0

Nmap and DNS resolution Timeouts

-

I think Nmap is by far the best portscanner around if you want to do some serious port-scanning. Nmap performs a DNS resolution by default. This is good for obtaining the fully qualified domain names (FQDN), however, in some cases when you are scanning huge networks spanning several class Bs, it can have a significant effect on the duration of the scan.
Although using the -n parameter can completely stop nmap from performing any resolutions, but sometimes there’s that fine granularity that you need, i.e., you want to perform name resolutions but not if it exceeds a certain amount of time. I have to say that I wouldn’t have even craved for such an idiosyncratic feature, had it not been for nmap. Fyodor has been awesome enough to provide fine-grained control over port-scanning to your heart’s content.
So I opened up the nmap code, trying to figure out if I could fine tune that feature myself and I was not at all surprised that there were several comments in the code that would give you the impression that the authors of nmap have been considering this feature.
At this time it seems that the timeouts for the DNS servers are being read out of an arrayname:
static int read_timeouts[][] in nmap_dns.cc.
The way the code works is, this array has retransmission timeouts. Each row of this array represents what retransmission timeouts that nmap will follow depending on the number of DNS servers provided.

In nmap 4.76, therefore, if you specify one DNS server (or only one entry exists in /etc/resolv.conf) nmap will wait 4000ms, then another 4000ms followed by 5000ms before giving up. But if you do specify two DNS servers, then for the first DNS server the timeouts are 2500ms followed by 4000ms and then the same is tried for the 2nd entry in the DNS servers. Therefore, it seems that nmap will wait 13 seconds at max before giving up on the DNS resolution of a host. Imagine scanning a class B and having to wait 13 seconds for each of the hosts to resolve. It would be a significant overhead.

Of course, one can find other things to do if the IP address space is not DHCP, e.g., starting a separate list scan (-sL) and a portscan (with -n) simultaneously so that the DNS resolution timeouts do not result in a major impact as far as the portscanning itself is concerned.
There could be pros and cons to this as well which I may have failed to consider. But at this time it seems that it might be the most judicious approach.

0

Brother HL-2040 Linux install on Backtrack 4

-

I was getting CUPSD errors when trying to use my Laser Brother HL 2040 printer. But, you can install Brother HL-2040 by going to the brother website and downloading the linux drivers located here:
http://welcome.solutions.brother.com/bsc/public_s/id/linux/en/download_prn.html#HL-2040
I just installed the lpd driver using the command as follows:
$ sudo dpkg -i brhl2070nlpr-2.0.1-1.i386.deb
When printing now, just select local lpd and then select brother-HL2070 printer from the list (the drivers for both versions are same).

0

Relaxation unleashed!

-

Days of hard work seem to be over…or not quite…may be…
Graduation was wonderful and so were the trips with daddu and bhabhi to San Diego, Las Vegas and Grand Canyon and not to forget the shopping sprees at Barstow (I-40 exit at Lenwood Blvd.) and Citadel mall, Los Angeles.
Then came the trip to New York City which was as always very welcome!
Met up with Ankush at NYC working at Citigroup office at Long Island City. Now comes the time to unleash my sloth-like wrath towards summer!

0

Modern-day Reconnaissance

-

Back in the day “recon” had a different meaning than it does today. Today, in the age of cyber-terrorism and cyber-stalking or Google stalking, reconnaissance comes from a variety of different sources including tools such as mash-up applications make things quite palpable for a social engineer. For the purpose of this discussion, let’s consider two entities “stalker” (the person seeking information about “someone”) and the “stalkee” (the “someone” whose information is being sought).
Back in the day (and man I’m only talking about 4-5 years ago!), the only source was public forums where users would post questions using constant email IDs. You would need to scourge through different Usenet groups and that was it…and possibly a Friendster account. Now, people have Facebook profiles which can be publicly viewed. This gives us the information about a person’s friends giving us information about the stalkee’s geographical location and may be even birthday. LinkedIn gives information about the stalkee’s job. You can even confirm the geographical location of the stalkee using LinkedIn. Now you have the name of the person and the geographical location. If you need more information about the person such as his/her age/birthdate, I’ve seen that ZabaSearch is a good resource. You can get a lot of information using ZabaSearch but if the stalkee needs he/she can remove this information using the block feature of Zaba located here. I do not know how they deal with this information but Zaba does have a “premium service” and I do not know if this premium service would give access to these “blocked records”. Now you have the information about the age of the stalkee. You could even search Twitter for the person’s twitter feed to see what the stalkee’s doing. I came across an interesting mashup application that crawls twitter to get information about where a person is and it’s aptly called Please Rob Me!. There are other great tools available such as Loopt and Tripit. Just as Twitter, Google Buzz can also give a lot of information. And the best part about google buzz is things are searchable …cool…the stalker’s job’s now easier.

5

The first interview of my life

-

This is not a post but nostalgia. This post is actually a transcript of the first interview of my life. It was for a top Indian Software Consultancy Company (referred to as “XYZ” from now on). I remember that it was July 9th, 2001 and it was a really rainy day in Bombay. While coming to the college I was totally drenched and was looking rather distraught! I cleared the aptitude test and then came the Big One – The Interview!
I went to the interview thinking that i wanted to completely screw up the interview (coz I was interested in some other company) so i went there casually dressed with a demonic smile on my face >:-) . In hindsight, I think the way I appeared for this interview was really gutsy for me and I probably couldn’t have done that had I been craving to get a job in this company. Here is the transcript of the interview.

XYZ: So Mr Rajat … tell me about urself and ur family in *short*
Me : In the year 1980 i was born in allahabad and spent the initial yrs of mylife in blah blah blah ….and completed my schooling in Shree Ram Welfare Society’s High School, Andheri(W), Mumbai . therafter i went to Sathaye College….(blah blah blah) and i came to this college thinking that this college would be good.
XYZ: & how did u find this college?
Me : (thinkin for a while and then with a heavy heart ) ok !
XYZ: Rajat y did u chose our company (XYZ) instead of other companies.
Me : i did not choose XYZ i’ve just come for this interview ! In fact u guys have come to our college (for on-campus placements) i haven’t come for this interview.
XYZ: but would u like to join our co.?
Me: i’ve come for this interview ! what does this indicate to u?
XYZ: give me one reason why u want to join XYZ?
Me: i don’t want join XYZ… i’ll goto any other co. that comes next…as a matter of fact any other co. will take me!
XYZ: Mr Rajat in this form (these guys had given us a form to fill in whichwe were supposed to write the salary we desired which i forgot to fill… oops faux pas ? well not quite) which we have given to u , uhaven’t mentioned the salary u want…. what r ur expectations?
Me : I want more!
XYZ: MORE !%#$%$#$ y do u want more?
Me: because i know i’m worth it!
XYZ: u say so but it is for us to see whether u r worth it!
Me: put me to test and i’ll prove i’m worth it !
XYZ: but why do u want more ?
Me : everybody wants more so what is wrong if i want more!(the guy seems to be pissed off to my delight)
XYZ: but u must be having some expectations , don’t u?
Me : yes of course , i have . but u r not gonna live up to them. u had made it quite clear the salary u’ll be offering to us … so it doesn’t matter what my expectations are u r gonna give only what *you* want to give us , so there rests the matter.
XYZ: tell me about this person whom u know & works in XYZ.
Me : He is my cousin and he stays at andheri.
XYZ: so what have u heard from him about our co. ?
Me : NOTHING!
XYZ: but u might have heard something at least!!!!!
ME : we meet at social gatherings and the last thing we want to speak about is XYZ!!!
XYZ: ok tell me about ur project … this assembler
Me : blah blah blah
XYZ: ok … so in ur form u write u want “A GOOD NETWORKING PROJECT PREFERABLY BASED ON NETWORK SECURITY” . what do u know about networking?
Me : NOTHING!
XYZ: (a very surprised Mr. Sleepy said) NOTHING !?!? then how can u say u want a project in it?
Me: well , i’ve attended a few seminars @ IIT and it ensured me that that was the only field i’m interested in.
XYZ: then ur interest may change after studying the subject!
Me : No, it won’t change!!!!
XYZ: wat do u know bout networkin?
Me: latest happenings … blah blah blah
XYZ: suppose that we don’t have a project in network securities for you then what will u do?
Me: i have written that it is my ambition to work on a networking project…AMBITIONS ARE NOT ALWAYS FULFILLED.
XYZ: Rajat … there is a rule in ur college that if u get 1 co. u r noteligible for the rest.we offer u 16k .. so if tomorrow infosys comes and offers u 20k wat will u do?
Me : I WILL GO !!!!!
XYZ: u’ll go !?! that means you are after money ?
Me : who said that !? i never said that ! i want more money but more important than that is the work environment & the kind of projects i get. if i getbetter projects there i’ll go money is secondary but still important .
XYZ: (as if trying to juistify a lesser salary) u know rajat that on paper their (Infosys) salary may look large but 20% blah blah blah ….. 12.5 % blahblah blah …6% blah blah blah … (and lots more statistics which lasted foran eternity as far as my viewpoint goes)
XYZ: do u realise that XYZ has a 3yr. service agreement or u r chargedRs.50,000/- . what are your feelings about that?
Me : it is absolutely wrong.
XYZ: why?
Me: The word “bond” itself says that u r “bound” to the co. no matter what.
XYZ: that is why we don’t call it a “bond” we call it a “service agreement”.
Me: ok…that’s just another name for it. i personally think that instead of”binding” people to ur co. u should create such an environment that people like to stay in ur co. with their wishes and so the co. will benefit if peoplework with their wishes.
XYZ: do u havre any questions for us?
Me: yes , sir i do! in ur qns a few minutes back u mentioned infosys and in ur pre-placement talks u said u r no.1 software co. of india. how can u say thatwhen all that we see in the newspapers is infosys and with u comparing urself to infosys?
XYZ: infosys is 12% blah blah blah … 19% blah blah blah …(and lots morestatistics that made me feel as miserable as our indian cricket team witheverything out of control)does that answer ur qn?
Me: ya! sir may i ask another question ?
XYZ: ya sure! (with some uneasiness)
Me: sir, this yr. we have seen our seniors get whole lot of “back out” letters! what r ur feelings about that?
XYZ: OUR FEELINGS !!??!
Me: i mean r u people going to do the same with us?
XYZ: (i think this was it and he lost his complete cool and he pointed to me & said sternly) till this date our company has not given any “back-out” letters to anybody.
Me: Thank u .sir. it was a pleasure!

This was the first interview of my life and I ended up getting selected for this company. It was a great experience working there and I realized that money is not everything! At the end of it I think I was not rude but dangerously honest in giving my answers and this plan could have backfired on me but it didn’t … may be I was lucky or may be this was destiny!

0

Nutching Nutching Nutching

-

The whole day today was spent in analyzing Nutch Source Code with Anshul. It is almost 8:00 pm now and nothing has been done yet! Have received an e-mail from Chris Mattman and Ashish Vaidya giving some pointers. Hopefully, it’s gonna help!
Had problems while compiling the code as well. It’s strange that when I installed j2sdk from Java Sun site I did not get javac in the /usr/java/jre1.5.0_02/bin directory. So since I did not have enough time to look for the files, I simply downloaded Netbeans and got the thing compiled with Daddu’s suggestion!
Will blog later when I can get some success with Nutch.
-Rajat.
Rajat’s Abode

0

Die Another Day!

-

Back again in the lab to get the module completed as this part needs a lot of effort.
The RabinHash available at Jaspell was very helpful in getting me started with the actual coding of the whole thing. Now since the Rabin Hash values are really varied I need to first figure out ways to search the packet hash presence effectively. Today I’ll try an idea where I’ll mod out the hashes to 3 distinct prime numbers and see the values they hash to. These indices from the table of pointers would point to respective hash values.


mod p1 mod p3
|_______________| |_______________|
|_______________|--->[val1]<--+ |_______________|
|_______________|--->[val2] |__|_______________|
|_______________|--->[val3]<--+
: : : | :
: : : |___ :

First I needed to read through how kernel memory allocation works.
Kernel Korner – Allocating Memory in the Kernel | Linux Journal was a fantastic link that got me right into the mem allocation principles!.
Let’s see how the day goes!