Tue Feb 21 14:44:07 EST 2017

indysyn has ipv6

The ultra tiny port scanner indysyn has single port single host ipv6 scanning support. Indysyn was originally a temporary piece of throwaway code being used to come up with cleaner and/or simpler connection methods for other software but it turned out to be a nice small piece of software others could use as a jump off point or integration. Note that this is currently a snapshot and not a formal release, so the download from here is a snapshot from the master branch as of today and cannot be snagged from github (although if you happen to grab the master zipfile today it would be the same... but whatever).


Fri Dec 30 17:45:11 EST 2016

Weird Code

Amidst digging through old code and scripts I came across a few truly frightening bits. So I decided to dig around a little more and see what else I might come across that I thought looked somewhat off the beaten trail (or what a professional might call not exactly sound programming practice). In this kinda sorta whimisical text I show a few examples of the nuttery over the years. These are only a very small few and I am sure with more digging (which I am almost afraid to do) I can find more:


Mon Mar 21 08:50:00 EST 2016

Bugfixes for netstr

An update of netstr is available. The following issues were addressed:

  • The --time option was not being parsed at all. There was a typo in the if/else ladder that had it looking for -time.
  • If a user specified --fast and a timer less than 0.3 seconds (or 300000 useconds) then the logic would raise the timer to 0.3 after one successful connect (this is how the fast option works now). The new code will check to see of useconds is less than the default speedup value currently set to 300000 useconds.
  • Passive had a hard coded useconds argument for its timeout argument when calling ipv4_conn() this has been remedied.
  • Added a start and stop time to scan6.

More than likely because network strings has gained some traction as the feature/fix cycle speeds up I am not going to bother posting releases unless there is a major milestone hit... which I should probably work on defining. In the interim the github repo will have the latest and all the releases.

netstr page

Tue Mar 01 08:26:00 EST 2016

Network Strings, Indy Scan & OpenBSD-netcat


A very old but ever evolving piece of software, network strings dot 18 release sports all sorts of great goodness such as (but not limited to):

  • faster scanner (thanks to indysyn)
  • mega awful bug in the passive program fixed
  • cleaner output formatting
  • ... and much more on the netstr website

On top of all the coolness of the new release the website has a substantial amount of examples of how to use it along with leveraging the capabilities of the software. As the site notes, a more comprehensive guide may be forthcoming depending on uptake and usage.

website download repo


I wrote an extremely small but functional host port scanner in C as a way to figure out how to clean up/gut another program I maintain. It is a cool little program that will continue to evolve on its own over time. The goal is to eventually make into some sort of lib/utility with decent capabilities and easily integrated into other systems. The current license is public domain (there is nothing in it now worth protecting really it is all common knowlege). Feel free to download and use it as you see fit!

website download repo


OpenBSD's netcat is something I like but is not easily available on many of the systems I maintain and even if it is available it doesn't work exactly the same way as the authoratative version does. So I started an effort to fix that particular issue by patching together a version I can build where I need it to build ... and it does. If someone else wants it to build someplace else - have at it!

website download

Tue Feb 09 13:00:00 EST 2016

netstr-0.17 interim release

A new release of network strings is available. Major bug fix this time around. Previous versions had a bug that acted pretty strange, at first long haul routed scans would be weird and not always return the truth then it actually weirdly reversed. Lastly the timeout per port wasn't working right. Combined these made for interesting bugs. This version fixes those issues. Also the nature of --isup has changed. The previous version would use an entirely different code block to do a quick check (which was not always quick and caused duplication of effort). The way it works now is as soon as any port connection works it closes the socket and bags out (all the while letting you know.. hey it worked!).

The fixes came from an incubator project I am working on to redo how I do ipv4 scans. The project has several general phases and the code for it will come out when I think I am mostly there. The phases are:

  1. Create as simple as possible a single host port check program as an example for anyone else who might want to learn such a thing. The uses outside of being instructional might be for embedding in other software or limited resource systems.
  2. Perhaps to an instructional text on it...
  3. Create a set of modules that do common functions for the scan side of things based on the first step. Then create a micro scanner based off of that.
  4. Gut the scan module in netstr in favor of the new methods. This helps add some functional additions listed in the TODO file.

There are some other outstanding issues listed in the TODO as well which need addressed. Certain sized ranges like to blow up, some of the input parsing sucks and so on.


Fri Jan 22 17:14:45 EST 2016

OpenLDAP to AD Passthru

Ever wanted/needed to setup an OpenLDAP Server that can passthrough the password portion of authentication to a Windows DC LDAP Server? Well recently I happened to set something up to do just that so we could accomplish a single sign on solution for our Linux/BSD/Unix systems and AD systems. What was most interesting is the group I work in only supports and maintains Linux/BSD/Unix systems. We actually did not need to directly access a single DC we only needed a service account.


Fri Nov 13 08:48:06 EST 2015

netstr-0.16 Release

The network strings utility has a new release. A few changes, one pretty significant one: scan --ping is no longer supported, instead scan --isup does something similar. I found a bug in the ping code that essentially rendered it useless. Additionally, it was not a true ping, the code was doing a fast port check which really isn't correct. The new code tries to do one very fast, very arbitrary connect, blurts out a response then bags out. The rest of the changes are either related or not a big deal:

  • Removed buggy `scan --ping` and replaced it with `scan --isup` it isn't really a ping it is a single fast connect() attempt.
  • Mega update to the TODO there is a lot of work that needs done
  • Very minor formatting changes
  • Updated manual page to reflect how `scan --isup` really works
  • Updated info print to reflect how `scan --isup` really works

The manual page and help print had a major error. Runing netstr scan --isup TARGET is not compatible with any other scan options (there is a good reason for this, mucking with the timers will cause false positives). So one can do either isup with target only or a regular scan without the isup option.

The formatting changes, actually, are kind of a big deal. I went through the code and hand formatted as much of it as I could to make it easy to read. In addition to formatting I added a ton of comments for anyone who might want to make changes to it. Also if you would like to make changes check out the TODO file. There is a lot of work I'd like to do over the winter so I can get it to a production release and switch to maintenance mode (as I've another project I'd like to get going soon).


Sat Oct 15 19:47:33 EDT 2015

Example QEMU Shell Lib

Where I work we have the need to convert vmdk virtual machine image files as well as clone qcow2, raw and/or vmdk image files. The management software we use (as of the writing of this post) cannot do either of those (although it does a good job handling DWM, HA, templates, VDC and IaaS... so it is ok..) Hence I wrote my own shell lib with routines to do cloning and converting. Here is a very small example shell script that calls my library:

# Clone a CentOS 6 QCOW2 image 
source /usr/local/lib/qlib
if [ $1 == -u ]; then
    echo Usage: $0 source-image destination-image
    exit 0

clone_img $1 $2
prep_centos_vm $2 6

There is no license. As with everything YMMV, there is configuration to do and there are limitless improvements to be made since it is such a limited use case.


Sat Apr 4 12:15:41 EST 2015

OpenLDAP Server

I really had hoped to have some coding stuff to put up but not this time around. Instead I got side tracked onto a LDAP project and decided since I had such a difficult time mining data on how to set it up; why not share the fun? It isn't really all that bad and for those in the know or are recklessly confident I tacked on a quickstart guide at the end of the text.


Mon Feb 2 08:51:58 EST 2015

MySQL Status Page Nagios Check 2

Part one of this series introduced the concept of using a web status page for nagios checks and how to setup a mysql and php status page. In part two the nagios check itself is detailed along with what other interesting things could one do. For simplification I will follow what seems to be the systhread standard and first break the script down into pieces and at the end put it all together.


Tue Dec 09 18:00:00 EDT 2014

Using the timeout Command

Ever had an automated secure copy hang on you? Or, better yet, how about a crond secure copy job that hangs each time it is called and you happen to be out of the office for a couple days while it is called once an hour? Sure that never happens.... well it did and the fix, hopefully, was relatively simple.


Tue Sep 30 23:00:00 EDT 2014

Network String Development Release 0.15

Due to certain commercial products a network utility program had to be renamed. Since that was going on it was renumerated and labeled development release so it could get pushed out. netstr-0.15 is a collection of small network tools put together to compliment the network toolkit. The tools are modules that are called at run time and managed by the netstr main program. The modules are:

  • scan: simple small ipv4 portscanner
  • scan6: by port ipv6 scanner
  • passive: passive ipv4 port watcher & recorder
  • tcpdump: mini tcpdumper
  • arpsniffer: watches for arp traffic

Invoking netstr is similar to the dnet utility:

$ ./netstr                                                                        
Usage: netstr <command> <args> ...
netstr scan --ping --conn --dgram --port n-N --time \
            --extra -V {target}
netstr scan6 --dgram --port N {ipv6addr}
netstr passive --if dev --threshold n --polls count \
               --extra --no-verify {pcap-expr}
netstr tcpdump --if dev --polls count --decode {pcap-expr}
netstr arpsniff --if dev --polls count --decode {pcap-expr}

Please note that netstr is experimental and was just recently actively developed again. Your mileage may vary ... a lot.

Download netstr dr15

Mon Aug 4 19:06:28 EDT 2014

MySQL Status Page Check using Nagios Part 1

Nagios can check anything anyone is willing to write it to check. In other words if there is a way to reap results then Nagios can act on those results whether they be a set of strings, numbers or some combination therein. This two part series goes over setting up a very rudimentry MySQL status page check using common tools found on a BSD-Unix, Unix or Linux system (and it not, generally easy enough to install). This first part goes over requisites, assumptions and the status pages themselves. The second part is the Nagios end of things and of course the "other cool stuff" the creative mind can do with it all.


Fri Feb 14 21:43:49 EST 2014

pwutils-0.6 Available

The single line print format for pwutils never worked right. Well now it does. The pwutils collection are some very small programs written in C, Perl, Python and Bash that do, among other things:

  • Userinfo print similar to BSD systems
  • Group report
  • Various user reports
  • A kinda sorta like the pw utility pwutil front end.

Should build and run on almost any Unix/Linux/BSD system.

Coding Download