February 29, 2012

Techbits #7: Port Scanning

What is "Port Scanning", why is it done and how can I detect?


To start with something that actually happened, an incident was reported about an application going down in one of the deployments quite a while back. It was eventually found out that the problem occurred because arbitrary packets were sent to one of the TCP ports on the server and the application ran into issues while trying to process the same. The problem was subsequently resolved with a patch provided by the third-party framework that we were using.

What is meant by Port Scanning?

Now, what is meant by "Port Scanning"? It is a scan activity performed to find out what are the ports open on a particular host. This can be extended to perform port scanning on all the hosts reachable and residing on a network. It may include sending arbitrary pieces of information (read packets) to the ports which are found open.

What good can Port Scanning be of?

Coming to the second question of our topic as to why it is done, it can be done by anyone interested in finding out the possible entry points to a host i.e. to find out ways to "penetrate" or "intrude" into a network/system. At first sight, it could look like it's something that's done only by hackers. However, it is to be understood that this is the same mechanism used by security experts while gauging the overall security of the network and hosts - this is what seemed to have happened in the deployment referred in the beginning where the experienced scans were performed by a security team conducting the network/system hardening exercise.

How to detect Port Scanning?

Moving on to the last question of our topic, which is also referred to as "Intrusion Detection", there are several tools using which you can detect Port Scanning. Also, note that it is the Firewall which detects and prevents (Intrusion Prevention) such activities at the network level and filters them at the network entry point itself (from external world or in between VLANs).

The easiest of all is "snoop" which is available on most of the systems by default - which is the advantage since you don't need to install anything more. However, the downside is that it's not straightforward to do the detection using snoop alone i.e. it is an involved effort to do so. One helpful point to be kept in mind (when requiring to use snoop) is that the time window during which snoop is run should be minimized and pointed as much as possible.

Few helpful tools specifically in the domain of port scanning are listed below:
  1. Nmap - http://nmap.org/
  2. Snort  - http://www.snort.org/
  3. Nessus - http://www.nessus.org/

A cautionary advise is that port scanning is not usually allowed in an organization unless there is a justified need. As such, proper care, restraint and appropriate notifications/approvals must be exercised before you start using these tools in the networks at your work

February 25, 2012

Techbits #6: Colasoft Network Packet Builder

If you are into networking - no, I do not mean social networking - networking as in computer networks, telecommunications, TCP/IP, then this post is for you.

Colasoft Packet Builder is a freeware tool that aids in creating, editing and replaying network packets. What can this be used for? To test how your application deals with a particular network packet, whether it works as expected etc. The application could be anything like an Element Management System (EMS), Network Management System (NMS), packet analyzer or even a protocol stack implementation.

Packet Editing & Replay is especially quite a handy feature to be of aid while debugging issues. The packets captured from live networks using sniffer tools like Wireshark (formerly known as Ethereal) can be edited and replayed using the tool i.e. they can be loaded into the tool, IP & MAC addresses of source & destination changed and resent.

A sample use-case in EMS/NMS scenario is as follows:
  1. An issue is reported from the customer's production deployment.
  2. The issue states that EMS/NMS is not processing/displaying a specific event/alarm.
  3. A packet capture / snoop is asked for.
  4. The received packet capture is loaded into the tool.
  5. The packet capture is edited to update the destination IP & MAC.
    1. 5.1 This is done to direct the packet to the EMS/NMS server in your lab environment.
    2. 5.2 The source addresses can also be changed optionally.
  6. The updated packet capture is then resent/replayed.
Now, you you can reproduce and debug the issue easily without requiring access to the problematic device or without feeling the necessity to debug or add more hooks to debug on the production server.

Colasoft Packet Builder can be downloaded from http://www.colasoft.com/packet_builder/.

February 23, 2012

My first experience as a Scribe

Turning to something which is not technical, this post is meant to focus on an even more important aspect: the necessity to feel responsible to help those in need. The responsibility increases further more if the need is because of the person being physically challenged.

I remember registering myself long ago on a web site as a scribe - a person meant to write an examination on behalf of someone with a challenge like blindness, disability in hands/fingers etc. However, I never got any message from them and as such never got any chance to act as scribe. Recently, I got a message forwarded to the group YFS Vikalang requesting for scribes to write the pre-final examinations of Intermediate 2nd year (equivalent to 12th Class) students studying in "Sai Junior College for the Visually Challenged" - which is what has led me to writing this post.

I opted to act as scribe for Telugu language exam as the number of people wanting to write in the regional language was less. The biggest hurdle for me is the fact that I lost touch with hand writing ever since I entered the software development field. As a preparatory step, I practiced to write some text in Telugu the night before.

The examination duration was conveyed as 3 hours spanning from 10 AM to 1 PM. I wanted to be there at the examination center well before time - contradictory to what I used to follow by arriving at the exact time or even a bit late when I wrote exams as a student! I had, hence, started at around 8 AM since the center was quite far from where I stay. It took almost 2 hours to reach and find the place as the locality was like a maze with streets going all over! I arrived at the center eventually by 3 minutes late at 10:03.

Abhinay was the student for whom I set out to write the exam. It started with me initially walking Abhinay through the entire question paper and marking the ones he would be interested in answering. As planned, I tried my best to write the answers as fast and as neat as possible. Due to not writing for so long in so many years, my fingers and hand pained a lot (the pain lasted for 2 days, by the way). However, it still felt good as it was for a good cause.

Abhinay was pretty good when compared to all the other students around. His only downside was that he was a bit slow in recalling and telling me what to write. I kept a watch on the time all the while though. When I realized around 12 noon that there was a good chance of not being able to write all the answers, my dusty brain was quick enough to recall and follow an old trick: to write answers for all the bit questions on a separate sheet and make it ready to attach it to the other sheets in case the examiner snatches the paper away. My guess turned out true. Though time was given till 1:30 PM, we could not answer all the questions. The total number of answer sheets came to a mighty 12 (twelve) - probably the highest in the entire classroom! And, we answered only 70-75% of the questions!!

I told Abhinay after coming out of the classroom that I could not write quick enough to answer all the questions. To my surprise, he honestly pointed out that it was his fault as he usually takes more time to recall and thus lags behind. I inquired if I could accompany him to his room (the hostel also appeared to be co-located) to which he negated and told me he would go by himself. It felt quite painful to leave his hand that I was holding - making the pain in my hand and fingers feel like nothing.

I wished Abhinay the best for his finals and proceeded to travel back.It was about 3 PM by the time I reached home. All in all, it was a day well spent and was wonderful experience for me as a scribe.

The intent of this post is to inspire people to come forward to support one another. At the end of this reading, even if one individual gets motivated and if that motivation leads to helping at least one other person, this post is worth it.

February 21, 2012

Techbits #5: Browsing difficulties due to improper text font, size or color?

Tired of tiny text while browsing? Feeling difficulty reading text due to font and background color?

Zoom In : Ctrl + (hold Cntrl key and press + key)
Zoom Out : Ctrl -
Zoom Reset : Ctrl 0 (Zero)

If you are a Firefox user, you can set zoom size percentage and background color either on a a per-site basis or global level through NoSquint.

There are also other add-ons available for improving the readability like Readability. In a similar manner, readability enhancement extensions are available for Chrome as well.

February 19, 2012

Techbits #4: How to compare excel sheets?

In case you ever wondered about how to compare excel files/sheets, then this is for you.

A quick Google search leads you to lot of tools many of which are commercial. There do exist open source utilities as well like Spreadsheet Compare. Another tool is Office Diff that can be used to compare other file formats like word (doc) also apart from excel (xls).

Note that the former was found to be not working in some cases while the latter was not as rich as the former. Given this, the following approach is what I would recommend that works always. You do not need any tool to perform the diff although it might be a little bit more involved and not as straightforward. All that you'd need to do is to:
  1. Export the excel sheets to tab-separated or comma-separated text files.
  2. Use any text diff utility like KDiff3, which was shared previously, to compare the text files.
That's it! You're ready to compare excel files whether they are holding your work related data like project requirements or personal data like expenses, track sheets etc.

February 18, 2012

Techbits #3: Firefox & its wonderful world - make it yours too!

Firefox - one of the best open source tools that one can come across and which has gained a lot of widespread acceptance. Its rich repository of "Add-ons", driven by and contributed by communities all over, is a huge plus above all. It makes browsing so much more productive and delightful. It is your friendly neighborhood spider on the web and keeps you safe on Internet. Tabbed browsing is another feature that was available since quite a while. Yes, there are a lot of beautiful adjectives used here but not without a reason. I'll halt here though we can keep going on & on, and talk about many more of its features & aspects.

For those migrating from Internet Exploder - err, Explorer, there would be a bit of Newton's first law (inertia) coming into picture. But, I'd like to encourage you to make that first move after which you can feel the change yourself. And, yes, there's Chrome as well alongside - let's not divulge into the war of which one is better though. Personally, I've been a user of Firefox since almost its inception in 2005.

Why wait? Go to http://www.firefox.com/ and try Firefox now!

Provided below are some of the helpful Firefox Add-ons that I use and benefit from.
  1. Enhance your tab browsing capabilities using Tab Mix Plus
  2. Irritated by ads and banners? Go for Adblock Plus
  3. Have a site that works only with IE? Embed it in Firefox through IE Tab 2
  4. Hide almost anything via context menu 'Remove Object' through Nuke Anything Enhanced
  5. Save Web pages or specific sections (text/image), and organize in a collection using Scrapbook
  6. Save webpages (visible portion or complete) as images through Screengrab
  7. Deal with all the included JavaScript (JS) & Stylesheet (CSS) files very easily through JSView
  8. Powerful set of tools to assist primarily with your web-based development using Firebug
  9. Backup your profile (settings, add-ons etc.) through FEBE
  10. Easily copy a hyperlink and/or its text in various formats using CoLT
  11. Protect your privacy - see who's tracking your web browsing and block them with Ghostery
  12. Restart Firefox with ease using Restart Firefox
  13. Allows URI texts written in webpages to be loaded by double clicks using Text Link
  14. Manage and accelerate your downloads using Down Them All

There are many many more Firefox Add-ons available that you could choose based on your choices and requirements.

February 15, 2012

Techbits #2: KDiff3 - Visual & Recursive Diff Utility

Visual utility whether it be IDE for managing your codebase or something else is always desired. In the same context, a visual representation is also quite helpful when you want to compare files or directories, and this is exactly where the utility KDiff3 comes into picture.

KDiff3 provides a wide range of features like:

  • File Comparison / Diff - Two-way (two files) and Three-way (three files)
  • File Merge
  • Integration with Windows Explorer - invoke the diff directly with a right-click
  • Integration with source code control software like Rational ClearCase and Subversion
  • Directory Diff / Folder Diff - Traversing folders recursively and performing folder & file comparison

The last of the aforementioned features, Directory / Folder Diff, is quite handy. It means you'll be able to select two directories and do a diff between them recursively - it'll tell you in what way are the directories differing i.e. which files are present, not present, present & same, present & different. It will also then let you transition and inspect the differences between a specific file in the two directories.

Note that the usage of the tool will not only increase your productivity but also reduce any mistakes or overlooks if you do the comparison manually. Apart from KDiff3, there are other mechanisms as well like the in-built diff functionality of Eclipse (if you use Eclipse as your IDE - but this option falls out if all you are interested in just file diff rather than code diff) and tools like WinMerge. Personally, though, I found KDiff3 very handy of all of them.

KDiff3 is officially hosted at http://kdiff3.sourceforge.net/.

February 12, 2012

Techbits #1: Notepad++

Let's get the ball rolling!

Here we go with our first Techbit, one of my favourite open source utilities: Notepad++.

Notepad++ is a Free and Open Source Software (FOSS) editor with lot of rich functionality. It provides you with a lot more functionality than the editors available by default on your operating system i.e. than Notepad or Wordpad if your computer is running Windows.

Yes, there are other editors like EditPlus and TextPad. However, these are commercial applications and are supposed to be used only on an evaluation basis - unless you want to buy them from thereon. With the ethical nature of application usage after the completion of evaluation period being one reason, the other reason for you to start using Notepad++ is to encourage Open Source.

Notepad++ can be downloaded from http://notepad-plus-plus.org/.

February 11, 2012


Coming out from Hibernation

Following the last message that was posted on the blog, it was mentioned that I would be posting very soon - it was almost 5 long years ago though. Does it mean that "very soon" is about 5 years? I decided to come out of the self-imposed slumber and hibernation finally. You'll be seeing regular updates on my blog from now onwards.


A new initiative "Techbits" is going to be taken, the intention behind which is to give back to the online society. All this while, I have only been consuming by searching for solutions and tips from various sites and blogs whenever I encounter issues. However, I've decided to start contributing instead of just consuming.

What is the objective of Techbits?

To share the solutions to the problems I encountered, useful technical tips that will introduce you to new tools, new ways of doing something and improve your productivity.

Why is the name sounding like tidbits - can I eat them?

To go into the origins of the initiative name, it started with "Technical Tips", then changed to "Tech Tips", then to "Techtips", then to "Tech tidbits", then to "Techbits" eventually which looked kind of good - as it is an amalgam of Technology (which has greatly changed all of our lives) and Bits (which are the basic units of representation in computers).

With regards to the latter part of the question, you cannot eat - you've to digest them by understanding though :-) Also, I google'd and found this name being used already by some groups - I assert, however, that the idea of coming up with the name was original!

Stay tuned for further updates.