Showing headlines posted by jayrfink

For a long time engineers, programmmers and sysadmins alike have been beholden to hardware design flaws. Constantly dealing with work arounds from unpexpected bugs to changes that make little sense. Many Open Source leaders have a voice, they can change things if they come together now.

Art is everywhere, and while I don't consider myself an artist, I do consider code to be artistic even to look at. Some code is structured and clean while other code flows freely like thought (sometimes good .... sometimes not so good). So as usual I took a bunch of pretty screenshots of various code using different color schemes and varying backgrounds. Call it a whim project as I have far too much time lately doing productive things.

Network strings, a small compact network scanner, sniffer and monitor has a new release with UDP scan support.

Using GOTO in your code is awesome and you should do it more

There. I said it. It needs to be said. Given the plethora of "GOTO is evil. Never use it" that goes around from your professors teaching you to code through to colleagues and coding guidelines, someone has to take the side of the poor maligned GOTO

Ever gone back through your own old scripts and programs, taken a look at something and wondered aloud what it was you were trying to do at the time? Happens to most system administrators probably once a while, developers probably a bit more frequently. Recently I had the displeasure of doing this myself and while lots of it was comical most of it was just tragic. It can't all be serious all the time so here is a look at some of the strangeness I cam across.

A few years ago Rodney Mullen[1] gave a TEDx talk about the similarities between skateboarding and (Open Source) Innovation [2]. At the time, a handful of technical people left some messages about the talks that went something along the lines of this: "We really need to get people like this out of these talks." Those comments are gone now. It really bothered me that anyone would say that not because I am a skater (not a very good one) but as a hacker (the good kind and again not a very good one) and believer in Open Source - inclusion is important to me. So in the spirit of what Rodney had to say I am going to add my own thoughts on similarities between skateboarding and hackery[3].

Network strings for Linux, an ipv4/ipv6 portscanner, ipv4 passive scanner and packet dumper has a new release. Some of the improvements are: faster (way faster), new isup option, and passive scan actually works (although it is still fuzzy).

Ever wanted/needed to setup an OpenLDAP Server that can passthrough the password portion of authentication to a Windows DC LDAP Server? Well recently I happened to set something up to do just that so we could accomplish a single sign on solution for our Linux/BSD/Unix systems and AD systems. What was most interesting is the group I work in only supports and maintains Linux/BSD/Unix systems. We actually did not need to directly access a single DC we only needed a service account.

Part one of this series introduced the concept of using a web status page for nagios checks and how to setup a mysql and php status page. In part two the nagios check itself is detailed along with "what other interesting things could one do." For simplification I will follow what seems to be "the systhread standard" and first break the script down into pieces and at the end put it all together.

Nagios can check anything anyone is willing to write it to check. In other words if there is a way to reap results then Nagios can act on those results whether they be a set of strings, numbers or some combination therein.

Many programs come with modules that can registered and loaded. Some are on demand, others compiled in while still others are precompiled and can be loaded on demand (several Operating System kernels come to mind that have such a capability). In this text, an example of a program that allows a module to be written and compiled onto a program with relative ease. The example program is the dnet test program which ships with libdnet written by Dug Song.

In Eric Raymond's "The Art of Unix Programming", within the section called "The Basics of Unix Philosophy" there is a rule quoted by Rob Pike: "Rule 5. Data dominates. If you've chosen the right data structures and organized things well, the algorithms will almost always be self-evident. Data structures, not algorithms, are central to programming" At face value Rob's rule number 5 makes sense. But what is Rob actually saying? In complex software systems it might be difficult to track down and identify how the rule of evolving functions to deal with data worked. So why not use a small microscopic example instead. Taking a small program, a passive network scanner, from data structures to operations on the data structures illustrates Rob's rule number 5 perfectly. This is an interesting experience from my perspective as most of the programs and scripts I have written deal with transitionary data. What I mean by transitionary is simply find it, operate on it and/or print it then move on. Not an unusual trait in system administration centric programs. While working on a passive scanner that could also verify a port I witnessed rule number 5 occur right before by fingertips.

Snort Intrusion Detection Software (IDS) is a great out of the box easy to use system to monitor a network for possible threats. While there are many ways to receive alerts, one very simple approach is to periodically parse the alert log and simply mail alerts to whom it may concern. In this text a simple example of parsing a snort alert log using Perl. Note this alerter could probably be used for other loggers and there exist other tools available like Splunk which might be more suited for larger installations. The thesis of this text is to show how a relatively useful utility can be quickly hacked together to provide an elegant solution.

Netrecon 1.78 has been released. New in this version is experimental passive scanning, arpsniff and now a integrated front end to all of netrecons programs. A lot of the syntax has been changed up. This should be the last of the major changes as 1.80 (the hopefully gold) release is approached. I also dropped the second n on the name. Lets see how long it takes before the lawyers call....

Sometimes a system administrator needs to get around a few rules that are in place for good (or not) reasons. One example is when networks have ICMP turned off (or even just a portion of it). With ICMP off it can be difficult to configure tools like Nagios for simple up and down checks. In this text getting around the no ICMP problem and a script to handle it for Nagios.

A lot of changes with this release of the one and only graphics program I maintain. No remarkable user changes though so if your installation still uses the epeg library then there is no need to upgrade. That said, if you are tracking enlightenment then the current version will not deal with jpeg image formats at all and may be using legacy libraries (if it actually works).

A new version of netreconn is available. The two wrapper scripts have been deleted. nstrobe is now scanlan. All of the sniffers/readers have been collapsed into a tool called wiretraf. Both utilities are still under or at 20K in size but rather powerful.

In part one of this series the basic trusses needed by the Nagios check_systemhealth script were put together. In part two the actual checks themselves were coded. In this the third and final part of the series compulsory checks are added, the main loop is constructed and the finall full source listing produced. It is worth noting that this is only one of many methods to achieve the same goal. There exists at Nagios exchange plugins and scripts that can do similar actions such as aggregate groups of checks, services and so on. The code presented in this series is just a touch upon a single idea designed to make the reader think about their monitoring deployment.

System Administrators who remember the day when they did not have a graphics display rarely think about wanting to time travel for the pure joy of using a terminal. It is possible, however, to virtually do so by using either all or mostly text only utilities and perhaps a retro looking X windows desktop. In this text a look at a small experiment to see how well that went in one particular instance.

Fixing a Problem with Nmap Ever had an ipv4 network address that is supposed to migrate over via a high availability mechanism simply not work or even stranger if there were several addresses some do and some do not? An experienced network administrator probably has seen mysterious non-migrating addresses, however, within this context is presented a rather interesting "solution" to when it has been observed.