This post describes how to make Firestarter’s gui load at startup:

Launching Firestarter minimized to the tray on login

Having performed the above configuration of permissions, the system can further be set up to load Firestarter when you log in with your regular user account. Firestarter will in that case load directly into the system tray without user intervention, after which the main interface can be accessed by clicking the tray icon.

Using GNOME:
The GNOME sessions manager

Open up your GNOME menu, select Preferences followed by Sessions. Switch to the Startup programs tab, pictured right.

Click Add and enter
sudo firestarter –start-hidden
as the startup command. Click OK and you’re done.

To stop Firestarter from loading on login, simply remove its entry from the startup programs listing.

Using KDE:

Open a terminal and execute the following two commands:

echo -e ‘#’!'/bin/shnsudo firestarter –start-hidden’ > ~/.kde/Autostart/firestarter
chmod a+x ~/.kde/Autostart/firestarter

Firstarter will now load automatically when KDE starts. To stop Firestarter from loading when you log in, remove the ~/.kde/Autostart/firestarter file.

This post is a very slightly abbreviated version of Ubuntu Blog’s excellent post. I did this on Kubuntu Breezy 5.10, and it worked fine. Now, I need to find out how to do this via a startup script, a la nfs. Does the ’sudo modprobe fusemount’ have to be done each session anew? If so, how does one do a sudo in a login script?

The following guide will step you through the process of mouting file systems over ssh on Ubuntu 5.10 Breezy systems.

sshfs:
sshfs is a filesystem client based on the SSH File Transfer Protocol. Since most SSH servers already support this protocol it is very easy to set up: i.e. on the server side there’s nothing to do. On the client side mounting the filesystem is as easy as logging into the server with ssh.

Install sshfs by doing a:
$sudo apt-get install sshfs

This will also install fuse-utils and libfuse2, which are required.

Now, let us create a local directory where you want the files mounted. You should create the directory and make yourseld the owner of the directory:

$sudo mkdir /media/dir-name
$sudo chown your-username /media/dir-name

Where “dir-name” is the name of the directory on your local computer where you want to access the files from the remote computer. Say I want the files on the server to be available at /media/home-pc. I want this because the “server” in this case is the desktop I have at home, which allows me to access it through ssh. Let us use “home-pc” as an example for this guide. “your-username” is your username on the local computer.

Go to System->Administration->Users and Groups, select the group “fuse” and then add yourself to this group.

If you prefer to do it the easy way, on the commandline, then use
$sudo adduser your-username fuse

[…]

For some reason, the /usr/bin/fusermount binary is installed in such a way that users cannot execute it. To fix this do a:
$sudo chmod +x /usr/bin/fusermount

[Mount as follows (do this on client machine)]:
$sshfs example.com:/stuff /media/home-pc

Where “/stuff” is the folder on the computer with the domain name “example.com”, which I want to mount and access on my local computer at the location /media/home-pc. Remember that the /media/home-pc directory must exist and be owned by you, the user. I already mentioned how to do this in the initial part of this guide.

If you get the following error:

fusermount: fuse device not found, try ‘modprobe fuse’ first

You will have to load the fuse module by doing:
$sudo modprobe fuse

You can add fuse to the modules that are loaded on startup by editing the file /etc/modules and adding a line with only the word “fuse” in it, at the end.

Then issue the sshfs command above again.

To unmount the directory once your work is done, use the command:
$fusermount -u

for example, in my case, I would use
$fusermount -u /media/home-pc

I’ve been tweaking this page’s css / design a little more. My goal, and the goal of this site, is to learn how to use publishing tools, such as css, php, mysql, apache, linux, w3c standards, etc.

lynda.com seems like a pretty well put together tutorial site.

Best list of network analysis tools out there can be found at Insecure.org’s ‘Top 75 Network Security Tools’ page.

I’ve been exploring nbtscan, ntop, iptraf, tcpdump, ettercap and mrtg.

To build basic WiFi security literacy, I was reading around a bit, and came across this article. My summary of the article’s points:

1. Use WPA.
2. Enable MAC address filtering (via router’s ACLs).
3. Turn off WLAN SSID broadcast.
4. Change default admin password(s) … um, from the factory default, and, er, to something more secure than “fluffy.”
5. Use maximum encryption level.

This article gives instructions for how to, in an Apache .htaccess file, block a range of ip addresses from accessing a web site.

The gist of the article is to add to .htaccess file (usually the first two lines are already there):

Options Includes +ExecCGI
AddType text/x-server-parsed-html .html
RewriteEngine on
Options +FollowSymlinks
RewriteBase /
RewriteCond %{REMOTE_ADDR} ^72.14.192.
RewriteCond %{REQUEST_URI} !^/gwa-forbidden.html$
RewriteRule ^.*$ /gwa-forbidden.html

[Edit: I was looking over my entries, and noticed that this article, clearly not written by me, was neither blockquoted nor attributed — a rather egregious oversight on my part. The article is by Daniel Petri, and can be found here.]

Usually, if you want to see all the used and listening ports on your computer, you’d use the NETSTAT command.

Note: The NETSTAT command will show you whatever ports are open or in use, but it is NOT a port scanning tool! If you want to have your computer scanned for open ports see this page instead (link will follow shortly).

Open Command Prompt and type:

C:WINDOWS>netstat -an |find /i “listening”
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING
TCP 0.0.0.0:1084 0.0.0.0:0 LISTENING
TCP 0.0.0.0:2094 0.0.0.0:0 LISTENING
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING
TCP 0.0.0.0:5000 0.0.0.0:0 LISTENING

You can redirect it to a text file by adding >c:openports.txt to the command, if you want to:

netstat -an |find /i “listening” > c:openports.txt

You can also change “listening” to “established” to see what ports your computer actually communicates with:

C:WINDOWS>netstat -an |find /i “established”
TCP 192.168.0.100:1084 192.168.0.200:1026 ESTABLISHED
TCP 192.168.0.100:2094 192.168.0.200:1166 ESTABLISHED
TCP 192.168.0.100:2305 209.211.250.3:80 ESTABLISHED
TCP 192.168.0.100:2316 212.179.112.230:80 ESTABLISHED
TCP 192.168.0.100:2340 209.211.250.3:110 ESTABLISHED

Note: In Windows XP and Windows Server 2003, you can type NETSTAT -O to get a list of all the owning process ID associated with each connection:

C:WINDOWS>netstat -ao |find /i “listening”
TCP pro1:epmap pro1.dpetri.net:0 LISTENING 860
TCP pro1:microsoft-ds pro1.dpetri.net:0 LISTENING 4
TCP pro1:1025 pro1.dpetri.net:0 LISTENING 908
TCP pro1:1084 pro1.dpetri.net:0 LISTENING 596
TCP pro1:2094 pro1.dpetri.net:0 LISTENING 596
TCP pro1:3389 pro1.dpetri.net:0 LISTENING 908
TCP pro1:5000 pro1.dpetri.net:0 LISTENING 1068

You can use PULIST from the W2K Resource Kit (Download Free Windows 2000 Resource Kit Tools) to find the PID and see what process uses it and who started it. For example, you found out that your computer had an open connection to a remote IP address on TCP port 80, and you don’t have any Internet Explorer or other browser windows open. You want to find out what process is using that session.

C:WINDOWS>netstat -no

Active Connections

Proto Local Address Foreign Address State PID
TCP 192.168.0.100:2496 212.179.4.7:80 ESTABLISHED 1536

You can then use PULIST with the FIND command:

C:WINDOWS>pulist |find /i “1536″

Process PID User
LUCOMS~1.EXE 1536 DPETRIdanielp

In this case, LUCOMS~1.EXE is run by DANIELP (myself) and as it happens, it’s the Symantec Live Update process.

You can also look in Task Manager for the respective PID.

1.

To set up Task Manager to show the PID column open Task Manager by using CTRL+SHIFT+ESC.
2.

Go to the Processes tab, click View and then Select Columns.

3.

In the Select Columns windows click to select PID and then click Ok.

4.

You can sort the PID column to display the PIDs in descending or ascending order.

To see all open, established, closing and other used ports type:

C:WINDOWS>netstat -a

Active Connections

Proto Local Address Foreign Address State
TCP pro1:epmap pro1.dpetri.net:0 LISTENING
TCP pro1:microsoft-ds pro1.dpetri.net:0 LISTENING
TCP pro1:1025 pro1.dpetri.net:0 LISTENING
TCP pro1:1084 pro1.dpetri.net:0 LISTENING
TCP pro1:2094 pro1.dpetri.net:0 LISTENING
TCP pro1:3389 pro1.dpetri.net:0 LISTENING
TCP pro1:5000 pro1.dpetri.net:0 LISTENING
TCP pro1:1084 srv1.dpetri.net:1026 ESTABLISHED
TCP pro1:2094 srv1.dpetri.net:1166 ESTABLISHED
TCP pro1:2365 srv1.dpetri.net:epmap TIME_WAIT
TCP pro1:2366 srv1.dpetri.net:1026 TIME_WAIT
UDP pro1:epmap *:*
UDP pro1:microsoft-ds *:*
UDP pro1:isakmp *:*
UDP pro1:1026 *:*
UDP pro1:1027 *:*
UDP pro1:1028 *:*
UDP pro1:1038 *:*
UDP pro1:1043 *:*
UDP pro1:1085 *:*
UDP pro1:1086 *:*
UDP pro1:1242 *:*
UDP pro1:ntp *:*
UDP pro1:1649 *:*
UDP pro1:1900 *:*
UDP pro1:2095 *:*
UDP pro1:2217 *:*
UDP pro1:ntp *:*
UDP pro1:1900 *:*

Again, in XP/2003 you can use the -O switch:

C:WINDOWS>netstat -ao

Active Connections

Proto Local Address Foreign Address State PID
TCP pro1:epmap pro1.dpetri.net:0 LISTENING 860
TCP pro1:microsoft-ds pro1.dpetri.net:0 LISTENING 4
TCP pro1:1025 pro1.dpetri.net:0 LISTENING 908
TCP pro1:1084 pro1.dpetri.net:0 LISTENING 596
TCP pro1:2094 pro1.dpetri.net:0 LISTENING 596
TCP pro1:3389 pro1.dpetri.net:0 LISTENING 908
TCP pro1:5000 pro1.dpetri.net:0 LISTENING 1068
TCP pro1:1084 srv1.dpetri.net:1026 ESTABLISHED 596
TCP pro1:2094 srv1.dpetri.net:1166 ESTABLISHED 596
UDP pro1:epmap *:* 860
UDP pro1:microsoft-ds *:* 4
UDP pro1:isakmp *:* 680
UDP pro1:1026 *:* 1040
UDP pro1:1027 *:* 1040
UDP pro1:1028 *:* 680
UDP pro1:1038 *:* 908
UDP pro1:1043 *:* 624
UDP pro1:1085 *:* 596
UDP pro1:1086 *:* 596
UDP pro1:1242 *:* 1040
UDP pro1:ntp *:* 908
UDP pro1:1649 *:* 596
UDP pro1:1900 *:* 1068
UDP pro1:2095 *:* 976
UDP pro1:2217 *:* 1856
UDP pro1:ntp *:* 908
UDP pro1:1900 *:* 1068