Reboot Linux using simple fork()

Posted on January 14, 2009 by Ashik

We all know that the simplest function in Linux is fork(). The fork is used create a child process which is an exact copy of the calling process (parent process). You might be thinking how can such a simple function reboot a linux machine. Well I must tell you that the program I am going to discuss today uses only this fork function and can force a Linux Server which can serve as many as 100 computers to get rebooted. I have tried this on my College’s Linux Server which Serves more than 200 computers at a time and I was lucky to get out of this situation.

Warning: I am not responsible to whatever happens to your computer after exceuting the following program on your computer.

I have written a simple C Program whose source is as follows:

#include<fcntl.h>

int main()
{
int i;
for(i=1;i<=300;i++)
{
printf(“%d”,fork());
}
return(1);
}

- Open the Linux Shell.
- Write the above program in your vi Editor and save it as reboot.c
- Now compile the program using following command:
gcc -o reboot reboot.c
- Now to execute the program type the following
./reboot
and press Enter.

Explanation: In the above program, I have used a loop of 300 iterations. In the first iteration it will execute the fork command which will create a child process which is the exact copy of the parent process i.e. the child process will have the same code as the parent process and it will execute simultaneously with the parent process. So in the next iteration both parent process and the child process will execute fork command which will in turn create child processes with the exact copy of their parent processes and this process of creation of child processes will be in the power of 2 i.e. after the first iteration the total number of processes will be 1 parent and 1 child = 2 process. After 2nd iteration the number of process will be 1 parent and 3 child = 4 process. And this will continue to double and at the end the total number of processes will be 2³⁰⁰ which is quite a big number. If you try to calculate this value in your calc it will take atleast 1 hour. So when you will execute the above program your linux machine will get overloaded and will be forced to reboot.

I executed this program in college’s Computer Lab and all the computer got hanged and after 1 or 2 mins a Global message was displayed that “Linux server is going to Reboot”. Since nobody knew what had happened I could get away from that situation. Hope that my lab faculty don’t read this Article.

10 ways to Tweak your Linux Boot Process

Posted on December 23, 2008 by Ashik

Linux rarely needs to be rebooted. But when it does, it’s often slow to boot. Fortunately, there are ways to speed things up. Some of these methods are not terribly difficult. (although some, unfortunately, are). Let’s take a look.

#1: Disable unnecessary services

Depending upon the use of the machine, plenty of services won’t be needed. Using Linux just for a desktop? Then you won’t need sendmail, httpd, and many other services. If your server is only a Web server, you can shut off many services as well. To do this, you can go to the Administration menu and take a look at the Services entry. Just deselect all of the services you don’t want to start.

#2: Disable unnecessary kernel modules

If your desktop is wired to the Ethernet, you don’t need to have a wireless kernel module loaded. This task is a bit more difficult and will require a kernel recompilation, which is not the easiest task to undertake. To do this, you will need the kernel sources. Then, follow the standard steps for compiling a kernel. The difference is that you’re going to go through your system and disable all of the modules you don’t need.

The best way to find out what kernel modules currently install and run on your system is to install Bootchart. Not only will this give you a good list of modules, it will illustrate for you what is happening during your system boot. You can also issue the command chkconfig –list | grep 3:on to find out what services are running. Once you know what loading modules you don’t need, you can remove them during a kernel recompilation. While you’re at it, compile the kernel to exactly match your architecture.

#3: Use a lightweight window manager instead of GNOME or KDE

I plug smaller footprint window managers for a reason — they drastically reduce graphical boot time. Instead of having to wait that extra 30 to 60 seconds for GNOME or KDE to boot up, why not wait two to 10 seconds for Enlightenment or XFCE to boot up? Not only will they save you boot time, they will save your memory and the headache of dealing with bloatware.

#4: Use a text-based login instead of a graphical login

Most of my Linux machines boot to run level 3 instead of run level 5. This will halt at the text-based login, where I only have to log in and issue startx to start my desktop of choice. The graphical logins do two things: increase load times and create headaches trying to recover from an X windows fubar.

#5: Use a lighter-weight distribution

Instead of loading the heavyweight Fedora, why not try a Gentoo, Arch, or Puppy Linux? The boot times for these smaller distributions are far faster than the more bloated Fedora (and even Ubuntu). Of the larger distributions, OpenSuSE claims to boot the fastest, but I have not personally tested this. Between the latest Fedora and Ubuntu, Ubuntu blows Fedora’s boot times away (and that is out of the box).

#6: Use an OpenBIOS

If you’re savvy enough to upgrade your PC’s firmware, you might consider migrating to an open source BIOS. One caveat to using open firmware is that it allows Linux to actually initialize the hardware as it boots (instead of relying on the BIOS). On top of that, many open BIOSes can be configured to meet your machine’s specific needs. If you don’t go the open BIOS route, you can at least configure your BIOS to not search for a floppy drive that’s not there or to boot directly to the first hard drive (instead of the CD drive first).

#7: Avoid dhcp

If you are working on a home network (or a small business network) where address lease isn’t a problem, go with static IP addresses. This will keep your machine from having to call out to a dhcp server to get an IP address. If you take this approach, make sure you configure your /etc/resolve.conf to reflect your DNS server addresses as well.

#8: If you can spare it, get rid of hotplug

Hotplug is the system that allows you to plug in new devices and use them immediately. If you know your server won’t need this system, delete it. This will cut down on boot time. On many systems, hotplugging consumes much of the boot time. Removing hotplug will vary depending upon the distribution you use. NOTE: udev has, for the most part, replaced hotplug. But if you’re running an older distribution, this does apply.

#9: If you are REALLY daring, you could give initng a try

The initng system serves as a replacement for the sysvinit system and promises to drastically decrease boot times in UNIX-like operating systems. If you would like to see the initng system in action, you can give the Pingwinek livecd a try.

#10: Use a hack with Debian

If you’re using Debian, there is a simple hack you can use to switch your startup scripts to run in parallel. If you look at the /etc/init.d/rc script, you will see: CONCURRENCY=none around line 24. Change this line to CONCURRENCY=shell and you should see a reduction in boot times.

That’s about it. Of course there are always more and better hacks out there. But the above should mostly cover everything. The good news is that you’re most likely already running Linux, so the burden of boot times is generally eased by the infrequency of reboots.

15 Tips to Improve your Linux Experience

Posted on December 21, 2008 by Ashik

The beauty of Linux is in users ability to do large amount of customization to have a unique user expereince. So today we will look in to some tips for a “better” Linux experience. The term “better” here is relative, because what works for me might seem a distraction for some or plain annoying to others; some of this “tips” might appeal to beginners, while advanced users might find it too easy. Hopefully some of these tips will be helpful to some of you.

1) Turn on your computer remotely by sending “magic network packets” to WakeOnLan supported network cards. This can be very helpful if you run a server at home but only access it occasionally. There is no need for you to have the server running all the time.

2) If you dual boot with windows, accessing Linux file system from your windows installation might be important for you. There are three windows applications that can help you do this: Explore2fs, Ext2 Installable File System, DiskInternals Linux Reader.
3) Similarly to have read/write access for Windows NTFS file system, you can use NTFS-3G. Most recent popular Linux distribution has NTFS-3G installed out of the box.

4) Share a single mouse and keyboard with multiple computers with different operating systems, each with its own display, with support for copy and paste. Thanks to Synergy, the most popular free KVM software switch out there.

Synergy in action.

5) Recovering data from damaged media can be handled by several Linux tools including some LiveCD, specifically built to help recover data. Parted Magic, Ubuntu Rescue Remix, SystemRescueCd, Foremost (data recovery), Ddrescue.

6) If you are a blogger like me and enjoy using desktop client over web editors, you will find these clients useful: Gnome Blog, Drivel Journal Editor, BloGTK, Thingamablog, Bleezer, QTM.

7) If you are a webdeveloper/designer, you will often find yourself testing a website across many platforms and browsers. IEs4Linux is a great painless way to check how IE browser will render your website. You could use services like browsershots, but I had mixed results with them.

Does your iPod miss iTunes? Here are three itunes alternative which will do most of what your iTunes would do, not an exact replacement; but does the job: Amarok, Banshee, Rhythmbox.

9) Follow multiple files by creating multiple windows in your console with the help of MultiTail, also known as tail on steroids.

10) Use Terminator to split your screen space with many terminal windows, both horizontally and vertically.

11) For even better control over your terminal display and customization and complex functions, GNU Screen is a much better choice over terminator; however terminator serves only one purpose.

12) Use RSIBreak to help prevent Repetitive Strain Injury. RSIBreak will force you to take short break, depending on your configuration, so that you don’t over-work yourself.

RSIBreak

13) If you find yourself working on a dumb terminal (hello sysadmins) or prefer working on terminals, you will find newsbeuter to be an excellent RSS reader for the console.

14) I know some will disagree with me on this, but conky is an excellent compliment to your desktop experience. If properly configured, it can add a lot of value to your desktop environment. Check out this very creative conky setup and read about it here.

15) Do you do podcasts? rootprompt has a great article with huge resources for both Linux podcasters and listeners.

Top 20 Hacking Tools

Posted on July 14, 2008 by Ashik

126

These are Top 20 Hacking Tools, the list is exhaustive, this are a few to name.

Nessus

The “Nessus” Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner for Linux, BSD, Solaris, and other flavors of Unix.

Ethereal

Ethereal is a free network protocol analyzer for Unix and Windows. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.

Snort

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.

Netcat

Netcat has been dubbed the network swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol

TCPdump

TCPdump is the most used network sniffer/analyzer for UNIX. TCPTrace analyzes the dump file format generated by TCPdump and other applications.

Hping

Hping is a command-line oriented TCP/IP packet assembler/analyzer, kind of like the “ping” program (but with a lot of extensions).

DNSiff

DNSiff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).

GFI LANguard

GFI LANguard Network Security Scanner (N.S.S.) automatically scans your entire network, IP by IP, and plays the devil’s advocate alerting you to security vulnerabilities.

Ettercap

>Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones)and includes many feature for network and host analysis.

Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 2500 potentially dangerous files/CGIs, versions on over 375 servers, and version specific problems on over 230 servers.

John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix.

OpenSSH

OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools, which encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.

TripWire

Tripwire is a tool that can be used for data and program integrity assurance.

Kismet

Kismet is an 802.11 wireless network sniffer – this is different from a normal network sniffer (such as Ethereal or tcpdump) because it separates and identifies different wireless networks in the area.

NetFilter

NetFilter and iptables are the framework inside the Linux 2.4.x kernel which enables packet filtering, network address translation (NAT) and other packetmangling.

IP Filter

IP Filter is a software package that can be used to provide network address translation (NAT) or firewall services.

OpenBSD Packet Filter

fport

fport identifys all open TCP/IP and UDP ports and maps them to the owning application.

SAINT

SAINT network vulnerability assessment scanner detects vulnerabilities in your network’s security before they can be exploited.

OpenPGP

OpenPGP is a non-proprietary protocol for encrypting email using public key cryptography. It is based on PGP as originally developed by Phil Zimmermann.

I still don’t know why people take it for granted to download virus protection software, and they wonder why their computers get hacked into.

Top 10 Linux Hacking Tools

Posted on May 13, 2008 by Ashik

This is a Cool Collection of Top Ten Linux Hacking Tools.

1. nmap – Nmap (“Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available.

2. Nikto – Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

3. THC-Amap – Amap is a next-generation tool for assistingnetwork penetration testing. It performs fast and reliable application protocol detection, independant on the TCP/UDP port they are being bound to.

4. Ethereal – Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product.

5. THC-Hydra – Number one of the biggest security holes are passwords, as every password security study shows. Hydra is a parallized login cracker which supports numerous protocols to attack. New modules are easy to add, beside that, it is flexible and very fast.

6. Metasploit Framework – The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for penetration testing, exploit development, and vulnerability research.

7. John the Ripper – John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

8. Nessus – Nessus is the world’s most popular vulnerability scanner used in over 75,000 organisations world-wide. Many of the world’s largest organisations are realising significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

9. IRPAS – Internetwork Routing Protocol Attack Suite – Routing protocols are by definition protocols, which are used by routers to communicate with each other about ways to deliver routed protocols, such as IP. While many improvements have been done to the host security since the early days of the Internet, the core of this network still uses unauthenticated services for critical communication.

10. Rainbowcrack – RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique. In short, the RainbowCrack tool is a hash cracker. A traditional brute force cracker try all possible plaintexts one by one in cracking time. It is time consuming to break complex password in this way. The idea of time-memory trade-off is to do all cracking time computation in advance and store the result in files so called “rainbow table”.

Hacking Truths

Hacking is fun, If you are a "Hacker"!

Category Archives: Linux Hacking