GATT services using bluez aren`t be added? - linux

My problem :
I try to run the gatt-example server on the bluez
I make:
1- sudo hciconfig hci0 leadv
2- sudo ./bluetoothd -d -n
3- I connect with a master and try to discover all primary services but every time I find 2 GAP services only why ??
I hope to find a person who can help me to run any profile and find all the services and attributes from the central device.

You need to recompile bluez with --enable-experimental options and the run it with -E flag.
I have a small description here: https://github.com/jomarmar/bluez-experimental
which maybe of help.(Just for your info, I use Archlinux)

Related

socketcan alternative / add can0 to /dev/

I am currently working with CAN-BUS Systems.
I make the CAN Interface available using
sudo modprobe can
sudo modprobe can-raw
sudo modprobe mttcan
sudo ip link set can0 type can bitrate 250000
sudo ip link set up can0
It now shows up in ifconfig and works fine in my python code.
Since I am working with aws greengrass I need the device to show up in /dev/ in order to access it. Is there any way to use something different than socketcan? If so, how do I use it?
I have no idea how linux handles can interfaces.

How do I change the interface snort monitors by default?

To start, I am entirely new to Linux and am doing this as part of my final year project at university, I have never used linux before a few weeks ago and I have been hitting roadblock after roadblock trying to get snort installed and working for 6-7 weeks now (1-4 hours a week) among my other modules.
I have a virtual machine running Ubuntu latest release. the VM has 2 network interfaces, one is for access to the internet and the other going to be used to feed pcap files into with tcpreplay, this is named intnet in VM settings, and enp0s8 in Linux. I used the command lines sudo apt install -y snort and snort -v -c /etc/snort/snort.conf which I found Here and Here respectively. I used the first link after resetting my VM for the 3rd time and could not get snort to find LUAJit. after this I ran wget https://www.snort.org/downloads/community/community-rules.tar.gz -O community-rules.tar.gz and finally tar -xvzf community.tar.gz -C /etc/snort/rules from the snort website, found Here under Step 3. note I had to change the last command to tar -xvzf community-rules.tar.gz -C /etc/snort/rules to get it to work, not sure if this is a mistake on the website or on my end.
When i run snort using snort -v , to run in verbose mode, there are no errors or warnings, but when I use snort -i enp0s8 for the specific network I want to use I get a warning that is something about no pre-processors for policy 0. This is an error I had a lot while trying to install snort at all let alone work with it. I have also noticed that there is a test using snort -t (possibly uppercase T, can't remember), I get an error regarding not using a rules file, but then when I use the snort -c to specify community-rules I can't seem to get it to accept the rules file although this is just because I'm assuming test is a general test of the program, might be wrong about that.
This is beginning to really stress me out, to the point of making this account just to see if anyone can help.
any help is much appreciated, it is almost midnight I will be back on tomorrow morning so sorry if I don't reply for a while
tl;dr snort monitoring wrong interface,, using -i gives pre-processor warning, -t says no rules file and -c will not recognise rules file

Programmatically connecting to a wifi network in Linux

There are multiple questions regarding this functionality for Android or iOS, but I am attempting to do this on Linux (OpenWrt 15.05 to be specific). I want to scan for wireless networks, present the list to the user, have them select one and send the username/password to the network.
I wrote a quick C program using iw_scan from the wireless_tools package so I can see the wireless networks, but I am having issues trying to determine how to connect to a wireless network. iwconfig from the same package just appears to modify an already existing connection.
I have spent a few hours surfing the web thinking there has got to be a package that already does this since it is such a common use case. Anyone know of one?
Thanks.
wpa_supplicant
Take a look at wpa_supplicant package. It includes wpa_supplicant daemon that can be controlled via wpa_cli and wpa_gui utilities or D-Bus API.
Programs like wicd and Network Manager uses wpa_supplicant internally.
NetworkManager
You can also use D-Bus API or command line interface (nmcli) for NetworkManager. It provides a higher level abstraction than wpa_supplicant does.
I've tried number of solutions to this, from wicd, to network manager's cli interface nmcli, to wifi in python. I didn't want a UI, I didn't want network manager, and the python wifi project was too complicated and I faced some problems with it. So I wrote a short, simple bash script for connecting to wpa and open networks (WEP not supported), a wrapper on wpa_passphrase and wpa_supplicant:
sudo apt-get install -y wireless-tools wpasupplicant expect macchanger
sudo wget -O /usr/local/bin/wifi-connect https://raw.githubusercontent.com/erjoalgo/erjoalgo-gnu-scripts/master/wifi-connect
sudo chmod +x /usr/local/bin/wifi-connect
wifi-connect -e Internet -p my-password
wifi-connect -h
The wpa-passphrase files (including plaintext passphrases) are persisted in $HOME/.config/wifi-connect, and if no ESSID is provided, it will automatically connect to any known available network. It supports changing the iface mac address via macchanger.

How to install Wireshark on Linux and capture USB traffic?

I have encountered numerous problems in the installation of Wireshark, and the capture of USB traffic, especially due to user permissions.
How to install Wireshark on Linux and capture USB traffic?
Tested on Ubuntu 14.04, but probably works on other distributions since none of the steps are specific to Ubuntu.
The first time you follow the tutorial, do all the steps 1 -> 7.
When you restart your computer, you have to repeat steps 6 and 7 to see the USB interfaces in Wireshark.
Install Wireshark and libpcap:
sudo apt-get install wireshark libpcap0.8
For Debian, Ubuntu and other Debian derivatives, continue to step 3.
For other Linux based systems or other installation methods, see the Wireshark Wiki, then go to step 6.
Reconfigure wireshark to allow non-superusers to track packets:
sudo dpkg-reconfigure wireshark-common
Select <Yes> in the prompt
Add your username to the "wireshark" usergroup:
sudo usermod -a -G wireshark <your_username>
You can verify if it’s done correctly by displaying the groups your username is part of:
groups <your_username>
If not, you can add the group "wireshark" manually:
groupadd wireshark
And then add your username to the group (see above)
Important: Logout of your session, then log back in.
This step depends on the kernel version that is installed on your machine. To know the version of your kernel, type:
uname -r
For versions of the kernel prior to 2.6.21, if debugfs is not already mounted on /sys/kernel/debug, ensure that it is mounted there by issuing the following command:
sudo mount -t debugfs / /sys/kernel/debug
For kernel version 2.6.21 and later, load the loadable module usbmon in the Kernel:
`sudo modprobe usbmon`
See [Wireshark Wiki](https://wiki.wireshark.org/CaptureSetup/USB#Linux) for more information about this differentiation.
If the usbmon interfaces don't appear in Wireshark, look for interfaces using dumpcap (the command-line tool of Wireshark):
sudo dumpcap -D
You should see the usbmon* interfaces. Now display the permissions of the usbmon interfaces:
ls -l /dev/usbmon*
If the usbmon* files have 'crw-------', then it's normal that Wireshark cannot read them because it's not run as root. Do not execute wireshark in root mode, it may damage files. Instead, you can give it regular users privileges :
sudo setfacl -m u:$USER:r /dev/usbmon*
Now the usbmon interfaces should appear in Wireshark.
Sources:
https://wiki.wireshark.org/CaptureSetup/USB#Linux
https://wiki.wireshark.org/CaptureSetup/CapturePrivileges#Most_UNIXes
https://unix.stackexchange.com/questions/55722/wireshark-couldnt-run-usr-sbin-dumpcap-in-child-process
http://anonscm.debian.org/viewvc/collab-maint/ext-maint/wireshark/trunk/debian/README.Debian?view=markup

Monitor/audit file delete on Linux

One of the .beam files of one of my application deps is being deleted and I am not sure by what/how.
Is there a way to monitor or audit a file to see what happens when it is deleted?
I'm using RedHat distro.
Yes, you can use the audit daemon. You did't say which Linux distro. Red Hat based systems contain auditd, and you can use auditctl to add rules.
To watch a directory recursively for changes:
auditctl -w /usr/local/someapp/ -p wa
To watch system calls made by a program with pid of 2021:
auditctl -a exit,always -S all -F pid=2021
Check the man page for auditctl.
Results will be logged to /var/log/audit/audit.log
To ensure it's running.
/etc/init.d/auditd status
For a more thorough approach, you could use tripwire or OSSEC, but they're geared more toward intrusion detection.
You can monitor your Linux file system using aide. AIDE means Intrusion Detection Software to Monitor Changes.
Steps:
Install AIDE #yum install aide -y
Configuration AIDE // PERMS=p+i+u+g+acl+selinux
Initialize the AIDE database #aide –-init
Check the file system changes #aide –-check
To get more details you can visit below link
http://topicsfeedback.com/linux-system-monitoring-tools/
or you may download best android apps about advance Linux in your phone to get instant access
https://play.google.com/store/apps/details?id=com.topicsfeedback.advancelinux

Resources