I started something

Friday, January 27, 2012

Behaviour of FTP incase of mls command

General syntax of mls command is as follows:-

mls <RemoteFile>[…] <LocalFile>

Details can be found on the link: http://technet.microsoft.com/en-us/library/ff687677%28WS.10%29.aspx

Now when we give multiple remote files/folders to be listed, for each file/folder a separate ftp data connection is opened. So by firing a single command, one can see multiple ftp data connections created.

Normally when a ftp command is fired, only one data connection is made. But in case of mls, multiple connections are created and terminated. So if you provide some command with some correct and some wrong paths, then it will list all the correct paths and provide error message in case of wrong paths.

One can get the pcap file containing such packets at the link provided below:-

https://docs.google.com/open?id=0B2XSUdG3GnDmY2M4ZmJhZDgtMGQwYi00NzdmLTg2MzktMTZjMDBjZDI5ZmZh

Tuesday, January 24, 2012

Diagrammatic representation of PORT and PASV commands in FTP

Hi

Here is the diagrammatic representation of PORT and PASV commands in FTP. Diagram represents the various connections that are opened and port numbers used.

Basics of FTP Protocol

Some short FTP details:-

FTP consists of 2 connections:-

1. Control Connection on port 21(Standard, can be changed)

2. Data Connection on port 20(Standard, can be changed)

Control connection is established once, data connection is established everytime data is transferred.

So, for Control connection, source and destination port remains same….

For every Data connection, port no. change. That port no. is negotiated on the control connection.

So all the FTP commands doesn’t use the Data Connection…

Here is the list of FTP commands. Commands with (√ ) indicates that the command uses data connection and commands with (X) indicates that the command doesn’t use data connection.

FTP commands are of 4 types:-

A. PORT commands (Also known as Active)

B. PASV commands (Also known as Passive)

C. EPRT commands (Also known as Extended PORT)

D. EPSV commands (Also known as Extended PASV)

PORT commands:-

In this, Client tells to server on which client port the data connection will be made. So client sends the port no. with the command. In PORT commands, port 20 is used by server for Data transfer.

PASV commands:-

Sometimes client might be behind the firewall, for such cases, server can’t directly connect to client and the port negotiated. So for that Passive mode is used. In Passive mode, any random port is used by server for Data connection.

In this, Server sends the data connection port no. to client and then client connects to that portnumber for data connection.

EPRT and EPSV commands:-

These are to support FTP in case of IPv6 and NATing. See RFC of FTP for more details.

Now lets see what traffic flows in the ls command…

Kindly note:-

1. FTP server IP is: 192.168.10.10

2. Clients IP is: 192.168.10.11

Thursday, January 12, 2012

Setting up passwordless ssh

One can create passwordless-ssh between two machines so that one can access the other one without needing to enter the password. To achieve this, you need to first install sshserver on your machine. You can try the following commands:-

user@ubuntu32:~/$ sudo apt-get install openssh-server

Once its installed, you need to generate public and private keys. For that use the following command:-

user@ubuntu32:~/$ ssh-keygen –t rsa

It will prompt you for filename and passphrase. Skip it or enter something if you want to use some passphrase. Similarly do this on the second machine as well.

Now you will have a public, private keypair (id_rsa, id_rsa.pub) for the user from whose account you generated the keys. They are present in /home/<username>/.ssh directory.

Now you need to copy the id_rsa.pub to authorized_keys present in /home/<username>/.ssh on server with which you want to setup passwordless ssh. You can enter the following command on the terminal:-

scp ~/.ssh/id_rsa.pub username@servername:.ssh/authorized_keys

Once its copied, now you can ssh to the server to which you copied the id_rsa.pub key without giving the password.

Kindly note here that scp will override the authorized_keys file on server to whom you want to setup passwordless ssh. So if you want to have more clients using passwordless ssh to same server, you need to first copy id_rsa.pub to that server, then append the file authorized_keys to contain id_rsa.pub too and then delete id_rsa.pub from that server.

Now you don’t need password to ssh to that server.

One thing to note here is that in “ssh username@machinename”, username is the name of the user on machine to which you are doing passwordless ssh and to whose .ssh directory you have added your public key.

Sometimes what happens is that even after following the above steps, you are unable to login to other machine without password. If you face this issue, then you can check for logs in /var/log/auth.log file to see the kind of error you are getting.

If you face the authentication error(Authentication refused: bad ownership or modes for directory), then you need to change the permissions of the directory as defined below:

chmod go-w ~/
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

Now you will be able to successfully login to the other machine without using the password.

Saturday, December 3, 2011

Internet Sharing using ICS

One can share the internet with his friends using the Internet Connection Sharing option available in Windows.
Follow the below steps to share your internet:-

SERVER CONFIGURATION:-

Step1:-
On the server, you need to have 2 network adapters, one for LAN and the other one for Internet.

Step 2:-
You need to share the internet of the adapter which is directly connected to Internet. Here its the adapter with name "NET". Right click on it, and goto properties.

Step 3:-
Now in properties, click on the advanced tab.

Step 4:-
Now in this, you will see the option of "Internet connection sharing". Select it and click "Ok".

Note that after you click OK, the IP address of LAN will be reset to 192.168.0.1/24 . So you need to change the IP address of LAN as per your address.

CLIENT COFIGURATION:-

Step 1:-
Goto the remote machine which wants to access internet via server. Open its network adapter properties.

Step2:-
Now in this, enter the IP address of server at 2 locations:- One at Gateway and other at DNS server.

Click OK.

Now you will be able to access internet directly without needing to enter the proxy. Remove the proxy settings if you have entered them in web browser.

TRICK:-
I have used this method a lot at hostel to get internet from my friends. I was in NBH and I used to download a lot of stuff using this. They don't know about this. So I used to modify the settings of their server and access internet from them. They couldn't find me and they thought that their internet has gone slow. There were 4-5 servers there and I had used net from each one of them. I loved being there as each one had atleast 600 Kbps connection and I used to get internet from each one of them. I would run 2,3 virtual machines and would use different server in each of them. Then I was able to download different stuff from different servers. So virtually I was having a net connection of about 5 Mbps of my own.... :). I used download a lot of stuff using this. Its a nice trick.... :)

Thursday, December 1, 2011

Create bootable windows 7 pendrive from "Customized Windows 7 image"

For creating a bootable pendrive of customized version of windows 7(image modified containing pre-configured softwares and settings), the steps change a bit.

First five steps are same. For them, refer the following article: http://learnwithrahul.blogspot.com/2011/12/how-to-create-bootable-windows-7.html

Sixth step changes for the customized images. You need to mount the customized windows 7 image. Now explore it and find the directory containing bootsect.exe.

Now navigate to that directory from command prompt in administrative mode and fire the command:-
bootsect /nt60 I:
(Where I: is the drive letter of pendrive)

Next steps are the same.

How to create bootable windows 7 pendrive for installation

For creating a bootable windows 7 pendrive, here are the Pre-requisites.

1. Windows 7 DVD or image.
2. If image available, then tool to mount the image, like "virtual clone drive" or "daemon tools".
3. Pendrive of size greater than the size of windows 7 DVD or image.

Creating Bootable Windows 7 pendrive:-

Step1:-
Open Command prompt with administrative privileges. Goto Start->Accessories->Command Prompt->Run as Administrator

Step 2:-
Enter "Diskpart" in command prompt. It will load the diskpart utility in the command prompt.

Step 3:-
Enter the command "List Disk". It will list all the available disks with their numbers. In the diagram below, the number of my USB Drive is 2.
Enter the command "Select disk <disk_no>" where disk_no is the number of the disk. As per the example below, its "select disk 2".

Step 4:-
Now "Clean" the disk. Also make it primary partition. For that fire the command "Create partition primary". Now mark the drive as "ACTIVE" and format it keeping the filesystem to NTFS. See the diagram below:-

Format the partition by entering the command "format fs=NTFS"

Step 5:-
Now assign a name to drive by entering the command "ASSIGN" and then exit from the diskpart utility. Don't close the command prompt.

Step 6:-
Now insert the Windows 7 DVD or mount the image of windows7. Note down the drive name. In my case, my windows 7 DVD Drive is 'K'. So now navigate to K:/boot folder. Also note down the drive letter of the pendrive. In my case, it is 'I'. Now enter the command:-

K:\Boot> bootsect /nt60 I:
(Where I: is the USB/Pen Drive)

Step 7:-
Now copy all the contents of windows 7 DVD to pendrive. You now have a bootable pendrive ready.