I am working for a company that is providing File-Share-Software for all sorts of Protocols such as FTP, SFTP, FTPS and so on. One of our customers is facing an issue with Key-Auth and spontaneously login-problems.
Going trough the code I am pretty certain that the server collapses with too many requests at the same time. What I need right now is a simple tool to test a situation just like this. I need a simple SFTP-Fuzzer or Stresser, sending invalid or broken Auth-Attempts to the SFTP-Server.
I am not a developer but a technician and instead of writing something myself (which would take forever) I would love to have a simple script or toolset to go...if there is one.
Ok, found one faster than I thought.
Steps:
Download Kali Linux (or any Distro that contains Metasploit)
Fire up Kali Linux and put it in the same subnet as your SFTP-Server
Start Metasploit and use the SSH-Fuzzer /auxiliary/fuzzer/ssh/ssh_version_2
Set RHOST and RPORT to the relevant IP and port your server is listening to
Exploit and see what will happen
As you may assume I need a little assistance here.
I have four routers (TP-Link WDR3600) that I need to use to create an Ad-Hoc network. Currently I am only dealing with two of the four routers for simplicity. All of the routers have OpenWRT Chaos Calmer 15.05 OS installed on them and all of them are running the OLSR routing protocol. My question is super simple but the answer eludes me and I would love some direction on the matter.
How do I get these two (and eventually four) routers to talk to each other using HNA (Host and Network Association) and the setup specified above?
Edit: they need to be connected to each other wirelessly too. End edit.
I have followed this specific guide to the T but as soon as it gets to "HOW TO Step 4" the guide breaks down in terms of application because the file they point to (/etc/olsrd.conf) does not exist in my setup. When continuing anyway and running "olsrd start" it spits out: Notice how it says "Could not find specific config file /etc/olsrd/olsrd.conf" and how that differs from earlier when it asked me to modify "/etc/olsrd.conf"
In addition, the folder "/etc/olsrd" also does not exist in case you are wondering. I'm at a loss regarding this. Does anybody have any input on the matter? I'm certain that I'm missing something simple.
Thanks in advance.
I had to create /etc/olsrd.conf using the template provided and uncomment the third line of /etc/config/olsrd. I would also recommend installing olsrd-mod-httpinfo using opkg like he recommends.
One thing I noticed is that he never specifies giving the wireless interface (wlan0 in my case) an IP address to communicate with the mesh. Since I believe that is required, I had to use LuCI to give the interface an IP. I think I have my setup working but I am trying to get my new OpenWRT node to communicate with my previous DD-WRT nodes right now. Might just have to change them all to OpenWRT since it offers more "customization" due to it's bare-bones type configuration.
Can you try to run :
/usr/sbin/olsrd -d -f /etc/olsrd.conf
So, I've taken a handful of programming courses(object-oriented, web) but never had "hands-on" projects where it's outside of coding.
Now I'm trying to figure out what these SSH stuff is about, I can't even figure out which client to use, so picked filezilla for now.
My question is, where can I read more about these terms like ports, and whatnots, in a way so I'm not learning aimlessly.
Thanks!
Basically, SSH is a way to command another computer exactly what to do over the Internet. You can execute any commend the remote system has, and your user has permission for.
The Internet
The Internet runs on a series of protocols collectively named TCP/IP. TCP/IP defines a way to find and address individual computers (IP) and a way to communicate between them (TCP).
You can think of computers on the Internet as a large collection of office buildings all close together. Each office has the exact same number of windows: 65535. Offices (computers) communicate by stringing channels between windows (ports). Each channel has two ends, called sockets. Each socket is associated with a port on the respective computer. We send data back and forth, and then the connection is closed.
Client/Server
There are two types of computers on the Internet: clients, and servers. Clients request information, and servers provide it. Ports 1-1024 are reserved for servers, 1 port per protocol. The full list is here, and as you can see, it is not without contention.
Let's say you visit a website
Your browser, the client program, sees that you typed "stackoverflow.com", and using DNS, discovers that stackoverflow.com is computer number 64.34.119.12. This is it's IP address. It allows your computer to find the network stackoverflow.com is located in, route to it, and establish a connection to the Stack Overflow web server. The web server is a program that accepts client requests from a browser like yours.
They speak in a protocol called HTTP - it allows your browser to request a page determined by a URL. The server sees the request, runs a program to construct a web page (or retrieves an HTML file, image, or any other file), and sends the result back to the browser. Port 80 has been reserved for HTTP. That means, your computer chooses a random port to connect from, and connects to port #80 on the server.
Unix and the shell
The majority of the Web (The Internet, even) runs on an OS called Linux (a Unix variant), instead of something like Windows. Unix systems possess a command-line interface, running a program called a "shell", which is a direct interface to the system. The shell accepts input, one command at a time. You type text in, and it spits out the out put of the command.
Secure Shell
SSH allows you to do this securely. All data traffic is encrypted using a well-studied published "public-key" cryptographic system. (In fact, it was major news when a vulnerability was discovered in a supporting encryption scheme, see these advisories).
SSH is a protocol commonly running on port 22. Anyone with a computer on the Internet (not behind a firewall) can run an SSH server, and allow users to connect to it and execute commands.
The majority of systems administrators and software developers using Unix on the server use SSH to configure, control, and upload programs to that server (located in some data center somewhere).
More
There are many many more details to all of this. Any term or acronym above can be typed into Wikipedia for pretty comprehensive information. There are plenty of books on Unix, Networking, and Web programming.
SSH is originally a secured replacement for telnet. The need for SSH arose from the fact that telnet does not support encryption and therefore everything (commands, output and password) was plainly visible on the network for all to see.
Because in the beginning SSH encryption (based on key exchange) was supposed to be strong (and it was indeed a marked improvement), and was open source, it took off rapidly and several extensions to the protocol were added, especially in the domain of remote file manageent and transfer.
In addition, SSH is used in tunelling and port forwarding configurations.
In the domain of file copy there are several options.
SCP: cp (copy). Inspired by rcp, an early file transfer extension to ssh.
SFTP: SSH File Transfer Protocol, a newer SSH extension to support File copy and browsing (but not really like FTP with 2 ports). It is more feature rich than both scp and ftp. Think of it as a remote file system protocol (however, however somewhat slower than scp).
FTPS: FTP over TLS/SSL. Needs 2 ports like ftp, one for command and one for data. Both connections can be encrypted.
Secure FTP. Real FTP tunelled over SSH.
The site to which you will need to connect probably offers SFTP. You just need to declare the remote server connection configuration in Filezilla site manager. You will need to provide the server ip address or name, the SSH server port, usually 22 but there are other possibilities (you should have been provided with this info) and select sftp as server type). When the connection is established, accept the public key and that should be it.
You can then drop your devs on the remote server.
OS choice
You shall first make a kind of choice between 2 worlds (MS or Linux).
Provided that the Linux community is somehow significantly less reluctant to share explanations. Also you will loose less time by choosing one or the other one, avoiding to wonder the same questions twice, with different answers depending on which OS you chose.
I experienced both, starting to search for solutions in the MS world, that I knew. Big mistake, loss of time. Then I changed, too late, to the Linux world. So I would advice to go straight to the linux OS for learning. Really many distributions for this. I would advice Debian (opened, user friendly, simple, safe, huge community) but you'll get as many proposals as there are admin.
OS understanding
http://www.linuxfromscratch.org/lfs/
http://www.ibm.com/developerworks/library/l-bash.html
http://tldp.org/LDP/abs/html/
Specific Questions about SSH
It depends a lot on the system you will choose but you could easily build a small client and a small server, then configure both and use ssh. Your 2 servers could even be hosted on the same machine, locally if you wish. Then you will learn how to set up the ssh-client side (often called ssh_config) and the ssh server side (often named sshd_config, with "d" standing for daemon).
Here you can find explanations about ssh for both worlds :
http://support.suso.com/supki/SSH_Tutorial_for_Linux
Some keywords for your google searches
List_of_TCP_and_UDP_port_numbers
ssh-keygen : encrypted keys (private/public),
ssh-add ssh agent
Gentoo keychain
and later but soon if you administrate your server on your own
The two main ones :
1) iptables
You may start with this and then go further with that one
2) fail2ban
this is a complement tool for which you'll find easily plenty of docs
...
Have fun :-)
EDIT: you can easily experience a Linux machine hosted in a windows OS, using virtualization (virtualbox, vm-ware..). It's a safe start and offer a good payback for this time investment. It would allow you to host as many machines (for example one linux server and one linux client) as you wish, in the limits of your HD room.
I assume you need to learn shell scripting. I recommend this book.
Filezilla is a FTP client. Try Putty - free SSH Client. And of course you need Linux server.
If you want to learn about SSH in depth then may I advise you this book SSH: The Secure Shell The Definitive Guide
See here for more info: http://www.snailbook.com/
I've read the book and learned really a lot. It teaches you all about setting up servers, clients, key agents and various (practical) applications.
i want to read MAC address of machine from Adobe AIR. I am using flex 3 and AIR 2.
how can i do this
the main purpose is i want to install that product in only one machine
var ni:NetworkInfo = NetworkInfo.networkInfo;
var interfaceVector:Vector.<NetworkInterface> = ni.findInterfaces();
Taken from the Network Info sample in the desktop version of Tour de Flex.
As far as I can tell, you cannot do it with Flex/AIR alone - you can however use the NativeProcess API to communicate with a Java/C program that can do this for you.
If you want to limit your application to just one machine, why don't you just install it manually without giving away the setup file - is it a remote machine? Even in that case you should be able to do a remote installation, right?
The answer "track the combination of IP address and user ID" won't satisfy my (very similar) needs. If the (laptop) computer is moved across WiFi domains, its IP address will change. If the computer is on a commerical IP provider, the IP address can often change without warning or notice.
My users don't want to deal with such problems. They don't even want to know that these problems exist!
The binding of MAC address and user ID can be done at installation time. It's not perfect, but it's pretty good.
Of course what we need is an implementation of public-private key...
Oz
I am presently running several websites and a mail server from my home network. I have a business DSL account with 8 public IP addresses (1 by itself, and 7 in a block). To handle routing/firewall/gateway, I am presently using RRAS, DNS, & DHCP from Windows 2003 running on a ancient (circa 2001) PC -- which I suspect is going to fail any time now.
What I would like to do is replace that with a simple router. Have a consumer model LinkSys Wifi-router, which I'm presently just using as an access point (don't have the model number handy, but it's one of their standard models). It seems to be able to handle all the NAT/firewall/DHCP tasks -- except for handling routing the multiple public addresses. (e.g., I need x.x.x.123, port 21 getting to one machine, but port 80 of x.x.x.123 & x.x.x.124 to going to another, and x.x.x.123, port 5000 to still another etc).
So my questions are:
Can this be done with standard Linksys router, which they just don't explain in the consumer manual?
Can this be done ... if I replace the firmware with a community/OS version (and if so, which one?)
If neither of the above, can someone recommend a profession router (preferably with wifi) that does do this, which is close to a consumer level price point.
Alternately, is there a reliable OS/3rd party replacement to RRAS which handles this (since RRAS is the part causing the most trouble)
Alternate-Alternately, can someone point to a VERY simple HOWTO to doing this (ie. follow these steps and forget about it), to installing a LINUX system to do this) (since I assume I can run Linux longer on the old machine)?
This can't be done on a Linksys router with stock firmware. It can be done if you load a third-party firmware, but there's no GUI (afaik) to accomplish it, so you'll be hacking system shell scripts which is pretty hairy. I would recommend getting a low-power or older PC and installing PFSense.
PFSense is an open-source router appliance OS distribution with a very easy to use web front end.
Install DD-wrt On your linksys box. I believe this will have everything you need link text