wmr - | pv -s $SIZEOFMEM | ssh -p 40004 -c arcfour,blowfish-cbc -C root@savelocation.com "cat - > /forensics/T430-8gb-RAM1.dd"

Run above command from Windows Cygwin:

On Windows: Install Cygwin, and copy WMR (windows memory reader 1.0) memory diagnostic into cygwin\bin folder, also install cygwins netcat and ssh (openssh). I recommend installing apt-cyg and running "

On Linux: Have an SSH Server

SIMPLEST FORM:

WINDOWS: # wmr - | ssh root@savelocation.com "cat - > /tmp/FileToSave.dd"

For more details on how to extract information from memory dump:

apt-get install foremost

foremost -t all -T -i /forensics/T430-8gb-RAM1.dd

For more information:

http://www.kossboss.com/memdump-foremost

NOTE: When opening the files you might need to strip the very top line with notepad++ as its a mistake header

This is useful when the local machine where you need to do the packet capture with tcpdump doesn?t have enough room to save the file, where as your remote host does

tcpdump -i eth0 -w - | ssh forge.remotehost.com -c arcfour,blowfish-cbc -C -p 50005 "cat - | gzip > /tmp/eth0.pcap.gz"

Your @ PC1 doing a tcpdump of PC1s eth0 interface and its going to save the output @ PC2 who is called save.location.com to a file /tmp/eth0-to-me.pcap.gz again on PC2

More info @: http://www.kossboss.com/linuxtcpdump1

This is useful when the local machine where you need to do the packet capture with tcpdump doesn?t have enough room to save the file, where as your remote host does

tcpdump -i eth0 -w - | ssh savelocation.com -c arcfour,blowfish-cbc -C -p 50005 "cat - > /tmp/eth0.pcap"

Your @ PC1 doing a tcpdump of PC1s eth0 interface and its going to save the output @ PC2 who is called save.location.com to a file /tmp/ppp1-to-me.pcap.gz again on PC2

More info @: http://www.kossboss.com/linuxtcpdump1

NOTE: When doing these commands when asked for questions there might be flowing text from the pv doing the progress bar just continue typing as if its not there, close your eyes if it helps, there might be a yes or no question, type "yes" and ENTER to it, and also it will ask for a password, just put in your password and ENTER

I talk alot more about this and alot of other variations of this command on my site:

http://www.kossboss.com/linuxtarpvncssh

Where filein is the source file, destination.com is the ssh server im copying the file to, -c arcfour,blowfish-cbc is selecting the fastest encryption engines, -C is for online compressions and decompression when it comes off the line - supposed to speed up tx in some cases, then the /tmp/fileout is how the file is saved...

I talk more about it on my site, where there is more room to talk about this:

http://www.kossboss.com/linuxtarpvncssh

and

http://www.kossboss.com/linux---transfer-1-file-with-ssh

You need to install "sshpass" for this to work.

apt-get install sshpass

Takes a screenshot of x11 and pipes it over ssh to the preview application on a mac. Requires imagemagick on the server side.

This command will ask for remote sudo password before executing a remote command.

There must be no space between -p and the password

This is just a quick and dirty way to play remote audio files *locally* in your PC.

The best way is to mount the remote Music directory into the local FS, say by using sshfs:

sshfs user@remote:/remote/music/dir/ /mnt/other_pc/

This creates an archive that does the following:

rsync::

(Everyone seems to like -z, but it is much slower for me)

-a: archive mode - rescursive, preserves owner, preserves permissions, preserves modification times, preserves group, copies symlinks as symlinks, preserves device files.

-H: preserves hard-links

-A: preserves ACLs

-X: preserves extended attributes

-x: don't cross file-system boundaries

-v: increase verbosity

--numeric-ds: don't map uid/gid values by user/group name

--delete: delete extraneous files from dest dirs (differential clean-up during sync)

--progress: show progress during transfer

ssh::

-T: turn off pseudo-tty to decrease cpu load on destination.

-c arcfour: use the weakest but fastest SSH encryption. Must specify "Ciphers arcfour" in sshd_config on destination.

-o Compression=no: Turn off SSH compression.

-x: turn off X forwarding if it is on by default.

Flip: rsync -aHAXxv --numeric-ids --delete --progress -e "ssh -T -c arcfour -o Compression=no -x" [source_dir] [dest_host:/dest_dir]

When your ssh session hanged (probably due to some network issues) you can "kill" it by hitting those 3 keys instead of closing the entire terminal.

Alternative for machines without ssh-copy-id

Requires software found at: http://lpccomp.bc.ca/remserial/

Remote [A] (with physical serial port connected to device)

Local [B] (running the program that needs to connect to serial device)

Create a SSH tunnel to the remote server:

Use the locally tunnelled port to connect the local virtual serial port to the remote real physical port:

Example: Running minicom on machine B using serial /dev/remser1 will actually connect you to whatever device is plugged into machine A's serial port /dev/ttyS0.

Super fast way to ftp/telnet/netcat/ssh/ping your loopback address for testing. The default route 0.0.0.0 is simply reduced to 0.

Cleaned up and silent with &>/dev/null at the end.

Execute commands serially on a list of hosts. Each ssh connection is made in the background so that if, after five seconds, it hasn't closed, it will be killed and the script will go on to the next system.

Maybe there's an easier way to set a timeout in the ssh options...

Run this within a steady screen session.

You can get the approximate time when the remote server went down or other abnormal behavior.

This will check if a user is logged in using ssh and will log out the user automatically after the specified time in seconds without data retrieval on the server side.

Will work with bash and zsh so put it into your sourced shell file on the server side.

Be aware that users can change this themselves as it's just a envoronment variable.

This command adds your pem key to SSH so that you no longer have to manually specify it when connecting to EC2 instances.

# you can do this:

ssh ec2-instance.amazonaws.com

# instead of this:

ssh -i ~/.ssh/KEY_PAIR_NAME.pem ec2-instance.amazonaws.com

ssh compresion -C option ...

on slow connection VNC performs better but in local LAN native secure X protocol is an option