Linux: October 2014 Archives

Extract Audio from VoIP PCAP

user-pic
By Pank on October 16, 2014 5:56 PM Vote 0 Votes

環境是 Linux
工具準備 pcapsipdump, sox
pcapsipdump 可以將單一個 pcap 檔拆分成每通電話的 pcap
但是若封包裡面有 802.1Q VLAN header, 會造成 pcapsipdump 無法正常工作,
可以用 tcprewrite --enet-vlan=del 將 VLAN Tag 移除
(tcprewrite 在 tcpreplay 套件裡面)
pcap2mp3.sh 這支 script 我參考了 Converting RTP in pcap to Audio Wav files 再做一些修改.
原始的 script 沒有考慮到雙向, 一通完整的電話封包有雙向的音訊, 可以截取出兩個檔.
原理是用 tshark 讀出雙向的 rtp.ssrc, 再分別處理, 取出 rtp.payload 的 HEX code, 再變成 raw file,
用 sox 轉成 wav, 最後再用 sox remix 成一個 MP3

BIND 9.10 Support RRL

user-pic
By Pank on October 15, 2014 12:12 PM Vote 0 Votes

BIND 9.10 以後的版本已經支援 RRL (Response Rate Limiting), 不用 Patch 了!
這可以有效防範 DNS amplification attack

ref. BIND 9.10 New Features

IPIP tunnels and GRE tunnels

user-pic
By Pank on October 7, 2014 3:33 PM Vote 0 Votes

IPIP tunnels and GRE tunnels 的差異在於 IPIP tunnel 只能跑 IP unicast,
GRE tunnels 可以跑任何 L3 協定, 即 GRE tunnels 的功能性大於 IPIP tunnel
IPIP tunnels 封包前加了 Outer IP Header, GRE tunnels 封包前加了 Outer IP Header 及 GRE Header

Linux 上的兩者設定方式很像, 設定範例
Site A IP 121.xx.xx.xx
Site B IP 203.xx.xx.xx

IPIP tunnels
Site A command:
modprobe ipip
ip tunnel add ipiptun mode ipip local 121.xx.xx.xx remote 203.xx.xx.xx ttl 64 dev eth0
ip addr add dev ipiptun 172.17.1.1 peer 172.17.1.2/32
ip link set dev ipiptun up

Site B command:
modprobe ipip
ip tunnel add ipiptun mode ipip local 203.xx.xx.xx remote 121.xx.xx.xx ttl 64 dev eth0
ip addr add dev ipiptun 172.17.1.2 peer 172.17.1.1/32
ip link set dev ipiptun up

GRE tunnels
Site A command:
modprobe ip_gre
ip tunnel add gretun mode gre local 121.xx.xx.xx remote 203.xx.xx.xx ttl 64 dev eth0
ip addr add dev gretun 172.17.1.1 peer 172.17.1.2/32
ip link set dev gretun up

Site B command:
modprobe ip_gre
ip tunnel add gretun mode gre local 203.xx.xx.xx remote 121.xx.xx.xx ttl 64 dev eth0
ip addr add dev gretun 172.17.1.2 peer 172.17.1.1/32
ip link set dev gretun up

ref. tunneling

EoIP for Linux

user-pic
By Pank on October 7, 2014 12:38 PM Vote 0 Votes

EoIP 是 MikroTik proprietary protocol, 在 RouterBoard 都可以看到
linux-eoip 是相容的程式 for Linux
設定 eoip.cfg 很簡單, 指定 id 及對方 IP 即可

[zeoip0]
id=123
dst=xxx.xxx.xxx.xxx

eoip eoio.cfg 啟動
zeoip0 可以綁 IP
再搭配 Bridge 可以讓兩邊的網路 L2 透通

BASH Shellshock Update Script

user-pic
By Pank on October 3, 2014 2:38 PM Vote 0 Votes

http://pank.org/ftp/linux/bash43.sh
此 Script 是抓 Source + Patch 來編, 應該是適用所有平台
BASH Shellshok 漏洞爆出後, 陸續爆出 CVE, 9/24 ~ 10/2 就出了 5 個 Patch
bash43-025 ~ bash43-029
應該還會繼續增加

更新完再測試一下
x='() { :;}; echo vulnerable' bash -c "echo this is a test"

有新的 Patch 出來, 這個 Script 仍舊適用

Create Entry
« Linux: September 2014 | Blog Home | Archives | Linux: January 2015 »

Recent Entries

Recent Comments

About this Archive

This page is an archive of entries in the Linux category from October 2014.

Linux: September 2014 is the previous archive.

Linux: January 2015 is the next archive.

Find recent content on the main index or look in the archives to find all content.

Linux: Monthly Archives

Categories

Monthly Archives