Posts

Showing posts from 2005

Backing up Windows machines using rsync and ssh

As all other unix tricks this is also the result of laziness and the need. I wanted to backup data on my windows laptop to a central linux/unix server. I didn't want all the features of available expensive backup solutions. Just a simple updated copy of my data on a central machine which is backed up to the tape daily. rsync is known for fast incremental transfer and was an obvious choice for the purpose. We have a unix machine at our workplace which has a directory structure /backup/username allocated for backing up user data. rsync has a client/server architecture, where rsync client talks to an rsync daemon at the server side (This statement may not be completely true. I am not sure and don't care also. You can refer to rsync manpage for complete discussion over rsync.). rsync client can connect to rsync server directly or through other remote transport programs like rsh, ssh etc. I decided to use ssh for transport for security and simplicity. To read further, click on a...

Continuing disrupted file transfer: magic of dd and netcat

We had a problem last week. DBA team wanted to clone QA database from the export backup of production database. A usual activity in DBA world, I guess. Our production and qa systems are at different sites and we were facing some WAN issues resulting in very slow file transfer. Export backup consisted of one file of size 3.8 GB. Our offshore DBA started file transfer at 3 AM EDT. By 8 PM in the evening, almost 3.3 GB had been copied. I know it's a long long time. But, WAN was really slow because of some third-party issues. And just then network team started working on the issue (with no prior notification to us of course). You can imagine what would have happened after that. Yes, connection was broken and solaris 8 ftp server doesn't support 'restart'. Knowing that ftp copies file sequentially, I was pretty much confident that there must be some way to continue with that 3.3 GB file. My acquaintance with dd and nc came to rescue. This is how I did it- Problem: There is a...

Defeating Firewalls: Sneaking Into Office Computers From Home

Image
How-to Get Into Your Office Computer From Home (..without using VPN) Greetings, Ok guys. Last paper went well. Here is the new paper from me. This paper shows how easily you can ridicule the firewalls of your company. In this paper, I discuss a technique to get into your office computer using ssh tunneling and some other cool tricks. You don't need anything much to implement this, not even an open port on the firewall. All you need from your company is the http(s) proxy which most of the companies do provide. Here is the problem scenario - "You work with a company 'XYZ'. At office, you cannot access internet directly and you 'browse' internet using HTTP(S) proxy. Back at home, you have an internet connection. You want to access the office computer from home, but you don't have the VPN access." How do you do that? Read the paper for the solution. Disclaimer: Please use your brain before using this technique. You can be kicked out by your emplo...

Updates on last paper - "Sniffing in a Switched Network"

Greetings everyone, I got some good response to my paper - " Sniffing in a switched network ". Here is a little update. It got published on infosecwriters.com and astalavista security group's website: http://www.infosecwriters.com/texts.php?op=display&id=298 http://www.astalavista.com/index.php?section=directory&linkid=4433 Jerome Athias (of http://wired.s6n.com/files/jathias/ ) liked it and did the nice work of translating it in French. You can find it's french translation here: Sniffing in a switched network (in French) Thank you for the support guys! This is definitely encouraging. --------------------------------------------------- Further Updates. Dated: Aug 2, 2005 Appeared on digg.com homepage: http://digg.com/security/Sniffing_in_a_Switched_Network ---------------------------------------------------- Cheers, Manu --------- Manu Garg http://www.manugarg.com "Truth will set you free!"

Sniffing in a Switched Network

Many of us know that sniffing is possible in a shared i.e. non-switched ethernet environment. But only few of us know that sniffing is also possible in a switched ethernet environment. One of the reasons is that it's not that straighforward. But it's not impossible or difficult. You can use man in the middle technique like ARP spoofing to sniff in a switched environment. This presentation is an attempt to explain how can somebody sniff in a switched ethernet using ARP spoofing. Dsniff has existed for long as a tool for various sniffing activities. But recently, tools like EttercapNG have made it easier. Presentation: Sniffing in a Switched Network (PDF format) Sniffing in a Switched Network (Microsoft PPT) Cheers, -Manu ---------------- Manu Garg http://www.manugarg.com "Truth will set you free!" Technorati tags: security hacking networking sniffing Digg this ; Post to del.icio.us