June 2018
best sinhala blog in sri lanka
ඔව් පිංවතුනි  අද කියන්න හදන්නේ අපේ linux system එකට ssh කනෙක්ට් උනාම ඒ කනෙක්ට් වෙන කෙනාට message එකක්  කොහොමද දාන්නේ කියල

ඒ කියන්නේ හරියට welcome note එකක් වගේ දෙයක්

මේ message එක පෙන්නන්න ක්‍රම 2ක් තියනවා
1 ssh කනෙක්ට් වෙන්න හදනකොට ( issue.net)
2 සාර්ථකව ලොග් උනාම පස්සේ (MOTD file) කියන අවස්ථා 2කේ දී අපිට පුළුවන් මේක පෙන්නන්න .

ඉතින් අපේ admin අයියලා සෙට් එක මේ වගේ එකක් දාල තිබ්බනම් හොදයි කියල තමා කියන්න තියෙන්නේ


හරි දැන් අපි වැඩේ පටන් ගමුකො


nano /etc/issue.net

දැන් මේක paste කරන්න

#########################################################################
#                                                      Welcome to usefuleverything                                         #
#                                   All connections are monitored and recorded                                     #
#                          Disconnect IMMEDIATELY if you are not an authorized user!                #
#########################################################################
save කරලා exit වෙන්න


දැන් මේ file එක edit කරන්න ඕනි

nano /etc/ssh/sshd_config

ඔකේ තියනවා banner කියන එක
find #Banner

අන්කොමෙන්ට් කරලා කලින් දාපු file එකේ පාත් එක දෙන්න

Banner /etc/issue.net

දැන් ssh restart කරන්න ඕනි

systemctl restart sshd

ඔන්න අපි දැන් ලොග් වෙන්න හදනකොට එන එක හදල ඉවරයි

දැන් බලමු ලොග් උනාට පස්සේ එකක් display කරන්නේ කොහොමද කියල

එකට මේ file එක edit කරන්න

nano /etc/motd

මේක paste කරන්න

#########################################################################
#                                                      Welcome to usefuleverything                                         #
#                                   All connections are monitored and recorded                                     #
#                          Disconnect IMMEDIATELY if you are not an authorized user!                #
#########################################################################

save and exit


ලස්සන asci design තියනවා මේකේ බලන්න


http://www.network-science.de/ascii/

එහෙනම් මන් ගියා......
best sinhala blog in sri lanka

Install Nginx and PHP7-FPM

First of all, add the EPEL repository, which contains Nginx:
# yum install epel-release
Next, install Nginx:
# yum install nginx



rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -ivh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

yum install -y httpd wget bzip2 nano unzip

Now, it’s possible to install PHP7-FPM and some Nextcloud dependencies:
# yum install php70w-fpm php70w-pecl-apcu-devel php70w-json php70w-pecl-apcu php70w-gd php70w-mcrypt php70w-mysql php70w-cli php70w-pear php70w-xml php70w-mbstring php70w-pdo
Check the PHP version to be sure that everything went well, with:
# php -v

Configure PHP-FPM

After installation, a configuration of PHP is required for use with Nginx. With a text editor, edit the /etc/php-fpm.d/www.conf file. In there, search lines containing user and groupstrings and modify as follows:
user = nginx
group = nginx
In the same file, look for listen string, and modify that too:
listen = 127.0.0.1:9000
PHP will listen on port 9000.
Uncomment the following lines:
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
Save and exit.
Create a new directory in /var/lib and change its owner to nginx user:
# mkdir -p /var/lib/php/session
# chown nginx:nginx -R /var/lib/php/session/
Start and enable both Nginx and PHP7-FPM:
# systemctl start php-fpm
# systemctl start nginx
# systemctl enable php-fpm
# systemctl enable nginx

Install MariaDB

yum -y install mariadb-server mariadb

systemctl start mariadb

systemctl enable mariadb

Then, configure the root account for MariaDB:
# mysql_secure_installation
Set root password? [Y/n]
New password: my_strong_root_password
Re-enter new password: my_strong_root_password

Remove anonymous users? [Y/n]
Disallow root login remotely? [Y/n]
Remove test database and access to it? [Y/n]
Reload privilege tables now? [Y/n]
Now, it’s time to login to MariaDB and configure it for use with Nextcloud:
# mysql -u root -p
In its shell:
mysql> CREATE DATABASE my_nextclouddb;
mysql> CREATE USER ncuser@localhost IDENTIFIED BY 'ncuser@';
mysql> GRANT ALL PRIVILEGES ON my_nextclouddb.* TO ncuser@localhost IDENTIFIED BY 'ncuser@';
mysql> FLUSH PRIVILEGES;
mysql> EXIT;

Generate a SSL certificate

For using Nextcloud with HTTPS connection with the client, you’ll need an SSL certificate. Generate a self-signed one with OpenSSL. First, create a new directory for that file:
# mkdir -p /etc/nginx/cert/
and generate it:
Go to Letsencrypt and create 
make sure combine crt file add to nginx config
/etc/nginx/cert/nextcloud.crt 
 /etc/nginx/cert/nextcloud.key

N.B: the /etc/nginx/cert/ will contain all the SSL certificates your server will require eventually.
Change permissions:
# chmod 700 /etc/nginx/cert
# chmod 600 /etc/nginx/cert/*


install Nextcloud

Now it’s time to download and install Nextcloud. Download the archive with:
# https://download.nextcloud.com/server/releases/latest-12.zip
Extract it and move to /usr/share/nginx/html/
# unzip latest-12.zip

# mv nextcloud/ /usr/share/nginx/html/
Create a new data directory for Nextcloud:
# mkdir -p /usr/share/nginx/html/nextcloud/data/
Change the owner of nextcloud to nginx user:
# chown nginx:nginx -R /usr/share/nginx/html/nextcloud

Configure a Virtual Host for Nextcloud

Create a new Virtual Host configuration file, /etc/nginx/conf.d/nextcloud.conf. There, paste the following configuration:
upstream php-handler {
    server 127.0.0.1:9000;
    #server unix:/var/run/php5-fpm.sock;
}
 
server {
    listen 80;
    server_name storage.mydomain.com;
    # enforce https
    return 301 https://$server_name$request_uri;
}
 
server {
    listen 443 ssl;
    server_name storage.mydomain.com;
 
    ssl_certificate /etc/nginx/cert/nextcloud.crt;
    ssl_certificate_key /etc/nginx/cert/nextcloud.key;
 
    # Add headers to serve security related headers
    # Before enabling Strict-Transport-Security headers please read into this
    # topic first.
    add_header Strict-Transport-Security "max-age=15768000;
    includeSubDomains; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
 
    # Path to the root of your installation
    root /usr/share/nginx/html/nextcloud/;
 
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }
 
    # The following 2 rules are only needed for the user_webfinger app.
    # Uncomment it if you're planning to use this app.
    #rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
    #rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
    # last;
 
    location = /.well-known/carddav {
      return 301 $scheme://$host/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host/remote.php/dav;
    }
 
    # set max upload size
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;
 
    # Disable gzip to avoid the removal of the ETag header
    gzip off;
 
    # Uncomment if your server is build with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;
 
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;
 
    location / {
        rewrite ^ /index.php$uri;
    }
 
    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
        deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
        deny all;
    }
 
    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
        include fastcgi_params;
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param HTTPS on;
        #Avoid sending the security headers twice
        fastcgi_param modHeadersAvailable true;
        fastcgi_param front_controller_active true;
        fastcgi_pass php-handler;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
    }
 
    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
        try_files $uri/ =404;
        index index.php;
    }
 
    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~* \.(?:css|js)$ {
        try_files $uri /index.php$uri$is_args$args;
        add_header Cache-Control "public, max-age=7200";
        # Add headers to serve security related headers (It is intended to
        # have those duplicated to the ones above)
        # Before enabling Strict-Transport-Security headers please read into
        # this topic first.
        add_header Strict-Transport-Security "max-age=15768000;
        includeSubDomains; preload;";
        add_header X-Content-Type-Options nosniff;
        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        # Optional: Don't log access to assets
        access_log off;
    }
 
    location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
        try_files $uri /index.php$uri$is_args$args;
        # Optional: Don't log access to other assets
        access_log off;
    }
}
Save, exit and test Nginx with:
# nginx -t
Then, restart it:
# systemctl restart nginx


Firewall

Configure the firewall to allow access to the Nextcloud storage from external machines.
FirewallD:
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload
setenforce 0
nano /etc/selinux/cofig (enforce tp permissive)



best sinhala blog in sri lanka
ඔන්න ඉතින් හෙන ගහන්න වගේ එකපාරම google එකෙන් windows වලට දෙන input tool එක අයින් කරලනේ
ඉතින් අපිට ඒක ලොකු පාඩුවක් වෙනවා එදිනෙදා ජීවිතයේදී කොහොම හරි ඉතින් මන් නම් මේක පාවිච්චි කරන්න පටන් අරන් අවුරුදු 5කට වැඩයි ඉතින් ඇගෙන් කෑල්ලක් ගියා වගේ 

කොහොම හරි පරණ එකක් තිබිල දාගත්තා ඔයාලටත් වැදගත් වෙයි කියල හිතුන නිසා දෙනවා 


best sinhala blog in sri lanka
ඔන්න ඉතින් class එකේදී උන වැඩක් ගැන කියන්න හදන්නේ, හැමදාම linux වලින් නේ terminal එකේ වැඩ දාන්නේ, අද නම් උනේ windows වල cmd එකෙන් ftp ගිහින් file එකක් ගන්න සහ දාන්න මොකුත් tool පාවිච්චි කරන්නේ නැතුව
ඒ කියන්නේ filezilla වත් winscp නැතුව cmd එකෙන් වැඩේ ගොඩදාගන්න තියෙන්නේ.
මමත් දැනගෙන හිටියේ නැති උනත් අන්තිමට හොයාගත්ත කොහොමද කරන්නේ කියල 



To use FTP commands at Windows command prompt

cmd එක open කරලා ඔයාගේ transfer කරන්න අවශ්‍ය folder එකට යන්න.

cd "C:\Documents and Settings\manusha\My Documents\FTP" (මතක් කරලා  "quotes" දාන්න මොකද නැත්තම් spaces තිබ්බොත් අවුල් පාත් එකේ .)

At the C:\>දැන් , type කරන්න  FTP. The C:\> prompt changes to ftp>.

At the ftp> prompt, type open followed by the name of the remote FTP site, then press ENTER. For example, type:

open myftpsite.com

When prompted, type the username and password provided to you by the administrator of the FTP site, then press ENTER.

Type cd then the path to the remote server's directory in which you have permission to transfer files via FTP. For example, type:

cd M:\InetPub\EFTRoot\MySite\Usr\jbug




Task
DOS Command
Notes
Change user password
on a site



Literal SITE PSWD oldpassword
newpassword
"Literal" sends a command line to the remote
FTP connection and executes the SITE PSWD
 command.
Connect to the specified
FTP host on the specified port

open [host] [port]
For example, type:
open myftpsite.com 21
Navigate to a different
directory on remote machine

cd [directory]
For example, type:
cd M:\InetPub\EFTRoot\MySite\Usr\jbug
Change to parent directory

cdup
Same as cd ..\
Changes directory on local
machine

lcd [path]
For example, type lcd c:\temp.
Displays a list of files and folders
in the current remote directory




dir [path]
ls [directory][localfile]
For example, type:
dir M:\InetPub\EFTRoot\MySite\Usr\jbug
or
ls M:\InetPub\EFTRoot\MySite\Usr\
jbug C:\temp\contents.txt
Creates a directory on the remote
 file system



mkdir [name]
For example, to create a folder into which you
 will upload your graphics files, type:
mkdir images
Copies a file from the local to the
remote computer

put [filename.ext]
To upload the file with a different name, use
put oldfilename.ext newfilename.ext
Copies multiple files from the local
to the remote computer


mput [files]
Puts multiple files; *.* puts all files; *.txt puts
 all .txt files, my_*.* puts all files that start
with my_ with any extension.
Copies a file from the remote to
the local computer

get [filename.ext]
For example, type:
get dog.jpg
Copies multiple files from the
 remote to the local computer


mget [files]
Gets multiple files; *.* gets all files; *.txt gets
 all .txt files, my_*.* gets all files that start
with my_ with any extension.
Deletes a file


delete [filename.ext]
For example, type:
delete dog.jpg
Renames a file



rename [filename][filename]
For example, to rename a picture of your dog,
 Pooh Bear, type:
rename dog.jpg PoohBear.jpg
Removes a directory on the
 remote computer


rmdir [name]
For example, type:
rmdir olddogpics
List current working directory


pwd
Use when you forget which directory you are
 in or if you want to copy the path
Close connection

bye (or quit)
Disconnect from remove FTP server
List of available commands or
 help for a specific
command


help
help [command]
? [command]
help by itself lists available FTP commands;
 help [command] or ? [command] provides
help for the specific command
Change transfer mode to ASCII

ascii

Used for HTML and text files
Change transfer mode to binary


binary

Used for graphics, compressed files, audio
 clips, etc.
Displays current transfer mode
(ASCII or binary)





status

Query the status of files, transfers in
process, and other system information.
 The STAT command implemented on
some FTP servers could allow a remote attacker to obtain
 sensitive information; 
therefore, it is disabled
on some servers.                                                                                                                                          
Enable/disable prompts




prompt

Use this command if you do not
want to be prompted for each file
 transfer when transferring
multiple files.
best sinhala blog in sri lanka
AdClear v8.0.0.507287 [Non-Root Full-Version Ad Blocker]
Requirements: 4.1+
Overview: AdClear is the premier non-root adblocker for Android users. AdClear’s technology filters out advertisers before they invade your browsing or app experience.

Full adblocker protection, absolutely free!

Download

No more:
YouTube ads
Encrypted ads
Clickbait ads
Intrusive ads
best sinhala blog in sri lanka
Computer Forensics පාඩම මැද්දේ ඉතින් ඔන්න සර් කිව්වා අපේ මේ දත්ත කොහොමද හාඩ් එකක save වෙන්නේ කියලා ඉතින් ඒක පොඩ්ඩක් ආස හිතෙන කතාවක් නිසා ඔයාලත් එක්කත් බෙදාගන්න කියල හිතුනා

මුලින්ම බලමු අපි හාඩ් එකක් කියන්නේ මොකක්ද කියල














හැමෝම දන්නවනේ device එකක දත්ත රදවාගන්න තියෙන තැන් කිහිපයක් තියනව
ram එක registers cd dvd හාඩ් පෙන් වගේ දේවල්
අන්න එතනින් Volatile සහ Non volatile කියල ඒ කියන්නේ නශ්‍ය වන සහ නශ්‍ය නොවන කියල වර්ග දෙකක් අපි කතා කරනවා ඒ කියන්නේ කරන්ට් එක තියනකල් data තිබෙන සහ කරන්ට් එක නැතුවත් data තියෙන කියල

ඉතින් මේ නශ්‍ය නොවන කාණ්ඩයට අයත් හර්ඩ් එක Computer Forensics වලදී ගොඩක් වැදගත් වෙන දෙයක් මොකද සැකකරු අපරාදයක් කිරීමට යොදාගන්නා දෙයක් අපේ හාඩ් එක
ලොකුවට හිතන්න එපා සරවම කිව්වොත් කම්පැණියක දත්ත වගයක් මැකුව කියන්නකෝ මේක කරේ කවුද කොහොමද කින්ද මන්ද ඔක්කොම හොයන්න වෙන්නේ අපිට ඉතින් මෙතැනදී අපිට හාඩ් එකේ data එකක් save වෙන්නේ කොහොමද ඒවා මකල නම් ආයේ ගන්නේ කොහොමද කියන දේ කියල දෙනවා

ඉතින් අපි බලමු කොහොමද හාඩ් එකකට data එකක් save වෙන්නේ සහ කොහොමද ඒකක් ආයේ ගන්නේ කියල

ඉතින් මෙතැනදී කියන්න තියෙන්නේ මේක layer 5 කට කඩල තියනව
ඒවා තමා
File Name Layer
Metadata Layer
Data Layer
File System Layer
Physical Layer කියලා

ඉතින් අපි බලමු එකින් එක මේවගෙන් වෙන්නේ මොනවද කියල

Physical Layer


මේකට අයිති වෙන්නේ physical disk එක

 File System Layer

Holds the data that describes the structural details of the file system.
The boot sector (or superblock in Unix) is where much of this data is stored.
The Master Boot Record (MBR) holds information related to this layer.
The Partition Boot Record (PBR) also contains file system layer information.

Data Layer

The main purpose of a disk drive is to store data; consequently, this layer holds the key information related to this task (that is, the data).
This layer organizes the physical drive into 512 byte sectors.
On Windows systems, these sectors are further organized into clusters.
Sectors in the data layer will either be “allocated” or “unallocated”.
Another way of thinking of this is that sectors are either being used in a file or waiting to be used.


 Allocated vs. Unallocated
Allocated data:
Is being actively used by a file
Exist in a file on the system
Is not currently deleted
Unallocated data:
Is not currently being used by a file
Can have previously deleted or unused data
Can hold pieces of old data (called “fragments”)

MetaData Layer

This layer contains all the structures that describe the file.
Similar to the table of contents page of a book.
It has pointers to the data layer and the file name layer so that starting address and MAC times can be determined.
In FAT files systems it is stored in the FAT table. In NTFS systems, it is found in the Master File Table (MFT). Linux stores it in the iNode entries.
Metadata is also either allocated or unallocated.


9  MetaData Layer Metadata contains:
Pointers to the data layer (either a starting sector, or list of sectors depending upon file system)
The file type
The MAC times and permissions
The file size and/or total links


10  File Name Layer

Generally a separate structure that gives the names of files.
The metadata layer can actually describe everything about the file, but it is easier to have the name information listed without all the extra, low- level detail.
Is stored in 2 places:
MFT or FAT directory entries
Directory file – list of files in that directory structure













best sinhala blog in sri lanka



හම්මේ ඉතින් කස්ටිය ලිනක්ස් කියපු ගමන් උඩ යනවනේ ඔකේ ටයිප් කරන්න ඕනිලු අරකලු මෙකලු ඉතින් අද කියන්න හදන්නේ කොහොමද කමාන්ඩ් ලයින් එකේ වැද්දෙක් වෙන්නේ නැතුව ජාමේ බේරාගෙන වැඩක් කරන්නේ කියල

මේ තියෙන්නේ hotkeys වගයක් Linux shell එකේ භාවිතා කරන්න පුළුවන්:
  • ctrl + c – හදිස්සියේ මොකක් හරි ගහල වැරදි නම් සහ කරන වැඩේ close කරන්න ඕනි නම් ඕක තමා ඕනි වෙන්නේ.
  • ctrl + r –දැන් ඉන්න  terminal session එකේ command historyය බලන්නේ මේකෙන්
  • ctrl + a – කමාන්ඩ් set එකක් ගහල අන්තිමට මතක් උනාම මුලට sudo ගැහුවේ නෑ කියල අන්න ඒ වගේ වෙලාවට මේක ඕනි වෙනවා පොර වගේ ඉස්සරහට යන්න.
  • ctrl + e – ලයින් එකේ පස්සටම යන්න ඕනි උනාම.
  • ctrl + z – sleep program
  • !! – reissues the last command that was run
  • ![command] (i.e. !ping) – reissues the last command starting with the supplied parameters, which is the last ping command in this example
  • Up arrow – කලින් ගහපු කමාන්ඩ් ටික ආයේ ගහන්න උනාම type නොකර  ගොඩ දාගන්න.
  • Down arrow – කලින් එකම තමා
  • Tab – පොර වගේ auto-completing කරගන්න.
Basic Shell Commands:
  • mount – displays mounted media and file systems
  • uptime – displays how long the system has been active
  • clear – if there is too much information printed to the current terminal screen, you can wipe it all clean with the clear command
  • date – displays the time and date that is configured within the operating system
  • whoami – displays the current active user in the shell
  • su root – prompts you for a root password to login and run commands with root privileges
  • pwd – prints your current working directory, which is your current location in the file system
  • ls – this is the list command, which prints the files and directories within your current working directory
  • ls -l – this option is known as a “long listing,” and shows detailed information about the files and directories in your current working directory
  • ls -la – this command will show you a long listing, and the -a option shows you all files; by default, hidden files that start with the “.” character are omitted
  • cd [directory] – the cd command is useful for navigating the Linux files system; simply perform an ls command to see directories accessible in your current working directory
  • cd ../ – this command will set you one level higher in the current working directory tree
  • [command] | grep [parameters] (i.e. ls | grep myfile.txt) – piping command output to grep and supplying it with parameters will filter the output based on your criteria
  • ps aux – displays a list of running processes; the output is long, so it’s best to pipe it to less, more, or search through it with a tool like grep
  • kill [process_number] – kills a process based on it’s process ID identified with the ps auxcommand
Network Interface and IP Commands:
  • ifconfig – the same as the ipconfig on Windows systems; this command will display interface information, such as MAC address, IPv4/IPv6 addresses, interface status, transmitted and received data, and so on
  • ifconfig [interface] down (i.e. ifconfig eth0 down) – shuts down an interface, such as a wireless, Ethernet, or tunnel interface
  • ifconfig [interface] up (i.e. ifconfig eth0 up) – enables an interface that has been shut down; taking an interface down and then up again (sometimes called bouncing an interface) can be a useful troubleshooting or reset procedure
  • route – displays the current routing table, including the default route
Port and Service Commands:
  • netstat -l – shows ports that are in a listening state
  • netstat -a – shows all ports (sometimes called sockets) that are in use
  • netstat -u – shows all UDP connections and ports that are open
  • netstat -t – shows all TCP connections and ports that are open
  • netstat -a | grep [protocol] (i.e. netstat -a | grep http) – searchs all open connections and ports for any that contain the characters “http”
*උපුටාගැනීම අන්තර්ජාලනි