Network Security

It is not advised to do so with dual WiFi connections, which is a pain in the ass in daily usage (only one of them will be used at a time).

Ethernet and WiFi dual connections seem fine with firejail but failed with dante.

Use firejail

1
2

sudo firejail --net=wlan0 --ip=dhcp --noprofile <program cmd>

Use dante and proxychains-ng

1
2

sudo apt install dante-server proxychains-ng

Now edit the dante config file at /etc/dante.conf:

1
2
3
4
5
6
7
8
9
10
11
12
13

internal: eth0 port = 1080
external: wlan0
socksmethod: username
user.privileged: root
user.unprivileged: nobody
user.libwrap: nobody
client pass {
from: 0/0 to: 0/0
}
socks pass {
from: 0/0 to: 0/0
}

Run the daemon by:

1
2

danted

Find the [ProxyList] section and add the following line in /etc/proxychains.conf:

1
2

socks5 127.0.0.1 1080 root <root_password>

Run the program with proxychains-ng:

1
2

proxychains <program cmd>

You can test your configuration like:

1
2

curl -x socks5://root:root@127.0.0.1:1080 https://www.baidu.com

If you run danted like systemctl start danted, you can configure a separate user for authentication. You have to change /etc/danted.conf and /etc/proxychains.conf accordingly.

1
2
3

sudo useradd -r -s /bin/false your_dante_user
sudo passwd your_dante_user

There are two files we are interested in.

• nmap-services: a list of well known services by port

• nmap-service-probes: matching rules for detecting service by response

The default service to port mapping in Python socket module is incomplete.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

# find that with mlocate
# file_path = '/usr/share/nmap/nmap-services'
file_path = "./nmap-services"
with open(file_path, 'r') as f:
line_list = f.read().split('\n')
for line in line_list:
if line.startswith("#"):
# it is a comment
continue
else:
# process this line
content = line.split('#')[0].strip() # strip away comments
components = content.split(" ")
# must be three.
assert len(components) == 3, f"abnormal component count for content: '{content}'"