Tag Archives: ubuntu

Trying out Windows Subsystem for Linux on Windows 10.

It is on… Trying out the … scary co-inhabitant partnership that currently is undergoing a beta period.
installingubuntu

Point here is (according to a terrible video by MS) is that it is “brand new”. They seem to have forgotten their old subsystem for UNIX, that was.. horrid – and not even close to something that at least today should be able to touch production machines.

However.. They did stress quite a lot that it is still beta, and only a small subset of actual syscalls via the “adapter” works against the NT Kernel.
No suprises there at all. We will see how many they might be able to cover, and if it might even be proven to gain any kind of trust.

For the real world – the primary claim is that it will work perfectly for developers etc.. I would say it would prolly work as at best a better approach than pulling out resources for a virtual machine.

They seem to take pride in that it will share the current network stack – that we all know is fracked from the beginning. Windows can barely handle anything in this sense, and workload, no – this is only for simple tasks, and a easier way on a local machine to get you hopefully at least the normal GNU toolset to work out of the box.

bashrunning

At least – getting it to run is easy.

To get this horrid beta on your machine – first you need to grab a beer. Then some coffee, then I would say either a bottle of whiskey or a energy drink.

Step by step …

1 – Jump onto your windows 10 box, login, grab the first beer.
2 – register for Windows Insider Previews
3 – dig into the updates and advanced settings, input your account details for the preview
4 – guessing a reboot, and a new beer.
5 – now, go back to the insider preview part in updates – adjust the slider to the outer dangerous position. Grab coffee or whiskey..
6 – reboot – refill drink
7 – Reboot a couple of more times
8 – Apply all the patches, reboot
9 – Do all the logins, verify that your screen is now filled in the lower right corner with at least build number 14332
10 – grab the turn windows features on and off – locate the magical new windows subsystem for linux (beta)
11 – reboot
12 – login again, grab a new drink
13 – punch in bash and accept the canonical licence if you dare, create a local account
14 – grab hopefully that last drink
15 – wait for it to download the ubuntu data, from the microsoft market…
16 – wait for it..
17 – WE HAVE ARRIVED.
topinbash

(PS – Seems like they fixed top, kinda – DS.)

Toy around. Enjoy – destroy – and remember – even if this leaves beta – we rely on the NT Kernel, The underlying windows features – Windows networkstack – and the permission of Microsoft to use our software…

kernel: Neighbour table overflow

This issues is related to a bit too many arp-entries (in ie – a router).
If you’re for instance having bittorrent traffic doing all those arp’s, you’ll end up with a lot of
entries in your logs. Also, it’s a performance issue later on, since you’ll have problem flushing
and creating new connections to ip’s not listed in the arp already.

Example log:

 kernel: Neighbour table overflow.
  kernel: printk: 100 messages suppressed.
  kernel: Neighbour table overflow.
  kernel: printk: 151 messages suppressed.
  kernel: Neighbour table overflow.

To the solution:

start with doing a couple of arp -anv, or by someother means check your concurrent connections.

Next up (example)

echo 2048 > /proc/sys/net/ipv4/neigh/default/gc_thresh1
echo 3072 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh3 

By default, you will have (a guess) a value of 128 in gc_thresh1 and *2 for thresh2 (256) and *2 for thresh3 (512).

Set your limits with how many concurrent connections your hardware and software can handle.

Now, if you’re running something like zeroshell, add the echo-parts into your startup-scripts.
Otherwise, I’d recommend that this is added as a if-up.d script or it’s relevant counterpart.

openvas 3.1.x “bundle” on ubuntu 10.04

Two versions, one is the classic one, the other contains a bunch of ‘new stuff’.

#!/bin/bash
#make me as a [name.sh] and do me a chmod +x [name.sh]
#Ran on ubu 10.04
#Run as root (ie - sudo -i )

#classic
cd $HOME
wget http://wald.intevation.org/frs/download.php/767/openvas-libraries-3.1.2.tar.gz
wget http://wald.intevation.org/frs/download.php/754/openvas-scanner-3.1.0.tar.gz
wget http://wald.intevation.org/frs/download.php/757/openvas-client-3.0.1.tar.gz

gunzip -d $HOME/openvas*.gz
tar -xvvf $HOME/openvas-libraries-3.1.2.tar
tar -xvvf $HOME/openvas-scanner-3.1.0.tar
##tar -xvvf $HOME/openvas-client-3.0.1.tar

apt-get install -y build-essential libgtk2.0-dev libglib2.0-dev libssl-dev htmldoc libgnutls-dev libpcap0.8-dev bison libgpgme11-dev libsmbclient-dev snmp pnscan cmake uuid uuid-dev libgtk2.0-dev

#libraries --
$HOME/openvas-libraries-3.1.2/./configure 
$HOME/openvas-libraries-3.1.2/./make 
$HOME/openvas-libraries-3.1.2/./make install
echo "include /usr/local/lib" >> /etc/ld.so.conf && ldconfig

#scanner
$HOME/openvas-scanner-3.1.0/./configure  
$HOME/openvas-scanner-3.1.0/./make 
$HOME/openvas-scanner-3.1.0/./make install

##client
##$HOME/openvas-client-3.0.1/./configure 
##$HOME/openvas-client-3.0.1/./make 
##$HOME/openvas-client-3.0.1/./make install

// second full is wip. (or, just work it out yourself…);

#manual fix

#!/bin/bash
#full
wget http://wald.intevation.org/frs/download.php/767/openvas-libraries-3.1.2.tar.gz
wget http://wald.intevation.org/frs/download.php/754/openvas-scanner-3.1.0.tar.gz
wget http://wald.intevation.org/frs/download.php/757/openvas-client-3.0.1.tar.gz
wget http://wald.intevation.org/frs/download.php/773/openvas-manager-1.0.2.tar.gz
wget http://wald.intevation.org/frs/download.php/774/greenbone-security-assistant-1.0.2.tar.gz
wget http://wald.intevation.org/frs/download.php/766/openvas-cli-1.0.0.tar.gz
wget http://wald.intevation.org/frs/download.php/739/openvas-administrator-0.9.0.tar.gz
wget http://wald.intevation.org/frs/download.php/771/gsa-desktop-0.2.0.tar.gz

https://wald.intevation.org/tracker/index.php?func=detail&aid=1079&group_id=29&atid=exit
220

apt-get install uuid uuid-dev libgtk2.0-dev

after libs:
^? Be sure to add /usr/local/lib in /etc/ld.so.conf and type ‘ldconfig’
echo “include /usr/local/lib/*.conf” >> /etc/ld.so.conf
ldconfig

openvassd

OpenVas-Client

gsa-desktop 0.2.0
apt-get install libqt4-dev

openvas ubuntu (9.10) -install

“Easy” way of installing. Based on 3.0.x of openvas, contains the needed dependencies.

#!/bin/bash
#make me as a [name.sh] and do me a chmod +x [name.sh]
#Ran on ubu 9.10
#Run as root (ie - sudo -i )

cd $HOME

wget http://wald.intevation.org/frs/download.php/729/openvas-libraries-3.0.5.tar.gz
wget http://wald.intevation.org/frs/download.php/724/openvas-scanner-3.0.2.tar.gz
##wget http://wald.intevation.org/frs/download.php/685/openvas-client-3.0.0.tar.gz

gunzip -d $HOME/openvas*.gz
tar -xvvf $HOME/openvas-libraries-3.0.5.tar
tar -xvvf $HOME/openvas-scanner-3.0.2.tar
##tar -xvvf $HOME/openvas-client-3.0.0.tar

apt-get install -y build-essential libgtk2.0-dev libglib2.0-dev libssl-dev htmldoc libgnutls-dev libpcap0.8-dev bison libgpgme11-dev libsmbclient-dev snmp pnscan cmake

#libraries --
$HOME/openvas-libraries-3.0.5/./configure && make && make install
echo "include /usr/local/lib" >> /etc/ld.so.conf && ldconfig

#scanner
$HOME/openvas-scanner-3.0.2/./configure && make && make install

##client
##$HOME/openvas-client-3.0.0/./configure && make && make install

#manual fix

#vim /usr/local/sbin/openvas-nvt-sync
#change: SYNC_TMP_DIR='mktemp -d openvas-nvt-sync'
#into: SYNC_TMP_DIR='mktemp -d openvas-nvt-sync.XXXXXXXXXX -t'

#run as root:
#openvas-mkcert
#openvas-adduser
# Install the client on prefered system - client depends on the libraries as well.
exit