange_identification: Connection closed by remote host error

I’ve keep getting the message “ssh_exchange_identification: Connection closed by remote host error” after I managed to finalized my CRUX linux on my decTOP box today. After enough looking into documentations, I finally found out that I need to edit the “/etc/hosts.allow” file to allow SSH connection, for example:


#/etc/hosts.allow
sshd:ALL

or for more conservative setting


#/etc/hosts.allow
sshd:LOCAL
sshd:192.168.1.0/255.255.255.0

I can connect ssh to my box normally after that.

Posted on

Video: Cracking Wifi WEP Keys using Backtrack 4 and aircrack-ng

Here’s a video showing you how to crack Wireless WEP keys using Backtrack 4 and aircrack-ng.

Additionally, you need a compatible wireless adapter or compatible wireless chipset which can be used with aircrack-ng.

Here are the list of the best wireless cards to use(according to aircrack-ng wiki):

Good luck!

Posted on

Howto make SSH listens on multiple port

Although it is a security risks, it is possible to make OpenSSH listens on multiple port.

To do that, you need to edit /etc/ssh/sshd_config file. and enable the “GatewayPorts” option.

AllowTcpForwarding no
GatewayPorts yes
X11Forwarding no
#X11DisplayOffset 10

Look for the line that contain “Port 22”, and uncomment it if necessary, and add additional Port line to enable OpenSSH to listen to other ports. Like this:

Port 22
Port 80
Port 1025

The example will enable OpenSSH to listen to port 22,80,1025 simultaneously. Don’t forget to restart SSH service to enable the change by running :

sudo /etc/inet.d/sshd restart

Warning: Running SSH on multiple port may cause security risk, you have been warned!

Recommended Reading

Posted on

How to change Linux I/O Scheduler during runtime

This post describes the steps on how to change the Linux I/O scheduler dynamically while running a Linux operating system. You can refer to the previous post on the explanation of the differences of Linux I/O schedulers.

I/O schedulers determine how disk read/write are managed by the Linux kernel. Changing I/O scheduler requires you to know the name of your block device. So assuming your disk drive is “sda”, you can change the I/O scheduler using this command.


sudo echo noop > /sysfs/block/sda/queue/scheduler

This will change “sda” disk scheduler to NOOP, which is suitable for SSD drive. To display the current i/o scheduler, you only need to run this command.

cat /sysfs/block/sda/queue/scheduler
anticipatory deadline cfq [noop]

Note that, you will need to run this command each time you reboot or switch on your machine. In order to make the change permanent, you need to edit /etc/sysfs.conf and add “block/sda/queue/scheduler = noop” at the end of the file.

Posted on

Easy File Encryption On Ubuntu Linux with OpenSSL

Here’s an easy way to encrypt your file using OpenSSL. The general syntax is:


openssl enc (cipher) -e -in (input file) -out (output file)

so to encrypt a “plaintext.txt” file, using aes256, you only need to run this command:

openssl enc aes256 -e -in plaintext.txt -out encrypted.txt

Similarly, to decrypt the file, you can run the command:

openssl enc aes256 -d -in encrypted.txt -out decrypted.txt