PC Plus HelpDesk - issue 233
This month, Paul Grosse gives you more insight into
some of the topics dealt with in HelpDesk and HelpDesk
Extra
From the pages of HelpDesk, we look at:
- Tightening up your firewall; and,
- More about catching hackers.
From HelpDesk Extra, we look at the Command Line
Interface:
- Opening up a command line in:
- Windows 98SE;
- Windows XP; and,
- Linux.
- File system basics;
- Moving around the file system;
- Creating/deleting directories;
- Creating files:
- Redirection; and,
- Piping;
- Viewing and editing files; and,
- Some nifty command line commands.
|
 |
HelpDesk
Tightening up your firewall
By default, most firewalls will allow through any
connection that originates on the inner network or LAN.
The problem with this is that anything that has managed
to break into a network and has taken a foothold can
initiate a connection through the firewall to anything on
the Internet that it can attack. This can be achieved by
users opening email attachments and by users browsing the
Internet with Scripts being allowed to run.
The easiest way of stopping this is to disable the
firewall rule that says that any connection started on
the inside of the firewall (the LAN side) will be allowed
through.
You should normally find this as the next to
last rule in the list. Note that you should never disable
the last rule (that is to say the last one above) as
doing so effectively allows through any traffic that has
not been denied explicitly in the preceding rules ie, all
of those flaws in the Windows flat security trust model
that allows Windows to work will be opened for anybody to
'share all of your pictures and files'.
One thing that you may well notice once all of these
programs have been closed off is that ports will have to
be allowed explicitly. Port 80 (HTTP) and 110 (POP3)
being allowed to have access to the Internet from the LAN
will be fairly obvious but there are plenty of others,
depending upon what you have running (if you have your
own SMTP server, you shouldn't be allowing 110 to be open
from the LAN as that becomes redundant).
One problem you might encounter is FTP (21) which can
work with port 21 as the control channel and another,
arbitrary channel for the data. The problem is that the
data channel is opened by the server at the other end and
this is blocked off by the firewall as it is an
externally initiated connection. With FTP, you can
connect so that it all goes down port 21 and that will
work or, you have a firewall that looks at the data
content of the packets for port 21 and recognises that it
should then let through externally initiated traffic from
that address on the specified port.
|
More about catching hackers
If there is anything that it irresistible to a
black-hat hacker, it is a server that has not yet been
fully patched.
These machines usually represent an opportunity to use
resources that could allow them to invade another machine
or send spam - the limits are with their imagination -
and if done correctly, none of it would be traceable back
to them. So, why are IIS servers prone to being hacked?
Are they easier to hack or is it something else? (or
both?)
It is possible to make an IIS server reasonably secure
so, without getting bogged down in a flame war about
whether IIS or Apache (or anybody else's server) is
better, let's look at why.
Over a period of time, both paid-for and free servers
have vulnerabilities exposed. If a vulnerability is
fairly obscure - say for example, only if you use a
particular type of database and cookies at the same time
- then a patch or a work-around will do. If there is a
gaping hole, allowing administrator or root access, then
that tends to have a little more say on whether a new
version is issued.
 If people have to pay
for a server, they don't want to have to fork out every
few weeks or months for a new one. Free servers can be
issued as new versions more frequently. So, if you are
paying for a server, you expect something that is
revolutionary whereas free servers tend to be
evolutionary.
This has the knock-on effect that free servers will on
average (50 per cent of the way through the version's
life time) have fewer vulnerabilities in them than
paid-for servers.
It does take a short time to patch a server but if
somebody knows what they are doing, they will patch it
fairly quickly. In a given population of admins putting
up servers, there is a possibility that the server will
be up when Google spiders it and the default page will
end up on Google. Of course, a few minutes/hours later,
the server will be fully patched and be displaying its
proper website (even though it shouldn't have been up
before it was patched any way - their existence on Google
demonstrates that they were).
The result of this is that if anybody wants to find a
server that is more likely to have vulnerabilities on it,
they can use a search engine to find the default page of
a paid-for server. If that link has a server that now has
a proper website on it then it is of little consequence
but if the default pages are still there, there is a
chance that it is a server that has been installed by
somebody who is still close to the bottom of the learning
curve and therefore the machine is still likely to be
vulnerable.
So, how do black-hat hackers find such machines? There
are sites on the Internet that will tell you what you can
find out for yourself just by using Google. If, in the
search string, you type 'allintitle:' and then the string
of characters that are in the title page you are looking
for, you will get a list of such pages on the Internet.
So, who would want to look for default IIS pages? People
who want to break into vulnerable machines is a pretty
large group (relatively speaking). In addition to this,
you need to know how the rest of the world sees you so
you need to take a look yourself.
So, let's catch some of them at it. Instead of having
a vulnerable bought server with its default page, we can
have something that just looks like it is one...
If you are running something other than a Windows
machine, you can set up a virtual host (this is easy
enough to do on Apache and it has the advantage that it
is not IIS) with a default page (click here) that has a spiderable but
otherwise invisible link to it (a small, transparent
image so that a spider will pick it up but normal users
will not) on a web page that is spidered by Google. If
you use DynDNS, you can set up a convincing sounding
domain name for it for free. Once it is spidered, it will
go into Google's cache and wait until someone types those
magic characters into the search bar.
Once somebody does do that and then clicks on it, the
search string will end up in your server's access log
file with a line that contains the following...
"http://www.google.com/search?hl=en&lr=&q=allintitle
%3AWelcome+to+Windows+2000+Internet+Services"
... and you will also end up with a series of lines,
one for each of the images (I find that this happens
several times each day). There is a possibility at this
stage that it could be just someone who has heard about
doing this who is just seeing what happens - or, it could
be someone trying to take advantage of an unconfigured,
unpatched server. If, following that, you then get a
number of other lines, asking for things that are not
there, then that could well be someone who is testing out
the server to see what is available. These could
include...
"GET /localstart.asp HTTP/1.0"
"GET /iisadmin.asp HTTP/1.0"
"GET /iissrtat.asp HTTP/1.0"
"GET /iisstart.asp HTTP/1.0"
"GET /iishelp HTTP/1.0"
"GET /iishelp/ HTTP/1.0"
"GET /iisadmin/default.asp HTTP/1.0"
"GET /iishelp/iis/default.htm HTTP/1.0"
... and they should all be typed in by hand (ie, no
referrer) unless it is done using a script at their end
(you can tell to some extent by looking at the times in
the log). The above activity is closer to black-hat
hacking as it shows that the person at the other end has
the requisite knowledge. So, what next?
"GET /../../cmd.exe HTTP/1.0"
"GET /../../notepad.exe HTTP/1.0"
The above two lines (taken from a real log along with
all of the others above) show that the same user also has
the requisite intent. This is an offence as describe
under the Computer Misuse Act. They are trying to go up
two directory levels (out of the server root and into the
system at large - they are assuming that the server root
is a known number of steps away from where they want to
go so again, they are displaying the requisite knowledge
but clearly they are not aware that it is not a Windows
system) and then, in the case of cmd.exe, open up a
command shell so that they can perform arbitrary commands
on the attacked system and, in the case of notepad.exe,
open up a text editor so that they can edit or create
arbitrary files. If you chroot Apache, they can't even do
that if they do break the server (OpenBSD's Apache server
does this by default and is part of their default
installation).
There is a way of telling that the server that is
really sending out the pages is not an IIS server but the
fact that the people who try to hack default page sites
like this continue to do so shows that they are not
experienced or knowledgeable enough to know what that is
or how to do it.
So, we've caught a black-hat hacker's activity on a
server and they have displayed to us that they have the
requisite knowledge and the requisite intent. Next, we
take their IP address from the server log, open up a
shell prompt and type...
whois
www.xxx.yyy.zzz
where www.xxx.yyy.xxx is the IP address. This should
give us their ISP's netblock information, along with an
abuse@ address. Then, we email the section of the log and
a polite note to their ISP. If they are in the UK, then
you can notify the police (High Tech Crime Unit) as well.
One point worthy of note is that if someone has taken
over a machine and using that to look at your site, the
IP address in your log will be the compromised machine.
Still, they need to know that they have a compromised
machine. The above extracts from the log were from an
attacker (or compromised machine) in India.
If you want to set up your own IIS default page honey
pot, you can use the files
in the files directory on this SuperDisc instead of
trawling the Internet and ending up with me reporting you
to your ISP.
|
HelpDesk Extra
Opening up a command line in:
Windows 98SE
 Click on 'Start',
'Programs' and then, it depends upon where you have put
it (if you have moved it around) or where it has been
left.
Here, I have put it in the programs menu but you will
probably find it in the 'Accessories' sub-menu. Wherever
you find it, the thing you are looking for is usually
called 'MS-DOS Prompt'.
 When you do find it,
it should look like this...
The first three buttons across the top allow you to
select, copy and paste text. The fourth allows you to
make it full screen. If you do this and want to get back
to the original, windowed version (ie, you can see the
other windows on the system) all you need to do is press
[Alt][Enter] - note that this toggles it so it can be
used to get into full screen as well.
The next button is the properties button and the one
after that, allows processes that you create in this DOS
box to run in the background. That means that other
things can happen as well. The last button allows you to
select which font you want to use in the display. There
are a number to choose from but whether they are bitmap
or TrueType, they are all mono-spaced.
Windows XP
 In Windows XP, click
on 'Start', 'Programs', Accessories', 'Command Prompt'
and you will get the following...
 To get any options on
this, you need to right-click on the 'Command Prompt'
window decoration at the top.
When you do that, you get a menu that looks like the
following...
This gives you a similar set of options to the Windows
98SE DOS-Box but in addition, you can specify the colours
of the text and background.
Linux
 Click on the Menu
Icon and then 'System', 'Shells' and then the command
shell you want (usually 'Bash').
Alternatively, you can right-click on the Panel Menu
bar at the bottom, from the drop-down list, select 'Panel
Menu', 'Add', 'Application Button', 'SuSE', 'System',
'Shells', 'Bash' or 'Panel Menu', 'Add', 'Application
Button', 'SuSE', 'System', 'Terminal Applications',
'Konsole' depending on which you want or which
distribution you are using and this will put the shell
icon on your panel menu - the terminal icon in the
screenshot.
 The shell should look
like this...
|
File system basics
Windows (98 and XP)
In theory, the Windows file system is quite simple:
each disk partition has a drive letter assigned to it so
that the first hard disk drive letter is 'C:', the next
is 'D:' and so on. As this is the real file system used
on Windows/Dos machines, this is what you will see when
you use a command prompt on the system.
This is not to be confused with the virtual file
system that you see when you look at a directory tree in
Windows Explorer.
 The following
screenshots are all taken from Windows 98SE but the same
structures and problems exist with Windows XP.
You can see that here, Windows pretends that the
Desktop is the root of the file system, from which comes
'My Computer', 'My Documents', 'Internet Explorer' and so
on.
On the desktop, you should see these listed along with
any files or links that you have but this is not the real
story. If you have a look at the Windows Explorer address
bar, you will be able to see that if you have drive 'C'
selected (as here) then the path in the address bar is
'C:\' and not, Desktop\My Computer\C:\' as you would
expect.
If you click on 'Desktop' in the left pane, that is
what appears in the address bar. This also happens with
'My Computer, 'My Documents', (Don't try it with Internet
Explorer or it might close that window and open up the
web browser - typing 'Desktop' into the address bar of
that will only bring back the single-paned version of
Windows Explorer) 'Network Neighbourhood', 'Recycle Bin'
and 'My Briefcase' although none of these are prefixed
with 'Desktop\'.
However, if you click on a directory that you have
created such as WebLinks in this example, the address bar
reveals the location of the Desktop directory and that it
is just a mapping created by Windows as opposed to a real
entity - in this case
C:\WINDOWS\Profiles\[UserID]\Desktop\AVIs as I have
profiles turned on.
 If you go to that
directory and click on 'up one level' (the folder icon
with the left/upwards pointing arrow) you will be taken
back to the Desktop but instead, if you click on the
address bar and delete back to and including the
backslash (so that you have
C:\WINDOWS\Profiles\[UserID]\Desktop) then that directory
will be expanded and you can see something along the
lines of the structure on the right.
Windows XP
The only real difference is that with Windows XP, the
Desktop root directory is in 'C:\Documents and
Settings\[UserID]\' instead of
'C:\WINDOWS\Profiles\[UserID]\'
The only problem that all of this creates for the
operating system (as opposed to the user who needs to
know which set of user directories he/she is looking
through) is that Windows likes to present itself as the
current user's set of options which is okay until you
allow people to log on through a terminal. Normally,
users log onto Windows XP and as they switch user, the
system fiddles it so that each one looks like the current
user.
Unices (Linux, *BSD et cetera)
 With the Unices,
nothing is altered between users in a multiple-user
environment and each one has their own home directory. As
the (Unix-like) system has to change nothing to keep up
any illusion (mainly because there is no illusion) the
users can switch in a keystroke ([Ctrl][Alt][Fn] where n
is a number from 7 to 9 for the local monitor (for SuSE
with KDE although this varies for different OSes). Also,
processes that any particular user has, will keep on
going whilst the local monitor is being used by another
user. So...
The Unix-like file system is a lot simpler as there is
a root (/ not to be confused with /root which is the name
and home directory of a special user) in one of the
partitions and all other partitions are mounted within
that. Here, /nas has NAS storage mounts in it and /boot
has the startup files in it for the system. There are a
number of other partitions in this system - you can put
extra partitions in /home as you need them or /srv and so
on.
Basically they are as follows:
- bin has the binaries
(executables) needed by the system;
- boot has the bootup files in
there,
- dev has the devices (so
/dev/hda1 is the first partition on the first
hard drive);
- etc is where the configuration
files go;
- home is where the user space is
so each user has a /home/[UserID] directory
(/home/frank for example) within which they have
their desktop, text files and so on; here,
- lan is a directory
within which I mount the network shares from
other machines,
- lib is where the system library
files go;
- media is where the system mounts
things like CDs digital cameras and so on;
- mnt is a common mount point for
drives;
- nas is a directory I
have created for network shares to be mounted
that are exported from this machine;
- opt is where the desktop
environments have their option files;
- proc is a list of the processes,
- root is the root user's home
directory;
- sbin is another load of
binaries;
- srv is the server root;
- tmp is the temporary directory;
- usr is full of user stuff such
as binaries and programs; and,
- var is where log files and other
stuff is kept.
On some systems, lan, media, nas, opt, or srv will be
in other places - lan and nas won't exist, srv will be in
var as www. This latter is the web root if you are
running a server - it is kept in /var/www along with all
of the Apache and Perl bits so that Apache can change its
root directory (chroot) to the server root and its user
to one without any privileges. In the unlikely event that
the server is taken over, any user that has managed to do
that will end up with only /var/www as their root
directory so they will not be able to roam around the
system and they will not be able to chroot out as they
are not root - in effect, they are in a jail and have
accomplished nothing. As a user without privileges, they
cannot even deface the website.
Viewing the current directory
In Windows, type
dir
and you will see the contents of the current directory
In Linux/Unix, list the contents of the current
directory by using
ls
There are options with all of these and you can find
them out by looking at the manual pages which in Windows
means you type ...
help dir
... and in the Unices ...
man ls
... or ...
man 1 ls
|
Moving around the file system
If you want to move around the file system, you need
to change the directory that you are in. You can do this
either by specifying the directory you need to go to in
relative terms (relative to the current directory) or in
absolute terms (the whole directory path to the new
current directory).
In Linux/Unix, there is only one file system with all
of the partitions mounted within it but with DOS, there
is a file system for each mounted partition. So, if your
current directory is D:\some\path\ and you want to change
to whatever the current directory on drive C: is, all you
need to do is to type...
C:
... and it will change. Note that if you want to
change back to drive D:, and type 'D:', you will end up
back in 'D:\some\path\'.
In both Windows and Linux/Unix, you use the CD
command. Note that Windows uses a '\' (backslash) to
delineate directories whereas all other operating systems
use '/' (called a 'slash'. It is not called a 'forward
slash' despite the efforts of the BBC to change its name.
I suppose the point is that if it is called a 'slash' the
BBC will think that people will sit around giggling every
time it is mentioned. If you doubt this, I can tell you
from personal experience that when I did a piece for
radio, many years ago, they edited out the word 'bum')
Absolute
Windows
cd c:\windows\system32
Linux/Unix
cd /home/paul/Desktop
Relative
Windows and Linux/Unix
cd ..
In the latter case, the directory above the one you
are in can be reached by using '..' - to go the other
way, you need to specify the name of the directory you
want to go into. If you had a directory in the current
one called 'temp' (you can find the names of directories
in the current directory by entering ls or dir), you can
cd to it by typing
cd temp
If, to get to temp, you needed to go up one level and
then back down one, ie the structure is
#-work-#-temp
|
#-current
... and you are in current, then you can combine the
two as follows (first Windows and then Linux/Unix)...
cd ..\temp
cd ../temp
With many commands that take a file name, you can
specify a relative or absolute directory path. Note also
that the paths on web servers (whether they are running
on Windows or one of the Unices) all have '/' to
delineate the directory and file names. This is because
the Internet runs on Unix and not on Windows.
|
Creating/deleting directories
You can create a new directory (in Windows or
Linux/Unix) by typing mkdir and then the directory name
like so ...
mkdir test
You can then cd into it and out of it. To remove it,
just type rmdir and its name (when you are not in it - if
you are doing it relatively as in the example, you need
to be in its parent directory).
rmdir test
|
Creating files
You can create a file by a number of means - usually
with a program that generates file output or with a text
editor - but basically, you need to make a file have some
data in it and if you just want to test out your command
line skills, you can do this easiest by redirecting a
directory listing to a file.
Redirection
Redirection takes the output of a file and directs it
to some sort of output device which could be a file. In
addition to this, you can also specify an input source
such as a file. To do this, you start off with the
command name on the command line and then you can if you
want, specify the input file. Next, specify the output
file. There are two symbols that are used to let the OS
know what you want to do and they are < (input
from...) and > (output to...) and the command line is
as follows:
command [< input stream] [> output stream].
So, if you want to create a file from your directory
listing, you would do the following (Windows then Linux)
dir > listing.txt
ls > listing.txt
If you want to append a file, you should use two
'>'s like so...
dir >> listing.txt
ls >> listing.txt
Piping
Piping is similar to redirection only instead of
redirecting an output stream to a file or similar, you
are directing it to another program so the input of one
program is the output of the previous program.
Like redirection, there is a special symbol - the
split vertical bar '|' (which is often not split at all).
To take a directory listing and pipe it to another
program that looks for a particular string in a line and
then outputs those lines you could do the following
(Windows XP then Linux) ...
dir /N | find "54"
ls -a | grep dr
... which, in the first case, looks for files in a
'new style' directory listing that have the number 54 in
them and, in the second case, look for files that have
the string 'dr' in a full listing (ie, those that are
directories that can be read by their owner and those
with a 'dr' in the file name).
You can pipe several commands together like this and
as they all flow from the left to the right, all
separated with the '|', they are fairly easy to edit if
you use a shell that can look at and edit previous shell
commands by pressing the 'up' arrow key such as the
default DOS shell or Bash in Linux/*BSD/Unix.
|
Viewing and editing files
You can look at the contents of a file by using the
'more' command (Windows and Unix). This takes a file name
and displays it a screen-full at a time and you press the
[spacebar] to see the next screen. For example...
more myfile.txt
The distinct disadvantage of this is that you can only
move forward through a file. There is a better way under
Linux/Unix and that is to use 'less' like so...
less myfile.txt
... and this will allow you to move forwards and
backwards through the file using the up/down arrow keys -
'q' to exit.
To edit a file in Windows and then in Linux/Unix, type
edit myfile.txt
vim myfile.txt
There is more on using edit and vim on the Internet.
|
Some nifty command line commands
To get help on any of these commands, (say 'at' for
example) just ask for the relevant help manual on the
system. This can be done on Windows and Linux/Unix as
follows...
help at
man at
Note that in Linux/Unix, there are a number of manuals
and you can specify which one you want to see. Often a
command like 'at' will be written like 'at (1)' where the
one is a reference to the manual number. You can put this
in the manual command line request as follows...
man 1 at
As you might have guessed, one thing that you can do
on XP as well as on Linux/Unix is set a command to run at
a particular time either in absolute or relative terms.
This is done with the 'at' command.
To be fair, it has to be said that the most useful
command line functions are on Linux/Unix (although the
best help pages are on OpenBSD).
Local
Some that can be done on the local machine include:
'w' (find out who is on the system and what they are
doing:
paul@obsidian:~> w
11:28:10 up 26 days, 2:14, 5 users, load average: 0.59, 0.62, 0.62
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
root :0 05Jun05 ?xdm? 2days 0.01s -:0
root pts/0 05Jun05 26days 0.00s 2.77s kdeinit: kwrited
paul pts/1 05Jun05 26days 0.00s 3.98s kdeinit: kwrited
paul pts/2 11:12 1.00s 0.15s 0.04s w
paul :1 05Jun05 ?xdm? 2days 0.03s -:1
'who am i' (in case you forget who you are logged in
as):
paul@obsidian:~> who am i
paul pts/2 Jul 1 11:12 (amethyst.gem)
'cal' which returns a calendar of the current month
(or others by adding parameters - September 1752 is
interesting because it didn't have 30 days in it
paul@obsidian:~> cal
July 2005
Su Mo Tu We Th Fr Sa
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
paul@obsidian:~> cal 9 1752
September 1752
Su Mo Tu We Th Fr Sa
1 2 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
'top' shows you the top processes (in terms of the
amount of processor time they are using)
top - 11:43:12 up 26 days, 2:29, 5 users, load average: 0.68, 0.64, 0.59
Tasks: 173 total, 1 running, 172 sleeping, 0 stopped, 0 zombie
Cpu(s): 21.2% user, 5.2% system, 0.0% nice, 73.6% idle
Mem: 255896k total, 248364k used, 7532k free, 26440k buffers
Swap: 459136k total, 214668k used, 244468k free, 41520k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ Command
2846 root 18 0 8140 5900 3868 S 17.3 2.3 1717:14 ksysguard
20406 root 16 0 5248 3928 1800 S 3.9 1.5 216:21.57 appletproxy
2858 root 15 0 672 556 332 S 2.9 0.2 1111:53 ksysguardd
16440 paul 16 0 1052 1052 792 R 2.3 0.4 0:00.36 top
3 root 15 0 0 0 0 S 0.0 0.0 0:00.21 kapmd
4 root 34 19 0 0 0 S 0.0 0.0 0:05.31 ksoftirqd_CPU0
5 root 15 0 0 0 0 S 0.0 0.0 2:02.74 kswapd
6 root 15 0 0 0 0 S 0.0 0.0 0:00.00 bdflush
7 root 15 0 0 0 0 S 0.0 0.0 0:00.23 kupdated
8 root 15 0 0 0 0 S 0.0 0.0 0:05.61 kinoded
10 root 25 0 0 0 0 S 0.0 0.0 0:00.00 mdrecoveryd
13 root 15 0 0 0 0 S 0.0 0.0 0:15.71 kreiserfsd
149 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 lvm-mpd
884 root 15 0 256 232 160 S 0.0 0.1 2:46.24 syslogd
887 root 15 0 1236 288 272 S 0.0 0.1 2:53.79 klogd
(press 'q' to quit.)
'uptime' tells you how long the computer has been up
and running
paul@obsidian:~> uptime
11:47am up 26 days 2:33, 5 users, load average: 0.69, 0.64, 0.59
'ifconfig' ('ipconfig' in Windows) lets you know what
is going on with the network interfaces.
You will need to substitute-user ('su') to root to use
this though. You do that just by entering su and then the
root password (note that in OpenBSD, you will have
already to be a user that is a member of the group
'wheel'. Also note that you should not log in as root
either, only as a normal user and then su to root).
obsidian:/home/paul # ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:00:0E:E4:D7:FF
inet addr:192.168.168.200 Bcast:192.168.168.255 Mask:255.255.255.0
inet6 addr: fe80::200:eff:fee4:d7ff/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11712030 errors:0 dropped:0 overruns:0 frame:0
TX packets:13316523 errors:0 dropped:0 overruns:1 carrier:0
collisions:0 txqueuelen:100
RX bytes:3057165231 (2915.5 Mb) TX bytes:4273415386 (4075.4 Mb)
Interrupt:11 Base address:0x1000 Memory:f4200000-f4200038
Network
In a networking environment, you can log onto another
machine using telnet or ssh (you Windows has a client for
telnet or you can get 'Putty' and there are ssh clients
for Windows as well)
You use them the same as each other, ie
telnet 10.231.16.94
ssh 10.231.16.94
But, one thing to remember is that on telnet, all of
the traffic is in the clear so it is only suitable on a
network that is trusted in all respects - no wlan, no
Internet and so on. Also, it is remembering that if you
have a machine firewalled (which you should have), you
need to open the appropriate port on the telnet server or
ssh server and, if you can, restrict access to it from
just local network machines (although this does not make
it safe because it is possible to take over another
machine on the local network and then use that to telnet
into the one you have just opened. Google 'port numbers'
for a full list.
'host' ('nslookup' on Windows) will look up the ip
address of a domain name and get the dns information of
an ip address.
paul@obsidian:~> host www.pcplus.co.uk
www.pcplus.co.uk has address 212.113.202.52
'whois' retrieves the netblock information.
paul@obsidian:~> whois 66.249.87.104
OrgName: Google Inc.
OrgID: GOGL
Address: 1600 Amphitheatre Parkway
City: Mountain View
StateProv: CA
PostalCode: 94043
Country: US
NetRange: 66.249.64.0 - 66.249.95.255
CIDR: 66.249.64.0/19
NetName: GOOGLE
NetHandle: NET-66-249-64-0-1
Parent: NET-66-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.GOOGLE.COM
NameServer: NS2.GOOGLE.COM
Comment:
RegDate: 2004-03-05
Updated: 2004-11-10
OrgTechHandle: ZG39-ARIN
OrgTechName: Google Inc.
OrgTechPhone: +1-650-318-0200
OrgTechEmail: arin-contact@google.com
# ARIN WHOIS database, last updated 2005-06-30 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
'ping' lets you know if a machine is there and how
quick the connection is.
Windows
C:\>ping -n 10 66.249.87.104
Pinging 66.249.87.104 with 32 bytes of data:
Reply from 66.249.87.104: bytes=32 time=20ms TTL=246
Reply from 66.249.87.104: bytes=32 time=17ms TTL=246
Reply from 66.249.87.104: bytes=32 time=17ms TTL=246
Reply from 66.249.87.104: bytes=32 time=20ms TTL=246
Reply from 66.249.87.104: bytes=32 time=28ms TTL=246
Reply from 66.249.87.104: bytes=32 time=17ms TTL=246
Reply from 66.249.87.104: bytes=32 time=18ms TTL=246
Reply from 66.249.87.104: bytes=32 time=17ms TTL=246
Reply from 66.249.87.104: bytes=32 time=17ms TTL=246
Reply from 66.249.87.104: bytes=32 time=27ms TTL=246
Ping statistics for 66.249.87.104:
Packets: Sent = 10, Received = 10, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 28ms, Average = 19ms
(Note that since Code Red, many people block pings
from Windows machines (yes, you can tell))
Linux
paul@obsidian:~> ping -c 10 66.249.87.104
PING 66.249.87.104 (66.249.87.104) 56(84) bytes of data.
64 bytes from 66.249.87.104: icmp_seq=1 ttl=247 time=19.2 ms
64 bytes from 66.249.87.104: icmp_seq=2 ttl=247 time=18.9 ms
64 bytes from 66.249.87.104: icmp_seq=3 ttl=247 time=17.0 ms
64 bytes from 66.249.87.104: icmp_seq=4 ttl=247 time=16.5 ms
64 bytes from 66.249.87.104: icmp_seq=5 ttl=247 time=16.8 ms
64 bytes from 66.249.87.104: icmp_seq=6 ttl=247 time=16.7 ms
64 bytes from 66.249.87.104: icmp_seq=7 ttl=247 time=16.1 ms
64 bytes from 66.249.87.104: icmp_seq=8 ttl=247 time=16.5 ms
64 bytes from 66.249.87.104: icmp_seq=9 ttl=247 time=16.2 ms
64 bytes from 66.249.87.104: icmp_seq=10 ttl=247 time=20.4 ms
--- 66.249.87.104 ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9090ms
rtt min/avg/max/mdev = 16.135/17.469/20.450/1.432 ms
|
Back to PC Plus Archive Index Page
|
