Friday, 25 January 2013

Netcat chat application

What is Netcat ?

Netcat is a tool used to communicate between machines using TCP/UDP protocol .An improved version of Netcat is Ncat. It is also a tool for communication. Netcat tool can be used in both linux and windows. The syntax used are same in both windows and linux.



Uses of Netcat 

1. Netcat can be used as a telnet program.


nc -v <ip address> <port number>

-v gives error if fails to connect with the target machine


2. Netcat helps to open  a new server socket means it can listen to a port for connection


nc -v -lp <portnumber>


-lp means 'listening to the port'


3. Netcat helps in transfering file from one machine to another.

Sender Side


cat <filename> | nc  <ip address > <port>


At server side 


nc -v -lp <port> > filename


Chat Application using Netcat


Follow the steps to create a chat application using Netcat.

Machine A

 nc -v -lp <portnumber>

Machine B

nc -v <ip address of machine A > <port of machine A>





Posted by at No comments:

Nmap (Network Mapper)


What is Nmap?


Nmap is a port scanning tool developed by Fyodor Vaskovich. It is an open port scanning tool.It determine what hosts are available on the network, services offered by host, which operating systems that hosts are running etc.

Nmap installation


In Ubuntu,nmap is installed using the syntax

 

sudo apt-get install nmap

 

Nmap Port Scanning


Port can be scanned by providing the ip address of the host(Here I am using localhost address.)This gives the port and services opened by the target machine.


jothis@jothis:~$  nmap  127.0.0.1

Starting Nmap 5.21 ( http://nmap.org ) at 2013-01-25 17:50 IST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00019s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
53/tcp   open  domain
631/tcp  open  ipp
3306/tcp open  mysql

Nmap done: 1 IP address (1 host up) scanned in 0.05 seconds


OS fingerprint detection using Nmap

 

For OS finger printing (finding the operating system of remote host) is given by the syntax.The bold characters show the os running in the target machine.


jothis@jothis:~$ sudo nmap -O 127.0.0.1
[sudo] password for jothis:

Starting Nmap 5.21 ( http://nmap.org ) at 2013-01-25 17:58 IST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000079s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
53/tcp   open  domain
631/tcp  open  ipp
3306/tcp open  mysql
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=5.21%D=1/25%OT=53%CT=1%CU=36083%PV=N%DS=0%DC=L%G=Y%TM=51027A88%P=
OS:i686-pc-linux-gnu)SEQ(SP=106%GCD=1%ISR=10B%TI=Z%CI=Z%II=I%TS=8)OPS(O1=M4
OS:00CST11NW4%O2=M400CST11NW4%O3=M400CNNT11NW4%O4=M400CST11NW4%O5=M400CST11
OS:NW4%O6=M400CST11)WIN(W1=8000%W2=8000%W3=8000%W4=8000%W5=8000%W6=8000)ECN
OS:(R=Y%DF=Y%T=40%W=8018%O=M400CNNSNW4%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=
OS:AS%RD=0%Q=)T2(R=N)T3(R=Y%DF=Y%T=40%W=8000%S=O%A=S+%F=AS%O=M400CST11NW4%R
OS:D=0%Q=)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%
OS:S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(
OS:R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=164%UN=0
OS:%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)

Network Distance: 0 hops

OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.48 seconds



Posted by at No comments:

Thursday, 17 January 2013

Remote Login,Copying file and Passwordless login using SSH


What is SSH (Secure Shell) ?


SSH is developed by Communications Security Ltd. It is also known as Secure Socket Shell ,it is a protocol for securely getting access to a remote computer and move files from one machine to another. The connections are secured through digital certificate.


Installing SSH


OpenSSH is a open source version of the SSH connectivity tool in Ubuntu. To install 

sudo apt-get install openssh-client openssh-server

To login into the remote server enter the following command

ssh username@user_ip 

When entered you will be asked whether to continue. Choose Yes. Then you are asked to give the remote machine's password.Now you can control the remote machine through the terminal.


Copying files using SSH

 

Open SSH is used for transferring files to remote system through a secure connection. Command used is

scp file.txt username@user_ip:directory

eg: scp file.txt abc@10.20.34.124:/home/abc/doc

To copy a file from the server to the local machine, use the following syntax:

  scp server@10.20.34.124 :home/server/file.txt  /home/abc/

 Here 'server' is the username of remote machine and ip of the server .'file.txt' from server is copied to local machine of 'abc'. 


Passwordless Authentication 


Open SSH can be used to setup passwordless authentication. Instead of entering the remote server's password on each login attempt, SSH will create a public/private key pair and send the public key to the remote server.The private key is stored on the local machine. This completely eliminates the need to send sensitive information (like a password) over the network.

 Following commands are used:

1. To generate key pair

[jothis@jothis.com ~]$ ssh-keygen  
 
Then you will be asked to provide the file name and a password.Enter the password and the filename. It will generate a private and public key for the communication.
 

2.Copy the public key stored to the server

ssh-copy-id -i ~/.ssh/filename.pub remoteuser_name@remote _ip

'./ssh/filename.pub' is the location of the public key in the localhost. Then you will be asked to provide the password of the remote server.Now the public key of the local machine is stored into the remote server.

3.Remote logging without password

ssh username@user_ip  

just like login into remote server from local host.



  





 












Posted by



at





No comments:
  


































          

        

          

        

Sunday, 13 January 2013


          

        









GnuPG : Tool for secure communication












GnuPG uses public-key cryptography so that users may communicate securely.
In a public-key system, each user has a pair of keys consisting of
a private key and a public key.
A user's private key is kept secret.
The public key may be given to anyone with whom the user wants to
communicate.





 



Gpg :Encryption And Decryption



 Following steps illustrates how to generate a key pair and using it for secure communication in ubuntu12.04















Generating a new keypair



 In the terminal use the command gpg --gen-key  to create a new primary keypair.



Then you will be given  three options.
Option 1 creates two keypairs.
A DSA keypair and an ElGamal  keypair is also created for encryption. 
Option 2 creates only a DSA keypair.
Option 4 creates a single ElGamal 
keypair usable for both making signatures and performing encryption.Default option is better.

  

     Then you must choose a key size.
GnuPG, however, requires that keys be no smaller than 768 bits.if Option 1 was chosen then you choose a keysize larger than
1024 bits.




About to generate a new ELG-E keypair.
              minimum keysize is  768 bits
              default keysize is 1024 bits
    highest suggested keysize is 2048 bits
    What keysize do you want? (1024)





      Then you are asked to choose a expiry date of the key. Select any of the following


       0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years


 





For most users a key that does not expire is adequate.



Then you must provide a user ID.
The user ID is used to associate the key being created with a real
person.Enter your name email id. A user ID should be created carefully since it cannot be edited after
it is created.




You need a user ID to identify your key; the software
         constructs the user ID
        from the Real Name, Comment and Email Address in this form:
            "Heinrich Heine (Der Dichter) "

Real name:xyz
Email address: xyz@gmail.com
Comment: testing demo key

You selected this USER-ID:
    "xyz"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O



 Then you  need a passphrase to protect the private key.Enter the passphrase and kept it as secret. You should'nt forget your passphrase.




Enter passphrase: ******
Repeat passphrase:******

We need to generate a lot of random bytes. It is a good idea
to perform some other action (type on the keyboard, move the
mouse, utilize the disks) during the prime generation; this
gives the random number generator a better chance to gain
enough entropy.

        .+++++++++++++++++++++++++.+++++++++++++++++++++++
        gpg: key 90130E51 marked as ultimately trusted
        public and secret key created and signed.

        gpg: checking the trustdb
        gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
        gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
        pub   1024D/90130E51 2010-01-02
        Key fingerprint = B8BD 46EF 41E7 44B9 F934  7C47 3215 5713 9013 0E51
        uid  Ramesh Natarajan (testing demo key)
        sub   2048g/35C5BCDB 2010-01-02







Exporting a public key







To send your public key you must first export it.
The command-line option --export
is used to do this.






gpg --armor --export xyz@gmail.com > pb.gpg
cat pb.gpg
Then we get the public key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: SKS 1.0.10

mQENBFDqmqoBCADV2F3P.......


...........................


........................


 -----END PGP PUBLIC KEY BLOCK-----



 



Copy the public key then go to http://keyserver.ubuntu.com/  and paste it and submit. 















Importing a public key 







A public key may be added to your public keyring with the
--import option.You need to copy the public key from http://keyserver.ubuntu.com/ and save it in a plain text.Use the command line to import the public key. For example if you need abc 's public key use abc's id to get the public key. 






gpg –import Filename

eg: gpg --import abcpublickey


 



To see the list of public keys use






xyz% gpg --list-keys
/users/xyz/.gnupg/pubring.gpg
---------------------------------------
pub  1024D/BB7576AC 2013-01-07 xyz(testing)  <xyz@gmail.com>
sub  1024g/78E9A8FA 2013-01-07

pub  1024D/9E98BC16 2013-01-07 abcpublickey (Executioner) <abc@gmail.com>
sub  1024g/5C8CBD41 2013-01-07



 Encryption and Decryption











To encrypt a document the option 
--encrypt is used.
You must have the public keys of the intended recipients. Use the command line to encrypt and send the asc file to the recipient.






gpg --recipient abc@gmail.com --armor --encrypt test-file











To decrypt use the command. 










$ gpg --decrypt test-file.asc


 



abc uses his private key to decrypt the file 











Adding photo to the public key



 



A photo ID attached to a public key can help
other users to identify the owner of the key. To add a photo ID to your own
public key, use the command "gpg --edit-key <name>" and then
enter "addphoto". GnuPG will ask for the filename of a suitable
JPEG.







For example 







xyz:~$ gpg --list-keys
/home/xyz/.gnupg/pubring.gpg
--------------------------------
pub   2048R/BC29E290 2013-01-07 [expires: 2014-01-07]
uid                  xyz (testing) <xyz@gmail.com>
sub   2048R/E78C832F 2013-01-07 [expires: 2014-01-07]

pub   2048R/652D1453 2013-01-07 [expires: 2014-01-07]
uid                  abc <twintuh@gmail.com>
sub   2048R/7237282A 2013-01-07 [expires: 2014-01-07]
 



xyz~$ gpg --edit-key BC29E290
gpg (GnuPG) 1.4.11; Copyright (C) 2010 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  2048R/BC29E290  created: 2013-01-07  expires: 2014-01-07  usage: SC  
                     trust: ultimate      validity: ultimate
sub  2048R/E78C832F  created: 2013-01-07  expires: 2014-01-07  usage: E   
[ultimate] (1). xyz (testing) <xyz@gmail.com>

gpg> addphoto 

Pick an image to use for your photo ID.  The image must be a JPEG file.
Remember that the image is stored within your public key.  If you use a
very large picture, your key will become very large as well!
Keeping the image close to 240x288 is a good size to use.

Enter JPEG filename for photo ID: XYZ.JPG
This JPEG is really large (8978 bytes) !
Are you sure you want to use it? (y/N) y
Is this photo correct (y/N/q)? y

You need a passphrase to unlock the secret key for
user: "xyz(testing) <xyz@gmail.com>"
2048-bit RSA key, ID BC29E290, created 2013-01-07


pub  2048R/BC29E290  created: 2013-01-07  expires: 2014-01-07  usage: SC  
                     trust: ultimate      validity: ultimate
sub  2048R/E78C832F  created: 2013-01-07  expires: 2014-01-07  usage: E   
[ultimate] (1). xyz (testing) <xyz@gmail.com>
[ unknown] (2)  [jpeg image of size 8978] 







Signing public keys



 



To sign a public key using GnuPG, you can use the command





gpg --sign-key <name>





where <name> is the user ID of the key.Then you sign the public key with your passphrase .







Signing a file in clear text using the secret key 



 



Signing can be done using the command --clearsign.Then you will be asked to provide the passphrase to sign the file.


  


xyz% gpg --clearsign doc

You need a passphrase to unlock the secret key for
user: "xyz (testing) <xyz@gmail.com>"
1024-bit DSA key, ID BB7576AC, created 2013-01-04

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[...]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.7 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjdYCQoACgkQJ9S6ULt1dqz6IwCfQ7wP6i/i8HhbcOSKF4ELyQB1
oCoAoOuqpRqEzr4kOkQqHRLE/b8/Rw2k
=y6kj
-----END PGP SIGNATURE-----











 





 














 


















Posted by



at





No comments:
  


































        

      









Subscribe to:
Posts (Atom)