Monday, May 28, 2012

QuickStart: Port scanning with nmap


Disclaimer: Port scanning anything other than your own machines on your own LAN can be considered illegal and a precursor to attack. I do not condone port scanning anything other than your own PCs, or any type of illegal activity.

Overview


Port scanning is a way to discover open ports on a machine. This can be very useful for securing your PCs, servers, or workstations. You never really know whether or not a port is open until you scan for it. Port scanning is quick and easy using nmap. I will show you how to install and use nmap (very basically) on an Ubuntu system, or any Debian-based system running APT.

Install nmap


If you're lucky, there will already be an nmap package in your OSs software repos for easy installation. This is the case with Ubuntu, Mint, and most other popular Linux OSs. To install, open up a terminal (ctrl+alt+t) and run this command:
sudo apt-get install nmap -y
Otherwise, you can go to nmap.org/download and grab an installation package or the source. At the moment, it seems there are only rpm packages for download. If you want to learn how to install rpms in Ubuntu, see this post.

Use nmap


Once nmap has finished installing you can run it simply by typing the command
nmap
in the terminal. Typing nmap by itself will bring up a long list of switches that can be used with nmap. To get any results, you will need to run nmap with a target hostname or IP address. The format for a command is:
nmap [Scan Type(s)] [Options] {target specification}
Only a target is needed. For example, lets scan our own PC:
nmap localhost
You will get something like this as a result:


And that's all there is to it. By default, nmap will scan the 1,000 most common ports. This scan shows me that I have ports 139, 445, and 631 open, and also what services are running on them. There are a ridiculous amount of nmap switches and options, so you'll just have to learn those as you go along. Some useful ones are -p, which specifies a port or port range to scan -O, which performs OS detection, -6, which enables IPv6 detection, and -A which enables OS detection, version detection, script scanning, and traceroute.

For more information, read the fine man page:
man nmap
or visit nmap.org

Notes:


When you install nmap through your package manager, you are getting whatever version is in your software repo. This may not always be the latest version. To get the latest version, visit nmap.org/download and grab a software package or the source code.

HowTo: install an rpm package in Ubuntu

 

Overview


Packages in Linux are pre-compiled binaries that can be used to easily install software. Debian and Debian derivative (Ubuntu, Mint) distributions use .deb packages. Redhat and Redhat derivative (Fedora, CentOS) distributions use .rpm packages. Sometimes you need to install a package in Ubuntu, but an rpm package is all that is available. You can convert rpms to debs by using a program called alien.

 

Install alien


In Ubuntu, you can install alien by simply opening up a terminal (ctrl+alt+t) and entering in the following:
sudo apt-get install alien -y

Convert the rpm to a deb


Once the installation has finished, navigate to the directory housing your rpm package while still in the terminal. For example, if you downloaded the rpm to a folder called "downloads" in your home directory, you can get there by entering this:
cd ~/downloads
Now, simply run the alien command with no switches and the rpm package name:
alien packagename.rpm

Install the deb


Once that has finished, you can install the deb using dpkg:
dpkg -i packagename.deb

Notes


You can also use alien to convert deb packages to rpms by running this command:
alien -r packagename.deb

Sunday, May 20, 2012

HowTo: Backup/Synchronize files and folders using SyncToy



Overview

SyncToy is a free application from Microsoft. It can be very useful for keeping two folders identical between user accounts, across network drives, or for backup purposes. It does not have as many features as a full, commercial backup application, but it can be useful for light-duty backup and sync. 

Download and Install

You can get the latest version of SyncToy from this page:
http://www.microsoft.com/en-us/download/details.aspx?id=15155
The installation is pretty straightforward, and you will be asked whether or not to submit usage statistics to Microsoft.

Set Up Sync

Once you have the program installed, run it, and you will be greeted with a welcome screen. Click “Create New Folder Pair” to get started.


Next, you will need to select a “Left” folder and a “Right” folder. You can think of the left folder as your main folder and the right folder as your backup folder.

  Next, you will need to choose what kind of synchronization you want. There are three options here: 
  • Synchronize
    (files are synced in both directions including renames and deletes)
  • Echo
    (files are copied left to right and so are renames and deletes)
  •  Contribute
    (files are copied left to right and so are renames, no deletes)
Note: If you are not sure what to choose, don’t worry, you can change this later.


Next, choose a name for your folder pair and click “Finish”


Customize & Run Your Sync


After your folder pair is set up, you have the following options for customizing and running your sync: 

  1.  Change action
    (switch between synchronize, echo, and contribute)
  2. Change options
    (include/exclude specific files)
  3. Preview
    (perform a mock sync to test for potential issues)
  4. Run
    (run the actual sync)


SyncToy can also be run from the command line or set up as a “Scheduled Task”. There is a great tutorial showing how to do this at the How-To Geek website:

HowTo: Install VMWare ESXi 4.1 on ASUS P5Q-E

Overview


VMWare's ESXi is a bare metal hypervisor that can host your virtual machines. ESXi is meant to be installed on server hardware, but it will run on most PC hardware. The issue you will run into when installing on PC hardware is driver support. The ESXi installation will fail without a proper LAN driver, as was the case when I tried to install it on a white box machine running a P5Q-E motherboard. When booting the installation CD, I would get the "Failed to load lvmdriver" error message. I was able to successfully boot and install by adding a custom oem.tgz package containing support for the Marvell 88E8056 NIC to the installation CD.  

Note: Customizing the installation CD might not be necessary for your hardware, see the following page for a comprehensive ESXi 4.x hardware compatibility list:
http://www.vm-help.com//esx40i/esx40_whitebox_HCL.php

Download ESXi and vSphere Client


First, you will need to download the ESXi 4.1 installation ISO and the vSphere Client installer from the following page: 
https://my.vmware.com/web/vmware/evalcenter?p=free-esxi

Note: If you don't have a VMWare account, you will need to create one in order to download these products. ESXi, the vSphere Client, and account registration are all free.   

Obtain or Create a Custom oem.tgz


-Create a Custom oem.tgz-

Instructions for customizing oem.tgz can be found on the following page, along with some community-created oem.tgz packages:
http://www.vm-help.com/esx/esx3i/customize_oem_tgz.php


-Obtain a Custom oem.tgz-

Here is the package I used to get ESXi installed on the P5Q-E:
http://dl.dropbox.com/u/80436122/oem.tgz

Caution: You can also find custom oem.tgz packages by performing a Google search, but be careful where you download them from. Drivers directly interface with the kernel of the OS.

Add oem.tgz into installation ISO


Download  ESXi-Customizer v2.7 from the following location:
http://esxi-customizer.googlecode.com/files/ESXi-Customizer-v2.7.exe 

Run the installer. Open the "ESXi-Customizer.cmd" file to start the program. Point it to the ISO and the oem.tgz package. Choose the "Force repacking" option, specify an output directory, and click "Run!".

Install ESXi


Once you have the customized ISO, burn it to a CD. If you need a program to do this, consider downloading and installing InfraRecorder. Make sure the PC you are using has a blank hard drive or a hard drive that can be written. 

Caution: All information on the hard drive will be overwritten when ESXi is installed! 

Boot the PC with the CD in the drive and install. The installation is pretty straightforward. Here is a video walkthrough of a typical installation (not made by me):


Notes


  • This guide will add support for only the Marvell 88E8056 NIC. The ASUS P5Q-E has two NICs, the 88E8056 is the topmost one. 
  • I have read that software RAID is not supported on this board and that only SATA ports 5 & 6 will work with ESXi. I have not had a chance to test this myself.

Thursday, May 17, 2012

Free Windows Utilities

7-Zip - File Compression

Unpack almost any format
High compression ratio
AES-256 Encryption
Shell integration
http://www.7-zip.org/download.html
 

AVG Free - Anti-Virus

Virus and spyware protection
http://free.avg.com/us-en/free-antivirus-download 

Audacity - Audio Editor and Recorder

Records audio, edits multiple formats such as Ogg, Vorbis, MP3, WAV and AIFF
http://audacity.sourceforge.net/download/ 

CCleaner - Optimization and Cleaning

Cleans registry and temporary files
http://www.piriform.com/ccleaner/download/standard 

DAEMON Tools Lite - Optical Drive Emulation

Mounts ISOs as if they were actual disks
http://www.disc-tools.com/download/daemon

Eraser - Secure File Deletion

Securely erases files, folder, and disks
http://eraser.heidi.ie/download.php 

InfraRecorder - Disk Burning

Burns CDs/DVDs
Dual-layer DVD support
Records ISO and BIN/CUE images
http://infrarecorder.org/?page_id=5 

inSSIDer - Wireless Network Detection

Detects and graphs wifi signals
Shows detailed information about access points
Can export wifi and GPS data to google earth
http://www.metageek.net/support/downloads/ 

NirSoft - Collection of Password Recovery Utilities

Many different utilities for recovering passwords from instant messengers,
mail clients, IE, Firefox, Chrome, Opera, network shares, router configuration files, PSTs, wireless zero config, RDP, VNC, etc.
http://www.nirsoft.net/password_recovery_tools.html 

Notepad++ - Text Editing and Coding

Tabbed interface
Syntax highlighting for many different programming languages
http://notepad-plus-plus.org/download/v6.1.2.html 

paint.net - Advanced Image and Photo Editing

Photo editor with advanced features
Photoshop-like
http://www.getpaint.net/

PuTTY - Telnet/SSH Client

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html 

Recuva - File Recovery

Recover deleted files
http://www.piriform.com/recuva

Speccy - System Information

Comprehensive system hardware information tool
http://www.piriform.com/speccy

SumatraPDF - PDF Reader

PDF, ePub, MOBI, CHM, XPS, DjVu, CBZ, and CBR reader
http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html

SyncToy - Backup and Folder Sync

Synchronize files and folders
Scheduling, one-way, and two-way sync
http://www.microsoft.com/en-us/download/details.aspx?id=15155

Sysinternals - Suite of Windows-Specific Tools

Massive collection of utilities
http://technet.microsoft.com/en-us/sysinternals/bb545027

TreeSize Free - Disk Space Tool

Visualize disk space utilization
Quickly find out what's eating up disk space
http://www.jam-software.com/freeware/

Universal Extractor - Compressed File Extractor

Extract any type of file or installer
http://legroom.net/software/uniextract

VLC - Media Player

Play any media format
http://www.videolan.org/vlc/index.html

Wireshark - Packet Capture and Analysis

Capture live packets as the travel across the network
Highlighting and filtering
Analyze packet capture files
http://www.wireshark.org/