The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,854 other subscribers

Archive for the ‘*nix-tools’ Category

« Previous Entries
Next Entries »

linux – Is there a way to remove “Last message repeated x times” from logs? – Server Fault

Posted by jpluimers on 2018/12/17

One day I will need to enable repeating those messages: [WayBack] linux – Is there a way to remove “Last message repeated x times” from logs? – Server Fault

–jeroen

Posted in *nix, *nix-tools, Linux, Power User | Leave a Comment »

OpenSuSE Tumbleweed E20 on Raspberry Pi 3: accessing the enlightenment desktop over VNC after automatic logon

Posted by jpluimers on 2018/12/14

For a keyboard-less Raspberry Pi machine that functions as a read-only screen, I needed:

  • automatic logon
  • remote VNC accessibility
  • no screen blanking

I already had the E20 ([WayBackEnlightenment) X11 server running as that’s the first image on [WayBackHCL:Raspberry Pi3 – openSUSE that as a graphical UI that works.

Read the rest of this entry »

Posted in *nix, *nix-tools, Power User, Screen sharing, VNC/Virtual_Network_Computing, X11, X11vnc | Leave a Comment »

on my research list: autossh

Posted by jpluimers on 2018/12/12

Having mainly used ssh as a means to connect to a shell on remote machines and occasionally a manual port forward.

I never noticed autossh where you can automate the ssh logon process to keep permanent port forwards up and running. Cool!

It’s on my research list now, as this will be useful probably sooner than later:

My initial impression is that autossh is a wrapper around the regular ssh client that allows reconnection upon communication failures.

–jeroen

Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, Power User, SSH, TCP | Leave a Comment »

Adding Windows machines to Samba domains and security

Posted by jpluimers on 2018/12/07

If adding a Windows machine to a Samba domain fails and the below “solves” your issue, then you need to tighten the security on the Samba side:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters]
; Enable NT-Domain compatibility mode
; Default:
; [value not present]
; "DomainCompatibilityMode"=-
"DomainCompatibilityMode"=dword:00000001

; Disable required DNS name resolution
; Default:
; [value not present]
; "DNSNameResolutionRequired"=-
"DNSNameResolutionRequired"=dword:00000000


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters]
; Disable requirement of signed communication
; My Samba (3.0.33) works with signed communication enabled, so no need to disable it.
; Default:
; "RequireSignOrSeal"=dword:00000001
; Disable the usage of strong keys
; Default:
; "RequireStrongKey"=dword:00000001
"RequireStrongKey"=dword:00000000

–jeroen

Posted in *nix, *nix-tools, Power User, samba SMB/CIFS/NMB, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows 9 | Leave a Comment »

8 Linux Commands: To Find Out Wireless Network Speed, Signal Strength And Other Information – nixCraft

Posted by jpluimers on 2018/12/03

[WayBack8 Linux Commands: To Find Out Wireless Network Speed, Signal Strength And Other Information – nixCraft:

Explains various Linux tools and command that can be used to monitor application for wireless network devices. These tools can display wireless single strength (levels), frequencies, speed and much more.

That will prove to be useful one day.

–jeroen

via:

[WayBack] Want to monitor a wireless network on Linux? Try these eight tools. – nixCraft – Google+

Read the rest of this entry »

Posted in *nix, *nix-tools, Power User | Leave a Comment »

Cleaning up bounces from /var/spool/mqueue using qtool

Posted by jpluimers on 2018/11/26

Part of my /var/spool/mqueue consist of administrative bounces to mail domains that fail for a long time.

 

First a few queries to filter the messages I want to move (the -h suppresses filename so you can aggregate with sort and uniq):

grep -h "MDeferred: Connection" /tmp/mqueue-junk/qf* | sort | uniq -c

It gives results like this:

...
     56 MDeferred: Connection refused by static.vnpt.vn.
...
      1 MDeferred: Connection reset by cleanfreshliving.com.
...
     10 MDeferred: Connection timed out with netflix.ssl.com.
...

After blacklisting those domains, I’ve used qtool.pl to cleanup the mail queue.

qtool.pl

As qtool.pl does not have “dry run” or log options, it’s best to test expressions on a copy of your mail queue first. I’ve made copies in /tmp/mqueue for this.

The query expression language on qtool.pl is complicated to get right: the documentation talks about using %msg which in fact is $msg and there is no official documentation on the mapping of qf files in the mqueue directory to expressions used in qtool.pl.

Luckily that mapping is in qtool.pl itself as explained by www.the-art-of-web.com/system/sendmail-qtool/#section_2. A recent source is at github.com/freebsd/freebsd/blob/master/contrib/sendmail/contrib/qtool.pl where I copied the fragment further below from.

Now just see these commands:

./contrib/qtool.pl -C /etc/sendmail.cf -e '$msg{message}[0] =~ /Deferred: Connection refused by/' /tmp/mqueue-junk/ /tmp/mqueue/

and

./contrib/qtool.pl -C /etc/sendmail.cf -e '$msg{num_delivery_attempts} > 100' /tmp/mqueue-junk/ /tmp/mqueue/

Since there are two M lines per qf file, you have to index the {message} part. There is no need for that with the {num_delivery_attempts}.

Because of the =~ operator, the match expressions are of [WayBack] perlre – perldoc.perl.org: Perl regular expressions.

If you run this on the live /var/spool/mqueue directory, then you can get errors like this which means you should retry after a few minutes (or run with sendmail disabled):

Could not obtain fcntl lock on '/var/spool/mqueue//qfv4H9jv7M007291': Resource temporarily unavailable.
1
Could not obtain fcntl lock on '/var/spool/mqueue//qfv5DB2NkJ024360': Resource temporarily unavailable.
1

Note that the searching for Mhost map: lookup \(.*\): deferredfails, so I write this little script that shows which commands are going to be executed and how to execute them:

grep -l "^Mhost map: lookup \(.*\): deferred$" /var/spool/mqueue/qf* | xargs -n1 -I {} echo "./contrib/qtool.pl -C /etc/sendmail.cf /var/spool/mqueue-junk/ {}"
grep -l "^Mhost map: lookup \(.*\): deferred$" /var/spool/mqueue/qf* | xargs -n1 -I {} ./contrib/qtool.pl -C /etc/sendmail.cf /var/spool/mqueue-junk/ {}

It executes the qtool.pl once per grep output line.

Read the rest of this entry »

Posted in *nix, *nix-tools, Power User, sendmail | Leave a Comment »

SSH: Connection Reset by Peer – Server Fault

Posted by jpluimers on 2018/11/22

One occasion I had SSH throw a Connection Reset by Peer on my when was the SD-card of a Raspberry Pi started failing and the ext4 filesystem got mounted in read-only mode.

Then sshd was still listening on port 22, but since it could not write to disk any more, it threw a Connection Reset by Peer to the client.

It was on OpenSuSE Tumbleweed, but would failed just as well using Raspbian.

Lessons learned:

  • IoT hardware will fail.
  • ext4 breaks when the hardware breaks.

–jeroen

Reference:

Posted in *nix, *nix-tools, Debian, Development, Hardware Development, IoT Internet of Things, Linux, Network-and-equipment, openSuSE, Power User, Raspberry Pi, Raspbian, SuSE Linux, Tumbleweed | Leave a Comment »

nmap for Windows: ncat as a TCP client to servers

Posted by jpluimers on 2018/11/16

Downloads are from a bit cryptic page [WayBack] Download the Free Nmap Security Scanner for Linux/Mac/Windows via [WayBack] Windows | Nmap Network Scanning.

An alternative is to go to [WayBack] nmap.org/dist, then search for the bottom most files having .exe or .zip extensions.

It is much more modern than netcat (see some links on that below) and has elaborate documentation:

As a comparison some netcat links:

–jeroen

Posted in *nix, nmap, Power User | Leave a Comment »

Find the TTL for a domain and subdomain by getting to the authoritative nameserver first

Posted by jpluimers on 2018/11/15

Lets find the authoritative name server and TTL (time to live) for the example.org domain and www.example.org subdomain.

Notes:

1a: get parents of name servers

First start with a root server (dig: getting the list of root servers) to get parents of the name servers for example.org (don’t you love indirection!):

$ dig +norecurse +noall +authority @f.root-servers.net. example.org.
org.            172800  IN  NS  a0.org.afilias-nst.info.
org.            172800  IN  NS  a2.org.afilias-nst.info.
org.            172800  IN  NS  b0.org.afilias-nst.org.
org.            172800  IN  NS  b2.org.afilias-nst.org.
org.            172800  IN  NS  c0.org.afilias-nst.info.
org.            172800  IN  NS  d0.org.afilias-nst.org.

You can repeat this query for 2 more root servers to ensure they are in sync.

1b: get authoritative name servers from the parents

Now repeat with at least 3 of these to ensure they give matching results for the name servers for example.org:

$ dig +norecurse +noall +authority @b0.org.afilias-nst.info. example.org.
example.org.        86400   IN  NS  b.iana-servers.net.
example.org.        86400   IN  NS  a.iana-servers.net.
$ dig +norecurse +noall +authority @c0.org.afilias-nst.info. example.org.
example.org.        86400   IN  NS  a.iana-servers.net.
example.org.        86400   IN  NS  b.iana-servers.net.
$ dig +norecurse +noall +authority @a0.org.afilias-nst.info. example.org.
example.org.        86400   IN  NS  a.iana-servers.net.
example.org.        86400   IN  NS  b.iana-servers.net.

2a: getting the domain name servers from a public name server

A query to a public DNS server will also return a name server list, but then you would need to know that name server first. In addition, you can not ask for +authority; you have to ask for +answer NS in stead:

$ dig +norecurse +noall +answer NS @8.8.8.8 example.org.
example.org.        55312   IN  NS  a.iana-servers.net.
example.org.        55312   IN  NS  b.iana-servers.net.

The name servers on the list are not guaranteed to be authoritative, as this query returns an empty result:

$ dig +norecurse +noall +authority @8.8.8.8 example.org.

2b. ensuring the name servers are authoritative name servers

From the name servers returned, you can now check if the servers themselves return the same name servers. If so, then you are sure they are authoritative:

$ dig +norecurse +noall +authority @a.iana-servers.net. example.org.
example.org.        86400   IN  NS  a.iana-servers.net.
example.org.        86400   IN  NS  b.iana-servers.net.
$ dig +norecurse +noall +authority @b.iana-servers.net. example.org.
example.org.        86400   IN  NS  b.iana-servers.net.
example.org.        86400   IN  NS  a.iana-servers.net.

3: get the actual TTL

With the authoritative name servers, you can get the actual TTL:

$ dig +norecurse +noall +answer SOA @a.iana-servers.net. example.org.
example.org.        3600    IN  SOA sns.dns.icann.org. noc.dns.icann.org. 2017042729 7200 3600 1209600 3600
$ dig +norecurse +noall +multiline +answer SOA @a.iana-servers.net. example.org.
example.org.        3600 IN SOA sns.dns.icann.org. noc.dns.icann.org. (
                2017042729 ; serial
                7200       ; refresh (2 hours)
                3600       ; retry (1 hour)
                1209600    ; expire (2 weeks)
                3600       ; minimum (1 hour)
                )

I got the +multiline trick from [WayBackHOWTO: Using dig(1) to Find DNS Time to Live (TTL) Values – A-Team Systems.

4: get the count down TTL from a local name server

You can repeat the above process with a non-authoritative name server a few times to see the TTL decrease:

$ dig +norecurse +noall +answer SOA example.org.
example.org.        322 IN  SOA sns.dns.icann.org. noc.dns.icann.org. 2017042729 7200 3600 1209600 3600
$ dig +norecurse +noall +answer SOA example.org.
example.org.        321 IN  SOA sns.dns.icann.org. noc.dns.icann.org. 2017042729 7200 3600 1209600 3600

This is for instance what is returned by [WayBackexample.org DNS information – who.is example.org DNS information. DNS records such SOA, TTL, MX, TXT and more.

Public DNS servers having multiple servers per IP can even run disperse TTL numbers, for instance Google DNS at 8.8.8.8 does this:

$ dig +norecurse +noall +answer SOA @8.8.8.8 example.org.
example.org.        13  IN  SOA sns.dns.icann.org. noc.dns.icann.org. 2017042729 7200 3600 1209600 3600
$ dig +norecurse +noall +answer SOA @8.8.8.8 example.org.
example.org.        1388    IN  SOA sns.dns.icann.org. noc.dns.icann.org. 2017042729 7200 3600 1209600 3600
$ dig +norecurse +noall +answer SOA @8.8.8.8 example.org.
example.org.        10  IN  SOA sns.dns.icann.org. noc.dns.icann.org. 2017042729 7200 3600 1209600 3600

Note that +nssearch does not work for me

Using +nssearch as per [WayBackHow to find what Authoritative Name Server provided the answer using dig? – Server Fault fails for me:

$ dig +nssearch example.org
SOA sns.dns.icann.org. noc.dns.icann.org. 2017042729 7200 3600 1209600 3600 from server 199.43.135.53 in 83 ms.
SOA sns.dns.icann.org. noc.dns.icann.org. 2017042729 7200 3600 1209600 3600 from server 199.43.133.53 in 144 ms.
;; connection timed out; no servers could be reached

This reveals this in the bold values:

  • The authoritative nameserver sns.dns.icann.org is not publicly accessible.
  • TTL 7200 (7200 seconds is 2 hours).

Future research

Authoritative answers might not be present in dig queries on some platforms. I need to dig deeper into [WayBackterminal – Dig not returning authority section? – Ask Different to see why.

Glue records are always tricky to get right: [WayBackHow to check domain NS glue records using dig « Admins eHow

–jeroen

Posted in *nix, *nix-tools, bash, Development, dig, DNS, Internet, Power User, Scripting, Software Development | Leave a Comment »

PSBL: Passive Spam Block List powered by Spamikaze

Posted by jpluimers on 2018/11/01

On my research list: [WayBackPassive Spam Block List:

PSBL is an easy-on, easy-off blacklist that does not rely on testing and should reduce false positives because any user can remove their ISP’s mail server from the list.

The idea is that 99% of the hosts that send me spam never send me legitimate email, but that people whose mail server was used by spammers should still be able to send me email.

This results in a simple listing policy: an IP address gets added to the PSBL when it sends email to a spamtrap, that email is not identified as non-spam and the IP address is not a known mail server.

Via: Hans Wolters commenting at [WayBack] For my research list: Source: Bruteforce login prevention… – Jeroen Wiert Pluimers – Google+

References:

–jeroen

Posted in *nix, *nix-tools, Development, Perl, Power User, Scripting, Software Development | Leave a Comment »

« Previous Entries
Next Entries »