Has my SSL cert Expired?

I know Browser gives this info - but if you wanna use this info somewhere in a script etc. this command can be definitely handy!

[root@DebaTestBox ~]# echo | openssl s_client -connect mysite.com:443 2>/dev/null |openssl x509 -dates -noout

notBefore=Mar 20 00:00:00 2012 GMT

notAfter=Apr 19 23:59:59 2016 GMT

[root@DebaTestBox ~]#

Below will actually give you how many days left for expiry  -

#Cat WillExpire-in.sh
end_date=`openssl s_client -showcerts -connect mysite.com:443  

/dev/null | sed -n 's/ *Not After : *//p'`

if [ -n "$end_date" ]
then
    end_date_seconds=`date '+%s' --date "$end_date"`

    now_seconds=`date '+%s'`

    echo "($end_date_seconds-$now_seconds)/24/3600" | bc
fi

Thanks/-

D

Rethink Automation !!

Is it true that - Technologies and accelerated growth of automation has a tendency of eating jobs?

I recently attended one workshop where most of the participants were upcoming talented Software engineers and on the same topic one said "I hate seeing repeating tasks people do in operations domain - things should be automated"

First of all - I really love this energy and always have possessed huge respect for our engineers who has been contributing to this modern world - we need them and their innovation more than ever.

However - at the heart of Engineering domain  specially Software Engineering - there is a belief that - everything in this world can be automated. Engineers give us Engines - Engines replaces humans. But can everything be automated?

One of my earlier assignment was in a Healthcare domain and that time HIPAA regulations were in full enforcement. The IT help-desk was always reminding us NOT to keep any printed reports etc. in Printer tray and advised to collect immediately and either secured under the lock or shred them immediately.

But one user had a problem - "I usually do not have time to immediately collect and sometimes I am always waiting as multiple people send their print to the common printer and I am just waiting.. - is there a setting you can suggest in my PC to send them directly to the shredder if I am late or forget to collect it." IT guys was stunned!  - Yeah!! rethink Automation :-) 

Scope is important to identify - then with the purpose comes the shared sense of destiny and finally a fine balance, defined boundary and enforcement.

Bill Gates says : "The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify the inefficiency." - how true.


As we advance in technology up-gradation or replacement - it reverses every situation and characteristics yet again and sometimes even forces us to comprehend a situation or even adopt a very different approach  to the problem resolution.

Human mindset is also very important -  else you will  end up on untouched and unused tools if automation necessarily is a tool. Vagueness and interpretation of the term itself sometimes tend to raise confusion and can even mislead us in wrong direction.

Just to wrap up - Don’t put up with repetitive, manual tasks - we must strive to automate them - with a vision to pursue continuous improvement to support long term growth and sustained viability. And most importantly - let it help achieve higher degree of centralization BUT not encourage or strengthen monopolistic tendencies.


-DK

Edit file content under compressed archive

When we have a compressed archive ( .tar.gz/ .gz/.zip etc.) and you want edit the content of one of the file inside - it's NOT needed to uncompress that archive really.

Just do a #vim testArchive.tar.gz 
Then point the file you need to edit the content save and come out. That's it!  You will have the modifed archive without that extra step.

Hope it helps!

-DK

Get Your Public External IP From Command Line

Ya this is needed in many such occasion -  like Proxy white-listing / Getting access through 3rd party Firewall / troubleshooting anything on web server specific to your request etc.

On linux Command prompt I would do somethign like this :

[root@DebaTestBox ~]# wget -O - -q icanhazip.com 
14.16.135.X
[root@DebaTestBox ~]# curl ifconfig.me/ip
14.16.135.X
[root@DebaTestBox ~]#





Eventhough there are many such sites(most of them are flooded with ads!!)  - who gives your Outgoing NAT public IP info - I know some lighter once -

http://ipcheck.rehbein.net/
http://checkrealip.com/
http://dynamic.zoneedit.com/checkip.html
http://www.raffar.com/checkip/
http://www.thisip.org/
http://testip.edpsciences.org/
http://mwburden.com/cgi-bin/getipaddr
http://www.tanziars.com/
http://www.naumann-net.org/
http://www.antifart.com/stuff/checkip/
http://checkip.eurodyndns.org/

Woindows users can simply type any of these above URL in the browser -  not sure - if we can use any cmd like you can do in *NIX console.

PS: Please add to the list if you know more secured one's

Thanks/-
D K

Save time - and effort with 'mutt' attachments

Mutt - is a terminal-based e-mail client for unix kind of Operating systems- and has capability to send email attachements as well. However lets remember its a pure MUA and needs a working Mail Transfer Agent (MTA) such as sendmail / postfix etc.

Today I was observing an incident where user was copying a file to /tmp on the file server and  from his windows desktop cmd prompt transferred to his desktop and then finally sent it to another user through his outlook..

Hope you are getting what I am trying to point out here ..

Rather a smart way could have been -

[root@DebaTestBox scripts]# mutt -s "latest User.properties" -a User.properties User@domain.com < bodymessageIfAny.txt

and Done!

-DK

Free Best OCR

I just needed a cool yet Free OCR tool and were trying hands on multiple available. BUT finally found the below 3 to be the best in order of perfection and efficiency -

1. OnlineOCR ( One +plus is that - it gives me a download option with various output format)
   
2. Free-OCR
3. NewOCR

Extract of text from image format is so simplified !!

The Engineering attempts at automated recognition of printed characters started much before World War II. But it was only by early 1950's some commercial attempt was undertaken to have funded R&D on this area.

OCR has taken new feats & heights - I know some of the Engineering efforts from IITG where Handwritten Character Recognition has taken a whole new dimension and heading for interesting feats in this niche area.

Thanks/-

DK

OS Fingerprinting

Yo Dawg! You never told me its a pure Windows box and I wasted my time trying to do SSH rather than a RDP! A common fuming statement by most of the Ops guys !?

OS Fingerprinting is normally used by attackers to probe a wide variety of hosts and add them in their hit-lists for the next application/OS exploit is released. Idea is they should not be trying IIS exploits against Linux hosts.


Well - in either case lets empower ourselves too how this can be done.

Network traffic from a computer system can be captured and analyzed to detect what OS the host is running. This is possible due to differences in how the TCP/IP stack is implemented in various operating systems.

The TCP/IP fields that may vary include the following:

1. Initial packet size (16 bits)
2. Initial TTL (8 bits)
3. Window size (16 bits)
4. Max segment size (16 bits)
5. Window scaling value (8 bits)
6. "don't fragment" flag (1 bit)
7. "sackOK" flag (1 bit)
8. "nop" flag (1 bit)

Some of the most common known TTL and TCP windows set is shown below:

Operating System(OS)	Intial TTL	TCP Windows size
Linux Kernel (2.4 and 2.6)	64	5840
Windows XP	128	65535
Windows 7, Vista and Server 2008	128	8192
Free BSD	64	65535
Cisco Router (IOS 12.4)	255	4128
Solaris	255	8760
WINDOWS 2000	128	16384

The initial TTL value usually is a little tricky job to analyze since the TTL value of a sniffed packet varies depending on where you sniff it from. The sender system will set the TTL value to the Operating Systems default TTL value - but this value will then be decremented by one (-1) for every router the packet passes through on its way to the destination IP address. Hence an IP packet with a TTL value of 55 can therefore be expected to be a packet with an initial TTL of 64 that has done 9 router hops before it was sniffed.

Very common tool that can be used -

Ping:

As I said ICMP ping is always the first thing and arrive at some initial level of idea what OS the host might be running

Nmap:

I would try multiple nmap combinations to come to a conclusion:

nmap -sV -P0 -O debatestBox.com
nmap -O -v debatestBox.com
nmap -sV debatestBox.com
nmap -vv -O -P0 debatestBox.com

XProbe2:
Xprobe2 is a basically remote, active OS fingerprinting tool -

[root@DebaTestBox ~]# xprobe2 crusador.sdtie.com

Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu

[+] Target is crusador.sdtie.com
[+] Loading modules.
[+] Following modules are loaded:
[x] [1] ping:icmp_ping - ICMP echo discovery module
[x] [2] ping:tcp_ping - TCP-based ping discovery module
[+] Primary guess:
[+] Host 10.X.X.X Running OS: "OpenBSD 2.5" (Guess probability: 90%)



To be contd/-


-DK