Feeds:
Posts
Comments

Archive for October, 2007

What is NTFS?

NTFS is Windows NT File System format. It has more performance, reliability, and compatibility not found in the FAT file system. For default, Ubuntu doesn’t support NTFS format.

 

How can I write on NTFS format disks?

If you are using Ubuntu Feisty (7.04), you can’t read or write on NTFS format. You have to download the additional package for this function. These installation packages are ‘ntfs-3g‘ and ‘ntfs-config‘.

 

taufanlubis@zyrex:~$ sudo apt-get install ntfs-3g ntfs-config

Reading package lists… Done

Building dependency tree

Reading state information… Done

The following extra packages will be installed:

fuse-utils

The following NEW packages will be installed:

fuse-utils ntfs-3g ntfs-config

0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.

Need to get 146kB of archives.

After unpacking 754kB of additional disk space will be used.

Do you want to continue [Y/n]? y

Get:1 http://archive.ubuntu.com feisty/main fuse-utils 2.6.3-1ubuntu2 [77.4kB]

Get:2 http://archive.ubuntu.com feisty/universe ntfs-3g 1:1.328-1 [25.9kB]

Get:3 http://archive.ubuntu.com feisty/universe ntfs-config 0.5.5-0ubuntu1 [42.5kB]

Fetched 146kB in 3s (47.4kB/s)

Selecting previously deselected package fuse-utils.

(Reading database … 155099 files and directories currently installed.)

Unpacking fuse-utils (from …/fuse-utils_2.6.3-1ubuntu2_i386.deb) …

Setting up fuse-utils (2.6.3-1ubuntu2) …

creating fuse device node…

udev active, devices will be created in /dev/.static/dev/

creating fuse group…

 

Selecting previously deselected package ntfs-3g.

(Reading database … 155118 files and directories currently installed.)

Unpacking ntfs-3g (from …/ntfs-3g_1%3a1.328-1_i386.deb) …

Selecting previously deselected package ntfs-config.

Unpacking ntfs-config (from …/ntfs-config_0.5.5-0ubuntu1_i386.deb) …

Setting up ntfs-3g (1.328-1) …

Setting ntfs-3g suid root with group fuse…done

Users from ‘fuse’ group can now mount NTFS volume.

 

Setting up ntfs-config (0.5.5-0ubuntu1) …

taufanlubis@zyrex:~$

After the installation process is done, a setting menu will occur. You can choose to enable the ‘write’ function.

 

You can change the configuration from ‘ntfs-config’ screen.

Open menu ‘Application > System Tools > NTFS Configuration Tool‘.

After ‘ntfs-config’ screen is displayed, select partition that you want to configure and click on ‘Apply‘.

 

Then when NTFS write support configuration tool displayed, choose both ‘Enable write support for internal device‘ and ‘Disable write support for external device‘.

 

ATENTION:

Enable write support for internal device

You will be able to write data on NTFS format disk (internal hard disk and shared data in windows network).

 

Disable write support for external device

If you enable it, sometimes your USB External Hard disk will not be recognized by Ubuntu. Actually, this is the problem that I got in the moment (I use external HD Maxtor One Touch 100GB). When I wrote this article, I haven’t do googling yet to find the solution. So, please write comments if you find the solution earlier than me.

 

 

 

Read Full Post »

Samba Server part 2 # 2

Practice 4: Primary Domain Controller (Provide center Authorization and Authentication for directories)

Samba can act as Domain Controller. It will centralize the Authorization and Authentication services.

 

taufanlubis@zyrex:~$ sudo gedit /etc/samba/smb.conf

 

[global]

workgroup = UbuntuWorkgroup

netbios name = UbuntuZyrex

server string = UbuntuZyrexServer

hosts allow = 192.168.0.0/24 127.

hosts deny = ALL

log file = /var/log/samba/log.%m

dns proxy = no

max log size = 1000

syslog = 0

obey pam restrictions = yes

domain logons = yes

domain master = auto

wins support = no

logon path = \\%N\%U\profile

logon home = \\%N\%U

logon script = logon.cmd

socket options = TCP_NODELAY

 

[sharing_data]

path = /home/sharing_data/

comment = Taufan Sharing Folder at Ubuntu

public = yes

encrypt passwords = no

security = share

read only = yes

browseable = yes

directory mask = 0700

create mask = 0600

 

[Amanda]

path = /home/amanda/

comment = Angela Folder at Ubuntu

public = no

read only = no

encrypt passwords = yes

browseable = yes

security = user

valid users = amanda, alice, mark, taufanlubis, nadine

force user = amanda

force group = amanda

 

[netlogon]

comment = Network Logon Service

path = /home/samba/netlogon

guest ok = yes

writable = no

share modes = no

 

[profiles]

comment = Users profiles

path = /home/samba/profiles

guest ok = no

browseable = no

create mask = 0600

directory mask = 0700

 

[printers]

comment = All Printers

load printers = yes

printing = cups

printcap name = cups

browseable = no

path = /var/spool/samba

printable = yes

public = no

writable = no

create mode = 0700

 

[print$]

comment = Printer Drivers

path = /var/lib/samba/printers

browseable = yes

read only = yes

guest ok = no

 

[cdrom]

comment = Samba server’s CD-ROM

writable = no

locking = no

path = /cdrom

public = yes

#printer

load printers = yes

printing = cups

printcap name = cups

 

taufanlubis@zyrex:~$

 

If you have clients that still use Windows, you have to set the ‘encrypt passwords = no’ because Windows only can access the plain password from Samba Server. That’s why, I put the encrypt password into different share-directories.

If it’s accessed by Linux the I set encrypt passwords = yes and it’s accessed by Windows Clients then I set encrypt passwords = no.

 

Now, let’s check our configuration.

taufanlubis@zyrex:~$ sudo smbclient -L 192.168.0.2

Password:

session setup failed: NT_STATUS_LOGON_FAILURE

taufanlubis@zyrex:~$

When you use smbclient, just don’t put ‘sudo’, it will create an error like above. Now, I repeat the command without ‘sudo‘. This command is used to check sharing directories in Samba Servers.

taufanlubis@zyrex:~$ smbclient -L 192.168.0.2

Password:

Domain=[UBUNTUWORKGROUP] OS=[Unix] Server=[Samba 3.0.26a]

 

Sharename Type Comment

——— —- ——-

sharing_data Disk Taufan Sharing Folder at Ubuntu

Amanda Disk Angela Folder at Ubuntu

netlogon Disk Network Logon Service

print$ Disk Printer Drivers

cdrom Disk Samba server’s CD-ROM

IPC$ IPC IPC Service (UbuntuZyrexServer)

PDF Printer PDF

LX-1050 Printer LX-1050

Laserjet1320 Printer Laserjet1320

Domain=[UBUNTUWORKGROUP] OS=[Unix] Server=[Samba 3.0.26a]

 

Server Comment

——— ——-

UBUNTUZYREX UbuntuZyrexServer

 

Workgroup Master

——— ——-

UBUNTUWORKGROUP UBUNTUZYREX

taufanlubis@zyrex:~$

What is smbclient?

Smbclient is almost the like ftp program. It’s used to access SMB resources on the servers.

 

Connect to your directory using smbclient

After you are connected, you can browse, add, delete files or directories. Of course, it will be depended on your access level. You can use common Linux command line, such as cp, mv, mkdir, rm, rmdir, ls etc..

taufanlubis@zyrex:~$ smbclient -U amanda //192.168.0.2/amanda

Password:

Domain=[UBUNTUZYREX] OS=[Unix] Server=[Samba 3.0.26a]

smb: \> ls

. D 0 Mon Oct 22 08:49:20 2007

.. D 0 Mon Oct 22 08:51:01 2007

pictures D 0 Mon Oct 22 08:49:20 2007

.profile H 566 Mon Oct 22 08:48:42 2007

Examples D 0 Sun Apr 15 18:52:21 2007

Tekken.jpg A 61344 Mon Oct 22 08:49:00 2007

.bash_logout H 220 Mon Oct 22 08:48:42 2007

.bashrc H 2298 Mon Oct 22 08:48:42 2007

 

48209 blocks of size 262144. 15950 blocks available

smb: \> cd pictures/

smb: \pictures\> ls

. D 0 Mon Oct 22 08:49:20 2007

.. D 0 Mon Oct 22 08:49:20 2007

Robot.jpg A 87919 Mon Oct 22 08:49:21 2007

 

48209 blocks of size 262144. 15950 blocks available

smb: \pictures\> cd ..

smb: \>

smb: \> exit

taufanlubis@zyrex:~$

 

Well, you’ve done the 4 practices. Now, we can go further with our lesson.

 

 

Firewall and Security

Samba need port 137 and 139 for the connection. If you are using Firewall application (Such as Firestarter, smoothwall or others), please make sure that you enable this port. Usually, every firewall applications block these ports as a default. If you are using Iptables and you want to open this ports, you can see my article about setting ports using Iptables.

 

Starting Samba when the machine boot

You set the Samba server to run automatically when the system booting. (see my articles about Run Level)

taufanlubis@zyrex:~$ sudo update-rc.d samba defaults

Adjust the configuration file to your need

For example, you want to create a directory for training_modules and only 5 persons can access and modify that directory. First you create the training_modules directory, Second add the configuration at smb.conf and restart the Samba Server and the Third, don’t forget to add the user to Samba Server User List (Practice 3, part 2).

 

[Training_modules]

path = /home/training_modules/

comment = Training_modules directory at Ubuntu

public = no

read only = no

browseable = yes

security = user

valid users = amanda, alice, mark, taufanlubis, nadine

force user = training_modules

force group = training_modules

 

 

Read Full Post »

The current version of free Virtual Box still doesn’t give a support for access your USB. But you can make a trick. Just use the ‘Shared Folder’ to mount your USB to your VirtualBox.

So, you can access the USB from both your Ubuntu and your other OS in the VirtualBox at the same time.

Step 1. Mount your USB to Virtual Box ‘Shared Folder’

usbvirtualbox.png

Step 2. Access the USB drive from your Virtual Box

usbinvirtualbox2.png

 

Read Full Post »

If you are searching a good tool to download videos from YouTube, I think PyTube will be suitable to your expectation. You can convert the videos directly to various selected formats.

What you need to run PyTube?

PyTube need GTK+ version 2.12.x to run.

Plus, few dependencies, which are:

  • ffmpeg2theora

  • vorbis-tools

  • mplayer

  • mencoder

  • youtube-dl

GTK+2.0

PyGTK 2

Notify Python

Zenity

But, don’t worry, you don’t have to think about that stuff.

 

Step 1. Download the package

What you have to do is just download the package program from: http://www.gnomefiles.org/app.php?soft_id=2172

For Ubuntu users, choose file: pytube_0.0.8.1-1_all.deb.

 

Step 2. Install the package

taufanlubis@zyrex:/media/hda5/Linux Download$ sudo dpkg -i pytube_0.0.8.1-1_all.deb

Selecting previously deselected package pytube.

(Reading database … 179818 files and directories currently installed.)

Unpacking pytube (from pytube_0.0.8.1-1_all.deb) …

dpkg: dependency problems prevent configuration of pytube:

pytube depends on ffmpeg2theora; however:

Package ffmpeg2theora is not installed.

pytube depends on vorbis-tools; however:

Package vorbis-tools is not installed.

pytube depends on mplayer; however:

Package mplayer is not installed.

pytube depends on mencoder; however:

Package mencoder is not installed.

pytube depends on youtube-dl; however:

Package youtube-dl is not installed.

dpkg: error processing pytube (–install):

dependency problems – leaving unconfigured

Errors were encountered while processing:

pytube

taufanlubis@zyrex:/media/hda5/Linux Download$

 

Just ignore that error and continue our process.

Add option ‘-f’, it will attempt to continue the process if the integrity check fails .

taufanlubis@zyrex:~$ sudo apt-get -f install

Reading package lists… Done

Building dependency tree

Reading state information… Done

Correcting dependencies… Done

The following extra packages will be installed:

ffmpeg2theora mencoder mplayer mplayer-skins vorbis-tools youtube-dl

Suggested packages:

w32codecs libdvdcss mplayer-doc ladspa-sdk

The following NEW packages will be installed:

ffmpeg2theora mencoder mplayer mplayer-skins vorbis-tools youtube-dl

0 upgraded, 6 newly installed, 0 to remove and 2 not upgraded.

1 not fully installed or removed.

Need to get 7425kB of archives.

After unpacking 19.1MB of additional disk space will be used.

Do you want to continue [Y/n]? y

Get:1 http://archive.ubuntu.com gutsy/universe ffmpeg2theora 0.19-1 [25.5kB]

Get:2 http://archive.ubuntu.com gutsy/main vorbis-tools 1.1.1-13build1 [99.3kB]

Get:3 http://archive.ubuntu.com gutsy/multiverse mplayer-skins 2-7 [70.3kB]

Get:4 http://archive.ubuntu.com gutsy/multiverse mplayer 2:1.0~rc1-0ubuntu13 [3866kB]

Get:5 http://archive.ubuntu.com gutsy/multiverse mencoder 2:1.0~rc1-0ubuntu13 [3356kB]

Get:6 http://archive.ubuntu.com gutsy/universe youtube-dl 2007.08.24-1 [7926B]

Fetched 7425kB in 1m2s (118kB/s)

Selecting previously deselected package ffmpeg2theora.

(Reading database … 179836 files and directories currently installed.)

Unpacking ffmpeg2theora (from …/ffmpeg2theora_0.19-1_i386.deb) …

Selecting previously deselected package vorbis-tools.

Unpacking vorbis-tools (from …/vorbis-tools_1.1.1-13build1_i386.deb) …

Selecting previously deselected package mplayer-skins.

Unpacking mplayer-skins (from …/mplayer-skins_2-7_all.deb) …

Selecting previously deselected package mplayer.

Unpacking mplayer (from …/mplayer_2%3a1.0~rc1-0ubuntu13_i386.deb) …

Selecting previously deselected package mencoder.

Unpacking mencoder (from …/mencoder_2%3a1.0~rc1-0ubuntu13_i386.deb) …

Selecting previously deselected package youtube-dl.

Unpacking youtube-dl (from …/youtube-dl_2007.08.24-1_all.deb) …

Setting up ffmpeg2theora (0.19-1) …

Setting up vorbis-tools (1.1.1-13build1) …

 

Setting up mplayer-skins (2-7) …

Setting up mplayer (2:1.0~rc1-0ubuntu13) …

 

Setting up mencoder (2:1.0~rc1-0ubuntu13) …

Setting up youtube-dl (2007.08.24-1) …

Setting up pytube (0.0.8.1-1) …

taufanlubis@zyrex:~$

 

Step 3. Open your PyTube application

After the installation process is completed, PyTube will be placed in ‘Sound & Video’ menu list as default.

Now, Just open Application > Sound & Video > PyTube

 

Step 3. Copy the YouTube video link to PyTube and start to download

Open Webbrowser (Firefox), type: www.youtube.com (note: You must have Flash ready to display the videos).

Choose any video that you want to download.

Copy the link and past into URL video link text box.

Click ‘Save in’ to choose the target directory for downloading

Click ‘Execute’ button to start.

pytube.png

Happy trying….

 

Read Full Post »

Samba Server

Part 1 of 2

What is Samba?

Samba is the same like NFS which is used to share files and printers in Linux. Not like NFS, Samba implements SMB (Server Message Block) network protocol so it can be used for windows networking. In Windows and OS/2, they name it CIFS (Common Internet File System).

Future versions of Samba will incorporate Kerberos support for stronger authentication, as well as better integration with existing Windows. NFS is ‘Native’ to Linux, Solaris and Mac OS and much more to ‘Unix’ way of sharing files. If you want to use NFS, use NFS version 3 or better. NFS version 2 or older will have some issues with file sizes.

It can use to replace a very expensive, unstable Windows servers. Samba can replicate nearly all of Windows Server functionally. It appears in the Network Neighborhood like any other Windows machine and function in the same way. And perhaps, some server on your network right now could be running Samba instead of Windows and no want would ever notice.

 

Why we use Samba?

  • IT’S FREE.

  • The forforming is over Microsoft Windows Server 2000.

  • Reliable. (No malfunctions except if you have problem with the hardware).

  • Relatively easy for administrator.

  • Customizable. (You can set from a simple printer server to complex Windows Domain Contoller).

  • Secure. (No security holes known in current release).

  • Available for many platforms.

  • Integrated into existing network. (Very rare compability problems).

 

Samba consist of 2 main programs:

  • smbd

a server daemon that provides file sharing and printing services to Windows clients

  • nmbd

a server that understands and can reply to Net BIOS over IP name service requests, like those produced by SMB/CIFS clients such as Windows 95/98/ME, Windows NT, Windows 2000, Windows XP and LanManager clients. It also participates in the browsing protocols which make up the Windows “Network Neighborhood” view.

Other additional program are smbclient, smbpasswd etc.

 

There 4 main functions of Samba:

- File service (Sharing Folders with Linux or Windows clients.)

- Printer service (Sharing Printers with Linux or Windows clients. Event you can add a PDF pseudo-printer so all the computers in your network may write PDF files.)

- Authentication and Authorization (Act as a domain controller in Windows network.)

- Name resolution

 

When you don’t need samba?

Access shared folders, drives and printers on Windows computer. Mean you are a client to windows server. You just need a smbfs Plugin.

- Sharing files among Linux, just use NFS service.

- Sharing printer among Linux, just use remote lpd.

- Share you printer on network with Windows computer, just use CUPS.

- Sharing directories between 2 Linux computers, just use NFS or setup a FTP server on one computer and a FTP client to the other computer.

 

If everything, can be done without Samba then why we still need it?

If you have a Linux server with Windows clients and you want them to go to the Authorization process first before they can access your server directories or printers then you need Samba.

 

Step 1. Installing Samba Server

taufanlubis@zyrex:~$ sudo apt-get install samba

Reading package lists… Done

Building dependency tree

Reading state information… Done

samba is already the newest version.

0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

taufanlubis@zyrex:~$

If you have Samba installed already in your system then the message will be same like above.

 

Step 2. Configuring Samba Server and Restart it

 

Always make a back up when you change a configuration file.

taufanlubis@zyrex:~$ cd /etc/samba

taufanlubis@zyrex:/etc/samba$ ls -l

total 28

-rw-r–r– 1 root root 8 2007-02-07 13:38 gdbcommands

-rw-r–r– 1 root root 10533 2007-10-07 20:09 smb.conf

-rw-r–r– 1 root root 4213 2007-08-20 17:28 smb.conf~

 

taufanlubis@zyrex:/etc/samba$ sudo cp smb.conf smb.conf.bak

 

taufanlubis@zyrex:/etc/samba$ ls -l

total 28

-rw-r–r– 1 root root 8 2007-02-07 13:38 gdbcommands

-rw-r–r– 1 root root 10533 2007-10-07 20:09 smb.conf

-rw-r–r– 1 root root 4213 2007-08-20 17:28 smb.conf~

-rw-r–r– 1 root root 10533 2007-08-20 06:16 smb.conf.bak

taufanlubis@zyrex:/etc/samba$

Now you have a back up already, then you can continue to change the smb.conf. Delete all content and replace with the configuration below. I create a simple configuration for our practice.

 

There are few configurations that you can set for Samba:

- Practice 1: Anonymous Read Only File Server (Provide read only directories)

- Practice 2: Anonymous Read Write File Server (Provide read/write directories)

- Practice 3: Restricted File Server (Provide restricted directories)

- Practice 4: Primary Domain Controller (Provide center Authorization and Authentication for directories).

 

Practice 1. Anonymous Read Only File Server (Provide read only directories)

Before we start, better we create a directory for our shared-directory. In this sample, I will put our directory in home/ directory.

taufanlubis@zyrex:~$ cd /home

taufanlubis@zyrex:/home$ sudo mkdir sharing_data

 

Change the permission so it can be read, written and deleted from client computers (only ‘group’ can delete files not everybody(other)).

taufanlubis@zyrex:/home$ sudo chmod uog+r sharing_data

You can copy any data into sharing_data directory for practice.

 

After that, edit samba configuration file, delete the content and replace with our new configuration.

taufanlubis@zyrex:~$ sudo gedit /etc/samba/smb.conf

 

[Global]

workgroup = UbuntuWorkgroup

netbios name = UbuntuZyrex

server string = UbuntuZyrexServer

security = share

hosts allow = 192.168.0.1/24 127.0.0.1

 

[sharing_data]

path = /home/sharing_data

comment = Taufan Sharing directory at Ubuntu

public = yes

read only = yes

browseable = yes

 

Save the file and restart the Samba server.

taufanlubis@zyrex:~$ sudo /etc/init.d/samba restart

* Stopping Samba daemons… [ OK ]

* Starting Samba daemons… [ OK ]

taufanlubis@zyrex:~$

 

To test our practice, connect to Samba server with any web browser using command ‘smb://192.168.0.2‘ (in Linux). When I open my Samba server from OpenSuse10 using Konqueror (you can use any web browser or file manager), I can see the ‘sharing_data’ directory displayed on the screen. I can browse the directory but when I save a file in it, I get a message says ‘Access Denied. Could not write to smb://192.168.0.2/sharing_data/testingfile.odt‘.

Mean, that our configuration is working.

If you can access your ‘sharing_data’ directory mean you’ve completed our first practice.

 

This configuration says that you want to share ‘/home/sharing_data’ directory in the network.

It’s only available from IP addresses 192.168.0.1 to 192.168.0.254.

It is read only but browseable.

Only computers in this IP range can open the directory.

 

Practice 2: Anonymous Read Write File Server (Provide read/write directories)

taufanlubis@zyrex:~$ sudo gedit /etc/samba/smb.conf

 

[Global]

workgroup = UbuntuWorkgroup

netbios name = UbuntuZyrex

server string = UbuntuZyrexServer

security = share

hosts allow = 192.168.0.1/24 127.0.0.1

 

[sharing_data]

path = /home/sharing_data

comment = Taufan Sharing directory at Ubuntu

public = yes

read only = no

browseable = yes

 

This configuration says that you want to share ‘/home/sharing_data’ directory in the network.

It’s only available from IP addresses 192.168.0.1 to 192.168.0.254.

It is writeable and browseable.

Only computers in this IP range can open the directory.

The different with Sample 1 is only change the Read Only in [sharing_data] from ‘yes‘ to ‘no‘.

 

Save the file and restart the Samba server.

taufanlubis@zyrex:~$ sudo /etc/init.d/samba restart

* Stopping Samba daemons… [ OK ]

* Starting Samba daemons… [ OK ]

taufanlubis@zyrex:~$

If you can save a file in this directory, you’ve completed our second practice.

 

Practice 3. Anonymous Read Only File Server (Provide read only directories)

Part 1. Create username and password

First you have to create an account for ‘angela’. It will create an ‘amanda/’ directory in ‘home/’ directory.

Add new account using: System > Administration > Users and Groups

Click ‘Add User

Fill:

User name: amanda

Real Name: Amanda

User Password: ****** (minimum 6 character, in this practice I put 123456)

Confirm Password: ****** (retype the password)

Click ‘OK‘, then close the screen.

 

Check the amanda directory.

taufanlubis@zyrex:~$ cd /home

taufanlubis@zyrex:/home$ ls -l

…….

drwxr-xr-x 2 root root 4096 2007-10-22 07:52 amanda

…….

taufanlubis@zyrex:/home$

Copy some files into home/amanda/ for practice.

 

Part 2. Add the usename into Samba server user List.

Without register to Samba server, amanda will not entitle to access her directory.

taufanlubis@zyrex:~$ sudo smbpasswd -a amanda

[sudo] password for taufanlubis:

New SMB password:

Retype new SMB password:

Added user angela.

taufanlubis@zyrex:~$

 

Part 3. Edit the Samba configuration file for amanda

[global]

workgroup = UbuntuWorkgroup

netbios name = UbuntuZyrex

server string = UbuntuZyrexServer

hosts allow = 192.168.0.0/24 127.

 

[sharing_data]

path = /home/taufanlubis/sharing_data/

comment = Taufan Sharing directory at Ubuntu

public = yes

security = share

read only = yes

browseable = yes

 

[Amanda]

path = /home/amanda/

comment = Angela directory at Ubuntu

public = no

read only = no

browseable = yes

security = user

valid users = amanda

force user = amanda

force group = amanda

 

If you see the configuration above, I moved the ‘security = share’ from [global] into [sharing_data] and [amanda]. So, each directory will has their own security access level.

 

Amanda can access her directory after entering her username and password.

Just type: smb://192.168.0.2 and choose amanda diretory

sambaserver_amanda.jpg

type: smb://amanda@192.168.0.2/Amanda directly on the Konqueror or Firefox textbox location then enter her username and password.

sambaserver_login.jpg

 

Continue to part 2 ….

Read Full Post »

nmap is a powerfull scanner available in Unix/Linux system. It’s very usefull for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine againts single hosts.

It’s very easy to install nmap in Ubuntu, just download from the internet.

taufanlubis@zyrex:~$ sudo apt-get install nmap

 

In this practice, I used 2 computer.

PC-01, IP = 192.168.0.3 (OpenSuse 10.1) with Kernel 2.6.16.13-4-default

PC-02, IP = 192.168.0.2 (Ubuntu Feisty)

I run nmap from Ubuntu to scan PC-01.

 

IP Scanning with range 192.168.0.0 – 192.168.0.255

taufanlubis@zyrex:~$ sudo nmap -sP 192.168.0.0/24

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:51 WIT

Host 192.168.0.2 appears to be up.

caught SIGINT signal, cleaning up

taufanlubis@zyrex:~$

 

IP Scanning with range 192.168.0.1 – 192.168.0.254

taufanlubis@zyrex:~$ sudo nmap -sP 192.168.0.1-254

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 21:53 WIT

Host 192.168.0.2 appears to be up.

Host 192.168.0.3 appears to be up.

MAC Address: 00:0D:88:B3:72:F3 (D-Link)

Nmap finished: 255 IP addresses (2 hosts up) scanned in 31.242 seconds

taufanlubis@zyrex:~$

 

Port Scanning with range port 100 – port 139

taufanlubis@zyrex:~$ nmap 192.168.0.3 -p100-139

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:06 WIT

Interesting ports on 192.168.0.3:

Not shown: 38 filtered ports

PORT STATE SERVICE

113/tcp closed auth

139/tcp open netbios-ssn

Nmap finished: 1 IP address (1 host up) scanned in 24.914 seconds

taufanlubis@zyrex:~$

For 40 ports, it took almost 25 seconds, so it will take much longer if you want to scan from 1-65535 (all ports in a computers).

 

Scanning Operating system on target IP

taufanlubis@zyrex:~$ sudo nmap -O 192.168.0.3

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:20 WIT

Interesting ports on 192.168.0.3:

Not shown: 1693 filtered ports

PORT STATE SERVICE

80/tcp open http

113/tcp closed auth

139/tcp open netbios-ssn

445/tcp open microsoft-ds

MAC Address: 00:0D:88:B3:72:F3 (D-Link)

Device type: general purpose|specialized|WAP|storage-misc

Running (JUST GUESSING) : Linux 2.6.X|2.4.X (97%), Atmel Linux 2.6.X (91%), Siemens linux (91%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Inventel embedded (88%)

Aggressive OS guesses: Linux 2.6.13 – 2.6.18 (97%), Linux 2.6.11 – 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.14 – 2.6.17 (92%), Linux 2.6.17 – 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 – 2.6.12 (x86) (92%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (91%), Siemens Gigaset SE515dsl wireless broadband router (91%)

No exact OS matches for host (test conditions non-ideal).

Network Distance: 1 hop

 

OS detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .

Nmap finished: 1 IP address (1 host up) scanned in 94.942 seconds

taufanlubis@zyrex:~$

 

nmap Faster Execution

If you want to make faster scan, use -T4 option on nmap command..

taufanlubis@zyrex:~$ sudo nmap -A -T4 192.168.0.3

Starting Nmap 4.20 ( http://insecure.org ) at 2007-10-16 22:42 WIT

Interesting ports on 192.168.0.3:

Not shown: 1693 filtered ports

PORT STATE SERVICE VERSION

80/tcp open http Apache httpd 2.2.0 ((Linux/SUSE))

113/tcp closed auth

139/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)

445/tcp open netbios-ssn Samba smbd 3.X (workgroup: HOME)

MAC Address: 00:0D:88:B3:72:F3 (D-Link)

Device type: general purpose|WAP|specialized|storage-misc|broadband router

Running (JUST GUESSING) : Linux 2.6.X|2.4.X (97%), Siemens linux (93%), Atmel Linux 2.6.X (92%), Inventel embedded (89%), Linksys Linux 2.4.X (89%), Asus Linux 2.4.X (89%), Maxtor Linux 2.4.X (89%), Netgear embedded (87%)

Aggressive OS guesses: Linux 2.6.13 – 2.6.18 (97%), Siemens Gigaset SE515dsl wireless broadband router (93%), Linux 2.6.11 – 2.6.15 (Ubuntu or Debian) (93%), Linux 2.6.15-27-686 (Ubuntu Dapper, X86) (93%), Atmel AVR32 STK1000 development board (runs Linux 2.6.16.11) (92%), Linux 2.6.14 – 2.6.17 (92%), Linux 2.6.17 – 2.6.18 (x86) (92%), Linux 2.6.17.9 (X86) (92%), Linux 2.6.9-42.0.2.EL (RedHat Enterprise Linux) (92%), Linux 2.6.9 – 2.6.12 (x86) (92%)

No exact OS matches for host (test conditions non-ideal).

Network Distance: 1 hop

 

OS and Service detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .

Nmap finished: 1 IP address (1 host up) scanned in 58.830 seconds

taufanlubis@zyrex:~$

Now, you only need 58,83 seconds compare to 94.94 seconds (without -T4 option).

 

For more details, just open the nmap manual.

taufanlubis@zyrex:~$ man nmap

Read Full Post »

FTP Server

What is FTP?

FTP (File Transfer Protocol) is a program to exchange files between two computers or to other computers in a local network or over inter networks (internet). May be you don’t know that you’ve already used it before when you download something from the internet. Most often, a computer with a FTP address is dedicated to receive a FTP connection.

What is ftp sites?

Ftp site is the like old Filling cabinets where you put your datas in it. Organized and labeled so it will easier next time you or any one who need the files can take it back next time.

That concept is applied in ftp sites. You can take any files that you want to download based access level provided. The Administrator can set which files to keep locked and which open to public.

What is ftp Server?

Ftp server is a machine that serves the authorized users to get the requested files. The FTP file sharing protocol is an old protocol which was created when internet was still a secure place. That’s why the default FTP protocol is not that secure. Mean that your username and password for login are transmitted in plain text, well… which is not secure for sure.

 

There are several configurations that you can set for your proftpd server.

  • as chrooted at /home directory

  • as anonymous proftpd user to read only

  • as anonymous proftpd user to read/write

  • as anonymous proftpd user to directory outsite /home/ftp

 

In this article, I want to show you how you can create a ftp server in a short time. In this practice, I use ‘proftpd’ as our ftp server. The file is not too big and it’s not difficult to install.

 

Step 1. Download and Installing ‘proftpd’ program for FTP server

taufanlubis@zyrex:~$ sudo apt-get install proftpd

Reading package lists… Done

Building dependency tree

Reading state information… Done

Suggested packages:

proftpd-doc

The following NEW packages will be installed:

proftpd

0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.

Need to get 784kB of archives.

After unpacking 2331kB of additional disk space will be used.

Get:1 http://archive.ubuntu.com feisty/universe proftpd 1.3.0-21ubuntu1 [784kB]

Fetched 784kB in 14s (54.1kB/s)

Preconfiguring packages …

Selecting previously deselected package proftpd.

(Reading database … 155004 files and directories currently installed.)

Unpacking proftpd (from …/proftpd_1.3.0-21ubuntu1_i386.deb) …

Setting up proftpd (1.3.0-21ubuntu1) …

——— IMPORTANT INFORMATION FOR XINETD USERS ———-

The following line will be added to your /etc/inetd.conf file:

ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/proftpd

 

If you are indeed using xinetd, you will have to convert the

above into /etc/xinetd.conf format, and add it manually. See

/usr/share/doc/xinetd/README.Debian for more information.

———————————————————–

Adding system user `proftpd’ (UID 118) …

Adding new user `proftpd’ (UID 118) with group `nogroup’ …

Not creating home directory `/var/run/proftpd’.

Adding system user `ftp’ (UID 119) …

Adding new user `ftp’ (UID 119) with group `nogroup’ …

Creating home directory `/home/ftp’ …

`/usr/share/proftpd/templates/welcome.msg’ -> `/home/ftp/welcome.msg.proftpd-new’

ProFTPd warning: cannot start neither in standalone nor in inetd/xinetd mode. Check your configuration.

taufanlubis@zyrex:~$

 

Step 2. Test it to run

taufanlubis@zyrex:~$ sudo /etc/init.d/proftpd start

Password:

ProFTPd warning: cannot start neither in standalone nor in inetd/xinetd mode. Check your configuration.

taufanlubis@zyrex:~$

This error occurs because we haven’t set the configuration file yet.

 

Step 3. Create your proftpd directory

For this practice, I create ftp_shared directory at home/ directory.

taufanlubis@zyrex:/home$ sudo mkdir ftp_shared/

Then I create 2 more directories inside ftp_shared directory.

taufanlubis@zyrex:/home$ cd ftp_shared/

taufanlubis@zyrex:/home/ftp_shared$ sudo mkdir download

taufanlubis@zyrex:/home/ftp_shared$ sudo mkdir upload

 

Set security permission

taufanlubis@zyrex:/home/ftp_shared$ cd ..

taufanlubis@zyrex:/home$ sudo chmod 755 ftp_shared/

taufanlubis@zyrex:/home$ cd ftp_shared/

taufanlubis@zyrex:/home/ftp_shared$ sudo chmod 755 download/

taufanlubis@zyrex:/home/ftp_shared$ sudo chmod 777 upload/

taufanlubis@zyrex:/home/ftp_shared$ ls -l

total 8

drwxr-xr-x 2 root root 4096 2007-10-17 19:31 download

drwxrwxrwx 2 root root 4096 2007-10-17 19:31 upload

taufanlubis@zyrex:/home/ftp_shared$

Step 4. Create your proftpd user

Just add a user from ‘Users and Groups’ Ubuntu menu.

System > Administration > Users and Groups then just click Add user.

or you can do this job through linux console

taufanlubis@zyrex:/home$ sudo useradd userftp -p 123456 -d /home/ftp_shared

 

Step 5. Configuring proftpd server

The final preparation is configure your proftpd server.

The proftpd configuration file is located at /etc/proftpd/proftpd.conf.

taufanlubis@zyrex:~$ cd /etc/proftpd/

taufanlubis@zyrex:/etc/proftpd$ ls -l

total 12

-rw-r–r– 1 root root 738 2007-10-08 07:20 modules.conf

-rw-r–r– 1 root root 4491 2007-10-08 07:20 proftpd.conf

taufanlubis@zyrex:/etc/proftpd$

Create a backup file

Always create a back before you change any configuration files.

taufanlubis@zyrex:/etc/proftpd$ sudo cp proftpd.conf proftpd.conf.original

taufanlubis@zyrex:/etc/proftpd$ ls -l

total 20

-rw-r–r– 1 root root 738 2007-10-08 07:20 modules.conf

-rw-r–r– 1 root root 4491 2007-10-08 07:20 proftpd.conf

-rw-r–r– 1 root root 4491 2007-10-09 04:26 proftpd.conf.original

taufanlubis@zyrex:/etc/proftpd$

 

Edit proftpd configuration file

Replace the content with our new configuration data.

taufanlubis@zyrex:/etc/proftpd$ sudo gedit proftpd.conf

Include /etc/proftpd/modules.conf

 

# ———————————————–

UseIPv6 off

ServerName “UbuntuFtp”

ServerType standalone

DeferWelcome on

 

MultilineRFC2228 on

DefaultServer on

ShowSymlinks off

 

TimeoutNoTransfer 600

TimeoutStalled 600

TimeoutIdle 1200

 

DisplayLogin welcome.msg

DisplayFirstChdir .message

ListOptions “-l”

 

RequireValidShell off

Timeoutlogin 20

RootLogin off

DenyFilter \*.*/

 

# ———————————————–

#Port 21 is the standard FTP port, just change

#to another port for security reason

Port 2007

 

MaxInstances 9

User userftp

Group nogroup

Umask 022 022

 

MaxClients 8

MaxClientsPerHost 8

MaxClientsPerUser 8

MaxHostsPerUser 8

 

AllowOverwrite on

PersistentPasswd off

 

UseSendFile off

 

#Display a message after login

AccessGrantMsg “Welcome to Ubuntu ftp Server!!!”

 

ServerIdent on “you’re at home”

DefaultRoot /home/ftp_shared

 

MaxLoginAttempts 5

 

#Create your log file

ExtendedLog /var/log/ftp.log

TransferLog /var/log/proftpd/xferlog

SystemLog /var/log/proftpd/proftpd.log

 

# ———————————————–

<Limit LOGIN>

AllowUser userftp

Deny All

</Limit>

 

<Directory /home/ftp_shared>

Umask 022 022

AllowOverwrite off

<Limit MKD STOR DELE XMKD RNRF RNTO RMD XRMD>

DenyAll

</Limit>

</Directory>

 

<Directory /home/ftp_shared/download/*>

Umask 022 022

AllowOverwrite off

<Limit MKD STOR DELE XMKD RNEF RNTO RMD XRMD>

DenyAll

</Limit>

</Directory>

 

<Directory /home/ftp_shared/upload/>

Umask 022 022

AllowOverwrite on

<Limit READ RMD DELE>

DenyAll

</Limit>

</Directory>

# ———————————————–

Save the edited file and restart the FTP server.

taufanlubis@zyrex:~$ cd /etc/init.d/

taufanlubis@zyrex:/etc/init.d$ sudo ./proftpd start

* Starting ftp server proftpd [ OK ]

 

or

 

taufanlubis@zyrex:~$ sudo /etc/init.d/proftpd start

* Starting ftp server proftpd [ OK ]

taufanlubis@zyrex:~$

 

Now, you have your own ftp server already.
You can test it using FileZilla or Firefox (any web browsers).

Access ftp server using FileZilla
Enter Host: 192.168.0.2 (my ip address), username: userftp, password: 123456, port: 2007

Access ftp using FileZilla

Access ftp server using Firefox

Type: ftp://192.168.0.2:2007 in your firefox Url box.
Enter user name: userftp

Enter password: 123456
Access ftp using Firefox

loginftp2.png

Read Full Post »

Older Posts »

Follow

Get every new post delivered to your Inbox.

Join 71 other followers