Posts

Showing posts from February, 2022

https://www.vultr.com

The Everywhere Cloud

Deploy an instance.
Accelerate your application.


Monitoring network traffic with tcpdump

Image
The following procedure demonstrates how to use tcpdump to sniff and log packets going in and out of a machine's network interfaces. ========== 1. Identify the network interfaces available. user@host: $ tcpdump --list-interfaces 1.wlp6s0 [Up, Running] 2.lo [Up, Running, Loopback] 3.any (Pseudo-device that captures on all interfaces) [Up, Running] 4.enp5s0 [Up] 2. Set the sniffing tool to listen on a network interface for packets and send the output to a file for easy review later. 2.1. To and from a target port, such as HTTP, regardless of host. user@host: $ sudo tcpdump -A -i any -l -s 0 -vvv tcp port 80 > mytcpdumpout.txt 2>&1 2.2. To and from a target host, regardless of port. user@host: $  sudo tcpdump -A -i any -l -s 0 -vvv host nameOfMachine > mytcpdumpout.txt 2>&1 2.3. The flags used to adjust the behavior of tcpdump are as follows. [ -A ] prints packets in ASCII format and make them readable, excluding data link layer headers. [ -i any ] captures packets

Accessing the GlobalProtect VPN via Terminal

Image
The following procedure demonstrates how to connect to the GlobalProtect VPN via command-line terminals. ========== 1. Install openconnect (at least version 8) and dnsmasq. 1.1. Debian-based Linux user@host: $ sudo apt-get update user@host: $ sudo apt-get install openconnect dnsmasq 2. Make a simple shell script to automate the login. #!/bin/sh #BEGIN CODE with the shebang above. user=`whoami`; if [ $user != "root" ]; then echo "sudo required"; exit; fi echo -n "VPN_PASSWORD" | sudo openconnect --protocol=gp --user=VPN_USERNAME --passwd-on-stdin https://VPN_DOMAIN_NAME #END CODE 3. Save the shell script and execute. 3.1. Using the shell command. user@host: $ sh myshellscript.sh 3.2. By itself after changing the mode to executable. user@host: $ chmod +x myshellscript.sh user@host: $ ./myshellscript.sh ==========

Using cURL for response timing

Image
cURL is a command-line tool that connects to a uniform resource locator (URL) for data transfer. Although this tool is commonly used to quickly check if websites are up and running, it can also be used to time the response of services. This may help administrators gather data for analysis to match against baseline response times for performance tuning. cURL has many options or flags available to adjust its behavior. For the purpose of timing, the following flags shall be utilized. [ -k ] tells cURL to disable peer verification of the SSL/TLS certificate. This is useful for connecting to URLs that have  self-signed certificates . [ -s ] tells cURL to operate in silent mode. This suppresses standard error messages and the progress meter. [ -o /dev/null ] tells cURL to dump its standard output to the null device. All messages are effectively discarded and no output file is produced. [ -w '%{time_total}\n' ] tells cURL to write the declared variables to standard output after all tr