Sunday, 28 September 2014

Reaching the network's speed limit for file transfer

Are you tired of transferring files from one computer to another using pen-drives and their abysmally slow speeds? Ever long for something faster? Here's a nice way to transfer files insanely fast - as fast as the network would allow (Note: This is another cool reason to switch to Linux)

Here's what you do:

Let's say you want to send a folder called ABC from computer X to computer Y. Then, fire up terminal on computer Y first and type the following commands:
hostname -I 

nc -l 9898 | tar xv

"hostname -I" shows all IP addresses associated with the host Y. You'll need to note these down to be used on computer X. "nc" is a utility that allows for arbitrary TCP and UDP connections and listens. "-l 9898" is a flag for nc to open port 9898 and listen for connections. The "|" pipes the output of nc (i.e. whatever comes from the network) into the next command "tar" which is an archival utility. The "xv" part stands for extract verbose which means that the archive coming from nc is extracted and each file name is printed out as it is extracted.

Once you're done running the above command on Y, run the following command on X:
tar c ABC | nc IP 9898

The "tar c" part stands for "use tar to compress" ABC (the folder to be sent). IP is the IP address got from the "hostname -I" command on computer Y. "nc IP 9898" connects to computer Y on port 9898 and sends the data from the tar command to the other computer.

Since no extra data is transferred in this way, the data should be transferred at the maximum (theoretical) limit of your network. If your network is unstable, this might actually cause a problem since no error correction codes are sent; however, if your network is stable (or all you are sending is movies or the like) then it shouldn't matter much.

Do you know of any other fast ways to transfer data on the network? Leave a comment below. :)

Friday, 26 September 2014

Shellshock

A newly discovered bug seems to be taking the whole security and hacker communities into uproar. A huge number of posts and talks are going on in many channels. For those who haven't heard about it, it is the bash bug which affects basically almost all systems that the world depends on.

What is the bash bug? To answer that, first you need to know what bash is.

"bash" stands for "Bourne-Again SHell" and is the most common type of shell on any linux or mac or unix related system. This basically includes almost all servers, and can go on all the way to smart lighting (those crazy lightbulbs whose colour can be controlled by your smart phone). If you've ever seen anyone use a black screen with white text on it, chances are you've seen either the Windows Command Prompt or a shell. A shell basically allows you to type commands to execute programs on a computer.

The bash bug is basically a bug that has been found in this very commonly used shell. The bug was discovered by St├ęphane Chazelas, a French IT manager working for a software maker in Scotland, and was first disclosed on 24th September 2014. It basically allows for arbitrary code execution. Turns out that this bug has existed since the very first version of bash (25 years ago!!!). The bug has been nicknamed "Shellshock" and is regarded to be severe since CGI scripts using bash can be vulnerable. It is caused due to

However, this is where the open source community comes into play. Within a very short time frame, a patch has been released already and many systems are no longer vulnerable to this bug. As of now, my system is no longer vulnerable only because I continuously keep updating my PC.

How to test if you're vulnerable?
Just run the following code in your terminal:
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If your system is vulnerable, it'll tell you vulnerable, otherwise it will show an error message.

If you want to know more, visit the Wikipedia page on the bug at Shellshock

Just to mention this here: This is the only severe bug I've personally seen on linux that has such a massive impact, and even then, it got fixed almost instantly. I love the way the open source community works so quickly. :)