Tag Archives: Linux


How to use Nmap to identify what a server is running

Whether you are attacking a computer or protecting it, proper intelligence about a computer is important.  A very powerful option for learning about a given system is Nmap.  According to Nmap’s website:

Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X.

I would like to take a look at a few of the things you can do with Nmap.  For these examples, my target is going to be jastreich.com (a server run by a friend and former coworker) .  This is definitely not a comprehensive guide but it will cover some high points.


Determine what domain names use that server (without pinging anything)

This scan does not ping the server in any way.  It simply does a reverse-DNS lookup.  The nmap website says that this scan is a “good sanity check” since it lets you verify the identity of your target.  I would have to agree.

nmap -sL [Insert Host Here]

Starting Nmap 6.00 ( http://nmap.org ) at 2013-12-14 03:55 UTC

Nmap scan report for jastreich.com (

rDNS record for piggyandmoo.com

Nmap done: 1 IP address (0 hosts up) scanned in 0.05 seconds


Trace path to the server (traceroute)

This sends packets to the server with decrementing TTL, in an attempt to elicit ICMP time-exceeded messages.  The goal is to identify every computer between you and your target.  This could help to identify alternate attack vectors.  Beware: traceroute requires root on your local machine.

nmap –traceroute [Insert Host Here]

Starting Nmap 6.00 ( http://nmap.org ) at 2013-12-14 04:37 UTC

Nmap scan report for jastreich.com (

Host is up (0.00092s latency).

rDNS record for piggyandmoo.com

Not shown: 998 closed ports


25/tcp open  smtp

80/tcp open  http

TRACEROUTE (using port 554/tcp)


1   11.49 ms

2   0.95 ms  piggyandmoo.com (

Nmap done: 1 IP address (1 host up) scanned in 2.60 seconds


Application Version Detection

So, you know where your target is.  Next, you probably want to know what services your target is running.  This will tell you exactly what it is running (to the best of it’s ability).  Once you know what daemons are running and what versions are running, you can start looking for exploits that can be leveraged.

nmap -A [Insert Host Here]

Starting Nmap 6.00 ( http://nmap.org ) at 2013-12-14 04:43 UTC

Nmap scan report for jastreich.com (

Host is up (0.00061s latency).

rDNS record for piggyandmoo.com

Not shown: 998 closed ports


25/tcp open  smtp    Postfix smtpd


| ssl-cert: Subject: commonName=stkfactory

| Not valid before: 2012-10-17 21:47:37

|_Not valid after:  2022-10-15 21:47:37

80/tcp open  http    Apache httpd 2.2.22 ((Ubuntu))

|_http-title: J. A. Streich Home Page

No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).

TCP/IP fingerprint:











Network Distance: 2 hops

Service Info: Host:  localhost

TRACEROUTE (using port 80/tcp)


1   0.82 ms

2   1.01 ms piggyandmoo.com (

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 20.82 seconds



This is a good first scan when analyzing a server.  It is fast and stealthy because it never completes a TCP connection.  It uses something called a half-open scan.

nmap -sS [Insert Host Here]

Starting Nmap 6.00 ( http://nmap.org ) at 2013-12-14 04:57 UTC

Nmap scan report for jastreich.com (

Host is up (0.00031s latency).

rDNS record for piggyandmoo.com

Not shown: 998 closed ports


25/tcp open  smtp

80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds




How do I protect my Linux web server from viruses?

So, you want to run a web server and you are not the only person who will have the ability to upload files to it?  You might want to think about installing an antivirus scanner.  If you are running Linux (like I am), Clam AntiVirus is a good option.

So, how do you install it?

sudo apt-get install clamav

How do you update the virus definitions?

sudo freshclam

How do you scan the whole server for viruses?

clamscan -r /

If you want to scan the whole server for viruses and move any infected files, how do you do that?

clamscan -r –move=/home/administrator/quarantine /

So, the next step would be to set this task up in crontab, so it happens automatically, on a regular basis.


What is a Chromebook like to own?

tl;dr: It’s better than I thought it would be. You need just need to learn the tricks. Install crouton and Chrome Remote Desktop.


Over the past few months, I’ve been watching the ultrabook market for something that would have sufficient power, a day-long battery, and enough portability to allow me to carry it around comfortably.  I found ordered one (a Dell XPS 13) but after an issue with Dell mysteriously canceling my order and not being willing to tell me why, I was left without a viable option.

I started to reanalyze the options, ~1 month ago and started to wonder if I really needed to carry around something as powerful as a XPS 13.  I need a more powerful computer at home and at work but if I’m sitting at a coffeeshop, writing code, why would a i7 CPU and 8gb of RAM really be needed?  That’s when I started looking at a Samsung Chromebook.  I bought mine from best buy for under $220 (refurbished).  It came with 2gb of RAM, a 16gb SSD, and an ARM processor.  I specifically went for the ARM Chromebook because of it’s great battery (~8-9hrs).

ChromeOS Login Screen

I can hear you saying, “but Joe, Chrome OS is just a web browser!” You are only partially correct.  Chrome OS itself is basically just a web browser.  There are ways to deal with that, though.  Googler David Schneider created the ChRomium Os UbunTu chrOot enviroNment (aka Crouton).  It installs on-top of Chrome OS and allows you to run whatever linux apps you want (as long as you can find a compatible binary for the app).  It allows me to run Xfce without a problem.

ChromeOS CroshSuccesses:

Despite what you might think, I actually spend most of my time within Chrome OS (vs Xfce).  Chrome OS really does handle most of what I do.  Previously, I have used Hamachi and RDP to connect from my laptop to my various PCs.  Hamachi is not an option on Chrome OS but Chrome Remote Desktop does NAT traversal.

I was able to get pidgin and Hotot working within Xfce.  It wasn’t too hard.  I don’t think LibreOffice would be hard to install but I haven’t had a need for it yet.


I kinda wish Sublime Text 2 and Flash were available as ARM binaries.  Flash works in Chrome OS but not in Xfce.  It means that if you want to listen to Pandora, you need to be within Chrome OS.  As for Sublime Text 2, there is always Nano as an alternative.  I’m debating installing Sublime Text in a VPS and just remoting into it for dev work.  I’m not sure yet, though.

Earlier versions of Chrome OS did not support ad-hoc networking.  As a result, out of the box, I couldn’t tether my Galaxy Nexus to my Chromebook.  I even ended up returning my first Chromebook, out of frustration.  It turns out that a firmware update on the Chromebook fixes the issue.

Right click on the track-pad doesn’t work (apparently by design).  If you need to right click, you hold down alt and then left click.

There is no home button or end button but ctrl+alt+up and ctrl+alt+down work as adequate replacements.

Final Thoughts:

This will never be my only PC but it is quickly becoming my primary PC.  The 8+ hour battery is awesome.  I’m never going to be able to run apps like TurboTax on it but that is what my windows PC is for.  I am afraid to say it but I am starting to understand why someone might buy a Pixel.


How to add a new user in Ubuntu Linux

So, you have installed a fresh copy of Ubuntu and you need to start setting things up.  What is the first priority? You need to create new user accounts.  To add a new account, you can use useradd.

sudo useradd -d [user’s home folder] -m [username]

The above command creates the user’s account and their home folder but you still need to create their password.  For that, you want to use passwd.

sudo passwd [username]

So, now that we have created the account, how do you delete it?  For removal of user accounts, there is deluser.

deluser [username]

Now, let us check out a real-world example.

Ubuntu Linux useradd and passwd commandsdeluser Ubuntu Linux CommandIt’s as easy as that.  Just remember that deluser won’t remove the user’s home folder.  You will need to do that yourself.


How to install Ubuntu Server 10.04

So, you are looking to install Ubuntu?  Ubuntu is a great foundation to run a server upon.  This post will step you through the initial installation of Ubuntu Server 10.04.  As of the writing of this, version 10.04 is the latest LTS release.  Please keep in mind that these steps will get a functional operating system onto your computer but you may still need to perform additional steps (like installing services, setting up accounts, and securing the server).  Also keep in mind that these instructions assume that you are only running the one operating system on your server.

Step 1: Burn (or acquire) a copy of the Ubuntu install media.  It is freely downloadable from the Ubuntu website.  For a production server, I would recommend using the current LTS version.  Whether you should pick 64-bit or 32-bit depends on if you are running 64-bit or 32-bit hardware.  When in doubt, you can always pick 32-bit.

Step 2: Boot the server to the install media (CD, DVD, USB thumb drive, etc).  The first prompt you will see will ask what language you would like to proceed in, for the install process.

Step 3: Select “Install Ubuntu Server”

Step 4:  Select your preferred language again.

Step 5:  If you live within the US and speak English, you easiest to select no at this point.

Step6:  Select “USA”

Step 7:  Select “USA”

Step 8:  Next, you need to pick a hostname for the machine.  It should ideally be something memorable and short.

Step 9:  Select your time zone.  For me, the installer was able to determine it automatically.

Step 10:  Select “Guided – Use entire disk and set up LVM”

Step 11:  Select the hard drive that you would like to install Ubuntu on

Step 12:  Select “yes”

Step 13:  Specify how much of the hard drive you want Ubuntu to use.  If it is the only thing on the hard drive, you will want it to use all of the hard drive.

Step 14:  Select “yes”

Step 15:  Supply your full name.

Step 16:  Supply a username that you would like to use.  This is the username you will be using to log into the computer.

Step 17:  Pick a password to use with the username (from step 16).

Step 18:  Retype the password you entered in step 17.

Step 19:  Choose whether or not you want to encrypt your home directory.  I never store anything within the home directory, so I said no.  You can if you want to.  It helps prevent theft of your data if the actual hard drive is stolen.

Step 20:  Specify your http proxy, if you use one.  My employer uses one but, chances are, you can leave this blank.

Step 21:  Select “Install security updates automatically”.  It’s just a good idea.

Step 22:  Here, you are going to select which services you want the installer to install.  You can install any of these later but you may want to elect to install them now.  I chose to install the OpenSSH server at this point, because I will definitively need it in the future.  Without it, I won’t be able to SSH into the computer.

Step 23:  Assuming that Ubuntu is the only thing installed on this server (you aren’t dual-booting), select “yes”.

Step 24:  Congratulations.  Ubuntu Server is now installed on your server.  Now you can log into it and start getting down to business.


I will be trying to do a few more “how-to” posts regarding setting up a linux server.  This post is meant to be a foundation.  If you have any questions, please feel free to ask them in the comments.


How to watch errors in Linux as they occur, using tail

I have used this a bit to see what’s going on with Apache, when something goes wrong.  If, while at your trusty Ubuntu command line, you type ‘tail -F’ and then a file name, it will sit there and show you additions to the file as they occur.  This means that you could type ‘sudo tail -F /var/log/apache2/error.log’ and it will sit there and spit out Apache2 error messages as they occur.  Good for figuring out what you broke today. 🙂