https://hackepedia.org/api.php?action=feedcontributions&user=Sysadmin&feedformat=atomHackepedia - User contributions [en]2024-03-29T02:27:27ZUser contributionsMediaWiki 1.35.0https://hackepedia.org/?title=Connect&diff=2645Connect2006-03-17T00:33:17Z<p>Sysadmin: </p>
<hr />
<div>You're unsuccessfully trying to connect somwhere. You'll need to know the [[DNS]] or [[IP]] of the server hosting the [[daemon]], as well as the [[Ports|port]] number it listens on. <br />
<br />
In our example, we'll try to connect to port 80 of hackepedia.org. (The common www port, often hidden in your [[Browser]]).<br />
<br />
* Can you resolve [[DNS]]?<br />
* Can you [[ping]] the server? (Verifying the machine is up)<br />
* Do you have to allow outbound access to this port on your [[firewall]]? on your [[router]]?<br />
* [[telnet]] to the port (we prefer netcat over telnet for this if you it installed)<br />
<br />
$ telnet hackepedia.org 80<br />
Trying 64.111.114.195...<br />
Connected to hackepedia.org.<br />
Escape character is '^]'.<br />
<br />
This tells me that the port is listening. Just for fun, here is an example showing that there is no [[daemon]] listening on port 79 of this server:<br />
<br />
$ telnet hackepedia.org 79<br />
Trying 64.111.114.195...<br />
telnet: Unable to connect to remote host: Connection refused</div>Sysadminhttps://hackepedia.org/?title=Connect&diff=2644Connect2006-03-17T00:30:03Z<p>Sysadmin: </p>
<hr />
<div>You're unsuccessfully trying to connect somwhere. You'll need to know the [[DNS]] or [[IP]] of the server hosting the [[daemon]], as well as the [[Ports|port]] number it listens on. <br />
<br />
In our example, we'll try to connect to port 80 of hackepedia.org. (The common www port, often hidden in your [[Browser]]).<br />
<br />
* Can you resolve [[DNS]]?<br />
* Can you [[ping]] the server? (Verifying the machine is up)<br />
* Do you have to allow outbound access to this port on your [[firewall]]? on your [[router]]?<br />
* [[telnet]] to the port<br />
<br />
$ telnet hackepedia.org 80<br />
Trying 64.111.114.195...<br />
Connected to hackepedia.org.<br />
Escape character is '^]'.<br />
<br />
This tells me that the port is listening. Just for fun, here is an example showing that there is no [[daemon]] listening on port 79 of this server:<br />
<br />
$ telnet hackepedia.org 79<br />
Trying 64.111.114.195...<br />
telnet: Unable to connect to remote host: Connection refused</div>Sysadminhttps://hackepedia.org/?title=Main_Page&diff=2628Main Page2006-03-16T00:38:08Z<p>Sysadmin: really should make the bullets into 2 columns..</p>
<hr />
<div>__NOTOC__<br />
<br />
<table width="100%" cellspacing="3" cellpadding="4"><br />
<tr><td rowspan="2" width="56%" valign="top" bgcolor="#d7e7fa" style="border:1px solid #CEDEF4; padding:1em;padding-top:0.2em; color: black;"><br />
The rough idea for this site was to create and provide answers to commonly asked questions and those that aren't currently answered online. It is maintained by hackers. If you do not understand a term, look it up at [http://www.wikipedia.org Wikipedia]. If you've come here to find answers or examples, hopefully you will find them. If you have an answer or example, we hope that you will leave those as well.<br />
<br />
You may have also been sent here because you're new to the [[internet]], or would like to learn the etiquette.<br />
<br />
Some other random pages to get you started:<br />
<br />
*[[Cider|How to make Cider]] <br />
*[[LILO|Fixing a broken LILO]] <br />
*[[Debugging]] <br />
*[[$HOME]]<br />
*[[Bytes]] <br />
*[[Ports]]<br />
*[[Privilege_escalation|Privilege Escalation]] <br />
*[[Disk_breakdown|The breakdown of a disk]]<br />
<br />
</td><td width="24%" valign="top" bgcolor="#e7f7e7" style="border:1px solid #BAD0EF; padding: 1em; padding-top: 0.5em; color: black;"><br />
'''Major Categories'''<br />
{{MajorCategories}}<br />
<br />
</td></tr><br />
</table><br />
<br />
Please see [http://meta.wikipedia.org/wiki/MediaWiki_i18n documentation on customizing the interface]<br />
and the [http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide User's Guide] for usage and configuration help.</div>Sysadminhttps://hackepedia.org/?title=Main_Page&diff=2624Main Page2006-03-15T23:08:28Z<p>Sysadmin: removed copyright URL from Main_Page, added to footer</p>
<hr />
<div>__NOTOC__<br />
<br />
<table width="100%" cellspacing="3" cellpadding="4"><br />
<tr><td rowspan="2" width="56%" valign="top" bgcolor="#d7e7fa" style="border:1px solid #CEDEF4; padding:1em;padding-top:0.2em; color: black;"><br />
The rough idea for this site was to create and provide answers to commonly asked questions and those that aren't currently answered online. It is written by hackers. If you do not understand a term, look it up at [http://www.wikipedia.org Wikipedia]. If you've come here to find answers or examples, hopefully you will find them. If you have an answer or example, we hope that you will leave those as well.<br />
<br />
You may have also been sent here because you're new to the [[internet]], or would like to learn the etiquette.<br />
<br />
Some other random pages to get you started:<br />
<br />
[[Cider|How to make Cider]]<br />
<br />
[[LILO|Fixing a broken LILO]] <br />
<br />
[[Debugging]]<br />
<br />
[[$HOME]]<br />
<br />
[[Privilege_escalation|Privilege Escalation]]<br />
<br />
[[DefenseInDepth|Defense in Depth]]<br />
<br />
[[Disk_breakdown|The breakdown of a disk]]<br />
<br />
</td><td width="24%" valign="top" bgcolor="#e7f7e7" style="border:1px solid #BAD0EF; padding: 1em; padding-top: 0.5em; color: black;"><br />
'''Major Categories'''<br />
{{MajorCategories}}<br />
<br />
</td></tr><br />
</table><br />
<br />
You will need to email yashy at mail.yashy.com. for an account on this site in order to edit pages.<br />
Please see [http://meta.wikipedia.org/wiki/MediaWiki_i18n documentation on customizing the interface]<br />
and the [http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide User's Guide] for usage and configuration help.</div>Sysadminhttps://hackepedia.org/?title=Talk:Editors&diff=2623Talk:Editors2006-03-15T23:03:43Z<p>Sysadmin: opening contributor access</p>
<hr />
<div>Opening the wiki to the public is a double-edged sword--and both sides are extremely sharp. <br />
<br />
On the plus side, we will ''potentialy'' more contributers. This is by no means assured, but if there are, then I think that the wiki will become more valuable by virtue of storing more information.<br />
<br />
On the negative side, we '''will''' have spam. Period. This is assured. I'm also an editor on the (much less active) [[http://gridengine.info:8080/wiki/index.php GridEngine Wiki]], and probably 80% (or more) of our time is spent reverting spam posts. Yes, you can block IPs, but that sucks, and the spammers will simply come from a different IP. It's the same problem as email-spam all over again, but without the nice crutches we have to manage it (RSBL, etc).<br />
<br />
I wonder if it is possible to see how many "attempted posts" there are to the wiki. I don't know how the bots work, so this might not be effective. I will ask the site admin for the GE wiki if he can send me some log entries from spam-postings. Perhaps it is possible to automatically detect them somehow. If it is, then maybe we can look at the logs for ''this'' wiki, and try to guess how many spam posts we can expect to receive.<br />
<br />
== opening contributor access ==<br />
<br />
Does the other wiki you're on require email verified registration? This should eliminate the spam problem I would hope, or have they been able to automate this process for exploiting mediawiki? <br />
I intend on trying this wiki as open access, as long as the existing regularly contributing editors will help patrol it. If you're a regular contributing editor, your privelges will be escalated at that time. <br />
As hackers, I think it's also our duty to maniulate the general look and feel more than I've done, feel free to propose any such changes. I've just modified the Navigation menu on the left including removal of the title.</div>Sysadminhttps://hackepedia.org/?title=Hackepedia:General_disclaimer&diff=2622Hackepedia:General disclaimer2006-03-15T22:58:52Z<p>Sysadmin: </p>
<hr />
<div>This product is meant for educational purposes only. <br />
<br />
Any resemblance to real persons, living or dead is purely coincidental. <br />
<br />
Void where prohibited. <br />
<br />
Some assembly required. <br />
<br />
List each check separately by bank number. <br />
<br />
Batteries not included. <br />
<br />
Contents may settle during shipment. <br />
<br />
Use only as directed. <br />
<br />
No other warranty expressed or implied. <br />
<br />
Do not use while operating a motor vehicle or heavy equipment. <br />
<br />
Postage will be paid by addressee. <br />
<br />
Subject to approval. <br />
<br />
This is not an offer to sell securities. <br />
<br />
Apply only to affected area. <br />
<br />
May be too intense for some viewers. <br />
<br />
Do not stamp. <br />
<br />
Use other side for additional listings. <br />
<br />
For recreational use only. <br />
<br />
Do not disturb. <br />
<br />
All models over 18 years of age.<br />
<br />
If condition persists, consult your physician. <br />
<br />
No user-serviceable parts inside. <br />
<br />
Freshest if eaten before date on carton. <br />
<br />
Subject to change without notice. <br />
<br />
Times approximate. <br />
<br />
Simulated picture. <br />
<br />
No postage necessary if mailed in Canada. <br />
<br />
Breaking seal constitutes acceptance of agreement. <br />
<br />
For off-road use only. <br />
<br />
As seen on TV. <br />
<br />
One size fits all. <br />
<br />
Many suitcases look alike. <br />
<br />
Contains a substantial amount of non-tobacco ingredients. <br />
<br />
Colors may, in time, fade. <br />
<br />
We have sent the forms which seem to be right for you. <br />
<br />
Slippery when wet. For office use only. <br />
<br />
Not affiliated with the American Red Cross.<br />
<br />
Drop in any mailbox. <br />
<br />
Edited for television. <br />
<br />
Keep cool; process promptly. <br />
<br />
Post office will not deliver without postage. <br />
<br />
List was current at time of printing. <br />
<br />
Return to sender, no forwarding order on file, unable to forward. <br />
<br />
Not responsible for direct, indirect, incidental or consequential damages resulting from any defect, error or failure to perform. <br />
<br />
At participating locations only. <br />
<br />
Not the Beatles.<br />
<br />
Penalty for private use. <br />
<br />
See label for sequence. <br />
<br />
Substantial penalty for early withdrawal. <br />
<br />
Do not write below this line. <br />
<br />
Falling rock. <br />
<br />
Lost ticket pays maximum rate. <br />
<br />
Your cancelled check is your receipt. <br />
<br />
Add toner. <br />
<br />
Place stamp here. <br />
<br />
Avoid contact with skin. <br />
<br />
Sanitized for your protection. <br />
<br />
Be sure each item is properly endorsed. <br />
<br />
Sign here without admitting guilt. <br />
<br />
Slightly higher west of the Mississippi. <br />
<br />
Employees and their families are not eligible.<br />
<br />
Beware of dog. <br />
<br />
Contestants have been briefed on some questions before the show. <br />
<br />
Limited time offer, call now to insure prompt delivery. <br />
<br />
You must be present to win. No passes accepted for this engagement. <br />
<br />
No purchase necessary. <br />
<br />
Processed at location stamped in code at top of carton. <br />
<br />
Shading within a garment may occur. <br />
<br />
Use only in well-ventilated area. <br />
<br />
Keep away from fire or flame. <br />
<br />
Replace with same type. <br />
<br />
Approved for veterans. <br />
<br />
Booths for two or more. <br />
<br />
Check here if tax deductible. <br />
<br />
Some equipment shown is optional. <br />
<br />
Price does not include taxes. <br />
<br />
No Canadian coins. <br />
<br />
Not recommended for children. <br />
<br />
Prerecorded for this time zone. <br />
<br />
Reproduction strictly prohibited. <br />
<br />
No solicitors. No alcohol, dogs, or horses. <br />
<br />
No anchovies unless otherwise specified. <br />
<br />
Restaurant package, not for resale. <br />
<br />
List at least two alternate dates. <br />
<br />
First pull up, then pull down. <br />
<br />
Call toll free before digging. <br />
<br />
Driver does not carry cash. <br />
<br />
Some of the trademarks mentioned in this product appear for identification purposes only.<br />
<br />
Record additional transactions on back of previous stub. <br />
<br />
Decision of judges is final.<br />
<br />
This supersedes all previous notices.</div>Sysadminhttps://hackepedia.org/?title=Hackepedia:About&diff=2621Hackepedia:About2006-03-15T22:56:19Z<p>Sysadmin: updated to new domain</p>
<hr />
<div>Assuming you've followed the [[Internet:Help_Process]], you can most likely find help on [[IRC]]. <br />
<br />
If you would like help regarding this site, feel free to send an email to admin at hackepedia.org.<br />
<br />
Please note all content on http://www.hackepedia.org. is protected by [[Help:Copyrights|copyright]].</div>Sysadminhttps://hackepedia.org/?title=MediaWiki:Sidebar&diff=2620MediaWiki:Sidebar2006-03-15T22:53:20Z<p>Sysadmin: </p>
<hr />
<div>** mainpage|mainpage<br />
** recentchanges-url|recentchanges<br />
** randompage-url|randompage<br />
** helppage|help<br />
** sitesupport-url|sitesupport</div>Sysadminhttps://hackepedia.org/?title=File_descriptors&diff=1762File descriptors2005-10-25T05:16:31Z<p>Sysadmin: </p>
<hr />
<div>A file descriptor is a handle in a program that allows data to be read and written. It is assigned a number starting at 0 and going to the [[file descriptor limit]]. A descriptor of -1 indicates an error. File descriptors are limited to [[file]]s in [[filesystem]]s but there is other sorts of descriptors (like sockets) that behave similarly so we bunch them together here.<br />
<br />
<br />
== Descriptors ==<br />
<br />
When a new [[process]] is created (by means of the [[fork]](2) system call) it inherits all open descriptors from the parent process. New descriptors are made by the following system calls [[open]](2), [[pipe]](2), [[socket]](2), [[accept]](2) and [[socketpair]](2). A descriptor can be duplicated thus creating a new descriptor and number with the dup(2) system call. A descriptor can be destroyed by means of the close(2) system call. All programs executed from a shell have the following 3 descriptors open bound to the terminal: [[Stdin]], [[Stdout]] and [[Stderr]], representing descriptor numbers 0, 1 and 2 respectively. More about descriptors can be found in the fd [[manual]] page on the [[OpenBSD]] system; "man 4 fd" to see this.<br />
<br />
Careful plumbing done by a program (such as a user shell) can use the [[pipe]](2), [[fork]](2), [[exec]](2) and [[dup2]](2) syscalls to connect the [[stdout]] of one program with [[stdin]] of another program this is called piping (see [[pipe]]). Long [[pipe]] chains (proper: pipelines) can be created this way.<br />
<br />
When a program becomes a [[daemon]] [[stdin]], [[stdout]] and [[stderr]] are usually closed and attached to the [[null]] device since they don't have a controlling terminal anymore. All writes to these descriptors will be discarded.<br />
<br />
With descriptors control messaging can be used to talk to the kernel directly without having to write to it. Interfaces for this include [[fcntl]](2), [[ioctl]](2) and [[tcsetattr]](2). With fcntl one can manipulate the [[close-on-exec]] flag which is useful with [[setuid]] programs.<br />
<br />
Descriptors can be polled without having to use them in order to find out that one is ready for i/o. There are two methods to do this: poll(2) and select(2).<br />
<br />
Descriptors can be set non-blocking meaning that a read will not block until data arrives when there is no data available. Instead if a block condition exists the [[syscall]] returns immediately and sets the [[errno]] to EWOULDBLOCK.<br />
<br />
Instead of being inherited by from a parent by means of the fork(2) [[syscall]] a descriptor can be passed from one process to another. The means to do this is through a UNIX domain socket. One process that uses this technique is [[sshd]].<br />
<br />
== How do I see descriptors of a process? ==<br />
<br />
There are a number of ways to see the open file descriptors of another program. In [[BSD]] the fstat(1) command lists all running programs (processes) of the system and their open descriptors furthermore it lists what type of descriptor it is (file, socket, pipe, etc) and tries to give a hint of what the descriptor is reading or writing on such as what filesystem and what inode number on that file system. In [[OpenBSD]] network sockets display what port number they have open which is useful for finding the program of that port. See [[ports]]:<br />
<br />
<br />
Below you'll find a list of descriptors of different types as well as examples what to do with the information given by fstat (this example uses fstat from [[OpenBSD]]):<br />
<br />
<br />
In fstat a filedescriptor on a file looks like this:<br />
USER CMD PID FD MOUNT INUM MODE R/W DV|SZ<br />
bituser python2.3 5233 26 /usr 9050558 -rw-r--r-- rw 48758784<br />
...<br />
$ find /usr/home/bituser -inum 9050558 -print 2>/dev/null<br />
/usr/home/bituser/downloads/trusted-computing/TrustedComputing_LAFKON_HIGH.mov<br />
<br />
An Internet socket that's listening looks like this:<br />
USER CMD PID FD MOUNT INUM MODE R/W DV|SZ<br />
root sshd 3641 5* internet stream tcp 0xfffffe800f551008 *:22<br />
...<br />
$ netstat -naA | head -2<br />
Active Internet connections (including servers)<br />
PCB Proto Recv-Q Send-Q Local Address Foreign Address (state)<br />
$ netstat -naA | awk '$1 == "0xfffffe800f551008" { print }'<br />
0xfffffe800f551008 tcp 0 0 *.22 *.* LISTEN<br />
<br />
<br />
A connected Internet socket descriptor looks like this:<br />
USER CMD PID FD MOUNT INUM MODE R/W DV|SZ<br />
bituser python2.3 5233 27* internet stream tcp 0xfffffe801be04d18 85.75.59.86:6884 <-- 80.177.208.19:12362<br />
<br />
A UNIX domain socket looks like this:<br />
USER CMD PID FD MOUNT INUM MODE R/W DV|SZ<br />
pbug ssh-agent 12530 4* unix stream 0xffff800001d80800<br />
<br />
A UNIX domain socketpair looks like this:<br />
USER CMD PID FD MOUNT INUM MODE R/W DV|SZ<br />
root ntpd 12284 3* unix stream 0xffff800001cd6480 <-> 0xffff800001cd6700<br />
<br />
A desriptor to a pipe looks like this:<br />
USER CMD PID FD MOUNT INUM MODE R/W DV|SZ<br />
pbug fstat 26338 1 pipe 0xfffffe801f525d28 state: <br />
<br />
A descriptor on a fifo looks like this:<br />
USER CMD PID FD MOUNT INUM MODE R/W DV|SZ<br />
pbug sh 3840 3 /tmp 5 prw-r--r-- r 0:0 <br />
<br />
A revoke(2)'ed descriptor looks like this:<br />
USER CMD PID FD MOUNT INUM MODE R/W DV|SZ<br />
pbug xterm 15604 5 - - none -<br />
<br />
<br />
<br />
<br />
----<br />
<br />
In [[Linux]] you'd use lsof to dig through the /proc filesystem to see open descriptors / [[ports]]. Specifically, you want to look in the /proc/<PID>/fd directory. Each symlink will point to an open file/socket/etc. An example from [[xterm]]:<br />
<br />
jbecker@aubrey /space/winders $ ls -l /proc/9383/fd<br />
total 6<br />
lr-x------ 1 jbecker users 64 Oct 15 09:53 0 -> /dev/null<br />
l-wx------ 1 jbecker users 64 Oct 15 09:53 1 -> /home/jbecker/.xsession-errors<br />
l-wx------ 1 jbecker users 64 Oct 15 09:53 2 -> /home/jbecker/.xsession-errors<br />
l-wx------ 1 jbecker users 64 Oct 15 09:53 3 -> /home/jbecker/.fluxbox/log<br />
lrwx------ 1 jbecker users 64 Oct 15 09:53 4 -> socket:[2995011]<br />
lrwx------ 1 jbecker users 64 Oct 15 09:53 5 -> /dev/ptmx</div>Sysadminhttps://hackepedia.org/?title=Windows&diff=449Windows2005-10-25T04:17:41Z<p>Sysadmin: </p>
<hr />
<div>If you're using Microsoft Windows, there are 3 recommended steps to take other then installing another Operating system.<br />
<br />
# Install a [[Firewall]]. This will close all your [[ports]] from being accessible from the public internet.<br />
# Install [[antivirus]] software. Make sure you are getting the latest virus definitions (information about the latest viruses) with your configuration. This is important, as new viruses are released daily.<br />
# Install another browser like [http://www.mozilla.org/products/firefox/ Mozilla Firefox] or [http://www.opera.com Opera] as Internet Explorer has a long history of security incidents.</div>Sysadminhttps://hackepedia.org/?title=Windows&diff=323Windows2005-10-25T04:16:13Z<p>Sysadmin: </p>
<hr />
<div>If you're using Microsoft Windows, there are 3 recommended steps to take other then installing another Operating system.<br />
<br />
# Install a [[Firewall]]. This will close all your [[ports]] from being accessible from the public internet.<br />
# Install [[antivirus]] software. This is the one thing worth paying for, as for one year from installing you will get the latest virus definitions (information about the latest viruses). This is important, as new viruses are released daily.<br />
# Install another browser like [http://www.mozilla.org/products/firefox/ Mozilla Firefox] or [http://www.opera.com Opera] as Internet Explorer has a long history of security incidents.</div>Sysadminhttps://hackepedia.org/?title=Solaris&diff=348Solaris2005-10-25T04:15:33Z<p>Sysadmin: </p>
<hr />
<div>Solaris is a UNIX product made at [[Sun Microsystems]]. Before version 2 it was BSD based, after version 2 it was based on [[SVR4]]. The current version is [[Solaris_10]]. It works on both x86 (PC) hardware but more commonly found on [http://www.sparc.com/ Sparc] hardware.</div>Sysadminhttps://hackepedia.org/?title=Solaris&diff=321Solaris2005-10-25T04:15:18Z<p>Sysadmin: </p>
<hr />
<div>Solaris is a UNIX product made at [[Sun Microsystems]]. Before version 2 it was BSD based, after version 2 it was based on [[SVR4]]. The current version is [[Solaris_10]]. It works on both x86 (PC) hardware but more commonly found on [http://www.sparc.com/ Sparc]] hardware.</div>Sysadminhttps://hackepedia.org/?title=Solaris&diff=320Solaris2005-10-25T04:14:26Z<p>Sysadmin: </p>
<hr />
<div>Solaris is a UNIX product made at [[Sun Microsystems]]. Before version 2 it was BSD based, after version 2 it was based on [[SVR4]]. The current version is [[Solaris_10]]. It works on both x86 (PC) hardware but more commonly found on [[Sparc]] hardware.</div>Sysadminhttps://hackepedia.org/?title=Solaris&diff=319Solaris2005-10-25T04:14:00Z<p>Sysadmin: </p>
<hr />
<div>Solaris is a UNIX product made at [[Sun Microsystems]]. Before version 2 it was BSD based, after version 2 it was based on [[SVR4]]. The current version is [[Solaris_10]]. It works on both x86 (PC) hardware but more popularly on [[Sparc]] hardware.</div>Sysadminhttps://hackepedia.org/?title=Editors&diff=425Editors2005-10-25T04:04:47Z<p>Sysadmin: </p>
<hr />
<div>Just a note to the editors of this site. <br />
Thanks for all your help on this project. <br />
Let's try to remember we are not trying to copy [http://www.wikipedia.org Wikipedia], we are a trying to provide a resource written from the perspective from a [[hacker]] for the community.<br />
Let's make entries that will show examples and hacks related to the subject in question. Please see [[Ports]] as an example. There is a basic description, with examples. If the user wants a full explanation of Ports, they can get that from Wikipedia.<br />
<br />
If you're looking for somewhere to start, check out [[Special:Wantedpages]]<br />
<br />
Thanks again!</div>Sysadminhttps://hackepedia.org/?title=Ls&diff=332Ls2005-10-25T03:58:08Z<p>Sysadmin: </p>
<hr />
<div><code>ls</code> is the basic "LiSt me the contents" command used in a unix [[shell]]. It operates on the current directory by default, and displays a list of all [[files]], [[directories]], [[pipes]], [[sockets]], [[symlinks]], and [[devices]].<br />
<br />
There are many, many options to <code>ls</code>, and they can vary greatly from system to system. Check the local [[man]] pages for details.<br />
<br />
ls -lart<br />
<br />
is a popular usage with arguments. A long listing which shows .files, reversed by time. You can alternatively [[shell:alias]] this if you use it a lot.</div>Sysadminhttps://hackepedia.org/?title=Ls&diff=316Ls2005-10-25T03:57:52Z<p>Sysadmin: </p>
<hr />
<div><code>ls</code> is the basic "LiSt me the contents" command used in a unix [[shell]]. It operates on the current directory by default, and displays a list of all [[files]], [[directories]], [[pipes]], [[sockets]], [[symlinks]], and [[devices]].<br />
<br />
There are many, many options to <code>ls</code>, and they can vary greatly from system to system. Check the local [[man]] pages for details.<br />
<br />
ls -lart<br />
<br />
is a popular usage with arguements. A long listing which shows .files, reversed by time. You can alternatively [[shell:alias]] this if you use it a lot.</div>Sysadminhttps://hackepedia.org/?title=Ls&diff=315Ls2005-10-25T03:55:39Z<p>Sysadmin: </p>
<hr />
<div><code>ls</code> is the basic "LiSt me the contents" command used in a unix [[shell]]. It operates on the current directory by default, and displays a list of all [[files]], [[directories]], [[pipes]], [[sockets]], [[symlinks]], and [[devices]].<br />
<br />
There are many, many options to <code>ls</code>, and they can vary greatly from system to system. Check the local [[man]] pages for details.</div>Sysadminhttps://hackepedia.org/?title=Variables&diff=1881Variables2005-10-24T23:07:54Z<p>Sysadmin: </p>
<hr />
<div>The majority of scripts and programs require variables. In shell scripts a variable is often preceeded with a $ when it is used. We will try to use this standard in this wiki as well for simplicity. For example in [[PPP]] there are three variables that need to be changed, and they are all identified with a $ at the beginning:<br />
<br />
set device PPPoE:$sis0<br />
set authname $ISP_userid<br />
set authkey $ISP_password<br />
<br />
In this case you will replace $sis0 with the name of your [[NIC]], we'll assume yours is a rl0 because everyone loved realtek NICs. If the username you have with your ISP is simonp and your password is s1m0nP then you would change the 3 lines to read:<br />
<br />
set device PPPoE:rl0<br />
set authname simonp<br />
set authkey s1m0nP</div>Sysadminhttps://hackepedia.org/?title=UBO&diff=593UBO2005-10-24T23:06:30Z<p>Sysadmin: </p>
<hr />
<div>Unix Based Operating system<br />
<br />
The majority of hacks you will find on this site are surrounding Unix based OSs (operating systems), which is quite different from Microsoft's Windows operating systems. There is much religion about what qualifies an OS to be unix based, but I will leave that for other forums. For our purposes, it will generally refer to linux, macosx and the BSDs.</div>Sysadminhttps://hackepedia.org/?title=NIC&diff=1882NIC2005-10-24T23:03:51Z<p>Sysadmin: </p>
<hr />
<div>Network Interface Card. The card between your computer and the network ;)<br />
<br />
/sbin/ifconfig -a<br />
<br />
should show you all currently installed and detected interface cards in your [[UBO]]. If not, try to find it by scrolling through dmesg<br />
<br />
dmesg | less -XF</div>Sysadminhttps://hackepedia.org/?title=NIC&diff=312NIC2005-10-24T23:03:02Z<p>Sysadmin: </p>
<hr />
<div>Network Interface Card. The card between your computer and the network ;)<br />
<br />
/sbin/ifconfig -a<br />
<br />
should show you all currently installed and detected interface cards in your [[UBC]]. If not, try to find it by scrolling through dmesg<br />
<br />
dmesg | less -XF</div>Sysadminhttps://hackepedia.org/?title=Variables&diff=313Variables2005-10-24T23:00:39Z<p>Sysadmin: </p>
<hr />
<div>The majority of scripts and programs require variables. In shell scripts a variable is often preceeded with a $ when it is used. We will try to use this standard in this wiki as well for simplicity. For example in [[ppp]] there are three variables that need to be changed, and they are all identified with a $ at the beginning:<br />
<br />
set device PPPoE:$sis0<br />
set authname $ISP_userid<br />
set authkey $ISP_password<br />
<br />
In this case you will replace $sis0 with the name of your [[NIC]], we'll assume yours is a rl0 because everyone loved realtek NICs. If the username you have with your ISP is simonp and your password is s1m0nP then you would change the 3 lines to read:<br />
<br />
set device PPPoE:rl0<br />
set authname simonp<br />
set authkey s1m0nP</div>Sysadminhttps://hackepedia.org/?title=PPP&diff=326PPP2005-10-24T22:54:55Z<p>Sysadmin: </p>
<hr />
<div>Point to Point protocol, most commonly used now as [[PPPoE]] (Over Ethernet). Here is a sample /etc/ppp/ppp.conf from FreeBSD 5.4-RELEASE. As always replace the [[variables]]:<br />
default:<br />
set log Phase Chat IPCP CCP tun command<br />
set device PPPoE:$sis0<br />
set mru 1492<br />
set mtu 1452<br />
add! default HISADDR<br />
test:<br />
set authname test@test<br />
set authkey test<br />
set dial<br />
set login<br />
myisp:<br />
set authname $ISP_userid<br />
set authkey $ISP_Password<br />
set dial<br />
set login<br />
enable dns<br />
<br />
"default" above identifies variables that will be shared across your various ppp connections. It is possible to have multiple, the author of this has 2 PPPoE sDSL connections for example. I left "test" above as many Redbacks allow this username/password combo for testing. <br />
<br />
# ppp<br />
ppp> ddial test<br />
<br />
if all three letters in your prompt turn capitalized, it's working. At that stage you can try <br />
<br />
# ppp -ddial myisp<br />
<br />
and then check [[ifconfig]] and your ppp.log which is usually found in /var/log.</div>Sysadminhttps://hackepedia.org/?title=Editors&diff=317Editors2005-10-24T22:44:57Z<p>Sysadmin: </p>
<hr />
<div>Just a note to the editors of this site. <br />
Thanks for all your help on this project. <br />
Let's try to remember we are not trying to copy [http://www.wikipedia.org Wikipedia], we are a trying to provide a resource written from the perspective from a [[hacker]] for the community.<br />
Let's make entries that will show examples and hacks related to the subject in question. Please see [[Ports]] as an example, does a a basic description, with examples. If the user wants a full explanation of Ports, they can get that from Wikipedia.<br />
If you're looking for somewhere to start, check out [[Special:Wantedpages]]<br />
<br />
Thanks again!</div>Sysadminhttps://hackepedia.org/?title=Ports&diff=526Ports2005-10-24T22:24:52Z<p>Sysadmin: </p>
<hr />
<div>Ports are identifiers of protocols that work on the transport layer (layer 4) of the [[OSI]] model. [[TCP]] and [[UDP]] are transport layer protocols that have ports. In [[TCP]] and [[UDP]] a port is represented by a 16 bit short integer which is unsigned meaning that the possible port range is 0 through 65535. Port 0 is illegal and no service resides on it.<br />
<br />
Say you want to know what is running on port 80 of your machine. The first hint would be to look in the file /etc/services as well as [http://www.iana.org/assignments/port-numbers IANAs list] to get an idea of what typically runs on that port. <br />
<br />
http 80/tcp www www-http #World Wide Web HTTP<br />
http 80/udp www www-http #World Wide Web HTTP<br />
<br />
looks like it's the port typically used for the www. Now we can try netstat to actually see what is listening,<br />
not just what should be there.<br />
<br />
netstat -an | grep LISTEN<br />
<br />
however I prefer the flexibility of lsof which I install on all of my machines. <br />
<br />
lsof -i:80<br />
<br />
will show you exactly what is listening on this port. If you want to see ports on your machine are open to the general public, which is often how computers are broken into, you can try Yashy's [http://crypto.yashy.com/nmap.php self port scan]. You don't want to see any ports open, or listening, unless you've intentionally started that process for the public to connect to.<br />
<br />
Ideally if you see any ports open, you will close down the application that has that port open. Alternatively you can install and use a [[firewall]].</div>Sysadminhttps://hackepedia.org/?title=Solaris&diff=318Solaris2005-10-24T20:03:45Z<p>Sysadmin: </p>
<hr />
<div>Solaris is a UNIX product made at [[Sun Microsystems]]. Before version 2 it was BSD based, after version 2 it was based on [[SVR4]]. This is the most popular commercial Unix to date, and the current version is [[Solaris_10]]. It works on both x86 (PC) hardware but more popularly on [[Sparc]] hardware.</div>Sysadminhttps://hackepedia.org/?title=Ethernet&diff=459Ethernet2005-10-24T19:59:40Z<p>Sysadmin: /* PPPoE */</p>
<hr />
<div>Ethernet is a method for communication also called CSMA/CD (carrier sense, media access / collision detect). It was developed at DEC first. It was cheaper than [[token ring]] for a Local Area Network ([[LAN]]) so it became the industrial standard. Ethernet has historically been used on copper cabling up to Gigabit speeds, but fibre-optic cabling is becoming very popular especially at Gigabit speeds. When ethernet is in a half-duplex setting (possibly connected to a [[hub]]) collisions can occur when two or more NICS broadcast at the same time. When a collission is detected a NIC will back off a random amount of time and try again, because the other cards also back off a random amount of time the odds are low that they will collide again. Today [[hub]]s are not used anymore but [[switch]]es which eliminate the need to put cards in [[half duplex]] mode.<br />
If you only have one network card,<br />
# /sbin/ifconfig -a | grep media<br />
media: Ethernet autoselect (100baseTX <full-duplex>)<br />
should show you what your network card is currently running at. If you have multiple cards, or are not getting the anticipated response, just try <br />
# /sbin/ifconfig -a<br />
<br />
=== Thinnet & Thicknet ===<br />
----<br />
=== 10base2 ===<br />
<br />
Called Thin-net or Cheapernet. Today this is not used anymore.<br />
<br />
=== 10base5 ===<br />
<br />
Uses coaxial cable for a range of 500 meters without repeaters. Today this is not used anymore.<br />
<br />
=== Twisted Pair & Fibre optics ===<br />
----<br />
<br />
=== 10baseT Ethernet ===<br />
<br />
Has a bandwidth of 10 Mbps (Mega bit per second). It can work in [[full duplex]] and [[half duplex]] mode. The maximum length of one copper ethernet cable between 2 NIC's is 100 meters, 200 meters if a ethernet repeater is used, which boosts the signal. <br />
<br />
=== 100baseT Fast Ethernet ===<br />
<br />
Has a bandwidth of 100 Mbps. It can work in [[full duplex]] and [[half duplex]] mode. The maximum length between 2 NICS is the same as 10 Mbps ethernet.<br />
<br />
=== 1000baseT Gigabit Ethernet ===<br />
<br />
Has a bandwidth of 1000 Mbps. It can work in [[full duplex]] and [[half duplex]] mode.<br />
<br />
=== 10 Gigabit Ethernet ===<br />
<br />
Has a bandwidth of 10 Gbps (Giga bit per second). It probably works in [[full duplex]] mode.<br />
<br />
<br />
=== Twisted Pair Copper Cabling ===<br />
<br />
Ethernet copper cabling also called Twisted Pair cabling is composed of 4 pairs of copper wire which are twisted between the pairs and also twisted around in their plastic protective coating. The twist is to ensure shielding which is questionable. The ends of ethernet cabling are connectors called RJ-45 bits. The individual wires are colour coded and are visible in the RJ-45 connector from the top. The most common sequence is 1. green-white 2. green 3. orange-white 4. blue 5. blue-white 6. orange 7. brown-white 8. brown. This is the setup on both ends for what is called a straight-thru cable. The only wires actually used are positions 1, 2, 3 and 6. When you want to connect 2 ethernet cards directly without use of a [[hub]] or [[switch]] you require a cable that is crossed-over or a cross-over cable. This is called so because positions 1 and 3 and 2 and 6 are crossed, so the end of the crossed end looks like this 1. orange-white 2. orange 3. green-white 4. blue 5. blue-white 6. green 7. brown-white 8. brown. The most common type of cabling for ethernet is category 5 cabling although there is category 5e now for gigabit. To attach the RJ-45 bits to the cabling a special tool called a RJ-45 crimper is used. Cheap version s are about $30 (CA) at cabling surplus stores.<br />
<br />
=== Wireless LAN ===<br />
<br />
WLAN also called Wifi was first developed at Lucent with their Wavelan product. It is a standard based around IEEE 802.11b and g. At first Wifi could speak only 11 Mbps maximum which was then upgraded to 54 Mbps with the 802.11g standard. Wifi came with built-in encryption at first called WEP but the implementation of this [[cryptography]] was breakable. It should be noted that all Wifi should be encrypted with [[IPsec]] to ensure additional security.<br />
<br />
<br />
=== PPPoE ===<br />
<br />
[[PPP]] over Ethernet is a hack of protocol spoken with most DSL home end-user connections. It is covered in [[RFC]] 2516 and involves packet encasulation, a packet within a packet. As a result a PPPoE user will often have to dumb down their [[MTU]] and/or [[MRU]] settings. Although the default is usually 1500, this author has the following in his ppp.conf:<br />
set mru 1492<br />
set mtu 1452<br />
as the best setting for his PPPoE sDSL connection.</div>Sysadminhttps://hackepedia.org/?title=RFC&diff=1832RFC2005-10-24T19:57:15Z<p>Sysadmin: </p>
<hr />
<div>RFC stands for Request for Comments. These are the best we have as "standards" for the complex space the internet has become. You can see the listings of all RFC's [http://www.rfc-editor.org here].</div>Sysadminhttps://hackepedia.org/?title=Ethernet&diff=308Ethernet2005-10-24T19:56:19Z<p>Sysadmin: /* PPPoE */</p>
<hr />
<div>Ethernet is a method for communication also called CSMA/CD (carrier sense, media access / collision detect). It was developed at DEC first. It was cheaper than [[token ring]] for a Local Area Network ([[LAN]]) so it became the industrial standard. Ethernet has historically been used on copper cabling up to Gigabit speeds, but fibre-optic cabling is becoming very popular especially at Gigabit speeds. When ethernet is in a half-duplex setting (possibly connected to a [[hub]]) collisions can occur when two or more NICS broadcast at the same time. When a collission is detected a NIC will back off a random amount of time and try again, because the other cards also back off a random amount of time the odds are low that they will collide again. Today [[hub]]s are not used anymore but [[switch]]es which eliminate the need to put cards in [[half duplex]] mode.<br />
If you only have one network card,<br />
# /sbin/ifconfig -a | grep media<br />
media: Ethernet autoselect (100baseTX <full-duplex>)<br />
should show you what your network card is currently running at. If you have multiple cards, or are not getting the anticipated response, just try <br />
# /sbin/ifconfig -a<br />
<br />
=== Thinnet & Thicknet ===<br />
----<br />
=== 10base2 ===<br />
<br />
Called Thin-net or Cheapernet. Today this is not used anymore.<br />
<br />
=== 10base5 ===<br />
<br />
Uses coaxial cable for a range of 500 meters without repeaters. Today this is not used anymore.<br />
<br />
=== Twisted Pair & Fibre optics ===<br />
----<br />
<br />
=== 10baseT Ethernet ===<br />
<br />
Has a bandwidth of 10 Mbps (Mega bit per second). It can work in [[full duplex]] and [[half duplex]] mode. The maximum length of one copper ethernet cable between 2 NIC's is 100 meters, 200 meters if a ethernet repeater is used, which boosts the signal. <br />
<br />
=== 100baseT Fast Ethernet ===<br />
<br />
Has a bandwidth of 100 Mbps. It can work in [[full duplex]] and [[half duplex]] mode. The maximum length between 2 NICS is the same as 10 Mbps ethernet.<br />
<br />
=== 1000baseT Gigabit Ethernet ===<br />
<br />
Has a bandwidth of 1000 Mbps. It can work in [[full duplex]] and [[half duplex]] mode.<br />
<br />
=== 10 Gigabit Ethernet ===<br />
<br />
Has a bandwidth of 10 Gbps (Giga bit per second). It probably works in [[full duplex]] mode.<br />
<br />
<br />
=== Twisted Pair Copper Cabling ===<br />
<br />
Ethernet copper cabling also called Twisted Pair cabling is composed of 4 pairs of copper wire which are twisted between the pairs and also twisted around in their plastic protective coating. The twist is to ensure shielding which is questionable. The ends of ethernet cabling are connectors called RJ-45 bits. The individual wires are colour coded and are visible in the RJ-45 connector from the top. The most common sequence is 1. green-white 2. green 3. orange-white 4. blue 5. blue-white 6. orange 7. brown-white 8. brown. This is the setup on both ends for what is called a straight-thru cable. The only wires actually used are positions 1, 2, 3 and 6. When you want to connect 2 ethernet cards directly without use of a [[hub]] or [[switch]] you require a cable that is crossed-over or a cross-over cable. This is called so because positions 1 and 3 and 2 and 6 are crossed, so the end of the crossed end looks like this 1. orange-white 2. orange 3. green-white 4. blue 5. blue-white 6. green 7. brown-white 8. brown. The most common type of cabling for ethernet is category 5 cabling although there is category 5e now for gigabit. To attach the RJ-45 bits to the cabling a special tool called a RJ-45 crimper is used. Cheap version s are about $30 (CA) at cabling surplus stores.<br />
<br />
=== Wireless LAN ===<br />
<br />
WLAN also called Wifi was first developed at Lucent with their Wavelan product. It is a standard based around IEEE 802.11b and g. At first Wifi could speak only 11 Mbps maximum which was then upgraded to 54 Mbps with the 802.11g standard. Wifi came with built-in encryption at first called WEP but the implementation of this [[cryptography]] was breakable. It should be noted that all Wifi should be encrypted with [[IPsec]] to ensure additional security.<br />
<br />
<br />
=== PPPoE ===<br />
<br />
[[PPP]] over Ethernet is a hack of protocol spoken with most DSL home end-user connections. It is covered in [[RFC]] 2516 and involves packet encasulation, a packet within a packet. As a result a PPPoE user will often have to dumb down their MTU settings.</div>Sysadminhttps://hackepedia.org/?title=Ethernet&diff=306Ethernet2005-10-24T19:55:13Z<p>Sysadmin: </p>
<hr />
<div>Ethernet is a method for communication also called CSMA/CD (carrier sense, media access / collision detect). It was developed at DEC first. It was cheaper than [[token ring]] for a Local Area Network ([[LAN]]) so it became the industrial standard. Ethernet has historically been used on copper cabling up to Gigabit speeds, but fibre-optic cabling is becoming very popular especially at Gigabit speeds. When ethernet is in a half-duplex setting (possibly connected to a [[hub]]) collisions can occur when two or more NICS broadcast at the same time. When a collission is detected a NIC will back off a random amount of time and try again, because the other cards also back off a random amount of time the odds are low that they will collide again. Today [[hub]]s are not used anymore but [[switch]]es which eliminate the need to put cards in [[half duplex]] mode.<br />
If you only have one network card,<br />
# /sbin/ifconfig -a | grep media<br />
media: Ethernet autoselect (100baseTX <full-duplex>)<br />
should show you what your network card is currently running at. If you have multiple cards, or are not getting the anticipated response, just try <br />
# /sbin/ifconfig -a<br />
<br />
=== Thinnet & Thicknet ===<br />
----<br />
=== 10base2 ===<br />
<br />
Called Thin-net or Cheapernet. Today this is not used anymore.<br />
<br />
=== 10base5 ===<br />
<br />
Uses coaxial cable for a range of 500 meters without repeaters. Today this is not used anymore.<br />
<br />
=== Twisted Pair & Fibre optics ===<br />
----<br />
<br />
=== 10baseT Ethernet ===<br />
<br />
Has a bandwidth of 10 Mbps (Mega bit per second). It can work in [[full duplex]] and [[half duplex]] mode. The maximum length of one copper ethernet cable between 2 NIC's is 100 meters, 200 meters if a ethernet repeater is used, which boosts the signal. <br />
<br />
=== 100baseT Fast Ethernet ===<br />
<br />
Has a bandwidth of 100 Mbps. It can work in [[full duplex]] and [[half duplex]] mode. The maximum length between 2 NICS is the same as 10 Mbps ethernet.<br />
<br />
=== 1000baseT Gigabit Ethernet ===<br />
<br />
Has a bandwidth of 1000 Mbps. It can work in [[full duplex]] and [[half duplex]] mode.<br />
<br />
=== 10 Gigabit Ethernet ===<br />
<br />
Has a bandwidth of 10 Gbps (Giga bit per second). It probably works in [[full duplex]] mode.<br />
<br />
<br />
=== Twisted Pair Copper Cabling ===<br />
<br />
Ethernet copper cabling also called Twisted Pair cabling is composed of 4 pairs of copper wire which are twisted between the pairs and also twisted around in their plastic protective coating. The twist is to ensure shielding which is questionable. The ends of ethernet cabling are connectors called RJ-45 bits. The individual wires are colour coded and are visible in the RJ-45 connector from the top. The most common sequence is 1. green-white 2. green 3. orange-white 4. blue 5. blue-white 6. orange 7. brown-white 8. brown. This is the setup on both ends for what is called a straight-thru cable. The only wires actually used are positions 1, 2, 3 and 6. When you want to connect 2 ethernet cards directly without use of a [[hub]] or [[switch]] you require a cable that is crossed-over or a cross-over cable. This is called so because positions 1 and 3 and 2 and 6 are crossed, so the end of the crossed end looks like this 1. orange-white 2. orange 3. green-white 4. blue 5. blue-white 6. green 7. brown-white 8. brown. The most common type of cabling for ethernet is category 5 cabling although there is category 5e now for gigabit. To attach the RJ-45 bits to the cabling a special tool called a RJ-45 crimper is used. Cheap version s are about $30 (CA) at cabling surplus stores.<br />
<br />
=== Wireless LAN ===<br />
<br />
WLAN also called Wifi was first developed at Lucent with their Wavelan product. It is a standard based around IEEE 802.11b and g. At first Wifi could speak only 11 Mbps maximum which was then upgraded to 54 Mbps with the 802.11g standard. Wifi came with built-in encryption at first called WEP but the implementation of this [[cryptography]] was breakable. It should be noted that all Wifi should be encrypted with [[IPsec]] to ensure additional security.<br />
<br />
<br />
=== PPPoE ===<br />
<br />
[[PPP]] over Ethernet is a protocol spoken with most DSL home end-user connections. It is covered in [[RFC]] 2516.</div>Sysadminhttps://hackepedia.org/?title=Main_Page&diff=324Main Page2005-10-24T19:51:19Z<p>Sysadmin: </p>
<hr />
<div>So the rough idea for this site was to create answers for questions not currently easy to find online, or common ones <br />
that are asked. It is written by hackers. If you do not understand a term, look it up at [http://www.wikipedia.org Wikipedia], if you've come here to find answers or examples, hopefully you will find them here. <br />
<br />
You may have also been sent here because you're new to the [[internet]], or would like to learn the etiquette.<br />
<br />
<br />
You will need to email yashy at mail.yashy.com. for an account on this site in order to edit pages.<br />
Please see [http://meta.wikipedia.org/wiki/MediaWiki_i18n documentation on customizing the interface]<br />
and the [http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide User's Guide] for usage and configuration help.</div>Sysadminhttps://hackepedia.org/?title=Main_Page&diff=304Main Page2005-10-24T19:50:42Z<p>Sysadmin: </p>
<hr />
<div>So the rough idea for this site was to create answers for questions not currently easy to find online, or common ones <br />
that are asked. It is written by [[Hackers]]. If you do not understand a term, look it up at [http://www.wikipedia.org Wikipedia], if you've come here to find answers or examples, hopefully you will find them here. <br />
<br />
You may have also been sent here because you're new to the [[internet]], or would like to learn the etiquette.<br />
<br />
<br />
You will need to email yashy at mail.yashy.com. for an account on this site in order to edit pages.<br />
Please see [http://meta.wikipedia.org/wiki/MediaWiki_i18n documentation on customizing the interface]<br />
and the [http://meta.wikipedia.org/wiki/MediaWiki_User%27s_Guide User's Guide] for usage and configuration help.</div>Sysadminhttps://hackepedia.org/?title=Traceroute&diff=302Traceroute2005-10-24T19:45:49Z<p>Sysadmin: </p>
<hr />
<div>Traceroute is a program to trace the routers between two computers on the [[Internet]]. The program was written by Van Jacobson. It uses raw [[socket]]s to output and receive [[UDP]] and [[ICMP]] packets. It is prone to faulty data and should not be trusted completely.<br />
<br />
In detail and in the default mode traceroute outputs [[UDP]] packets on a high [[UDP]] [[port]] (starting at 32768 + 666) and incrementing the port number by one per packet sent. The packet includes a timestamp (obscured in [[OpenBSD]]) and the [[IP]] Time-to-live starts at 1 and increments by one every three packets. At each router that the packets reach with the Time-to-live of 1 a [[ICMP]] Time Exceeded (type 11) message is sent back (see [[RFC]] 791 page 6).<br />
<br />
Another mode for traceroute is to use the [[ICMP]] protocol instead of the [[UDP]] packets, the [[ICMP]] type used is 8 (ECHO REQUEST) (see [[ping]]). In ICMP mode no ports are used since the protocol does not support it.<br />
<br />
A sample traceroute:<br />
<br />
$ traceroute www.yashy.com<br />
traceroute to mail.yashy.com (206.248.137.44), 64 hops max, 40 byte packets<br />
1 * * *<br />
2 ae2-200.ffm4-j.mcbone.net (62.104.198.228) 46.601 ms 46.218 ms 47.653 ms<br />
3 t2a4-p8-2.de-fra.eu.bt.net (166.49.147.169) 46.621 ms 45.928 ms 46.692 ms<br />
4 t2c2-ge6-0.de-fra.eu.bt.net (166.49.172.12) 45.956 ms 47.142 ms 46.439 ms<br />
5 t2c2-p3-0.uk-glo.eu.bt.net (166.49.208.102) 68.83 ms 66.141 ms 66.159 ms<br />
6 t2c2-p4-2.uk-eal.eu.bt.net (166.49.208.13) 67.817 ms 66.317 ms 65.847 ms<br />
7 t2c2-p4-0.us-ash.eu.bt.net (166.49.164.62) 142.317 ms 140.801 ms 142.35 ms<br />
8 equinixexchange.peer1.net (206.223.115.30) 139.271 ms 139.238 ms 141.776 ms<br />
9 OC48-POS0-0.wdc-sp2-cor-1.peer1.net (216.187.115.234) 139.534 ms 140.229 ms 141.74 ms<br />
...<br />
<br />
Routers which [[firewall]] traceroute packets (either by protocol or by Time-to-live) appear as a *. In [[FreeBSD]] a STEALTH mode can be turned on which prevents a forwarded packet to be decremented by one causing no [[ICMP]] Time Exceeded message to be sent causing the computer to be omitted in a traceroute.<br />
<br />
[http://www.bitwizard.nl/mtr/ mtr] combines the functionality of the traceroute and ping programs in a single network diagnostic tool. There are also several GUI versions of traceroute available that will include the geographic position of each host.</div>Sysadminhttps://hackepedia.org/?title=Traceroute&diff=301Traceroute2005-10-24T19:45:27Z<p>Sysadmin: </p>
<hr />
<div>Traceroute is a program to trace the routers between two computers on the [[Internet]]. The program was written by Van Jacobson. It uses raw [[socket]]s to output and receive [[UDP]] and [[ICMP]] packets. It is prone to faulty data and should not be trusted completely.<br />
<br />
In detail and in the default mode traceroute outputs [[UDP]] packets on a high [[UDP]] [[port]] (starting at 32768 + 666) and incrementing the port number by one per packet sent. The packet includes a timestamp (obscured in [[OpenBSD]]) and the [[IP]] Time-to-live starts at 1 and increments by one every three packets. At each router that the packets reach with the Time-to-live of 1 a [[ICMP]] Time Exceeded (type 11) message is sent back (see [[RFC]] 791 page 6).<br />
<br />
Another mode for traceroute is to use the [[ICMP]] protocol instead of the [[UDP]] packets, the [[ICMP]] type used is 8 (ECHO REQUEST) (see [[ping]]). In ICMP mode no ports are used since the protocol does not support it.<br />
<br />
A sample traceroute:<br />
<br />
$ traceroute www.yashy.com<br />
traceroute to mail.yashy.com (206.248.137.44), 64 hops max, 40 byte packets<br />
1 * * *<br />
2 ae2-200.ffm4-j.mcbone.net (62.104.198.228) 46.601 ms 46.218 ms 47.653 ms<br />
3 t2a4-p8-2.de-fra.eu.bt.net (166.49.147.169) 46.621 ms 45.928 ms 46.692 ms<br />
4 t2c2-ge6-0.de-fra.eu.bt.net (166.49.172.12) 45.956 ms 47.142 ms 46.439 ms<br />
5 t2c2-p3-0.uk-glo.eu.bt.net (166.49.208.102) 68.83 ms 66.141 ms 66.159 ms<br />
6 t2c2-p4-2.uk-eal.eu.bt.net (166.49.208.13) 67.817 ms 66.317 ms 65.847 ms<br />
7 t2c2-p4-0.us-ash.eu.bt.net (166.49.164.62) 142.317 ms 140.801 ms 142.35 ms<br />
8 equinixexchange.peer1.net (206.223.115.30) 139.271 ms 139.238 ms 141.776 ms<br />
9 OC48-POS0-0.wdc-sp2-cor-1.peer1.net (216.187.115.234) 139.534 ms 140.229 ms 141.74 ms<br />
...<br />
<br />
Routers which [[firewall]] traceroute packets (either by protocol or by Time-to-live) appear as a *. In [[FreeBSD]] a STEALTH mode can be turned on which prevents a forwarded packet to be decremented by one causing no [[ICMP]] Time Exceeded message to be sent causing the computer to be omitted in a traceroute.<br />
<br />
[mhttp://www.bitwizard.nl/mtr/ mtr] combines the functionality of the traceroute and ping programs in a single network diagnostic tool. There are also several GUI versions of traceroute available that will include the geographic position of each host.</div>Sysadminhttps://hackepedia.org/?title=Traceroute&diff=300Traceroute2005-10-24T19:44:15Z<p>Sysadmin: </p>
<hr />
<div>Traceroute is a program to trace the routers between two computers on the [[Internet]]. The program was written by Van Jacobson. It uses raw [[socket]]s to output and receive [[UDP]] and [[ICMP]] packets. It is prone to faulty data and should not be trusted completely.<br />
<br />
In detail and in the default mode traceroute outputs [[UDP]] packets on a high [[UDP]] [[port]] (starting at 32768 + 666) and incrementing the port number by one per packet sent. The packet includes a timestamp (obscured in [[OpenBSD]]) and the [[IP]] Time-to-live starts at 1 and increments by one every three packets. At each router that the packets reach with the Time-to-live of 1 a [[ICMP]] Time Exceeded (type 11) message is sent back (see [[RFC]] 791 page 6).<br />
<br />
Another mode for traceroute is to use the [[ICMP]] protocol instead of the [[UDP]] packets, the [[ICMP]] type used is 8 (ECHO REQUEST) (see [[ping]]). In ICMP mode no ports are used since the protocol does not support it.<br />
<br />
A sample traceroute:<br />
<br />
$ traceroute www.yashy.com<br />
traceroute to mail.yashy.com (206.248.137.44), 64 hops max, 40 byte packets<br />
1 * * *<br />
2 ae2-200.ffm4-j.mcbone.net (62.104.198.228) 46.601 ms 46.218 ms 47.653 ms<br />
3 t2a4-p8-2.de-fra.eu.bt.net (166.49.147.169) 46.621 ms 45.928 ms 46.692 ms<br />
4 t2c2-ge6-0.de-fra.eu.bt.net (166.49.172.12) 45.956 ms 47.142 ms 46.439 ms<br />
5 t2c2-p3-0.uk-glo.eu.bt.net (166.49.208.102) 68.83 ms 66.141 ms 66.159 ms<br />
6 t2c2-p4-2.uk-eal.eu.bt.net (166.49.208.13) 67.817 ms 66.317 ms 65.847 ms<br />
7 t2c2-p4-0.us-ash.eu.bt.net (166.49.164.62) 142.317 ms 140.801 ms 142.35 ms<br />
8 equinixexchange.peer1.net (206.223.115.30) 139.271 ms 139.238 ms 141.776 ms<br />
9 OC48-POS0-0.wdc-sp2-cor-1.peer1.net (216.187.115.234) 139.534 ms 140.229 ms 141.74 ms<br />
...<br />
<br />
Routers which [[firewall]] traceroute packets (either by protocol or by Time-to-live) appear as a *. In [[FreeBSD]] a STEALTH mode can be turned on which prevents a forwarded packet to be decremented by one causing no [[ICMP]] Time Exceeded message to be sent causing the computer to be omitted in a traceroute.<br />
<br />
mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool. There are also several GUI versions of traceroute available that will include the geographic position of each host.</div>Sysadminhttps://hackepedia.org/?title=Ping&diff=409Ping2005-10-24T19:41:13Z<p>Sysadmin: </p>
<hr />
<div>ping is a tool written by the late Mike Muus to measure latency and round-trip time between two hosts connected by an [[Internet]], often it is also used to simply debug if the other host is up. It works by sending an [[ICMP]] type 8 packet to the remote host which replies with an [[ICMP]] type 0 packet. Sometimes there is [[firewall]]s preventing a ping from receiving a reply.<br />
<br />
This would look like so:<br />
$ ping -c 1 www.yashy.com<br />
PING mail.yashy.com (206.248.137.44): 56 data bytes<br />
--- mail.yashy.com ping statistics ---<br />
1 packets transmitted, 0 packets received, 100.0% packet loss<br />
<br />
One of the original [[DoS]] was a simple ping flood. If you have more bandwidth then your victim, you can do<br />
# ping -f example.com.<br />
and slow your victim to a grinding halt.<br />
<br />
A similar tool to ping would be [[traceroute]].</div>Sysadminhttps://hackepedia.org/?title=Firewall&diff=598Firewall2005-10-24T15:53:31Z<p>Sysadmin: </p>
<hr />
<div>A Firewall is an extension to an Operating System that allows one to create policies for Internet protocols in order to deny content that is deemed illegal or harmful. Firewalls are most common to work on [[OSI]] layers 3 and 4. Commercial firewalls often inspect higher layers than 3 and 4, for example SMTP content ([[RFC]] 2821 and 2822). Firewalls cannot inspect encrypted protocols (see [[cryptography]]) unless they have been given the secret key.<br />
<br />
Our recommended process for installing a firewall is to "block all in" and block all out" by default. Once that has been established, then only allow rules as required.<br />
<br />
For example, if you have blocked all by default, first you will want to try to resolve [[DNS]] I'm sure. So you will need to start a packet sniffer ([[tcpdump]], [[ethereal]], [[snoop]]) and watch the packets trying to leave and come in. In another window, type "host yashy.com" to try and resolve my DNS. As you should see, you need to allow [[port]] 53.. but was that [[TCP]] or [[UDP]]? You not only want to only allow that port, you may as well include the protocol as well. Once you have modified your firewall ruleset so that "host yashy.com" actually resolves and returns an IP address, try to use your browser to get there. As you will see, now you need to create a TCP rule for outbound port 80. Eventually you'll have a very decent firewall.<br />
<br />
<br />
<br />
=== Firewalls for UNIX ===<br />
<br />
; [[pf]] : A stateful firewall written by Daniel Hartmeier for [[OpenBSD]]. Has been ported to all [[BSD]]'s. pf has a nice logging mechanism that one can view with [[tcpdump]]. This firewall can share states between other firewalls meaning communication can continue if the path of communication changes through another firewall. This firewall has built-in [[NAT]].<br />
<br />
; [[ipfw]] : IP Firewall available in [[FreeBSD]] and Apple [[Mac OS X]]. Much work done from Luigi Rizzo. States were introduced with the second version of ipfw. [[NAT]] can be achieved with IPDIVERT [[socket]]s with programs such as [[natd]].<br />
<br />
; [[ipf]] : IP Filter available in a number of UNIX OS's. Written by Darren Reed. Stateful, has built-in [[NAT]].<br />
<br />
; [[netfilter]] / [[iptables]] : The standard firewall software that comes with the [[Linux]] Operating System. Stateful has built-in [[NAT]].<br />
<br />
; Checkpoint : Expensive commercial firewall runs on Solaris. Written in Israel. Could have been the first stateful firewall, patented. Has [[NAT]].<br />
<br />
=== Firewalls for Windows ===<br />
<br />
A common free firewall for Windows that blocks all of your [[ports]] is [http://www.zonealarm.com zone alarm]. Checkpoint Firewall also works on Windows.</div>Sysadminhttps://hackepedia.org/?title=Hacker&diff=1868Hacker2005-10-14T05:03:36Z<p>Sysadmin: </p>
<hr />
<div><br />
Often used in the media to describe a [[cracker]], a hacker is not someone who is malicious but someone studies a subject intensely, usually trying alternative means other then the intended.</div>Sysadminhttps://hackepedia.org/?title=Editors&diff=311Editors2005-10-14T05:01:03Z<p>Sysadmin: </p>
<hr />
<div>Just a note to the editors of this site. <br />
Thanks for all your help on this project. <br />
Let's try to remember we are not trying to copy [http://www.wikipedia.org Wikipedia], we are a trying to provide a resource written from the perspective from a [[hacker]] for the community.<br />
Let's make entries that will show examples and hacks related to the subject in question. Please see [[Ports]] as an example, does a a basic description, with examples. If the user wants a full explanation of Ports, they can get that from Wikipedia.<br />
Thanks again!</div>Sysadminhttps://hackepedia.org/?title=Random&diff=1849Random2005-10-10T17:07:50Z<p>Sysadmin: </p>
<hr />
<div>Randomness in some UNIX operating system can be achieved through cryptographically achieved randomness such as arc4random(3) which uses the interfaces ''/dev/random'', ''/dev/arandom'' and ''/dev/urandom''. This method is assumed to be pretty good, more on this at [[RFC]] 4086. Weak randomness can often lead to a system compromise.<br />
<br />
=== Entropy sources ===<br />
<br />
Sound cards and their white noise are a good means of entropy. Some CPU's provide random number generators which the Operating System may use. Crypto-accelerating cards usually provide a source of entropy.</div>Sysadminhttps://hackepedia.org/?title=Cryptography&diff=187Cryptography2005-10-10T00:46:52Z<p>Sysadmin: /* Cryptography found in UNIX */</p>
<hr />
<div>Cryptography is the method for distorting plain text so that it is unreadable by someone other than the intended recipient. For example, someone that is using a packet sniffer (see [[bpf]]) to listen in on network connection. Only if this third party knows the secret key to the ciphertext will they break the encryption and be able to see the plaintext. We highly recommend anyone using plain text protocols these days to use their free, open source, equivalents.<br />
<br />
=== Cryptography found in UNIX ===<br />
<br />
Early passwords databases were not encrypted and since they were not shadowed this allowed anyone on a system to log in as the system administrator. The programmers rejected this by implementing a [[One way hash]] of [[DES]] to "encrypt" passwords as part of the crypt(3) function. It was impossible to decrypt these passwords since they were a modified version of DES, so in order to know if someone had the right password the plain text would be encrypted and the result compared with the hash of the password database, if they matched a user would be granted access. As computers became faster so did the speed at which DES would be cracked. An amd64 3500+ running [[OpenBSD]] using the systems crypt(3) functions can hash 121,000 passwords in 1 second in 2005. So a slower hash algorithm was needed and one that could take more than 8 characters for the passwords. Many Operating Systems have implemented [[MD5]] hashing which does 1880 crypts per second on the aforementioned OpenBSD system. [[OpenBSD]] went even further and designed an interesting hash of [[blowfish]] that has a variable setting for rounds that [[blowfish]] will encrypt the hash with the string "OrpheanBeholderScryDoubt" 64 times per round. The result is that with 12 rounds a crypt will do 2 passwords in 1 second.<br />
<br />
[[One way hash]]ing wasn't confined to just passwords, with the [[md5]] and [[sha1]] as well as the [[rmd160]] commands one can make a cryptographic hash sum (or fingerprint) of a file or text in the system. For example, if you want to ensure a file or directory has not been altered, you can print the checksum onto read-only media (i.e. paper/burn onto a cd). Whenever you run the checksum program against the same file or directory, you should get the same results unless something has been altered. If this topic interests you, [http://sourceforge.net/projects/tripwire/ tripwire] is popular software you'll want to read more about.<br />
<br />
True private key cryptography was also present with the [[bdes]] and the [[openssl]] commands which could encrypt files with a variety of ciphers. Kiddo encryption was also to be found by means of the [[rot13]] command (found in the games). The rot13 command is popular with Usenet Trolls.<br />
<br />
Cryptography can also be found in the Apache web server, [[fetchmail]], and various SMTP implementations.<br />
<br />
=== Cheap cryptography ===<br />
<br />
Rotational Ciphers based on the alphabet are CHEAP. Often used by Usenet trolls who think that the people they troll don't have a clue what they are talking about.<br />
<br />
$ echo OrpheanBeholderScryDoubt | /usr/games/rot13<br />
BecurnaOrubyqreFpelQbhog<br />
<br />
[[rot13]] is probably good to keep data safe from your 7 year old sister.<br />
<br />
Another lovely and sucky type of cryptography is the XOR method, although XOR used as a [[One time pad]] is probably secure. Here is an example of a typical XOR encryption the [[xortext.c]] program is also available:<br />
<br />
$ cat /etc/passwd | ./xortext blah | hexdump -C | head<br />
00000000 10 03 0e 1c 58 46 5b 58 58 5c 5b 2b 0a 0d 13 04 |....XF[XX\[+....|<br />
00000010 0b 09 41 4e 4e 40 4d 52 4d 1e 0e 07 16 56 4e 0a |..ANN@MRM....VN.|<br />
00000020 0b 02 4e 1b 0a 66 05 09 07 01 0e 06 58 46 5b 59 |..N..f......XF[Y|<br />
00000030 58 5d 5b 3c 0a 09 41 0c 07 1a 08 04 42 04 08 05 |X][<..A.....B...|<br />
00000040 11 09 0d 0e 58 43 13 07 0d 18 5b 47 11 0e 08 06 |....XC....[G....|<br />
00000050 4d 02 0e 04 0d 0b 08 06 68 03 11 0d 10 0d 15 07 |M.......h.......|<br />
00000060 10 56 4b 52 50 56 54 52 31 15 12 1c 07 01 41 4e |.VKRPVTR1.....AN|<br />
00000070 58 43 0e 18 07 1e 00 1c 0d 1e 5b 47 11 0e 08 06 |XC........[G....|<br />
00000080 4d 02 0e 04 0d 0b 08 06 68 0e 08 06 58 46 5b 5b |M.......h...XF[[|<br />
00000090 58 5b 5b 2a 0b 02 00 1a 0b 09 12 48 21 03 0c 05 |X[[*.......H!...|<br />
<br />
Surprisingly some [http://microsoft.com/ companies] employ XOR cryptography in their products. Very sad.</div>Sysadminhttps://hackepedia.org/?title=Cryptography&diff=180Cryptography2005-10-10T00:44:53Z<p>Sysadmin: /* Cryptography found in UNIX */</p>
<hr />
<div>Cryptography is the method for distorting plain text so that it is unreadable by someone other than the intended recipient. For example, someone that is using a packet sniffer (see [[bpf]]) to listen in on network connection. Only if this third party knows the secret key to the ciphertext will they break the encryption and be able to see the plaintext. We highly recommend anyone using plain text protocols these days to use their free, open source, equivalents.<br />
<br />
=== Cryptography found in UNIX ===<br />
<br />
Early passwords databases were not encrypted and since they were not shadowed this allowed anyone on a system to log in as the system administrator. The programmers rejected this by implementing a [[One way hash]] of [[DES]] to "encrypt" passwords as part of the crypt(3) function. It was impossible to decrypt these passwords since they were a modified version of DES, so in order to know if someone had the right password the plain text would be encrypted and the result compared with the hash of the password database, if they matched a user would be granted access. As computers became faster so did the speed at which DES would be cracked. An amd64 3500+ running [[OpenBSD]] using the systems crypt(3) functions can hash 121,000 passwords in 1 second in 2005. So a slower hash algorithm was needed and one that could take more than 8 characters for the passwords. Many Operating Systems have implemented [[MD5]] hashing which does 1880 crypts per second on the aforementioned OpenBSD system. [[OpenBSD]] went even further and designed an interesting hash of [[blowfish]] that has a variable setting for rounds that [[blowfish]] will encrypt the hash with the string "OrpheanBeholderScryDoubt" 64 times per round. The result is that with 12 rounds a crypt will do 2 passwords in 1 second.<br />
<br />
[[One way hash]]ing wasn't confined to just passwords, with the [[md5]] and [[sha1]] as well as the [[rmd160]] commands one can make a cryptographic hash sum (or fingerprint) of a file or text in the system. For example, if you want to ensure a file or directory has not been altered, you can print the checksum onto read-only media (i.e. paper/burn onto a cd). Whenever you run the checksum program against the same file or directory, you should get the same results unless something has been altered. <br />
<br />
True private key cryptography was also present with the [[bdes]] and the [[openssl]] commands which could encrypt files with a variety of ciphers. Kiddo encryption was also to be found by means of the [[rot13]] command (found in the games). The rot13 command is popular with Usenet Trolls.<br />
<br />
Cryptography can also be found in the Apache web server, [[fetchmail]], and various SMTP implementations.<br />
<br />
=== Cheap cryptography ===<br />
<br />
Rotational Ciphers based on the alphabet are CHEAP. Often used by Usenet trolls who think that the people they troll don't have a clue what they are talking about.<br />
<br />
$ echo OrpheanBeholderScryDoubt | /usr/games/rot13<br />
BecurnaOrubyqreFpelQbhog<br />
<br />
[[rot13]] is probably good to keep data safe from your 7 year old sister.<br />
<br />
Another lovely and sucky type of cryptography is the XOR method, although XOR used as a [[One time pad]] is probably secure. Here is an example of a typical XOR encryption the [[xortext.c]] program is also available:<br />
<br />
$ cat /etc/passwd | ./xortext blah | hexdump -C | head<br />
00000000 10 03 0e 1c 58 46 5b 58 58 5c 5b 2b 0a 0d 13 04 |....XF[XX\[+....|<br />
00000010 0b 09 41 4e 4e 40 4d 52 4d 1e 0e 07 16 56 4e 0a |..ANN@MRM....VN.|<br />
00000020 0b 02 4e 1b 0a 66 05 09 07 01 0e 06 58 46 5b 59 |..N..f......XF[Y|<br />
00000030 58 5d 5b 3c 0a 09 41 0c 07 1a 08 04 42 04 08 05 |X][<..A.....B...|<br />
00000040 11 09 0d 0e 58 43 13 07 0d 18 5b 47 11 0e 08 06 |....XC....[G....|<br />
00000050 4d 02 0e 04 0d 0b 08 06 68 03 11 0d 10 0d 15 07 |M.......h.......|<br />
00000060 10 56 4b 52 50 56 54 52 31 15 12 1c 07 01 41 4e |.VKRPVTR1.....AN|<br />
00000070 58 43 0e 18 07 1e 00 1c 0d 1e 5b 47 11 0e 08 06 |XC........[G....|<br />
00000080 4d 02 0e 04 0d 0b 08 06 68 0e 08 06 58 46 5b 5b |M.......h...XF[[|<br />
00000090 58 5b 5b 2a 0b 02 00 1a 0b 09 12 48 21 03 0c 05 |X[[*.......H!...|<br />
<br />
Surprisingly some [http://microsoft.com/ companies] employ XOR cryptography in their products. Very sad.</div>Sysadminhttps://hackepedia.org/?title=Registration:User&diff=759Registration:User2005-10-09T16:14:48Z<p>Sysadmin: /* Being asked to Register */</p>
<hr />
<div>== Being asked to Register ==<br />
<br />
So you've been asked to register somewhere. There are very few places you would really need to register your personal information, yet so many require it. Many attempts to bypass these unnecessary processes are made. We will assume in this example that the registration is on a web page, and it's asking for your personal information (Name, Address, etc). <br />
<br />
#If you look at the URL in your browser, on the registration site, does it start with http://? If so, you should contact them and send them to [[Registration:Host]] and definitely do NOT register until they change their process.<br />
#Do not be afraid to ask questions before filling out a form. How will your personal information be securely stored on their servers? What access control do they have around your personal information? Can anyone access your personal information, with no audit trail? This is the case in +90% of the environments this author has worked in.<br />
#Read through their privacy policy and see if it appears suitable to you. Very few people do this, but it's amazing what you can find. Often companies will have phrases like "We may give your personal information to third party affiliates" which means they can sell your personal information to make a profit.<br />
<br />
== External Reading ==<br />
<br />
[http://www.privcom.gc.ca/legislation/02_06_01_01_e.asp Canadian Privacy Act] If you're a Canadian citizen, it is required that any business that asks you for your personal information publish a privacy policy that outlines what you they do with the personal information of your Canadian users.</div>Sysadminhttps://hackepedia.org/?title=Rot13&diff=181Rot132005-10-09T16:13:56Z<p>Sysadmin: </p>
<hr />
<div>Rot13 rotates all 26 letters of the alphabet by 13 positions rolling over to position 1 after position 26. A sample display of how rot13 "encrypts" is shown below:<br />
<br />
$ echo A B C D E F G H I J K L M N O P Q R S T U V W X Y Z | rot13<br />
N O P Q R S T U V W X Y Z A B C D E F G H I J K L M<br />
<br />
So you see A becomes N and N becomes A. This encryption can be found in many places online, such as Usenet and geocaching.com.</div>Sysadminhttps://hackepedia.org/?title=IRC:6&diff=722IRC:62005-10-09T16:10:54Z<p>Sysadmin: </p>
<hr />
<div><br />
You just asked a question that is more suitable for a search engine. Try [[IRC:1]].</div>Sysadminhttps://hackepedia.org/?title=Cryptography&diff=177Cryptography2005-10-09T16:04:23Z<p>Sysadmin: not all sshd's are free, and plain text protocols is a lot larger then ssh.</p>
<hr />
<div>Cryptography is the method for distorting plain text so that it is unreadable by someone other than the intended recipient. For example, someone that is using a packet sniffer (see [[bpf]]) to listen in on network connection. Only if this third party knows the secret key to the ciphertext will they break the encryption and be able to see the plaintext. We highly recommend anyone using plain text protocols these days to use their free, open source, equivalents.<br />
<br />
=== Cryptography found in UNIX ===<br />
<br />
Early passwords databases were not encrypted and since they were not shadowed this allowed anyone on a system to log in as the system administrator. The programmers rejected this by implementing a [[One way hash]] of [[DES]] to "encrypt" passwords as part of the crypt(3) function. It was impossible to decrypt these passwords since they were a modified version of DES, so in order to know if someone had the right password the plain text would be encrypted and the result compared with the hash of the password database, if they matched a user would be granted access. As computers became faster so did the speed at which DES would be cracked. An amd64 3500+ running [[OpenBSD]] using the systems crypt(3) functions can hash 121,000 passwords in 1 second in 2005. So a slower hash algorithm was needed and one that could take more than 8 characters for the passwords. Many Operating Systems have implemented [[MD5]] hashing which does 1880 crypts per second on the aforementioned OpenBSD system. [[OpenBSD]] went even further and designed an interesting hash of [[blowfish]] that has a variable setting for rounds that [[blowfish]] will encrypt the hash with the string "OrpheanBeholderScryDoubt" 64 times per round. The result is that with 12 rounds a crypt will do 2 passwords in 1 second.<br />
<br />
[[One way hash]]ing wasn't confined to just passwords, with the [[md5]] and [[sha1]] as well as the [[rmd160]] commands one can make a cryptographic hash sum (or fingerprint) of a file or text in the system.<br />
<br />
True private key cryptography was also present with the [[bdes]] and the [[openssl]] commands which could encrypt files with a variety of ciphers. Kiddo encryption was also to be found by means of the [[rot13]] command (found in the games). The rot13 command is popular with Usenet Trolls.<br />
<br />
Cryptography can also be found in the Apache web server, [[fetchmail]], and various SMTP implementations.<br />
<br />
<br />
=== Cheap cryptography ===<br />
<br />
Rotational Ciphers based on the alphabet are CHEAP. Often used by Usenet trolls who think that the people they troll don't have a clue what they are talking about.<br />
<br />
$ echo OrpheanBeholderScryDoubt | /usr/games/rot13<br />
BecurnaOrubyqreFpelQbhog<br />
<br />
[[rot13]] is probably good to keep data safe from your 7 year old sister.<br />
<br />
Another lovely and sucky type of cryptography is the XOR method, although XOR used as a [[One time pad]] is probably secure. Here is an example of a typical XOR encryption the [[xortext.c]] program is also available:<br />
<br />
$ cat /etc/passwd | ./xortext blah | hexdump -C | head<br />
00000000 10 03 0e 1c 58 46 5b 58 58 5c 5b 2b 0a 0d 13 04 |....XF[XX\[+....|<br />
00000010 0b 09 41 4e 4e 40 4d 52 4d 1e 0e 07 16 56 4e 0a |..ANN@MRM....VN.|<br />
00000020 0b 02 4e 1b 0a 66 05 09 07 01 0e 06 58 46 5b 59 |..N..f......XF[Y|<br />
00000030 58 5d 5b 3c 0a 09 41 0c 07 1a 08 04 42 04 08 05 |X][<..A.....B...|<br />
00000040 11 09 0d 0e 58 43 13 07 0d 18 5b 47 11 0e 08 06 |....XC....[G....|<br />
00000050 4d 02 0e 04 0d 0b 08 06 68 03 11 0d 10 0d 15 07 |M.......h.......|<br />
00000060 10 56 4b 52 50 56 54 52 31 15 12 1c 07 01 41 4e |.VKRPVTR1.....AN|<br />
00000070 58 43 0e 18 07 1e 00 1c 0d 1e 5b 47 11 0e 08 06 |XC........[G....|<br />
00000080 4d 02 0e 04 0d 0b 08 06 68 0e 08 06 58 46 5b 5b |M.......h...XF[[|<br />
00000090 58 5b 5b 2a 0b 02 00 1a 0b 09 12 48 21 03 0c 05 |X[[*.......H!...|<br />
<br />
Surprisingly some companies employ XOR cryptography in their products. Very sad.</div>Sysadminhttps://hackepedia.org/?title=Registration:Host&diff=569Registration:Host2005-10-06T21:27:20Z<p>Sysadmin: /* Hosting a personal information registration process */</p>
<hr />
<div><br />
== Hosting a personal information registration process ==<br />
<br />
You've probably been sent this link because you're either the host of a registration process, or you have a desire to create one. Here are some easy steps in deciding if you should be hosting registration.<br />
<br />
#What would happen if your users don't register? Do they have any reason to believe you need their personal information other then to sell it for your own personal needs? <br />
#Are you providing a secure mechanism for them to register? This is most often no. Creating a form on an http webpage is one of the worst offenders. These sites are just screaming they have no idea about information security in the least. If you host a web based registration site, ensure it offers [[SSL]], in the least.<br />
#What happens when the user submits their registration? A challenge to the reader is to publicly provide your privacy policy regarding how you store their personal data, and what access control you have around their data. <br />
#How long will that data be stored? Does the user have an easy process to remove their personal data from your server(s)?<br />
<br />
<br />
<br />
<br />
<br />
<br />
----<br />
<br />
== External Reading ==<br />
<br />
[http://www.privcom.gc.ca/legislation/02_06_01_01_e.asp Canadian Privacy Act] Make sure you read this site if you will have any Canadian users. It is required that you publish a privacy policy that outlines what you will do with the personal information of your Canadian users.</div>Sysadminhttps://hackepedia.org/?title=Pipe&diff=90Pipe2005-10-06T20:43:52Z<p>Sysadmin: </p>
<hr />
<div>If you need to send the output of one program to another program this is done by way of piping. For example you are listing the directory of your current working directory and want to see it in chunks called pages, you'll pipe the output of [[ls]] to [[more]] like so:<br />
$ ls | more<br />
when you create along chain of piped commands this is called a pipeline and can look like this (do not run this unless you need to kill your webserver via brute force method):<br />
$ ps ax | grep httpd | awk '{print $1}' | xargs kill</div>Sysadmin