Posts Tagged ‘ports’

Find all running hosts, used IPs and ports on your local wireless / ethernet network or how to do a basic network security audit with nmap

Monday, September 4th, 2017

Find all running hosts / used IPs on your local wireless or ethernet network


If you're using a Free Software OS such as GNU / Linux or some other proprietary OS such as Mac OS X or Windows and you need a quick way to check all running IPs hosts / nodes locally on your current connected Ethernet or Wireless network, here is how to do it with nmap (Network exploration and security tool port scanner).

So why would you do scan that? 

Well just for fun, out of curiousity or just because you want to inspect your local network whether someone unexpected cracker did not break and is not using your Wi-Fi or Ethernet local network and badly snoring your network listening for passwords.

Before you start you should have installed NMAP network scanner on your GNU / Linux, to do so on 

Redhat Based Linux (Fedora / CentOS / Redhat Enterprise RHEL):


yum -y install nmap


On Deb based GNU / Linux-es such as Ubuntu / Mint / Debian etc.


apt-get install –yes nmap


To install nmap on FreeBSD / NetBSD / OpenBSD OS issue from console or terminal:


cd /usr/ports/security/nmap
make install clean 


or if you prefer to install it from latest binary instead of compiling


pkg_add -vr nmap


On a proprietary Mac OS X (I don't recommend you to use this obnoxious OS which is designed as a proprpietary software to steal your freedom and control you, but anyways for Mac OS victims), you can do it to with Macs equivalent tool of apt-get / yum called homebrew:

Open Mac OS X terminal and to install homebrew run:


ruby -e "$(curl -fsSL"
brew install nmap
brew search nmap
brew info nmap


If you want to do it system wide become root (super user) from Mac terminal with


su root


and run above commands as administrator user.

Windows users might take a look at Nmap for Windows or use the M$ Windows native portqry command line port scanner

Test whether nmap is properly installed and ready to use with command:


nmap –help
Nmap 6.00 ( )
Usage: nmap [Scan Type(s)] [Options] {target specification}
  Can pass hostnames, IP addresses, networks, etc.
  Ex:,,; 10.0.0-255.1-254
  -iL <inputfilename>: Input from list of hosts/networks
  -iR <num hosts>: Choose random targets
  –exclude <host1[,host2][,host3],…>: Exclude hosts/networks
  –excludefile <exclude_file>: Exclude list from file
  -sL: List Scan – simply list targets to scan
  -sn: Ping Scan – disable port scan
  -Pn: Treat all hosts as online — skip host discovery
  -PS/PA/PU/PY[portlist]: TCP SYN/ACK, UDP or SCTP discovery to given ports
  -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
  -PO[protocol list]: IP Protocol Ping
  -n/-R: Never do DNS resolution/Always resolve [default: sometimes]
  –dns-servers <serv1[,serv2],…>: Specify custom DNS servers
  –system-dns: Use OS's DNS resolver
  –traceroute: Trace hop path to each host
  -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
  -sU: UDP Scan
  -sN/sF/sX: TCP Null, FIN, and Xmas scans
  –scanflags <flags>: Customize TCP scan flags
  -sI <zombie host[:probeport]>: Idle scan
  -sO: IP protocol scan
  -b <FTP relay host>: FTP bounce scan
  -p <port ranges>: Only scan specified ports
    Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9
  -F: Fast mode – Scan fewer ports than the default scan
  -r: Scan ports consecutively – don't randomize
  –top-ports <number>: Scan <number> most common ports
  –port-ratio <ratio>: Scan ports more common than <ratio>
  -sV: Probe open ports to determine service/version info
  –version-intensity <level>: Set from 0 (light) to 9 (try all probes)
  –version-light: Limit to most likely probes (intensity 2)
  –version-all: Try every single probe (intensity 9)
  –version-trace: Show detailed version scan activity (for debugging)
  -sC: equivalent to –script=default
  –script=<Lua scripts>: <Lua scripts> is a comma separated list of 
           directories, script-files or script-categories
  –script-args=<n1=v1,[n2=v2,…]>: provide arguments to scripts
  –script-args-file=filename: provide NSE script args in a file
  –script-trace: Show all data sent and received
  –script-updatedb: Update the script database.
  –script-help=<Lua scripts>: Show help about scripts.
           <Lua scripts> is a comma separted list of script-files or
  -O: Enable OS detection
  –osscan-limit: Limit OS detection to promising targets
  –osscan-guess: Guess OS more aggressively
  Options which take <time> are in seconds, or append 'ms' (milliseconds),
  's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
  -T<0-5>: Set timing template (higher is faster)
  –min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes
  –min-parallelism/max-parallelism <numprobes>: Probe parallelization
  –min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifies
      probe round trip time.
  –max-retries <tries>: Caps number of port scan probe retransmissions.
  –host-timeout <time>: Give up on target after this long
  –scan-delay/–max-scan-delay <time>: Adjust delay between probes
  –min-rate <number>: Send packets no slower than <number> per second
  –max-rate <number>: Send packets no faster than <number> per second
  -f; –mtu <val>: fragment packets (optionally w/given MTU)
  -D <decoy1,decoy2[,ME],…>: Cloak a scan with decoys
  -S <IP_Address>: Spoof source address
  -e <iface>: Use specified interface
  -g/–source-port <portnum>: Use given port number
  –data-length <num>: Append random data to sent packets
  –ip-options <options>: Send packets with specified ip options
  –ttl <val>: Set IP time-to-live field
  –spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address
  –badsum: Send packets with a bogus TCP/UDP/SCTP checksum
  -oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,
     and Grepable format, respectively, to the given filename.
  -oA <basename>: Output in the three major formats at once
  -v: Increase verbosity level (use -vv or more for greater effect)
  -d: Increase debugging level (use -dd or more for greater effect)
  –reason: Display the reason a port is in a particular state
  –open: Only show open (or possibly open) ports
  –packet-trace: Show all packets sent and received
  –iflist: Print host interfaces and routes (for debugging)
  –log-errors: Log errors/warnings to the normal-format output file
  –append-output: Append to rather than clobber specified output files
  –resume <filename>: Resume an aborted scan
  –stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML
  –webxml: Reference stylesheet from Nmap.Org for more portable XML
  –no-stylesheet: Prevent associating of XSL stylesheet w/XML output
  -6: Enable IPv6 scanning
  -A: Enable OS detection, version detection, script scanning, and traceroute
  –datadir <dirname>: Specify custom Nmap data file location
  –send-eth/–send-ip: Send using raw ethernet frames or IP packets
  –privileged: Assume that the user is fully privileged
  –unprivileged: Assume the user lacks raw socket privileges
  -V: Print version number
  -h: Print this help summary page.
  nmap -v -A
  nmap -v -sn
  nmap -v -iR 10000 -Pn -p 80


Most local router local networks are running under an IP range of ( or or at some weird occasions depending on how the router is configured it might be something like to be sure on what kind of network your computer is configured, you can check with ifconfig command, what kind of network IP has the router assigned to your computer, here is output from my Debian GNU / Linux /sbin/ifconfig


 hipo@noah:~$ /sbin/ifconfig 
lo        Link encap:Local Loopback  
          inet addr:  Mask:
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:336 errors:0 dropped:0 overruns:0 frame:0
          TX packets:336 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:26656 (26.0 KiB)  TX bytes:26656 (26.0 KiB)



wlan0     Link encap:Ethernet  HWaddr 00:1c:bf:bd:27:59  
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::21c:bfff:ffbd:2759/64 Scope:Link
          RX packets:112836 errors:0 dropped:0 overruns:0 frame:0
          TX packets:55363 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:141318655 (134.7 MiB)  TX bytes:7391330 (7.0 MiB)


As evident from above output my router assigns IPs via DHCP once authenticated into the Wi-Fi router under standard IP range of

So under this IP range case, to inspect my small local networkconnected computer I had to run from gnome-terminal or under a /dev/ttyX virtual console:


hipo@noah:~$ nmap -sn

Starting Nmap 6.00 ( ) at 2017-09-04 12:45 EEST
Nmap scan report for pcfreak (
Host is up (0.011s latency).
Nmap scan report for
Host is up (0.00011s latency).
Nmap done: 256 IP addresses (2 hosts up) scanned in 2.53 seconds

-sn argument instructs nmap to do the so called ping scan, e.g. not to do a port s
can after host discovery but just print available hosts that are responding

Some bigger corporate networks are configured to run a couple of local networks simultaneously such as,, etc.

So if that's the case you can add more virtual IPs to your ifconfig after becoming root super user with:


hipo@noah:~$ su root 


And then run:


/sbin/ifconfig wlan0:0 netmask
/sbin/ifconfig wlan0:1 netmask



Note that here I purposefully choose .110 IP because often the is an IP assigned to the router and that might cause some IP conflicts and trigger alarms in the router security which I want to avoid.

To check just added extra Virtual IPs on wlan0 wireless interface (note that depending on your Wi-Fi card and your driver this interface might come under a different name on your computer):


root@noah# /sbin/ifconfig |grep -i wlan0 -A 1
wlan0     Link encap:Ethernet  HWaddr 00:1c:bf:bd:25:59  
          inet addr:  Bcast:  Mask:

wlan0:0   Link encap:Ethernet  HWaddr 00:1c:bf:bd:25:59  
          inet addr:  Bcast:  Mask:

wlan0:1   Link encap:Ethernet  HWaddr 00:1c:bf:bd:27:59  
          inet addr:  Bcast:  Mask:



If you're scanning not on your own network but on a public connected network you might prefer to not use the ping scan as this might identify you in router's firewall as possible intruder and could cause you headaches, besides that some network connected nodes are connected to not respond on a ping scan (some networks purposefully disable pings at all) to avoid possibility of the so called ping flood that might overload a router buffer or bring down hosts on the network beinf flooded.

If you have doubts that a network has ping disabled and it shows no result you can give a try to the so called SYN / FIN Stealth packet scan with added requirement to scan for UDP open ports (-sS) argument


root@noah:/~# nmap -sS -sU -sT

Starting Nmap 6.00 ( ) at 2017-09-04 13:31 EEST
Nmap scan report for pcfreak (
Host is up (0.012s latency).
Not shown: 998 closed ports
80/tcp   open  http
1900/tcp open  upnp
MAC Address: 10:FE:ED:43:CF:0E (Unknown)

Nmap scan report for
Host is up (0.0036s latency).
Not shown: 998 closed ports
625/tcp   open  apple-xsrvr-admin
49153/tcp open  unknown
MAC Address: 84:38:35:5F:28:75 (Unknown)

Nmap scan report for
Host is up (0.000012s latency).
Not shown: 999 closed ports
22/tcp open  ssh

You might also like to add some verbosy (that would generate a lot of output so be careful):

In case if above scan fails due to firewalls and you have a ping scan disabled on the network too you might also try out the so called nmap connect TCP connect scan (-sT), that would avoid the SYN scan. The -sT is useful also if you're not possessing root superprivileges on nmap running host.


nmap -sS -sU

Note that connect scan could take ages as nmap tries to connect every port from default port scanned ranged on remote found hosts that are reporting as up and running.

If the shown results lead you find some unknown computer / tablet / mobile / phone device connected to your network, then connect to your router and thoroughfully inspect the traffic flowing through it, if you find intruder cut him off and change immediately your router passwords and monitor your network periodically to make sure the unwanted guest did not go back in future.

There is much more you can do with nmap so if you have some extra time and interest into penetration testing I recommend you check out Nmap Book (The Official Nmap project guide to Network Discovery and Security Scanning)

Share this on

Install TorrentFlux Bit Torrent Web management interface on Debian / Ubuntu Linux

Tuesday, July 15th, 2014

torrent flux logo
is web based, feature-rich BitTorrent download manager.
Torrentflux is a must have installed server software for anyone who does regular torrent downloads and want to access the downloads from anywhere on the internet.

TorrentFlux is a PHP based BitTorrent controller that runs on a web
 server. It can manage all of your BitTorrent downloads from anywhere
 through a convenient and easy-to-use web interface.
 TorrentFlux uses a MySQL database to manage the downloads.

 TorrentFlux enables you to run BitTorrent downloads unattended on a monitor-less or remote server 24 hours a day, while still maintaining complete control from any web browser. Now you can control your  downloading on your firewall, or keep up with downloads while on  vacation. It uses the BitTornado client to download files, and also  requires a web server with PHP.
 Some of the Torrentflux features:

   * Upload Torrents via URL or File Upload
   * Start, Stop, and Delete Torrents with ease
   * Advanced Torrent start options (ports, speeds, etc.)
   * Multi-user interface
   * RSS Feeds, download Torrents files with a click
   * Run several torrents at once
   * View Download Progress of all torrents at a glance
   * View drive space at a glance
   * View Torrent file meta information
   * Built-in User management and Security
   * Private Messaging
   * Themes (selectable per user)
   * Upload History


Before installing Bittorrent you will need to have a running version of Debian, Ubuntu or any other debian derivative (though it can easily be run on any Linux distro). To install AMP (Apache MySQL Server, PHP) you can follow first part of my previous article Installing Usual PHP Apache MySQL for new Debian GNU / Linux installs.

So what for is TorrentFlux Useful?
Torrenflux is precious and must have if you have to access filtered torrent from outside of your homecountry and you have a running server already in your home country in that I was using TorrentFlux to access Bulgarian Zamunda.Net Torrent Tracker from Holland and was downloading first movies from the Bulgarian Torrent Tracker to my Fluxbox installed on my Dobrich home router and then used FTP to transfer movies to the Netherlands. Talking about many people choose to also install VSFTP and use it together with Torrentflux …

1. Install TorrentFlux and its dependencies (BitTornado, Bittorrent, Zip, Unzip, Bzip etc.) the "Debian Way"

On my Debian 7 Wheezy home machine  I run

apt-get install –yes bzip2 php5-gd php5-cli unrar-free grep python net-tools mawk wget unzip cksfv vlc-nox uudeview python-crypto libxml-simple-perl libxml-dom-perl libdbd-mysql-perl bittorrent bittornado

a) Install TorrentFlux the Debian Way

apt-get install –yes torrentflux

You will be prompted with a coule of screens, to set a new MySQL database user and password and SQL database, as well as offered to restart Apache to make Torrentflux accessible like as on below screenshots.


configuring-torrentflux-debian-linux-screenshot 3


To make new installed torrentflux accessible from web you will either have to configure it via some new Apache VirtualHost or make a symbolic link to /usr/share/torrentflux/www :

cd /var/www/
ln -sf /usr/share/torrentflux/www/ torrentflux

That's all you're all done to access torrentflux either access it via your default configured webserver domain name or via localhost if you're logged in to same pc where installing.



2. Install latest Torrentflux version from source

Alternatively if you want to have the latest version (because the Debian version is part of the stable distribution is a little bit outdated you will have to fetch Torrentflux-b4rt and unarchive it:

cd /tmp/

tar -xjf torrentflux-b4rt_1.0-beta2.tar.bz2

mv torrentflux-b4rt_1.0-beta2 /opt/torrentflux

Then to make torrentflux visible from web server I had to create a symbolic link to installation directory:

ln -sf /opt/torrentflux/html /var/www/torrentflux

For further initial configuration its necessery to make Torrentflux config writtable by www-data (the user with which Apache is running on Debian).


chown -R www-data:www-data /var/www/torrentflux/inc/config/

Next it its required to create somewhere download folder where TorrentFlux will keep downloaded Torrents

mkdir /var/lib/torrentflux

Apache HTTP server will have to have write ther:

chown -R www-data:www-data /var/lib/torrentflux

If you already haven't restarted Apache earlier in installing TorrentFlux pre-requirements, you will have to do it now:


/etc/init.d/apache2 restart

As TorrentFlux depends on its MySQL backend, we need to also create manually TorrentFlux database username and a password

export SQL_DB='torrentflux';

| mysql –user=root –password

IDENTIFIED BY $TFLUX_SQL_PWD;" | mysql –user=root –password


Substitute with your Database, Username and Password above shell variables – $SQL_DB, $TFLUX_USERNAME, $TFLUX_SQL_PWD

To configure TorrentFlux access it in browser:

By accessing it for a first time, you will redirected to setup.php, in case something goes wrong and yuo're not redirected (probably some mod_rewrite issues add setup.php to url – e.g., acess –

I will not enter details, about Web config, because everything there is pretty clear.

Just in short – you will have to now choose:

Choose Database
Choose Database Information of database (put in the exact name of TorrentFlux databse previously created)
Uncheck the box for "Create new database"
Choose as a download location upper created directory – /var/lib/torrentflux

If you get an error on software dependencies screen for missing unrar – just install it
VLC may show an error as well, that's not a problem because VLC is probably not to be used.
Finally after completion of all, you will get an error that setup.php cannot be deleted.

To prevent, someone to re-configure it through http://your-domain/torrentflux/setup.php URL remove setup.php

rm /var/www/torrentflux/setup.php

To prevent someone rewrite anything in config file from web we have to revert back config/ folder not to be writable by Apache

chown -R root:root /var/www/torrentflux/inc/config/

Now in browser to access torrentflux type:


/torrentflux should redirect you to login.php if for some reason it doesn't type it manually in URL.

First account you will login is the super user account, you can allow multiple users to use it by adding multiple accounts.


As you will see there is plety of configuration options to play with.

You will definitely want to look in Server Page, some very important page to look is the Transfer Page – from there you can adjust the bandwidth of your connection on 100Mbit network this would be 12500 – to use the maximum possible connection provided by your ISP set the max bandwidth to 0. You have the option to also set a default bittorrent client, by default this will be bittornado.

If you have troubles downloading from TorrentTrackers make sure your router is configured to forward port 49160 to 49300

Now if you have a lot of storage create accounts also for your friends and enjoy torrentflux 🙂


Share this on

PortQRY Native Windows command line Nmap like port scanner – Check status of remote host ports on Windows

Monday, June 30th, 2014

Linux users know pretty well Nmap (network mapper) tool which is precious in making a quick server host security evaluation.
Nmap binary port is available for Windows too, however as nmap is port for its normal operation you have to install WinPcap (Packet Capture Library).
And more importantly it is good to mention if you need to do some remote port scanning from Windows host, there is Microsoft produced native tool called PortQry (Port Query).

PortQRY is a must have tool for the Windows Admin as it can help you troubleshoot multiple network issues.

As of time of writting this post PortQRY is at version 2, PortQRY tool has also a GUI (UI) Version for those lazy to type in command line.

Port Query UI tool (portqueryui.exe) is a tool to query open ports on a machine. This tool makes use of command line version port query tool (portqry.exe). The UI provides the following functionalities:

   1. Following "Enter destination IP or FQDN to query:”, an edit box needs the user to specify the IP address or FDQN name of the destination to query port status.

   2. The end user is able to choose Query type:

        – Predefined services type. It groups ports into service, so that you can query multiple ports for a service by a single click. Service includes "Domains and Trusts", "DNS Queries", "NetBIOS     communication", "IPSEC", "Networking", "SQL Service", "WEB Service", "Exchange Server",          "Netmeeting", and other services.

You can check detail port and protocol info for each service category by opening Help -> Predefined Services…

PORTQRY is part of Windows Server 2003 Support Tools and can be added to any NT based Windows (XP, 2003, Vista, 7, 8)
 You can download portqry command line tool here or my mirrored portqry version command line port scanner here and PortQRY UI here.

PortQRY comes in PortQryV2.exe package which when run extracts 3 files: PortQry.exe program, EULA and readme file. Quickest way to make portqry globally accessible from win command prompt is to copy it to %SystemRoot% (The environment variable holding default location for Windows Installation directory).
It is good idea to add PortQRY to default PATH folder to make it accessible from command line globally.

PorQry has 3 modes of operation:

Command Line Mode, Interactive Mode and Local Mode


Command Line Mode – is when it is invoked with parameters.

Interactive Mode is when it runs in interactive CLI console


and Local Mode is used whether information on local system ports is required.


Here are some examples on basic usage of portqry:

1. Check if remote server is running webserver is listening on (HTTPS protocol) TCP port 80

portqry -n servername -e 80

Querying target system called:

Attempting to resolve name to IP address…

Name resolved to


TCP port 80 (http service): FILTERED

2. Check whether some common Samba sharing and DNS UDP ports are listening

portqry -n servername -p UDP -o 37,53,88,135

Querying target system called:


Attempting to resolve name to IP address…

Name resolved to


UDP port 37 (time service): NOT LISTENING

UDP port 53 (domain service): NOT LISTENING

UDP port 88 (kerberos service): NOT LISTENING

UDP port 135 (epmap service): NOT LISTENING

3. Scan open ports in a port range – Check common services port range (port 1-1024)

portqry -n -r 1:1024 | find ": LISTENING"

4. Logging network scan output to file

Portqry –n localhost –e 135 -l port135.txt

Querying target system called:


Attempting to resolve name to IP address…

Name resolved to


TCP port 135 (epmap service): LISTENING

Using ephemeral source port
Querying Endpoint Mapper Database…
Server's response:

UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d

UUID: 2f5f6521-cb55-1059-b446-00df0bce31db Unimodem LRPC Endpoint

Total endpoints found: 38

5. Scanning UDP and TCP protocols port

PortQry -n -e 25 -p both


Querying target system called:

Attempting to resolve name to IP address…

Name resolved to


TCP port 53 (domain service): LISTENING

UDP port 53 (domain service): LISTENING or FILTERED

Sending DNS query to UDP port 53…


6. Checking remote server whether LDAP ports are listening

Portqry -p tcp -e 389
Portqry -n -p tcp -e 636
Portqry -n -p both -e 3268
Portqry -n -p tcp -e 3269

7. Making SNMP community name requests

portqry -n host2 -cn !my community name! -e 161 -p udp

8. Initiating scan from pre-selected source port

A network socket request initiation is useful from certain port because, some remote services expect connection from certain ports, lets say you're connecting to mail server, you might want to set as a source port – port 25, to make remote server another SMTP is connecting.

portqry -n -e 25 -sp 25

9. Scanning whether server ports required by Active Directories are opened

Common ports used in Windows hosts to communicate between each other to sustain Active Directory are:

88 (Kerberos)
135 (RPC)
389 (LDAP)
445 (CIFS)
3268 (Global Catalog)

portqry -n -o 88,135,389,445,3268 -p both

portqry has also a silent mode with the "-q" switch if you want to get only whether a port is LISTENING (opened).

On port scan it returns three major return codes (very useful for scripting purposes);

  • returncode 0 – if port / service is listening
  • returncode 1 – if service is not listening
  • returncode 2 – if service is listening or filtered

PortQry is very simple port scanner for win sysadms and is precious tool for basic network debugging (services)  on Windows farms, however it doesn't have the powerful cracker functionality, application / OS versioning etc. like Nmap.


Share this on

Linux / BSD: Check if Apache web server is listening on port 80 and 443

Tuesday, June 3rd, 2014

If you're configuring a new Webserver or adding a new VirtualHost to an existing Apache configuration you will need to restart Apache with or without graceful option once Apache is restarted to assure Apache is continuously running on server (depending on Linux distribution) issue:

1. On Debian Linux / Ubuntu servers

# ps axuwf|grep -i apache|grep -v grep

root 23280 0.0 0.2 388744 16812 ? Ss May29 0:13 /usr/sbin/apache2 -k start
www-data 10815 0.0 0.0 559560 3616 ? S May30 2:25 _ /usr/sbin/apache2 -k start
www-data 10829 0.0 0.0 561340 3600 ? S May30 2:31 _ /usr/sbin/apache2 -k start
www-data 10906 0.0 0.0 554256 3580 ? S May30 0:20 _ /usr/sbin/apache2 -k start
www-data 10913 0.0 0.0 562488 3612 ? S May30 2:32 _ /usr/sbin/apache2 -k start
www-data 10915 0.0 0.0 555524 3588 ? S May30 0:19 _ /usr/sbin/apache2 -k start
www-data 10935 0.0 0.0 553760 3588 ? S May30 0:29 _ /usr/sbin/apache2 -k start


2. On CentOS, Fedora, RHEL and SuSE Linux and FreeBSD

ps ax | grep httpd | grep -v grep


7661 ? Ss 0:00 /usr/sbin/httpd
7664 ? S 0:00 /usr/sbin/httpd
7665 ? S 0:00 /usr/sbin/httpd
7666 ? S 0:00 /usr/sbin/httpd
7667 ? S 0:00 /usr/sbin/httpd
7668 ? S 0:00 /usr/sbin/httpd
7669 ? S 0:00 /usr/sbin/httpd
7670 ? S 0:00 /usr/sbin/httpd
7671 ? S 0:00 /usr/sbin/httpd


Whether a new Apache IP Based VirtualHosts are added to already existing Apache and you have added new


directives, after Apache is restarted to check whether Apache is listening on port :80 and :443

netstat -ln | grep -E ':80|443'

tcp        0      0    *               LISTEN
tcp        0      0  *               LISTEN

Meaning of is that Apache is configured to Listen on Any Virtualhost IPs and interfaces. This output is usually returned whether in Apache config httpd.conf / apache2.conf webserver is configured with directive.

Listen *:80

If in netstat output there is some IP poping up for example  "", this means that only connections to the "" IP address will be accepted by Apache.

Another way to look for Apache in netstat (in case Apache is configured to listen on some non-standard port number) is with:

netstat -l |grep -E 'http|www'

tcp        0      0 *:www                   *:*                     LISTEN

As sometimes it might be possible that Apache is listening but its processes are in in defunct (Zommbie) state it is always a good idea, also to check if pages server by Apache are opening in browser (check it with elinks, lynx or curl)

To get more thorough information on Apache listened ports, protocol, user with which Apache is running nomatter of Linux distribution use lsof command:

/usr/bin/lsof -i|grep -E 'httpd|http|www'

httpd     6982 nobody    3u  IPv4  29388359      0t0  TCP (LISTEN)
httpd    18071 nobody    3u  IPv4 702790659      0t0  TCP (LISTEN)
httpd    18071 nobody    4u  IPv4 702790661      0t0  TCP (LISTEN)

If Apache is not showing up even though restarted check what is going wrong in the error logs:

– on Debian standard error log is /var/log/apache2/error.log
– On RHEL, CentOS, SuSE std. error log is in /var/log/httpd/error.log
– on FeeBSD /var/log/httpd-error.log


Share this on

How to install OpenNTPD NTP server to synchronize system clock on FreeBSD for better security

Sunday, February 12th, 2012

FreeBSD, OpenBSD, NetBSD and Linux ntpd alternative server to synchronize server system time

Lately I've been researching on ntpd and wrote a two articles on how to install ntpd on CentOS, Fedora and how to install ntpd on FreeBSD and during my research on ntpd, I've come across OpenNTPD and decided to give it a go on my FreeBSD home router.
OpenBSD project is well known for it is high security standards and historically has passed the test of time for being a extraordinary secure UNIX like free operating system.
OpenBSD is developed in parallel with FreeBSD, however the development model of the two free operating systems are way different.

As a part of the OpenBSD to be independant in its basis of software from other free operating systems like GNU / Linux and FreeBSD. They develop the all around free software realm known OpenSSH. Along with OpenSSH, one interesting project developed for the main purpose of OpenBSD is OpenNTPD.

Here is how describes OpenNTPD:

"a FREE, easy to use implementation of the Network Time Protocol. It provides the ability to sync the local clock to remote NTP servers and can act as NTP server itself, redistributing the local clock."

OpenNTPD's accent just like OpenBSD's accent is security and hence for FreeBSD installs which targets security openntpd might be a good choice. Besides that the so popular classical ntpd has been well known for being historically "insecure", remote exploits for it has been released already at numerous times.

Another reason for someone to choose run openntpd instead of ntpd is its great simplicity. openntpd configuration is super simple.

Here are the steps I followed to have openntpd time server synchronize clock on my system using other public accessible openntpd servers on the internet.

1. Install openntpd through pkg_add -vr openntpd or via ports tree

a) For binar install with pkg_add issue:

freebsd# pkg_add -vr openntpd

b) if you prefer to compile it from source

freebsd# cd /usr/ports/net/openntpd
freebsd# make install clean

2. Enable OpenNTPD to start on system boot:

freebsd# echo 'openntpd_enable="YES"' >> /etc/rc.conf

3. Create openntpd ntpd.conf configuration file

There is a default sample ntpd.conf configuration which can be straight use as a conf basis:

freebsd# cp -rpf /usr/local/share/examples/openntpd/ntpd.conf /usr/local/etc/ntpd.conf

Default ntpd.conf works just fine without any modifications, if however there is a requirement the openntpd server to listen and accept time synchronization requests from only certain hosts add to conf something like:

listen on
listen on
listen on 2607:f0d0:3001:0009:0000:0000:0000:0001
listen on

This configuration will enable only and IPv4 addresses as well as the IPv6 2607:f0d0:3001:0009:0000:0000:0000:0001 IP to communicate with openntpd.

4. Start OpenNTPD service

freebsd# /usr/local/etc/rc.d/openntpd

5. Verify if openntpd is up and running

freebsd# ps axuww|grep -i ntp
root 31695 0.0 0.1 3188 1060 ?? Ss 11:26PM 0:00.00 ntpd: [priv] (ntpd)
_ntp 31696 0.0 0.1 3188 1140 ?? S 11:26PM 0:00.00 ntpd: ntp engine (ntpd)
_ntp 31697 0.0 0.1 3188 1088 ?? S 11:26PM 0:00.00 ntpd: dns engine (ntpd)
root 31700 0.0 0.1 3336 1192 p2 S+ 11:26PM 0:00.00 grep -i ntp

Its also good idea to check if openntpd has succesfully established connection with its peer remote openntpd time servers. This is necessery to make sure pf / ipfw firewall rules are not preventing connection to remote 123 UDP port:

freebsd# sockstat -4 -p 123
_ntp ntpd 31696 4 udp4
_ntp ntpd 31696 6 udp4
_ntp ntpd 31696 8 udp4

By default openntpd is also listening to IPv6 if IPv6 support is enabled in freebsd kernel.

6. Resolve openntpd firewall filtering issues

If there is a pf firewall blocking UDP requests to in/out port 123 within /etc/pf.conf rule like:

block in log on $EXT_NIC proto udp all

Before the blocking rule you will have to add pf rules:

# Ipv4 Open outgoing port TCP 123 (NTP)
pass out on $EXT_NIC proto tcp to any port ntp
# Ipv6 Open outgoing port TCP 123 (NTP)
pass out on $EXT_NIC inet6 proto tcp to any port ntp
# Ipv4 Open outgoing port UDP 123 (NTP)
pass out on $EXT_NIC proto udp to any port ntp
# Ipv6 Open outgoing port UDP 123 (NTP)
pass out on $EXT_NIC inet6 proto udp to any port ntp

where $EXT_NIC is defined to be equal to the external lan NIC interface, for example:

Afterwards to load the new pf.conf rules firewall has to be flushed and reloaded:

freebsd# /sbin/pfctl -f /etc/pf.conf -d
freebsd# /sbin/pfctl -f /etc/pf.conf -e

In conclusion openntpd should be more secure than regular ntpd and in many cases is probably a better choice.
Anyhow bear in mind on FreeBSD openntpd is not part of the freebsd world and therefore security updates will not be issued directly by the freebsd dev team, but you will have to regularly update with the latest version provided from the bsd ports to make sure openntpd is 100% secure.

For anyone looking for more precise system clock synchronization and not so focused on security ntpd might be still a better choice. The OpenNTPD's official page states it is designed to reach reasonable time accuracy, but is not after the last microseconds.

Share this on

How to play Audio music CDs in GNU/Linux and Free/Net/Open BSDs

Sunday, January 22nd, 2012

If you still have some old dusty CDs left on the CD shelf, its quite cool to give it a ride in a rainy morning.

As I enjoy working in console so much, I thought it might be interesting to share how music audio CDs can be listened in plain text mode console.

For all console / terminal geeks Linux and BSDs can be equipped with a number of text/console audio cd console players.

There are plenty of free software console cd audio players on the net, however I found cdplay , cdcd and dcd to be the most popular ones.

On Debian and Ubuntu G*/Linuces cdplay and cdcd are installable via apt. To install cdtool:

root@xubuntu-desktop:~# apt-get install cdtool

cdtool package, contains a number of commands enabling you to listen/stop/shuffle/eject/get info about cd audio volumes. cdtool provides the following binaries:


Install cdcd on Debian and alike by typing:

root@xubuntu-desktop:~# apt-get install cdcd

cdcd has shell like interface the most basic use of it is with:

root@xubuntu-desktop:~# cdcd
cdcd> play

To play audiocds in console on FreeBSD , a command tool dcd is available and installable through ports.
To install it issue:

root@freebsd# cd /usr/ports/audio/dcd
root@freebsd# make install clean

dcd is also available for Linux but on most GNU/Linuxes it has to be built from source.

Lets say you'd like to Play the 5th song from audio CD:

freebsd# dcd 5

dcd has plenty of great arguments, to get some fun with it check the man page.

Another program that can be used to play audio CDs on both Linux and BSDs is the "classical" mplayer .

To play AUDIO CD with mplayer the command line to use is:

root@debian:~# mplayer -cdrom-device /dev/sr0 cdda:// -cache 5000

The argument -cache 5000 has to be passed to to work around choppy sound (if for example audio playback interruptions every few milliseconds).

For people who are keen on ncurses (Midnight Commander) like command line interfaces you might enjoy Herrie a minimalistic music player that supports plenty of sound formats, including audiocds.

Herrie is available for Debian and most deb based modern distros via apt, e.g.:

root@xubuntu-desktop:~# apt-get install herrie

Herrie Minimalistic Music player for Linux and BSD

Ports are also available for FreeBSD, NetBSD and OpenBSD.
To install on FreeBSD:

root@freebsd# cd /usr/ports/audio/herrie
root@freebsd# make install clean

I'll be happy to hear feedback and recommendations on any other console audio cd players I might forgot to mention.
Which is your favourite console text based cd audio player?

Share this on

How to install and configure Jabber Server (Ejabberd) on Debian Lenny GNU / Linux

Wednesday, December 28th, 2011

Ejabberd server erlang logo hedgehog

I've recently installed a jabber server on one Debian Lenny server and hence decided to describe my installations steps hoping this would help ppl who would like to run their own jabber server on Debian . After some research of the jabber server softwares available, I decided to install Ejabberd

The reasons I choose Ejabberd is has rich documentation, good community around the project and the project in general looks like one of the best free software jabber servers available presently. Besides that ejabberd doesn't need Apache or MySQL and only depends on erlang programming language.

Here is the exact steps I followed to have installed and configured a running XMPP jabber server.

1. Install Ejabberd with apt

The installation of Ejabberd is standard, e.g.:

debian:~# apt-get --yes install ejabberd

Now as ejabberd is installed, some minor configuration is necessery before the server can be launched:

2. Edit /etc/ejabberd/ejabberd.cfg

Inside I changed the default settings for:

a) Uncomment%%override_acls.. Changed:

%%%% Remove the Access Control Lists before new ones are added.%%%%override_acls.


%% Remove the Access Control Lists before new ones are added.

b) Admin User from:

%% Admin user
{acl, admin, {user, "", ""}}.


%% Admin user
{acl, admin, {user, "admin", ""}}.

c) default %% Hostname of to my real hostname:

%% Hostname
{hosts, [""]}.

The rest of the configurations in /etc/ejabberd/ejabberd.cfg can stay like it is, though it is interesting to read it carefully before continuing as, there are some config timings which might prevent the XMPP server from user brute force attacks as well as few other goodies like for example (ICQ, MSN , Yahoo etc.) protocol transports.

3. Add iptables ACCEPT traffic (allow) rules for ports which are used by Ejabberd

The minimum ACCEPT rules to add are:

/sbin/iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -m tcp --dport 5222 -j ACCEPT
/sbin/iptables -A INPUT -p udp -m udp --dport 5222 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -m tcp --dport 5223 -j ACCEPT
/sbin/iptables -A INPUT -p udp -m udp --dport 5223 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -m tcp --dport 5269 -j ACCEPT
/sbin/iptables -A INPUT -p udp -m udp --dport 5269 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -m tcp --dport 5280 -j ACCEPT
/sbin/iptables -A INPUT -p udp -m udp --dport 5280 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -m tcp --dport 4369 -j ACCEPT
/sbin/iptables -A INPUT -p udp -m udp --dport 4369 -j ACCEPT
/sbin/iptables -A INPUT -p tcp -m tcp --dport 53873 -j ACCEPT

Of course if there is some specific file which stores iptables rules or some custom firewall these rules has to be added / modified to fit appropriate place or chain.

4. Restart ejabberd via init.d script

debian:~# /etc/init.d/ejabberd restart
Restarting jabber server: ejabberd is not running. Starting ejabberd.

5. Create ejabberd necessery new user accounts

debian:~# /usr/sbin/ejabberdctl register admin mypasswd1
debian:~# /usr/sbin/ejabberdctl register hipo mypasswd2
debian:~# /usr/sbin/ejabberdctl register newuser mypasswd3
debian:~# /usr/sbin/ejabberdctl register newuser1 mypasswd4

ejabberdctl ejabberd server client (frontend) has multiple other options and the manual is a good reading.

One helpful use of ejabberdctl is:

debian:~# /usr/sbin/ejabberdctl status
Node ejabberd@debian is started. Status: started
ejabberd is running

ejabberctl can be used also to delete some existent users, for example to delete the newuser1 just added above:

debian:~# /usr/sbin/ejabberdctl unregister newuser

6. Post install web configurations

ejabberd server offers a web interface listening on port 5280, to access the web interface right after it is installed I used URL:

To login to you will need to use the admin username previously added in this case: mypasswd1

Anyways in the web interface there is not much of configuration options available for change.

7. Set dns SRV records

I'm using Godaddy 's DNS for my domain so here is a screenshot on the SRV records that needs to be configured on Godaddy:

GoDaddy DNS SRV records screenshot

In the screenshto Target is the Fually qualified domain hostname for the jabber server.

Setting the SRV records for the domain using Godaddy's DNS could take from 24 to 48 hours to propagate the changes among all the global DNS records so be patient.

If instead you use own custom BIND DNS server the records that needs to be added to the respective domain zone file are:

_xmpp-client._tcp 900 IN SRV 5 0 5222
_xmpp-server._tcp 900 IN SRV 5 0 5269
_jabber._tcp 900 IN SRV 5 0 5269

8. Testing if the SRV dns records for domain are correct

debian:~$ nslookup
> set type=SRV

 If all is fine above nslookup request should return the requested domain SRV records.
You might be wondering what is the purpose of setting DNS SRV records at all, well if your jabber server has to communicate with the other jabber servers on the internet using the DNS SRV record is the way your server will found the other ones and vice versa.

DNS records can also be checked with dig for example

$ dig SRV



;; ANSWER SECTION: 259200 IN SRV 5 0 5269


;; Query time: 109 msec
;; WHEN: Sat Aug 14 14:14:22 2010
;; MSG SIZE rcvd: 111

9. Debugging issues with ejabberd

Ejabberd log files are located in /var/log/ejabberd , you will have to check the logs in case of any issues with the jabber XMPP server. Here is the three files which log messages from ejabberd:

debian:~$ ls -1 /var/log/ejabberd/

I will not get into details on the logs as the best way to find out about them is to read them 😉

10. Testing ejabberd server with Pidgin

To test if my Jabber server works properly I used Pidgin universal chat client . However there are plenty of other multiplatform jabber clients out there e.g.: Psi , Spark , Gajim etc.

Here is a screenshot of my (Accounts -> Manage Accounts -> Add) XMPP protocol configuration

Pidgin account configuration XMPP on debian Linux

Share this on

How to create ssh tunnels / ssh tunneling on Linux and FreeBSD with openssh

Saturday, November 26th, 2011

SSH tunneling
allows to send and receive traffic using a dedicated port. Using an ssh traffic can have many reasons one most common usage reason is to protect the traffic from a host to a remote server or to access port numbers which are by other means blocked by firewall, e.g.: (get around firewall filtering)
SSH tunneling works only with TCP traffic. The way to make ssh tunnel is with cmds:

host:/root# ssh -L localhost:deshost:destport
host:/root# ssh -R restport:desthost:localport
host:/root# ssh -X

This command will make ssh to bind a port on localhost of the host host:/root# machine to the host desthost:destport (destination host : destinationport). Important to say deshost is the host destination visible from the therefore if the connection is originating from this means desthost will be localhost.
Mutiple ssh tunnels to multiple ports using the above example commands is possible. Here is one example of ssh tunneling
Let’s say its necessery to access an FTP port (21) and an http port (80), listening on In that case desthost will be localhost , we can use locally the port (8080) insetad of 80, so it will be no necessery to make the ssh tunnel with root (admin privileges). After the ssh session gets opened both services will be accessible on the local ports.

host:/home/user$ ssh -L 21:localhost:21 -L 8080:localhost:80

That’s all enjoy 😉

Share this on

How to convert AVI, MP4, FLV (flash video) and other non-free video encoded formats to Free Video format encoding OGV (Ogg Vorbis / Theora) on GNU / Linux and FreeBSD

Thursday, November 17th, 2011

Ogg Vorbis Free / Open Audio Video Format logo

I was looking for a way to convert some Video and Sound files, downloaded from Youtube (mostly things dedicated to free software) and as far as I looked online unfortunately these pieces of nice music and tutorials are not available for download anywhere else or at least not available for download in some of the Open / Free Format (OGG Vorbis or OGV (OGG / Theora Video).

When it comes to convertion between different formats, always the first things that I think of is ffmpeg or mencoder , however I was not sure if some of this tools are doing the trick so I did a quick research online if there is some specialised console or GUI program that can do the convertions between MP4, FLV etc. to OGV.

In less than 10 minutes I found a threat mentioning about ffmpeg2theoraA Simple Convertor to create Ogg Theora files

As I’m running Debian GNU / Linux, I installed ffmpeg2theora straight via apt, according to some reports online ffmpeg2theora cmd convertion tool is also available straight from repositories on Ubuntu as well.
On FreeBSD there is a port /usr/ports/multimedia/ffmpeg2theora available for install. Of course FFmpeg2Theora can be installed from source on other Linux distributions that might be missing a pre-built binary.

Using ffmpeg2theora to convert some kind of non-free video format is very simple, though the tool provides quite a numerous options for all those who want to have some customization for the video to be converted.
To convert the flash file “The Gnu Song.flv” for example to The Gnu Song.flv , I invoked ffmpeg2theora like this:

debian:~# ffmpeg2theora "The Gnu Song.flv"

The conversion took few minutes of time, as my machine is not ultra powerful and apparently the conversion to OGV format is not too quick but the good news is it works.
After the conversion was completed I used ogginfo to check the information about the recent converted file The Gnu Song.flv , below you see the file info ogginfo returns

debian:~# ogginfo The Gnu Song.ogv
Processing file "The Gnu Song.ogv"...

New logical stream (#1, serial: 5d65413f): type skeleton
New logical stream (#2, serial: 0570412d): type theora
New logical stream (#3, serial: 7e679651): type vorbis
Theora headers parsed for stream 2, information follows…
Version: 3.2.1
Vendor: Xiph.Org libtheora 1.1 20090822 (Thusnelda)
Width: 320
Height: 240
Total image: 320 by 240, crop offset (0, 0)
Framerate 25/1 (25.00 fps)
Aspect ratio undefined
Colourspace: Rec. ITU-R BT.470-6 Systems B and G (PAL)
Pixel format 4:2:0
Target bitrate: 0 kbps
Nominal quality setting (0-63): 32
User comments section follows…
Vorbis headers parsed for stream 3, information follows…
Version: 0
Vendor: Xiph.Org libVorbis I 20101101 (Schaufenugget)
Channels: 1
Rate: 22050
Nominal bitrate: 30.444000 kb/s
Upper bitrate not set
Lower bitrate not set
User comments section follows…
Logical stream 1 ended
Theora stream 2:
Total data length: 1525324 bytes
Playback length: 2m:41.360s
Average bitrate: 75.623401 kb/s
Logical stream 2 ended
Vorbis stream 3:
Total data length: 646729 bytes
Playback length: 2m:41.384s
Average bitrate: 32.059041 kb/s

ogginfo is a part of a package installed under the name vorbis-tools, vorbis tools also contains a few other helpful tools, whether operations with OGV or OGG file formats are at hand, the complete binaries vorbis-tools contains on Debian as of time of writting this post is:


ogg123 is a player for ogg files, however as far as I’ve tested it it doesn’t work too well. And just to compare ogg audio files were played just nice using the play command.
oggenc is used to encode ogg audio file, based on a stream haneded to it from other audio encoded stream (let’s say mp3). Hence oggenc can be used to convert mp3 files to ogg audio files , like so:

debian:~# mpg321 input.mp3 -w - | oggenc -o output.ogg -

oggdec is used to convert to wav files or raw PCM audio, whether;
vcut is used to cut ogg video file on parts.
vorbiscomment and vorbistagedit is used to edit information on already existing ogg audio files

There is also a GUI programmer for people who doesn’t want to bother with writting on the command line called oggconvert . OggConvert is written for GNOME and uses GTK gnome library, here is how the program looks like:

OggConvert GUI Program to convert to OGG og OGV Theora on GNU / Linux and FreeBSD


Share this on