jpJxPhOuhvqc

Forum Replies Created

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • in reply to: Block Adult websites #64665

    jpJxPhOuhvqc
    Participant

    You might be best setting ZeroShell to use these OpenDNS servers:
    https://www.opendns.com/setupguide/#familyshield

    Then use iptables FORWARD chain rule to block any machines sending DNS requests directly out on UDP and TCP port 53.

    in reply to: ZeroShell-3.9.0-X86.iso seems corrupt #64664

    jpJxPhOuhvqc
    Participant

    Which download mirror did you use?

    in reply to: DNSCrypt #53728

    jpJxPhOuhvqc
    Participant

    Looking good. I’ve compiled it pending copying to my zeroshell.

    One thing to note I think these are in the wrong order..
    Run configure & make
    ./configure –libdir=/Database/dnscrypt/libsodium/lib –enable-static –prefix=/Database/dnscrypt && make
    Copy the libsodium header files to the src folder in dnscrypt.
    cp /Database/dnscrypt/libsodium/include/sodium.h src/proxy/sodium.h
    cp -R /Database/dnscrypt/libsodium/include/sodium src/proxy/sodium

    I had to do the two copy lines before ./configure would complete without error?

    Also how does CDE get over to the zeroshell machine? The tar doesn’t seem to contain it so I get
    /Database/startdnscrypt.sh: line 4: /Database/dnscrypt/cde-exec: No such file or directory

    in reply to: Manuall Changing MTU #48309

    jpJxPhOuhvqc
    Participant

    Sorry to bump an old topic but I’d like to say thank you jacobsa! I was after information on how to do this.


    jpJxPhOuhvqc
    Participant

    It only switches on failure but you could add in a rule for the ports or IP addresses of your VoIP service to always send it over the backup route.

    We have a site with a cable connection (which is fast but fails multiple times a day) and a backup ADSL line which is stable but slow.

    The main office traffic is left normal going over the cable connection as main and only failing over to the ADSL when the cable connection fails.

    However there are three TCP connections on 3 ports that we have a rule to always send over the backup ADSL line. These connections can’t be (or as little as possible) interrupted so it is preferable to send them over the backup all the time.

    Tom – http://www.mouselike.org

    in reply to: DNSCrypt #53725

    jpJxPhOuhvqc
    Participant

    I cheated and used CDE:

    ######## INSTALLATION ########
    This package should work right away without any need
    to configure anything. It will default to using OpenDNS.

    !!!!!First TAKE A BACKUP OF YOUR PROFILE SO YOU
    !!!!!CAN RESTORE IT IF THINGS GO WRONG

    SSH into ZeroShell and go to the Shell.
    Then run the following commands:

    cd /Database/
    wget 'https://windows.mouselike.org/windows.mouselike.org/share/dnscrypt.tar' -O dnscrypt.tar
    tar -xf dnscrypt.tar
    rm -rf dnscrypt.tar
    ls -l | grep dnscrypt

    Make sure the dnscrypt-cde directory exists!
    drwxrwxrwx 3 root root 4096 Apr 25 14:28 dnscrypt-cde

    Go into ZeroShell and go to:
    1) DNS on the left hand menu
    2) Forwarders along the top menu
    3) Remove any "ANY" entries from the list you already have.
    4) In the Domain box type in ANY
    5) In the Server box type in 0.0.0.0 and click Add
    6) Click Close. (At this point your dns will now break until we get to step 10!)
    7) Setup on the left menu
    8) Scripts/Cron along the top menu
    9) Make sure the "Post Boot" option is selected and add this line at the end

    /Database/dnscrypt-cde/startdnscrypt.sh

    10) Click the TEST button and then close window "Please wait: running the postboot script ..."
    11) Click the tick box in the top right to "Enable" the script.
    12) Click save.

    Your DNS quieries should now be going via dnscrypt.

    ######## IMPORTANT NOTE ########
    Changing the forwarder to 0.0.0.0 allows the startdnscrypt.sh script to
    find and replace the forwarder with the dnscrypt local host IP and port.
    This has to be done because the ZeroShell web interface doesn't allow
    you to enter a custom port for a DNS forwarder and the change has to be
    made manually or via the startdnscrypt.sh script.

    If you make any change to the DNS section or Interface IPs of the ZeroShell
    web interface it will over-write the settings applied by the script and
    probably break your DNS resolution, or at a minimum - make it really slow.
    If you change any of the settings under these screens you should then
    go back and re-run the startdnscrypt.sh script either by ssh or:
    1) Setup on the left menu
    2) Scripts/Cron along the top menu
    3) Make sure the "Post Boot" option is selected
    4) Click the TEST button and then close window "Output of the postboot script"

    ######## SETTINGS ########
    If you would like to change DNSCrypt to use a different provider
    edit the file /Database/dnscrypt-cde/startdnscrypt.sh
    Replace the -R OpenDNS with the name of the provider you wish to use.

    You can find the list of Valid provider names here:
    /Database/dnscrypt-cde/cde-root/Database/dnscrypt/share/dnscrypt-proxy/dnscrypt-resolvers.csv

    ######## UNINSTALLATION ########
    Go back to the DNS Forwarders settings in ZeroShell and remove 0.0.0.0
    Add back in your standard ANY forwarders - if required.
    Go into the Setup --> Scripts section and remove
    /Database/dnscrypt-cde/startdnscrypt.sh
    And click save.

    Then, if you want, remove the folder /Database/dnscrypt-cde from the drive.
    And reboot if you want to remove the remaining running dnscrypt-proxy process
    otherwise it will just disappear upon next restart.

    ######## REFERENCES / THANKS ########
    This version was compiled on CentOS with the following..
    libsodium builds:
    ./configure CC="gcc -static -static-libgcc"
    CXX="g++ -static"
    CPP="gcc -E -static" CXXCPP="g++ -E -static"
    --enable-static --prefix=/Database/dnscrypt/libsodium

    dnscrypt build:
    ./configure CC="gcc -static -static-libgcc"
    CXX="g++ -static"
    CPP="gcc -E -static" CXXCPP="g++ -E -static"
    --enable-static --prefix=/Database/dnscrypt

    Then packaged up using CDE which makes easily portable packages:
    http://www.pgbovine.net/cde.html

    I am not a linux native so there may be far better ways to
    compile and run dnscrypt.. please post your advice to the ZeroShell
    forums.
    https://www.zeroshell.org/forum/viewtopic.php?p=14087

    I hope that the ZeroShell maintainer can add DNSCrypt support natively
    and via the package management feature (or by default! please) some time
    in the future.
    in reply to: DNSCrypt #53724

    jpJxPhOuhvqc
    Participant

    Please could this be compiled for ZeroShell 😀 I’ve tried and failed.. I can’t work out how to compile it.

    Tom – http://www.mouselike.org

    in reply to: I Have Donate, How to get activation key? #53673

    jpJxPhOuhvqc
    Participant

    As noted on that page 🙂

    Send the Feature Code to activation@zeroshell.net so you will receive the related Activation Key.

    Tom – http://www.mouselike.org

    in reply to: Saving "Temporary" profile? #53549

    jpJxPhOuhvqc
    Participant

    It doesn’t show up in the profiles list until you also do this:

    cd  /DB/_DB.001/ (or whatever number you made it)
    mkdir .settings
    echo 'RecoveredProfile' > .settings/Description

    Job done! Thank you.

    Tom – http://www.mouselike.org

    in reply to: Saving "Temporary" profile? #53547

    jpJxPhOuhvqc
    Participant

    Thanks for that! I will give it a go when I have a free moment and report back.

    Tom – http://www.mouselike.org

    in reply to: DoS on DNS Zeroshell: Malware! #52999

    jpJxPhOuhvqc
    Participant

    I’ve found one of my installations infected with this too.

    Can we try and narrow down what we have in common to work out the infection method.

    I am running Release 2.0.RC2 setup and running since circa. 17/02/2013

    I have (open to the world):
    -Port 80 (the web interface)
    -Port 443 (the web interface)
    -Some LAN-to-LAN (OpenVPN) connections.

    -rwxr-xr-x    1 root     root        23289 Nov 21  2012 .DB.001

    Yet other installations have not been infected.
    OK Installation 1 = Release 2.0.RC2 / Port 80 (Zeroshell server) only open to the world (Port 443 is blocked) running for about a year.

    OK Installation 2 = Release 2.0.RC2 / No ports open to the world running for about 2 months

    OK Installation 3 = Release 2.0.RC1 / Port 80, 443 and SSH open to the world running for about a year

    Both the hosts referenced in the copy I have are the same as the OP.
    zeroshell.will.mx
    and
    zeroshell.samhan.biz
    Luckily both of these don’t resolve and given the date on the infection I presume this must be a very, very old infection that we’ve only just discovered.

    root@zeroshell DB> pstree -Gp
    init(1)─┬─.DB.001(14049)
    root@zeroshell DB> ps aux | grep 14049
    root 7832 0.0 0.0 1944 244 pts/0 S 03:33 0:00 grep 14049
    root 14049 0.0 0.2 2036 640 ? S 2013 64:09 sleep 1800

    I slayed and reloaded the process and it spawned two of itself and instantly tries to resolve zeroshell.will.mx and zeroshell.samhan.biz.
    I forced my network to respond with an IP and the infection then tries to contact zeroshell.will.mx on port 53 using TCP using the IRC protocol:

    NICK WORO
    USER DCRK localhost localhost :VQYJWO

    Tom – http://www.mouselike.org

Viewing 11 posts - 1 through 11 (of 11 total)