jump to navigation

Hack to protect sendmail advertising its version August 31, 2010

Posted by networknuts in Uncategorized.
Tags: , , , , , , , , , , , , , , , , , , , , ,
add a comment
Here is a very useful HACK to protect your sendmail server from potential hackers.
You should be knowing that anyone can get your sendmail identity (that means the server name / version) by just simply doing a telnet to your machine. As shown:

Sendmail showing its identity to world

Now this can be a very useful information for any dedicated hacker or any intruder.
We wish to HIDE this information from outside world !!
Here is a very simple but very useful TWEAK / hack that can be used to hide this information.
Just open the /etc/mail/sendmail.cf file and change the value of the SmtpGreetingMessage field.
Here I had commented the original line (above the highlighted line for your reference, which is a good practice also) and copied and edited the code, as shown:

Changing sendmail identity.

REMEMBER - do not use the m4 macro command after editing the /etc/mail/sendmail.cf file. So it should be your last step after configuring sendmail.
Just restart the sendmail service.
service sendmail restart
Now if you do the telnet again to check what sendmail is advertising, you will be more than happy, as shown:

Sendmail Identity Hidden from Outside world

Happy !!
Enjoy your Edge !!
God Bless.

Using NMAP for Ping Sweep and OS Detection August 30, 2010

Posted by networknuts in Uncategorized.
Tags: , , , , , , , , , , , , , , , , ,
2 comments
Ping Sweeping is the process of pinging numerous hosts. In the case of a large set of target IP addresses, one must perform a ping sweep to determine alive hosts that respond to ICMP echo requests. This information can be very useful for a administrator checking his network status.
We can use “nmap” for this purpose.
Step #1. Install NMAP
You can either use the Internet repositories for this purpose and use:
yum install nmap
or you can manuall download the nmap package from this link – http://nmap.org/download.html
Step #2.Use nmap for Ping Sweep
nmap -sP 172.24.0.*
In this case I am trying to use ping-sweep to scan my whole network to find out which machines are LIVE and KICKING right now.
Here is what I get from this simple command.  :P

Ping Sweep in action

NMAP is so wonderful tool in your hands that it can be used for many purposes.
One more very simple, very interesting and very important job that nmap can perform is that it can also give you the OS details of your machines running within your domain.
Using nmap for OS detection:
nmap -O 172.24.0.*
Just give this command and see ALL your machines telling their OS’s to you.
Below is what I get !!

OS Detection using nmap

To watch the video of this post on Network NUTS YouTube channel – http://www.youtube.com/watch?v=WMPr4dvdo74
God Bless !!
Enjoy your EDGE !!

Bash Shell script to check the existence of a file under your linux filesystem August 3, 2010

Posted by networknuts in Uncategorized.
Tags: , , , , , , , , , , , , , , ,
1 comment so far

Here is a very small but useful shell script that will check the existence of a file and report accordingly.

#!/bin/bash
#by alok srivastava
#check the existence of a file under your filesystem
#this bash shell script use "positional parameters"

file=$1
[ $# -eq 0 ] && { echo "Usage: $0 filename"; exit 999; }
if [ -f $file ];
then
echo "YES - File $file exists."
else
echo "NO - File $file does NOT exists."
fi

It can be very useful while creating more complex bash shell scripts.

Here is a sample execution shown for your reference:

Follow

Get every new post delivered to your Inbox.

Join 484 other followers