NetWork Vault

The Common Open Research Emulator (CORE) is a tool for emulating networks on one or more machines. You can connect these emulated networks to live networks. CORE consists of a GUI for drawing topologies of lightweight virtual machines, and Python modules for scripting network emulation.

CORE has been developed by a Network Technology research group that is part of the Boeing Research and Technology division.  The Naval Research Laboratory is supporting further development of this open source project.

Key Features

Network lab in a box

Efficient and scalable

Easy-to-use GUI canvas

Centralized configuration and control

Runs applications and protocols without modifying them

Real-time connection to live networks

Hardware-in-the-loop

Distributed with multiple COREs

Highly customizable

CORE Demonstrations

Click on a topic below for a short demonstration. These movies require Flash.

Introduction to CORE

Wireless (MANET) Networks

Links and Services

Distributed Emulation

Play All

CORE Documentation

The CORE Manual (PDF, HTML) covers installation, usage, and more. The CORE API Documentation covers the CORE API, which allows other systems to interact with the CORE emulation. This API is also used for communication between the different components of CORE.

CORE Downloads

CORE downloads are available at http://downloads.pf.itd.nrl.navy.mil/core/. Download files have been split amongst the following directories:

packages directory - contains the FreeBSD (tbz) and Linux (rpm) binary packages

source directory - contains a tarball of the source code

vmware-image directory - contains VMWare Virtual Machine containing a CORE installation

For more instructions on what to do with the downloaded files, please see the Installation section of the CORE manual.

Comments and Questions

Please direct questions and comments to the CORE User's Mailing List and/or the CORE Developer's Mailing List. These mailing lists are monitored by the CORE developer(s).

Additional Links

There is a supplemental CORE page at http://code.google.com/p/coreemu/.

Citations

Academic publications that use CORE are requested to cite the following publication:

J. Ahrenholz, Comparison of CORE Network Emulation Platforms, Proceedings of IEEE MILCOM Conference, 2010, pp.864-869.

Link:

In order to begin sniffing wireless traffic with Wi re s h a r k , your wireless card must be

in monitor mode.Wi reshark does not do this automatically; you have to man u a l l y

c o n fig u re your wireless card before starting your packet capture. H oweve r, the com-

mands you need in order to config u re the card in monitor mode can differ based

on the type of wireless card and driver that you are using.This section discusses

h ow to complete this step based on the most common wireless card and drive r

combination for Linux .

TIP: Determining the type of wireless card you have isn’t always easy. While

there are only a handful of manufacturers that make the wireless

chipset hardware, multiple vendors re-brand the cards, thus making it

difficult to identify what the actual chipset is. One resource for identi-

fying the chipset from the card manufacturer  is available at

h t t p : / / l i n u x - w l e s s . p a s s y s . n l. If your specific card isn’t listed here you

can search using Google with the card name and keyword “chipset”

(e.g., WPC55AG chipset).

Linux Wireless Extensions Compatible Drivers

Most wireless drivers for Linux systems use the Linux Wireless Extensions interface,

providing a consistent configuration interface for manipulating the wireless card.

First, let’ s identify the wireless driver interface name by running the wireless card

configuration utility iwconfig with no parameters:

$ iwconfig

eth0       no wireless extensions.

lo         no wireless extensions.

eth1       IEEE 802.11b  ESSID:”Beacon Wi-Fi Network”

Mode:Managed  Frequency:2.462 GHz  Access Point:

00:02:2D:8B:70:2E

Bit Rate:11 Mb/s   Tx-Power=20 dBm   Sensitivity=8/0

Retry limit:7   RTS thr:off   Fragment thr:off

Power Management:off

Link Quality=50/100  Signal level=-71 dBm  Noise level=-86 dBm

Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0

Tx excessive retries:0  Invalid misc:286   Missed beacon:5

NOTE

It is recommended that users take advantage of the Linux 2.6 kernel

whenever possible. Most Linux distributions install their wireless tools

packages for i w c o n fig and i w p r i v by default; you will need to install

these tools manually if they are not included with your default distribu-

tion. Use the package management utilities that come with your Linux

distribution to search for packages with the name “wireless-tools” to

identify installation options. Information specific to older Debian, SuSE,

RedHat, and Mandrake distributions is available at

w w w. h p l . h p . c o m / p e r s o n a l / J e a n _ To u r r i l h e s / L i n u x / D I S T R I B U T I O N S . t x t .

F rom this output, we determine that interfaces e t h 0 and l o do not support Linu x

Wi reless Extensions; h oweve r, i n t e r face e t h 1 does support wireless extensions. F ro m

the output, we can see that the card is currently in managed mode and is associated

with an IEEE 802.11b network with the Service Set Identifier (SSID) “Beacon Wi - F i

N e t wo r k ” at 2.462 GHz (channel 11).

274 Chapter 6 • Wireless Sniffing with WiresharkSince we want to use this wireless interface for wireless traffic sniffing, we need

to place the card in monitor mode. In order to make changes to the wireless card

configuration, we need to be the root user. Become the root user by running the su

command and supplying the root user password:

$ su

Password: (enter root password)

#

After becoming the root user, you can use the iwconfig utility to configure the

card for monitor mode, by specifying the interface name followed by mode monitor:

# iwconfig eth1 mode monitor

After placing the card in monitor mode, run the iwconfig utility with the inter-

face name as the only command-line argument, to verify the configuration change:

# iwconfig eth1

eth1       unassociated  ESSID:off/any

Mode:Monitor  Channel=0  Access Point: 00:00:00:00:00:00

Bit Rate:0 kb/s   Tx-Power=20 dBm   Sensitivity=8/0

Retry limit:7   RTS thr:off   Fragment thr:off

Encryption key:off

Power Management:off

Link Quality:0  Signal level:0  Noise level:0

Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0

Tx excessive retries:0  Invalid misc:7007   Missed beacon:0

In this output, we see that the mode has changed from managed to monitor.At

this point, the wireless card is operating in monitor mode.Next, we need to make

sure the interface is in the “up” state with the ifconfig utility , again using the interface

name as the only command-line parameter:

eth1       Link encap:UNSPEC  HWaddr 00-13-CE-55-B5-EC-BC-A9-00-00-00-00-00-

00-00-00

BROADCAST MULTICAST  MTU:1500  Metric:1

RX packets:18176 errors:0 dropped:18462 overruns:0 frame:0

TX packets:123 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

Interrupt:11 Base address:0x4000 Memory:a8401000-a8401fff

Wireless Sniffing with Wireshark • Chapter 6 275The first indented line of text following the interface name and hardware

address (HWaddr) reports the operating flags for the interface. In this example, the

interface is configured to accept broadcast and multicast traffic.The interface is not

currently in the up state, due to the lack of the UP keyword.Modify the interface

configuration by placing the interface in the up state, then examine the interface

configuration properties as shown below:

eth1       Link encap:UNSPEC  HWaddr 00-13-CE-55-B5-EC-3C-4D-00-00-00-00-00-

00-00-00

UP BROADCAST MULTICAST  MTU:1500  Metric:1

RX packets:34604 errors:0 dropped:34583 overruns:0 frame:0

TX packets:232 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:18150 (17.7 Kb)  TX bytes:0 (0.0 b)

Interrupt:11 Base address:0x4000 Memory:a8401000-a8401fff

In this output we see that the interface is now in the up state and is ready to

begin sniffing wireless traffic.

NOTE

Unlike the iwconfig tool, ifconfig does not understand the properties of

an interface that is in monitor mode. When associated to a wireless net-

work, the interface appears as a standard Ethernet interface; however,

when in monitor mode, it appears as an unknown or unspecified link

encapsulation mechanism. As a result, ifconfig displays a default of 16

bytes to represent the Media Access Control (MAC) address of the

unspecified interface encapsulation (denoted with the string UNSPEC). In

what appears to be a bug in the ifconfig tool, 8 bytes are printed to rep-

resent the MAC address, followed by 8 NULL bytes. The first 6 bytes rep-

resent the actual MAC address of the wireless card, followed by 2 bytes

Well, i am pretty focused on computer networking, cisco hardware most of the time, but since i am studying to my LPI certification most of my posts here are going to be related to that process. I have a lot of material in my draft to finish related to LPI certification, just need to finish them and do the proper formating. So, if you are looking for tips to study for lpi certification or jut to find some linux tips stay tunned, repass this message or just follow me up here, if you think you can help, be sure you will be very welcome! I got a document to recommend for the moment and you can download a *.pdf copy here: http://www.happy-monkey.net/LPI/LPI-Self-Study-Guide.pdf

You can also take some preparation tests here: http://aplawrence.com/Tests/

For the Brazilian or Portuguese speakers i can recommend the GUIA FOCA here: http://www.guiafoca.org/  Or you can take a look at this books: http://www.linuxnewmedia.com.br/shopping/livro/lpi_1_3_ed_lpi_2_2_ed

To start this post i'm assuming you already have a Windows server installed with Active Directory Domain Services configured and the Windows DNS server also setup at you Linux Machine (remeber  edit the /etc/resolv.conf for that) I'm also assuming you have all samba services installed on your linux machine.  Well lets start then, I'm using Ubunt as an example so i'll be using apt-get to install the packages i'll need. And those packages are: likewise-open-gui - GUI for Likewise Open Authentication service. Likewise Open likewise-open - Authentication services for Active Directory Domains

I'm Using Ubunt 8.04 LTS as my main distribution i recommend you use the apt-get search likewise to see if it matches for you distribution.

First we need to edit the file lwiauthd.conf located in /etc/samba directory, check if contains configurations on it, if it does, make a backup using the mv command just like this:

mv /etc/samba/lwiauthd.conf /etc/samba/lwiauthd.conf.backup

Ok, now we're ready to move on, make a new lwiauthd.conf, i'm going to use the vim editor but you can use any editor of your preference. At the shell type (remember you can use sudo) #vim /etc/samba/lwiauthd.conf inside that new file type at the top the following:

winbind use default domain = yes

Exit the editor making sure to save your configurations made.

Now to actually join the domain, in the cli type:

# domainjoin-cli join yourdomain.com username (it's important to use a user that is already setup in Active directory, create one, preferable inside the domain admins group and administrators) it will ask for the domain user's password, type it and it should give you the shell back.

At this point if you go to your Active Directory Users and Computers in the Computers Container you will be able to see you Linux Machine listed there.

Reboot the Linux machine and in the logon screen use the following sintax to logging into the domain:

[email protected] and next type the domain user's password. 

  But we've a little problem here, if logging with your domain user, you'll not be able to execute any commands using sudo, that's because that user is not in the sudoers file, go to Active Directory Users and Computers in the users container, locate the user and check the groups he's member of, in the member of tab, with that in hand let's add it to the sudoers file:

 Remeber to log into the Linux Machine LOCALLY (not in the domain) # vim  /etc/sudoers

Scroll all the way down the file were you can see the  # Members of the admin group may gain root privileges You will notice that you already have an entry there, it's the default, let's add our domain user to this section, following this exact syntax:

%yourdomain\\user^usergroup ALL=(ALL) ALL <--(You need to use the double inverted slash, tumblr is not showing correctly but you need to use the double inverted slash after the yourdomain "\\\")

now save the file, logoff, log with you domain user and try to run anything uing sudo, for example: $ sudo vim /etc/passwd

And that it is!

The program responsible to load the library and link it to the dependent program is the ld.so, that is invoked by a program every time it needs a function located in an external library.

ld.so can locate a library in question with the help of a mapping located in the file /etc/ld.so.cache. The default location of those system libraries are: /lib and /usr/lib

Directories containing additional libraries should be included in the /etc/ld.so.conf file

In some Linux distributions the directory /etc/ld.so.conf.d/ is also used (ubuntu uses it) and this directory can include some other files pointing other locations to external libraries.

The execution of ldconfig command is fundamental to update the /etc/ld.so.cache everytime a change is made in /etc/ld.so.conf file.

You can use an another method to make the library available to ld.so, and it's using the variable LD_LIBRARY_PATH using the command: export LD_LIBRARY_PATH=path to the library. This method, however makes it temporary access for ld.so to the directory in question, that is because it won't work outside the ambient you're working and it's going to be lost if you boot your system. You can make it permanent editing and adding the directory containing the library in /etc/ld.so.conf and don't forget to run the ldconfig after you changed that.

Hope it helps someone outthere! feel free to contact me in case of any doubts.

It's a good practice to backup your MBR in case of an emergency, to do so execute the following as root or using sudo

# dd if=/dev/sda of=mbr.backup bs=1 count=512

To restore it, boot with a livecd or any other tool and execute:

# dd if=mbr.backup of=/dev/sda

Se você tem a mesma necessidade que eu em manter servidores de arquivos, backups, emails, banco de dados com GNU/Linux remotamente e sem a interface gráfica (somente modo texto) sabe que é necessário uma maneira mais efetiva de visualizar o uso do espaço em disco de uma maneira que seja possível identificar o que e onde estão os diretórios e arquivos que mais consomem espaço em disco.

Para tal execute o seguinte comando (com permissão de super usuário, se possível)

$ sudo du -lh | sort -nr | less

Exemplo de saída do comando:

Agora vamos explicar cada um dos itens do comando:

du: Este comando permite a listagem do uso de epaço em disco, sem usar parametros o comando não é muito útil.

Parametro -l 

Este atributo permite ao comando du que ele conte o tamanho de todos os arquivos, mesmo que que estes arquivos já tenham sido contabilizados anteriormente, ele é útil por exemplo quando temos hard links configurados.

Parametro -h

Com este parâmetro usado, podemos visualizar a saída da soma do espaço formatado para leitura em blocos de 1024 bits por padrão é possível utilizar blocos de 1000bits com o uso da opção --si porem seu uso foge do escopo deste texto.

|: Conhecido como pipe, ele permite o "encadeamento" de processos, "pegando" a saída do comando anterior e redirecionando-a para o próximo comando.

sort: O comando sort, na sua forma mais simples, serve para ordenar o conteúdo de um arquivo.

Parametro -n

O -n server para informa ao comando sort que a listagem será de ordem numérica.

Parametro -r

Utilizamos para que a saída numérica do sort com 0 -n seja invertida, dessa forma exibindo na tela os resultados obtidos do menor número para o maior, para manter a ordem de maior para menor, omita o paramentro -r.

less: Nada mais e nada menos que um paginador, com o less é possível exibir o conteúdo de arquivos texto e possibilitar que a saída seja paginada tela a tela (com o uso da barra de espaço) ou linha a linha (com o uso do enter) Muita gente ainda usa o comando more como paginador, o less executa as mesmas funções que o more e ainda possibilita-nos que possamos avançar ou retroceder no texto com o more, isso não é possível.

Sou entusiasta de GNU/Linux desde 1996, fiz o preparatório para a certificação em 2001 mas por motivos financeiros acabei não realizando a prova, foquei minha carreira em redes de computadores (CCNA) e o GNU/Linux ficou sendo meu caso de amor platônico. 

Esse ano resolvi voltar a estudar a plataforma, e na busca de materiais na web acabei me dando conta que, apesar da enorme quantidade, falta muita qualidade. Não me entendam mal, mas já de início me deparei com videos caseiros de entusiastas, que não conseguem pronunciar sequer o nome correto das tecnologias que eles pretendem ensinar. Hoje não é difícil perder mais do que 10 minutos no youtube e prestar o mínimo de atenção em como as palavras são pronunciadas!

O meu ponto aqui é: SIM, você TÊM QUE OBRIGATORIAMENTE saber pelo menos PRONUNCIAR CORRETAMENTE os nomes das tecnologias, nomes e nomes de empresas, profissionalmente e por que não, fins culturais, não seja como a maioria por ai, preocupe-se com o sotaque, procure ouvir os nomes corretos na língua nativa da tecnologia, empresa ou o que for.