I want to edit sshd to log all user/password attempts.

Cent7

yum install git make zlib-devel openssl-devel openssh-devel pam-devel screen autoconf gcc vim-enhanced lsof
git clone https://github.com/openssh/openssh-portable.git
cd openssh-portable/
autoreconf
./configure
vim auth-passwd.c (add in my little log code in the auth_password function)

//for Lanix
logit(“sshd credentials:%s:%s”,authctxt->user,password);

make
we are going to use the built-in sshd_config and the current ssh_host_keys to prevent anyone remote being able to easily identify the trap.
cp /etc/ssh/sshd_config /root/  (modify this as there are multiple parts we didn’t complile into our ssh and errors will be thrown, also to test I run it first on a different port)
cp /etc/ssh/ssh_host_* /root/
chmod 0600 /root/ssh_host_*
/root/openssh-portable/sshd -f sshd_config -D (I test with the -D so that I can easily stop the program)
This will log things in /var/log/secure on a Cent7 box, just look for the “sshd credentials” LOL

Debian

apt-update
apt-get install zlib1g-dev screen vim make gcc autoconf git libssl1.0-dev
(libssl1.0-dev because regular libssl-dev throws errors on compile of ssh, well as of right now)
(not sure if these are needed yet) apt-get install libcrypto++-dev libgcrypt20 libcrypto++6 libcrypto++-utils r-cran-openssl
git clone https://github.com/openssh/openssh-portable.git
cd openssh-portables/
autoreconf
./configure

vim auth-passwd.c (add in my little log code in the auth_password function)

//for Lanix
logit(“sshd credentials:%s:%s”,authctxt->user,password);

make
we are going to use the built-in sshd_config and the current ssh_host_keys to prevent anyone remote being able to easily identify the trap.
cp /etc/ssh/sshd_config /root/  (modify this as there are multiple parts we didn’t complile into our ssh and errors will be thrown, also to test I run it first on a different port)
cp /etc/ssh/ssh_host_* /root/
chmod 0600 /root/ssh_host_*
/root/openssh-portable/sshd -f sshd_config -D (I test with the -D so that I can easily stop the program)
This will log things in /var/log/auth.log, just look for the “sshd credentials” LOL

Keep in mind you do need a server you have access to via ssh… I like cloud servers, they tend to not have web filters..lol

First we need to setup the ssh socks5 proxy, we will ssh into our VM (virtual machine server) and proxy through there on local port 8080:
ssh -D 8080 myuser@myserver.mydomain

Now, keep in mind I am using Kali 2017.1 for this next part but you can use other distros and even configure other browsers to connecto to your localhost:8080 proxy, I am using firejail and google-chrome. Firejail allows me to have an independant isolated browser running so I can still have my regular browser up and running as needed. This is how we connect:
firejail –private google-chrome –proxy-server=”socks5://localhost:8080″

Boom, good times…

<?php
/**
* Front to the WordPress application. This file doesn’t do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* @package WordPress
*/

/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
$ip=$_SERVER[‘REMOTE_ADDR’];
if ($ip == ‘222.222.222.222’ || $ip == ‘111.111.111.111) {
/* Just replace 222.222.222.222 and 111.111.111.111 with your own ip addresses and anyone connecting to your wordpress instance from those IP addresses would see the wordpress site, everyone else would see a basic html page that just displays an image – you will need to supply the image – called underconstruction.jpg.  – or call it what you like. */

define(‘WP_USE_THEMES’, true);

/** Loads the WordPress Environment and Template */
require( dirname( __FILE__ ) . ‘/wp-blog-header.php’ );
}
else
{
?>

<html>
<body>
<center><img src=underconstruction.jpg></center>
</body>
</html>

<?php
}
?>

1. edit the mongod.conf file – usually in /etc/mongod.conf
   make sure it is configured to listen on all interfaces, or the one you want…
   Make sure you add the same replica set name so that it can join the group.
2. Login to your current primary mongo server
3. execute this command to add it
   rs.add({“_id” : 3, “host” : “servername:27017”, “tags” : {“dc”: “dcname”}})
   you can also add priority and such, but just keeping things simple here.
4. Now the new server will sync the data and then it will be ready to go!

I was working on a coraid for a friend and they had two disks fail at the same time, good old raid 5 doesn’t like that too much.  The new one’s are raid 6, but how to recover data off these raid5 ones?  Old notes to the rescue!

First your remove the lun:
remove 1

Now you need to recreate the raid but make sure to keep one drive as missing so that it will not initialize the whole array.  (in this case we are leaving dirve 6 as missing and drive 0 as an optional spare – if we want to risk an attempt at a rebuild)
make -r 1 raid5 2.1-5 missing 2.7-15

Now you need to online the lun in order to see it on the servers
online 1

Now you can start copying off, but keep in mind, you may find yourself needing to do this several times to recover all the data.  I have seen some successful rebuilds, others not so much so it can take a long time to copy off that data.  Make sure you use a good rsync script that will pick up where it left off every time you have to resetup the array.

1. download drivers from https://link.sandisk.com/Home/SoftwareDownload (may need to make account first) (in this case v 3.2.10)

2. # tar xvf fusionio-files-*.tar
3. # uname -r (now check the binary available does it match your kernel? – mine did not)
4. # cd fusionio-files-*/ioDrive2/Linux_centos-7/3.2.10/Software\ Source
5. # rpmbuild –rebuild iomemory-vsl-3.2.10.1509-1.0.el7.centos.src.rpm
6. # cd ~/rpmbuild/RPMS/x86_64/
7. # yum install iomemory-vsl-3.10.0*.rpm iomemory-vsl-config-3.10.0-*.rpm iomemory-vsl-source-3.2.10*.rpm
8. # cd ~/fusionio-files-*/ioDrive2/Linux_centos-7/3.2.10/Utilities/
9. # yum install fio*.rpm
10. # yum install lib*.rpm
11. # mkdir /var/lib/mongo
12. # modprobe iomemory-vsl
13. # dmesg (to vierify that the device was found)

**** now setup LUKS encryption ****

14. # cryptsetup -y create iomongo /dev/fioa
15. # mkfs.xfs /dev/mapper/iomongo
16. # mount /dev/mapper/iomongo /var/lib/mongo
17. # vim /etc/crypttab
add the line:
iomongo /dev/fioa none
18. # vim /etc/sysconfig/iomemory-vsl
uncomment the following:
ENABLED=1
modify and add the mount points
MOUNTS=”/var/lib/mongo”
19. # reboot
(verify everything comes up – notice if you have other LUKS encrypted devices and you use the same password on all of them, you will only be asked once for a password and all your devices should work)