博文

目前显示的是 十二月, 2021的博文

TCP in Linux

图片
        TCP的属性包括:Target目标的IP和端口;Source来源的IP和端口;socket file handle。 cat /proc/sys/net/ipv4/ip_local_port_range 可使用端口范围1024 6500,即63977. 理论65535个2^16。  vim /etc/sysctl.conf  ;  net.ipv4.ip_local_port_range = 60000 60009; save; sysctl -p /etc/sysctl.conf ; 系统打开的最大数:cat /proc/sys/fs/file-max 用户可以打开的最大文件数:cat /etc/security/limits.conf 单进程可以打开的最大文件数: cat /proc/sys/fs/nr_open echo 100 > /proc/sys/fs/nr_open 一个线程对一个TCP,采用IO多路复用后,一个线程可以对多个TCP; https://app.diagrams.net/  

The Windows Subsystem for Linux(WSL)- Kali

What is the Windows Subsystem for Linux see https://docs.microsoft.com/en-us/windows/wsl/about . wsl --list --verbose Kali Linux cat /etc/os-release sudo apt update && sudo apt upgrate -y sudo apt install kali-desktop-xfce -y sudo apt install xrdp -y sudo service xrdp start ip add Now you can use Remote Desktop Connection of Windows to connect Kali. to do 1: sudo apt install theharvester theHarvester -d baidu.com -b google   // google will block your IP, if you run this command. Reference: htt p s:/ / w ww. y outube . com/watch ? v = AfVH54edAHU theHarvester theHarvester is a command-line tool included in Kali Linux that acts as a wrapper for a variety of search engines and is used to find email accounts, subdomain names, virtual hosts, open ports / banners, and employee names related to a domain from different public sources (such as search engines and PGP key servers).   to do 2: youtube-dl 91NZ_Rnr7Jc -o bad_apple.mp4 ffmpeg -i bad_apple.mp4 bad_apple_h264...

DV, Domain validated and letsencrypt.org

 Domain Validated; Organization validated; Extended validation;   Let's Encrypt Getting Started - Let's Encrypt (letsencrypt.org) is a free, automated, and open certificateauthority brought to you by the nonprofit Internet Security Research Group(ISRG). To enable HTTPS on your website, you need to get a certificate (a type of file) from a Certificate Authority (CA). Let’s Encrypt is a CA. In order to get a certificate for your website’s domain from Let’s Encrypt, you have to demonstrate control over the domain. With Let’s Encrypt, you do this using software that uses the   ACME protocol   which typically runs on your web host.        OCSP Stapling inside the Server.  ZeroSSL; OS always trusts identrust DST Root CA *3.   LetsEncrypt gets Let's Encrypt R3 from DST Root CA *3 that was expired on 9/30/2021. ISRG Root X1 is Let's Encrypt root, which join the trust list of OS in 2021. Android >=2.3.6<7.1.1 has Let's Encrypt R3, d...