Using sftp on a non-standard port

Just a quick note about sftp.

It makes good security sense to change the ssh port on servers that are Internet accessable. To take advantage of this using ssh is quite straight forward as their is a parameter -p to support this eg:

ssh -p 3432 mick@mickvaites.com

Unfortunately the same is not true for sftp (secure file transfer). To achieve the same result with sftp we need to use specify an option of “Port 3432” eg:

sftp -o "Port 3432" mick@mickvaites.com

Once done log it as you would normally.

SSH Escape commands

Note to self:

These are the ssh escape commands from within an ssh connected session.

%~?
Supported escape sequences:
 ~.  - terminate connection (and any multiplexed sessions)
 ~B  - send a BREAK to the remote system
 ~C  - open a command line
 ~R  - Request rekey (SSH protocol 2 only)
 ~^Z - suspend ssh
 ~#  - list forwarded connections
 ~&  - background ssh (when waiting for connections to terminate)
 ~?  - this message
 ~~  - send the escape character by typing it twice
(Note that escapes are only recognized immediately after newline.)

The ~ (tilda) is normally accessed by keying [shift] + [`]

To pull up the list as above send a Tilda + Question Mark ~?

Moving iTunes Mac to Windows XP

My wife prefers windows-xp to MacOSX so I needed to move her iTunes library to her PC.

After hunting the net on this subject I eventually came across the following solution.
(Thanks for hifiblog.com).

1. Install iTunes on the PC

2. Create a zero length iTunes Library.itl file in the /Users/mick/Music/iTunes folder on the mac:

touch /Users/mick/Music/iTunes/iTunes Library.itl

(The backslash is needed to create a space in the file). This file is created on the mac as it’s easier to create a zero length file on the mac than on the PC.

3. Copy the contents of the iTunes folder:

 /Users/mick/Music/iTunes

to the PC folder:

 C:Documents and SettingsmickMy DocumentsMy MusiciTunes

4. Edit the file …iTunesiTunes Music Library.xml and amend the file locations replacing:

file://localhost/Users/mick/Music/iTunes/

with

file://localhost/C:/Documents%20and%20Settings/mick/My%20Documents/My%20Music/iTunes/

using your favorate editor. Depending on how much music you have in iTunes depends on how big this file it.

5. Start up iTunes on the PC.

Under normal circumstances iTunes doesn’t read the .xml file instead it uses the datafile iTunes Library.itl. Now because we have created a zero length version of this file, iTunes thinks this file has become corrupt so it recreates it using the iTunes Music Library.xml file as it’s source.

Resize iTunes to fit screen

I run both a macbook and a macpro and periodically synchronize between the two of them.

Unfortunately as the screen on the macpro is considerably bigger than the macbook 13″. Occasionally I open an application only to find the window is bigger than the screen so using the mouse I cannot minimise. Help is at hand (with iTunes as least).

Press the [ALT] key and the click the green (+) at the top left hand corner of the window at the same time sends the window full screen at the current resolution.

Mick


Web Tunnelling over SSH

Not new information but all the same useful for either secure traffic or bypassing web cache restrictions.

First example is a socks proxy to allow you to secure web traffic over a wifi link or just avoiding web caching filters.

From unix, linux, *BSD or MacOSX type in :

ssh -N name@ssh_server -D 9999

or from windows download plink.exe from http://www.chiark.greenend.org.uk/~sgtatham/putty/ (putty.exe is also a must). The command from windows is :

plink -N -D 9999 name@ssh_server

What this does it to open an encrypted tunnel with an entry point of Localhost:9999.

Once the connection is established you then configure your web browser to use a socks proxy of Localhost port 9999. You web traffic will be tunneled over an encrypted link to the server ssh_server.

An additional security step you can use from Firefox is to get the dns resolution of the site done at the remote end instead of locally. In this way you can browse intra-net web sites over the SSH link.

For Firefox in the about:config page change network.proxy.socks_remote_dns to true

Region Free MacPro

After hunting the internet I finally managed to confirm how to change my MacPro to region free.

For this I have to give many thanks for www.rpc1.org and the administrator puma.

NB: The posting assumes that your DVR is a PIONEER DVD-RW DVR-112D and I offer no guarantees this will work or worse render your DVR unusable.

For simplicy I have attached a zip file with all the tools you’ll need.

First things first download zip file onto your mac.

dvrflash_mac.zip

The open a Terminal window in the same folder  and unpack the zip file :

mac-pro:Downloads mick$ unzip dvrflash_mac.zip
Archive:  dvrflash_mac.zip
   creating: dvrflash_mac/
  inflating: dvrflash_mac/A0013000.115
  inflating: dvrflash_mac/A0013001.124
  inflating: dvrflash_mac/DVRFlash
  inflating: dvrflash_mac/Readme.DVR112D.txt
  inflating: dvrflash_mac/Readme.txt

mac-pro:Downloads mick$ cd dvrflash_mac
mac-pro:dvr_flash_mac mick$

The Readme.txt is the original from the author I have added the Readme.DVR112D.txt with some basically this article.

Next check to see that your drive is RPC-2 (region locked) as follows :

mac-pro:dvrflash_mac mick$ ./DVRFlash -v

DVRFlash v2.6.0: Pioneer DVR firmware flasher
by Agent Smith, et al.,  July 2008

Commandline:
  ./DVRFlash -v

Device parameter was not given, detecting all DVR drives:

        Device : A:
        Vendor : PIONEER
         Model : DVD-RW  DVR-112D
      Revision : BC14

        Status : RPC-2 (region locked)
        Region : 2
       Changes : 4 region changes remaining
                 4 vendor resets remaining
                 state is 'Region set'

Now run DVRFlash again, from the command prompt, using
one of the device(s) listed above as first parameter

Press the Return key to exit

mac-pro:dvrflash_mac mick$

Now assuming you are happy to proceed continue with flashing the drive.

mac-pro:dvrflash_mac mick$ ./DVRFlash -ff PIONEER A0013000.115 A0013001.124

DVRFlash v2.6.0: Pioneer DVR firmware flasher
by Agent Smith, et al.,  July 2008

                       DISCLAIMER

THIS PROGRAM IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE.

THE ENTIRE RISK AS TO THE ABILITY OF THIS PROGRAM TO FLASH A
PIONEER OR COMPATIBLE DVR DRIVE IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY
SERVICING, REPAIR OR CORRECTION.

THIS PROGRAM IS NOT ENDORSED BY PIONEER CORPORATION OR ANY
COMPANY RESELLING PIONEER EQUIPMENT AS THEIR OWN BRAND

IF YOU UNDERSTAND THE RISKS ASSOCIATED WITH THIS PROGRAM AND
DISCHARGE BOTH THE AUTHOR AND PIONEER CORPORATION FROM ANY
DAMAGE OCCURING AS THE RESULT OF ITS USE, PLEASE INDICATE SO
BY ANSWERING THE FOLLOWING QUESTION:

Do you understand and agree to the statement above (y/n)?
y

Commandline:
  ./DVRFlash -ff PIONEER A0013000.115 A0013001.124

Drive Information:
   Description : PIONEER DVD-RW  DVR-112D
  Firmware Rev : BC14
 Firmware Date : 07/09/27
  Manufacturer : PIONEER
Drive is in normal mode.

Firmwares and Drive type mismatch
Continue because force option was specified
WARNING: Hardware and Firmware really don't match!
Continue because superforce option was specified
Are you sure you want to flash this drive (y/n)?
y

Switching drive to Kernel mode:
   Description : PIONEER DVD-RW  DVR-112
 Firmware Rev. : 0000
 Firmware Date : 06/08/11
  Manufacturer : PIONEER
Drive is now in Kernel mode

Now sending the Kernel part:
Now internal Kernel reflashing. Please wait... OK.

Now sending the Normal part:
0%          25%          50%          75%         100%
|============|============|============|============|
Please hold your breath for about 30 seconds...

Now internal reflashing. Please wait... OK.

Updated Information:
   Description : PIONEER DVD-RW  DVR-112
 Firmware Rev. : 1.24
 Firmware Date : 07/08/08
  Manufacturer : PIONEER

Flashing operation successful ;)

mac-pro:dvrflash_mac mick$

If everything has worked out you will now be able to play DVD’s from any region on your MacPro.

Mick

Man in the middle – ARP Poisoning on OSX

At the core of all investigation in relation to a networks is the need to sniff packets. If you have a switch with SPAN port capabilities then you can listen in from where ever you wish. However if for whatever reason this is not practical a network wiretap may be the answer.

From the PC under windows the proverbial Swiss army knife would be “Cain & Able” but on the unix front ettercap is your tool of choice.

My platform is current OSX so I have added notes of pulling down the MacPorts (see previous post for installing the environment).

To install ettercap :

sudo port install ettercap

Assuming that the default gateway on the network is 192.168.2.1 then to tap all traffic heading leaving the local LAN try the following :

sudo ettercap -T -M arp:remote /192.168.2.1/ /192.168.2.2-99/

Because you are running ettercap as root it will alter the permissions of the devices you’ll monitor from. So you need to change the permissins back so that for example Wireshark can open them. To open these devices up for Wireshark try the following:

chmod 666 /dev/bfp*

Now if you fire up Wireshark you will be able to select the relavent interface and sniff the traffic.

I found that applying an initial filter to ignore duplicate IP address messages make the view a little clearer.

Mick