Improved previous guides

2025-02-22 16:53:56 +00:00 · 2020-08-25 07:40:01 -04:00 · 2020-08-25 07:40:01 -04:00 · 9f0f86ca21
commit 9f0f86ca21
parent 93d2d28f29
4 changed files with 44 additions and 96 deletions
--- a/how-to-benchmark-cpu-memory-disk-and-network-performance-of-server-using-speedtest-and-sysbench/README.md
+++ b/how-to-benchmark-cpu-memory-disk-and-network-performance-of-server-using-speedtest-and-sysbench/README.md
@ -16,6 +16,11 @@ Publication date: 2020-07-31T12:39:56.670Z

 - Virtual private server (VPS) or dedicated server running Debian 10 (buster)

+## Caveats
+
+- When copy/pasting commands that start with `$`, strip out `$` as this character is not part of the command
+- When copy/pasting commands that start with `cat << "EOF"`, select all lines at once (from `cat << "EOF"` to `EOF` inclusively) as they are part of the same (single) command
+
 ## Installation guide

 ### Step 1: check if Backports repository is enabled
--- a/how-to-disable-ipv6-on-ios-cellular-only-and-macos-and-why-it-s-a-big-deal-for-privacy/README.md
+++ b/how-to-disable-ipv6-on-ios-cellular-only-and-macos-and-why-it-s-a-big-deal-for-privacy/README.md
@ -54,14 +54,21 @@ Open "Settings", then "Profile Downloaded" and tap "Install"

 ### Step 1: list network interfaces

-```shell
-networksetup -listallnetworkservices
+```console
+$ networksetup -listallnetworkservices
+An asterisk (*) denotes that a network service is disabled.
+Wi-Fi
+iPhone USB
+Thunderbolt Ethernet
 ```

 ### Step 2: disable IPv6

+> Heads up: use network interfaces found in [step 1](#step-1-list-network-interfaces) (most computers only have `Wi-Fi` interface)
+
 ```shell
 networksetup -setv6off "Wi-Fi"
+networksetup -setv6off "iPhone USB"
 networksetup -setv6off "Thunderbolt Ethernet"
 ```

@ -79,5 +86,6 @@ Open "Settings", then "General", then "Profile", and tap provisioning profile, t

 ```shell
 networksetup -setv6automatic "Wi-Fi"
+networksetup -setv6automatic "iPhone USB"
 networksetup -setv6automatic "Thunderbolt Ethernet"
 ```
--- a/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md
+++ b/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md
@ -215,7 +215,7 @@ Shout out to [Andrew Ho](https://gist.github.com/andrewlkho/31341da4f5953b8d977a
 The following commands downloads and runs [ulagen.py](./ulagen.py) (advanced users may wish to download [ulagen.py.sig](./ulagen.py.sig) and verify signature using my [PGP public key](https://sunknudsen.com/sunknudsen.asc) before running script).

 ```console
-$ curl -s https://sunknudsen.com/static/media/privacy-guides/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py | python | grep "First subnet:" | awk '{print "STRONGSWAN_IPV6_ULA="$3}' | tee -a ~/.bashrc
+$ curl -s https://sunknudsen.com/static/media/privacy-guides/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py | python | grep "First subnet" | awk '{print "STRONGSWAN_IPV6_ULA="$3}' | tee -a ~/.bashrc
 STRONGSWAN_IPV6_ULA=fdcb:f7a1:38ec::/64

 $ source ~/.bashrc
--- a/how-to-spoof-anonymize-your-mac-address-and-hostname-automatically-at-boot-on-macos/README.md
+++ b/how-to-spoof-anonymize-your-mac-address-and-hostname-automatically-at-boot-on-macos/README.md
@ -12,17 +12,22 @@ Publication date: 2020-05-19T00:00:00.000Z

 > Heads up: unfortunately this guide does not work on Macs equipped with the new T2 chip running macOS Mojave. If that’s your case, please consider upgrading to Catalina.

+## Caveats
+
+- When copy/pasting commands that start with `$`, strip out `$` as this character is not part of the command
+- When copy/pasting commands that start with `cat << "EOF"`, select all lines at once (from `cat << "EOF"` to `EOF` inclusively) as they are part of the same (single) command
+
+## Guide
+
 ### Step 1: create `/usr/local/sbin` folder

 ```shell
-sudo mkdir /usr/local/sbin
+sudo mkdir -p /usr/local/sbin
 sudo chown $(whoami):admin /usr/local/sbin/
 ```

 ### Step 2: create `spoof.sh` script

-> When copy/pasting commands that start with `cat << "EOF"`, select all lines (from `cat << "EOF"` to `EOF`) at once as they are part of the same (single) command
-
 ```shell
 cat << "EOF" > /usr/local/sbin/spoof.sh
 #! /bin/sh
@ -52,79 +57,6 @@ echo "Spoofed MAC address of en0 interface to $mac_address"
 EOF
 ```

-Ok, a lot is happening here. Let’s break it down into reviewable pieces.
-
-```shell
-set -e
-```
-
-Exit on error
-
-```shell
-export LC_CTYPE=C
-```
-
-Fix `sed: RE error: illegal byte sequence` error
-
-```shell
-dirname=`dirname "${BASH_SOURCE}"`
-```
-
-Set variable `dirname` to path of `spoof.sh`
-
-```shell
-model_name=`system_profiler SPHardwareDataType | awk '/Model Name/ {$1=$2=""; print $0}' | sed -e 's/^[ ]*//'`
-```
-
-Set variable `model_name` to the model of your Mac
-
-```shell
-first_name=`sed "$(jot -r 1 1 2048)q;d" $dirname/first_names.txt | sed -e 's/[^a-zA-Z]//g'`
-```
-
-Set variable `first_name` to random first name found in `first_names.txt`
-
-```shell
-computer_name=`echo "$first_name’s $model_name"`
-host_name=`echo $computer_name | sed -e 's/’//g' | sed -e 's/ /-/g'`
-```
-
-Set variables `computer_name` and `host_name` using values from variables `first_name`, `model_name` and `computer_name`
-
-```shell
-sudo scutil --set ComputerName "$computer_name"
-sudo scutil --set LocalHostName "$host_name"
-sudo scutil --set HostName "$host_name"
-echo "Spoofed hostname to $host_name"
-```
-
-Set `ComputerName`, `LocalHostName` and `HostName` using `scutil` and echo spoofed computer name
-
-```shell
-mac_address_prefix=`sed "$(jot -r 1 1 768)q;d" $dirname/mac_address_prefixes.txt | sed -e 's/[^A-F0-9:]//g'`
-```
-
-Set variable `mac_address_prefix` to random Apple MAC address prefix found in `mac_address_prefixes.txt`
-
-```shell
-mac_address_suffix=`openssl rand -hex 3 | sed 's/\(..\)/\1:/g; s/.$//'`
-```
-
-Set variable `mac_address_suffix` to random value genereated by OpenSSL
-
-```shell
-mac_address=`echo "$mac_address_prefix:$mac_address_suffix" | awk '{print toupper($0)}'`
-```
-
-Set variable `mac_address` using values from variables `mac_address_prefix` and `mac_address_suffix` and convert to upper case
-
-```shell
-sudo ifconfig en0 ether "$mac_address"
-echo "Spoofed MAC address of en0 interface to $mac_address"
-```
-
-Set spoofed MAC address using `ifconfig` and echo spoofed MAC address
-
 ### Step 3: make `spoof.sh` executable

 ```shell
@ -152,22 +84,22 @@ curl -o /usr/local/sbin/mac_address_prefixes.txt https://sunknudsen.com/static/m
 This step is responsible for running `spoof.sh` every time your Mac boots.

 ```shell
-cat << "EOF" | sudo tee /Library/LaunchDaemons/local.spoof.plist > /dev/null
+cat << "EOF" | sudo tee /Library/LaunchDaemons/local.spoof.plist
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
-    <dict>
-        <key>Label</key>
-        <string>spoof.sh</string>
+  <dict>
+    <key>Label</key>
+    <string>spoof</string>

-        <key>ProgramArguments</key>
-        <array>
-            <string>/usr/local/sbin/spoof.sh</string>
-        </array>
+    <key>ProgramArguments</key>
+    <array>
+        <string>/usr/local/sbin/spoof.sh</string>
+    </array>

-        <key>RunAtLoad</key>
-        <true/>
-    </dict>
+    <key>RunAtLoad</key>
+    <true/>
+  </dict>
 </plist>
 EOF
 ```
@ -176,13 +108,16 @@ EOF

 ```shell
 # Spoofed hostname
-scutil --get HostName
+$ scutil --get HostName
+Gatlins-MacBook-Pro

 # Spoofed MAC address
-ifconfig en0 | grep ether | awk '{print $2}'
+$ ifconfig en0 | grep ether | awk '{print $2}'
+20:ee:28:31:03:f6

 # Hardware MAC address
-networksetup -listallhardwareports | awk -v RS= '/en0/{print $NF}'
+$ networksetup -listallhardwareports | awk -v RS= '/en0/{print $NF}'
+9c:f4:8e:d6:2b:7d
 ```

 "Spoofed hostname" is random and "Spoofed MAC address" doesn’t match "Hardware MAC address"?
@ -203,15 +138,15 @@ sudo scutil --set LocalHostName "John-Doe"
 sudo scutil --set HostName "John-Doe"
 ```

-### Step 2: set MAC address to factory value
+### Step 2: set MAC address to default value

-Given MAC address spoofing is ephemeral, deleting the `/Library/LaunchDaemons/local.spoof.plist` launch daemon and rebooting will reset your MAC address to its factory value.
+Given MAC address spoofing is ephemeral, deleting the `/Library/LaunchDaemons/local.spoof.plist` launch daemon and rebooting will reset your MAC address to its default value.

 ```shell
 sudo rm /Library/LaunchDaemons/local.spoof.plist
 ```

-### Step 3 (optional): delete script and datasets
+### Step 3: delete script and datasets

 ```shell
 rm /usr/local/sbin/spoof.sh