Posts with the tag networking

IP Address Analysis Using Python

Find out more about IP addresses (IPv4 and IPv6) using the Python module IPy:

#!/usr/bin/env python

from IPy import IP

ip_s = raw_input('Please enter an IP address or range: ')
    i =...

Read on

OpenWrt on a TP-Link TL-MR3020 Router

This is a really compact and cheap router to take with you to hotels etc. to secure your internet access via VPN or redistribute a network.

The Hardware

You can get some information on the used hardware from my /proc/cpuinfo, /proc/meminfo and dmesg.

I put some photos I made of...

Read on

Make RS232 Serial Devices Accessible via Ethernet


The RFC 2217 standardizes the transmission of serial connection data via Ethernet, allowing to change remote serial port parameters (such as speed, parity, stop bits) over TCP using NVT (Network Virtual Terminal).


Connection between your serial device and the Ethernet

  • YPort - a hardware and software solution (microcontroller AVR ATmega based...

Read on

Use Synergy on Mac


cd ~/Downloads
curl -C - -O
open synergy-1.4.5-MacOSX107-x86_64.dmg
cd /Volumes/Synergy/
cp -r /Applications/

Start the server:

synergys -f --config ~/synergy.conf

where synergy.conf is:

# sample synergy configuration file
# comments begin with the # character and continue to the end of line.
# comments may appear anywhere the syntax...

Read on

Fix a problem with NX on Ubuntu 10.10 with the key d (inadvertently minimizing the current window)

Go to System → Preferences → Keyboard Shortcuts and set the shortcut for Hide all normal windows and set focus to desktop to something sane like Alt + D

update 2011-07-13: This happened again when I used Ubuntu 11.04 inside a NX session on a Mac OS X host computer. :(



Read on

Watch the network for an IP conflict - ipwatchd

Installation on Ubuntu:

sudo aptitude install ipwatchd-gnotify

if configured correctly (true by default) it will show you graphical warnings for IP conflicts as well as create log entries in /var/log/syslog (check for log messages containing ipwatchd).

Advanced configuration options are described and have to be set in the file/etc/ipwatchd.conf. This could...

Read on

How to use tcpdump

You can use tcpdump to debug TCP/IP connections.

How it works

1st console run tcpdump:

philipp@lion:~$ sudo tcpdump -i lo
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lo, link-type EN10MB (Ethernet), capture size 96 bytes
09:55:05.968006 IP lion > lion: ICMP echo request, id 5745, seq 1,...

Read on

React to IP Takeover

When someone has taken your IP, react!

Set your IP to the correct one (belonging to you):

sudo ifconfig eth0 netmask

and run arping to get the IP back on your side:

sudo arping -U -c 3 -I eth0
sudo arping -A -c 3 -I eth0

Also have...

Read on

Mount a GMail account as Filesystem using gmailfs

Warning: my experience with gmailfs was not excellent! It was a bit slow and you always risk to lose data you stored on that account.

based on IMAP:
(it used to be but this was based on the Webinterface and that changed often)

gmailfs works with FUSE....

Read on

Set up a Unix User Account with SFTP Access but no other Rights (such as Shell Access)

An easier solution just by setting a line in the configuration of the ssd daemon can be found in the blog post Chroot SFTP users.

sudo aptitude install scponly


sudo -s
cd /usr/share/doc/scponly/setup_chroot
chmod +x

this adds the user etc...


Read on

Analyse illegal SSH login attempts

Filter the authentication log file for failed authentications and count the attempts (lines in the log file):

grep -i fail /var/log/auth.log | wc -l

Check for all attacks with non existing usernames:

grep -i "Failed password for invalid user" /var/log/auth.log | cut -d " "...

Read on

Workaround for problems with constantly changing resolv.conf

When you don't want other software (like network manager) to mess with your DNS server settings, make /etc/resolv.conf immutable:

sudo chattr +i /etc/resolv.conf

It can be undone like this:

sudo chattr -i /etc/resolv.conf



Read on

checksum offloading - wireshark

If wireshark reports many wrong checksums, this can be caused by checksum calculations done by hardware which means that the wrong checksums reported by Wireshark are simply meaningless.

If you're sure, that's the problem, you may simple not care about wrong checksums:

  • Turn off the checksum offloading in the network...

Read on

Anonymising Internet Usage

with Tor


gpg --keyserver --recv-keys 0x94C09C7F
gpg --export 0x94C09C7F | sudo apt-key add -
echo "deb jaunty main" | sudo tee -a /etc/apt/sources.list
sudo apt-get update 
sudo apt-get install tor

setup of a HTTP-Proxy for tor Tor being a Socks-Proxy (not a HTTP-Proxy) means you can't...

Read on

The screen command - A versatile tool

With screen you can run an SSH command without interrupting the execution when the connection is lost. In case of a connection loss, all you have to do is to reconnected to the SSH host again when a connection is available and attach to the former screen session again.

Install screen:


Read on

DNS Lookup on The Terminal

Use the CLI programs host or dig to resolve domain names to IPs (and get some more information).

So when you run host for example you will get the answer has address has IPv6 address 2620:0:2d0:200::10

The output of the run of dig is more detailed:


Read on

Make SSHd React Faster on Connect

If your ssh connection is established only with a delay of about 2-4 seconds (even when you are connected to a fast network), you can try the tips in this post.

What to try first

Debug you ssh connection: using ssh -p 28 -vvv (note the -vvv switch at the end).

Read on

tinc vpn - with automatic full mesh routing

tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. It runs on many platforms including Linux, FreeBSD, OpenBSD, NetBSD, MacOS/X, Solaris, Windows 2000, XP, Vista and Windows 7.

The installation of tinc on Ubuntu Linux is...

Read on

Check Open Ports on Local Machine Using Netstat

run netstat like this:

sudo netstat -lntup

and you get an output like this:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State     ...

Read on

Installing Google Chrome on Ubuntu 9.04

sudo gedit /etc/apt/sources.list

Then add to the file:

# Google Chrome
deb intrepid main
deb-src intrepid main

And add the sign-key to you keyring:

sudo apt-key adv --recv-keys --keyserver 0xfbef0d696de1c72ba5a835fe5a9bf3bb4e5e17b5

Then update and install:

sudo apt-get...

Read on

Set up an SMTP Server Without Authentification

I don't like to set up an SMTP server without authentification but I needed it for a special hardware, the Koukaam NETIO 230A. It sends reports of its operation via unauthenticated SMTP emails.

sudo aptitude install postfix

Read on

Use the tool x2x to use your mouse and keyboard as input for a differenct computer — works well!

With the very small toolx2x you can move your mouse to the left edge of your local screen and will continue to move over to the remote desplay. Your keyboard works on both computers as well, and you can even copy-paste between the two computers. It looks like the...

Read on

Set Up Public/Private Key Authentication for SSH to Connect from Laptop ↔ Desktop Without a Password Prompt

On both Linux/Unix computers you have to make sure they have a public key ~/.ssh/ If it is not there yet, run:

ssh-keygen -t rsa -b 4096

The desktop should be able to connect to the laptop with no password: (we work on the desktop here):

scp ~/.ssh/ philipp@laptop:~/
ssh philipp@laptop

Read on

Send `net send` commands like on Windows using Linux

On Windows Systems you can send short messages using the net send command. This is also possible using smbclient on Linux:

smbclient -M Hostname_or_IP "nachricht"

You can also pipe-in the text to send:

echo "Nachrichtentext" | smbclient -M Hostname_or_IP

Or directly send textfiles up to 1.6 KB:

cat msg.txt...

Read on

lighttpd webserver


sudo apt-get install lighttpd

The webdocuments root folder is /var/www. Refer to the site for more features (php etc) .

change ownership of /var/www in order to be able to put files there as normal user

sudo chown philipp /var/www
sudo chgrp philipp...

Read on

Chroot SFTP users

OpenSSH supports jailing SFTP users to a directory (using chroot) just by changing its configuration file:

Basically you add the users you want to jail to a linux user group (sftp) and add the following lines to /etc/ssh/sshd_config:

### Comment out the following line:
#Subsystem sftp /usr/lib/openssh/sftp-server
### and replace with:
Subsystem sftp...

Read on