This is a simple setup guide to enabling Two Factor Authentication (2FA) on Linux SSH login. I this article I wont go deep into setup and issues that I have faced when implementing this. First thing is first Update your system first. I have used Ubuntu 20.04 and it is always up to date. To enable 2FA you need to install google authenticator modules sudo apt install libpam-google-authenticator Configuration for PAM and SSHD Add the the following line to /etc/pam.d/sshd and After adding this line please restart the sshd services. auth required pam_google_authenticator.so Go to /etc/ssh/sshd_config and check if the following line exist. Default value will be "no" so change it to "yes" to activate. ChallengeResponseAuthentication yes Configuration for Authenticator In the terminal run google authenticator command It will ask few things to acknowledge by user. Details you can see from the below video. Once this part is done you are ready to use the 2FA in ubuntu. T...
What is NMAP & use of it?
Basically NMAP is a free security scanner and a network mapper mainly used by system administrators, hackers , pentesters and etc. These are few use cases of NMAP and there are tons of ways to use NMAP.
- Finding hosts in the network
- ports used by hosts and its status
- Finding vulnerabilities
- Information on versions and OS used
Basic NMAP Scan
nmap -sP 192.168.1.0/24
Ping multiple host to check if the hosts are alive or not
Screen capture of scan |
TCP scan (full open scan)
nmap -sT 192.168.1.9
This is a TCP connect scan. TCP connections are done with a 3 way
handshake
Stealth Mode Scan (Half open scan)
namp -sS 192.168.1.9
This is known as SYN scan / Half open scan / Stealth scan
OS detection scan
namp -O 192.168.1.6
With this command you can get which OS the system is running. Example: Windows, Linux, Android etc.
NMAP with OS detection, traceroute, host discovery and more
nmap -A 192.168.1.6
This is aggressive scan and do not use these commands on unauthorized networks. From this command you can get version informations, OS detection , traceroutes and ports status etc..
NMAP Scripts
nmap --script exploit 192.168.1.6
With NMAP script can be run to check vulnerabilities, exploits and much more. Details of scripts listed in official NMAP page and full list of attributes details are listed on the page.
If you are in a linux box just type
man nmap
to view the manual of NMAP.Output to a File
nmap -oN dump.txt 192.168.1.6
You can dump all the scans using this method. So you can refer later.
Reading host from file
nmap -iL targets.txt
In Order to use this command you have to first create a file with list of targets as follows
192.168.1.6
192.168.1.2
192.168.1.8
Like the above you can enter a list of IP's to a file and save it. Then once you execute the command the scan starts by reading hosts from the file. This method is easy if you have multiple IP's or different subnets to scan.
Reference
https://explainshell.com/ - This website will explain the commands in details
https://www.guru99.com/tcp-vs-udp-understanding-the-difference.html - TCP vs UDP explained
Comments