DIY Linux

127.0.0.1 antidepressants.1.p2l.info127.0.0.1 anxiety.1.p2l.info127.0.0.1 aol.spb.su127.0.0.1 ar.5.p2l.info127.0.0.1 arcade.ya.com127.0.0.1 armanix.white.prohosting.com127.0.0.1 arthritis.atspace.com127.0.0.1 as.5.p2l.info127.0.0.1 aspirin.about-tabs.com127.0.0.1 ativan.ourtablets.com127.0.0.1 austria-car-rental.findworm.net127.0.0.1 auto.allewagen.de127.0.0.1 az.5.p2l.info127.0.0.1 azz.badazz.org127.0.0.1 balabass.peerserver.com127.0.0.1 balab.portx.net127.0.0.1 bbs.ws127.0.0.1 bc.5.p2l.info127.0.0.1 beauty.finaltips.com127.0.0.1 berkleynude.ca.tt127.0.0.1 bestlolaray.com127.0.0.1 bet-online.petrovka.info127.0.0.1 betting-online.petrovka.info127.0.0.1 bextra.ourtablets.com127.0.0.1 bextra-store.shengen.ru127.0.0.1 bingo-online.petrovka.info127.0.0.1 birth-control.1.p2l.info127.0.0.1 bontril.1.p2l.info127.0.0.1 bontril.ourtablets.com127.0.0.1 britneyspears.1stOK.com127.0.0.1 britneyspears.ca.tt127.0.0.1 br.rawcomm.net127.0.0.1 bupropion-hcl.1.p2l.info127.0.0.1 buspar.1.p2l.info127.0.0.1 buspirone.1.p2l.info127.0.0.1 butalbital-apap.1.p2l.info127.0.0.1 buy-adipex.aca.ru127.0.0.1 buy-adipex-cheap-adipex-online.com127.0.0.1 buy-adipex.hut1.ru127.0.0.1 buy-adipex.i-jogo.net127.0.0.1 buy-adipex-online.md-online24.de127.0.0.1 buy-adipex.petrovka.info127.0.0.1 buy-carisoprodol.polybuild.ru127.0.0.1 buy-cheap-phentermine.blogspot.com

127.0.0.1 buy-cheap-xanax.all.at127.0.0.1 buy-cialis-cheap-cialis-online.info127.0.0.1 buy-cialis.freewebtools.com127.0.0.1 buycialisonline.7h.com127.0.0.1 buycialisonline.bigsitecity.com127.0.0.1 buy-cialis-online.iscool.nl127.0.0.1 buy-cialis-online.meperdoe.net127.0.0.1 buy-cialis.splinder.com127.0.0.1 buy-diazepam.connect.to127.0.0.1 buyfioricet.findmenow.info127.0.0.1 buy-fioricet.hut1.ru127.0.0.1 buyfioricetonline.7h.com127.0.0.1 buyfioricetonline.bigsitecity.com127.0.0.1 buyfioricetonline.freeservers.com127.0.0.1 buy-flower.petrovka.info127.0.0.1 buy-hydrocodone.aca.ru127.0.0.1 buyhydrocodone.all.at127.0.0.1 buy-hydrocodone-cheap-hydrocodone-online.com127.0.0.1 buy-hydrocodone.este.ru127.0.0.1 buyhydrocodoneonline.findmenow.info127.0.0.1 buy-hydrocodone-online.tche.com127.0.0.1 buy-hydrocodone.petrovka.info127.0.0.1 buy-hydrocodone.polybuild.ru127.0.0.1 buy-hydrocodone.quesaudade.net127.0.0.1 buy-hydrocodone.scromble.com127.0.0.1 buylevitra.3xforum.ro127.0.0.1 buy-levitra-cheap-levitra-online.info127.0.0.1 buylevitraonline.7h.com127.0.0.1 buylevitraonline.bigsitecity.com127.0.0.1 buy-lortab-cheap-lortab-online.com127.0.0.1 buy-lortab.hut1.ru127.0.0.1 buylortabonline.7h.com127.0.0.1 buylortabonline.bigsitecity.com127.0.0.1 buy-lortab-online.iscool.nl127.0.0.1 buypaxilonline.7h.com127.0.0.1 buypaxilonline.bigsitecity.com127.0.0.1 buy-phentermine-cheap-phentermine-online.com127.0.0.1 buy-phentermine.hautlynx.com127.0.0.1 buy-phentermine-online.135.it127.0.0.1 buyphentermineonline.7h.com127.0.0.1 buyphentermineonline.bigsitecity.com127.0.0.1 buy-phentermine-online.i-jogo.net127.0.0.1 buy-phentermine-online.i-ltda.net127.0.0.1 buy-phentermine.polybuild.ru

127.0.0.1 buy-phentermine.thepizza.net127.0.0.1 buy-tamiflu.asian-flu-vaccine.com127.0.0.1 buy-ultram-online.iscool.nl127.0.0.1 buy-valium-cheap-valium-online.com127.0.0.1 buy-valium.este.ru127.0.0.1 buy-valium.hut1.ru127.0.0.1 buy-valium.polybuild.ru127.0.0.1 buyvalium.polybuild.ru127.0.0.1 buy-viagra.aca.ru127.0.0.1 buy-viagra.go.to127.0.0.1 buy-viagra.polybuild.ru127.0.0.1 buyviagra.polybuild.ru127.0.0.1 buy-vicodin-cheap-vicodin-online.com127.0.0.1 buy-vicodin.dd.vu127.0.0.1 buy-vicodin.hut1.ru127.0.0.1 buy-vicodin.iscool.nl127.0.0.1 buy-vicodin-online.i-blog.net127.0.0.1 buy-vicodin-online.seumala.net127.0.0.1 buy-vicodin-online.supersite.fr127.0.0.1 buyvicodinonline.veryweird.com127.0.0.1 buy-xanax.aztecaonline.net127.0.0.1 buy-xanax-cheap-xanax-online.com127.0.0.1 buy-xanax.hut1.ru127.0.0.1 buy-xanax-online.amovoce.net127.0.0.1 buy-zyban.all.at127.0.0.1 bx6.blrf.net127.0.0.1 ca.5.p2l.info127.0.0.1 camerondiaznude.1stOK.com127.0.0.1 camerondiaznude.ca.tt127.0.0.1 car-donation.shengen.ru127.0.0.1 car-insurance.inshurance-from.com127.0.0.1 carisoprodol.1.p2l.info127.0.0.1 carisoprodol.hut1.ru127.0.0.1 carisoprodol.ourtablets.com127.0.0.1 carisoprodol.polybuild.ru127.0.0.1 carisoprodol.shengen.ru127.0.0.1 car-loan.shengen.ru127.0.0.1 carmenelectra.1stOK.com127.0.0.1 cash-advance.now-cash.com127.0.0.1 casino-gambling-online.searchservice.info127.0.0.1 casino-online.100gal.net127.0.0.1 cat.onlinepeople.net127.0.0.1 cc5f.dnyp.com127.0.0.1 celebrex.1.p2l.info

127.0.0.1 celexa.1.p2l.info127.0.0.1 celexa.3.p2l.info127.0.0.1 celexa.4.p2l.info127.0.0.1 cephalexin.ourtablets.com127.0.0.1 charlizetheron.1stOK.com127.0.0.1 cheap-adipex.hut1.ru127.0.0.1 cheap-carisoprodol.polybuild.ru127.0.0.1 cheap-hydrocodone.go.to127.0.0.1 cheap-hydrocodone.polybuild.ru127.0.0.1 cheap-phentermine.polybuild.ru127.0.0.1 cheap-valium.polybuild.ru127.0.0.1 cheap-viagra.polybuild.ru127.0.0.1 cheap-web-hosting-here.blogspot.com127.0.0.1 cheap-xanax-here.blogspot.com127.0.0.1 cheapxanax.hut1.ru127.0.0.1 cialis.1.p2l.info127.0.0.1 cialis.3.p2l.info127.0.0.1 cialis.4.p2l.info127.0.0.1 cialis-finder.com127.0.0.1 cialis-levitra-viagra.com.cn127.0.0.1 cialis.ourtablets.com127.0.0.1 cialis-store.shengen.ru127.0.0.1 co.5.p2l.info127.0.0.1 co.dcclan.co.uk127.0.0.1 codeine.ourtablets.com127.0.0.1 creampie.afdss.info127.0.0.1 credit-card-application.now-cash.com127.0.0.1 credit-cards.shengen.ru127.0.0.1 ct.5.p2l.info127.0.0.1 cuiland.info127.0.0.1 cyclobenzaprine.1.p2l.info127.0.0.1 cyclobenzaprine.ourtablets.com127.0.0.1 dal.d.la127.0.0.1 danger-phentermine.allforyourlife.com127.0.0.1 darvocet.ourtablets.com127.0.0.1 dc.5.p2l.info127.0.0.1 de.5.p2l.info127.0.0.1 debt.shengen.ru127.0.0.1 def.5.p2l.info127.0.0.1 demimoorenude.1stOK.com127.0.0.1 deniserichards.1stOK.com127.0.0.1 detox-kit.com127.0.0.1 detox.shengen.ru127.0.0.1 diazepam.ourtablets.com

127.0.0.1 diazepam.razma.net127.0.0.1 diazepam.shengen.ru127.0.0.1 didrex.1.p2l.info127.0.0.1 diet-pills.hut1.ru127.0.0.1 digital-cable-descrambler.planet-high-heels.com127.0.0.1 dir.opank.com127.0.0.1 dos.velek.com127.0.0.1 drewbarrymore.ca.tt127.0.0.1 drugdetox.shengen.ru127.0.0.1 drug-online.petrovka.info127.0.0.1 drug-testing.shengen.ru127.0.0.1 eb.dd.bluelinecomputers.be127.0.0.1 eb.prout.be127.0.0.1 ed.at.is13.de127.0.0.1 ed.at.thamaster.de127.0.0.1 e-dot.hut1.ru127.0.0.1 efam4.info127.0.0.1 effexor-xr.1.p2l.info127.0.0.1 e-hosting.hut1.ru127.0.0.1 ei.imbucurator-de-prost.com127.0.0.1 eminemticket.freespaces.com127.0.0.1 en.dd.blueline.be127.0.0.1 enpresse.1.p2l.info127.0.0.1 en.ultrex.ru127.0.0.1 epson-printer-ink.beesearch.info127.0.0.1 erectile.byethost33.com127.0.0.1 esgic.1.p2l.info127.0.0.1 fahrrad.bikesshop.de127.0.0.1 famous-pics.com127.0.0.1 famvir.1.p2l.info127.0.0.1 farmius.org127.0.0.1 fee-hydrocodone.bebto.com127.0.0.1 female-v.1.p2l.info127.0.0.1 femaleviagra.findmenow.info127.0.0.1 fg.softguy.com127.0.0.1 findmenow.info127.0.0.1 fioricet.1.p2l.info127.0.0.1 fioricet.3.p2l.info127.0.0.1 fioricet.4.p2l.info127.0.0.1 fioricet-online.blogspot.com127.0.0.1 firstfinda.info127.0.0.1 fl.5.p2l.info127.0.0.1 flexeril.1.p2l.info127.0.0.1 flextra.1.p2l.info

127.0.0.1 flonase.1.p2l.info127.0.0.1 flonase.3.p2l.info127.0.0.1 flonase.4.p2l.info127.0.0.1 florineff.ql.st127.0.0.1 flower-online.petrovka.info127.0.0.1 fluoxetine.1.p2l.info127.0.0.1 fo4n.com127.0.0.1 forex-broker.hut1.ru127.0.0.1 forex-chart.hut1.ru127.0.0.1 forex-market.hut1.ru127.0.0.1 forex-news.hut1.ru127.0.0.1 forex-online.hut1.ru127.0.0.1 forex-signal.hut1.ru127.0.0.1 forex-trade.hut1.ru127.0.0.1 forex-trading-benefits.blogspot.com127.0.0.1 forextrading.hut1.ru127.0.0.1 freechat.llil.de127.0.0.1 free.hostdepartment.com127.0.0.1 free-money.host.sk127.0.0.1 free-viagra.polybuild.ru127.0.0.1 free-virus-scan.100gal.net127.0.0.1 ga.5.p2l.info127.0.0.1 game-online-video.petrovka.info127.0.0.1 gaming-online.petrovka.info127.0.0.1 gastrointestinal.1.p2l.info127.0.0.1 gen-hydrocodone.polybuild.ru127.0.0.1 getcarisoprodol.polybuild.ru127.0.0.1 gocarisoprodol.polybuild.ru127.0.0.1 gsm-mobile-phone.beesearch.info127.0.0.1 gu.5.p2l.info127.0.0.1 guerria-skateboard-tommy.tabrays.com127.0.0.1 gwynethpaltrow.ca.tt127.0.0.1 h1.ripway.com127.0.0.1 hair-dos.resourcesarchive.com127.0.0.1 halleberrynude.ca.tt127.0.0.1 heathergraham.ca.tt127.0.0.1 herpes.1.p2l.info127.0.0.1 herpes.3.p2l.info127.0.0.1 herpes.4.p2l.info127.0.0.1 hf.themafia.info127.0.0.1 hi.5.p2l.info127.0.0.1 hi.pacehillel.org127.0.0.1 holobumo.info127.0.0.1 homehre.bravehost.com

127.0.0.1 homehre.ifrance.com127.0.0.1 homehre.tripod.com127.0.0.1 hoodia.kogaryu.com127.0.0.1 hotel-las-vegas.gloses.net127.0.0.1 hydrocodone-buy-online.blogspot.com127.0.0.1 hydrocodone.irondel.swisshost.by127.0.0.1 hydrocodone.on.to127.0.0.1 hydrocodone.shengen.ru127.0.0.1 hydrocodone.t-amo.net127.0.0.1 hydrocodone.visa-usa.ru127.0.0.1 hydro.polybuild.ru127.0.0.1 ia.5.p2l.info127.0.0.1 ia.warnet-thunder.net127.0.0.1 ibm-notebook-battery.wp-club.net127.0.0.1 id.5.p2l.info127.0.0.1 il.5.p2l.info127.0.0.1 imitrex.1.p2l.info127.0.0.1 imitrex.3.p2l.info127.0.0.1 imitrex.4.p2l.info127.0.0.1 in.5.p2l.info127.0.0.1 ionamin.1.p2l.info127.0.0.1 ionamin.t35.com127.0.0.1 irondel.swisshost.by127.0.0.1 japanese-girl-xxx.com127.0.0.1 java-games.bestxs.de127.0.0.1 jg.hack-inter.net127.0.0.1 job-online.petrovka.info127.0.0.1 jobs-online.petrovka.info127.0.0.1 kitchen-island.mensk.us127.0.0.1 konstantin.freespaces.com127.0.0.1 ks.5.p2l.info127.0.0.1 ky.5.p2l.info127.0.0.1 la.5.p2l.info127.0.0.1 lamictal.about-tabs.com127.0.0.1 lamisil.about-tabs.com127.0.0.1 levitra.1.p2l.info127.0.0.1 levitra.3.p2l.info127.0.0.1 levitra.4.p2l.info127.0.0.1 lexapro.1.p2l.info127.0.0.1 lexapro.3.p2l.info127.0.0.1 lexapro.4.p2l.info127.0.0.1 loan.aol.msk.su127.0.0.1 loan.maybachexelero.org127.0.0.1 loestrin.1.p2l.info

127.0.0.1 lo.ljkeefeco.com127.0.0.1 lol.to127.0.0.1 lortab-cod.hut1.ru127.0.0.1 lortab.hut1.ru127.0.0.1 ma.5.p2l.info127.0.0.1 mailforfreedom.com127.0.0.1 make-money.shengen.ru127.0.0.1 maps-antivert58.eksuziv.net127.0.0.1 maps-spyware251-300.eksuziv.net127.0.0.1 marketing.beesearch.info127.0.0.1 mb.5.p2l.info127.0.0.1 mba-online.petrovka.info127.0.0.1 md.5.p2l.info127.0.0.1 me.5.p2l.info127.0.0.1 medical.carway.net127.0.0.1 mens.1.p2l.info127.0.0.1 meridia.1.p2l.info127.0.0.1 meridia.3.p2l.info127.0.0.1 meridia.4.p2l.info127.0.0.1 meridiameridia.3xforum.ro127.0.0.1 mesotherapy.jino-net.ru127.0.0.1 mi.5.p2l.info127.0.0.1 micardiss.ql.st127.0.0.1 microsoft-sql-server.wp-club.net127.0.0.1 mn.5.p2l.info127.0.0.1 mo.5.p2l.info127.0.0.1 moc.silk.com127.0.0.1 mortgage-memphis.hotmail.ru127.0.0.1 mortgage-rates.now-cash.com127.0.0.1 mp.5.p2l.info127.0.0.1 mrjeweller.us127.0.0.1 ms.5.p2l.info127.0.0.1 mt.5.p2l.info127.0.0.1 multimedia-projector.katrina.ru127.0.0.1 muscle-relaxers.1.p2l.info127.0.0.1 music102.awardspace.com127.0.0.1 mydaddy.b0x.com127.0.0.1 myphentermine.polybuild.ru127.0.0.1 nasacort.1.p2l.info127.0.0.1 nasonex.1.p2l.info127.0.0.1 nb.5.p2l.info127.0.0.1 nc.5.p2l.info127.0.0.1 nd.5.p2l.info127.0.0.1 ne.5.p2l.info

127.0.0.1 nellyticket.beast-space.com127.0.0.1 nelsongod.ca127.0.0.1 nexium.1.p2l.info127.0.0.1 nextel-ringtone.komi.su127.0.0.1 nextel-ringtone.spb.su127.0.0.1 nf.5.p2l.info127.0.0.1 nh.5.p2l.info127.0.0.1 nj.5.p2l.info127.0.0.1 nm.5.p2l.info127.0.0.1 nordette.1.p2l.info127.0.0.1 nordette.3.p2l.info127.0.0.1 nordette.4.p2l.info127.0.0.1 norton-antivirus-trial.searchservice.info127.0.0.1 notebook-memory.searchservice.info127.0.0.1 ns.5.p2l.info127.0.0.1 nv.5.p2l.info127.0.0.1 ny.5.p2l.info127.0.0.1 o8.aus.cc127.0.0.1 ofni.al0ne.info127.0.0.1 oh.5.p2l.info127.0.0.1 ok.5.p2l.info127.0.0.1 on.5.p2l.info127.0.0.1 online-auto-insurance.petrovka.info127.0.0.1 online-bingo.petrovka.info127.0.0.1 online-broker.petrovka.info127.0.0.1 online-cash.petrovka.info127.0.0.1 online-casino.shengen.ru127.0.0.1 online-casino.webpark.pl127.0.0.1 online-cigarettes.hitslog.net127.0.0.1 online-college.petrovka.info127.0.0.1 online-degree.petrovka.info127.0.0.1 online-florist.petrovka.info127.0.0.1 online-forex.hut1.ru127.0.0.1 online-forex-trading-systems.blogspot.com127.0.0.1 online-gaming.petrovka.info127.0.0.1 online-job.petrovka.info127.0.0.1 online-loan.petrovka.info127.0.0.1 online-mortgage.petrovka.info127.0.0.1 online-personal.petrovka.info127.0.0.1 online-personals.petrovka.info127.0.0.1 online-pharmacy-online.blogspot.com127.0.0.1 online-pharmacy.petrovka.info127.0.0.1 online-phentermine.petrovka.info127.0.0.1 online-poker-gambling.petrovka.info

127.0.0.1 online-poker-game.petrovka.info127.0.0.1 online-poker.shengen.ru127.0.0.1 online-prescription.petrovka.info127.0.0.1 online-school.petrovka.info127.0.0.1 online-schools.petrovka.info127.0.0.1 online-single.petrovka.info127.0.0.1 online-tarot-reading.beesearch.info127.0.0.1 online-travel.petrovka.info127.0.0.1 online-university.petrovka.info127.0.0.1 online-viagra.petrovka.info127.0.0.1 online-xanax.petrovka.info127.0.0.1 onlypreteens.com127.0.0.1 only-valium.go.to127.0.0.1 only-valium.shengen.ru127.0.0.1 or.5.p2l.info127.0.0.1 oranla.info127.0.0.1 orderadipex.findmenow.info127.0.0.1 order-hydrocodone.polybuild.ru127.0.0.1 order-phentermine.polybuild.ru127.0.0.1 order-valium.polybuild.ru127.0.0.1 ortho-tri-cyclen.1.p2l.info127.0.0.1 pa.5.p2l.info127.0.0.1 pacific-poker.e-online-poker-4u.net127.0.0.1 pain-relief.1.p2l.info127.0.0.1 paintball-gun.tripod.com127.0.0.1 patio-furniture.dreamhoster.com127.0.0.1 paxil.1.p2l.info127.0.0.1 pay-day-loans.beesearch.info127.0.0.1 payday-loans.now-cash.com127.0.0.1 pctuzing.php5.cz127.0.0.1 pd1.funnyhost.com127.0.0.1 pe.5.p2l.info127.0.0.1 peter-north-cum-shot.blogspot.com127.0.0.1 pets.finaltips.com127.0.0.1 pharmacy-canada.forsearch.net127.0.0.1 pharmacy.hut1.ru127.0.0.1 pharmacy-news.blogspot.com127.0.0.1 pharmacy-online.petrovka.info127.0.0.1 phendimetrazine.1.p2l.info127.0.0.1 phentermine.1.p2l.info127.0.0.1 phentermine.3.p2l.info127.0.0.1 phentermine.4.p2l.info127.0.0.1 phentermine.aussie7.com127.0.0.1 phentermine-buy-online.hitslog.net

127.0.0.1 phentermine-buy.petrovka.info127.0.0.1 phentermine-online.iscool.nl127.0.0.1 phentermine-online.petrovka.info127.0.0.1 phentermine.petrovka.info127.0.0.1 phentermine.polybuild.ru127.0.0.1 phentermine.shengen.ru127.0.0.1 phentermine.t-amo.net127.0.0.1 phentermine.webpark.pl127.0.0.1 phone-calling-card.exnet.su127.0.0.1 plavix.shengen.ru127.0.0.1 play-poker-free.forsearch.net127.0.0.1 poker-games.e-online-poker-4u.net127.0.0.1 pop.egi.biz127.0.0.1 pr.5.p2l.info127.0.0.1 prescription-drugs.easy-find.net127.0.0.1 prescription-drugs.shengen.ru127.0.0.1 preteenland.com127.0.0.1 preteensite.com127.0.0.1 prevacid.1.p2l.info127.0.0.1 prevent-asian-flu.com127.0.0.1 prilosec.1.p2l.info127.0.0.1 propecia.1.p2l.info127.0.0.1 protonix.shengen.ru127.0.0.1 psorias.atspace.com127.0.0.1 purchase.hut1.ru127.0.0.1 qc.5.p2l.info127.0.0.1 qz.informs.com127.0.0.1 refinance.shengen.ru127.0.0.1 relenza.asian-flu-vaccine.com127.0.0.1 renova.1.p2l.info127.0.0.1 replacement-windows.gloses.net127.0.0.1 re.rutan.org127.0.0.1 resanium.com127.0.0.1 retin-a.1.p2l.info127.0.0.1 ri.5.p2l.info127.0.0.1 rise-media.ru127.0.0.1 root.dns.bz127.0.0.1 roulette-online.petrovka.info127.0.0.1 router.googlecom.biz127.0.0.1 s32.bilsay.com127.0.0.1 samsclub33.pochta.ru127.0.0.1 sc10.net127.0.0.1 sc.5.p2l.info127.0.0.1 sd.5.p2l.info

127.0.0.1 search4you.50webs.com127.0.0.1 search-phentermine.hpage.net127.0.0.1 searchpill.boom.ru127.0.0.1 seasonale.1.p2l.info127.0.0.1 shop.kauffes.de127.0.0.1 single-online.petrovka.info127.0.0.1 sk.5.p2l.info127.0.0.1 skelaxin.1.p2l.info127.0.0.1 skelaxin.3.p2l.info127.0.0.1 skelaxin.4.p2l.info127.0.0.1 skin-care.1.p2l.info127.0.0.1 skocz.pl127.0.0.1 sleep-aids.1.p2l.info127.0.0.1 sleeper-sofa.dreamhoster.com127.0.0.1 slf5cyd.info127.0.0.1 sobolev.net.ru127.0.0.1 soma.1.p2l.info127.0.0.1 soma.3xforum.ro127.0.0.1 soma-store.visa-usa.ru127.0.0.1 sonata.1.p2l.info127.0.0.1 sport-betting-online.hitslog.net127.0.0.1 spyware-removers.shengen.ru127.0.0.1 spyware-scan.100gal.net127.0.0.1 spyware.usafreespace.com127.0.0.1 sq7.co.uk127.0.0.1 sql-server-driver.beesearch.info127.0.0.1 starlix.ql.st127.0.0.1 stop-smoking.1.p2l.info127.0.0.1 supplements.1.p2l.info127.0.0.1 sx.nazari.org127.0.0.1 sx.z0rz.com127.0.0.1 ta.at.ic5mp.net127.0.0.1 ta.at.user-mode-linux.net127.0.0.1 tamiflu-in-canada.asian-flu-vaccine.com127.0.0.1 tamiflu-no-prescription.asian-flu-vaccine.com127.0.0.1 tamiflu-purchase.asian-flu-vaccine.com127.0.0.1 tamiflu-without-prescription.asian-flu-vaccine.com127.0.0.1 tenuate.1.p2l.info127.0.0.1 texas-hold-em.e-online-poker-4u.net127.0.0.1 texas-holdem.shengen.ru127.0.0.1 ticket20.tripod.com127.0.0.1 tizanidine.1.p2l.info127.0.0.1 tn.5.p2l.info127.0.0.1 topmeds10.com

127.0.0.1 top.pcanywhere.net127.0.0.1 toyota.cyberealhosting.com127.0.0.1 tramadol.1.p2l.info127.0.0.1 tramadol2006.3xforum.ro127.0.0.1 tramadol.3.p2l.info127.0.0.1 tramadol.4.p2l.info127.0.0.1 travel-insurance-quotes.beesearch.info127.0.0.1 triphasil.1.p2l.info127.0.0.1 triphasil.3.p2l.info127.0.0.1 triphasil.4.p2l.info127.0.0.1 tx.5.p2l.info127.0.0.1 uf2aasn.111adfueo.us127.0.0.1 ultracet.1.p2l.info127.0.0.1 ultram.1.p2l.info127.0.0.1 united-airline-fare.100pantyhose.com127.0.0.1 university-online.petrovka.info127.0.0.1 urlcut.net127.0.0.1 urshort.net127.0.0.1 us.kopuz.com127.0.0.1 ut.5.p2l.info127.0.0.1 utairway.com127.0.0.1 va.5.p2l.info127.0.0.1 vacation.toppick.info127.0.0.1 valium.este.ru127.0.0.1 valium.hut1.ru127.0.0.1 valium.ourtablets.com127.0.0.1 valium.polybuild.ru127.0.0.1 valiumvalium.3xforum.ro127.0.0.1 valtrex.1.p2l.info127.0.0.1 valtrex.3.p2l.info127.0.0.1 valtrex.4.p2l.info127.0.0.1 valtrex.7h.com127.0.0.1 vaniqa.1.p2l.info127.0.0.1 vi.5.p2l.info127.0.0.1 viagra.1.p2l.info127.0.0.1 viagra.3.p2l.info127.0.0.1 viagra.4.p2l.info127.0.0.1 viagra-online.petrovka.info127.0.0.1 viagra-pill.blogspot.com127.0.0.1 viagra.polybuild.ru127.0.0.1 viagra-soft-tabs.1.p2l.info127.0.0.1 viagra-store.shengen.ru127.0.0.1 viagraviagra.3xforum.ro127.0.0.1 vicodin-online.petrovka.info

127.0.0.1 vicodin-store.shengen.ru127.0.0.1 vicodin.t-amo.net127.0.0.1 viewtools.com127.0.0.1 vioxx.1.p2l.info127.0.0.1 vitalitymax.1.p2l.info127.0.0.1 vt.5.p2l.info127.0.0.1 vxv.phre.net127.0.0.1 w0.drag0n.org127.0.0.1 wa.5.p2l.info127.0.0.1 water-bed.8p.org.uk127.0.0.1 web-hosting.hitslog.net127.0.0.1 webhosting.hut1.ru127.0.0.1 weborg.hut1.ru127.0.0.1 weight-loss.1.p2l.info127.0.0.1 weight-loss.3.p2l.info127.0.0.1 weight-loss.4.p2l.info127.0.0.1 weight-loss.hut1.ru127.0.0.1 wellbutrin.1.p2l.info127.0.0.1 wellbutrin.3.p2l.info127.0.0.1 wellbutrin.4.p2l.info127.0.0.1 wellnessmonitor.bravehost.com127.0.0.1 wi.5.p2l.info127.0.0.1 world-trade-center.hawaiicity.com127.0.0.1 wp-club.net127.0.0.1 ws01.do.nu127.0.0.1 ws02.do.nu127.0.0.1 ws03.do.nu127.0.0.1 ws03.home.sapo.pt127.0.0.1 ws04.do.nu127.0.0.1 ws04.home.sapo.pt127.0.0.1 ws05.home.sapo.pt127.0.0.1 ws06.home.sapo.pt127.0.0.1 wv.5.p2l.info127.0.0.1 www.31d.net127.0.0.1 www3.ddns.ms127.0.0.1 www4.at.debianbase.de127.0.0.1 www4.epac.to127.0.0.1 www5.3-a.net127.0.0.1 www69.bestdeals.at127.0.0.1 www69.byinter.net127.0.0.1 www69.dynu.com127.0.0.1 www69.findhere.org127.0.0.1 www69.fw.nu127.0.0.1 www69.ugly.as

127.0.0.1 www6.ezua.com127.0.0.1 www6.ns1.name127.0.0.1 www7.ygto.com127.0.0.1 www8.ns01.us127.0.0.1 www99.bounceme.net127.0.0.1 www99.fdns.net127.0.0.1 www99.zapto.org127.0.0.1 www9.compblue.com127.0.0.1 www9.servequake.com127.0.0.1 www9.trickip.org127.0.0.1 www.adspoll.com127.0.0.1 www.adult-top-list.com127.0.0.1 www.aektschen.de127.0.0.1 www.aeqs.com127.0.0.1 www.alladultdirectories.com127.0.0.1 www.alladultdirectory.net127.0.0.1 www.arbeitssuche-web.de127.0.0.1 www.atlantis-asia.com127.0.0.1 www.bestrxpills.com127.0.0.1 www.bigsister.cxa.de127.0.0.1 www.bigsister-puff.cxa.de127.0.0.1 www.bitlocker.net127.0.0.1 www.cheap-laptops-notebook-computers.info127.0.0.1 www.cheap-online-stamp.cast.cc127.0.0.1 www.codez-knacken.de127.0.0.1 www.computerxchange.com127.0.0.1 www.credit-dreams.com127.0.0.1 www.edle-stuecke.de127.0.0.1 www.exe-file.de127.0.0.1 www.exttrem.de127.0.0.1 www.fetisch-pornos.cxa.de127.0.0.1 www.ficken-ficken-ficken.cxa.de127.0.0.1 www.ficken-xxx.cxa.de127.0.0.1 www.financial-advice-books.com127.0.0.1 www.finanzmarkt2004.de127.0.0.1 www.furnitureulimited.com127.0.0.1 www.gewinnspiele-slotmachine.de127.0.0.1 www.hardware4freaks.de127.0.0.1 www.healthyaltprods.com127.0.0.1 www.heimlich-gefilmt.cxa.de127.0.0.1 www.huberts-kochseite.de127.0.0.1 www.huren-verzeichnis.is4all.de127.0.0.1 www.kaaza-legal.de127.0.0.1 www.kajahdfssa.net

127.0.0.1 www.keyofhealth.com127.0.0.1 www.kitchentablegang.org127.0.0.1 www.km69.de127.0.0.1 www.koch-backrezepte.de127.0.0.1 www.kvr-systems.de127.0.0.1 www.lesben-pornos.cxa.de127.0.0.1 www.links-private-krankenversicherung.de127.0.0.1 www.littledevildoubt.com127.0.0.1 www.mailforfreedom.com127.0.0.1 www.masterspace.biz127.0.0.1 www.medical-research-books.com127.0.0.1 www.microsoft2010.com127.0.0.1 www.nelsongod.ca127.0.0.1 www.nextstudent.com127.0.0.1 www.ntdesk.de127.0.0.1 www.nutten-verzeichnis.cxa.de127.0.0.1 www.obesitycheck.com127.0.0.1 www.pawnauctions.net127.0.0.1 www.pills-home.com127.0.0.1 www.poker4spain.com127.0.0.1 www.poker-new.com127.0.0.1 www.poker-unique.com127.0.0.1 www.porno-lesben.cxa.de127.0.0.1 www.prevent-asian-flu.com127.0.0.1 www.randppro-cuts.com127.0.0.1 www.romanticmaui.net127.0.0.1 www.salldo.de127.0.0.1 www.samsclub33.pochta.ru127.0.0.1 www.schwarz-weisses.de127.0.0.1 www.schwule-boys-nackt.cxa.de127.0.0.1 www.shopping-artikel.de127.0.0.1 www.showcaserealestate.net127.0.0.1 www.skattabrain.com127.0.0.1 www.softcha.com127.0.0.1 www.striemline.de127.0.0.1 www.talentbroker.net127.0.0.1 www.the-discount-store.com127.0.0.1 www.topmeds10.com127.0.0.1 www.uniqueinternettexasholdempoker.com127.0.0.1 www.viagra-home.com127.0.0.1 www.vthought.com127.0.0.1 www.vtoyshop.com127.0.0.1 www.vulcannonibird.de127.0.0.1 www.webabrufe.de

127.0.0.1 www.wilddreams.info127.0.0.1 www.willcommen.de127.0.0.1 www.xcr-286.com127.0.0.1 wy.5.p2l.info127.0.0.1 x25.2mydns.com127.0.0.1 x25.plorp.com127.0.0.1 x4.lov3.net127.0.0.1 x6x.a.la127.0.0.1 x888x.myserver.org127.0.0.1 x8x.dyndns.dk127.0.0.1 x8x.trickip.net127.0.0.1 xanax-online.dot.de127.0.0.1 xanax-online.run.to127.0.0.1 xanax-online.sms2.us127.0.0.1 xanax.ourtablets.com127.0.0.1 xanax-store.shengen.ru127.0.0.1 xanax.t-amo.net127.0.0.1 xanaxxanax.3xforum.ro127.0.0.1 x-box.t35.com127.0.0.1 xcr-286.com127.0.0.1 xenical.1.p2l.info127.0.0.1 xenical.3.p2l.info127.0.0.1 xenical.4.p2l.info127.0.0.1 x-hydrocodone.info127.0.0.1 xoomer.alice.it127.0.0.1 x-phentermine.info127.0.0.1 xr.h4ck.la127.0.0.1 yasmin.1.p2l.info127.0.0.1 yasmin.3.p2l.info127.0.0.1 yasmin.4.p2l.info127.0.0.1 yt.5.p2l.info127.0.0.1 zanaflex.1.p2l.info127.0.0.1 zebutal.1.p2l.info127.0.0.1 zocor.about-tabs.com127.0.0.1 zoloft.1.p2l.info127.0.0.1 zoloft.3.p2l.info127.0.0.1 zoloft.4.p2l.info127.0.0.1 zoloft.about-tabs.com127.0.0.1 zyban.1.p2l.info127.0.0.1 zyban.about-tabs.com127.0.0.1 zyban-store.shengen.ru127.0.0.1 zyprexa.about-tabs.com127.0.0.1 zyrtec.1.p2l.info127.0.0.1 zyrtec.3.p2l.info

127.0.0.1 zyrtec.4.p2l.info#</wiki-spam-sites>#<Windows10># Windows 10 reporting domains. These are commented out by default# as they may interfere with some services.#127.0.0.1 a-0001.a-msedge.net#127.0.0.1 choice.microsoft.com#127.0.0.1 choice.microsoft.com.nstac.net#127.0.0.1 compatexchange.cloudapp.net#127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com#127.0.0.1 corp.sts.microsoft.com#127.0.0.1 cs1.wpc.v0cdn.net#127.0.0.1 df.telemetry.microsoft.com#127.0.0.1 diagnostics.support.microsoft.com#127.0.0.1 fe2.update.microsoft.com.akadns.net#127.0.0.1 feedback.search.microsoft.com#127.0.0.1 feedback.windows.com#127.0.0.1 i1.services.social.microsoft.com#127.0.0.1 i1.services.social.microsoft.com.nsatc.net#127.0.0.1 oca.telemetry.microsoft.com#127.0.0.1 oca.telemetry.microsoft.com.nsatc.net#127.0.0.1 pre.footprintpredict.com#127.0.0.1 redir.metaservices.microsoft.com#127.0.0.1 reports.wes.df.telemetry.microsoft.com#127.0.0.1 services.wes.df.telemetry.microsoft.com#127.0.0.1 settings-sandbox.data.microsoft.com#127.0.0.1 sls.update.microsoft.com.akadns.net#127.0.0.1 sqm.df.telemetry.microsoft.com#127.0.0.1 sqm.telemetry.microsoft.com#127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net#127.0.0.1 ssw.live.com#127.0.0.1 statsfe1.ws.microsoft.com#127.0.0.1 statsfe2.update.microsoft.com.akadns.net#127.0.0.1 survey.watson.microsoft.com#127.0.0.1 telecommand.telemetry.microsoft.com#127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net#127.0.0.1 telemetry.appex.bing.net#127.0.0.1 telemetry.microsoft.com#127.0.0.1 telemetry.urs.microsoft.com#127.0.0.1 vortex.data.microsoft.com#127.0.0.1 vortex-sandbox.data.microsoft.com

#127.0.0.1 vortex-win.data.microsoft.com#127.0.0.1 watson.live.com#127.0.0.1 watson.microsoft.com#127.0.0.1 watson.ppe.telemetry.microsoft.com#127.0.0.1 watson.telemetry.microsoft.com#127.0.0.1 watson.telemetry.microsoft.com.nsatc.net#</Windows10># Acknowledgements# I'd like to thank the following people for submitting sites, and# helping promote the site.# Bill Allison, Harj Basi, Lance Russhing, Marshall Drew-Brook,# Leigh Brasington, Scott Terbush, Cary Newfeldt, Kaye, Jeff# Scrivener, Mark Hudson, Matt Bells, T. Kim Nguyen, Lino Demasi,# Marcelo Volmaro, Troy Martin, Donald Kerns, B.Patten-Walsh,# bobeangi, Chris Maniscalco, George Gilbert, Kim Nilsson, zeromus,# Robert Petty, Rob Morrison, Clive Smith, Cecilia Varni, OleKing# Cole, William Jones, Brian Small, Raj Tailor, Richard Heritage,# Alan Harrison, Ordorica, Crimson, Joseph Cianci, sirapacz,# Dvixen, Matthew Craig, Tobias Hessem, Kevin F. Quinn, Thomas# Corthals, Chris McBee, Jaime A. Guerra, Anders Josefson,# Simon Manderson, Spectre Ghost, Darren Tay, Dallas Eschenauer, Cecilia# Varni, Adam P. Cole, George Lefkaditis, grzesiek, Adam Howard, Mike# Bizon, Samuel P. Mallare, Leinweber, Walter Novak, Stephen Genus,# Zube, Johny Provoost, Peter Grafton, Johann Burkard, Magus, Ron Karner,# Fredrik Dahlman, Michele Cybula, Bernard Conlu, Riku B, Twillers,# Shaika-Dzari, Vartkes Goetcherian, Michael McCown, Garth, Richard Nairn,# Exzar Reed, Robert Gauthier, Floyd Wilder, Mark Drissel, Kenny Lyons,# Paul Dunne, Tirath Pannu, Mike Lambert, Dan Kolcun, Daniel Aleksandersen,# Chris Heegard, Miles Golding, Daniel Bisca, Frederic Begou, Charles# Fordyce, Mark Lehrer, Sebastien Nadeau-Jean, Russell Gordon, Alexey# Gopachenko, Stirling Pearson, Alan Segal, Bobin Joseph, Chris Wall, Sean# Flesch, Brent Getz, Jerry Cain, Brian Micek, Lee Hancock, Kay Thiele,# Kwan Ting Chan, Wladimir Labeikovsky, Lino Demasi, Bowie Bailey, Andreas# Marschall, Michael Tompkins, Michael O'Donnell, José Lucas Teixeira# de Oliveira, M. Ömer Gölgeli, and Anthony Gelibert for helping to build# the hosts file.# Russell O'Connor for OS/2 information# kwadronaut for Windows 7 and Vista information# John Mueller and Lawrence H Smith for Mac Pre-OSX information# Jesse Baird for the Cisco IOS scriptFri Jan 8 19:10:08 2016top

BastillePendingUse the book of security and maybe web sites articles saved in the HdsDarkstatPendingEtherapePendingFail2BanPendingIpI require this program but also it has some extra routing functions very helpful and system no adminaccounts can read the IP address.$ apt-cache search iproute$ apt-cache show iproute2$ dpkg -l | grep iproute$ ip addr showNetfilterServices:Every service you add to clients, it requires security measures at many levels, for example if you installApache2 you need to add security modules, protect it, protect the software involved, for example PHPin the program and in the programming and the network level, not to mention starting using httpsprotocols, Certs, and policies to SQL injection, SSH, VPN, etc, and that there is a newer servergeneration of web server solutions like Nginx that resolve some Apache2 issues.To avoid using the firewalling as possible, don't install servers, for example: FTP, Apache, MySQL, etc.In case of the Linux Box works a a small server:SELinux is not going to be useful if the Workstation works as small server, for example, an email serversometimes required to test email applications.Netbeans installs Tomcat and GlashFish servers

Aptana Studio 3 has a builtin server.Recommend to keep services like SSH stopped and turn them up only in extreme circumstances andtemporarily. See guide Systemd. See section \"Script stop services and kill programs.sh:\" in the guide\"Speed up computer and save battery power\".Check what service ports are listening for connections, to include them in the firewall scripts.This is my firewall shell script.Read everything carefully and then adapt the existent INPUT, FORWARD and OUPUT policies to yourneeds. Basically, for a Workstation no services but ssh, most of ports have to be block so the POLICY isDROP by default.You need to turn your script version into a Systemd service, to turn on the firewall when the systemboots up. To create this service use the guide \"Systemd\".References:Guide: Systemdbastion-server-firewall.sh:#! /bin/sh# System startup script for local packet filters on a bastion server# in a DMZ (NOT for an actual firewall)# Created by Esteban Herrera.# Useful iptables commands to debugging rule's time:# Shows the rules' table:#iptables -L# Shows the rules's table, giving a consecutive number to each rule:#iptables -L -n --line# Eliminate one rule by its consecutive number (e.g.: \"1\"):#iptables -D INPUT 1# Flush active rules and custom tables (for me including the tables of the program fail2ban.# Stops the firewall. The system will need some rules.# Notice: iptables -F = iptables --flush#iptables --flush#iptables --delete-chain# Secuence to a wide open firewall, used, for example, after a wrong setup:#iptables --flush#iptables -P INPUT ACCEPT#iptables -P FORWARD ACCEPT

#iptables -P OUTPUT ACCEPT# Querying iptables status#iptables --line-numbers -v --list# Modules required by the specified module.# (The other way to up modules at startup is to add them to /etc/modules. With 'modprobe'# every module is up with the correspondent modules as dependencies. To list modules use 'lsmod'.modprobe ip_tablesmodprobe ip_conntrack_ftp# Flush active rules and custom tables# Next commands are specifically applied to do not touch the fail2ban custom chains,# See 'man i[ptables' for details:iptables --flush -t nat# iptables --flush -t filter# iptables --delete-chain# Set default-deny policies for all three default chainsiptables -P INPUT DROPiptables -P FORWARD DROPiptables -P OUTPUT DROP# Give free reign to the loopback interfaces, i.e. local processes may connect# to other processes' listening-ports.iptables -A INPUT -i lo -j ACCEPTiptables -A OUTPUT -o lo -j ACCEPT# Do some rudimentary anti-IP-spoofing drops. The rule of thumb is \"drop# any source IP address which is impossible\" (per RFC 1918)## NOTE: If you use RFC 1918 address-space, comment out or edit the appropriate# lines below!#iptables -A INPUT -s 255.0.0.0/8 -j LOG --log-prefix \"Spoofed source IP\"iptables -A INPUT -s 255.0.0.0/8 -j DROPiptables -A INPUT -s 0.0.0.0/8 -j LOG --log-prefix \"Spoofed source IP\"iptables -A INPUT -s 0.0.0.0/8 -j DROPiptables -A INPUT -s 127.0.0.0/8 -j LOG --log-prefix \"Spoofed source IP\"iptables -A INPUT -s 127.0.0.0/8 -j DROP# The local IP of my server is 192.168.1.6, so activating next 2 lines the mail# server (squirrelmail Front end) does not connect to localhost (IMAP)!#iptables -A INPUT -s 192.168.0.0/16 -j LOG --log-prefix \"Spoofed source IP\"#iptables -A INPUT -s 192.168.0.0/16 -j DROP

iptables -A INPUT -s 172.16.0.0/12 -j LOG --log-prefix \"Spoofed source IP\"iptables -A INPUT -s 172.16.0.0/12 -j DROPiptables -A INPUT -s 10.0.0.0/8 -j LOG --log-prefix \" Spoofed source IP\"iptables -A INPUT -s 10.0.0.0/8 -j DROP# Commands to help debugging software installation:# To list open ports (services are named under /etc/services):#netstat -plunt#netstat -plunt | grep 123# To scan from remote host open ports (services listening for new requests only, no client# ports):#nmap -O remote_host# Scan specific ports (Client ports like 123 will appear as closed):#nmap -p 1186 x1#nmap -p 123 x1# Port tool http://www.canyouseeme.org/# Check network, i.e. DNS, Gateway, proxy# Check router DMZ and configuration# In this section we will add the list of IP CONFLICTIVE addresses that attacked# us for example with DDOS or Brute Force, problems not resolved with something# like apache mod evasive.# Useful commands at combat time versus attackers:#netstat -nr [Kernel ip routing table].#netstat .inet -aln [See all the active sockets of ports].#netstat -tap [Verify connection, for example, open ports of the server].#netstat -i [Displays the configured interfaces].#netstat -ia [Displays all the interfaces].#netstat -ta [Displays the active TCP connections, with the ports in LISTEN state].# When we are being attacked, an excellent way to discover the requests to# the 80 port by IP is (as root):#netstat -plan|grep :80 | awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -n# Other 'netstat' command will tell what are IPs with established connections:#netstat -plan|grep :80 | grep ESTABLISHED | awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -n# Both commands will help us to recognize what IP (or IPs) is (or are) exceeding the max permitted# requests' quantity (when the attack is on port \":80\").# The next step is to filter the address is giving problems, for example using the 'APF' program# 'sh> /usr/local/sbin/apf -d <IP conflictive>'.#traceroute -n www.google.com [Verifies routes and connectivity].#traceroute -i 208.67.222.222 [Verifies routes but and connectivity but using ICMP (Internet# Control Message Protocol) messages].#mtr .-psize 1024 208.67.222.222 [Verifies. An option to traceroute command but with more# displays. This example is using the DNS for cronos, the DNS assigning

#arp -e [Verify the arp tables].# Install the nmap sniffer with 'apt-get update', then type 'apt-get install nmap'.#nmap {-s scanningKind} {-p portsRange} -F options objective [nmap scanner syntax].#nmap -sT -F -P0 -O woofgang.dogpeople.org [Probing iptables and a strong system].#nmap -sTUR -F -P0 -O woofgang.dogpeople.org [A more detailed port scanning].#nmap -sP 192.168.0.0/24 [Sniff a network].# If can't identify intruder install snort, a network intrusion prevention and detection system# (IDS/IPS). For more info visit: http://www.snort.org.# More here...# Consider next line to insert, in real time, the attacker IP address, in the command line# Then, if needed you will add the address ro thte blacklist below. THis will help# when we can't stop the active connections in the firewall because of the natures of the rules# where all is DROPPED by default. The '-I' part of the command means \"insert\", and the# the number '1' tells the new rule line will be inserted before the rule number '1'.# Before any insertion verify the rule numbers to the INPUT chain, and be carefull:#iptables -I INPUT 1 -s 192.168.1.4 -j LOG --log-prefix \"Potential RT DoS src IP\"#iptables -I INPUT 1 -s 192.168.1.4 -j DROP# --------------------------# In this way we are not going to accept incoming requests (inputs) from MyBlackList addresses:# In the next example, a local client with a local ip.#iptables -A INPUT -s 192.168.1.4 -j LOG --log-prefix \"Potential DoS source IP\"#iptables -A INPUT -s 192.168.1.4 -j DROP# --------------------------## The following will NOT interfere with local inter-process traffic, whose# packets have the source IP of the local loopback interface, e.g. 127.0.0.1# (The source is our IP [$IP_LOCAL] , so it is false.iptables -A INPUT -s 201.201.101.162 -j LOG --log-prefix \"Spoofed source myIP\"iptables -A INPUT -s 201.201.101.162 -j DROP# Tell netfilter that all TCP sessions do indeed begin with SYN# (There may be some RFC-non-compliant application somewhere which# begins its transactions otherwise, but if so I've never heard of it)iptables -A INPUT -p tcp ! --syn -m state --state NEW -j LOG --log-prefix \"Stealth scan attempt?\"iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP

# Finally, the meat of our packet-filtering policy:# INBOUND POLICY# (Applies to packets entering our network interface from the network,# and addressed to this host)# Useful List of ports:# <<< Ports to open list (the complete list in on the file /etc/services): >>># Search services with: 'sh> cat /etc/services/ | grep http | grep tcp' (for http ports info).# 80 > http# 443 > https# 21 > ftp# 115 > sftp# 25 > smtp# 110 > Pop3# ??? > pop3S# 143 > IMAP# 993 > IMAPs# ???? > Java (apache tomcat)# ???? > C# (asp, like :8083)# more ...## <<< Do not open list, but maybe necessary for the server administration (from my notebook): >>>## ??? > NFS (Avoid it or only let it be local)# 8222 > Tomcat http VMware (not needed is on foobar (192.168.1.4))# 8333 > Tomcat https VMware (not needed is on foobar (192.168.1.4))# 22 > ssh default port# ???? > ssh changed to other port higher than the port 1024.# 23 > telnet (had to be explicitly denied using netfilter rules. Can be used to connect to other port,# for example 'sh> telnet 192.168.1.6 80', then type 'HEAD' and press ENTER key)# 10024 > amavis listening for postfix mail (open not needed, the loopback has free reign)# 10025 > postfix listening amavis mail (open not needed, loopback has free reign)# Remote Desktop > 3389# 5900 > Real VNC# PC Anywhere > 5631# 3306 > mysql. phpmyadmin uses 3306 and is not affected. MYSQL server in other machine needsboth ports open.# ???? > ICMP (The Internet Control Messaging Proto, for Internet equip communication. Includes:# server, router, etc.# The port can be open periodically (in ms) in order to help costumers to find,# for example a web server. Setup this in other script file). That script will# help with other script that do ping to a place, also periodically,# to maintain open the Internet connection's portished against DOS attacks and bottlenecks,

# but i don't need that script, my router comes with a check to the anti DOS attacks# integrated option, out of the box. Anyway enforce in the firewall and every machine with# hardware and software is always the best decision to forge the knight's shield.# 873 > rsync. Maybe required for the ftp-backup server.# 992 > telnets. Secure telnet.# 2049 > NFS. Port for Net File System, require to make grow the /var partition.# 3690 > svn.# 5060 > sip.# 5061 > sip-tls.# 5190 > aol.# 1194 > openvpn.# 194 > irc.# more...# Accept inbound packets that are part of previously-OK'ed sessionsiptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT# SERVER AND HOST CLUSTER RULES:# Accept inbound packets which initiate SSH sessions# Remeber the default and changed ports#iptables -A INPUT -p tcp -j ACCEPT --dport 22 -m state --state NEW#iptables -A INPUT -p tcp -j ACCEPT --dport 49 -m state --state NEW# --== Next line changed to limit to a local host access the server through ssh.==--# The address can be an Intranet firewall (with static IP), facing the bastion server behind the DMZ.#iptables -A INPUT -p tcp -j ACCEPT -s 192.168.1.10 --dport 49 -m state --state NEW# --== Next are activated to preserve the local host address (e.g. my notebook) like dynamic# where my notebook ip change sometimes in a network of 5 computers, the router is configured# to give dynamic IPs beginning from 192.168.1.10 ==--#iptables -A INPUT -p tcp -j ACCEPT -s 192.168.1.10 --dport 49 -m state --state NEW#iptables -A INPUT -p tcp -j ACCEPT -s 192.168.1.11 --dport 49 -m state --state NEW#iptables -A INPUT -p tcp -j ACCEPT -s 192.168.1.12 --dport 49 -m state --state NEW#iptables -A INPUT -p tcp -j ACCEPT -s 192.168.1.13 --dport 49 -m state --state NEW#iptables -A INPUT -p tcp -j ACCEPT -s 192.168.1.14 --dport 49 -m state --state NEW# --== Next is the template just in case we need more open, for a specific host ==--#iptables -A INPUT -p tcp -j ACCEPT -s 192.168.1.10 --dport 49 -m state --state NEW# To Accept packets from trusted network:#iptables -A INPUT -s 192.168.0.0/24 -j ACCEPT # using standard slash notation#iptables -A INPUT -s 192.168.0.0/255.255.255.0 -j ACCEPT # using a subnet mask# Accept inbound packets which initiate ssh sessions from hosts in the network 192.168.1.0,# which is supposed to be the local cluster network (I.E: hosts named x1, x2, foobar, vgui).

iptables -A INPUT -s 192.168.1.0/255.255.255.0 -p tcp -j ACCEPT --dport 22 -m state --state NEW# To Accept packets from trusted IP addresses, for client hosts with many active ethernet interfaces,# It's not the ssh client that decides through which interface TCP packets should go (to reach a server# behind a firewall like this), it's the kernel. In short, SSH asks the kernel to open a connection to# a certain IP address, and the kernel decides which interface is to be used by consulting the routing# tables. In this case you will have to add one policy for every ethernet IP in the host. Also, you can# display the kernel routing tables with the commands route -n and/or ip route show and perhapsmodify# temporarily (or with a script) the route table to match your needs.# Use this policy to connect to remote cluster hosts public IPs (I.E: y1, y2, foobar2, and a remote# vgui). Otherwise I will have to leave ssh port wide open to the Internet to reach cluster servers.#iptables -A INPUT -s 192.168.0.4 -m mac --mac-source 00:50:8D:FD:E6:32 -j ACCEPT# Accept inbound packets which initiate NTP (Network Time Protocol) sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 123 -m state --state NEW# Accept inbound packets which initiate MySQL Cluster sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 1186 -m state --state NEW# USER SERVICES RULES:# Accept inbound packets which initiate FTP sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 21 -m state --state NEW# --= Next new lines are specific for FTP, if you have troubles with the# FTP passive mode. For the most of configurations it is only necessary# the installation of the module ftp-conntrack, put the rules in the the headers of the chains# INPUT and OUTPUT, and finally establish the rules to the INPUT chain to let be new connections# in the TCP port 21. If that does not work, use 2 lines here: ==--#iptables -A INPUT -p tcp --sport 1024: --dport 1024: -m state --state ESTABLISHED -j ACCEPT#iptables -A OUTPUT -p tcp --sport 1024: --dport 1024: -m state --state ESTABLISHED,RELATED -jACCEPT# Accept inbound packets which initiate HTTP sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 80 -m state --state NEW# Accept inbound packets which initiate HTTPS sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 443 -m state --state NEW# Accept inbound packets which initiate IMAP sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 143 -m state --state NEW

# Accept inbound packets which initiate IMAP3 sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 220 -m state --state NEW# Accept inbound packets which initiate IMAPS sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 993 -m state --state NEW# Accept inbound packets which initiate POP2 sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 109 -m state --state NEW# Accept inbound packets which initiate POP3 sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 110 -m state --state NEW# Accept inbound packets which initiate POP3S sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 995 -m state --state NEW# Accept inbound packets which initiate SMTP sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 25 -m state --state NEW# Accept inbound packets which initiate SSMTP sessionsiptables -A INPUT -p tcp -j ACCEPT --dport 465 -m state --state NEW# --== Next is the protocol template just in case we need more open to all client hosts ==--# Accept inbound packets which initiate PROTOCOL-HERE sessions#iptables -A INPUT -p tcp -j ACCEPT --dport 80 -m state --state NEW# Log and drop anything not accepted above# (Obviously we want to log any packet that doesn't match any ACCEPT rule, for# both security and troubleshooting. Note that the final \"DROP\" rule is# redundant if the default policy is already DROP, but redundant security is# usually a good thing.)iptables -A INPUT -j LOG --log-prefix \"Dropped by default (INPUT):\"iptables -A INPUT -j DROP# OUTBOUND POLICY# (Applies to packets sent to the network interface (NOT loopback)# from local processes)# If it's part of an approved connection, let it outiptables -I OUTPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT# Allow outbound ping# (For testing only! If someone compromises your system they may attempt# to use ping to identify other active IP addresses on the DMZ. Comment# this rule out when you don't need to use it yourself!)

##iptables -A OUTPUT -p icmp -j ACCEPT --icmp-type echo-request# Allow outbound DNS queries, e.g. to resolve IPs in logs# (Many network applications break or radically slow down if they# can't use DNS. Although DNS queries usually use UDP 53, they may also use TCP# 53. Although TCP 53 is normally used for zone-transfers, DNS queries with# replies greater than 512 bytes also use TCP 53, so we'll allow both TCP and UDP# 53 here#iptables -A OUTPUT -p udp --dport 53 -m state --state NEW -j ACCEPTiptables -A OUTPUT -p tcp --dport 53 -m state --state NEW -j ACCEPT# SERVER AND HOST CLUSTER RULES:# All the ssh output is accepted:# Accept inbound packets which initiate ssh sessions from hosts in the network 192.168.1.0iptables -A OUTPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT# Accept inbound packets which initiate NTP (Network Time Protocol) sessionsiptables -A OUTPUT -p tcp --dport 123 -m state --state NEW -j ACCEPT# Accept inbound packets which initiate MySQL Cluster sessionsiptables -A OUTPUT -p tcp --dport 1186 -m state --state NEW -j ACCEPT#---------- Mail service outs:# Accept inbound packets which initiate IMAP sessionsiptables -A OUTPUT -p tcp --dport 143 -m state --state NEW -j ACCEPT# Accept inbound packets which initiate IMAP3 sessionsiptables -A OUTPUT -p tcp --dport 220 -m state --state NEW -j ACCEPT# Accept inbound packets which initiate IMAPS sessionsiptables -A OUTPUT -p tcp --dport 993 -m state --state NEW -j ACCEPT# Accept inbound packets which initiate POP2 sessionsiptables -A OUTPUT -p tcp --dport 109 -m state --state NEW -j ACCEPT# Accept inbound packets which initiate POP3 sessionsiptables -A OUTPUT -p tcp --dport 110 -m state --state NEW -j ACCEPT# Accept inbound packets which initiate POP3S sessionsiptables -A OUTPUT -p tcp --dport 995 -m state --state NEW -j ACCEPT

# Accept inbound packets which initiate SMTP sessionsiptables -A OUTPUT -p tcp --dport 25 -m state --state NEW -j ACCEPT# Accept inbound packets which initiate SSMTP sessionsiptables -A OUTPUT -p tcp --dport 465 -m state --state NEW -j ACCEPT#------------# Log & drop anything not accepted above; if for no other reason, for troubleshooting## NOTE: you might consider setting your log-checker (e.g. Swatch) to# sound an alarm whenever this rule fires; unexpected outbound trans-# actions are often a sign of intruders!#iptables -A OUTPUT -j LOG --log-prefix \"Dropped by default (OUTPUT):\"iptables -A OUTPUT -j DROP# Log & drop ALL incoming packets destined anywhere but here.# (We already set the default FORWARD policy to DROP. But this is# yet another free, reassuring redundancy, so why not throw it in?)# Attempted FWD? Dropped by default:#iptables -A FORWARD -j LOG --log-prefix \"FWD Dropped by default:\"iptables -A FORWARD -j DROPexit 1A graphical alternative to my iptables script is gufw:$ apt-cache search gufwReferences:Web: http://gufw.org/Netstat$ netstatFind my most used netstat commands in the guide \"Netfilter\", in the file \"bastion-server-firewall.sh\",in the script section \"# Useful commands at combat time versus attackers:\"NmapSaves the content of the network sniffing in xml to open with a program like MS Excel:$ nmap -sP 192.168.1.0/24 -oX hostslist.xml

OpenSSH serverSSH - Use it to create a VPN tube between hosts or client - server hosts.If you like to access the machine remotely. Install ssh server and ssh client. At this point you wouldrequire a firewall script, otherwise you can play starting stopping the service at any time.To copy remote files use the command 'scp'.Secure Shell installation:$ sudo apt-cache search ssh# sudo apt-get install openssh-serverAccess a remote machine:From Windows you can use teh program PuTTY.From unix like systems do create an user with the same password in the two machines and do:$ ssh <REMOTE-IP>For example:$ ssh 192.168.1.20$ ssh neighborhostImprove ssh security:References:Web: https://www.nixtutor.com/linux/installing-and-configuring-an-ssh-server/Guides:Fail2banNetfilterTip: Setup ssh in the network routerHow to forward X over SSH in Debian:Having installed OpenSSH in two machines, edit the config file and set the option X11Forwarding =yes:$ sudo nano /etc/ssh/sshd_configX11Forwarding yesSave file changes.Restart ssh service:$ sudo systemctl restart ssh.service$ sudo systemctl status ssh.serviceSetup the display:In Debian, $DISPLAY is not present by default, or has the value of ':0'.In the machine 1:

$ export DISPLAY=:0.0$ echo $DISPLAYIn the machine 2:$ export DISPLAY=:10.0$ echo $DISPLAYTo open remote on local:$ ssh -X remote-IP$ firefoxTo open local on remote:$ ssh -X remote-IPand the use the \"local\" display:$ DISPLAY=:0.0 xeyesNote: xeyes is a part of the package x11-apps, you can install it like this:$ apt-get install x11-appsNote: DISPLAY variable is going to work in the current terminal or terminal tab meanwhile they'reopen. To change permanently variable values add them to the user environment:$ cd$ sudo nano .bashrcAdd this line at the end of the file:DISPLAY=:0.0Finally double check that the user session recorded the value (If not, logout and then login your usersession):$ envReferences:Topic: X11 Forwarding using SSHWeb: http://tldp.org/HOWTO/XDMCP-HOWTO/ssh.htmlFile: X11 Forwarding using SSH.pdfOpenVPNPendingPingPing sends ICMP packages from computer to computer.Review ping statistics.Use ping to keep active the Internet access:$ ping www.yahoo.comSend 1 GB ping to attack/defend

ProxiesProxies are basic networking and routing tools but also help to unblock internet restrictions, andnavigate anonymously and privatelyUse Kproxy in Google Chrome (limited to 40 minutes no payment)More options:References:File: (Spanish) Proxys gratuitos para evitar limitaciones, restricciones y garantizar el anonimato y laprivacidad.pdfScreenScreen tutorial:Screen is good to keep programs running but no keep alive terminal connections, so we can comeback later on to verify the program results or the work in progress no need to touch SSHsecurity/configuration.Example 1:# find / -name .bashrc*# find / -name *.logExample 2:Resume the view of a software build process.New screen:# screenPress space bar to see new screen# ls --color /homeExit from screen to main console:CTRL + A + DOutput:Dettached from pts (+ the screen ID)2nd new screen:# screenPress space bar to see new screen# ls --color /libClose Putty to loose connection to serverRe open Putty and login as same userList existent screens (Detached and attached):# screen -r

Output:pts (+ the screen ID)pts (+ the screen ID)...Enter to specific screen (resume, if status = detached):Use the screen name and ID as flag to paramemter -r# screen -r 1860.pts-0.foobarExit (again) from screen (to avoid nesting screens behind screen):CTRL + A + DOutput:Dettached from pts (+ the screen ID)Detach from a screen from screens list:# screen -d 1860.pts-0.foobarList existent screens:# screen -rLook for condition (Detached)Output:pts (+ the screen ID) (Detached)pts (+ the screen ID) (Detached)Remove a screen:Enter to a screen and then:# exitKill screen based on process id:screen -r# kill <PID>Example:# kill 4169New screens with custom name:# screen -S <name># screen -S ntpAfter you use custom names to create screens the option # screen -r willdon't work and show an error message.. by then to list use:# screen -list

Site Advisors and page checkersBitdefender TrafficLight:From the Google Chrome web store:\"Bitdefender TrafficLight is a Chrome and Firefox browser EXtension which adds a strong and non-intrusive layer of security to your browsing experience.TrafficLight is taking the security-while-browsing concept where it belongs: in the browser.This extension will add a strong layer of security over your browsing experience without inducingspeed penalties or system resource consumption. Part of the processing is done in the cloud withsome intelligent small engines that make various checks on pages you're visiting enabling you to havetop notch protection in case you run into fraud, phishing or simply dangerous websites.\"SpeedtestInstallation:$ apt-cache search speedtest-cli$ sudo nano /etc/apt/sources.list$ sudo apt-get update$ sudo apt get-install speedtest-cli$ speedtest-cli$ speedtest-cli --bytes –shareTcpdumpFor ping information, read the guide: \"Ping\"Who pings me?:Reference:Web: http://askubuntu.com/questions/430069/how-to-monitor-who-is-pinging-meFile: Who is pinging me.pdfUseful commands:Pending:Paste here book \"Entrenamiento profesional en redes\" (Spanish)Send results to screen and file like this:Web: http://unix.stackexchange.com/questions/4782/how-to-pass-the-output-of-one-command-as-the-command-line-argument-to-anotherFile: bash - How to pass the output of one command as the command-line argument to another - Unix& Linux Stack Exchange.pdfWeb: http://askubuntu.com/questions/38126/how-to-redirect-output-to-screen-as-well-as-a-file

File: bash - How to redirect output to screen as well as a file in a yet-to-be-created directory - AskUbuntu.pdfWeb: https://felixmilea.com/2014/12/running-bash-commands-background-properly/File: Running bash commands in the background properly - Felix Milea-Ciobanu.pdfTORTOR (The Onion Router), is the largest implementation of onion routing, which is a method fortransmitting data anonymously over the Internet. Run by volunteers, there are approximately athousand Tor proxy servers on the Internet that provide the routing paths.- Debian and Tor Services available as Onion Services:The Debian project is working with the Tor privacy network to set up anonymous access to Debian'sinfrastructure. \"We, the Debian project and the Tor project, are enabling Tor onion services for severalof our sites. These sites can now be reached without leaving the Tor network, providing a new optionfor securely connecting to resources provided by Debian and Tor. The freedom to use open sourcesoftware may be compromised when access to that software is monitored, logged, limited, prevented,or prohibited. As a community, we acknowledge that users should not feel that their every action istrackable or observable by others. Consequently, we are pleased to announce that we have startedmaking several of the various web services provided by both Debian and Tor available via onionservices.\" A list of Debian services available through the Tor network and how to access them can befound in the announcement.References:Web: https://bits.debian.org/2016/08/debian-and-tor-services-available-as-onion-services.htmlFile: Bits from Debian - Debian and Tor Services available as Onion Services.pdf- TorBrowserI am gonna use TOR for secure navigation as Edward Snowden recommends, but he says you shoulduse the distribution Tails.(Pending)TraceroutePendingWiresharkPendingImprove the security of the system since the networkKali

PendingNetwork FirewallPendingOSSIMIDSIPSSIEMYou can run it on your network to help protecting you from almost everything.Main source for Alien VaultReferences:File: OSSIM - Wikipedia, the free encyclopedia.pdfDirectory: ../IT Securty/AlienVault_OSSIMREMnuxPendingEsteban HerreraHe is a Computers Consultant. Went to Intel to teach Linux. Worked for important media companies inCosta Rica, as Radio U and the newspaper La Nación. Received the National Award of Films. In hisspare time creates new electronic and rock music. You can send a fan mail or Tweet him@esteban_records