Categories
Soft

could-not-open-dev-vmmon-no-such-file-or-directory

could not open /dev/vmmon : no such file or directory.

Following a migration or an update, you might end up with this message when you try to launch a machine in VMWare.

To fix this :

  • Shut down the VM, quit VMware
  • Go to Sytem Preferences / Security and Privacy
  • Allow the app 
  • Relaunch VMware and the machine will now be ready for use

Categories
Net

Wi-Fi 6

L’alliance Wi-Fi a modifié le schéma de dénomination des normes sans fil, en abandonnant les désignations 802.11 pour des noms plus simples comme Wi-Fi 6, Wi-Fi 5, Wi-Fi 4, etc.

Désignation standardAnnée de sortieBande de fréquencesDébit théorique maximumPortée approximative
802.11a19995 Ghz54 Mbps35 m
802.11b19992.4 Ghz11 Mbps35 m
802.11g20032.4 Ghz54 Mbps38 m
802.11n = Wi-Fi 420092.4 Ghz et 5 Ghz600 Mbps70 m
802.11ac = Wi-Fi 520135 Ghz3.47 Gbps45 m
802.11ax = Wi-Fi 620192.4 Ghz et 5 Ghz simultanément14 Gbps (4x ac)meilleure qu’ ac

La nouvelle norme 802.11ax_Wi-Fi 6 va améliorer les performances et la sécurité dans les environnements à haute densité avec de nombreux appareils, (réseaux domestiques, réseaux publiques, internet des objets) avec des fonctions telles que “target wake time” pour une meilleure gestion de l’ alimentation, WPA3 au lieu de WPA 2, MU-MIMO bi-directionnel, etc.

Categories
Soft

Installing a third-party software in Manjaro

Under Manjaro, Pamac (package manager) may not provide that specific application you need, even under the command line.

You could find a .deb package on the editor’s website but it won’t help either as it is not ok on Arch-based systems.

Arch User Repository

Head to the the AUR website in the packages section

  • in the search bar, enter the desired software, hit enter
  • click on the wanted package
  • a new page will open. In the right top area, under “package actions”
  • click on “Download snapshot” in the right area of the page names Packages Actions area
  • extract the snapshot (double click on it and select the destination folder for extraction)
  • open a terminal and cd into the extracted folder :
  • enter ” makepkg -sci “. That should to the trick and install the app.

Once installed, the package manager will be able to remove it though.

Categories
Net

Nmap

Nmap (“Network Mapper”) is another great tool for network monitoring and security auditing.
It is a free and open source multi-platform utility designed to scan networks for host discovery, port scanning (opened port number as well as associated service, amount of closed ports ), distance to host, Mac Adresses, host OS detection, etc.

 

 

Using a terminal

To check whether you have it installed in your shell
nmap –version

If you do not have it you will have to use the command line to install it. On a distribution with package manager, it is going to be:
sudo pacman -S nmap

 

Some examples of commands
There are far more options available in the reference guide of Nmap.

-O requires elevated privileges and is necessary for OS detection and manufacturer’s Mac address identification.
-sP can be used to skip port scan in the results.

Scanning one IP address
nmap -O 192.168.1.10

Scanning the IP range from 1 to 10 in the subnet
nmap -O 192.168.1.1-10

Scanning an entire subnet = the whole range from 0 to 255
nmap -O 192.168.1.0/24

Scanning an entire subnet but exclude hosts from 120 to 140
nmap -O 192.168.1.0/24 –exclude 192.168.1.120-140

The last device to appear in the list is the scanning machine (if not excluded). 

Nmap is installed by default in Mac OS and some Linux distributions as a command line tool. However a GUI version called (zenmap) is also available for other Oses.

Categories
Net

Wireshark : capturing frames, reading packets.

Wireshark is an open-source network protocol analysis software started by Gerald Combs in 1998. Available on most operating systems, it is used to inspect and capture frames (which include packets) passing through a network interface in order to decode them for analysis.

A computer within a network can see traffic between two other computers with Wireshark. It is therefore a packet sniffer, useful to track and capture data passing through the TCP/IP layers in a LAN during transmission to troubleshoot issues or eavesdrop.

That data comes from or goes to your router or the internet (data in transit within a LAN // data coming from or going to the internet). It can be your browsing history, key logs from a session or even passwords in plain text from your account, etc.
That is why it is recommended to use a secure connections as well as a VPN.

Wireshark allows you to filter the log either before the capture or during analysis, so you can narrow down and zero into what you are looking for in the network trace. For example, you can set a filter to see TCP traffic between two IP addresses, or to only show the packets sent from one computer. The filters in Wireshark are one of the primary reasons it became the standard tool for packet analysis. 

Welcome window

Upon launch, you have access to all available interfaces on your device to perform a capture.

Main window

Once an interface has been chosen you get the packet area (colored) that displays frames to capture, a line summary for each captured packet, the time at which it was captured, it’s source and destination addresses, the protocol type and specific information contained within the packet.
The listing can be sorted according to any of these categories by clicking on a column name. The protocol type field lists the highest level protocol that sent or received this packet.

Below you have the packet header details which provide information about a selected packet, including the Ethernet frame and IP datagram containing this packet.
Further information can be displayed by clicking the arrowhead to the left of the Ethernet frame or IP datagram line in the packet details window such as  : 

  • The frame length as well as the capture length for comparison
  • The date and time stamp
  • Source and destination IPs and Mac addresses of devices exchanging information
  • The protocol version used to carry the packet
  • The source port used to transmit data and destination port to where the packet is being transmitted,
  • The sequence number to ensure that no part of the stream is missing from the packet
  • The acknowledgement number that is the sequence number for the following packet
  • The header which is a portion of the packet that precedes its body and contains addressing and other data required for it to reach its intended destination ( packets consist of a header, a body, and a trailer)
  • The cryptographic protocol, etc.

Command icons

  • The aileron switches from blue to green once clicked
  • The square is there to stop a capture
  • The second aileron allows to relaunch a capture
  • The spinning gear displays a new window to manage interfaces

The folder and file icons become active once the capture is halted for analysis so that you can save it to a file, open, close or relaunch a previously saved capture file.

Arrows helps you to navigate either to the first, the last, the previous, the following or a specific packet during live or within a frozen capture. The last two icons are to scroll automatically to the last packet during capture and to display packets using colouring rules.

wireshark zoom

Then you can enlarge, shrink, return to normal size, or resize packet list to fit contents of the main window.

Display filter

Underneath icons resides the display filter. Wireshark uses it for general packet selection. The filters field switches colour once you enter some text. It remains red until the right synthax is entered – it will then turn to green once it is correct.

To learn the right expressions, you can select the “expressions” tab at the  right of the filter. A search field allows you to query a precise term, hitting ok will apply the right synthax in the filter. There are more expressions to explore on the synthax page.

Some expressions of specific filters

You will find a cheat seat list of capture and display filters there.

Below are some examples : 

Restrict the view to a source IP only or destination IP only
 ip.src == 192.168.1.10 or ip.dst == 192.168.1.10

Filter by protocol
http

Filter by port number :  ‘tcp.port eq [port-no]’ tcp.port eq 465

Reject packet based on source or destination : ‘ip.src != [src_addr]’ or ‘ip.dst != [dst_add]’
ip.src != 192.168.1.10 or ip.dst != 192.168.1.10

Filtering packets that match multiple conditions, applying AND : protocol&&ip.src==IPadress  // protocol&&ip.dst==IPadress http&&ip.src==192.168.1.10 or http&&ip.dst==192.168.1.10

Filtering the packets that match either one or the other condition, applying OR
http||arp

Categories
Soft

Safe surf

UK based Netcraft blocks credit card skimmers, non-consensual cryptocurrency miners, malicious and deceptive websites in your browser and sms phishing in your smartphone.
It is available for free on computers as a browser extension ((Windows, Mac OS) or an app on mobile devices (Android, iOS).

How ?
A rainbow logo will appear on the upper right corner of your browser and you will have to click on it to check the validity of the website ou are visiting.


Where ?
Here are the links for Brave (or chrome), Edge , and Opera.

What else ?
Netcraft also provides a Mail Reporter that integrates with some mail providers through a simple add-on in Gmail (web-based Gmail) and Android app, as well as Outlook client on all platforms.

Categories
Soft

Synology : retrieve data from Hyperbackup


Under DSM5, the previous version of Synology’s operating system , a software called “Backup and Replication” allowed backups to an external volume in the file format of your choice (NTFS, HFS+, ext4, etc.). You could navigate within that volume’s tree and browse within folders to extract whatever file you needed.

Since DSM6, backups are managed by HyperBackup to save one
NAS to another one, encrypt a backup instead of a whole hard drive to protect the files, time stamp versions of the backup, etc. It creates a container file (.hbk), fragments files in a specific format (.bkpi) that remain unreadable unless you install Hyperbackup Explorer.

Hyperbackup Explorer is the desktop tool for browsing, decrypting, and extracting different versions of backup data in Hyper Backup repositories .It is available for Windows, Mac, and Linux.

Installation

Upon download, the package must be extracted.

Windows : following extraction,drop the whole folder containing the application in your programs folder and create a shortcut to launch launch it, locate the backup folder and select it for file extraction.

Mac : drag the downloaded application and drop it in the applications folder and launch it, locate the backup folder and select it for file extraction

Linux : following installation, navigate to /media/username/disk number/SynologyHyperBackup.bkpi in order to access the folder containing the backup.

Categories
Soft

Open source Mac OS Firewall

Although Mac OS has got an included firewall that only blocks incoming connections. There are commercial alternatives for that also block exfiltrating data : Little snitch and Handoff.

LuLu is the free, open-source macOS firewall that aims to block unknown outgoing connections, unless explicitly approved by the user.

Categories
Hard

Mainframe computers

NEAC 2203- Tape drive, console, and CPU ( source : computerhistory.org )

Mainframes appeared in the early 1940s. The most popular suppliers are IBM, Amdahl, Hitachi, Bull, Nec, Tandem Computers. Although they can then be considered obsolete today, as in every decade since their creation, mainframe computers dominate the landscape of large-scale professional computing.

There are a few mainframe features that are common to all mainframe vendors: almost all mainframes have the ability to run (or host) multiple operating systems, can add or change hot disks without service interruption, are designed to manage very high-volume inputs and outputs, and focus on high-speed computing.

They are mainly used by large companies for critical applications requiring large volumes of data processing (a single mainframe can replace tens or even hundreds of smaller servers) in the banking, financial, healthcare, insurance, utilities, government and many other public and private companies, the mainframe continues to be the foundation of modern business activities.

The main difference between mainframes and supercomputers lies in their typical field of application – mainframes excel in reliable volume computing in areas requiring integer operations (e. g. Financial, indexing, comparisons, etc.). Supercomputers are designed to excel in their ability to perform floating point operations – addition, subtraction and multiplication with sufficient accuracy to model continuous phenomena such as weather conditions.

Despite the constant evolution of IT, mainframes are considered to be the most stable, secure and compatible of all IT platforms. The latest models can handle the most advanced and demanding customer workloads, while continuing to run applications written in previous decades.

IBM System z

Learning how to use a mainframe

Hercules

Hercules is a computer emulator that allows software written for IBM mainframes (System / 370, System / 390 and zSeries / System z) and compatible mainframes (such as Amdahl machines) to run on other types of hardware such as personal computers.

It runs on several parent operating systems, including GNU / Linux, Microsoft Windows, FreeBSD, Solaris and Mac OS X, and is marketed under the open source software license QPL. It is similar to Bochs and QEMU in that it only emulates instructions from the CPU and some devices. A supplier (or distributor) must always provide an operating system and the user must install it. Hercules was the first mainframe emulator to integrate support for IBM’s z-series.

IBM

With IBM online, by entering the “Master the Mainframe” contest organised by IBM to get free access to real IBM mainframes. First you will need to download and install a mainframe terminal emulator (for Windows, for Mac).