How to Read a Packet Capture .cap File from Command Line | There are a couple of ways to read a packet capture .cap file from the command line. I’ll show you how! tcpdump The tack r filename option for tcpdump will display a capture file onto the screen. Pipe it to less to get something to scroll. $ tcpdump -r mycapturefile.cap | less $ tcpdump -r
cURL Ignore SSL Certificate Warnings | To ignore any ssl certificate warnings with curl, use the tack k option. Here is an example: $ curl -k https://scottlinux.com $ curl -I -k https://scottlinux.com HTTP/1.1 200 OK Date: Tue, 14 Feb 2012 20:00:03 GMT Server: Apache Strict-Transport-Security: max-age=43200; includeSubDomains X-Frame-Options: SAMEORIGIN Set-Cookie: bb2_screener_=1329249603+22.214.171.124; path=/ X-Pingback: http://scottlinux.com/xmlrpc.php Set-Cookie: PHPSESSID=lq5dpvfagbdstib7nlg2b8a0m7; path=/ X-Hello: Hello There Vary:
This account is currently not available | This account is currently not available If you get this message attempting to ssh in or su’ing as another user, there is no valid shell set for this user. You can quickly inspect this by looking at the /etc/passwd file. Check for an entry that has something like ‘/bin/false’ or ‘/bin/nologin’ for the shell: userdude:x:111:113::/home/userdude:/bin/false
Remote Access Without Opening Ports | Q. How can I access my computer or family’s computer remotely without having to open up ports in the firewall? A. Using a [free] third party app is the solution Here are a few free* solutions to connect remotely and keep your home ip ‘stealth’. (*Free for non-commercial use.) These work with Mac OS X,
Troubleshoot ssh Authentication Failure | ssh has a built in debug mode from the client side to provide information in troubleshooting a connection. This will provide information such as mismatch in client/server configuration options, key conflicts, permission problems, and various other useful tidbits. To connect in debug mode, simply add -vvv to the end. You can use up to three
TCP/OS Fingerprinting Tools – p0f and nmap | The particular way an operating system or device sends and receives TCP packets provides a unique fingerprint. TCP header information such as the window size, TTL, overall SYN packet size, MSS, MTU and so forth can help identify the OS. This is known as OS fingerprinting. The best known passive TCP fingerprint tool is p0f,
OS X Version from Command Line | There are a few ways to find the OS X version from the command line. I’ll show you how! $ system_profiler SPSoftwareDataType Output looks like this: $ system_profiler SPSoftwareDataType Software: System Software Overview: System Version: Mac OS X 10.7.2 (11C74) Kernel Version: Darwin 11.2.0 Boot Volume: Macintosh HD Boot Mode: Normal Computer Name: mintbookpro User
OS X Monitor Virtual Memory Usage from Command Line | OS X has a simple command line tool to monitor virtual memory usage: vm_stat. I’ll show you how it works! Crack open a terminal and run vm_stat. You will see an output somewhat like below: $ vm_stat Mach Virtual Memory Statistics: (page size of 4096 bytes) Pages free: 54492. Pages active: 541989. Pages inactive: 155818.
OS X Lion Show Hidden Library Folder | To enable viewing the Library folder which is hidden in OS X Lion, crack open a terminal (Utilities > Terminal) and use this terminal command: chflags nohidden ~/Library Cool!