Bash, making things easier.

Following on from my post last night about WGet and YouTube-DL, we’ve learned how to enable Bash on Windows 10. Now, this is an extremely useful thing to do, because it empowers you to use commands that are not native on Windows (or as a Linux fanboy would say, M$).

So, just so you all get a better understanding of the improved functionality of bash, we’re going to make some comparisons and examples.

I’m not going into detail – there is far too much to cover.

Network Monitoring – netstat.


On a windows box, to see current usage per process, the easiest method is to run:

netstat -a -b

Which will return a string similar to this:

 [chrome.exe]
     TCP 192.168.0.15:52581 192.0.78.13:https     ESTABLISHED
 [chrome.exe]
     TCP 192.168.0.15:52971 192.0.78.23:https     ESTABLISHED
 [chrome.exe]
     TCP 192.168.0.15:52972 192.0.76.3:https      ESTABLISHED

Rather simple to do, and allows you to see what process is responsible for what traffic, and what protocol it is using.

GNU + Linux supports netstat, but has a complete different syntax for the commands. To see connections with the process, simply run the following:

root@DESKTOP-3O8E0L8:/home/nanky# netstat -p


Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name

 

It returns a little more intuitive data (in my opinion). For example, we can then dictate by interface the data we wish to see by adding -i to the command:

netstat -i

This is an advantage over Windows. But let us get to the killer feature:

netstat -a -v -w -r

The following flags are used:

 -a, --all
 Show both listening and non-listening sockets. With the --interfaces option, show interfaces that are not up

--verbose , -v
 Tell the user what is going on by being verbose. Especially print some useful information about unconfigured address families.

--wide , -W
 Do not truncate IP addresses by using output as wide as needed. This is optional for now to not break existing scripts.

Thus allowing this command to return more valuable information, depending on the situation. However, there is a better tool: bmon and nethogs.

bmon

Start by issuing the following command:

sudo apt-get install bmon

 

Once installed, you should always look at the man page:

man bmon

 

Using bmon allows you to view the usage and statistics per interface, such as:

BMON Capture

Of course, there are other tools to conquer these tasks out there – I would strongly suggest you read this post outlining other sysadm tools available to you.

 

Automation, crontabs.


As opposed to the clunky Windows Task Scheduler, Linux uses Cron Jobs to execute tasks.

You’ll need to have bash running for CronJobs to work on Windows.

Pretty self explanatory, create a script or command you want to execute, and add it to the scheduler. Here it the default example provided to you:

# For example, you can run a backup of all your user accounts
# at 5 a.m every week with:
# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/

You guessed it, the stars represent time:

# m h dom mon dow command

The tar -zcf portion is the code it executes. Pretty self explanatory. 7:30am, every week for example:

crontab -e
30 7 * * 1 /my/command/to/execute/yo.sh

You get this. Easy stuff.

 

Task Maintenance – task.


Okay so this one’s not so critical, I just love this application. TaskWarrior. Tasks is a super simple yet super powerful CLI driven task manager.

sudo apt-get install task

 

There we go, you’ve installed it. Let’s add our first task:

nanky@DESKTOP-3O8E0L8:~$ task P:H  due:31 project personal add edit this css

Now let’s view our task:

 ID Age P Due Description Urg
 2  26s H  4w edit this css

Pretty simple method to view the task at hand. Now we want to view the task with the ID ‘2’:

task id 2

Which will return the following:

Name Value
ID 2
Description change task 1
Status Pending
Entered 2017-09-27 23:50:56 (1min)
Last modified 2017-09-27 23:50:56 (1min)
Virtual tags PENDING READY UDA UNBLOCKED LATEST PRIORITY
UUID 34c4cf80-a857-4123-a463-4c4bcc44b591
Urgency 6
Priority H

UDA priority.H 1 * 6 = 6
 ------
 6

You can sync your tasks across multiple devices, too! Just view their usage examples, and you’ll get the feel for how complex you can make the tool.

Lastly, text editing.


I cannot live without GNU Nano. Yes, you could use Vim but the simplicity of Nano amazes me.

For example, let’s edit a file and close it, all without needed to locate it, open, manually save and confirm dialogs:

nano /mnt/c/path/to/file/yo.txt

It is literally that simple, and you can interact with files stored on Windows natively.

That’s it.

You pretty much get the picture; CLI > GUI.

 

Just read:

  1. 20 Command Line Tools to Monitor Linux Performance
  2. Best Linux Command-Line Tools For Network Engineers
  3. Top 5 Linux Utilities for Network Engineers

 

 

 

 

 

EncFS; easy, fast and reliable?

Implementing a secure file-system in current-day computing is an imperative function, especially with Crypto attacks on the rise. My personal method to ensuring data integrity on a Linux Box is EncFS (you may prefer GEncFSM).

EncFS is a Free (LGPLFUSE-based cryptographic filesystem. It transparently encrypts files, using an arbitrary directory as storage for the encrypted files.

EncFS uses an encrypted and un-encrypted directory. For example, I could use the following assumption: my Dropbox directory is a mirror of my /home directory, and acts as the encrypted mirror for EncFS.

EncFS

Default EncFS Screen

Any data stored in your unencrypted directory, is encrypted using your defined passphrase, in another directory; mirrored data.

Installation of EncFS

Whilst you can download the GitHub project and follow the installation guide, if you are on Ubuntu or another similar flavour (Kubuntu or Lubuntu as an example) you can simply run the following command:

sudo apt-get -y install encfs

If you prefer GEncFSM, then run the following:

sudo add-apt-repository ppa:gencfsm/ppa
sudo apt-get update
sudo apt-get install gnome-encfs-manager

Usage of EncFS

If you are intending to use EncFS as the command-line option (I usually just default to the UI) then I would suggest inspecting the man page:

NAME
 encfs - mounts or creates an encrypted virtual filesystem

SYNOPSIS
 encfs [--version] [-s] [-f] [-v|--verbose] [-i MINUTES|--idle=MINUTES]
 [--extpass=program] [-S|--stdinpass] [--anykey] [--forcedecode]
 [-d|--fuse-debug] [--public] [--no-default-flags] [--ondemand]
 [--delaymount] [--reverse] [--standard] [-o FUSE_OPTION] rootdir
 mountPoint [-- [Fuse Mount Options]]

If you are not too particular with how you want to configure the system, go ahead and perform:

mkdir -p ~/encrypted
mkdir -p ~/decrypted

Then mount them for EncFS (you can later see where they mount using the mount command):

encfs ~/encrypted ~/decrypted

You will be prompted to select the mode, and to create a password for the encrypted paths.

Usage of GEncFSM

Using the GUI is probably a lot more manageable here. To create a stash, simply select the plus icon, configure your path and enter a password:

GEncFSM-Options

Creating New Stash

 

Then go ahead and mount the stash:

EncFSMountDirectory

Mounting Stash

Understanding EncFS

When a file is made in the directory “Private” (in our case this is the “un-encrypted” path), a mirror file is created in your “.Private” directory, with multiple rounds of salt using your provided “key” (the passphrase is used to hash the name and content):

EncFSMakeItem

Private and .Private

Therefore, if we attempt to look at the encrypted file, it would not present any readable data:

fileval

File Value

Of course, if we read the .encfs6.xml  file, we will see the KeyData value:

 <encodedKeyData>
kWkCBCu5HPY31URJhtdvYM7oynkI3MuQuh8smHadSpStmvkvJibGoSddWvmJjuFQU6xCgQ==
</encodedKeyData>

Therefore, it is worth noting that:

  • If someone knows your encodedKeyData value, and has a copy of your data, it can be compromised
  • The EncFS is only as secure as the passphrase you assign it – there is no Brute Force lockout procedures inplace and;
  • Physical access to the files (by mean of PC or RDP) should still be limited.

 

Therefore, we assume EncFS is a reliable, safe and fast method to encrypt data.