IPTables: Filtering by MAC Address

If we want filter a MAC in our firewall, we can use IPTables to this. For example, if we want to filter a MAC like 00:12:8D:EE:6E:AB (Must type the MAC with this format -> HH:HH:HH:HH:HH:HH) and deny their access to our Firewall we can put type this:

iptables -A INPUT -m -mac --mac-source 00:12:8D:EE:6E:AB -j DROP

Also, we can use the ! operator, wich inverts the operation, for example, if we type:

iptables -A INPUT -m -mac --mac-source ! 00:12:8D:EE:6E:AB -j DROP

All the packets will be dropped, except the packets from 00:12:8D:EE:6E:AB MAC.

Burning CD from Linux console

I founded this great link about making CD images, burning images, etc. The text use APT to install some applications, but you can install it manually.

http://ftp.cl.debian.org/man-es/…

How to install XFCE4 on Debian

I installed using a 3.1 version (Sarge), but i upgraded to 4.0 Etch. Then, i needed to install a light window manager in my old computer (Athlon 1GHZ). XFCE is one of the most important and i have wanted to try it for a long time!.

Then, lets play . The first, you will need some packages to install it. You can obtain it using APT.

First, make sure you’ve the following:

• GCC (GNU C/C++ compiler, 4.2.0 is the last version at this time)
• bzip2 data compressor
• libgtk2.0-dev (GTK+ runtime libraries)
• libxpm-dev
• libsm-dev
• libice-dev
• pkg-config (It’s a tool to manage and compile libraries)

Before you install (or not!) this packages, download the last version of the XFCE installer from a mirror (Like SourceForge.net -> XFCE on SF). You can use “wget” to download to your hard drive. At the time of this writing, the last version is 4.4.1, and the installer file have this name -> xfce4-4.4.1-installer.run.

The final step its too easy. Simply, log with “root” or use “sudo” command, and type this:

./xfce4-4.4RC2-installer.run

Before this, the package will be uncompressed (Showing dots in the screen..), and will show a screen with a welcome message, like a typical assistant.

At this point, you only must follow the instructions and XFCE will be installed on your system .

I had some issues during the installation. One of them, shows something like this error.

(installer-gui:3721): Gtk-WARNING **: cannot open display:

To solve this, make sure your GTK+ runtime libraries, are > 2.0 version. Try this command “apt-get install-f libgtk2.0-dev”

I’d other error, which shows this message after much more “warnings” about fonts.

could not open default font ‘fixed‘

To solve this, type “apt-get install xfonts-base”.

Before this, you can start XFCE typing “startxfce4″.

Enjoy your new desktop !

 

How to: Installing GRUB

GRUB is one of the most important OS loader. I think it’s very simply and useful, but we must know some tricks to install and configure in our hard drive.

In GRUB the drives are called hd0, hd1, hd2, … For example, if have a single disk, their name will be “hd0″.

To install it, first, we go to GRUB 2 download page and download it (In a floppy disk or pendrive, for example). After this, and our directory /boot its on a independent partition, we type this (With root rights):

/sbin/grub-install –root-directory=/boot /dev/hda 

If we’ve all directories in / (Or something like / and /home partitions), we must type:

/sbin/grub-install /dev/hda

It’s very simply!

If we want configure our GRUB, we need edit the file “/boot/grub/menu.lst”. In this file we’ve some examples of GRUB configuration. Usally, we can use something like this:

title           Debian GNU/Linux, kernel 2.4.27-2-386
root            (hd0,1)
kernel          /boot/vmlinuz-2.4.27-2-386 root=/dev/hda2 ro
initrd          /boot/initrd.img-2.4.27-2-386
savedefault
boot

Title = Only a title to know the OS which will load in that option.

root = Show the partition wich is installed. In this example, Debian are installed in the first drive of the system (hd0), and the second partition (1).

kernel = Have the path of the kernel of the OS.  The first parameter have the path of the kernel file in the disk. The second parameter have the partition disk which is installed the kernel, and the third (“ro”)  means,”read only”.

initrd = Shows the kernel image path. Usally have the same path than the kernel line.

boot = When GRUB read this, it launch the OS according the kernel path and parameters we put.

On more thing. To load a Windows system we must type this in  “/boot/grub/menu.lst”:

title           Microsoft Windows OS
root            (hd0,0)
savedefault
makeactive
chainloader     +1

Supposing you’ve the Windows partition in the first drive (hd0), and the first partition (0).

See you.

APT basic commands

I’m testing Debian (The best distro ) 4.0 “Etch” in one computer of my LAN, and i decided to do a quick commands list about APT.

To install a package:

• apt-get install [package_name]

Reinstalling a package:

• apt-get –reinstall install [package_name]

Removing a package (Will remove all the dependencies of the package):

• apt-get remove [package_name]

Removing a package, and delete ALL about the package (Configuration files, doc files, etc):

• apt-get –purge remove [package_name]

Updating the APT source list (/etc/apt/sources.list )

• apt-get update

Upgrading our packages to the last know version:

• apt-get -u upgrade

Upgrading our distro version:

• apt-get -u dist-upgrade

Searching a package:

• apt-cache search [name]

There’s much more commands and options in APT, if you need a specific option, look the official APT doc.

See you Debianitas

How to use “runas” utility

Much people use an administrator account everyday… but they probably dont know, that it is a dangerous use in our system For example, some sypware, trojans and “bad software” uses administrator privileges to have access to the internal Windows system files. Okey, we’ve the solution to this. You must use your system running as a limited user, and using “runas” command to install and manage applications.

But, What is “runas”? Is a Windows utility which allows run a program using the rights of other system user, like administrator.

I’ll show here, a examples of use of runas command.

If we want to execute an application or install it, we must type this:

runas /user:[admin_account] [app_dir]

For example, if we want install a program wich installer is on a “C:\myApp\” directory and our administrator user is called “MeAdmin”we must type this:

runas /user:MeAdmin C:\myApp\install.exe

Before this, we will type the administrator password, and the setup will run with administrator privileges.

I you need for example, use de MMC console, you can run as administrator too

runas /user:administrator mmc.exe

And my favourite trick, consists in obtain a CMD of the admin user, which we will be able have total access to our system with all privileges. In this command, i included the computer name. This is very important if we’re using a Workgroup.

runas /user:MyComputer\administrator cmd.exe

All this command looks good… but, some people hates command terminals like CMD (MS-DOS), *NIX shell, etc. Don’t worry, we can launch applications using “runas” from our desktop. Just do right clickwhile you’re pressing shift over the executable you choose, and select “Run as…” option. A window like this (i’m using a Spanish Windows XP) will be open:

 

 

Type the administrator (Or another account with admin privileges) and click Accept.

 

Changing an account password [Win]

Open a command terminal (go to Start -> execute and type cmd.exe).

Now, in the terminal type:

net user [account_name] *

Now the system will ask about the new password. To do this, you need administrative privilegies.

Respawning “La Fonera”

Today i was “playing” with my Fonera, and… suddenly it freezes! … I tried to recover it, pushing the Reset button (at Bottom of the Fonera), but didn’t work . Afortunately i founded some information to recover it, but only one works.

This is the steps i followed:

1. Switch on “La Fonera” and wait few minuts (2 aprox)
2. Hold reset button push, until the WLAN and INTERNET leds, turn off (take some time!)
3. Just the central LED switch on, free and hold reset button again over 10 seconds.
4. Unplug the ethernet wire
5. Unplug the current (AC) wire
6. Before this, plug the current wire (Without the ethernet wire!!!)
7. Now, you should connect to your fonera again without any problem.

This is all i did to respawn my Fonera

About “La Fonera”

Hi! I received my Fonera some time ago, but i installed it yesterday. The default “La Fonera” firmware doesn’t allow you, to access to their internal Linux, and it sucks! . Don’t worry i did a simple google search to find the solution … This solution consists to install DD-WRT. What is DD-WRT?, You should maybe read this website [dd-wrt.com]. Basically its a free firmware which bring the chance of use software like Aircrack, use our Fonera like an wireless repeater, and more funny functions.

When i’ve played more with my Fonera i’ll comment here! See u

How To:LAN Firewall with IPTables (II)

Continuing the last post, we’re going to begin the IPTables script to do our basic home firewall.

I suppose that you know the basic rules of BASH scripting, but if dont, i recommend to read this link.

The first step, consists in create the network variables, which store the information (The IP) about a host of the network. This is an example:

## !/bin/bash
## Basic IPTables firewall script
## By CaZa
## jun, 20, 2007
## alberto1337[at]gmail[dot]com

###################################
## Host and interfaces variables ##
###################################
#The card connected to the DSL/cable Router
WAN=”eth1″
#The card connected to the switch
LAN=”eth0″
#client hosts of our network
host1=”192.168.0.10″
host2=”192.168.0.5″

We can define variables for each one computer of our network or interfaces, this isn’t necessary, but its very recommended. Before this, its very important reset the current IPTables rules. To “flash”, put this in the script:

iptables -F #delete all chain rules
iptables -X #Delete all user defined rules
iptables -Z
iptables -t nat -F
iptables -t nat -X
iptables -t nat -Z

 

The next step, is probably the most important of our script. Here, we set the default policy of the firewall. There are two options:

1. Restrictive policy (All deny, except those services we need)
2. Permissive policy (All allow, except those services we conside)

The first, its most secure, but its more complex than the first. I’ve always use the first, and its the policy i’ll use to do this script.

To do this, type:

#Set the default I/O and forward policies

IPTABLES -P INPUT DROP
IPTABLES -P OUTPUT DROP
IPTABLES -P FORWARD DROP

If we execute the script in this moment, all the connections that try to join in, will be refused. In the next step we will open the necessary ports to use basic services, like http, ftp, etc.

After this, we must put a chain to forward the incoming packets from the LAN to internet and the second line its necessay to NAT
#The [IP]/24 in the IP its to define the Subnet mask.

iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

Finally, we can apply now the rules for services we want .

#This allows traffic at the port 80 (For example if you have apache on the server u need it) and forward web traffic to the LAN
iptables -A INPUT -p tcp -m tcp –dport 80 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -p tcp -m tcp –sport 80 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -p tcp -m tcp –dport 80 -j ACCEPT

#Allows FTP traffic
iptables -A FORWARD -s 192.168.0.0/24 -p tcp -m tcp –sport 21 -j ACCEPT
iptables -A FORWARD -d 192.168.0.0/24 -p tcp -m tcp –dport 21 -j ACCEPT

This is a very basic example of a “DROP policy” firewall, but i think its enough to do a good firewall between our LAN and Internet .

I’ll comment in other articles other IPTables commands to create our own rules and some more things. But, if you need more information NOW, look this webpages: [IPTables tutorial] and [doc_IPTables by Pello]

See you!