Hi all,
today I will show you how to configure a DHCP server onto Ubuntu Server 11.04 already running.
first you should check that the server has a static ip address,
vi /etc/network/interfaces
in my case is something like this:
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.255
gateway 192.168.0.1
then check for the name servers:
vi /etc/resolv.conf
I have this:
nameserver 192.168.0.1
if you change yours files (interfaces and/or resolv.conf) , you need to type this:
/etc/init.d/networking restart
check also your hostname file:
vi /etc/hosts
should be something like this:
127.0.0.1 localhost.localdomain localhost
192.168.0.100 server1.example.com server1
bcause in my case the server is called "server1"
DHCP installation and configuration
First download and install the dhcp service:
sudo apt-get install dhcp3-server
after the installation you will see a failed status, but it's ok, because we still need to configure the service.
vi /etc/dhcp/dhcpd.conf
Now we are going to change the file to configure our subnet,
in my case my server is 192.168.0.100 so my configuration will be something like this:
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.10 192.168.0.50;
option broadcast-address 192.168.0.255;
option routers 192.168.0.1;
}
This way the service will release addresses in the range 192.168.0.10 -> 192.168.0.50
save the file and restart the dhcp service:
/etc/init.d/isc-dhcp-server start
Now the dhcp should be working fine.
There are a lot of other options that can be configured in the dhcpd.conf file, check the documentaiton for that
bye
Digger
venerdì 16 dicembre 2011
mercoledì 14 dicembre 2011
Sniff switched network with ettercap-ng for windows
Hi all,
a quick guide about one (there are other) way to sniff network traffic in a switched lan.
The enviroment is:
PCA
PCB
monitoring-PC (os: win xp, 2 NICs installed)
my monitoring pc is a laptop with only 1 nic, so I used a DLINK external USB NIC (name: DUB-E100) as second NIC.
PCA is connecting to PCB
on your "monitoring-PC" you want to see(sniff) the traffic between A and B but you cannot install anything on them and they are connected using a switch.
The problem is that in a switched enviroment you usually cannot sniff packets like you do using an HUB.
If you have an hub you can connect it in the middle, else if you have a way to setup a monitoring port on the switch, ok, but else it's a problem.
You could ARP poisoning the devices to then sniff (or also do a mac flooding to put the switch in a failed open state), but in my experience this could be dangerous sometimes and it often doesn't work very well.
SOLUTION
A solution I found today is to use ETTERCAP-NG for windows.
You can install it on your monitoring pc, using 2 network card, configure it for a "bridged sniffing" and then run a sniffer like "Wireshark".
You simply need to disconnect A or B and put your monitoring pc in the middle using the 2 NICs.
example:
A--- (nic1)monitoringPC(nic2) ---- switch ----B
or
A--- switch ---(nic1)monitoringPC(nic2) ------B
This way the monitoringPC is acting as a bridge and the packets between A and B are visible on the monitoringPC.
ETTERCAP-NG
http://sourceforge.net/projects/ettercap/files/
open "unofficial binaries", then "windows", then download "ettercap-NG-0.7.3-win32.exe"
WIRESHARK
http://www.wireshark.org/
INSTRUCTIONS (on the monitoring pc with 2 nics installed, in my case XP operating system)
Download and install ettercap-ng, then download and install wireshark.
Start Ettercap-ng
from the "Sniff" menu select "Bridged sniff"
Then from the windows that appear select the nics to be used for creating the bridge
Now from the "Start" menu select "Start sniffing"
Now you can open "Wireshark" (or other sniffing tool) to see the traffic
The red arrows indicate what I changed from the default.
Important is to select "promiscuous" else you'll not see all the packets as they are not directed to you (the monitorinc pc), then I changed the nic to the USB one (but also the other is ok).
Unflagged "Automatic scrolling" because I prefere this way, but this is up to you.
That's all, at this point you should see all the packets between the 2 machines.
bye
Digger
a quick guide about one (there are other) way to sniff network traffic in a switched lan.
The enviroment is:
PCA
PCB
monitoring-PC (os: win xp, 2 NICs installed)
my monitoring pc is a laptop with only 1 nic, so I used a DLINK external USB NIC (name: DUB-E100) as second NIC.
PCA is connecting to PCB
on your "monitoring-PC" you want to see(sniff) the traffic between A and B but you cannot install anything on them and they are connected using a switch.
The problem is that in a switched enviroment you usually cannot sniff packets like you do using an HUB.
If you have an hub you can connect it in the middle, else if you have a way to setup a monitoring port on the switch, ok, but else it's a problem.
You could ARP poisoning the devices to then sniff (or also do a mac flooding to put the switch in a failed open state), but in my experience this could be dangerous sometimes and it often doesn't work very well.
SOLUTION
A solution I found today is to use ETTERCAP-NG for windows.
You can install it on your monitoring pc, using 2 network card, configure it for a "bridged sniffing" and then run a sniffer like "Wireshark".
You simply need to disconnect A or B and put your monitoring pc in the middle using the 2 NICs.
example:
A--- (nic1)monitoringPC(nic2) ---- switch ----B
or
A--- switch ---(nic1)monitoringPC(nic2) ------B
or
...etc (exchange nic1 and nic2)
This way the monitoringPC is acting as a bridge and the packets between A and B are visible on the monitoringPC.
ETTERCAP-NG
http://sourceforge.net/projects/ettercap/files/
open "unofficial binaries", then "windows", then download "ettercap-NG-0.7.3-win32.exe"
WIRESHARK
http://www.wireshark.org/
INSTRUCTIONS (on the monitoring pc with 2 nics installed, in my case XP operating system)
Download and install ettercap-ng, then download and install wireshark.
Start Ettercap-ng
from the "Sniff" menu select "Bridged sniff"
Then from the windows that appear select the nics to be used for creating the bridge
Now from the "Start" menu select "Start sniffing"
Now you can open "Wireshark" (or other sniffing tool) to see the traffic
The red arrows indicate what I changed from the default.
Important is to select "promiscuous" else you'll not see all the packets as they are not directed to you (the monitorinc pc), then I changed the nic to the USB one (but also the other is ok).
Unflagged "Automatic scrolling" because I prefere this way, but this is up to you.
That's all, at this point you should see all the packets between the 2 machines.
bye
Digger
venerdì 2 dicembre 2011
Windows 7 Search - missing files - resolution
Hi all,
are you in the same situation as me?
Are you searching in a particular folder (and subfolders) for a filename, or for content, and AS ALWAYS windows 7 search doesn't find it? also if you know for sure the file is there and/or the content is there in some file??
Honestly I hate the way Windows 7 indexes everything (slowing down the pc) just to speed up searching something from time to time, and then also you don't find it because at the end it doesn't work as it should...
Ok, there are some tips to make windows search working better, like unflagging all the folders in the indexing option, in this way windows will search not using the indexing at all.
Then you'll not find content anymore I suspect, so you should flag the folder "one shot" just to start indexing on demand (but you should also disable indexing backoff to make it works).
Ok, the REAL solution?
DON'T USE WINDOWS SEARCH... use something else
Unflag ALL the flags in the indexing options so that no folder is indexed (this will speed up you pc in some way), just keep Outlook flag so you can search mails.
Then istall some search tool (I'm using Agent Ransack as it does its job well) and use it instead!
are you in the same situation as me?
Are you searching in a particular folder (and subfolders) for a filename, or for content, and AS ALWAYS windows 7 search doesn't find it? also if you know for sure the file is there and/or the content is there in some file??
Honestly I hate the way Windows 7 indexes everything (slowing down the pc) just to speed up searching something from time to time, and then also you don't find it because at the end it doesn't work as it should...
Ok, there are some tips to make windows search working better, like unflagging all the folders in the indexing option, in this way windows will search not using the indexing at all.
Then you'll not find content anymore I suspect, so you should flag the folder "one shot" just to start indexing on demand (but you should also disable indexing backoff to make it works).
Ok, the REAL solution?
DON'T USE WINDOWS SEARCH... use something else
Unflag ALL the flags in the indexing options so that no folder is indexed (this will speed up you pc in some way), just keep Outlook flag so you can search mails.
Then istall some search tool (I'm using Agent Ransack as it does its job well) and use it instead!
Iscriviti a:
Post (Atom)