I don't dislike Suzuki, but I'm not really into anything they make... then I saw this custom job outside my office. Man, this thing looks clean, sleek, and futuristic.. it also had custom ostrich leather seats. It looks to be a Boulevard M109R, and I dig it.
The whois protocol was created so that you can lookup contact information for people that own ip addresses. It's common practice is the security industry to perform whois lookups on ip addresses to get abuse contact information for the owner of that ip or netblock. Recently it seems that some of those "big" sites like google, yahoo, paypal use whois information for geo-location.
So say you have a company that has offices in Japan, America, and Germany and the whois information from the ISP that serves these offices contains your headquarters address in America. If a website uses whois information to send the right locale or flavored webpage to the client, a user in Germany might get the American version of the site and not the German one.
It's hard for me to say that xyz.com uses whois information for geo-location. But if whois records are the only thing that have changed in your enviornment and all of a sudden users in New York are being re-directed to the french version of paypal or yahoo mail.. they more than likely are relying on those records. Well, that sucks and since you don't own the IP address space what do you do? You can have your ISP change the whois street-address, country-code etc... But some aren't willing to do that and may offer to put a "Referral" entry in their records to point to your own managed rwhois server.
Download the server daemon & Compile
cd /tmp wget http://projects.arin.net/rwhois/ftp/rwhoisd-1.5.9.5.tar.gz tar xvf rwhoisd-1.5.9.5.tar.gz cd rwhoisd-1.5.9.5
I was getting errors when trying to run the rwhois_indexer because I was using a newer version of linux which has different "sort" than what this code requires. The error was " sort: open failed: +4: No such file or directory." To fix this I had to edit rwhoisd-1.5.9.5/mkdb/index.c:
INSERT #define NEW_STYLE_BIN_SORT right before #define SORT_COMMAND "sort -o %s -k 5,5 -k 4,4n -t : %s" so it looks like: #define NEW_STYLE_BIN_SORT #ifdef NEW_STYLE_BIN_SORT #define SORT_COMMAND "sort -o %s -k 5,5 -k 4,4n -t : %s" #else #define SORT_COMMAND "sort -o %s +4 +3 -t : %s " #endif ./configure make make install
Create a rwhoisd user
sudo /usr/sbin/useradd -c "RWhois Service Daemon" -s /sbin/nologin -r rwhoisd
/usr/local/rwhoisd/rwhoisd.conf
root-dir: /usr/local/rwhoisd bin-path: bin auth-area-file: etc/rwhoisd.auth_area directive-file: etc/rwhoisd.dir x-directive-file: etc/rwhoisd.x.dir max-hits-ceiling: 60 punt-file: etc/rwhoisd.root local-host: rwhois1.myserver.com local-port: 4321 security-allow: etc/rwhoisd.allow security-deny: etc/rwhoisd.deny userid: rwhoisd server-contact: hostmaster@yourdomain.com use-syslog: NO
Move sample files to /usr/local/rwhoisd/etc
cp -R /usr/local/rwhoisd/etc/rwhoisd/samples/* /usr/local/rwhoisd/etc/.
Edit /usr/local/rwhoisd/etc/rwhoisd.dir to have the following:
# rwhois directives # # directive enabled class: yes display: yes directive: yes forward: yes holdconnect: yes limit: yes notify: yes quit: yes register: no schema: yes security: yes soa: yes status: yes xfer: yes
Comment out all the lines in /usr/local/rwhoisd/etc/rwhoisd.root
# # RWhois Punt (or Root) Referral File # # note that currently rwhoisd doesn't do any interpretation of this. # It just prints the value out after a %referral token. # this is the new style -- note the ':4321' is optional #rwhois://root.rwhois.net:4321/auth-area=.
Create a new directory were your schemas will be held
mkdir /usr/local/rwhoisd/etc/global_defs
Here is the schema I went with based on results of rwhois requests that I performed on major carriers
/usr/local/rwhoisd/etc/global_defs/standard-schema.tmpl:
attribute: Network-Name attribute-alias: NN description: Network name is-primary-key: FALSE is-required: TRUE is-repeatable: FALSE is-multi-line: FALSE is-hierarchical: FALSE index: EXACT type: TEXT --- attribute: IP-Network attribute-alias: IPN description: IP network in prefix/prefix length notation is-primary-key: TRUE is-required: TRUE is-repeatable: TRUE is-multi-line: FALSE is-hierarchical: TRUE index: CIDR type: TEXT --- attribute: Country-Code attribute-alias: Country description: Country of Operation is-primary-key: FALSE is-required: TRUE is-repeatable: FALSE is-multi-line: FALSE is-hierarchical: FALSE index: NONE type: TEXT --- attribute: State attribute-alias: State description: State of Operation is-primary-key: FALSE is-required: FALSE is-repeatable: FALSE is-multi-line: FALSE is-hierarchical: FALSE index: NONE type: TEXT --- attribute: City attribute-alias: City description: City of Operation is-primary-key: FALSE is-required: TRUE is-repeatable: FALSE is-multi-line: FALSE is-hierarchical: FALSE index: NONE type: TEXT --- attribute: Street-Address attribute-alias: Street-Address description: Address of location is-primary-key: FALSE is-required: FALSE is-repeatable: FALSE is-multi-line: FALSE is-hierarchical: FALSE index: NONE type: TEXT --- attribute: Org-Name attribute-alias: OrgName description: Name of Organization is-primary-key: FALSE is-required: TRUE is-repeatable: FALSE is-multi-line: FALSE is-hierarchical: FALSE index: NONE type: TEXT --- attribute: Tech-Contact attribute-alias: TechContact description: Techinical contact email is-primary-key: FALSE is-required: TRUE is-repeatable: FALSE is-multi-line: FALSE is-hierarchical: FALSE index: NONE type: TEXT --- attribute: Created attribute-alias: CR description: Create date is-primary-key: FALSE is-required: FALSE is-repeatable: FALSE is-multi-line: FALSE is-hierarchical: FALSE index: NONE type: TEXT --- attribute: Updated-By attribute-alias: UB description: Updated by is-primary-key: FALSE is-required: FALSE is-repeatable: FALSE is-multi-line: FALSE is-hierarchical: FALSE index: NONE
The following is an example configuration for the ip allocation of 11.11.11.0/24 Edit /usr/local/rwhoisd/etc/rwhoisd.auth_area
type:master name:11.11.11.0/24 data-dir: etc/net-11.11.11.0-24/data schema-file: etc/net-11.11.11.0-24/schema soa-file: etc/net-11.11.11.0-24/soa
Make the directories you just specified
cd /usr/local/rwhoisd/etc mkdir net-11.11.11.0-24 mkdir net-11.11.11.0-24/data
Define schema to be used /usr/local/rwhoisd/etc/net-11.11.11.0-24/schema
# RWhois Main Schema Config File # name:network attributedef:etc/global_defs/standard-schema.tmpl dbdir:etc/net-11.11.11.0-24/data/network
Create network directory and create /usr/local/rwhoisd/etc/net-11.11.11.0-24/data/network/network.txt
cd /usr/local/rwhoisd/etc/net-11.11.11.0-24/data mkdir network vi network/network.txt ID: net-11.11.11.0/24 Network-Name: net-11.11.11.0-24 IP-Network: 11.11.11.0/24 Country: US City: Chicago street-address: 123 Happy St Org-Name: Copy And Waste Tech-Contact: akonkol@copyandwaste.com updated: 20120420 updated-by: Andrew Konkol
Index the record
/usr/local/rwhoisd/bin/rwhois_indexer -c /usr/local/rwhoisd/rwhoisd.conf -i -v -s .txt
Create SOA record
Serial-Number:20120420000000000 Refresh-Interval:3600 Increment-Interval:1800 Retry-Interval:60 Time-To-Live:86400 Primary-Server:rwhois1.yourdomain.com:4321 Hostmaster:hostmaster@yourdomain.com
Change the ownership of all rwhoisd files to the rwhoisd user
cd /usr/local/ chown -R rwhoisd rwhoisd
/usr/local/rwhoisd/sbin/rwhoisd -c /usr/local/rwhiosd/rwhoisd.conf
The rwhois is protocol is very simple and easy to test
akonkol@echo:/$ telnet localhost 4321 Trying ::1... Connected to localhost. Escape character is '^]'. %rwhois V-1.5:003eff:00 rwhois1.myserver.com (by Network Solutions, Inc. V-1.5.9.5) 11.11.11.0 network:Auth-Area:11.11.11.0/24 network:Class-Name:network network:ID:net-11.11.11.0/24 network:Network-Name:net-11.11.11.0-24 network:IP-Network:11.11.11.0/24 network:Country-Code:US network:City:Chicago network:Street-Address:123 Happy St network:Org-Name:Copy And Waste network:Tech-Contact:akonkol@copyandwaste.com network:Updated:20120420 network:Updated-By:Andrew Konkol
Helpful sites:
Two years ago I wrote a script that you could use to send commands to telnet/ssh enabled devices called tratto. Since then I have changed jobs and with new jobs comes new enviornments. I can no longer send commands like "show run" without sending the enable command (enable is like the 'su' of unix). I re-visited my code... which is always an entertaining. Anyway, I added an "escalateprivileges" command and added a string to the Systems object so you can store what the escalation command is for different operating systems.
You can download it here or via github
Connectivity.py
def escalateprivileges(self, escalated_password=None):
escalated_password = escalated_password
if self.connected:
self.connection.sendline(self.operatingsystem.ESCALATE_COMMAND)
i = self.connection.expect(r"(?i)password[\s:]+")
if i==0:
self.connection.sendline(escalated_password)
i = self.connection.expect(self.operatingsystem.PROMPTLINE)
if i==0:
if("denied" in self.connection.before):
print "***Escalation FAILED***"
print self.connection.before
else:
print "***Escalation Successful***"
else:
raise SessionError("***Not Connected***")
Systems.py
class OperatingSystem(object):
ESCALATE_COMMAND=''
PAGINATES =False
VERSION =''
PROMPTLINE =''
..
class CiscoIOS(OperatingSystem):
'''cisco ios'''
PROMPTLINE = r'[-\w]+[>#]'
GET_CONFIG ='show running-config'
PAGINATES =True
VERSION ='show version'
DISABLE_PAGINATION = 'terminal length 0'
ESCALATE_COMMAND='enable'
...
Example usage:
#!/usr/bin/env python
import Connectivity
import Systems
#telnet to a cisco switch
m = Systems.OperatingSystems['IOS']
s = Connectivity.Session("10.10.1.1",23,"telnet",m)
s.login("akonkol", "mypassword")
s.escalateprivileges('myenablepassword')
#s.sendcommand("show ver")
s.sendcommand("show clock")
s.sendcommand("show run")
s.sendcommand("show start")
s.logout()
Last night I went to my buddy's house to brew some beer and saw this truck near his house. A beautiful paint job with no rust whatsoever. It's these kind of well kept machines that make me forget all about gas saving eco-friendly rides.
I went to buy motor oil for my motorcycle the other day at an auto parts store. As I pulled in I saw a honda cafe racer and immediately threw it in the bucket of "typical." I got out of my car and took another look, "this bike is pretty cool", "wait... this bike is awesome", and finally "shit, I love this." You can tell whomever did the work on this bike did everything with "care." From the brown Gran Turismo grips to the neatly wrapped headers. This bike has definitely inspired me to start my own project, which will have to come a little bit further down the road.
I did a little digging and I think this might be a modified 1980 Honda CX500:
It amazing how all those modifications make it truly unique and a completely different looking bike.