Suramya's Blog : Welcome to my crazy life…

February 27, 2010

How to use UDP Tunneling to avoid hotspot or firewall restrictions

Filed under: Computer Security,Knowledgebase,Tech Related — Suramya @ 11:59 PM

A lot of times when you connect to a wireless hotspot or a network there are restrictions in place which prevent you from accessing the web without some sort of authentication or restrict the kind of connections allowed. Usually that’s not a problem but at times you need to be able to bypass the restrictions.

In normal cases the firewalls in place usually allow outgoing connections to pass through but in some cases even outbound connections are blocked or you need to pay for access. In such cases you can use UDP Tunneling to bypass any restrictions.

Keep in mind that using such methods on a network will not endear you to your network administrator and if caught might cause you trouble. You might even end up in Jail. So don’t try to use this for anything illegal or to browse porn at work.

The way it works is that when you try to browse to a website your system sends a request to a name server on UDP Port 53. On a lot of hotspots/firewalls/proxies the system waits for the Name server to respond and when it gets a response it redirects you to a login page or redirects you to a web proxy. What allows us to do a UDP tunnel is the fact that all port 53 UDP traffic is allowed out to anywhere on the web, without any kind of authentication.

So if you have a VPN configured to connect over UDP port 53 instead of the default port 1194 then you should be able to bypass the restrictions.

Basically what you have to do is setup a OpenVPN server on a public server and then configure it to use port 53 instead of the default 1194. Once you do that you can configure your VPN client on a laptop to connect to the server on port 53. Once connected all new connections will go over the VPN connection and you should be able to browser the web without issues or blocks.

Thanks to Adam Palmer for the tip.

[Update 11/26/2014] Please use the updated link iodigitalsec.com as the original one is broken.

I think I am going to set up a VPN server on my desktop so when I am away from home and need web access I can use this technique to get access.

– Suramya

February 24, 2010

Getting Wireless on my HP Pavilion DV5000 to work on Linux

Filed under: Computer Software,Knowledgebase,Linux/Unix Related,Tech Related — Suramya @ 10:46 PM

I have heard that connecting to wireless networks can give a lot of trouble in Linux. I have even experienced the same when I tried out Debian and Red Hat Enterprise Linux (RHEL) 5 on my HP Pavilion DV5000 laptop. In Debian I managed to get the card working but on RHEL I couldn’t get it to work.

Actually I could have gotten it to work but lacked the time to spend trying out various solutions. Plus the final solution wasn’t very elegant or portable. Basically what I ended up doing was hardcoding the config file to connect to a particular wireless network. Which obviously wasn’t a very portable solution.

When I decided to try out Backtrack 4 which is a Linux-based penetration testing distribution that is based off Ubuntu I was worried that my wireless card (Broadcom BCM4318) would again cause issues. If you have been using Linux then you probably have heard of this-chip set as earlier versions of Linux had a lot of problems getting this card to work and so I was expecting a lot of work before I got the card to work.

While the OS was installing I did a little search on google and that reminded me of a post on Tech Republic that talked about 10 tools to connect to wireless networks in Linux so I decided to try out each of them to see which one worked for me.

Fortunately for me the first program I tried (wicd) solved my problem. All I had to do to get the network working was: log in as root and then run the following command:

/etc/init.d/wicd start

Once I ran the command all my network cards were automatically detected and I could configure them. However since its a pain to configure the cards manually, I ran the following command to start the GUI based client for wicd:

wicd-client

When you run wicd-client a new icon shows up in the system tray (next to the clock) and if you double click on the icon the Wicd manager starts and allows you to configure any wireless/wired network that the system detects.

Over all, wicd is quite easy and a lot more intuitive than the default KDE Network manager, plus another advantage is that wicd supports WPA which the default KDE Network manager doesn’t.

Now that I have gotten the card working on Ubuntu I am going to re-install RHEL on the laptop and see if wicd can get the card working over there also. But that’s work for another day.

– Suramya

February 15, 2010

Augmented Reality: Tattoo that transforms into a flying dragon

Filed under: Computer Related,Computer Software,My Thoughts,Tech Related — Suramya @ 7:52 PM

Augmented reality, the words bring to mind a science fiction world where people wear glasses hooked up to computers that give additional information on the item being looked at. I have read scores of novels where this technology is in use by humans (both in a positive and negative sense) but till date this technology was still in the realm of Science Fiction.

Now this has changed. ThinkAnApp studio based in Buenos Aries has developed specialized software that allows them to create a tattoo that when viewed through a camera gets transformed into a flying dragon. Or anything else you want. Pretty cool eh?

Here’s what the Tattoo looks like when viewed through a camera:

Check out the video demoing the tattoo in action here.

This is just a prototype and isn’t released for public use yet. But it is a step in the right direction and slowly but surely we are moving closer to the day when the virtual world will overlay the real world and open up all the awesome possibilities that entails.

Source: ThinkAnApp – Augmented Reality (tattoo).

– Suramya

February 5, 2010

Learn to use search effectively in Linux using grep

Filed under: Linux/Unix Related,Tech Related,Tutorials — Suramya @ 11:59 PM

grep is a really powerful tool that allows you to search for specific string/data within a given text. This text can be a list of files or the content of a given file, even a list of programs running. Basically it allows you to filter the required text from background noise.

As you can imagine it is a very powerful tool but most people don’t really learn to use it well. Zahid Irfan wrote a very nice blog post on ‘Why grep almost never yields something productive‘ for new Linux users and has some great examples that explain grep usage quite well for all users both new and experienced

Check it out.

– Suramya

February 2, 2010

Exorcising my Dad’s HP dv5000 Laptop by dismantling it

Filed under: Computer Hardware,My Life,Tech Related — Suramya @ 10:35 PM

A few days ago dad’s HP Pavilion dv5000 started acting funny. He had put the laptop in hibernation but all of a sudden it would start up on its own for a few seconds and then would shut down due to low battery. This woke him up so he brought the laptop to my room so that I could take a look at it. I looked at it but didn’t find anything funny so I shutdown the system and told him that I would take a look at it in the morning.

A few minutes later the laptop started up again even though I had shut it down completely. I then removed the battery and left the AC Adapter plugged in to see if the problem was caused due to a faulty battery. But the laptop still started up again without anyone touching it. So I decided to take the laptop apart to see if there was a loose connection or something that was triggering the boot.

This laptop is designed in a way to make it really hard to open without knowing exactly where all the screws are located. Some of them are hidden behind other items like the Harddrive and the DVD-ROM, some are on the other side so you only see them when you remove the DVD Drive and look under the laptop again. It took me a couple of hours to get it all open.

The photos posted by Chris Davis on his flicker account helped a lot in getting the stupid laptop open. Thanks Chris. I owe you a beer.

Compared to this my Sony Vaio had taken me about 1/2 hour to open. The worst part is even simple stuff like resetting the BIOS by removing the battery require you to dismantle pretty much the entire laptop. I think this is an issue with all HP systems because I remember trying to upgrade the RAM on a HP desktop and that took us most of the day (this was back in 2006 I think)

Anyways once I managed to open the laptop, I cleaned it and put it back together. Since then the laptop hasn’t started up on its own again (so far) so I guess we are good for now. Dad’s happy that the laptop stays shutdown when he turns it off and I don’t have to take it to a hardware repair shop to get it fixed which would have been a pain.

The next item on my repair list is my N95. I think I need to update the firmware on it but before that I will have to backup all the SMS’s, logs, etc etc on it. Plus all the programs I have installed. So that’s a task for another day.

– Suramya

January 20, 2010

List all machines connected to a LAN with additional details on each

Filed under: Knowledgebase,Security Tools,Tech Related — Suramya @ 12:15 AM

If you ever had to figure out how many systems are connected to a network and what IP’s they have then you will find this tip useful. It is also useful to identify any rouge machines on your network if you know how many systems are supposed to be there on that network. Like in case of my home network, where I know the exact no of machines.

There are multiple software out that, that allow you to do this. Some are free, some are very expensive. In my opinion the best one is nmap. It is free, fast and can be scripted.

To find all machines on my LAN (IP Range: 192.168.2.x) I just have to issue the following command:

nmap -sP 192.168.2.0/24

This gives an output like the following when I run it as a normal user:

suramya@Wyrm:~$ nmap -sP 192.168.2.0/24

Starting Nmap 5.00 ( http://nmap.org ) at 2010-01-20 00:01 IST
Host 192.168.2.1 is up (0.0018s latency).
Host 192.168.2.5 is up (0.00018s latency).
Host 192.168.2.100 is up (0.00018s latency).
Nmap done: 256 IP addresses (3 hosts up) scanned in 2.93 seconds

When I run the same command as root, it gives me additional information that looks like:

Wyrm:~# nmap -sP 192.168.2.0/24
Starting Nmap 5.00 ( http://nmap.org ) at 2010-01-19 23:50 IST
Host 192.168.2.1 is up (0.0015s latency).
MAC Address: 00:XX:XX:XX:XX:XX (Cisco-Linksys)
Host 192.168.2.5 is up.
Host 192.168.2.100 is up (0.011s latency).
MAC Address: 00:XX:XX:XX:XX:XX (Intel)
Nmap done: 256 IP addresses (3 hosts up) scanned in 3.00 seconds

In this case, as you can see nmap also gives me the MAC address of the machine. 192.168.2.5 is the machine I ran the scan from so I didn’t get any information on that one.

If you want additional details on a system you can issue the following command to get the system to try and identify the OS and services running in detail.

nmap -A 192.168.2.5

It gives an output that looks something like:

Wyrm:~# nmap -A 192.168.2.5
Starting Nmap 5.00 ( http://nmap.org ) at 2010-01-19 23:52 IST
Interesting ports on 192.168.2.5:
Not shown: 995 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.1p1 Debian 8 (protocol 2.0)
| ssh-hostkey: 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx (DSA)
|_ 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx (RSA)
80/tcp open http Apache httpd 2.2.14 ((Debian))
|_ html-title: Index of /
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
631/tcp open ipp CUPS 1.4
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.17 – 2.6.28
Network Distance: 0 hops
Service Info: OS: Linux

Host script results:
additional information on the server

Hope you also find this useful.

– Suramya

January 19, 2010

Flaw gives AT&T users access to other user’s Facebook accounts

Filed under: Computer Security,My Thoughts,Tech Related — Suramya @ 11:23 PM

Recently a Georgia mother and her two daughters logged onto Facebook from their mobile phones and wound up in a strangers’ accounts with full access to their private information. All of them were using AT&T as their data provider. On the face of it, it seems pretty scary.

How prevalent this flaw is and what other services are affected is something that is still unknown. As far as I can tell no technical details have been released to explain this issue either by Facebook or AT&T. So I am going to speculate on various ways this might have happened.

1. A flaw in Facebook caused the system to falsely authenticate users based on their IP address even without an authentication cookie present.

This could happen, however if this was the case a lot more people would have hit it by now especially on networks that have their IP address allocated dynamically.

So Probability of this being the reason: Very Low

2. AT&T is using a proxy caching server and the authentication cookies used by Facebook was stored on the proxy server.

If a proxy server was being used by AT&T then when a request went out to Facebook it would check for a valid session using the server’s IP address and then check for an authentication cookie on that server. If one existed the user would then be authenticated even though this time someone else was trying to access their Facebook account.

The problem in this case would be the incorrect configuration of their Proxy server by AT&T.

So Probability of this being the reason: Very High

3. Can’t think of any other reason… Though there could be a ton of other explanations. Just can’t think of any of them right now.

Caching servers are well and good but if they are not correctly configured they have the capacity of causing a lot of havoc and security issues. So I am off to read up more about proxies and caching servers and how to configure them correctly.

Source:

FOXNews.com – Network Flaw Causes Scary Web Error.

– Suramya

December 27, 2009

Stop Gnome Applications from looking ugly in KDE4

Filed under: Knowledgebase,Linux/Unix Related,Tech Related — Suramya @ 3:28 AM

Since I have been using KDE (even in v3.5) I have noticed that Gnome applications look ugly in KDE. (see screenshot below) In KDE 3.5 I had to install the Gnome theme controller application and apply a theme and it fixed the issue. (I can’t recall the name right now, but it was something gnome-theme-something) but in KDE4 that didn’t work so well.


Firefox without GTK Themes

Did a little research and tried various options but none of them worked that well and caused loads of issues. Finally I found a way to get the applications to use the current GTK theme in KDE even after I rebooted the system without any manual intervention.

  • Open a shell prompt or open the Run dialog by pressing Alt-F2
  • Type gnome-settings-daemon and press enter

    • Once you do this all running GTK applications, as well as any more you launch, will switch to your GNOME theme and will look a lot nicer (See screenshot below)


    Firefox with GTK Themes

    As you can see the program looks a lot less ugly with the themes applied. However if you reboot the system without configuring the gnome-settings-daemon to auto start, the applications will go back to the default no-theme state.

    To set the daemon to autostart create a text file called theme.desktop (Actually This can be anything you want as long as you keep the .desktop extension) in the ~/.kde/Autostart directory with the following contents:

    [Desktop Entry]
    Exec=gnome-settings-daemon &
    Name=GNOME Settings Daemon
    Type=Service
    X-KDE-StartupNotify=false
    OnlyShowIn=KDE;

    Once you create the file and save it, KDE will start the Gnome settings daemon everytime it starts.

    Note: On some systems the autostart directory is located in the ~/.kde4/share/autostart folder.

    Hope this helps.

    Source of the tip: Tombuntu.com

    – Suramya

    December 22, 2009

    Finally sync’d my Phone to my Google Calender

    Filed under: My Life,My Thoughts,Tech Related — Suramya @ 3:54 PM

    After reading Vinit’s response to my post about Google Calender Notification (and talking to him) I finally went ahead and installed Mail for Exchange on my N95.

    The configuration was easy, however the interface I got and the settings the system requested were different than what the Google Help site showed. Initially when I was setting up the profile it only asked for my username and password and the domain (which it didn’t let me leave blank as the Google site recommended).

    After I saved this info and tried to exit from the configuration screen that’s when it told me that I hadn’t filled out all the required information and asked me for the remaining information (like the exchange server name etc)

    Once all that was done, I initiated a sync. Even though I had told it to sync calender entries and included events up to two weeks ago it didn’t sync all my events. So I told the system to sync all calender events and that’s when it downloaded all my entries from the Google calender to my local phone.

    The only problem I see is that the events that my phone got from the Google calender don’t have any alarm set for them even though I have an alert set up on the calender for them. Though this could be because I only have the SMS and email alerts configured on all my events but not the pop-up alert. Maybe setting that alarm also will give me a phone alarm. But its not that big a deal.

    Now I have to sit and clean up all the double entries I have ended up on my phone and calender for the same events… Basically on my phone I had the alert configured for a different time than the alert on the calender so I have to sit and clean that out. Will do it when I have some spare time when I am not doing anything…

    Well this is all for now. Will post more later.

    – Suramya

    December 18, 2009

    Google adds Text to Speech capability to its translation service

    Filed under: Interesting Sites,My Thoughts,Tech Related — Suramya @ 12:01 AM

    While surfing the net I discovered that Google has a service that reads out text, converting it to speech so I tried it out and it works great, the voice doesn’t sound robotic at all like some of the other converters that are available today. The best part is that you can use it by passing it a sentence as part of a URL and it will return a mp3 file with the voice over.

    For example, visiting the following link will cause it to read out “Hello and welcome”: http://www.google.com/translate_tts?q=Hello+and+welcome

    Try it out. To have it read out a different text just change the text after ‘q=’ with your own text, replacing the spaces in the sentence with a + sign.

    The only other Text To Speech service I have seen that does this good work is the AT&T Labs Natural Voices site.

    The advantage of the Google service is that it can be automated and can be used within scripts and other programs to generate natural sounding voice responses.

    Source: blogoscoped.com

    – Suramya

    « Newer PostsOlder Posts »

    Powered by WordPress