Archives

All posts for the month September, 2009

Send mail via telnet / test for open relay

Published September 22, 2009 by Siva

First, determine the MX for the domain in question:

nslookup
set type=mx
mydomain.com

should return something like:Server: ns2.mydom.com
Address: 192.168.1.254
mydomain.com preference = 10, mail exchanger = mx.mydomain.com
mydomain.com nameserver = ns.mydomain.com
mx.mydomain.com.com internet address = 1.1.1.1
mx2.mydomain.com internet address = 1.1.1.2

The last two lines tell you about the mail server (MX = Mail Exchange). In this case, 1.1.1.1 and 1.1.1.2.

So, armed with this knowledge,

telnet 1.1.1.1 25

Server responds with: 220 mx.mydomain.com SMTP
HELO

Server responds with: 250 OK
MAIL FROM:user@mydomain.com

Server responds with: 250 Address Ok.
RCPT TO:user@otherdomain.com

Server responds with: 250 user@otherdom.com OK
DATA

Server Responds (or may not): 354 Enter Mail
Enter message, then on a new line,
.

exit

The message should now be sent. By modifying the MAIL FROM and RCPT TO lines, you can test for open relay.

Linux find command explain with examples

Published September 22, 2009 by Siva

To find all files ending with .html:

find / -name \*.html -print

The character causes the shell to ignore the following character, in this case an asterisk. To find a file that starts with project:

find / -name project\* -print

Multiple wildcards can be used in the same find command. The following command finds all files with the word maybe in it:

find / -name \*maybe\* -print

The backslash \ character is important. It tells the shell not to treat the wildcard character as a wildcard when interpreting the command line arguments.

To find all empty files on the entire system,

find / -size 0 -print

To find all empty files from the current directory down,

find . -size 0 -print

To find all empty files on the entire system,

find / -size 0 -print

To find all empty files from the current directory down,

find . -size 0 -print

To find all files with zero length and ask if they should be deleted:

find / -size 0 -ok rm {} \;

The backslash \ is important because it tells the shell to ignore the semicolon symbol which usually separates commands on a single command line.

Disable ICMP echo (ping) responses in Linux

Published September 22, 2009 by Siva

Many malicious attacks begin with a ping scan. Disabling ICMP echo requests prevents your system’s discovery with a ping.

As superuser, add the following lines to /etc/sysctl.conf

net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_echo_ignore_all = 1

Then run the following command to cause the change to take effect immediately:

sysctl -p

Crontab – Very Simple – Easy Guide

Published September 9, 2009 by Siva

CronTab

The cron daemon is a long-running process that executes commands at specific dates and times. You can use this to schedule activities, either as one-time events or as recurring tasks.

To schedule one-time only tasks with cron, use at or batch. For more information, see the man pages for at and batch.

For commands that need to be executed repeatedly (e.g., hourly, daily, or weekly), use crontab, which has the following options:

crontab -a filename Install filename as your crontab file. On many systems, this command is executed simply as crontab filename (i.e., without the -a option).
crontab -e Edit your crontab file, or create one if it doesn’t already exist.
crontab -l Display your crontab file.
crontab -r Remove your crontab file.
crontab -v Displays the last time you edited your crontab file. (This option is only available on a few systems.)
crontab -u user Used in conjunction with other options, modify or view the crontab file of user. When available, this option can only be used by administrators.

The crontab command creates a crontab file containing commands and instructions specifying when cron should execute them. Each entry in a crontab file consists of six fields, specifying in the following order:

  minute(s) hour(s) day(s) month(s) weekday(s) command(s)

The fields are separated by spaces or tabs. The first five are integer patterns and the sixth is the command to be executed. The following table briefly describes each of the fields.

Field Value Description
minute 0-59 The exact minute that the command sequence executes
hour 0-23 The hour of the day that the command sequence executes
day 1-31 The day of the month that the command sequence executes
month 1-12 The month of the year that the command sequence executes
weekday 0-6 The day of the week that the command sequence executes. Sunday=0, Monday = 1, Tuesday = 2, and so forth.
command Special The complete sequence of commands to be executed. The command string must conform to Bourne shell syntax. Commands, executables (such as scripts), or combinations are acceptable.

Each of the patterns from the first five fields may be either an asterisk (meaning all legal values) or a list of elements separated by commas. An element is either a number or an inclusive range, indicated by two numbers separated by a minus sign (10-12). You can specify days with two fields: day of the month and day of the week. If you specify both of them as a list of elements, cron will observe both of them. For example:

  0 0 1,15 * 1 /mydir/myprogram

The cron daemon would run the program myprogram in the mydir directory on the first and fifteenth of each month, as well as on every Monday. To specify days by only one field, the other field should be set to *. For example:

  0 0 * * 1 /mydir/myprogram

The program would then only run on Mondays.

If a cron job specified in your crontab entry produces any error messages when it runs, you will get a mail message reporting the errors.

For more information, consult the following relevant man pages:

  man crontab man cron man at man batch

Note: On some systems, you must get permission from the system administrator before you can submit job requests to cron. On many shared systems, because there is only one crontab file, only the administrator has access to the crontab command.

How to limit mail attachment size for Sendmail

Published September 8, 2009 by Siva

This little document is going to briefly show how to limit the size of incoming mail attachments. In order to this you are going to have to be familiar with Vi editing (see Basic Vi editing for an introduction).

First off telnet on to your mail server and log on as root or su. Next change to /etc directory. In that directory you should find a file called sendmail.cf (if you can’t find it, try typing whereis sendmail.cf, this should return a list of files with the word sendmail in it and hence you should be able to locate it that way). Prior to editing it, make a backup copy of it. Now you can type vi sendmail.cf.

Now scroll down this file until you find an entry that looks something like this:
# maximum message size
# 0 MaxMessageSize=1000000
In order to limit the size of messages simply uncomment the last line so that it reads:
0 MaxMessageSize=1000000
Furthermore you can specify the maximum message size by editing the value bit. Once done, save the changes and exit.

The final step involves stopping and restarting the server so that the changes can take effect (check your /etc/rc.d/init.d/ directory).

Recovering forgotten Windows XP administrator Password

Published September 2, 2009 by Siva

Please Do the Following steps for Reseting administrator password in Win Xp

1. Place your Windows XP CD in your cd-rom and start your computer (it’s assumed here that your XP CD is bootable – as it should be – and that you have your bios set to boot from CD)

2. Keep your eye on the screen messages for booting to your cd Typically, it will be “Press any key to boot from cd”

3. Once you get in, the first screen will indicate that Setup is inspecting your system and loading files.

4. When you get to the Welcome to Setup screen, press ENTER to Setup Windows now

5. The Licensing Agreement comes next – Press F8 to accept it.

6. The next screen is the Setup screen which gives you the option to do a Repair.

It should read something like “If one of the following Windows XP installations is damaged, Setup can try to repair it”

Use the up and down arrow keys to select your XP installation (if you only have one, it should already be selected) and press R to begin the Repair process.

7. Let the Repair run. Setup will now check your disks and then start copying files which can take several minutes.

8. Shortly after the Copying Files stage, you will be required to reboot. (this will happen automatically – you will see a progress bar stating “Your computer will reboot in 15 seconds”

9. During the reboot, do not make the mistake of “pressing any key” to boot from the CD again! Setup will resume automatically with the standard billboard screens and you will noticeInstalling Windows is highlighted.

10. Keep your eye on the lower left hand side of the screen and when you see the Installing Devices progress bar, press SHIFT + F10. This is the security hole! A command console will now open up giving you the potential for wide access to your system.

11. At the prompt, type NUSRMGR.CPL and press Enter. Voila! You have just gained graphical access to your User Accounts in the Control Panel.

12. Now simply pick the account you need to change and remove or change your password as you prefer. If you want to log on without having to enter your new password, you can typecontrol userpasswords2 at the prompt and choose to log on without being asked for password. After you’ve made your changes close the windows, exit the command box and continue on with the Repair (have your Product key handy).

13. Once the Repair is done, you will be able to log on with your new password (or without a password if you chose not to use one or if you chose not to be asked for a password). Your programs and personalized settings should remain intact.