There will be man reasons you may want to get a map of connection points in a network. In my case I'd setup several VM's to use DHCP and wasn't sure which to connect to and work on from off-site. Enter nmap, a security auditing tool that does exactly what we want as just a tiny part of its functions.
First you'll need to have it installed:
$ sudo apt-get install nmap
Next, issue a scan and use a filter to get the relevant info, for example:
$ sudo nmap -sP 192.168.1.0/24 | grep up
Host 192.168.1.1 appears to be up.
Host 192.168.1.100 appears to be up.
Host main (192.168.1.102) appears to be up.
Host main3 (192.168.1.103) appears to be up.
Host 192.168.1.168 appears to be up.
Nmap done: 256 IP addresses (5 hosts up) scanned in 2.548 seconds
In the above example:
192.168.1.1 is a router
192.168.1.168 is another router*
192.168.1.102 is a WinXP machine
192.168.1.103 is this machine
[*] Machines on the other end of .168 aren't shown as they are on a different subnet and we only scanned the 192.168.1.0/24 in this example. Explaining how to scan beyond the initial subnet would be beyond the scope of this tip. Use your favorite search engine for this. Always be extra careful to put a scope when you do a scan as this could be flagged as a precursor to a network attack by many of today's firewalls.
You can actually get a list of details (including MAC addresses, etc) using the '-vv' option. This would be perfect in locking down a network:
$ sudo nmap -vv -sP 192.168.1.0/24
If you're like me and would prefer a nice working GUI then look no further than zenmap. Similarly, download and install via:
$ sudo apt-get install zenmap
Have fun and safe discoveries!
Sunday, November 08, 2009
Monday, October 26, 2009
Windows7 - the First BSOD?
Just reported today? Sorry ... not!
This will happen a lot due to legacy drivers. The same issue comes down from the Vista experience of using old network drivers and is documented in a KB.
The actual driver conflict is with Tdx.sys (both 32-bit and 64-bit versions) which was fixed on Vista via SP1.
Its not only Symantec but also Alwil/Avast and SuperAntiSpyware that have support forums talking as early as last January. Keep going through the forums and it affects a whole lot more vendors.
This is not a new issue apart from the recently reported flaw in SRV2.sys which crashes the SMB2 driver: Crenk and Tom's Hardware
Further user experience of SMB2 complicated by outdated drivers causing issues with their security product is documented in the Microsoft forum.
The solution of course is of course to use compatible and updated drivers. This is a step most users skip and are sorry about later: Windows Compatibility Center
This will happen a lot due to legacy drivers. The same issue comes down from the Vista experience of using old network drivers and is documented in a KB.
The actual driver conflict is with Tdx.sys (both 32-bit and 64-bit versions) which was fixed on Vista via SP1.
Its not only Symantec but also Alwil/Avast and SuperAntiSpyware that have support forums talking as early as last January. Keep going through the forums and it affects a whole lot more vendors.
This is not a new issue apart from the recently reported flaw in SRV2.sys which crashes the SMB2 driver: Crenk and Tom's Hardware
Further user experience of SMB2 complicated by outdated drivers causing issues with their security product is documented in the Microsoft forum.
The solution of course is of course to use compatible and updated drivers. This is a step most users skip and are sorry about later: Windows Compatibility Center
Windows UAC vs Linux vs Mac OS X
There have been may articles written recently and surely they have their merits and by no means is this an attempt to discredit.
Simply stated, below are my perceived difference in Windows XP vs Windows Vista vs Windows 7 vs Linux vs Mac OS X on the User Account Control (UAC) issue from the standpoint of one who has them all installed in production use:
1. Pre-XP and Windows XP – unmanaged default installations have administrative (root) privileges, not good as we’ve seen; you can create unprivileged accounts and system changes will require administrator login (with a right-click clue on what account has it);
2. Windows Vista – a total paradigm shift for users and perhaps too aggressive an introduction to UAC causing administrator-level-addicts to make themselves root and/or totally ignore all the prompts; also got released with very minimal device drive support and the rest is history;
3. Linux – by default you had to do a few hoops to become root and in the most recent variants alerts you that your password settings for root and sub-accounts are of what quality; for any system-wide changes you had to enter your root credentials similar to Windows Vista;
4. Mac OS X (Tiger, Leopard, Snow Leopard) – introduced simple lockdowns similar to unprivileged Windows XP user by default; any system changes will require administrative login (and no unprivileged user clue as to who has it);
5. Windows 7 – released with better driver support and is as forgiving as Windows XP in terms of outdated driver compatibility mode; UAC is set to be less of a nuisance and allows the user to concentrate on getting things done rather than police the system;
All in all, I think the current generations of whatever OS you have is running the same playing field in the UAC user experience. There are some nuances in terms of what system hardening has to be done by the initial user but all of this is by now well documented in every OS start-up guide.
There will be some changes as well in the “when to patch” paradigm and as I’ve said before gone are the days when hold holding off when to patch is considered a precautionary measure given the speed of malware attacks on new systems that do not sit behind some other patch management and/or firewall. Today's patches do not just deliver fixes but also much needed compatibility upgrades.
And yes, perhaps one thing that has made me move (and be confident) to Windows 7 (32-bit and 64-bit) is that when fixable compatibility issues occur it actually tells me if one is available from Microsoft or whether I should be contacting my device vendor to get a new one made. Nicely done!
Simply stated, below are my perceived difference in Windows XP vs Windows Vista vs Windows 7 vs Linux vs Mac OS X on the User Account Control (UAC) issue from the standpoint of one who has them all installed in production use:
1. Pre-XP and Windows XP – unmanaged default installations have administrative (root) privileges, not good as we’ve seen; you can create unprivileged accounts and system changes will require administrator login (with a right-click clue on what account has it);
2. Windows Vista – a total paradigm shift for users and perhaps too aggressive an introduction to UAC causing administrator-level-addicts to make themselves root and/or totally ignore all the prompts; also got released with very minimal device drive support and the rest is history;
3. Linux – by default you had to do a few hoops to become root and in the most recent variants alerts you that your password settings for root and sub-accounts are of what quality; for any system-wide changes you had to enter your root credentials similar to Windows Vista;
4. Mac OS X (Tiger, Leopard, Snow Leopard) – introduced simple lockdowns similar to unprivileged Windows XP user by default; any system changes will require administrative login (and no unprivileged user clue as to who has it);
5. Windows 7 – released with better driver support and is as forgiving as Windows XP in terms of outdated driver compatibility mode; UAC is set to be less of a nuisance and allows the user to concentrate on getting things done rather than police the system;
All in all, I think the current generations of whatever OS you have is running the same playing field in the UAC user experience. There are some nuances in terms of what system hardening has to be done by the initial user but all of this is by now well documented in every OS start-up guide.
There will be some changes as well in the “when to patch” paradigm and as I’ve said before gone are the days when hold holding off when to patch is considered a precautionary measure given the speed of malware attacks on new systems that do not sit behind some other patch management and/or firewall. Today's patches do not just deliver fixes but also much needed compatibility upgrades.
And yes, perhaps one thing that has made me move (and be confident) to Windows 7 (32-bit and 64-bit) is that when fixable compatibility issues occur it actually tells me if one is available from Microsoft or whether I should be contacting my device vendor to get a new one made. Nicely done!
Tuesday, October 20, 2009
Security Tips: Default Passwords
After you purchase a router or modem, the first thing you should do is run the install wizard (most do) and change the default login/passwords. Otherwise, you're likely to get into a situation where some piece of malware can either change your routing from either internal or external.
Here's a growing list of defaults, however, in case you've had to manually reset your gadget and can't figure out where to start fixing.
Here's a growing list of defaults, however, in case you've had to manually reset your gadget and can't figure out where to start fixing.
Friday, October 09, 2009
Ubuntu Tricks: Multi-boot and Grub Errors
I've been doing alot of Linux installations lately while figuring out how to get LinuxMCE and MythTV (Mythbuntu) installed. This is on top of pre-installed versions of Windows XP and Windows 7 RC.
One time saving tip is to know how to help Linux figure out what happened to the boot records. This is all done via a Live-CD installation and an open terminal window:
sudo grub
find /boot/grub/stage1
This will tell you what partition Ubuntu is, so assuming it said: (hd2,0)
root (hd2,0)
setup (hd2)
The system will then tell you it found the partition and is reconfiguring everything.
quit
Thats it. Time to reboot.
sudo reboot now
If you're still getting errors, then you'll need more than this small bag of tricks to recover. Good luck!
One time saving tip is to know how to help Linux figure out what happened to the boot records. This is all done via a Live-CD installation and an open terminal window:
sudo grub
find /boot/grub/stage1
This will tell you what partition Ubuntu is, so assuming it said: (hd2,0)
root (hd2,0)
setup (hd2)
The system will then tell you it found the partition and is reconfiguring everything.
quit
Thats it. Time to reboot.
sudo reboot now
If you're still getting errors, then you'll need more than this small bag of tricks to recover. Good luck!
Monday, September 28, 2009
QNAP: RAID 6 to the Rescue (continued)
Its the onset of Fall and the leaves are starting to make a mound in the backyard. There's been some rain as well. With the seasons changing that also means the room temperature as well.
This morning was the first time I ever saw the advantages of RAID 6.
Actually, the single advantage appears to be stability in the face of two-(2) failed hard drives. For some reason Slot-6 and then Slot-1 started to act up and drop out of the RAID. Now, I know there's nothing wrong with them and my efforts to check the temperature history should little variance. What I did to recover was to simply pull out, dust off, then jammed (literally) the drives back in. This seems to have worked and the RAID just went ahead and rebuilt itself.
Scary, with several NAS once in a while making beeps you get to a point of ignoring these please of alert. Literally the first time Slot-6 fell it wasn't even apparent to me that something was going on as the QNAP is a heavily used file server with gigabytes of transfer going on at all times of the day.
So was it really the weather?
I was going through some forums as well just now and did see some reports similar to what I had just described. Some say firmware on the NAS, some say its the WD20EADS drives -- to me it was the weather and I'll stick to my theory unless something else comes up. :-)
Did this experience help me to reconsider aiming for RAID 5 and recovering 2TB? Maybe, just a little.
However, if things push forward and I get the chance to transfer the main download/upload function to a data center ...? 2TB back for storage please, thank you very much!
This morning was the first time I ever saw the advantages of RAID 6.
Actually, the single advantage appears to be stability in the face of two-(2) failed hard drives. For some reason Slot-6 and then Slot-1 started to act up and drop out of the RAID. Now, I know there's nothing wrong with them and my efforts to check the temperature history should little variance. What I did to recover was to simply pull out, dust off, then jammed (literally) the drives back in. This seems to have worked and the RAID just went ahead and rebuilt itself.
Scary, with several NAS once in a while making beeps you get to a point of ignoring these please of alert. Literally the first time Slot-6 fell it wasn't even apparent to me that something was going on as the QNAP is a heavily used file server with gigabytes of transfer going on at all times of the day.
So was it really the weather?
I was going through some forums as well just now and did see some reports similar to what I had just described. Some say firmware on the NAS, some say its the WD20EADS drives -- to me it was the weather and I'll stick to my theory unless something else comes up. :-)
Did this experience help me to reconsider aiming for RAID 5 and recovering 2TB? Maybe, just a little.
However, if things push forward and I get the chance to transfer the main download/upload function to a data center ...? 2TB back for storage please, thank you very much!
Thursday, September 17, 2009
Phoronix Test Suite on Ubuntu Jaunty 9.04 (draft in progress)
A bunch of Dell desktops landed in my possession about last week. That is now a total of four-(4) machines that I can pick and choose from for my ultimate gaming and workhorse :-)
Machines:
Dell Dimension XPS Gen4
Dell Dimension 9200 (2)
Dell Precision 470
Now these machines are about four-(4) years old and I have absolutely no plans on upgrading them except for possibly RAM and hard disk space. My main interest is which of them houses a better graphics card; secondary would be the
Graphics Cards:
ATI Radeon
nVidia 7900 GS
...
Processors:
Intel Xeon
Intel Core 2 Duo
...
My initial tests using Windows were inconclusive, and most of the tests I saw required a purchase. I don't plan to test for the rest of my life or monetize this, so a free version is preferred. This is were I stumbled upon PTS.
After burning the Desktop Live version which was noted to be a pre-release, the final decision was since Ubuntu Jaunty desktop was already installed then just install PTS from the repositories. Boy was I wrong, it is now taking a little more than just a few clicks and root password! The sizes of the test packages are enormous particularly since the test we are after is phoronix-test-suite install gaming. Detailed below is my progress to get this going.
Package
The repository package for PTS is outdated at version 1.0. Thats not what we need so need to install from Phoronix-Test-Suite.com downloads particularly the Ubuntu .deb package.
Dependencies:
Make sure that the system is prepped to have all the compiling environments just in case: sudo apt-get install build-essential
We'll need the basic PHP packages and extensions that will allow us to save the results in the future as .PDF or .PNG
sudo apt-get install php5-cli php5-gd php-fpdf php5-ming
The Demo Live DVD has all the GUI front-ends needed, it doesn't seem to be the case with the downloadable v2.0 update. We'll need to install PHP-GTK, There is an unofficial .DEB installation and that also should work according to some reports. You can also try: sudo apt-get install php5-gtk2
If all else fails you can install PHP-GTK by hand. NOTE: It may be needed to run Step #5 and edit php.ini to get the everything working after all.
In case that doesn't work there's also a good install flow here, just make sure to also visit the official download to fix the login issues when using CVS.
OK, so far this is where I am at and will update as things progress.
One issue that seemed to pop out was that due to the huge amount of downloads of the same stuff for several systems it may make sense to consider having a cacheing proxy installed in your network path. This led me down an alternate idea of speeding up and securing my network with Squid Proxy.
So far the downloads have taken 24-hours using AT&T UVerse speeds, 256-bit AES PLC, and an old 3Com hub.
Machines:
Dell Dimension XPS Gen4
Dell Dimension 9200 (2)
Dell Precision 470
Now these machines are about four-(4) years old and I have absolutely no plans on upgrading them except for possibly RAM and hard disk space. My main interest is which of them houses a better graphics card; secondary would be the
Graphics Cards:
ATI Radeon
nVidia 7900 GS
...
Processors:
Intel Xeon
Intel Core 2 Duo
...
My initial tests using Windows were inconclusive, and most of the tests I saw required a purchase. I don't plan to test for the rest of my life or monetize this, so a free version is preferred. This is were I stumbled upon PTS.
After burning the Desktop Live version which was noted to be a pre-release, the final decision was since Ubuntu Jaunty desktop was already installed then just install PTS from the repositories. Boy was I wrong, it is now taking a little more than just a few clicks and root password! The sizes of the test packages are enormous particularly since the test we are after is phoronix-test-suite install gaming. Detailed below is my progress to get this going.
Package
The repository package for PTS is outdated at version 1.0. Thats not what we need so need to install from Phoronix-Test-Suite.com downloads particularly the Ubuntu .deb package.
Dependencies:
Make sure that the system is prepped to have all the compiling environments just in case: sudo apt-get install build-essential
We'll need the basic PHP packages and extensions that will allow us to save the results in the future as .PDF or .PNG
sudo apt-get install php5-cli php5-gd php-fpdf php5-ming
The Demo Live DVD has all the GUI front-ends needed, it doesn't seem to be the case with the downloadable v2.0 update. We'll need to install PHP-GTK, There is an unofficial .DEB installation and that also should work according to some reports. You can also try: sudo apt-get install php5-gtk2
If all else fails you can install PHP-GTK by hand. NOTE: It may be needed to run Step #5 and edit php.ini to get the everything working after all.
In case that doesn't work there's also a good install flow here, just make sure to also visit the official download to fix the login issues when using CVS.
OK, so far this is where I am at and will update as things progress.
One issue that seemed to pop out was that due to the huge amount of downloads of the same stuff for several systems it may make sense to consider having a cacheing proxy installed in your network path. This led me down an alternate idea of speeding up and securing my network with Squid Proxy.
So far the downloads have taken 24-hours using AT&T UVerse speeds, 256-bit AES PLC, and an old 3Com hub.
Thursday, August 27, 2009
Mobile Phone Threat Landscape 2009 (draft in process)
It was some time in 2001 where I wrote a column piece for PDI about the coming threats to mobile phones (cellphones they are called in the Texting Capital of the World). Will have to dig through my newspaper clippings for that one, but the main point to bring out was that I was asked future predictions - to which I answered its all limited by phone functionality and the rise of smartphones.
What are smartphones? The term gets upgraded for every new technology and its almost a decade now of new and exciting additions. But wait, to the average user a phone that can almost act like a computer terminal is one. My first Nokia Communicator 9110i was such a device and its as old as 1998. I could telnet with it to another computer and get some work done, it served as my notepad in creating documents, edit and listen to .WAV files, use same music files as my ringtone -- and this was way before today's iPhones, BlackBerrys, Palm Pre, and even netbooks. How's that for a decade old device?
So, I was looking around recently for world statistics both of the platform and marketshare. There's some good advice out there particularly for developers, telcos, and manufacturers in today's environment. I can tell you for a fact that pre-2003 during my world travels observationally the Philippines and most of Asia and Europe used Nokia, North America was Motorola, with a smattering of Samsung and LG in some areas. Windows Mobile was almost non-existent and Palm VII was an interesting gadget. Now, lets snap back to 2009 with the reality of Symbian now owned by Nokia and OEMed by even its old competitor Sony-Ericsson, Google pushing its Android, Apple with its iPhone, RIM and Microsoft with their own app-store.
With enough resource it would make sense for developers to make versions for all platforms. However with today's tough economic setbacks and the growing number of competing vendors that would almost be tantamount to tempting fate. According to Gartner's Q2 2009 (Table 2) report its undeniable that Nokia is still king, followed by Research in Motion at less than half the numbers, Apple at only one-third. Just these three-(3) combined make up 77% of all sales. It is notable that the iPhone's share of sales was almost five-(5) times of what it was in 2008. AdMob has some pretty graphs basedon Gartner's data shown here:
There's a little caveat in these numbers and this is coming from experience of a Nokia N95 lover and grudging Apple iPhone user -- even with all the annoying lackluster physical limitations of the iPhone the fact is that these days you can forego that sweet 5-megapixel Carl Zeiss lens or the built-in GPS if purchasing songs, movies, tones, and applications are as easy as it is now with the iTunes Store. Everyone else has latched onto this concept and Nokia finally opened its Ovi Store earlier in May.
Extra:
Hail to Joe Quinto aka Al Pacino at Sulu Toastmasters who flagged my use of "age old" which I associated with him from then on. And yes, I brought my old Communicator during those meets. :-)
What are smartphones? The term gets upgraded for every new technology and its almost a decade now of new and exciting additions. But wait, to the average user a phone that can almost act like a computer terminal is one. My first Nokia Communicator 9110i was such a device and its as old as 1998. I could telnet with it to another computer and get some work done, it served as my notepad in creating documents, edit and listen to .WAV files, use same music files as my ringtone -- and this was way before today's iPhones, BlackBerrys, Palm Pre, and even netbooks. How's that for a decade old device?
So, I was looking around recently for world statistics both of the platform and marketshare. There's some good advice out there particularly for developers, telcos, and manufacturers in today's environment. I can tell you for a fact that pre-2003 during my world travels observationally the Philippines and most of Asia and Europe used Nokia, North America was Motorola, with a smattering of Samsung and LG in some areas. Windows Mobile was almost non-existent and Palm VII was an interesting gadget. Now, lets snap back to 2009 with the reality of Symbian now owned by Nokia and OEMed by even its old competitor Sony-Ericsson, Google pushing its Android, Apple with its iPhone, RIM and Microsoft with their own app-store.
With enough resource it would make sense for developers to make versions for all platforms. However with today's tough economic setbacks and the growing number of competing vendors that would almost be tantamount to tempting fate. According to Gartner's Q2 2009 (Table 2) report its undeniable that Nokia is still king, followed by Research in Motion at less than half the numbers, Apple at only one-third. Just these three-(3) combined make up 77% of all sales. It is notable that the iPhone's share of sales was almost five-(5) times of what it was in 2008. AdMob has some pretty graphs basedon Gartner's data shown here:
There's a little caveat in these numbers and this is coming from experience of a Nokia N95 lover and grudging Apple iPhone user -- even with all the annoying lackluster physical limitations of the iPhone the fact is that these days you can forego that sweet 5-megapixel Carl Zeiss lens or the built-in GPS if purchasing songs, movies, tones, and applications are as easy as it is now with the iTunes Store. Everyone else has latched onto this concept and Nokia finally opened its Ovi Store earlier in May.
Extra:
Hail to Joe Quinto aka Al Pacino at Sulu Toastmasters who flagged my use of "age old" which I associated with him from then on. And yes, I brought my old Communicator during those meets. :-)
Subscribe to:
Posts (Atom)
