Monday 9 September 2013

How to find IP address of Facebook? [ Whois.net]

Alrighty! Buckle, I am gonna make this sharp, concise and to-the-point!

Open you cmd.exe. 
type  -->  nslookup facebook.com, below is the output

nslookup facebook.com
Server:  UnKnown
Address:  10.0.0.1

Non-authoritative answer:
Name:    facebook.com
Addresses:  2a03:2880:2110:df07:face:b00c:0:1
          173.252.110.27

ok so let me explain the above stuff to you guys. Non-Authoritative answer means - I don't have any specific DNS server configured in my windows machine so my request was sent to the free DNS available on the internet. The answer is there but it's the best effort. The addresses 2a03:2880:2110:df07:face:b00c:0:1 is the IPV6 address for the Facebook, however we are not interested  in that we are looking for the IPV4 address. And there it is,  173.252.110.27.

Copy this IP address and jump into Whois.net and  copy this over there in the search box. You will find something like this in the results --->

Can you guys look at the CIDR value? Yes that's the whole subnet block dedicated to facebook today.
There you go, now you can use this process to get the IP block info about any of the big orgs like facebook. Now it's up to you how you guys use this info! Take care!!!
NetRange:       173.252.64.0 - 173.252.127.255
CIDR:           173.252.64.0/18
OriginAS:       AS32934
NetName:        FACEBOOK-INC
NetHandle:      NET-173-252-64-0-1
Parent:         NET-173-0-0-0-0


Bye!!

Sunday 8 September 2013

Info on DTP ( Dynamic Trunking Protocol)!

Heyaa everybody, your Sunday night post is ready!!

It's time to talk about DTP. As the Title says DTP is Dynamic Trunking protocol. This is a Cisco Proprietary protocol. I will try to explain this in a very simplistic way.

This is a protocol which runs between all the connected ports with access or trunk mode to negotiate the other side port to be in Trunk or in access mode. Here are the modes, you wanna have a look :-

1) switchport mode access - DTP flows and tells the other side, DO NOT NEGOTIATE TRUNK LINK. This port will never change itself to trunk even if the other side is in disagreement.
2) switchport mode  Dynamic desirable :- This is the default value of all the ports in the Cisco switch. It tells the other side to negotiate trunk. It will successfully convert the itself  to trunk if the other side port is in AUTO, DYNAMIC DESIRABLE or Trunk.

3) Switchport mode Dynamic auto - This is an Useless command NEVER USE IT!!! It tries to make the other side trunk link if the negotiation fails, it becomes non-trunk.

4) Switchport mode trunk -  Makes the link trunk, requests neighbor port to become trunk, if the other side doesn't agrees it remains in trunk mode. Alll this information lies in DTP packets.

5) Switchport nonegotiate - Stop from Generating DTPs. You must use this command in Access or Trunk port mode. Useless command.


Here is hierarchy of DTP values :-



Reference :- https://en.wikipedia.org/wiki/Dynamic_Trunking_Protocol

Saturday 7 September 2013

New ROBOCOP 2014 Trailer is Out Finally!

Hello Chanakyans!

Finally one of my favorite childhood hero is getting a reboot and that's HALF-MAN HALF-MACHINE ROBOCOP! I am really excited for this movie, i believe that this reboot we help the franchise to revive itself once again for the Next-Gen.

The Cast and crew is also pretty strong.

Addition of Michael Keaton to the actor's crew is giving a fresh outlook to the movie. It feels like someone who is so familiar to the Audience ( Michael Keaton == Former Batman) is getting back in an Anti-Hero Outlook. On top of that, we also have Sameul Jackson waiting for us with his usual brilliant performance. However, personally I wanted to see someone famous to portray  Robocop and I am still not sure about (Joel Kinnaman). Let's see, how this movie is gonna roll up in the theater. I am surely gonna watch this no matter what!  

ROBOCOP 2014!! ---> http://www.youtube.com/watch?v=INmtQXUXez8

Have a great day

Tuesday 3 September 2013

2 - HOT IT CERTIFICATIONS THAT CAN SURELY SECURE YOUR MANAGEMENT JOB IN 2013-2014 IN MNCs and Beyond.

Helloooo my readers! I am gonna make this blog a very short one :) In India, I've been seeing this trend along all the BIG MNCs that either they want their employees to be  ITIL certified or PMP Certified.

I myself have an ITIL v3 certification that I completed last year. My company made me do it, however I am seeing people doing it voluntarily. The second big certification that folks with more experience in Management field are doing in PMP Certification. 

In a nutshell ITIL is nothing but a study that tells you the best way to run an IT shop and its Services. But its very detailed and interesting if you start to dig down deeper in this section and understand to connect it to your own organization in factual and in unrealistic way. 

For PMP I don't have much info but you atleast need to have 3 years of PM (Project Management Experience) to become eligible to give this cerification. My manager and most of the higher grade folks in my ORG are PMP certified. There are other such certification like Lean Six Sigma, Prince etc but the ones that shine in India are PMP and ITIL. May be one day I may have PMP under my belt. Who knows!! So-MAN UP and hit the books fellows!

Monday 2 September 2013

Troubleshooting Tool Testing Time! 9/3/2013 - NMAP Zenmap GUI for Windows.

Hey all,

I got to know about this really cool networking tool for Ping Swaps which can help you several ways, Good as well as bad.  Nmap zenmap is a tool based on Linux's infamous nmap command. Nmap is usually used as network discovery tool  and it gets too intrusive if you use it that way. It can extract very secretive information from the Machines running on Internet Protocol 4.  And now i am going to use this tool for the first time let's see what we get :-

Firstly, let me explain how my network topology is :-





So as you can see i have an internet connectivity using Beetel Modem (Airtel) and from there i have an Ethernet jack connected on my access point which is an Netgear router and then using the broadcasted SSID I am able to connected to the Network. Now I ran the NMAP Zenmap app for Windows on of the laptop and let's see what we got.. :-

Starting Nmap 6.40 ( http://nmap.org ) at 2013-09-03 07:11 India Standard Time

NSE: Loaded 110 scripts for scanning.

NSE: Script Pre-scanning.

Initiating ARP Ping Scan at 07:11

Scanning 10.0.0.1 [1 port]

Completed ARP Ping Scan at 07:11, 0.30s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 07:11

Completed Parallel DNS resolution of 1 host. at 07:11, 5.59s elapsed

Initiating SYN Stealth Scan at 07:11

Scanning 10.0.0.1 [1000 ports]

Discovered open port 80/tcp on 10.0.0.1

Discovered open port 53/tcp on 10.0.0.1

Discovered open port 23/tcp on 10.0.0.1

Completed SYN Stealth Scan at 07:11, 1.34s elapsed (1000 total ports)

Initiating Service scan at 07:11

Scanning 3 services on 10.0.0.1

Completed Service scan at 07:12, 29.39s elapsed (3 services on 1 host)

Initiating OS detection (try #1) against 10.0.0.1

NSE: Script scanning 10.0.0.1.

Initiating NSE at 07:12

Completed NSE at 07:12, 19.10s elapsed

Nmap scan report for 10.0.0.1

Host is up (0.0035s latency).

Not shown: 997 closed ports

PORT   STATE SERVICE    VERSION

23/tcp open  telnet?

53/tcp open  domain     dnsmasq 2.15-OpenDNS-1

| dns-nsid: 

|   id.server: 

|_  bind.version: dnsmasq-2.15-OpenDNS-1

80/tcp open  tcpwrapped

| http-auth: 

| HTTP/1.0 401 Unauthorized


|_  Basic realm=NETGEAR WGR614v9

|_http-title: 401 Unauthorized

MAC Address: 00:24:B2:7E:30:E4 (Netgear)

Device type: specialized

Running: Linux 2.4.X

OS CPE: cpe:/o:linux:linux_kernel:2.4.21

OS details: Linux 2.4.21 (embedded)

Uptime guess: 0.414 days (since Mon Sep 02 21:15:59 2013)

Network Distance: 1 hop

TCP Sequence Prediction: Difficulty=199 (Good luck!)

IP ID Sequence Generation: All zeros



TRACEROUTE

HOP RTT     ADDRESS

1   3.52 ms 10.0.0.1



NSE: Script Post-scanning.

Read data files from: C:\Program Files (x86)\Nmap

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 62.02 seconds

           Raw packets sent: 1032 (46.346KB) | Rcvd: 1012 (41.170KB)

If you read the above script closely you will find that this tool is very powerful. using its network scanner enginer it is able to extract the ARP Ping Scan, check which ports are open - 80 HTTP 443 -HTTPS 23 TELNET 23. It also told you who many hops the ip is away (1 hop) in this way. There you also have the MAC-ADDRESS ready...OS details which can help you finding out what kind of machine is connected to your system. UPtime is also present. All this info is written in plain english and anybody can understand this. 

So mates! This was my first attempt on the NMAP ZENMAP GUI based app for windows, go out there and give your shot to this free app. This tool can be downloaded from its parent website. Download here :- http://nmap.org/download.html


Have you guys heard about Microsoft's Packet Sniffer? Microsoft Network Monitor!

Hello All,

In this post i am gonna give an introductory session about the Microsoft's Packet Sniffer that has some unique capabilities that its competitors doesn't have.

Benefits :- 

It can find out the traffic and represents traffic based upon Applications. That means if you are using chrome to access some specific website, it shows very clearly from which application the traffic is being generated, what is the destination and which port TCP/UDP and more info. This can be very helpful if you are trying to find out which application is using which port and that info can be used in various ways like opening or closing them on the firewall if required.

Cons :- 

Crashes alot! Very slow parsers! The GUI is complex.


Despite its Cons, its a good tool to have in your kit and could be a life savior in various cases :)

Here is the free Download Link :- http://goo.gl/r0A1jc



Why Basic checkups and close observation are important during T-shooting? NTP server issue/ Broadcast Storm.

Hey Mates,

New Post for you guys :- I was doing a troubleshooting for othe Internet Connectivity that we have in our Infrastructure. The Internet completely stopped working and user as usual became restless like their life support was snatched from them. This was a Cisco 2921 router.

Before I did anything I jumped in the logs. (BIG Mistake) and found all the logs related to July.. I thought there was no recent change made according to the logs and started to search here'n'there haphazardly.

After some digup I found the port is down and then i just gave "no shut" command. The port didn't came up.
Then I again ran through the router logs and found that logs were incorrect!! The timing was incorrect!! (It was july 1994 default date)  The NTP servers were not correctly configured. I gave  "Show Clock" command and found I was right!!

Then I went  to the interface and brought it up by giving  "Shutdown" and then "No shut". That actually brought it up.

So 2 learnings here :-

1) Keep your eyes open and be sharp on what you are looking. It may be boring but skim your eyes through the whole content and then come to conclusion. It wouldn't hurt to spend some seconds before coming to the content.

2) If you want to refresh an Cisco Interface "ALWAYS GIVE "SHUT" and then "NO SHUT".

AND YES the problem was happening due to Broadcast storm generated by one of the machines in the access switch chain. We had put a command in our switches to put it into "Shutdown" mode if the broadcast storm is received.

Keep Learning guys!!! :)