Outils pour utilisateurs

Outils du site


Ceci est une ancienne révision du document !

One of our readers, Joe Wong, wanted to know how to set up things like TOR and nmap and the like on Ubuntu. As his questions were too broad to cover in questions and answers, I decided to do a mini tutorial on it.

Let us start with the short ones, and work ourselves up to the longer winded ones? Nmap is easy. ‘Sudo apt install nmap’ will do the trick. Should you prefer the GUI, you need to install Zenmap. The nmap website has great tutorials on how to use nmap / zenmap. Documentation here: https://nmap.org/book/man.html - I find nmap to be faster and more accurate than angry IP scanner for Linux. There is even a book dedicated to this useful tool. You can read some of it here: https://nmap.org/book/toc.html

Similarly, wireshark is available from your repositories, so ‘sudo apt install wireshark’ will fetch it for you, alternatively search in the software centre. If you need a quick primer,

https://www.youtube.com/watch?v=TkCSr30UojM - is a handy link. As network traffic analysers go, this is awesome. If you just want the basic commands, go here: https://www.tecmint.com/wireshark-network-traffic-analyzer-for-linux/

TOR comes in two parts, the TOR network, and the TOR browser. The browser installation is as simple as downloading the .deb-file from the TOR browser website and installing it. The other option is to download the .tar-file and extract it to your home folder. The compressed file includes a launcher you can copy to your desktop, if you like. It is a good idea to keep the folder separate from your current Firefox installation. The browser manual is here: https://tb-manual.torproject.org

TOR network needs a bit more. It is safest to install TOR from the official repository. To add it, simply edit your sources file. I will use nano here, but the editor does not matter sudo nano /etc/apt/sources.list.d/tor.list

Add the following lines, replacing “bionic” with your version’s code-name:

deb https://deb.torproject.org/torproject.org bionic main, and

deb-src https://deb.torproject.org/torproject.org bionic main

You will also need to add the key:

curl https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | sudo gpg –import

gpg –export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add

NOTE: There are double dashes before import and export, word processors do weird things with double dashes.

After the obligatory:

sudo apt-get update

just type the following

sudo apt-get install tor deb.torproject.org-keyring torbrowser-launcher

Rootkit Hunter : http://rkhunter.sourceforge.net/ is not difficult to install and run either. Type:

sudo apt install rkhunter

There is a bit of an ncurses based setup to go through, but it is really straightforward.

Once installed, rootkit hunter needs you to edit the configuration file a bit:

sudo nano /etc/rkhunter.conf

and make sure MIRRORS MODE=0 and WEB_CMD=“”

That’s it.

Now we get to talk about one of my favourite security tools, Lynis. So many checks, so little time. You can find it here: https://cisofy.com/lynis/

You can download the compressed file and do it all manually, but it is easier from the terminal. Let us grab the key first:

sudo wget -O - https://packages.cisofy.com/keys/cisofy-software-public.key | sudo apt-key add’


sudo apt install apt-transport-https

Followed by:

echo 'Acquire::Languages “none”;' | sudo tee /etc/apt/apt.conf.d/99disable-translations’


Now add the sources:

echo “deb https://packages.cisofy.com/community/lynis/deb/ stable main” | sudo tee /etc/apt/sources.list.d/cisofy-lynis.list

You know the drill after this:

sudo apt update && sudo apt install lynis

Lynis is currently at 2.7.5, but you can install as far back as 2.6.6 for Ubuntu 14.04.

Lynis is a tool that needs to be run as root or else it will just skip some of the most important tests:

sudo lynis audit system

References: https://packages.cisofy.com/community/#debian-ubuntu

There are other ways to install Lynis, but this is the easiest.

If there are any queries on the installation of these tools, or maybe their use, please email us on misc@fullcirclemagazine.org

issue155/tutoriel1.1585414162.txt.gz · Dernière modification : 2020/03/28 17:49 de auntiee