How to reach web server within a VM? - webserver

I'm using virtualbox to set up two VMs, one debian one fedora.
Both are configured with network acces through bridge, and from each VM I can reach 127.0.0.1 through mozzila.
Here comes the trouble, I can reach the debian one just fine through its IP, which I got from /sbin/ifconfig -> eth0.
I made the same thing with fedora (just the first field):
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.21 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 2a01:cb1c:52e:a000:320c:4fe:d697:6b11 prefixlen 64 scopeid 0x0<global>
inet6 fe80::6594:672d:7f76:4ff7 prefixlen 64 scopeid 0x20<link>
ether 08:00:27:13:19:a2 txqueuelen 1000 (Ethernet)
RX packets 6339 bytes 4615766 (4.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2762 bytes 355751 (347.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Now, I read online enp0s3 is just a new naming norm (https://askubuntu.com/questions/704035/no-eth0-listed-in-ifconfig-a-only-enp0s3-and-lo) and should be just fine.
The trouble is I can't reach 192.168.1.21 through the host system (namely win 10) or least, it doesn't give the the generated html it should.
Both VMs have guest additions installed, and the vbox files are the same (except for mac and ethernet adresses)
pastebins of debian vbox and fedora vbox conf files :
https://pastebin.com/WuyCTwcn deb
https://pastebin.com/jRDQEwJz fedora
(I can't think of better tags now, feel free to change or suggest)

In the end, it was Fedora's firewall doing its job.
To maintain the firewall and still making use of the webserver, I had to run the following command :
# firewall-cmd --add-service=http
and then
# firewall-cmd --add-service=https
just in case I want to use https later.
edit & note : if you want the changes to be permanent, you have to add the --permanent option. To be fair, I must still look at the --zone=public option, in case you use these instruction as reference, look what they do before messing something's up :)

Related

UDP multicast packet caught by tcmp dump but not received by socket

I'm doing research on bigdata. For that, I have developed a network with several nodes exchanging UDP unicast and multicast packets. There are UDP packets with 33792 bytes and Ack packets with 37 bytes. MTU is set to 1500. Everything works fine for a little, lets say 300 to 5000 packets exchanged. Then suddenly some machine receives the packet (I can see it with tcmpdump -i any -vvv -XX -e -s 64 > dump.txt 2>&1). But the application socket doesn't receive it (select doesn't wake up).
I'm using IPv4 sockets with TTL set to 1, i.e. Local network.
After nights trying to solve I end up setting:
sudo sysctl -w net.core.wmem_max=134217728
sudo sysctl -w net.core.rmem_max=134217728
sudo sysctl -w net.ipv4.udp_mem=1638400 1638400 1638400
sudo sysctl -w net.core.somaxconn=4096
sudo sysctl -w net.core.netdev_max_backlog=262144
sudo sysctl -w net.core.optmem_max=134217728
sudo sysctl -w net.ipv4.udp_rmem_min=65535
sudo sysctl -w net.ipv4.udp_wmem_min=65535
The client sockets set SO_SNDBUF to 134217728 (128 M), and server socket sets SO_RCVBUF to same value.
But looks like still haven't solved the problem. Any thoughts??? .... TIA
Actually it seems it solved the problem. Anyone wanting to in details (advantages/disadvantages/tradeoffs) the sysctl values I set is very welcome tough.
You have to join the multicast group to reliably receive multicast packets.
On UN*X this is done with something like
struct ip_mreq mreq;
setsockopt(s, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq));
The pitfall is that if something is not set up correctly (or does not work properly, e.g. a switch) you will be able to receive multicast traffic for some time, and then, out of a sudden, it stops. So when you receive packets you 'cannot' draw the conclusion "everything is ok".
Also: All the potentially transparent infrastructure in your network (e.g. level 2 switches == normal switches) need to support the IGMP version your OS is using.

How do I detect and connect to a hidden SSID on my Raspiberry Pi 3 (Raspbian)?

How do I configure my Raspberry Pi 3 (running Raspbian) to connect to a hidden network? I know it involves editing the /etc/network/interfaces file and the wpa_supplicant.conf file. I've followed a few other guides, but when I make these file changes and reboot, I can't even detect visible networks, as they disappear from my wifi menu. I think I'm just editing these files with incorrect configurations.
I have a Pi 3. Including or excluding country=US had no effect.
editing the wpa_supplicant.conf file to look like this:
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
scan_ssid=1
ssid="NAME"
psk="password"
}
removing key_mgmt=WPA-PSK and rebooting worked for me.
First, enter the following in the terminal:
sudo nano /etc/network/interfaces
Edit the interfaces file to look like so, which shouldn't be too different from the default:
auto lo
iface lo inet loopback
iface eth0 inet dhcp
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp
Next, we will edit the wpa_supplicant.conf file. Enter the following in the terminal:
sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
Edit the settings of this configuration file to be as such:
country=US
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
scan_ssid=1
ssid="Your Hidden SSID"
psk="Your SSID's Password"
key_mgmt=WPA-PSK }
Note: You will need to change the "country" setting based on your location. Also, scan_ssid must be set to 1 to be able to detect a hidden SSID. Input your SSID name and password for your hidden network. Save these changes, reboot your raspberry pi, and then it should be automatically connected to the hidden network upon returning to the desktop.
1. To connect to a hidden network yo need to modify only /etc/wpa_supplicant/wpa_supplicant.conf
network={
ssid="your SSID"
scan_ssid=1
psk=your PSK
}
I create this file and encrypted using wpa_passphrase "your PSK" "your SSID" command
2. /etc/network/interfaces does not need to be modify by you if you need to connect to your hidden network. When you modify wpa_supplicant.conf file in the interfaces file is created a new configuration automatically. In my case it looks like:
# interfaces(5) file used by ifup(8) and ifdown(8)
# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'
# include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
auto lo
iface lo inet loopback
iface eth0 inet manual
allow-hotplug wlan0
iface wlan0 inet manual
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
allow-hotplug wlan1
iface wlan1 inet manual
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
Be sure when you add a new network on wpa_supplicant.conf file does not exist any conflict with the IPs allowed in the /etc/dhcpch.conf file...
For more information you can check: https://www.raspberrypi.org/documentation/configuration/wireless/wireless-cli.md
I have a Raspberry Pi 3 (Model B) running Raspbian 9 (Stretch),
this network interface configuration worked for me to connect to my routers hidden SSID (TP Link Archer 2600, secured with WPA/WPA-2 Personal).
1) /etc/network/interfaces:
# interfaces(5) file used by ifup(8) and ifdown(8)
# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
####################################################
##### custom stuff to find hidden router SSIDs #####
####################################################
auto lo
iface lo inet loopback
allow-hotplug wlan0
iface wlan0 inet manual
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
Note that I only set up loopback and wlan0 (wireless) interfaces, I didn't need the eth0 (wired connection) interface.
2) /etc/wpa_supplicant/wpa_supplicant.conf:
country=SE
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
ap_scan=1
update_config=1
network={
scan_ssid=1
ssid="xxx"
psk="xxx"
}
Make sure to set up your country, ssid and psk appropriately.
ssid is the hidden SSID of your router or access point.
psk is the passphrase to connect and authenticate to the router or access point.
3) /etc/dhcpcd.conf:
I didn't have to change anything in dhcpcd.conf.
Requirement of Raspberry Pi System:
Raspberry Pi 3 B+ ( Raspbian Strecth Operating System )
List the all available hidden wifi.
Steps to Follow
First open the terminal then type:
sudo nano /etc/wpa_supplicant/wpa_supplicant.conf
Add the following:
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=IN
network={
ssid="XXXXXXXX"
priority=1
proto=RSN
key_mgmt=WPA-EAP
pairwise=CCMP
auth_alg=OPEN
eap=PEAP
identity="18XXXXXXXX3"
password=hash:d7XXXXXXXXXXXxXXXxce
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
}
Save the file and exit the wpa_supplicant.conf.
Your need to give your hidden wifi name in place of ssid, user ID in place of identity and Password need to converted into hash code format.
Use this command in terminal to convert your password into hash code format.
echo -n 'YOUR_REAL_PASSWORD' | iconv -t utf16le | openssl md4 > hash.txt
Next Do the following:
sudo nano hash.txt
Insert hash: in place of (stdin)=
Copy the entire text and exit
Next modify the password in wpa_supplicant.conf file and exit
Reboot the system.
Expected Output
It will connect to Hidden ssid
On Raspberry Pi 4, it works right after the initial configuration, but will not work after a reboot. You can fix that by editing /etc/wpa_supplicant/wpa_supplicant.conf to add scan_ssid=1 to the target network configuration. It would end up looking like this:
network={
ssid="your SSID"
psk="your PSK"
...
scan_ssid=1
}
After a reboot, it worked like a charm.
Tried all the previously changes on my Pi4, but I still had no success.
Kept trying to disable/enable the network, and restarting my PI, but still not connecting.
I have eventually found the issue by accident by doing this command:
iwlist wlan0 scan ssid "your ssid"
This have then activated the Pi to search and connect to the hidden network.

Raspberry pi 2 .start wifi on boot

i have just bought a raspberry pi 2 . i manged to set up a headless setup by setting up an ip in the commandline.txt file and then connect to it via putty.
In the /etc/network/interfaces i set up a static ip for the wifi connection along with the connection name and password. and the wifi works fine...
But the problem is the raspberry pi wont connect to wifi unless i connect the ethernet cable and make one ssh connection using putty..
If i boot using wifi only the green light will not turn up and i am not sure if the raspberry is booting or no...but when the ethernet is connected the gren light starts blinking and i can make an ssh connection.
can anyone help me with this.
I've dealt with a lot of pi wifi issues.
Adding "auto wlan0" to /etc/network/interfaces helped, but there were still instances where it didn't start up. I have the edimax ew-7811un usb wifi adapter. Can't remember where I took this script from to give credit.
I have cron running this script (wifi_check.sh) every five minutes:
keepalive_host='ip to ping here'
ping -q -c1 $keepalive_host >> /dev/null
if [ "$?" -ne "0" ]; then
ifdown wlan0
rmmod 8192cu
modprobe 8192cu
ifup wlan0
fi
You could repurpose the script and have something like this in crontab
#reboot /bin/sleep 30 ; /path/to/wifi_check.sh
Which should wait 30 seconds after boot, try to ping the server you specify, if it can: do nothing, if it can't: bring the wifi connection down and then try to bring it back up. I don't think the lines with 8192cu in them are necessary for your purposes unless that driver is also used by your wifi adapter.

Raspberry PI IP address

I have a Raspberry PI and a Wi-Pi wireless dongle.
I want to connect the PI to the computer using Remote Desktop Connection via wireless.
But I'm not sure how to get the IP of the Raspberry (without having access to the router), that I need to connect to it.
Now I get into router's page and see what IP it assigned to the pi, and use it to connect
But my goal is to be able to use it on the "field", using the phone's "internet sharing" option, to connect the PI and laptop to it, and then connect to pi from the laptop.
How can I get the IP address that the phone gave to the PI?
You could make your Raspberry Pi speak its IP-address, like described here.
First, install the espeak package:
$ sudo apt-get install espeak
Then, create a init script:
$ sudo vi /etc/init.d/sayIPbs
Paste the following content into it:
#! /bin/sh
# /etc/init.d/sayIPbs
## Some things that run always
# Carry out specific functions when asked to by the system
case "$1" in start)
echo "Starting script sayIPbs "
sleep 5
public=`curl ifconfig.me`
private=`hostname -I`
string="public address is $public and private address is $private"
echo $string | espeak -s 120 -v en-uk
sleep 2
echo $string | espeak -s 120 -v en-uk
;; stop)
echo "Stopping script sayIPbs"
;; *)
echo "Usage: /etc/init.d/sayIPbs {start|stop}"
exit 1
;;esac
exit 0
Finally, issue these commands:
$ cd /etc/init.d
$ sudo chmod a+x sayIPbs
$ sudo update-rc.d -f sayIPbs defaults
$ sudo reboot
Plug in some headphones and listen to the ip address which will be read out at the end of the boot process.
You should configure your raspy to have always the same ip address. Try to edit your interfaces.man file with nano or cat command with your own parameters as shown below. Remember to reboot after editing:
pi#raspberrypi ~ $ cat /etc/network/interfaces.man
auto lo
iface lo inet loopback
iface eth0 inet static
address 192.168.1.69
netmask 255.255.255.0
gateway 192.168.1.1
auto wlan0
allow-hotplug wlan0
iface wlan0 inet static
address 192.168.1.67
netmask 255.255.255.0
gateway 192.168.1.1
wpa-passphrase password
wpa-ssid myssid
I found that I can use nmap to "scan" the network for connected devices, and it will give me a list of devices and their assigned IP.
And since there's max 3 devices connected, the list is short and easy to read.
nmap -sP 192.168.1.1/24
Using just a button and an LED, I have written a script that gets the IP address of the Raspberry pi, and then blinks the LED repeatedly to show the IP address of the Raspberry Pi. I just count the blinks, note them down on paper, and then I have the IP address. It seems silly, but works with Just 2 I/O pins.
Use static IP on you pi by editing on /etc/network/interfaces. but, on the other way, you can also install network scanner on your phone.
Bit late answer, but I had similar issue intitially. Solved my problem in the following way:
Use the Unix terminal commands to identify the IP and the MAC address of wi-fi or ethernet port (ifconfig)
set up your router to always allocate a address to these respective network connections. use range outside what would be automatically generated with DHCP
Whenever you connect that raspberry Pi to your network it will automatically be allocated that address. I also put sticker on the pi with the mac and IP address. Especially useful if you are running it without screen and keyboard.

is it possible to get the MAC address for machine using nmap

I have a list of remote machines in a text files. Can I know their MAC addresses using nmap ?
If you're using nmap, MAC addresses are only available if you're on the same network segment as the target. Newer versions of nmap will only show the MAC address to you if you're running as root.
i.e.:
sudo nmap -sP -n 192.168.0.0/24
Use snmp-interfaces.nse nmap script (written in lua) to get the MAC address of remote machine like this:
nmap -sU -p 161 -T4 -d -v -n -Pn --script snmp-interfaces 80.234.33.182
Completed NSE at 13:25, 2.69s elapsed
Nmap scan report for 80.234.33.182
Host is up, received user-set (0.078s latency).
Scanned at 2014-08-22 13:25:29 Арабское время (зима) for 3s
PORT STATE SERVICE REASON
161/udp open snmp udp-response
| snmp-interfaces:
| eth
| MAC address: 00:50:60:03:81:c9 (Tandberg Telecom AS)
| Type: ethernetCsmacd Speed: 10 Mbps
| Status: up
| Traffic stats: 1.27 Gb sent, 53.91 Mb received
| lo
| Type: softwareLoopback Speed: 0 Kbps
| Status: up
|_ Traffic stats: 4.10 Kb sent, 4.10 Kb received
In current releases of nmap you can use:
sudo nmap -sn 192.168.0.*
This will print the MAC addresses of all available hosts. Of course provide your own network, subnet and host id's.
Further explanation can be found here.
Some scripts give you what you're looking for. If the nodes are running Samba or Windows, nbstat.nse will show you the MAC address and vendor.
sudo nmap -sU -script=nbstat.nse -p137 --open 172.192.10.0/23 -oX 172.192.10.0.xml | grep MAC * | awk -F";" {'print $4'}
if $ ping -c 1 192.168.x.x
returns
1 packets transmitted, 1 received, 0% packet loss, time ###ms
then you could possibly return the MAC address with arping, but ARP only works on your local network, not across the internet.
$ arping -c 1 192.168.x.x
ARPING 192.168.x.x from 192.168.x.x wlan0
Unicast reply from 192.168.x.x [AA:BB:CC:##:##:##] 192.772ms
Sent 1 probes (1 broadcast(s))
Received 1 response(s)
finally you could use the AA:BB:CC with the colons removed to identify a device from its vendor ID, for example.
$ grep -i '709E29' /usr/local/share/nmap/nmap-mac-prefixes
709E29 Sony Interactive Entertainment
nmap can discover the MAC address of a remote target only if
the target is on the same link as the machine nmap runs on, or
the target leaks this information through SNMP, NetBIOS etc.
Another possibility comes with IPv6 if the target uses EUI-64 identifiers, then the MAC address can be deduced from the IP address.
Apart from the above possibilities, there is no reliable way to obtain the MAC address of a remote target with network scanning techniques.
Yes, remember using root account.
=======================================
qq#peliosis:~$ sudo nmap -sP -n xxx.xxx.xxx
Starting Nmap 6.00 ( http://nmap.org ) at 2016-06-24 16:45 CST
Nmap scan report for xxx.xxx.xxx
Host is up (0.0014s latency).
MAC Address: 00:13:D4:0F:F0:C1 (Asustek Computer)
Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds
I'm not cool enough to be able to comment on a post.
so I guess I need to make a new post.
However the above recommendation of
"sudo nmap -sn 192.168.0.0/24"
is the best quickest method to get the all the MACs for the IPs on your
local network/vlan/subnet
What the OP doesnt mention, is the only way to get the MAC address
this way, you MUST use sudo(or other super user privs i.e. windows admin)
the command
nmap -sn 192.168.0.0/24 will discover hosts on your network, however will not return the MACs as you are not in SU mode of operation.
Just the standard scan will return the MAC.
nmap -sS target
With the recent version of nmap 6.40, it will automatically show you the MAC address. example:
nmap 192.168.0.1-255
this command will scan your network from 192.168.0.1 to 255 and will display the hosts with their MAC address on your network.
in case you want to display the mac address for a single client, use this command make sure you are on root or use "sudo"
sudo nmap -Pn 192.168.0.1
this command will display the host MAC address and the open ports.
hope that is helpful.
Not using nmap... but this is an alternative...
arp -n|grep -i B0:D3:93|awk '{print $1}'