Fri Oct 13 15:09:41 EDT 2017

Ubuntu Kickstart File from heck

Ever had to provision a cluster? I know I have, going on the 7th time around in the last 12 years. "Back in the day" (11 years ago) cluster provisioning systems that were commercial but not latched to a particular hardware vendor were not too expensive. Notice the past tense. These days there are plenty to choose from, none of which I can afford. In addition to all of that the only viable free one (I don't care what anyone else says) is rocks cluster. The biggest issue I have come across with provisioning systems is I keep having to add hooks either in the kickstart that gets generated, a ridiculous post script, an actual completely separate post install script after the initial install is done, a parallel management command using pdsh and/or ansible or - and this is usually the case - some disgusting combination of all of the above. Not this time.


Sun Jun 11 12:40:09 EDT 2017

Code as Art

Art is everywhere, and while I don't consider myself an artist, I do consider code to be artistic even to look at. Some code is structured and clean while other code flows freely like thought (sometimes good .... sometimes not so good). So as usual I took a bunch of pretty screenshots of various code using different color schemes and varying backgrounds. Call it a whim project as I have far too much time lately doing productive things.


Wed Mar 01 13:10:00 EST 2017

Network Strings netstr v0.20

A new version of the small, quick, simple network utility network strings is now available for download. This release has the following major changes:

  • UDP Scan Support
  • Minor reorg of some of the source code
Ye Olde Usage Print
Usage: netstr <command> <args> ...
netstr scan     --isup <host> || --port [n]-N| | --strobe |
                --time s.usec | -V <host>
netstr scan6    --dgram | --port N <ipv6addr>
netstr udpscan  --timeo sec | <host> || --show
netstr passive  --if <dev> | --polls <count> | --threshold <n> |  
                --extra | --no-verify {pcap-expr}
netstr tcpdump  --if <dev> | --polls <count> | --decode {pcap-expr}
netstr arpsniff --if <dev> | --polls <count> | --decode {pcap-expr}

It is mostly all about the udp scan support a capability that has been missing for a long time. With udp support available it will be time to move onto other things as outlined in the TODO file. The most notable of which is wrapper scripts (which of course will be material fodder for this site) plus amy sensible extensions or ideas.

download netstr website

Tue Feb 21 14:44:07 EST 2017

indysyn has ipv6

The ultra tiny port scanner indysyn has single port single host ipv6 scanning support. Indysyn was originally a temporary piece of throwaway code being used to come up with cleaner and/or simpler connection methods for other software but it turned out to be a nice small piece of software others could use as a jump off point or integration. Note that this is currently a snapshot and not a formal release, so the download from here is a snapshot from the master branch as of today and cannot be snagged from github (although if you happen to grab the master zipfile today it would be the same... but whatever).


Fri Dec 30 17:45:11 EST 2016

Weird Code

Amidst digging through old code and scripts I came across a few truly frightening bits. So I decided to dig around a little more and see what else I might come across that I thought looked somewhat off the beaten trail (or what a professional might call not exactly sound programming practice). In this kinda sorta whimisical text I show a few examples of the nuttery over the years. These are only a very small few and I am sure with more digging (which I am almost afraid to do) I can find more:


Mon Mar 21 08:50:00 EST 2016

Bugfixes for netstr

An update of netstr is available. The following issues were addressed:

  • The --time option was not being parsed at all. There was a typo in the if/else ladder that had it looking for -time.
  • If a user specified --fast and a timer less than 0.3 seconds (or 300000 useconds) then the logic would raise the timer to 0.3 after one successful connect (this is how the fast option works now). The new code will check to see of useconds is less than the default speedup value currently set to 300000 useconds.
  • Passive had a hard coded useconds argument for its timeout argument when calling ipv4_conn() this has been remedied.
  • Added a start and stop time to scan6.

More than likely because network strings has gained some traction as the feature/fix cycle speeds up I am not going to bother posting releases unless there is a major milestone hit... which I should probably work on defining. In the interim the github repo will have the latest and all the releases.

netstr page

Tue Mar 01 08:26:00 EST 2016

Network Strings, Indy Scan & OpenBSD-netcat


A very old but ever evolving piece of software, network strings dot 18 release sports all sorts of great goodness such as (but not limited to):

  • faster scanner (thanks to indysyn)
  • mega awful bug in the passive program fixed
  • cleaner output formatting
  • ... and much more on the netstr website

On top of all the coolness of the new release the website has a substantial amount of examples of how to use it along with leveraging the capabilities of the software. As the site notes, a more comprehensive guide may be forthcoming depending on uptake and usage.

website download repo


I wrote an extremely small but functional host port scanner in C as a way to figure out how to clean up/gut another program I maintain. It is a cool little program that will continue to evolve on its own over time. The goal is to eventually make into some sort of lib/utility with decent capabilities and easily integrated into other systems. The current license is public domain (there is nothing in it now worth protecting really it is all common knowlege). Feel free to download and use it as you see fit!

website download repo


OpenBSD's netcat is something I like but is not easily available on many of the systems I maintain and even if it is available it doesn't work exactly the same way as the authoratative version does. So I started an effort to fix that particular issue by patching together a version I can build where I need it to build ... and it does. If someone else wants it to build someplace else - have at it!

website download

Tue Feb 09 13:00:00 EST 2016

netstr-0.17 interim release

A new release of network strings is available. Major bug fix this time around. Previous versions had a bug that acted pretty strange, at first long haul routed scans would be weird and not always return the truth then it actually weirdly reversed. Lastly the timeout per port wasn't working right. Combined these made for interesting bugs. This version fixes those issues. Also the nature of --isup has changed. The previous version would use an entirely different code block to do a quick check (which was not always quick and caused duplication of effort). The way it works now is as soon as any port connection works it closes the socket and bags out (all the while letting you know.. hey it worked!).

The fixes came from an incubator project I am working on to redo how I do ipv4 scans. The project has several general phases and the code for it will come out when I think I am mostly there. The phases are:

  1. Create as simple as possible a single host port check program as an example for anyone else who might want to learn such a thing. The uses outside of being instructional might be for embedding in other software or limited resource systems.
  2. Perhaps to an instructional text on it...
  3. Create a set of modules that do common functions for the scan side of things based on the first step. Then create a micro scanner based off of that.
  4. Gut the scan module in netstr in favor of the new methods. This helps add some functional additions listed in the TODO file.

There are some other outstanding issues listed in the TODO as well which need addressed. Certain sized ranges like to blow up, some of the input parsing sucks and so on.


Fri Jan 22 17:14:45 EST 2016

OpenLDAP to AD Passthru

Ever wanted/needed to setup an OpenLDAP Server that can passthrough the password portion of authentication to a Windows DC LDAP Server? Well recently I happened to set something up to do just that so we could accomplish a single sign on solution for our Linux/BSD/Unix systems and AD systems. What was most interesting is the group I work in only supports and maintains Linux/BSD/Unix systems. We actually did not need to directly access a single DC we only needed a service account.