Sunday, December 20, 2020

IP Scanners for Linux

 IP scanners simply try to find hosts that are alive on a network. If you are searching for IP scanners for Windows, you will surely find an abundant supply of them. In Linux, however, you may be searching a little harder to find a quality, easy to use IP scanner. Here is a list of the 3 best IP scanners for Linux, rated on speed and usability.

1. arp-scan - Arp-scan is an easy-to-use tool that can find alive hosts on a network. It sends ARP packets to specified hosts and displays any responses. I rated arp-scan #1 because of its simplicity and speed. By simply adding the -l switch to arp-scan, it will automatically determine the network settings and scan the network of the first adapter. It also scanned the network the fastest. To install arp-scan:

Ubuntu: sudo apt-get install arp-scan

OpenSuse (12.1): wget http://download.opensuse.org/repositories/security/openSUSE_12.1/i586/arp-scan-1.8-1.1.i586.rpm

sudo rmp -i arp-scan-1.8-1.1.i586.rpm

The easiest way to scan the network you are in is to run any of the following commands (they all do the same thing):

sudo arp-scan -l    #Scans the local network

sudo arp-scan 192.168.1.0/24     #Scans 192.168.1.0 255.255.255.0

sudo arp-scan 192.168.1.1-192.168.1.254     #Scans the obvious range

You will see results like this:

192.168.1.10 00:0c:29:a4:16:48 VMware, Inc.

192.168.1.11 00:0e:2e:3a:c1:2d Edimax Technology Co., Ltd.

192.168.1.20 00:e0:81:31:97:47 TYAN COMPUTER CORP.

Total Time: 1.381 seconds

 

2. nmap – Nmap, better known for its port scanning abilities, is also quite suitable as an IP scanner. I rated nmap #2 because it returned the results slighty slower than arp-scan, and there is no -l switch to automatically determine the network settings, as with arp-scan. To install:

Ubuntu: sudo apt-get install nmap

OpenSuse: sudo zypper install nmap

To scan for alive hosts on a network, run any of the following commands (they all do the same thing):

sudo nmap -sP 192.168.1.0/24     #Scans 192.168.1.0 255.255.255.0

sudo nmap -sP 192.168.1.1-254     #Scans the obvious range

You will see results like this:

Host 192.168.1.11 is up (0.0089s latency).

MAC Address: 00:0E:2E:3A:C1:2D (Edimax Technology Co.)

Host 192.168.1.20 is up (0.00063s latency).

MAC Address: 00:E0:81:31:97:47 (Tyan Computer)

Host 192.168.1.21 is up (0.00099s latency).

MAC Address: 00:E0:81:31:45:26 (Tyan Computer)

Total Time: 1.82 seconds

 

3. Angry IP Scanner – This tool, perhaps better know to Windows users, is also available on Linux, as a Java application. I rated Angry IP Scanner #3 because it is significantly slower than arp-scan and nmap, however, it has a nice and simple GUI that many people find intuitive. To check if you have Java installed, run this command:

java -version

To install Java, run this command:

Ubuntu : sudo apt-get install openjdk-6-jre


Download and install the “.rpm” file using the rpm command for RPM-based systems such as Red Hat (RHEL), CentOS, Oracle Linux, Fedora and openSUSE.

$ sudo rpm -ivh https://github.com/angryip/ipscan/releases/download/3.6.2/ipscan-3.6.2-1.x86_64.rpm

Alternatively, you can install the rpm package directly using the yum command.

$ sudo yum localinstall https://github.com/angryip/ipscan/releases/download/3.6.2/ipscan-3.6.2-1.x86_64.rpm

Download and install the “.dep” file using the dpkg command for Deb-based systems such as Ubuntu, Debian and Linux Mint.

$ sudo wget https://github.com/angryip/ipscan/releases/download/3.6.2/ipscan_3.6.2_amd64.deb
$ sudo dpkg -i ipscan_3.6.2_amd64.deb


I like to do most of the work from the terminal. If you’re on the same pinch, here you go.

Use the following command to scan a given IP address range. You can enter your IP range instead of ours.

$ ipscan -f:range 192.168.1.0 192.168.1.255 -s &

Use the following command to scan the given IP address range, export the output and then exit the application. I exported the output with the “.txt” format, which supports other formats such as “.csv”, “.xml” and “.lst”. You can use the one you like instead.

$ ipscan -f:range 192.168.1.0 192.168.1.255 -s -o ipscan.txt -q &

You will be getting an output similar to the one below.

$ cat ipscan.txt | head -20
Generated by Angry IP Scanner 3.6.1
https://angryip.org

Scanned 192.168.1.0 - 192.168.1.255
3 Dec, 2019 1:11:05 PM

IP              Ping            Hostname                Ports           
192.168.1.1     1 ms            www.routerlogin.com     [n/s]           
192.168.1.2     71 ms           [n/a]                   [n/s]           
192.168.1.3     [n/a]           [n/s]                   [n/s]           
192.168.1.4     [n/a]           [n/s]                   [n/s]           
192.168.1.5     [n/a]           [n/s]                   [n/s]           
192.168.1.6     [n/a]           [n/s]                   [n/s]           
192.168.1.7     0 ms            daygeek-Y700            [n/s]           
192.168.1.8     [n/a]           [n/s]                   [n/s]           
192.168.1.9     [n/a]           [n/s]                   [n/s]           
192.168.1.10    [n/a]           [n/s]                   [n/s]           
192.168.1.11    [n/a]           [n/s]                   [n/s]           
192.168.1.12    [n/a]           [n/s]                   [n/s]           
192.168.1.13    [n/a]           [n/s]                   [n/s]           

Hope this was helpful to you !!


Tuesday, December 8, 2020

pwconv, pwunconv, grpconv, grpunconv - Unix, Linux Command

 NAME

pwconv, pwunconv, grpconv, grpunconv - convert to and from shadow passwords and groups

SYNOPSIS

TagDescription
pwconv
pwunconv
grpconv
grpunconv

DESCRIPTION

pwconv creates shadow from passwd and an optionally existing shadow.

pwunconv creates passwd from passwd and shadow and then removes shadow.

grpconv creates gshadow from group and an optionally existing gshadow.

grpunconv creates group from group and gshadow and then removes gshadow.

These four programs all operate on the normal and shadow password and group files: /etc/passwd/etc/group/etc/shadow, and /etc/gshadow.

Each program acquires the necessary locks before conversion. pwconv and grpconv are similar. First, entries in the shadowed file which don’t exist in the main file are removed. Then, shadowed entries which don’t have ‘x’ as the password in the main file are updated. Any missing shadowed entries are added. Finally, passwords in the main file are replaced with ‘x’. These programs can be used for initial conversion as well to update the shadowed file if the main file is edited by hand.

pwconv will use the values of PASS_MIN_DAYSPASS_MAX_DAYS, and PASS_WARN_AGE from /etc/login.defs when adding new entries to /etc/shadow.

Likewise pwunconv and grpunconv are similar. Passwords in the main file are updated from the shadowed file. Entries which exist in the main file but not in the shadowed file are left alone. Finally, the shadowed file is removed. Some password aging information is lost by pwunconv. It will convert what it can.

BUGS

Errors in the password or group files (such as invalid or duplicate entries) may cause these programs to loop forever or fail in other strange ways. Please run pwck and grpck to correct any such errors before converting to or from shadow passwords or groups.

FILES

TagDescription
/etc/login.defs
 Shadow password suite configuration.