Tagnetwork

ipdb.me – a network numbers search engine

Today I’d like to introduce to you: ipdb.me, my latest project.

It’s a little web app where you can search for an IP, an Autonomous System number or a domain name to find information about those.

Although I’m perfectly aware of the fact that there are already numerous tools out there that have similar functionality, I started with developing ipdb.me.  It began mainly a an exercise in Golang, internet technologies in general and, most importantly, for fun.

But the topic was not randomly chosen: I always had to copy & paste information for an IP from different sources until I had all the information I needed together when working at my day job.

So I also did it to have a tool at hand to which I can throw IPs, ASN Numbers, domain names, etc.. and it would always respond something useful.ipdb.me-infopage

In this first public release I’m not quite there. MAC addresses, for example, are not yet supported (but will be once), Whois information is not yet as complete as I’d like it to be (getting correct Whois information is not as easy as I thought, but that’s enough material for another post.) and It’s not yet possible to search for companies and get their assigned AS Numbers back. (but it’s planned as well.)

Also I plan to provide an API for all the information you can now see in the results of a query for easy access in your apps.

Nevertheless I’m happy with the result so far and I’ll keep improving the site continuously.

If you have the time and like using ipdb.me, I’d be very happy to hear from you and receive feedback. Maybe you have an idea that could make ipdb.me more useful for you? Maybe something about it totally sucks and I better change it? Let me know: ipdb.me is on twitter, has a simple contact form for feedback or you may simply leave a comment below.

Hope to see you on ipdb.me,

Simon

The fastest rsync over SSH options

When synchronizing a ton of data you don’t want to wait longer than really necessary! So I tested several suggestions found on the net and came up with the following:

rsync -aHxv --numeric-ids --delete --progress -e "ssh -T -c arcfour -o Compression=no -x" <source_dir> <user>@<dest>:<dest_dir>

This command is almost exactly what somaddict suggested on commandlinefu.com.

nginx server status page and interpretation

Server tuning starts with server monitoring, with server-stats you can learn about the usage of nginx.

First, check if nginx has been compiled with –with-http_stub_status_module.

$ /usr/sbin/nginx -V 2>&1 | grep --color with-http_stub_status_module

Check the output for –with-http_stub_status_module. If it’s not there, you must compile it in manually.

If you have it, start by add this config snippet to your server config:

server {
  listen 127.0.0.1:8200;
  location /server-status {
    stub_status on;
    access_log off;
    allow 127.0.0.1;
    deny all;
  }
}

Then, reload nginx. You can query the status page from localhost only with this config. Try it:

$ wget http://127.0.0.1:8200/server-status -qO -

Active connections: 4
server accepts handled requests
488803 488803 1002230
Reading: 0 Writing: 2 Waiting: 2

This reads like this:

We have 4 active connections, 2 of them are currently being served by nginx (Writing), 0 are requesting something (Reading) and 2 have open connections but there is no activity at the moment (Waiting), this is because of keep-alive connections.

The server has accepted 488803 connections and could answer 488803 of it (100%). Within this connections, 1002230 requests have been served (2.05 requests/connection).

bind DNS zone transfers with dynamic zones

dig netmess.org

If you operate a name server, you know you should have at least two of them. But how do you keep them in sync? “Easy, this is done with zone transfers!” you say? But what if you have a changing set of zones? Wonder how you can easily populate this zones to the slave server? Wonder no more!

This article is written along a Debian/Ubuntu flowered Linux. If you run any other distribution, it may happen that you can’t find a config file at the location I refer to here, but the principle is the same.

Before you get going, install the required software so you can later just go on. On Debian or Ubuntu, type this:

# apt-get install bind9 curl xml2 mktemp

Now you’re ready. On the master server, add this to /etc/bind/named.conf.options in between options {}:

#master
allow-transfer { ip of slave server; };
notify yes;
version "Not available";
recursion no;

Of course you need to replace “ip of slave server” with the actual IP of the slave server. The version setting is not really needed, it just hides the bind version you’re running and therefore makes it harder for an attacker to tell what DNS server you are running. After you did the changes, restart bind:

# service bind9 restart

Then, edit the same file on the slave server:

#slave
allow-notify { ip of master server; };
version "Not available";
recursion no;

Also on the slave, add a directory where your zones are stored and set correct owner:

# mkdir /var/cache/bind/slave
# chown bind.bind /var/cache/bind/slave

The bind configuration files are very flexible. You can point to files to include them into the main config file. This allows you to organize your config and makes it cleaner. We use that, so a script can later generate a file containing slave zones only – without the whole rest of the config. On the slave, add this to /etc/bind/named.conf:

include "/etc/bind/named.conf.myzones";

With this setup you can already transfer zones. There is just one problem: The slave server does not know what zones he is responsible for. We change that with the magic of a simple shell script that creates the /etc/bind/named.conf.myzones file. Put the following in /usr/local/sbin/bind-zone-sync.sh on the slave server:

#!/bin/bash
# config
master=ip of master server
myzonesfile="/etc/bind/named.conf.myzones"
remotehost=$master
remoteuser=user of master server that can access /var/cache/bind/
# helpers
tmpfile=$(mktemp)
bkpfile=$(mktemp)
#code :)
logger -t bind-zone-sync "starting bind zone sync."
for zone in $(ssh $remoteuser@$remotehost "echo /var/cache/bind/*"); do
	echo "zone \"$(basename ${zone%%???})\" {" >>$tmpfile
	echo "	type slave;" >>$tmpfile
	echo "	masters { $master; };" >>$tmpfile
	echo "	file \"slave/$(basename ${zone%%???}).bdb\";" >>$tmpfile
	echo "};" >>$tmpfile
	echo >>$tmpfile
done
if [ ! -e $myzonesfile ]; then
	cp $tmpfile $myzonesfile
	service bind9 restart
	logger -t bind-zone-sync "first run: generated $myzonesfile."
	exit
fi
if [ "$(md5sum $myzonesfile | cut -d" " -f1)" != "$(md5sum $tmpfile | cut -d" " -f1)" ]; then
	cp $myzonesfile $bkpfile
	cp $tmpfile $myzonesfile
        service bind9 restart
	logger -t bind-zone-sync "done. backup of $myzonesfile is in $bkpfile."
	exit
fi
rm -f $tmpfile
logger -t bind-zone-sync "done. no changes detected."

Set the correct values according to your environment below the “#config” marker. Then, make the script executable:

# chmod +x /usr/local/sbin/bind-zone-sync.sh

If you wish to automatically sync the zones, create an ssh key to allow automatic login to the master server. This is now very brief, ask if the stuff below doen’t work. Run this on the slave server and just press return on all questions unless you know why to change the proposed values:

# ssh-keygen

This creates a new key pair for you. The public key has to be copied to the master server, so he knows you’re allowed to login. As “remoteuser” you must take the same user you defined in the shell script above:

# ssh-copy-id remoteuser@masterserver

When you got the auto login running, add a cronjob on your slave server to schedule the sync. Insert this into /etc/cron.d/bind-zone-sync:

* */15 * * * root PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin /usr/local/sbin/bind-zone-sync.sh

Now, your zones will be synced every 15 minutes to the slave server. Bind is only restarted if you added or removed a zone. Simply modifying records on the master wont trigger a bind restart but will be synced immediately to the slave without a restart.

If everything is working fine, you may want to monitor your bind DNS server with Zabbix?

Cisco iOS routing

Making a static route on cisco iOS is rather easy!

With static routes you can tell your router (or any other network device) where to route the network traffic for a specified network to. This can be an Interface or IP address. The command looks like this:

iOS(config)# ip route <IP/network> <netmask> <gateway/interface>

So, if you know that network 10.10.0.0/16 is behind router 192.168.1.1 you’d do:

iOS(config)# ip route 10.10.0.0 255.255.0.0 192.168.1.1

If you want to add a default route, specify a 0.0.0.0/0 network:

iOS(config)# ip route 0.0.0.0 0.0.0.0 192.168.1.1

And, last but not least, use a exit interface: (192.168.1.2 is directly connected to FE1)

iOS(config)# ip route 192.168.1.2 255.255.255.255 FE1

And at the end, you probably want to have a look at what you’ve done:

iOS(config)# show ip route static

or more specific, “grep” for a route or gateway:

iOS(config)# show ip route static | inc 192.168.1.1

As inc stands for include, see this post.

© 2017 netmess

Theme by Anders NorenUp ↑