Articles tagged with #Linux




NMAP UDP DNS scan unexpected packets sending

I got the other day an automated mail alert from some ID/IPS equipment that ‘ a NULL DNS scan was detected and blocked from your IP’. NULL DNS scan? I wasn’t sending any such packets, not to mention I have no idea what they mean by that. After some …



NMAP run stages flow diagram

NMAP scanner has become over the years so friendly that it is not apparent what is going on when it runs. Below is a typicsl NMAP workflow:



Hex editor of binary files on Linux

Reading this thread on Stackoverflow http://stackoverflow.com/questions/5498197/need-a-good-hex-editor-for-linux I wondered how come with so many hex editors in Linux there is not really the best one. In Windows it is easier - the expensive WinHex or the cheap Hview. Anyway, as to the Linux I always use Vim …



Public DNS servers open to any on the Internet

Following the good will by Google many other providers made their DNS servers available to us without any limitations as recursive resolvers. As they do not announce it widely enough you may not have heard abouth them, here is the list of these DNS servers: - OpenDNS: 208.67.222.220 …



Linux ip route command reference by example

# ip address show - show all IP addresses (also ip ad sh) # ip address show ens36 - show IP addresses of a particular interface # ip address show up - only show IPs of those interfaces that are up # ip address show dynamic|permanent - show dynamic or static IPv6 addys # ip address add 192 …



Free public NTP servers from Google

It has passed somewhat unnoticed but Google have made available to us their free, accessible to all NTP servers. I have been using their DNS servers for years without any issues so will trust their NTP ones as well. So far works just fine. For a single server we can …



RHEL get firewall zones and their interfaces in one go

The firewall-cmd doesn't have an option to show all zones and to which one the server interfaces belong, so here is a one-line to show that: #for ii in ls /usr/lib/firewalld/zones/; do echo ${ii%%.xml}: ; firewall-cmd --zone=${ii%%.xml} --list-interfaces; done The output: block: dmz: drop: external …



md5 sha256 sha-1 tiger and whirlpool sum checker for Windows

Trying out Amazon AWS Glacier with fastglacier.com as the upload GUI app I looked at few SHA256 sum calculating tools, and found this one by Jesse Kornblum to be the best for Windows. It has some quite useful options like recursive folders calculation, file size limitation, reading file names …



Agressive scans from 69.175.126.170 - HD Moore is trying to save the Internet

I've been seeing this for some time so you will see it soon too. We speak here mostly about SNMP probes coming from a set of very specific IPs. If you do a search on IP you get to the webpage below (critical.io ) , explaining to the reader that it …



Watch your DNS records day and night with Nagios plugins

Domain records are most visible vulnerable and many time crucial asset of the company. Attackers need not break your firewall protection, find and develop exploits for software running on your server to cut off your company from mails - it is enough for them to cause a change of MX record …