krypted.com

Tiny Deathstars of Foulness

Prepare for your network administrators to cringe… I’ve spoken on these commands but never really put them together in this way, exactly. So I wanted to find a coworker on a network. So one way to find people is to use a ping sweep. Here I’m going to royally piss off my switch admins and ping sweep the subnet: ping 255.255.255.255 Next, I’m going to run arp to translate: arp -a Finally, if a machine is ipv6, it wouldn’t show up. So I’m going to run: ndp -a Now, I find the hostname, then look at the MAC address, copy that to my clipboard, find for that to get the IP and then I can flood that host with all the things. Or you could use nmap… :-/

January 7th, 2017

Posted In: Mac OS X, Network Infrastructure

Tags: , , , , , ,

After writing up the presentation for MacSysAdmin in Sweden, I decided to go ahead and throw these into a quick cheat sheet for anyone who’d like to have them all in one place. Good luck out there, and stay salty. Get an ip address for en0: ipconfig getifaddr en0 Same thing, but setting and echoing a variable: ip=`ipconfig getifaddr en0` ; echo $ip View the subnet mask of en0: ipconfig getoption en0 subnet_mask View the dns server for en0: ipconfig getoption en0 domain_name_server Get information about how en0 got its dhcp on: ipconfig getpacket en1 View some network info: ifconfig en0 Set en0 to have an ip address of 10.10.10.10 and a subnet mask of 255.255.255.0: ifconfig en0 inet 10.10.10.10 netmask 255.255.255.0 Show a list of locations on the computer: networksetup -listlocations Obtain the active location the system is using: networksetup -getcurrentlocation Create a network location called Work and populate it with information from the active network connection: networksetup -createlocation Work populate Delete a network location called Work: networksetup -deletelocation Work Switch the active location to a location called Work: networksetup -switchlocation Work Switch the active location to a location called Work, but also show the GUID of that location so we can make scripties with it laters: scselect Work List all of the network interfaces on the system: networksetup -listallnetworkservices Rename the network service called Ethernet to the word Wired: networksetup -renamenetworkservice Ethernet Wired Disable a network interface: networksetup -setnetworkserviceenabled off Change the order of your network services: networksetup -ordernetworkservices “Wi-Fi” “USB Ethernet” Set the interface called Wi-Fi to obtain it if it isn’t already networksetup -setdhcp Wi-Fi Renew dhcp leases: ipconfig set en1 BOOTP && ipconfig set en1 DHCP ifconfig en1 down && ifconfig en1 up Renew a dhcp lease in a script: echo "add State:/Network/Interface/en0/RefreshConfiguration temporary" | sudo scutil Configure a manual static ip address: networksetup -setmanual Wi-Fi 10.0.0.2 255.255.255.0 10.0.0.1 Configure the dns servers for a given network interface: networksetup -setdnsservers Wi-Fi 10.0.0.2 10.0.0.3 Obtain the dns servers used on the Wi-Fi interface: networksetup -getdnsservers Wi-Fi Stop the application layer firewall: launchctl unload /System/Library/LaunchAgents/com.apple.alf.useragent.plist
launchctl unload /System/Library/LaunchDaemons/com.apple.alf.agent.plist Start the application layer firewall: launchctl load /System/Library/LaunchDaemons/com.apple.alf.agent.plist
launchctl load /System/Library/LaunchAgents/com.apple.alf.useragent.plist Allow an app to communicate outside the system through the application layer firewall: socketfilterfw -t
“/Applications/FileMaker Pro/FileMaker Pro.app/Contents/MacOS/FileMaker Pro” See the routing table of a Mac: netstat -nr Add a route so that traffic for 10.0.0.0/32 communicates over the 10.0.9.2 network interface: route -n add 10.0.0.0/32 10.0.9.2 Log bonjour traffic at the packet level: sudo killall -USR2 mDNSResponder Stop Bonjour: launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
 Start Bojour: launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist Put a delay in your pings: ping -i 5 192.168.210.1 Ping the hostname 5 times and then stop the ping: ping -c 5 google.com Flood ping the host: ping -f localhost Set the packet size during your ping: ping -s 100 google.com Customize the source IP during your ping: ping -S 10.10.10.11 google.com View disk performance: iostat -d disk0 Get information about the airport connection on your system: /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -I Scan the available Wireless networks: /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -s Trace the path packets go through: traceroute google.com Trace the routes without looking up names: traceroute -n google.com Trace a route in debug mode: traceroute -d google.com View information on all sockets: netstat -at View network information for ipv6: netstat -lt View per protocol network statistics: netstat -s View the statistics for a specific network protocol: netstat -p igmp Show statistics for network interfaces: netstat -i View network information as it happens (requires ntop to be installed): ntop Scan port 80 of www.google.com /System/Library/CoreServices/Applications/Network\ Utility.app/Contents/Resources/stroke www.google.com 80 80 Port scan krypted.com stealthily: nmap -sS -O krypted.com/24 Establish a network connection with www.apple.com: nc -v www.apple.com 80 Establish a network connection with gateway.push.apple.com over port 2195 /usr/bin/nc -v -w 15 gateway.push.apple.com 2195 Establish a network connection with feedback.push.apple.com only allowing ipv4 /usr/bin/nc -v -4 feedback.push.apple.com 2196 Setup a network listener on port 2196 for testing: /usr/bin/nc -l 2196 Capture some packets: tcpdump -nS Capture all the packets: tcpdump -nnvvXS Capture the packets for a given port: tcpdump -nnvvXs 548 Capture all the packets for a given port going to a given destination of 10.0.0.48: tcpdump -nnvvXs 548 dst 10.0.0.48 Capture the packets as above but dump to a pcap file: tcpdump -nnvvXs 548 dst 10.0.0.48 -w /tmp/myfile.pcap Read tcpdump (cap) files and try to make them human readable: tcpdump -qns 0 -A -r /var/tmp/capture.pcap What binaries have what ports and in what states are those ports: lsof -n -i4TCP Make an alias for looking at what has a listener open, called ports: alias ports='lsof -n -i4TCP | grep LISTEN' Report back the name of the system: hostname Flush the dns cache: dscacheutil -flushcache Clear your arp cache: arp -ad View how the Server app interprets your network settings: serveradmin settings network Whitelist the ip address 10.10.10.2: /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -w 10.10.10.2 Finally, the script network_info.sh shows information about a Macs network configuration. Both active and inactive network interfaces are listed, in the order that they are used by the OS and with a lot of details (MAC-address, interface name, router, subnet mask etc.).

September 25th, 2014

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Network Infrastructure

Tags: , , , , , , , , , , , , , , ,

You’re installing software on some host. The installation goes well and then you go to access the information you need or connect to the service from another host. Wait, what’s that? Port is already in use? Crap. We’ve all been there. The quick and dirty answer: netstat. Let’s say you’re trying to use port 8080: netstat -tuln | grep 8080 Let’s say the response is httpd. OK, let’s see where that’s located using whereis: whereis httpd And what kind of file is httpd: file /usr/sbin/httpd Which responds with: /usr/sbin/httpd: Mach-O 64-bit executable x86_64 I guess we knew that since it had a port open, but what type of executable is this httpd you speak of, pray tell? whatis httpd httpd(8) – Apache Hypertext Transfer Protocol Server Apache2::Resource(3pm) – Limit resources used by httpd children CGI::Carp(3pm) – CGI routines for writing to the HTTPD httpd(8) – Apache Hypertext Transfer Protocol Server Oooohhhhh, I see now…

January 16th, 2014

Posted In: Mac OS X, Mac OS X Server, Mac Security, Network Infrastructure, Network Printing, Ubuntu, Unix, VMware

Tags: , , , , , , , , , ,

There are a number of ways to troubleshoot network connections on (or using) an iOS device. These can be common troubleshooting steps that you might run from the command line or a third party app on a desktop computer or they could be specific to testing the network environment for an iOS device. Some of these apps are even free. Ping Lite One of the most common tasks that most administrators routinely do to test both DNS resolution and connectivity is pinging something. Ping Lite comes with a function to show your IP, a ping tool, a tool to ping the subnet, the ability to run trace routes and for good measure a little telnet love as well. Not bad for the fat price of nothing. Developed by MochaSoft, Ping Lite is a must for anyone who does any kind of network troubleshooting, unless you’re paying good money for a more robust tool! NSLookup Ping Lite is a great tool for isolating whether you’re having connectivity problems to an IP address. However, if Exchange’s auto discover isn’t working or some other Bonjour Browser One of my favorite tools for finding things on the network, Bonjour is a multicast tool and what many of the features meant to be used in a home where zero configuration networking is important Speed Test I think that one of the more common tasks in troubleshooting network connections is to determine whether Internet speed is satisfactory. Satisfactory is a relative term. Both relative to the expected performance and relative to the perception of users. For example, the bandwidth that a user is getting on a device may exceed the expected performance based on the speed provided by the DSL, cable modem or other WAN connection provided. However, that speed may be less than what the user’s would like (one can never have enough bandwidth!). ezShare ezShare is a nice little tool that lets administrators log into shares of various types. The cool thing about this little tool is that you can connect via SSH, FTP, WebDAV, S3, Google Docs, Box.net, SMB/CIFS, or NFS. This allows you to test WebDAV from a different tool if you’re having a problem opening WebDAV connections from within Pages, test the speed of downloading a document from a FTP site, check Google Docs or Box.net connectivity and even see if that file server is available when users call in with problems connecting to SMB/CIFS shares on Windows servers. Bonus App: AirPort Utility If you have an Apple AirPort acting as a WAP or the gateway to your office/home then this little app is awesome. Apple has eased the setup process for their Wireless Access Points to the point that you can set the entire thing up, change settings and even troubleshoot the odd connectivity issue without ever touching a desktop computer. AirPort Utility is also a great way to test whether you can connect to shares hosted by devices and update passwords on the fly.

February 13th, 2012

Posted In: iPhone

Tags: , , , , , , , , , , , , , , ,