Shell script with ifconfig commands

This is one of the most inefficient ways to get many IP addresses applied to one network interface. Anyways it allows to create as many aliases for the interface as you like so you should create shell script and execute it every time Linux boots.

touch /path/to/script.sh
chmod +x /path/to/script.sh
vi /path/to/script.sh

Now you should add there shell lines which will apply IP addresses, e.g. the following one applies 60 IP addresses to eth0 interface:

for n in {3..63};  do ifconfig eth0:${n} 10.10.10.${n} netmask 255.255.255.0 up; done

If you type ‘ifconfig’ now you will very long output like this one:

eth0:3  Link encap:Ethernet  HWaddr 00:50:8D:D1:24:DB
          inet addr:10.10.10.3  Bcast:10.10.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x2000 

eth0:4  Link encap:Ethernet  HWaddr 00:50:8D:D1:24:DB
          inet addr:10.10.10.4  Bcast:10.10.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x2000

...

eth0:63  Link encap:Ethernet  HWaddr 00:50:8D:D1:24:DB
          inet addr:10.10.10.63  Bcast:10.10.10.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:10 Base address:0x2000

If you decide to delete those IPs you can run the following line as a remedy:

for n in {3..63};  do ifconfig eth0:${n} 0.0.0.0 &> /dev/null; done

Once you finished editing /path/to/script.sh script you should add it to startup, so put the line /path/to/script.sh into /etc/rc.local file that Linux executes every time it boots. Please notice that in various distributions this file may be missing so consult with distro’s docs to get where it is stored.

Redhat/Centos/Fedora network scripts

Users of these Linux distributions can apply ranges of IP addresses using ifcfg-eth0-range0 files which are read during initialization of network interfaces during boot up process. The following example will make Linux to apply 200 IP addresses to eth1 during booting:

[root ~]#cat /etc/sysconfig/network-scripts/ifcfg-eth1-range0

IPADDR_START=192.168.1.1
IPADDR_END=192.168.1.200
CLONENUM_START=10

CLONENUM_START value specifies starting identifier of alias that will be applied to eth1 interface, in above example the first 192.168.1.1 will be assigned to eth1:10 alias. The last IP of the range 192.168.1.200 will be applied to eth:210 sub-interface. This is totally easy approach.

Loopback interface

Did you know that by one line presented below you assign 1022 virtual IP addresses to your Linux system? Here it is:

ifconfig lo:0 10.0.0.1/22

Now you can make sure of this by pinging IPs from that range (10.0.0.1 – 10.0.3.254).

[root ~]#ping 10.0.0.1 -c 1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.063 ms

--- 10.0.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.063/0.063/0.063/0.000 ms

...

[root ~]#[root@whitehorse /]# ping 10.0.3.254 -c 1
PING 10.0.0.1 (10.0.3.254) 56(84) bytes of data.
64 bytes from 10.0.3.254: icmp_seq=1 ttl=64 time=0.063 ms

--- 10.0.3.254 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.063/0.063/0.063/0.000 ms

If you still feel that the first suggested way meets your requirements better than the third one please read more about loopback interface at wikipedia — loopbacks are much more useful than aliases in most cases.

Hope it helps!

Below is beginner’s guide that helps to quickly deploy netflow collector and visualizer under Linux and impress everybody by cute and descriptive graphs like these:

It is highly recommended to look through Netflow basics to get brief understanding of how it works before configuring anything. For example, here is Cisco’s document that gives complete information about Netflow. In a few words to get started you should enable netflow exporting on Cisco router and point it to netflow collector running under Linux. Exported data will contain complete information about all packets the router has received/sent so nfdump and nfsen working under Linux will collect it and visualize to present you the graph like above example.

Cisco Router Setup

1. Enable flow export on ALL Cisco router’s interfaces that send and receive some traffic, here is an example:

Router1# configure terminal
Router1(config)#interface FastEthernet 0/0
Router1(config-if)#ip route-cache flow input
Router1(config-if)#interface FastEthernet 0/1
Router1(config-if)#ip route-cache flow input
...

2. Setup netflow export:

Router1# configure terminal
Router1(config)#ip flow-export source FastEthernet0/0
Router1(config)#ip flow-export source FastEthernet0/1
Router1(config)#ip flow-export version 5
Router1(config)#ip flow-export destination 1.1.1.1 23456

Where 1.1.1.1 is IP address of Linux host where you plan to collect and analyze netflow data. 23456 is port number of netflow collector running on Linux.

Linux Setup

1. Download and install nfdump.

cd /usr/src/
wget http://sourceforge.net/projects/nfdump/files/stable/nfdump-1.6.2/nfdump-1.6.2.tar.gz/download
tar -xvzf nfdump-1.6.2.tar.gz
cd nfdump-1.6.2
./configure --prefix=/ --enable-nfprofile
make
make install

2. Download and install nfsen.

It requires web server with php module and RRD so make sure you have the corresponding packages installed. I hope you’re running httpd with php already so below are rrd/perl related packages installation hints only.

Fedora/Centos/Redhat users should type this:

yum install rrdtool rrdtool-devel rrdutils perl-rrdtool

Ubuntu/Debian:

aptitude install rrdtool librrd2-dev librrd-dev librrd4 librrds-perl librrdp-perl

If you run some exotic Linux distribution just install everything that is related to rrd + perl.

At last, nfsen installation:

cd /usr/src/
wget http://sourceforge.net/projects/nfsen/files/stable/nfsen-1.3.5/nfsen-1.3.5.tar.gz/download
tar -xvzf nfsen-1.3.5.tar.gz
cd nfsen-1.3.5
cp etc/nfsen-dist.conf etc/nfsen.conf

In order to continue you should edit file etc/nfsen.conf to specify where to install nfsen, web server’s username, its document root directory etc. That file is commented so there shouldn’t be serious problems with it.

One of the major sections of nfsen.conf is ‘Netflow sources’, it should contain exactly the same port number(s) you’ve configured Cisco with — recall ‘ip flow-export …’ line where we’ve specified port 23456. E.g.

%sources = (
    'Router1'    => { 'port' => '23456', 'col' => '#0000ff', 'type' => 'netflow' },
);

Now it’s time to finish the installation:

./install.pl etc/nfsen.conf

In case of success you’ll see corresponding notification after which you will have to start nfsen daemon to get the ball rolling:

/path/to/nfsen/bin/nfsen start

From this point nfdump started collecting netflow data exported by Cisco router and nfsen is hardly working to visualize it — just open web browser and go to http://linux_web_server/nfsen/nfsen.php to make sure. If you see empty graphs just wait for a while to let nfsen to collect enough data to visualize it.

That’s it!

Today it came to my mind that it is time to make sensitive information stored on my usb flash drive encrypted but still transportable and easy to use. But I don’t want to have whole my 32 GB usb drive fully encrypted using truecrypt or something similar. It is just toooo slow. I also don’t want to use GPG for uncompressing files and directories every time I would like to read them and then create new GPG compressed file every time I save changes. This eats too much of my time and system resources. At the same time it is necessary to be able to use that usb drive under windows, mac, linux whatever (read/write files) but still have my directory structure with sensitive files encrypted. Here is the solution: create encrypted filesystem within a file named, say, 16GB.candy.bin that could be stored on regular windows formatted usb flash drive and then mounted under Linux using the password.

When it becomes necessary I can mount that 16GB.candy.bin as the regular ext3 filesystem with all those stuff like permissions, ownership etc. that is available on ext3 but not in FAT or NTFS. On my windows formatted flash drive candy takes only 16 GB so I can use the rest of space to store not so sensitive information like mp3, movies or photos. Moreover I on windows or linux to read it.

Let’s create that 16GB.candy.bin file with encrypted ext3 filesystem (read below explanations below carefully before just to copy/paste commands into CLI):

[root@artemn root]# cd /path/to/candy/

[root@artemn root]# tune2fs -i 0 -c 0 /dev/loop0

Here are some points: using above commands we create encrypted file of 16 GB so if you need to have more or less just change “count=16000″ in dd line. “count=16000″ means 16GB so “count=20″ means 20MB. Path ‘/path/to/candy/’ is for example only so you should change it to real directory that is able to host encrypted file (16 GB in above example). Command losetup is present in most Linux distributions (btw I recommend Ubuntu especially newly released Lucid Lynx) but if it is not use your disro’s packet manager to install it or compile from sources (for super geeks only, Mr. Stallman if you read this article — Hello). Reader, you can replace “/dev/urandom” in dd line with “/dev/zero” that will make that command to finish faster but will lower security level of resulting file (read about AES for better understanding). You will need to enter the password when running losetup command so make sure it safe and long enough like ‘6U2sAsR37Hn8122dGsaPrew1twt’ but not ‘abc123′ or ‘iloveyou’.

Once commands are done you will get 16GB.candy.bin containing encrypted ext3 filesystem. You can store this file where ever you want, say, on a flash drive. If you loose it nobody won’t be able to open it until he (or she!) cracked AES encryption (use long passwords to prevent this). As the next step it is required to mount filesystem and store some files/directories in it:

[root@artemn root]# mkdir -p /mnt/candy

[root@artemn root]# umount /mnt/candy

When you unmount 16GB.candy.bin the changes are already saved there so it’s not required to compress and encrypt anything unlike with GPG.

P.S. This post is inspired by Loopback tricks article. Thanks to the author. Good luck!

1. All apps are web apps. The entire experience takes place within the browser and there are no conventional desktop applications. This means users do not have to deal with installing, managing and updating programs.

2. Because all apps live within the browser, there are significant benefits to security. Unlike traditional operating systems, Chrome OS doesn’t trust the applications you run. Each app is contained within a security sandbox making it harder for malware and viruses to infect your computer. Furthermore, Chrome OS barely trusts itself. Every time you restart your computer the operating system verifies the integrity of its code.

3. We are obsessed with speed. We are taking out every unnecessary process, optimizing many operations and running everything possible in parallel. This means you can go from turning on the computer to surfing the web in a few seconds.

4. Chromium OS User Interface Concepts (video)



5. Design Documents: Software Architecture, Security Overview

VMware Virtual Machine with Chromium OS can be found here (torrent).

Actually complex UI is not the only decision why GIMP should be vanished from Ubuntu so here is the full list:

• the general user doesn’t use it
• its user-interface is too complex
• it’s an application for professionals
• desktop users just want to edit photos and they can do that in F-Spot
• it’s a photoshop replacement and photoshop isn’t included by default in Windows…
• it takes up room on the disc

(taken from here)

Still sounds like fresh nonsense? What about F-Spot as a replacement? Well, an average user most probably claim that above mentioned reasons are true. Maybe that’s why GIMP already dropped from latest Fedora 12. But what should do people who use GIMP every day and loves Ubuntu???

Just execute ‘sudo aptitude install gimp‘

BackTrack is Live distribution for penetration and security tests. This is how its developers describe it. But there are plenty of tools, utilities, programs behind this brief description. Let’s dig into.

This distribution started from the merge of two ones: WHAX (or Whoppix) and Auditor Security Collection (the swiss army knife for security assessments). The latest stable version (BackTrack 3) contains more than 300 tools (including such monsters as wireshark, nmap, hping and others) which will be appreciated by every security professional. All tools are categorized into:

1. Information gathering
2. Network Mapping
3. Vulnerability Identification
4. Penetration
5. Privilage Escalation
6. Maintaining Access
7. Covering Tracks
8. Radio Network Analysis (Wi-Fi and Bluetooth)
9. VoIP and Telephony Analysis
10. Digital Forensics
11. Reverse Engineering

The full list of tools with descriptions you can find at official BackTrack wiki, screenshots and documentation are here.

Download Now: CD Image, USB Image. More?

P.S. Linus “almost Santa” Torvalds’ announcement is definitely worth reading:

Listen to the cheerful grinding of your harddisk as you reboot into an all-new kernel – and I’m sure that if your computer could smile, it would have a big silly grin on its non-existent face. So as you sit there in your basement, give your computer the holiday cheer too.

2. Top 10 Coolest Open Source Applications in 2008. Well, good reading in New Year Eve.

3. Bootable FSF membership cards: USB flash drive comes with pre-installed gNewSense 2.1.

4. Sabayon Linux 4.0 is realeased (smart Gentoo based distro): 25% boot speed gain, 8500 applications, ext4, KDE 4.1.3, Gnome 2.24.2, OpenOffice.org 3.0, Firefox 3.0 and more…

5. Pidgin 2.5.3 is out. Best GTK based instant messenger is ready for downloading. Changelog.

What is .docx actually? It’s Microsoft’s file format representing word processor documents and named OpenXML (as an attempt to create open and free international standard). Today .docx is default format for Microsoft’s word processor Word.

There are myriads of online converters between OpenXML and OpenOffice formats including .docx, .xlsx, .odt and many etc but sometimes it’s much more better to just open received .docx file in Linux offline (if there is temporarily no Internet connection or for security/private reasons etc).

So, just download the following package to certain directory like /usr/src, here are the commands to do it:

1. cd /usr/src
2. sudo wget http://blog.mypapit.net/imej/odf_filter.tar.bz2

The next step is to unpack the contents of the archive (.tar.bz2 is definitely well compressed file) and copy 3 files to OpenOffice’s system directories:

3. sudo tar -xvjf odf_filter.tar.bz2
4. sudo cp OdfConverter /usr/lib/openoffice/program/
5. sudo cp MOOXTypeDetection.xcu /usr/lib/openoffice/share/registry/modules/org/openoffice/TypeDetection/Types/
6. sudo cp MOOXFilter_cpp.xcu /usr/lib/openoffice/share/registry/modules/org/openoffice/TypeDetection/Filter/

As you can see from picture below now it’s possible to natively open .docx files in openoffice under Linux. Of course such “native” support may imply some artefacts in opened files due to file formats incompatibility so it’s also a good option to ask your friends to convert .docs into .pdf before sending you

P.S. Thanks to guys from mypapit.

P.S. Here are several online converters .doc(x) <-> .odf <-> .pdf:

1. ZAMZAR (possibly the best converter), 2. http://docx-converter.com/.

Well, after quick testings there are no doubts that it is not a good option if you wish to have quick and stable alternative for Firefox… But of course it is good for evaluation purposes or for those people who CAN’T wait for official release of Chrome for Linux Certainly the port is based on Windows copy run by Wine (don’t forget to upgrade it). Actually CodeWeavers says that this is just a proof of concept, for fun, and to showcase what Wine can do.

Thanks to Matt from besttechie.net forum.

Information improvisation: Our self paced 642-631 exam training courses and high quality 117-101 provide you definite guarantee for passing the real 642-637 exam. If you get through 640-461 exams, you will find other 642-647.