Sunday, October 30, 2011

match() funtion in awk has a 3rd argument

Just came to know that the function match() in awk has a third argument!
The third argument is an array where you can capture the search results.

For eg:-

Code:
root@bt > cat infile
ajith & ajeesh
root@bt> awk '{match($0,"([a-z]*) & ([a-z]*)",arr); print arr[1]" : "arr[2] }' infile
ajith : ajeesh

([a-z]*) => will capture the first element of the array
&
([a-z]*) => will capture the second element of the array

And the array name here is "arr"

Monday, August 22, 2011

Experimenting BackTrack codename "Revolution"

BackTrack (release 5) is another Linux distro. Pretty fancy stuff for a guy like me, ;) I mean the stylish logo and themes and all, it looks good and pro. It is an Ubuntu derivative maintained by a group known as Offensive Security, security related of course.

I happen to see one of the webcasts by these guys, a real life hacking, wow pretty cool! The way they root into the database server, awesome!

BackTrack - how is it?

1. I tried the 64 bit version first. It was kind of slow. Actually the display driver was not installed. I didn't know to configure my wlan, I mean I was searching for the settings but just couldn't find it. So thought of scrapping it. I had a bad experience with Fedora 15 64 bit.

2. Installed the 32 bit version. Well, installation was easy but lets compare it with Fedora and Windows 7. The user inputs were less. For a newbie, the partition part may be a little difficult as in to create a ext4 partition with swap space etc.

I already had Fedora 13 installed (which btw got screwed up big time due to which I was forced to try new OS. hee hee). So when I started installing Fedora 15, it detected Fedora 13 and opted for upgrade or new installation. Else the same partition step would've hit. User inputs were less nothing big.

Issue with Fedora 15 64 bit : I was so adamant that I wanted only Fedora in my system, somehow I got used it (no big deal!). So thought of upgrading it to Fedora 15. But then I came across the 64 bit version, hmmm lets try that. 3-4 times I installed it. It wasn't stable at all. Many a times it got screwed while I was trying to change some display configurations.

Windows 7 installation was a piece of cake. Did an upgrade from Vista. Hardly I entered anything.

3. After bootup, we need to login and start the x server, that is not user friendly. It is a matter of 2 steps, but still.

4. Then I have to connect to the wlan manually, somehow it is not happening for me thought I have configured to connect automatically. Still trying to figure it out.

5. Installed the latest nVidia drivers, but the configurations though saved is kind of useless. Next time I bootup, I need to change the display settings.

6. Interface and themes are cool and catchy. And there are may superb tools for network security. This OS is basically used for PenTest (Penetration Testing).


Over all : I don't know, I am still exploring. ;)

Sunday, March 27, 2011

IPSec Linux & Solaris

Yes, I got a chance to work with IPSec in Linux and Solaris. Well, we managed to get a working connection between Linux and Solaris, so in case any of you got any doubts do contact me. I do not know much about the certificates though.

Just an overview of what is IPSec

IPsec is an extension to the IP protocol which provides security to the IP and the upper-layer protocols. It was first developed for the new IPv6 standard and then “backported” to IPv4.

IPsec uses two different protocols - AH and ESP - to ensure the authentication, integrity and confidentiality of the communication. It can protect either the entire IP datagram or only the upper-layer protocols. The appropiate modes are called tunnel mode and transport mode. In tunnel mode the IP datagram is fully encapsulated by a new IP datagram using the IPsec protocol. In transport mode only the payload of the IP datagram is handled by the IPsec protocol inserting the IPsec header between the IP header and the upper-layer protocol header. - www.ipsec-tools.sourceforge.net

Linux and Solaris uses entirely different packages and commands. We can have the keys exchanged automatically(more secure) or by manual preshared key(less secure). For the auto key exchange, Linux uses a "racoon" and Solaris used "ike daemon".

Similarly, for setting up the SA (security association - SAD - Security Association Database) and Policies, Linux used "setkey" where as Solaris uses "ipseckey" and "ipsecconf". The syntax and rules may be different but comparable.

And making it work between Linux and Solaris - that was one hell of a challenge we had!

Added more information at IPSec Linux & Solaris (Cont)