I fix some issues and created some new goodies to play with. 

• fake-sshd - Bug Fixes
• brute-sshd - Added
• memory-pressure - Added
• pipesplit - Added

Another short tutorial on how to get tcpdump to run as a non root user. However this is setup correctly so that root and only the permitted users can execute the file and run it. We would not want random people being able to run it stealing our traffic now.

You can enable this for non root users in a secure method by using the following commands

groupadd tcpdump
addgroup <username> tcpdump
chown root.tcpdump /usr/sbin/tcpdump
chmod 0750 tcpdump
setcap "CAP_NET_RAW+eip" /usr/sbin/tcpdump

As a breif explenation of the above.

• We create a group called tcpdump. 
• We then add the user or users that we want to be able to use tcpdump to the group.
• We then change the user/group of tcpdump to match root and the new group.
• We then make sure the permissions are set on tcpdump so that members of the group can execute it but other normal users cannot.
• We then use setcap to give the CAP_NET_RAW priviledge to the executable when it runs. This is so that tcpdump can open its raw socket which is not normally permitted unless you are root.

Here is a little tip so that you can quickly tell which linux machine that you are currently logged into. The easy way to do this is to colour code the shell prompt.

In bash the PS1 enviroment variable controls how the prompt is formatted. On a debian squeeze install it would be set to something like this by default

\[\e]0;\u@\h: \w\a\]${debian_chroot:+($debian_chroot)}\u@\h:\w\$

That of course does look somewhat confusing mostly because of the escaping. The letters with a '\' at the front are telling bash to also display certain things but I will cover that in another post. Lets add some colour.

To add some colour we need to add a control sequence to the shell prompt this tells the terminal to enable a specific colour then at the end of the prompt turn that colour back to the default for the terminal.

to set the colour we need to apply this to the beginning of the enviroment variable (this is using the color red 31m)

\[\033[31m\]

Then we also need to append the close sequence to the end of the enviroment variable.

\[\033[0m\]

So the complete enviroment variable should now look like this.

export PS1="\[\033[31m\]\[\e]0;\u@\h: \w\a\]${debian_chroot:+($debian_chroot)}\u@\h:\w\$\[\033[0m\]"

Our prompt will be red. To change the colour you only need to change the starting sequence and choose from one of the following colours.

Black 0;30     

Blue 0;34     

Green 0;32     

Cyan 0;36     

Red 0;31     

Purple 0;35     

Brown 0;33     

Light Gray 0;37     

Dark Gray 1;30

Light Blue 1;34

Light Green 1;32

Light Cyan 1;36

Light Red 1;31

Light Purple 1;35

Yellow 1;33

White 1;37

This is a quick tip if you use an xserver that is running remotly and you want to set the DISPLAY enviroment variable when you login to the machine using ssh. It is actually very simple to do.

When you use ssh it will automatically set the SSH_CLIENT enviroment variable to contain the client connection details eg the ip address port number etc.. to get this to work you will need to paste the following into your .bashrc file.

if [ ! $DISPLAY ] ; then
	if [ "$SSH_CLIENT" ] ; then
		export DISPLAY=`echo $SSH_CLIENT|cut -f1 -d\ `:0.0
	fi
fi

the above will check that the DISPLAY enviroment variable is not currently set and that the SSH_CLIENT variable is set. It will then extract the ip address from SSH_CLIENT

I started working with linux for development work again after a break for a few years. I have ended up working on a project that requires a lot of mixed access from the normal user account to root or to other accounts. The simple way todo this without having to type a password a million times a day is to use sudo.

This is a quick guide to how I went about configuring it in such a way they you can also have support for multiple users on the same machine that may require root. You will need to be root of course for this to work.

First of all add a new group.

root@linux:~# addgroup sudoers
Adding group `sudoers' (GID 1001) ...
Done.

Then add your self to the group and repeat for each of the other users you need to have access.

root@linux:~# adduser james sudoers
Adding user `james' to group `sudoers' ...
Adding user james to group sudoers
Done.

Then make sure the following line exist in the /etc/sudoers config file.

%sudoers ALL=NOPASSWD: ALL

Then to test it you will need to logout and in again to allow the group change to be visible and then run something like "sudo bash" to get a root shell. Now you don't need to type a password a million times a day.

I should probably point out that there are security considerations on this and bear in mind that I use it on a development box which only has extremly limited access.