Friday, 26 March 2010

I have bought 160GB USB Drive, but why I only get a disk size of 149 GB, where is the remaining 11 GB gone ?

Well, the answer lies in how the bytes are interpreted. Disk Manufacturers use "Decimal" as a base for calculation (i.e Base 10).


10^3 = 1000 bytes = 1 KiloByte , 10^6 = 1000 KB = 1 MegaByte , 10^9 = 1000 MB = 1 GigaByte

Whereas, the actual utilization is calculated using "Binary" as a base for calculation (i.e Base 2).

2^10 = 1024 bytes = 1 KiloByte , 2^20 = 1024 KB = 1 MegaByte, 2^30 = 1024 MB = 1 GigaByte

Note: Hard Disk Manufacturers will use 1000, not 1024 as base.


In this case, my USB drive has total bytes equal to = 160,039,239,690 Bytes. And we know 1 KB = 1024 Bytes, 1MB = 1024 Kilobytes, 1GB = 1024 Megabytes.

Hence, the total actual capacity comes to = 160,039,239,690 / 1024 x 1024 x 1024 = 149 GB.

In general, the capacity of a hard disk can be calculated using this formula:

Total Size of the Disk (Bytes) = (Cylinders) X (Heads) X (Sectors) X (Bytes per Sector)

Tuesday, 9 March 2010

Virtual Floppy in a Virtual World!!

Until a few years back (probably a decade), as far as I remember there were not many known options but to test on the bare metal physical box and re-image every-time its screwed due to some stupid work of experimentation. With the advancement of virtualization everything seems possible now, I am glad that i got exposed to 'VMware' few years back, i am really impressed with their long range of vmware products, i think what they have provisioned is truly revolutionary.

Today one can play, emulate , crash , rebuild and learn as and when you want it without actually entering the IT hardware labs or a desktop machine at your home. One can install vmware products on the laptop (of course you need to ensure the minumum system requirements that each vmware products demands) and turn your laptop into a mobile testing lab.

There are no worries about re-imaging in case something going wrong and your system comes down crashing . In other words, without changing the physical state of your box (PC) you can now setup your own test environments. There is loads of information on the net about virtualization, you may also visit the vmware website to obtain more information about virtualization and vmware products. I chose 'vmware workstaion' product for my testing environment, and have been using it for past 2 years and i am really happy with its usage.



However, my objective here is to show one of the useful feature in vmware called "virtual floppy" drive. If you are thinking that floppy disks are "dead", right ? Well, you are absolutely correct that the physical floppy 3.5" disks (or physical floppy disks of any size) are not used anymore. In fact none of the PC vendors are providing this provision anymore but they are replaced with what is called "virtual floppy drives".

They provide many advantages over traditional floppy drives. Some of the advantages of using virtual floppies are:
  • Ability to boot OS and applications.
  • Ability to transfer files between systems .
  • Does not get damaged, as there is no physical state.
  • Can even be sent as attachment over the internet.

In this article, i will show you how to use virtual floppy drives with VMware Workstation product.


Whether you are a system admin, student, or from Quality Assurance department , you would be presented with scenarios wherein you will be required to test certain application, applicaiton feature(s) or at the least you want to try out few experimental stuff for learning purpose. One of the most important learning steps in System Admin's life is to learn to recover system from crash. More often than not, floppies comes handy in such rescue operations, especially if the system's MBR is currupted and you are unable to boot the system.


You must be wondering even if i have a virtucal floppy drive on my vmware workstation, how do i actually get the virtual floppies to work with. To do this , all you need is a vmware workstaiton runing any flavour of Unix or Windows OS as a gues operating system and a 'notepad' in the as we know in Windows.

Steps to create and mount 'virtual floppy' on your vmware workstaion:


1. Right click on the desktop and create a 'notepad'
2. Rename the "notepad" to any name, in this example i have named it "virtual-floppy", and ofcourse we need to change the extension of the notepad to "*.flp", this is the standard image format that vmware understands.
3. Go to your vmware workstaion, click on edit settings, click on the floppy drive, if it's not there then add it using "add" option under Hardware. Click 'browse to select the image we just created, in this case "virtual-floppy.flp".
4. Start the vmware workstaion, and wait untl it boots up to desktop screen (FYI: I am running Redhat linux as gues OS on vmware workstaion 5).
5. Now, we need to format the floppy with a filesystem and mount it.

The most commonly used tool is : mkfs
mkfs ("make a filesystem") is the standard Unix command for formatting a disk partition with a specific filesystem.

The basic syntax is:
mkfs -t type device , where type is the type of the filesystem and device is the device the filesystem will reside on.
The most commonly used option is -t, which is followed by the type of filesystem to be created. If this option is not used, the default is ext2 (second extended filesystem). Among the other types of filesystems that can be created are ext3, minix, msdos, vfat and xfs.


As an example, the following would create an ext2 filesystem on a formatted floppy disk that has been inserted into the first floppy drive:
mkfs /dev/fd0

The following would be used to create a vfat (i.e., Microsoft Windows-compatible) filesystem on the floppy disk.

mkfs -t vfat /dev/fd0
We will go for the "-vfat" option as this is both Unix and Windows compatible.

Now that our floppy is formatted and ready, we can copy files to it as if, it is physical floppy drive. The most importnat need of of floppy that i can think of is during emergency or when your system is crahsed and you need to get it back somehow. The fastest way to get your system back is to have a 'bootable floppy' handy with you.


When it comes to bootable floppy, there are lot of boot loaders, but GRUB stands out, perhaps the best bootloader among all. Let's install the GRUB on the floppy that we formatted in the last steps. For that, we need to mount the floppy, create a folder by name 'boot' and 'grub' and then copy grub files (stage 1 & 2) from the local disk to floppy disk grub folder.

mkdir -p /floppy/boot/grub
cp /usr/local/share/grub/i386-pc/stage* /floppy/boot/grub
Or
cp /boot/grub/stage* /floppy/boot/grub

Note: Always ensure the correct path to the grub folder, it may be differnt on your system.

Finally, we need to install the grub on the Floppy disk.
Start the executable at the Linux command prompt by typing :
grubenter the following series of commands at the grub prompt:
grub> root (fd0)
grub> setup (fd0)
grub> quit
We are done, we have now created a bootable virtual-floppy to work with virtual machines on the vmware application.

Wednesday, 10 February 2010

What is ports ? Ports are ports whether it is windows or Unix.

Let's start with the basics. In the TCP/IP protocol stack, messages associated with the common application protocols that most of us are familiar with — such as HTTP for the Web; SMTP, POP, and IMAP for e-mail; Telnet and SSH for remote logon; and FTP for file transfers — operate over the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP); TCP and UDP messages, in turn, are carried inside Internet Protocol (IP) packets. The primary difference between TCP and UDP is that TCP is connection-oriented and UDP is connectionless. When using TCP, then, two hosts must first establish a logical connection before they can exchange data (analogous to establishing a telephone connection) while hosts using UDP do not require a logical connection before the exchange of information (analogous to sending a letter through the postal service).


Both TCP and UDP employ port numbers to identify the higher layer applications at the hosts that are communicating with each other. End-to-end data communications on the Internet, in fact, are uniquely identified by the source and destination host IP addresses and the source and destination TCP/UDP port numbers.


TCP/IP applications generally employ a client/server model, exemplified by the relationship between your Web client software (i.e., the browser) and a Web server; the user "points" their browser at the Web server which is usually listening on port 80. Port numbers can take on a value between 1 and 65535, with server applications generally being assigned a value below 1024.

There are a large number of so-called well-known ports, including:
TCP 20 and 21 (File Transfer Protocol, FTP)
TCP 22 (Secure Shell, SSH)
TCP 23 (Telnet)
TCP 25 (Simple Mail Transfer Protocol, SMTP)
TCP and UDP 53 (Domain Name System, DNS)
UDP 69 (Trivial File Transfer Protocol, tftp)
TCP 79 (finger)
TCP 80 (Hypertext Transfer Protocol, HTTP)
TCP 110 (Post Office Protocol v3, POP3)
TCP 119 (Network News Protocol, NNTP)
UDP 161 and 162 (Simple Network Management Protocol, SNMP)
UDP 443 (Secure Sockets Layer over HTTP, https)
A complete list of port numbers can be found at the Internet Assigned Numbers Authority (IANA) list of port numbers at http://www.iana.org/assignments/port-numbers.

Next quetion arises, how do you find out which port is being used , or if that port is listening or free.

For Windows - most handy command is - netstat -a (This works for UNIX as well)
For Linux - Apart from netstat -a , there are more.
1. netstat -an grep 'portnumber' (There is a pipe between grep and portnumber)
2. netstat -a grep 'portnumber' (There is a pipe between grep and portnumber)
3. lsof -i: 'portnumber'

A port scanner, most simply, probes a computer system running TCP/IP to determine which TCP and UDP ports are open and listening, which indicates all of the services that this system is offering to other TCP/IP hosts. As an example, you would expect an e-mail server to be listening on the SMTP and POP3 ports, and a Web server to be listening on the HTTP, and perhaps the SSL/HTTPS, ports. For good or for bad, however, most systems have many more open ports than intended. You can use the netstat -a command to find out which ports are open on a local Linux/Unix or Windows system but netstat can't be used remotely across a network.

Port scanners can also be used to examine hosts for known Trojan horses, distributed denial-of-service (DDoS) tools, or other malicious services running on a host.
A short list of some of the default "bad" ports are:
1243/tcp: SubSeven server (default for V1.0-2.0)
6346/tcp: Gnutella
6667/tcp: Trinity intruder-to-master and master-to-daemon
6667/tcp: SubSeven server (default for V2.1 Icqfix and beyond)
12345/tcp: NetBus 1.x
12346/tcp: NetBus 1.x
16660/tcp: Stacheldraht intruder-to-master
18753/udp: Shaft master-to-daemon
20034/tcp: NetBus Pro
20432/tcp: Shaft intruder-to-master
20433/udp: Shaft daemon-to-master
27374/tcp: SubSeven server (default for V2.1-Defcon)
27444/udp: Trinoo master-to-daemon
27665/tcp: Trinoo intruder-to-master
31335/udp: Trinoo daemon-to-master
31337/tcp: Back Orifice
33270/tcp: Trinity master-to-daemon
33567/tcp: Backdoor rootshell via inetd (from Lion worm)
33568/tcp: Trojaned version of SSH (from Lion worm)
40421/tcp: Masters Paradise Trojan horse
60008/tcp: Backdoor rootshell via inetd (from Lion worm)
65000/tcp: Stacheldraht master-to-daemon
http://www.garykessler.net/library/bad_ports.html
Courtesy : http://www.garykessler.net/