Linux commands to run for fun

Some beginner tips

drop inbound connections

You only need people to connect to you if you're a server. If this is your personal computer, do yourself the favor and drop connections that come to you.

Get the iptables script:

wget https://gitlab.com/steelinferno/scripts/-/raw/master/dropinbound.sh && chmod +x dropinbound.sh

audit the script:

cat dropinbound.sh

run the script as root (iptables requires root):

./dropinbound.sh

Note that the changes will reset once you restart your computer. If you want to accept inbound connections without restarting, you can do the same above steps with https://gitlab.com/steelinferno/scripts/-/raw/master/acceptall.sh

ungoogle your system

You won't be able to get past captchas, but it's a good way to make Chromium more private and secure than Ungoogled-Chromium. I'd run this on a server, actually.

Get the blackhole script:

curl -o googleblackhole.sh https://asn.ipinfo.app/api/text/ipblackhole/AS15169 && chmod +x googleblackhole.sh

audit the script:

cat googleblackhole.sh | less

run the script as root (ip route requires root):

./googleblackhole.sh

check your ip route settings to see if changes were made:

ip route

You'll know it's good when there's a bunch of results that say "blackhole"

see what's cumming in and out

I just learned what netstat was yesterday. Check it!

netstat --tcp

If you disabled inbound connections, then it'd only show outbound connections. Pretty cool. If you have a ton of results, you're fucked though ahahaha

...in which case you should take those IP's over to bgp. Requires javascript but at least you'll get some background info on those numbers.

Note that ESTABLISHED connections are active, and TIME_WAIT aren't active. It's just how TCP works.

see where your shit goes when you flush

Install traceroute with your package manager and just run

traceroute autizmo.xyz

And you'll see your packet go through your ISP and your DNS, and then towards this site. If you ping autizmo.xyz you'll see it go to 205.185.121.146 which is shittyurl.org, which is kinda like the site that owns this site or something.

snag a cool fetch

Next, let's try to gain root access to this site's server

ssh root@205.185.121.146

It's one way in, but you'll need to do a lot of guessing. The port is open, sshd is running, and all you have to do is guess.

If you do end up logging in, do a neofetch and take a screenshot! Post it on neckbeard.xyz, make sure to tag @sjw, and tell him to change his password and perhaps block port 22. He's very good-natured and pleasant, so he will appreciate the heads up.