Gareth Andrew Lloyd Ignition

## auth.log
Mar 27 10:29:09 li195-46 sshd[11343]: Invalid user gamma from 221.12.162.169
Mar 27 10:29:09 li195-46 sshd[11343]: pam_unix(sshd:auth): check pass; user unknown
Mar 27 10:29:09 li195-46 sshd[11343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.12.162.169
Mar 27 10:29:11 li195-46 sshd[11343]: Failed password for invalid user gamma from 221.12.162.169 port 55656 ssh2
Mar 27 10:29:21 li195-46 sshd[11345]: Did not receive identification string from 221.12.162.169

## bad-phrases
Failed password
Did not receive identification string

## tofirewall.sh
#!/bin/sh
./badlist.sh | while read ipaddr
do
  iptables -I INPUT -s ${ipaddr} -j DROP
done
iptables-save > /etc/iptables.rules

## did-it-work.sh
#!/bin/sh
zcat -f /var/log/auth.log* | grep -f bad-phrases | awk '{print $1,$2}' | sort -k 1,1M -k 2n | grep -vf white-list | uniq -c

## Output
#
#    953 Mar 13
#   1420 Mar 14
#   1783 Mar 15
#   1366 Mar 16
#   4572 Mar 17

## sshd_config
# Minimum authentication required, this should be a no
PermitEmptyPasswords no

# Root has full access to the machine, this is an attackers aim
# refuse ssh access and use sudo from another user account
PermitRootLogin no

# SSH daemon is easy to detect but most attackers assume port 22
# you can change to a non standard port, this will require the
# -p option on the ssh client in order to connect to correct port

## openmp-test.cpp
#include <omp.h>
#include <cstdlib>
#include <iostream>
#include <list>
#include <time.h>

bool ompon = false;
std::list<int> intList;
const int N = 1000;

## text.c
#include <stdio.h>
#define f(v,k) (((v << 2) | (~v >> 6)) ^ k)
int main(int argc, char *argv[]){
  unsigned char c = 0x01, v, p[17] = {0x00}, k = 0x00, * t,
                z[] = {0x87, 0xA3, 0x85, 0x96, 0x81, 0x90, 0x8C, 0xC4, 0xA4,
                0xCA, 0xC5, 0xA9, 0x88, 0x8B, 0x9D, 0x80, 0xEE};
  do{
    t = z;
    while (!((t - z) & 0x10)){
      v = f(*t, k) ^ *((t++) + 1);

## future.cpp
#include <iostream>
#include <future>
#include <thread>

int main()
{
    // future from a packaged_task
    std::packaged_task<int()> task([](){ return 7; }); // wrap the function
    std::future<int> f1 = task.get_future();  // get a future
    std::thread(std::move(task)).detach(); // launch on a thread

## gist:4155787
//https://gitorious.org/boost-dev/boost-dev, coroutine branch
//g++ -I path/to/boost-dev -std=c++11 code.cpp -static -L path/to/boost-dev/stage/lib/ -lboost_context

#include <boost/coroutine/all.hpp>
#include <boost/bind.hpp>
#include <boost/range.hpp>
#include <iostream>
#include <vector>

using namespace std;

## Instructions
For Ubuntu/Debian, make sure your machine has its mac address registered so I can be put on the correct subnet. Ask CS support.

apt-get install ssh-client krb5-user libpam-krb5
	Mar 27 10:29:09 li195-46 sshd[11343]: Invalid user gamma from 221.12.162.169
	Mar 27 10:29:09 li195-46 sshd[11343]: pam_unix(sshd:auth): check pass; user unknown
	Mar 27 10:29:09 li195-46 sshd[11343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.12.162.169
	Mar 27 10:29:11 li195-46 sshd[11343]: Failed password for invalid user gamma from 221.12.162.169 port 55656 ssh2
	Mar 27 10:29:21 li195-46 sshd[11345]: Did not receive identification string from 221.12.162.169
	#!/bin/sh
	./badlist.sh \| while read ipaddr
	do
	iptables -I INPUT -s ${ipaddr} -j DROP
	done
	iptables-save > /etc/iptables.rules
	#!/bin/sh
	zcat -f /var/log/auth.log* \| grep -f bad-phrases \| awk '{print $1,$2}' \| sort -k 1,1M -k 2n \| grep -vf white-list \| uniq -c

	## Output
	#
	# 953 Mar 13
	# 1420 Mar 14
	# 1783 Mar 15
	# 1366 Mar 16
	# 4572 Mar 17
	# Minimum authentication required, this should be a no
	PermitEmptyPasswords no

	# Root has full access to the machine, this is an attackers aim
	# refuse ssh access and use sudo from another user account
	PermitRootLogin no

	# SSH daemon is easy to detect but most attackers assume port 22
	# you can change to a non standard port, this will require the
	# -p option on the ssh client in order to connect to correct port
	#include <omp.h>
	#include <cstdlib>
	#include <iostream>
	#include <list>
	#include <time.h>

	bool ompon = false;
	std::list<int> intList;
	const int N = 1000;
	#include <stdio.h>
	#define f(v,k) (((v << 2) \| (~v >> 6)) ^ k)
	int main(int argc, char *argv[]){
	unsigned char c = 0x01, v, p[17] = {0x00}, k = 0x00, * t,
	z[] = {0x87, 0xA3, 0x85, 0x96, 0x81, 0x90, 0x8C, 0xC4, 0xA4,
	0xCA, 0xC5, 0xA9, 0x88, 0x8B, 0x9D, 0x80, 0xEE};
	do{
	t = z;
	while (!((t - z) & 0x10)){
	v = f(t, k) ^ ((t++) + 1);
	#include <iostream>
	#include <future>
	#include <thread>

	int main()
	{
	// future from a packaged_task
	std::packaged_task<int()> task([](){ return 7; }); // wrap the function
	std::future<int> f1 = task.get_future(); // get a future
	std::thread(std::move(task)).detach(); // launch on a thread
	//https://gitorious.org/boost-dev/boost-dev, coroutine branch
	//g++ -I path/to/boost-dev -std=c++11 code.cpp -static -L path/to/boost-dev/stage/lib/ -lboost_context

	#include <boost/coroutine/all.hpp>
	#include <boost/bind.hpp>
	#include <boost/range.hpp>
	#include <iostream>
	#include <vector>

	using namespace std;
	For Ubuntu/Debian, make sure your machine has its mac address registered so I can be put on the correct subnet. Ask CS support.

	apt-get install ssh-client krb5-user libpam-krb5