Scapy is a (mostly) cross-platform packet manipulation tool. This allows you to craft and edit packets that you then send to other hosts when you open a socket. This is incredibly useful for, for example, capturing a packet being sent to you, manipulating the payload, and passing the packet on to another host. This is a pretty common, albeit slightly more advanced, method of security testing. Installing Scapy is a pretty straight forward process, if a tad bit time consuming compared to something coming in from a standard package. Before you get started, make sure you have the OS X Developer Tools installed from the Mac App Store. Also, make…
-
-
Configure sFlows on a Brocade 8470
sFlow is an industry standard that allows network equipment with the appropriate agents to send data to sFlow collectors, which then analyze network traffic. You can install sFlow on routers, switches, and even put agents on servers to monitor traffic. Brocade (along with most other switch manufacturers) supports sFlow. Before you do anything log into the switch and check the current flow configuration: show sFlow To configure, log into the switch and use the the int command to access an interface. From within the interface, use the following command: sflow forwarding Then exit the interface using the very difficult to remember exit command: exit Repeat the enablement of forwarding for…
-
Enable Server Side File Tracking in OS X Mountain Lion Server
Mobile Home Directory synchronizing in OS X Server environments is used to synchronize the home folder of clients with a copy that lives on the server, so users can roam between computers with their desktop, documents and preferences following them from machine to machine. Server Side File Tracking creates and keeps a copy of the sync database on client machines and servers, comparing the two databases when synchronizing rather than scanning directories for all the synced files each time a synchronization occurs. In environments with synchronizing Mobile Home Directories, Server Side File Tracking (SSFT) can help reduce the amount of time required for syncs. Server Side File Tracking is disabled…
-
Setting Up And Using Web Services in OS X Mountain Lion Server
Configuring web services is as easy in OS X Mountain Lion Server (10.8) as it has ever been. To set up the default web portal, simply open the Server app, click on the Websites service and click on the ON button. After a time, the service will start. Once running, click on the View Server Website link at the bottom of the pane. Provided the stock OS X Server page loads, you are ready to use OS X Server as a web server. Before we setup custom sites, there are a few things you should know. The first is, the server is no longer really designed to remove the default…
-
Installing phpLDAPadmin
phpLDAPadmin is a tool that can be used to walk LDAP trees and view attributes of objects located within them using a web browser. This isn’t to say that it’s the prettiest tool out there but it works really well and is portable between various flavors of LDAP. Before you can use phpLDAPadmin you will need Apache. In Ubuntu, Apache can be installed using apt-get: apt-get install apache2 Once you have Apache installed, downloading phpLDAPadmin and installing it in Ubuntu Server 10 couldn’t be easier, just apt-get the package: apt-get install phpldapadmin Now you have the pieces, let’s copy phpLDAPadmin into your web root directory: cp -R /usr/share/phpldapadmin /var/www/myphpldapadmin In that…
-
Change Listening Port for RDP
In Windows 7 (and previous versions for that matter), you can change the port that RDP listens on for new Remote Desktop connections. To do so you would fire up regedit and then browse to the following key: HKEY_LOCAL_MACHINESystemCurrentControlSetControlTerminalServerWinStationsRDP-TcpPortNumber Here, you would change the PortNumber to a new decimal value that is the port you wish to listen on. Save, reboot and you’re good to go.
-
Monitoring/Restarting Retrospect
As of version 8, Retrospect uses port 22024 when the Retrospect Console needs to communicate with the engine. It just so happens that this can become unresponsive when the engine itself decides to stop working. Therefore, if you’re using Retrospect 8, you can run a port scan against port 22024 ( i.e. stroke <IP_ADDRESS> 22024 22024 ) and then restart the engine if it goes unresponsive. To restart the engine, simply unload and then load com.retrospect.launchd.retroengine. For example: /bin/launchctl unload /Library/LaunchDaemons/com.retrospect.launchd.retroengine.plist; /bin/launchctl load /Library/LaunchDaemons/com.retrospect.launchd.retroengine.plist I have found that if you alter the nice value that the engine crashes less (not that I’m saying that it crashes a lot or is buggy…