Posts

Posted on

Setting Up a SOCKS5 Proxy with Authentication on Ubuntu 22.04.4

Setting up a SOCKS5 proxy with authentication on Ubuntu 22.04.4 involves several steps, including installing the necessary software, configuring the proxy, and setting up authentication. Here’s a step-by-step guide:

Step 1: Update Your System

First, ensure your system is up to date by running:

# sudo apt update && sudo apt upgrade -y

Step 2: Install dante-server

Dante is a popular SOCKS proxy server. Install it using the following command:

# sudo apt install dante-server -y

Step 3: Configure dante-server

Create and edit the Dante server configuration file:

# sudo nano /etc/danted.conf

Replace the contents of the file with the following configuration:

logoutput: syslog
user.privileged: root
user.unprivileged: nobody

# The listening network interface or address.
internal: 0.0.0.0 port=1080

# The proxying network interface or address.
external: eno1

# socks-rules determine what is proxied through the external interface.
socksmethod: username

# client-rules determine who can connect to the internal interface.
clientmethod: none

client pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
}

socks pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
  • internal: Interface to listen on and the port number (e.g., eth0 and 1080).
  • external: Interface to use for outgoing traffic (e.g., eth0).

Adjust eth0 to your network interface name if different.

Step 4: Set Up User Authentication

Add users for proxy authentication. Use the following command to create a user (replace username with your desired username):

# sudo adduser username

Follow the prompts to set a password.

Step 5: Enable and Start the dante-server

Enable and start the Dante service using the following commands:

sudo systemctl enable danted
sudo systemctl start danted

Step 6: Verify the Proxy Server

To ensure the proxy server is running, use the following command:

sudo systemctl status danted

You should see output indicating that the service is active and running.

Step 7: Configure Firewall (Optional)

If you have a firewall enabled, allow traffic on the SOCKS5 port (e.g., 1080):

sudo ufw allow 1080/tcp
sudo ufw allow 1080/udp

Testing the SOCKS5 Proxy

To test the proxy server, you can use tools like curl. Replace username and password with the credentials you created:

curl -x socks5://username:password@your_server_ip:1080 http://ipinfo.io

You should see output with your server’s IP address.

Additional Security Measures

  1. Firewall Rules: Restrict access to the proxy server to specific IP addresses if needed.
  2. Logging: Configure logging to monitor usage and detect any potential issues.

Conclusion

Following these steps will set up a SOCKS5 proxy with authentication on Ubuntu 22.04.4. Ensure to keep the system and dante-server updated for security and performance improvements.

Posted on

Enabling Automatic Security Updates on Ubuntu 22

Security is a paramount concern for any software developer or system administrator. As such, keeping your system updated with the latest security patches is a critical step in safeguarding your infrastructure. Ubuntu, being one of the most popular Linux distributions, provides a streamlined way to manage these updates automatically. This article will guide you through the process of enabling automatic security updates on Ubuntu 22, ensuring that your system remains secure with minimal manual intervention.

Understanding the Unattended-Upgrades Package

Ubuntu leverages the unattended-upgrades package to manage automatic updates. This package can be configured to automatically install security updates, and, if required, update packages from other repositories as well. To ensure a seamless update process, it’s essential to install and configure this package properly.

Installation of Unattended-Upgrades

To begin, you must install the unattended-upgrades package if it’s not already present on your system. Open your terminal and execute the following command:

sudo apt-get install unattended-upgrades

Configuring Automatic Security Updates

After installation, you need to configure the package to handle security updates. The configuration file for unattended-upgrades is located at /etc/apt/apt.conf.d/50unattended-upgrades. You can edit this file using your preferred text editor, such as nano or vim:

sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

Inside the configuration file, ensure that the following lines are present and uncommented to enable security updates:

Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}-security";
};

This setting ensures that the package only installs updates from the security repository.

Scheduling the Update Frequency

The frequency of the updates can be controlled through the /etc/apt/apt.conf.d/20auto-upgrades file. Edit this file to set the update interval:

sudo nano /etc/apt/apt.conf.d/20auto-upgrades

Add or modify the following lines to set the frequency of updates:

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";

The above configuration will check for updates daily and clean up downloaded packages every week.

Monitoring Automatic Updates

Once configured, unattended-upgrades will run automatically. However, it’s good practice to monitor the logs to ensure that updates are being applied successfully. Logs for unattended upgrades can be found in /var/log/unattended-upgrades.

Conclusion and Next Steps

By enabling automatic security updates on Ubuntu, you reduce the risk of security vulnerabilities that could compromise your system. Automating this process allows you to focus on developing and maintaining your applications without the constant worry of manual updates.

Posted on

Bypass Windows 11 Internet Connection Requirement

To install Windows 11 (version 22H2 or 21H2) without an internet connection, use these steps:

  1. Start the PC with the Windows 11 USB flash drive.
  2. Press any key to continue.
  3. Click the Next button.
  4. Click the Install now button.
  5. lick the “I don’t have a product key” option if you are doing a reinstallation. If the Windows 11 installation were previously activated after the installation, reactivation would happen automatically.
  6. Select the edition of “Windows 11” that your license key activates (if applicable).
  7. Check the “I accept the license terms” option.
  8. Click the Next button.
  9. Select the “Custom: Install Windows only (advanced)” option.
  10. Select each partition in the hard drive you want to install Windows 11 and click the Delete button. (Usually, the “Drive 0” is the drive that contains all the installation files.)
    Note: It is recommended to delete ALL partitions on drive 0 and let Windows re-partition your system for you.
  11. Select the hard drive (Drive 0 Unallocated Space) to install Windows 11
  12. Click the Next button.
  13. Select your region setting after the installation on the first page of the out-of-the-box experience (OOBE).
  14. Click the Yes button.
  15. Select your keyboard layout setting.
  16. Click the Yes button.
  17. Click the Skip button if you do not need to configure a second layout.
  18. On the “Oops, you’ve lost internet connection” or “Let’s connect you to a network” page, use the “Shift + F10” keyboard shortcut.
  19. In Command Prompt, type the OOBE\BYPASSNRO command to bypass network requirements on Windows 11 and press Enter.
  20. The computer will restart automatically, and the out-of-box experience (OOBE) will start again.
  21. Click the “I don’t have internet” option.
  22. Click the “Continue with limited setup” option.
  23. Click the Accept button (if applicable).
  24. Continue your Windows 11 installation normally.
Posted on

Security Podcasts

To stay on top of the ever changing security landscape I listen to security focused podcasts during my commute into and out of the office. Not only does this keep my knowledge fresh it also gives me insight into bleeding edge information, events and other information I can share as part of my consulting and training.

Here is a list of podcasts I follow:

Cyberwire: https://thecyberwire.com/podcasts
Security Now: https://twit.tv/shows/security-now
Darknet Diaries: https://darknetdiaries.com/
Risky Biz: https://risky.biz/
Paul’s Security Weekly: https://securityweekly.com
SANS Stormcast: https://isc.sans.edu/podcast.html

Can you recommend any others?

Posted on

OpenSSL – List Trusted Certificate Authorities

Unlike Microsoft Windows, which provides the Trusted Root Certification Authorities Certificate Store, Redhat and CentOS distributions do not provide a “straight forward” way in which to quickly check if a Certificate Authority is included into the Certificate Authority Bundle (CA Bundle).

During a recent project engagement I came across a simple CLI command which can be used to parse the CA bundle and list all of the CA’s included:

[m@srv /home/user]# awk -v cmd='openssl x509 -noout -subject' '
    /BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-bundle.crt

Alternatively the same command can be ran, piped through grep to identify a specific CA, for example “Entrust” – 

[m@srv /home/user]# awk -v cmd='openssl x509 -noout -subject' '
    /BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-bundle.crt | grep Entrust

Whilst not complicated, this simple syntax saves a substantial amount of time manually searching CA bundles with a text editor.