nmap command to scan TCP/UDP ports

Nmap, short for Network Mapper, emerges as a command-line tool capable of scanning networks by sending packets and analyzing the responses. It’s particularly adept at identifying open ports and services running on a target system.

Scanning TCP Ports

Nmap’s TCP port scanning is robust. For instance, scanning ports 1 to 100 on a target:

nmap -p 1-100 <target>

To focus on specific ports, say 80, 443, and 8080:

nmap -p 80,443,8080 <target>

Or a comprehensive scan across all TCP ports (1 to 65535):

nmap -p- <target>

Scanning UDP Ports

UDP port scanning differs due to the protocol’s connectionless nature. Scanning UDP ports 1 to 100:

nmap -sU -p 1-100 <target>

For specific UDP ports, e.g., 53 and 161:

nmap -sU -p 53,161 <target>

Scanning Both TCP & UDP ports

nmap -sU -sT -p 53 <target>

or

`nmap -sUT -p 53 <target>`

Validate SSL certificates from CLI using openssl command

The following steps are used to validate the SSL certificates with openssl command

Check the Certificate Chain: To check the certificate chain and ensure that it’s valid, you can use the openssl verify command. This command will check if the certificate chain is valid up to a trusted root certificate.

openssl verify -CAfile gd_bundle-g2-g1.crt abc.crt

In this command:

• gd_bundle-g2-g1.crt is the file containing the trusted root certificates (the certificate authority bundle).
• abc.crt is the certificate you want to verify.

If the certificate chain is valid, you’ll see a message like: abc.crt: OK.

Check Certificate Details:

To view detailed information about a certificate, you can use the openssl x509 command. For example, to view the details of the abc.crt certificate:

openssl x509 -in abc.crt -text

This will display all the information about the certificate, including its subject, issuer, validity dates, and more.

Check the Private Key and Certificate Match:

To verify if a private key (abc.key) matches a certificate (abc.crt), you can use the openssl rsa and openssl x509 commands together:

openssl rsa -noout -modulus -in abc.key | openssl md5

openssl x509 -noout -modulus -in abc.crt | openssl md5

If the modulus values printed by these commands match, it indicates that the private key and certificate match.

Check Certificate Expiry Date:

To check the expiry date of a certificate, you can use the openssl x509 command:

openssl x509 -enddate -noout -in abc.crt

This will display the certificate’s expiry date.

These OpenSSL commands provide various ways to validate SSL certificates and perform different checks. Adjust the commands based on your specific requirements for certificate validation.

How to clear swap space – Ubuntu/Linux

 

To clear swap space in Ubuntu/Linux we need to use swapoff command as shown below:

$ swapoff -a

Above command will turn of swap completely.

Before running swapoff command you need to have enough free RAM available, since swapoff command will move all swap data to RAM.

If you wont have enough free RAM this command may make your system unstable.

Again to turn on swap you need to use swapon command ash shown below:

$ swapon -a

You need to have root/sudo permissions to run above commands.

Number of open files or file descriptors associated with a process

Since in *nix every thing is a file, When you try to find open files or file descriptor associated with a process you will see Actual file log, Unix Sockets, Library files, Network Sockets,  /dev files and others.

lsof is a command to list all open files.

To list all open files or file descriptors by a process:

$ lsof -p PID

or

$ lsof -a -p PID

or

$ ls /proc/PID/fd

where PID is a process ID of any process that is running.

To count all open files by a process:

$ lsof -p PID | wc -l

or

$ ls /proc/PID/fd | wc -l

To list all open files:

$ lsof 

To count all open files:

$ lsof | wc -l

Nmap – Scan for open ports

 

nmap is a network exploration tool and security/port scanner.

We can list all open ports using nmap for a given IP/Host.

Use following command to list all open ports:

$ sudo nmap -v -sS 192.168.1.1

Use following command to scan specific ports:

$ nmap -sS -O -p80,8080 192.168.1.1

To can specific range of ports(scan from port 80 to 100):

$ sudo nmap -sS -O -p80-100 192.168.1.1

mutt – send mails with attachments

 

By using mutt we can send mails with attachments from command line.

Install mutt:

$ apt-get install mutt

Send mail with attachment:

$ mutt -s "PFA" user@example.com -a attachment.txt < body.txt

or

$ echo "body text here" | mutt -s "PFA" user@example.com -a attachment.txt

Send mail without attachment:

$ mutt -s "PFA" user@example.com < body.txt

or

$ echo "body text here"  | mutt -s "PFA" user@example.com

CentOS – Hostname Change

 

To change host name in CentOS use following steps:

Open /etc/sysconfig/network file

$ vim /etc/sysconfig/network

Now modifiy HOSTNAME= value

HOSTNAME=my.domain.com

my.domain.com is desired host for my machine, similarly we can use other valid domain names.

Next edit /etc/hosts file, here we need to change the host that is associated to your main IPaddress for your server.

192.168.1.10   my.domain.com my

After completing above two changes restart network by using following command:

$ service network restart 

Now run hostname command:

$ hostname

Output:

my.domain.com

Above procedure will work both in CentOS 5 and 6 versions.

HAProxy – Starting proxy webfarm: cannot bind socket

Today morning when I am trying to start haproxy in one of server I got following error:

[ALERT] 096/213653 (26549) : Starting proxy webfarm: cannot bind socket

I have spent around 2 hours to debug this issue.

Here is the solution:

HAProxy will try to bind to Virtual IP which will only available in active node. Since our virtual IP is already bind to active node, this server unable to bind.

To resolve this issue we need to append net.ipv4.ip_nonlocal_bind=1 in /etc/sysctl.conf file.

Open /etc/sysctl.conf and append following line:

net.ipv4.ip_nonlocal_bind=1

After adding above line run following command to check if its updated or not:

$ sysctl -p

Output:

net.ipv4.ip_nonlocal_bind = 1

In output of sysctl -p we can see net.ipv4.ip_nonlocal_bind = 1.

Now start HAProxy:

$ service haproxy restart

Output:
* Restarting haproxy haproxy

After starting check HAProxy status:

$ service haproxy status

Output:
haproxy is running.

To find where is your virtual IP

To find to which host your virtual IP is bind use following command:

$ ip addr

In output check if you can find your virtual IP.

Start HAProxy with init script

To start HAProxy with init script set the ENABLED option to 1 in /etc/default/haproxy file

Open /etc/default/haproxy file

$ vim /etc/default/haproxy

Append following line:

ENABLED=1

After adding above line restart HAProxy.

$ service haproxy restart 

Output:
* Restarting haproxy haproxy

vim convert to lowercase or uppercase

 

By using simple substitution we can convert  text in vim either to lowercase or to uppercase.

I have a following text in in one of file:

aBcDeFgH
iJkLmNoP
qRsTuVwX
yZ

To convert complete text to uppercase use following substitution code:

:%s/.*/\U&/g

or

:%s/[a-z]/\U&/g

Similarly to convert complete text to lowercase use substitution code:

:%s/.*/\L&/g

or

:%s/[A-Z]/\L&/g

Python convert string to list/tuple/dictionary

By using ast modules literal_eval function we can convert any python string to valid literal.

ast modules literal_eval function will only evaluates string that are valid python literals.

Lets try with an example:

I have file with some valid python literals and I want to evaluate each of them.

Content of my input file is following:

[1, 2, 3]
(1, 2, 3)
{‘a’:1, ‘b’:2, ‘c’:3}
‘abc’
123

Here I want to detect type of literal in each line.

First I will try with a simple example:

#!/usr/bin/python
import os, sys
f = open(sys.argv[1], 'r')
lines = f.readlines()
print lines
for i in lines:
    print i.strip(), type(i)

Output:

[1, 2, 3] <type ‘str’>
(1, 2, 3) <type ‘str’>
{‘a’:1, ‘b’:2, ‘c’:3} <type ‘str’>
‘abc’ <type ‘str’>
123 <type ‘str’>

Just observer output, by default all lines are detected as string.

Now try with ast modules literal_eval function.

#!/usr/bin/python
import os, sys, ast
f = open(sys.argv[1], 'r')
lines = f.readlines()
#print lines
for i in lines:
    print i, type(ast.literal_eval(i))

Output:

[1, 2, 3] <type ‘list’>
(1, 2, 3) <type ‘tuple’>
{‘a’:1, ‘b’:2, ‘c’:3} <type ‘dict’>
‘abc’ <type ‘str’>
123 <type ‘int’>

Now observer above output, each line is detected and converted as its own literal type.

I tested this example in Python 2.7.3