基本代理配置

1. 设置git代理

git config --global http.proxy http://10.43.0.11:8080
git config --global https.proxy http://10.43.0.11:8080

2. 为pip设置清华源

pip config --global set global.index-url https://mirrors.aliyun.com/pypi/simple/

3. 配置apt代理

sudo vim /etc/apt/apt.conf.d/95proxy
Acquire::http::Proxy "http://10.43.0.11:8080";
Acquire::https::Proxy "http://10.43.0.11:8080";

4. 为docker设置代理

https://wangjui.com/archives/ubuntuxia-wei-dockershe-zhi-dai-li

SSH远程服务器配置

参考：How to change the SSH port on Ubuntu 24.04

1. 改变ssh的socket 端口为2222：

sudo vim /lib/systemd/system/ssh.socket
[Unit]
Description=OpenBSD Secure Shell server socket
Before=sockets.target ssh.service
ConditionPathExists=!/etc/ssh/sshd_not_to_be_run

[Socket]
[---]ListenStream=22
[+++]ListenStream=2222
Accept=no
FreeBind=yes

[Install]
WantedBy=sockets.target
RequiredBy=ssh.service

更改完成后，执行：sudo systemctl daemon-reload

2. 修改ssh的daemon的端口号:

sudo vim /etc/ssh/sshd_config
Include /etc/ssh/sshd_config.d/*.conf

[---]Port 22
[+++]Port 2222
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

并重启ssh，sudo systemctl restart ssh

3. 配置防火墙，允许2424端口可连接：sudo ufw allow 2404/tcp，删除22端口：sudo ufw delete allow 22/tcp

4. 锁定root用户

sudo passwd -l root  # 锁定root用户
ubuntu@y410p:~$ sudo passwd -S root   # 验证是否被锁定
root L 2025-03-15 0 99999 7 -1        # 为L说明被锁定

防攻击篇之构造ssh蜜罐

参考：Installing Cowrie in seven steps

1. 安装依赖

sudo apt-get install git python3-venv libssl-dev libffi-dev build-essential libpython3-dev python3-minimal authbind

2. 创建用户

sudo adduser --disabled-password cowrie

sudo su - cowrie

3. 拉取代码

git clone http://github.com/cowrie/cowrie

cd cowrie

4. 启动虚拟环境

pwd
python -m venv cowrie-env

$ source cowrie-env/bin/activate
(cowrie-env) $ python -m pip install --upgrade pip
(cowrie-env) $ python -m pip install --upgrade -r requirements.txt

5. 安装配置文件,使能telnet

sudo vim /home/cowrie/cowrie/etc/cowrie.cfg.dist
[telnet]

# Enable Telnet support, disabled by default
[---]enabled = false
[+++]enabled = true

6. 端口转发

sudo iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 2222
sudo iptables -t nat -A PREROUTING -p tcp --dport 23 -j REDIRECT --to-port 2223

永久设置转发规则

sudo apt-get install iptables-persistent
sudo netfilter-persistent save    # 设置规则自动保存

7. 查看登陆尝试及操作的命令

grep "login attempt" /path/to/cowrie/log/cowrie.log
grep "command" /path/to/cowrie/log/cowrie.log

挂载硬盘篇

1. 查看硬盘uuid

sudo blkid

2. 编辑/etc/fstab挂载硬盘，编辑好后，执行sudo mount -a挂载

sudo vim /etc/fstab
UUID=e441f2f2-8c3a-41c7-8f67-433d357658f4 /mnt/diska auto nosuid,nodev,nofail,x-gvfs-show 0 0