scottlinux.com

Use Curl to Fetch ASP.NET Version Banner

scott — Fri, 11 May 2012 13:50:31 +0000

The version of ASP.NET is sent in a banner with http requests and can be viewed with a curl command. I’ll show you how!

X-AspNet-Version: 2.0.50727

To view this with curl, use tack capital I and fetch any url ending in .aspx. A random url ending in .aspx works as well:

$ curl -I 10.112.12.67/asdfsaf.aspx
HTTP/1.1 404 Not Found
Cache-Control: private
Content-Length: 1507
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Fri, 11 May 2012 13:13:50 GMT

Note that ASP.NET 2.x – 3.5 all reflect the same banner. The above example is running ASP.NET 3.5.1.

Thanks Cory!

Debian Administrator’s Handbook

scott — Thu, 10 May 2012 11:18:08 +0000

Two well known Debian developers have written the Debian Administrator’s Handbook.

It is now available in paper back as well as ebook formats. Check it out!

http://debian-handbook.info/2012/the-debian-administrators-handbook-is-available/

Perform DNS Lookups with the host command

scott — Thu, 26 Apr 2012 23:25:35 +0000

The dig command is commonly used to make DNS queries. However, a much overlooked command is the host command. Here are some quick tips for a useful tool to add to your bag of tricks or to impress your friends.

The syntax is:

$ host [domain.com]

When run with no options, a simple quick summary is output:

$ host google.com
google.com has address 72.14.204.113
google.com has address 72.14.204.138
google.com has address 72.14.204.102
google.com has address 72.14.204.100
google.com has address 72.14.204.101
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.

Using tack a is the equivalent of any ANY request:

$ host -a google.com
Trying "google.com"
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57800
;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;google.com.                    IN      ANY

;; ANSWER SECTION:
google.com.             296     IN      MX      10 aspmx.l.google.com.
google.com.             296     IN      MX      50 alt4.aspmx.l.google.com.
google.com.             296     IN      MX      40 alt3.aspmx.l.google.com.
google.com.             296     IN      MX      30 alt2.aspmx.l.google.com.
google.com.             296     IN      MX      20 alt1.aspmx.l.google.com.
google.com.             170005  IN      NS      ns2.google.com.
google.com.             170005  IN      NS      ns1.google.com.
google.com.             170005  IN      NS      ns3.google.com.
google.com.             170005  IN      NS      ns4.google.com.

Received 208 bytes from 208.67.222.222#53 in 59 ms

Tack t followed by the type desired such as CNAME, NS, A, AAAA and so forth is a quick way to check for a specific type. This is a quick way to check for an ipv6 record, as one example:

$ host -t AAAA ipv6.google.com
ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has IPv6 address 2001:4860:800a::69

Cool!

Safari Browser – Not Safe

scott — Thu, 26 Apr 2012 01:59:07 +0000

Current versions of Firefox, Chrome, and IE9 have built-in protection or filtering to prevent social engineering execution of XSS and javascript in the URL bar. (As of this writing, Firefox 12, Chrome 18).

The only major browser that currently does _not_ do so well for these protections is Safari. Safari 5.1.5 on OS X Lion allows javascript in the URL bar to be executed.

This can be tested by putting something like either the following in the URL bar and hitting enter:

javascript:void(alert("hi there"))

javascript:alert(document.cookie)

This is restricted for executing in most browsers, but executes in Safari.

A main security concern around XSS is cookie stealing, so if a user is socially engineered to click a malicious link, or is prone to clicking links in sketchy emails, script could execute that would dump the users authenticated cookie to a malicious attacker’s remote site.

From a security stand point, Safari should not be used to browse unknown sites, click links in emails, and so forth. If OS X is used in your company, I recommend using Firefox or Chrome for your users!

Stay safe,

Connect Midi Keyboard for Playback in Linux

scott — Sun, 22 Apr 2012 20:48:04 +0000

Below is a simple how-to guide to use your USB midi keyboard in Linux to play some basic sounds back. I’ll show you some tips!

1. First, connect and power on your USB midi keyboard.

2. Next, on Debian or Ubuntu, install these packages which will pull in all related depedencies.

sudo apt-get install qjackctl qsynth

3. In a terminal, (or from your menu) run qjackctl. Here click on Setup and make two changes:

- enable Soft Mode
- Set Frames/Period to 512

Click Save at the top right to save a default.

(This will avoid qjackctl from displaying a ton of irrelevant errors and also avoid lag when you play your keyboard.)

Click on Start and leave qjackctl running.

4. Next, open a new terminal window (or from your menu) launch qsynth. Click on Setup, then Soundfonts. Here click on Open to choose the provided FluidR3_GM.sf2 soundfont. Once loaded, qsynth may prompt you to restart the engine. Click yes and leave qsynth open and running.

5. Now go back to qjackctl and click on the Connect button. Here go to the ALSA tab and click your MIDI input from your USB keyboard and drag with the mouse to connect it over the the FLUID Synth – Synth input port.

6. Play some notes on your MIDI keyboard and you should hear sound!

Troubleshooting tips

Verify the computer sees your USB midi keyboard connected by looking at the output of dmesg after plugging it in / turning it on:

$ dmesg
[100181.858667] usb 8-2: USB disconnect, device number 3
[100185.320181] usb 8-2: new full-speed USB device number 4 using uhci_hcd
[100185.524399] usb 8-2: New USB device found, idVendor=0763, idProduct=019c
[100185.524405] usb 8-2: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[100185.524410] usb 8-2: Product: KeyStudio
[100185.524413] usb 8-2: Manufacturer: M-Audio

And lsusb should list your USB keyboard somewhere in the list:

$ lsusb
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 007 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 008 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 009 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 002: ID 19ff:0102 Dynex 1.3MP Webcam
Bus 008 Device 002: ID 086a:0041 Emagic Soft- und Hardware GmbH
Bus 009 Device 002: ID 046d:c313 Logitech, Inc. Internet 350 Keyboard
Bus 009 Device 003: ID 045e:0040 Microsoft Corp. Wheel Mouse Optical
Bus 008 Device 004: ID 0763:019c Midiman KeyStudio

Another note: Fully exit any other apps (video players, browser flash) that use audio while setting up and using your midi keyboard. It is possible to route everything through jack, but for simplicities sake, only run your qsynth app and no other audio-outputting apps.

Cool!

The Importance of Securing a Linux Web Server

scott — Sun, 22 Apr 2012 10:46:32 +0000

Linux web hosting is popular but that also makes Linux a target for malware and other malicious hacking.

Here is a write up pointing out some general best practices for Linux web servers:

The Importance of Securing a Linux Web Server

If you find this topic interesting, you may also be interested in Linux Boot Camp training or Linux+ training!

Check it out!

Hak5 – How ssh Works

scott — Sat, 21 Apr 2012 17:56:18 +0000

This is an awesome episode of Hak5. Check it out!

OS X Firewall Not Stealth

scott — Thu, 19 Apr 2012 16:46:30 +0000

By default, the OS X Lion firewall enabled and stealth actually has a few ports open, despite the System Preferences displaying no services running and no ports open.

A nessus scan will reveal the following UDP ports open and broadcasting information:

5353 / UDP
123 / UDP
127 / UDP

Note: Ignore port 4242 TCP on these screenshots. I am knowingly running Crashplan on this port! :)

This occurs even with the following security configurations made as tight as possible by the end user in the System Preferences:

5353 udp is used for mDNS, or Bonjour. Apple has wrapped this service into DNS for OS X, which makes this difficult to disable. It is possible to disable the broadcasting portion of this service with some hackery as noted in this Apple KB article.

123 udp is used for NTP, but for operation of an NTP client this port does not have to be open in the firewall. Again there are no user configurable options to disable this.

127 udp is used for Windows NetBIOS to broadcast the host’s NetBIOS name for compatibility in Windows networks. This is on by default even with no Sharing ‘services’ enabled in the System Preferences. This should be user configurable in the System Preferences to disable broadasting this service.

If you don’t have nessus handy, you can also verify these particular UDP ports on your OS X machine with nmap:

$ sudo nmap -sU -p 123,127,5353 172.16.1.107

Starting Nmap 5.21 ( http://nmap.org ) at 2012-04-19 11:42 EDT
Nmap scan report for 172.16.1.107
Host is up (0.00063s latency).
PORT     STATE         SERVICE
123/udp  open          ntp
127/udp  open|filtered locus-con
5353/udp open|filtered zeroconf
MAC Address: 00:11:22:33:44:55 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 1.40 seconds

Cool!

Expand Windows 7 VirtualBox Hard Drive

scott — Fri, 13 Apr 2012 00:02:44 +0000

Out of space with your Windows 7 VirtualBox instance?

No need to reinstall the vm. Using the free bootable iso clonezilla, you can clone your Windows 7 VirtualBox guest to a larger hard drive. I’ll show you how!

1. Download a copy of the latest stable clonezilla iso:

http://clonezilla.org/downloads.php

2. Add a second larger virtual hard drive to your Windows 7 VirtualBox guest

Create new disk

3. Boot the Clonezilla iso with both hard drives connected

4. At the Clonezilla boot screen, chose Other modes of Clonezilla live > Clonezilla live to RAM

5. Start Clonezilla

6. device-device

7. Beginner

8. Disk to local disk

9. Select source disk, hit Enter

10. Select target disk, hit Enter

11. Skip checking, hit Enter

12. Warning that target disk will be overwritten, Y

13. Another warning, Y

14. Clone boot loader, Y

15. Are you sure, Y

16. The clone process then begins! When finished shutdown Clonezilla.

17. Back in the VirtualBox settings, remove the smaller original hard disk as well as Clonezilla from the virtual CD drive. Boot with only your new hard drive attached.

18. Windows will need to immediately reboot for device support, reboot.

19. Back in Windows, open Computer Management

20. Right click on the existing smaller NTFS and choose Extend Volume.

21. Hit Next, Next, and Finish.

22. Reboot Windows for good measure. Done!

Privacy Search Engine

scott — Tue, 03 Apr 2012 19:00:33 +0000

Privacy and the internet is a hot topic, especially in regards to search engines. There are, however, a few alternatives available that can be used for more privacy in searching or as an all around replacement for your current home page.

For an alternative to Google or Bing, there are a couple of search engines that have a very clear privacy policy and do not record or track users.

DuckDuckGo

DuckDuckGo is increasing in popularity. There is a very clear privacy policy as well as an illustrated guide here. :)

DuckDuckGo results are higher quality as they filter out much of the garbage and spam on the internet.

Start Page

Start Page (aka ixquick) is an awesome search engine that goes to extreme measures to retain your privacy. Full proxy protection is also available with a click (no need for ctunnel, vtunnel, etc). Start Page is also unique in that the searches are powered by Google, so your results are an actual Google search which submitted on your behalf anonymously.

Related note:

What happened to Scroogle?

Scroogle was a service that submitted results anonymously to Google that went down in smoke in quite a bit of drama.

Cool!

HandBrake could not find VLC or your VLC is incompatible

scott — Tue, 03 Apr 2012 12:46:50 +0000

HandBrake could not find VLC or your VLC is incompatible (Note: 32 bit vlc is not compatible with 64 bit HandBrake and vice-versa).

If you see this message, it is because VLC since version 2.0 no longer provides the libdvdcss that decodes DVDs for HandBrake.

For a fix, install a copy of libdvdcss from videolan.org, available at this link:

http://download.videolan.org/libdvdcss/last/macosx/

-> libdvdcss.pkg

Double click and install the libdvdcss.pkg, then restart HandBrake.

Done!

Linux Tycoon – lunduke.com

scott — Tue, 03 Apr 2012 00:23:52 +0000

Linux Tycoon is a simple game by the Linux Action Show’s Bryan Lunduke. I gave it a spin, and so far the scottlinux distro is having mixed reviews. :) It is a surprising amount of fun even though it is a simple app.