Block Skype connections

Posted on December 29, 2012 by BackTrack

There is a popular belief that Skype client is very hard to block on the network layer, due to it’s Peer-To-Peer behavior and usage of HTTP/S ports.

Block Skype client

However at present time (December, 2012) Skype client connections can be blocked pretty simply by a few firewall rules.
After startup, Skype client receives a number of it’s master (login?) servers – dsnX.d.skype.net. Currently there are 16 DNS entries from dsn0.d.skype.net to dsn16.dsn.skype.net.

Using simple bash script (uses Linux DNS utility – dig) we can get most of these server’s IP addresses:

[code]
for i in {0..20} ; do dig +short dsn$i.d.skype.net; done | sort | uniq
[/code]

Just block all access to following networks and Skype client won’t be able to authenticate and connect.

111.221.74.0/24
111.221.77.0/24
157.55.130.0/24
157.55.235.0/24
157.55.56.0/24
157.56.52.0/24
213.199.179.0/24
64.4.23.0/24
65.55.223.0/24

For Linux router, with IPtables firewall, you may use following command:

[code]
for ip in 111.221.74.0/24 111.221.77.0/24 157.55.130.0/24 157.55.235.0/24 157.55.56.0/24 157.56.52.0/24 213.199.179.0/24 64.4.23.0/24 65.55.223.0/24; do iptables -A OUTPUT -d $ip -j DROP; done
[/code]

Tags: skypePosted by BackTrack in Linux, Networking on December 29, 2012

20 Replies

Search recursively in file contents

Posted on December 25, 2012 by BackTrack

There is a very useful command to search for a particular string in file in bash. It will search subdirectories as well and display a full path to the file, containing the string.
[code]
find . -type f -exec grep -Hn “emacs” {} \; 2>/dev/null
[/code]
Output:
./anaconda-ks.cfg:56:emacs
./install.log:282:Installing emacs-leim-21.4-24.el5.x86_64
./install.log:592:Installing emacs-common-21.4-24.el5.x86_64
./install.log:781:Installing emacs-21.4-24.el5.x86_64
./install.log:792:Installing emacspeak-23.0-3.el5.noarch

The 2>/dev/null argument will hide annoying errors like grep: line too long.
If you want to limit the depth of subdirectories, use -maxdepth X argument. Where X is >0.

For a search in current directory, grep alone is sufficient:

[code]
grep -Hn “string” *
[/code]

Tags: find, grepPosted by BackTrack in Linux on December 25, 2012

OpenVPN route all traffic via VPN

Posted on December 20, 2012 by BackTrack

To add default route via VPN server add following lines into your server’s configuration file (usually /etc/openvpn/server.conf).

[code]
push “redirect-gateway def1”
push “dhcp-option DNS 8.8.8.8”
[/code]

DNS option may be required, if you are having troubles with name resolution after connecting to VPN.

Tags: linux, openvpn, vpnPosted by BackTrack in Linux, Networking on December 20, 2012

Zabbix 2 CheckPoint SNMP template

Posted on December 19, 2012 by BackTrack

I have created Zabbix 2.x Template for monitoring CheckPoint products via SNMP.
This template utilizes custom CheckPoint MIBs that are located on SecurePlatform OS in $CPDIR/lib/snmp/

You can also download CHECKPOINT-MIB file here (from R75 version):
http://pingtool.org/downloads/CHECKPOINT-MIB.txt

You need to copy this file to your Zabbix server, into directory /usr/share/snmp/mibs
To test new MIBs, run a snmpget command as follows:

SNMPv2: [code]snmpget -v2c -c -Of CHECKPOINT-MIB::svnVersion.0[/code]
SNMPv3: [code]snmpget -v3 -l authpriv -u -A -X -Of 192.168.14.3 CHECKPOINT-MIB::svnVersion.0[/code]

This command should return the product version:
.iso.org.dod.internet.private.enterprises.checkpoint.products.svn.svnInfo.svnVersion.0 = STRING: “R75.40”

Download links for Templates:

SNMPv2: http://pingtool.org/downloads/zbx_CheckPoint_SNMP.xml
SNMPv3: http://pingtool.org/downloads/zbx_CheckPoint_SNMPv3.xml

SNMPv2 template will try to link standard Zabbix’s Templates:”Template SNMP Device and Template SNMP Disks.

SNMPv3 template will try to link my own SNMPv3 Zabbix Templates: Template SNMPv3 Device and Template SNMPv3 Disks.

You can get these SNMPv3 templates from here

Tags: linux, monitoring, snmp, zabbixPosted by BackTrack in Linux on December 19, 2012

5 Replies

Zabbix 2 SNMPv3 device template

Posted on October 31, 2012 by BackTrack

Zabbix comes with predefined SNMP Device Template, that is configured to access devices with SNMP version 2.
Here is modified version of 3 Zabbix’s templates for use with SNMPv3.

It will add 7 new templates:

Template SNMPv3 Device
Template SNMPv3 Generic
Template SNMPv3 Interfaces
Template SNMPv3 Disks
Template SNMPv3 Processors
Template SNMPv3 OS Linux
Template SNMPv3 OS Windows

Download: zbx_SNMPv3_template.xml

To add this new template to your Zabbix, press “Import” button on templates page and select the xml file.

Template uses following macroses:

{$SNMP_SECNAME} – SNMPv3 username
{$SNMP_AUTH} – authentication password
{$SNMP_PRIV} – encryption passphrase

These macros have to be defined on hosts page:

Configuration – Hosts – <host using SNMP v3> – Macros – Add

Tags: zabbixPosted by BackTrack in Linux on October 31, 2012

6 Replies