Clearing PfSense expired DHCP leases manually

In PfSense, while when needed expired DHCP leases will be reclaimed, one may want to manually clear expired leases. From DHCP status you can go to ‘Show all configred leases‘ and click ‘Delete lease’ one by one, or you can use this method to clear them quicker.

How to

  1. Go to Diagnostics then Edit File
  2. Copy the following file path: /var/dhcpd/var/db/dhcpd.leases
  3. Click Load
  4. Now highlight and delete the blocks of leases you want to delete
  5. Click Save when finished


SCP Command to copy directory and files

Here is the command used to copy recalbox shared files from one pi to another.

scp -r /temp/* root@

this will copy recursively directory and files in your local temp folder to the remote temp folder.

Install BitTorrent Sync on Debian / Ubuntu Server

First we need to add the repository to the sources.list. Run the following commands as root.

apt-key adv –keyserver –recv-keys 6BF18B15
CODENAME=$(lsb_release -cs | sed -n ‘/lucid\|precise\|quantal\|raring\|saucy\|trusty\|squeeze\|wheezy\|jessie\|sid/p’)
echo “” >> /etc/apt/sources.list
echo “#### BitTorrent Sync – see:” >> /etc/apt/sources.list
echo “## Run this command: apt-key adv –keyserver –recv-keys 6BF18B15” >> /etc/apt/sources.list
echo “deb ${CODENAME:-sid} main” >> /etc/apt/sources.list
echo “deb-src ${CODENAME:-sid} main” >> /etc/apt/sources.list
apt-get update
apt-get -y install btsync

This will fetch the GPG keys for the custom repository, it will then amend your sources list by the new repositories (you can disable the src repository if you want) and finally it installs the server version of BitTorrent Sync as provided by tuxpoldo.

You will then be asked if you want to define a default BitTorrent Sync instance or not. The difference is that with the default instance you run BitTorrent Sync only lets you run BitTorrent Sync as root or btsync user. However if you have for example an existing Samba installation or something else that you want to use to sync data, you might not want to run it as default instance.

If you choose to install as default instance then just accept all the default options except for UPNP. I think that should be enabled in either case.


If you choose not to run a default instance then you need to manually create the user config file. There are samples in the /etc/btsync/sample folder but I’d like to provide an own below. Run as root (and maybe alter the file name):

Setup Ubuntu 12.10 x64 web server w/virtual hosting and mysql

SSH into the server as root
or If using a user account then prepend sudo to each of these commands.

Remove Samba if needed

apt-get purge samba -y

Update Server

apt-get update && apt-get upgrade -y

Install Dependencies

apt-get install -y perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python nano php5 libapache2-mod-php5 php5-mcrypt

Download Webmin if needed

wget -O webmin_1.660_all.deb

Install Webmin

dpkg -i webmin_1.660_all.deb

MySql/PHP Install

apt-get install mysql-server libapache2-mod-auth-mysql php5-mysql -y

Apache2 enable Mod-Rewrite

a2enmod rewrite

Then restart apache2

service apache2 restart

PHPMyadmin installation if needed.

apt-get install phpmyadmin

Create the WordPress Database and User

mysql -u root -p
CREATE USER wordpressuser@localhost;
SET PASSWORD FOR wordpressuser@localhost= PASSWORD(“password”);
GRANT ALL PRIVILEGES ON wordpress.* TO wordpressuser@localhost IDENTIFIED BY ‘password’;

Tar Commands

untar command = tar -xvzf filename.tar or filename.tar.gz (if gzipped)

tar command = tar -ztvf /folder filename.tar or filename.tar.gz (if you want to gzip the file)

Adding users and Installing and basic setup vsftpd Server on Ubuntu 13.04 Server

  • To add a user account, use the following syntax, and follow the prompts to give the account a password and identifiable characteristics such as a full name, phone number, etc.
    sudo adduser username

    vsftpd – FTP Server Installation

    sudo apt-get install vsftpd
    I use nano to edit my text files. Use whatever you would like.
    nano /etc/vsftpd.conf
    (read through the many options and uncomment or comment out what you would like to use)
    I added this to the bottom of my conf file for security.
    The ftpusers file is a list of users not allowed to use ftp. You can edit that file here.
    nano /etc/ftpusers
    Once you are finished use this command to restart vsftpd daemon.
    restart vsftpd
    By the way, I log in as root so no sudo command needed.  If you are not logged in as root, then prepend each command above with sudo.
    Here is a link to the official vsftpd install and setup guide on

Transmission install Ubuntu Server 13.04 x64

What you’ll need
A Linux distribution (Ubuntu Server 13.04 x64 is used here)
More information
Official website:

Detailed settings.json:
Add the official PPA: add-apt-repository ppa:transmissionbt/ppa

(if this gives an error run) apt-get install software-properties-common

Update your system: apt-get update
Install the daemon: apt-get install transmission-daemon

create a directory for complete and incomplete

Back-up your settings: cp /etc/transmission-daemon/settings.json /etc/transmission-daemon/settings.json.bak

Edit your settings using nano or whatever you like

download-dir —– change to whatever directory you created above
incomplete-dir —– change to whatever directory you created above
rpc-password —- use whatever you like here
rpc-port —- only change if you like
rpc-username — — change to whatever username you want

Creating folders: mkdir -p Downloads/transmission/{complete,incomplete}
Ownership: chown root:debian-transmission -R Downloads/transmission
Permissions: chmod 775 -R Downloads/transmission
Reload the daemon: service transmission-daemon reload

Top 30 Nmap Commands

The purpose of this post is to introduce a user to the nmap command line tool to scan a host and/or network, so to find out the possible vulnerable points in the hosts. You will also learn how to use Nmap for offensive and defensive purposes.

nmap in action
More about nmap

From the man page:

Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.

It was originally written by Gordon Lyon and it can answer the following questions easily:

What computers did you find running on the local network?
What IP addresses did you find running on the local network?
What is the operating system of your target machine?
Find out what ports are open on the machine that you just scanned?
Find out if the system is infected with malware or virus.
Search for unauthorized servers or network service on your network.
Find and remove computers which don’t meet the organization’s minimum level of security.
Sample setup (LAB)

Port scanning may be illegal in some jurisdictions. So setup a lab as follows:

+———+ | Network | +——–+
| server1 |———–+ swtich +———|server2 |
+———+ | (sw0) | +——–+
| wks01 Linux/OSX |

wks01 is your computer either running Linux/OS X or Unix like operating system. It is used for scanning your local network. The nmap command must be installed on this computer.
server1 can be powered by Linux / Unix / MS-Windows operating systems. This is an unpatched server. Feel free to install a few services such as a web-server, file server and so on.
server2 can be powered by Linux / Unix / MS-Windows operating systems. This is a fully patched server with firewall. Again, feel free to install few services such as a web-server, file server and so on.
All three systems are connected via switch.
How do I install nmap?


Debian / Ubuntu Linux: Install nmap Software For Scanning Network
CentOS / RHEL: Install nmap Network Security Scanner
OpenBSD: Install nmap Network Security Scanner
#1: Scan a single host or an IP address (IPv4)

### Scan a single ip address ###

## Scan a host name ###

## Scan a host name with more info###
nmap -v

Sample outputs:

Fig.01: nmap output
#2: Scan multiple IP address or subnet (IPv4)

## works with same subnet i.e.
You can scan a range of IP address too:

You can scan a range of IP address using a wildcard:

nmap 192.168.1.*
Finally, you scan an entire subnet:

#3: Read list of hosts/networks from a file (IPv4)

The -iL option allows you to read the list of target systems using a text file. This is useful to scan a large number of hosts/networks. Create a text file as follows:
cat > /tmp/test.txt

Sample outputs:
The syntax is:

nmap -iL /tmp/test.txt
#4: Excluding hosts/networks (IPv4)

When scanning a large number of hosts/networks you can exclude hosts from a scan:

nmap –exclude
nmap –exclude,
OR exclude list from a file called /tmp/exclude.txt

nmap -iL /tmp/scanlist.txt –excludefile /tmp/exclude.txt
#5: Turn on OS and version detection scanning script (IPv4)

nmap -A
nmap -v -A
nmap -A -iL /tmp/scanlist.txt
#6: Find out if a host/network is protected by a firewall

nmap -sA
nmap -sA
#7: Scan a host when protected by the firewall

nmap -PN
nmap -PN
#8: Scan an IPv6 host/address

The -6 option enable IPv6 scanning. The syntax is:

nmap -6 IPv6-Address-Here
nmap -6
nmap -6 2607:f0d0:1002:51::4
nmap -v A -6 2607:f0d0:1002:51::4
#9: Scan a network and find out which servers and devices are up and running

This is known as host discovery or ping scan:

nmap -sP
Sample outputs:

Host is up (0.00035s latency).
MAC Address: BC:AE:C5:C3:16:93 (Unknown)
Host is up (0.0038s latency).
MAC Address: 74:44:01:40:57:FB (Unknown)
Host is up.
Host nas03 ( is up (0.0091s latency).
MAC Address: 00:11:32:11:15:FC (Synology Incorporated)
Nmap done: 256 IP addresses (4 hosts up) scanned in 2.80 second
#10: How do I perform a fast scan?

nmap -F
#11: Display the reason a port is in a particular state

nmap –reason
nmap –reason
#12: Only show open (or possibly open) ports

nmap –open
nmap –open
#13: Show all packets sent and received

nmap –packet-trace
nmap –packet-trace
14#: Show host interfaces and routes

This is useful for debugging (ip command or route command or netstat command like output using nmap)

nmap –iflist
Sample outputs:

Starting Nmap 5.00 ( ) at 2012-11-27 02:01 IST
lo (lo) loopback up
eth0 (eth0) ethernet up B8:AC:6F:65:31:E5
vmnet1 (vmnet1) ethernet up 00:50:56:C0:00:01
vmnet8 (vmnet8) ethernet up 00:50:56:C0:00:08
ppp0 (ppp0) point2point up

DST/MASK DEV GATEWAY ppp0 eth0 eth0 vmnet1 vmnet8 eth0 ppp0 eth0

#15: How do I scan specific ports?

map -p [port] hostName
## Scan port 80
nmap -p 80

## Scan TCP port 80
nmap -p T:80

## Scan UDP port 53
nmap -p U:53

## Scan two ports ##
nmap -p 80,443

## Scan port ranges ##
nmap -p 80-200

## Combine all options ##
nmap -p U:53,111,137,T:21-25,80,139,8080
nmap -p U:53,111,137,T:21-25,80,139,8080
nmap -v -sU -sT -p U:53,111,137,T:21-25,80,139,8080

## Scan all ports with * wildcard ##
nmap -p “*”

## Scan top ports i.e. scan $number most common ports ##
nmap –top-ports 5
nmap –top-ports 10

Sample outputs:

Starting Nmap 5.00 ( ) at 2012-11-27 01:23 IST
Interesting ports on
21/tcp closed ftp
22/tcp open ssh
23/tcp closed telnet
25/tcp closed smtp
80/tcp open http
110/tcp closed pop3
139/tcp closed netbios-ssn
443/tcp closed https
445/tcp closed microsoft-ds
3389/tcp closed ms-term-serv
MAC Address: BC:AE:C5:C3:16:93 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.51 seconds

#16: The fastest way to scan all your devices/computers for open ports ever

nmap -T5
#17: How do I detect remote operating system?

You can identify a remote host apps and OS using the -O option:

nmap -O
nmap -O –osscan-guess
nmap -v -O –osscan-guess
Sample outputs:

Starting Nmap 5.00 ( ) at 2012-11-27 01:29 IST
NSE: Loaded 0 scripts for scanning.
Initiating ARP Ping Scan at 01:29
Scanning [1 port]
Completed ARP Ping Scan at 01:29, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 01:29
Completed Parallel DNS resolution of 1 host. at 01:29, 0.22s elapsed
Initiating SYN Stealth Scan at 01:29
Scanning [1000 ports]
Discovered open port 80/tcp on
Discovered open port 22/tcp on
Completed SYN Stealth Scan at 01:29, 0.16s elapsed (1000 total ports)
Initiating OS detection (try #1) against
Retrying OS detection (try #2) against
Retrying OS detection (try #3) against
Retrying OS detection (try #4) against
Retrying OS detection (try #5) against
Host is up (0.00049s latency).
Interesting ports on
Not shown: 998 closed ports
22/tcp open ssh
80/tcp open http
MAC Address: BC:AE:C5:C3:16:93 (Unknown)
Device type: WAP|general purpose|router|printer|broadband router
Running (JUST GUESSING) : Linksys Linux 2.4.X (95%), Linux 2.4.X|2.6.X (94%), MikroTik RouterOS 3.X (92%), Lexmark embedded (90%), Enterasys embedded (89%), D-Link Linux 2.4.X (89%), Netgear Linux 2.4.X (89%)
Aggressive OS guesses: OpenWrt White Russian 0.9 (Linux 2.4.30) (95%), OpenWrt 0.9 – 7.09 (Linux 2.4.30 – 2.4.34) (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (94%), Linux 2.4.21 – 2.4.31 (likely embedded) (92%), Linux 2.6.15 – 2.6.23 (embedded) (92%), Linux 2.6.15 – 2.6.24 (92%), MikroTik RouterOS 3.0beta5 (92%), MikroTik RouterOS 3.17 (92%), Linux 2.6.24 (91%), Linux 2.6.22 (90%)
No exact OS matches for host (If you know what OS is running on it, see ).
TCP/IP fingerprint:
Uptime guess: 12.990 days (since Wed Nov 14 01:44:40 2012)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=200 (Good luck!)
IP ID Sequence Generation: All zeros
Read data files from: /usr/share/nmap
OS detection performed. Please report any incorrect results at .
Nmap done: 1 IP address (1 host up) scanned in 12.38 seconds
Raw packets sent: 1126 (53.832KB) | Rcvd: 1066 (46.100KB)
See also: Fingerprinting a web-server and a dns server command line tools for more information.

#18: How do I detect remote services (server / daemon) version numbers?

nmap -sV
Sample outputs:

Starting Nmap 5.00 ( ) at 2012-11-27 01:34 IST
Interesting ports on
Not shown: 998 closed ports
22/tcp open ssh Dropbear sshd 0.52 (protocol 2.0)
80/tcp open http?
1 service unrecognized despite returning data.
#19: Scan a host using TCP ACK (PA) and TCP Syn (PS) ping

If firewall is blocking standard ICMP pings, try the following host discovery methods:

nmap -PS
nmap -PS 80,21,443
nmap -PA
nmap -PA 80,21,200-512
#20: Scan a host using IP protocol ping

nmap -PO
#21: Scan a host using UDP ping

This scan bypasses firewalls and filters that only screen TCP:

nmap -PU
nmap -PU 2000.2001
#22: Find out the most commonly used TCP ports using TCP SYN Scan

### Stealthy scan ###
nmap -sS

### Find out the most commonly used TCP ports using TCP connect scan (warning: no stealth scan)
### OS Fingerprinting ###
nmap -sT

### Find out the most commonly used TCP ports using TCP ACK scan
nmap -sA

### Find out the most commonly used TCP ports using TCP Window scan
nmap -sW

### Find out the most commonly used TCP ports using TCP Maimon scan
nmap -sM

#23: Scan a host for UDP services (UDP scan)

Most popular services on the Internet run over the TCP protocol. DNS, SNMP, and DHCP are three of the most common UDP services. Use the following syntax to find out UDP services:

nmap -sU nas03
nmap -sU
Sample outputs:

Starting Nmap 5.00 ( ) at 2012-11-27 00:52 IST
Stats: 0:05:29 elapsed; 0 hosts completed (1 up), 1 undergoing UDP Scan
UDP Scan Timing: About 32.49% done; ETC: 01:09 (0:11:26 remaining)
Interesting ports on nas03 (
Not shown: 995 closed ports
111/udp open|filtered rpcbind
123/udp open|filtered ntp
161/udp open|filtered snmp
2049/udp open|filtered nfs
5353/udp open|filtered zeroconf
MAC Address: 00:11:32:11:15:FC (Synology Incorporated)

Nmap done: 1 IP address (1 host up) scanned in 1099.55 seconds

#24: Scan for IP protocol

This type of scan allows you to determine which IP protocols (TCP, ICMP, IGMP, etc.) are supported by target machines:

nmap -sO
#25: Scan a firewall for security weakness

The following scan types exploit a subtle loophole in the TCP and good for testing security of common attacks:

## TCP Null Scan to fool a firewall to generate a response ##
## Does not set any bits (TCP flag header is 0) ##
nmap -sN

## TCP Fin scan to check firewall ##
## Sets just the TCP FIN bit ##
nmap -sF

## TCP Xmas scan to check firewall ##
## Sets the FIN, PSH, and URG flags, lighting the packet up like a Christmas tree ##
nmap -sX

See how to block Xmas packkets, syn-floods and other conman attacks with iptables.

#26: Scan a firewall for packets fragments

The -f option causes the requested scan (including ping scans) to use tiny fragmented IP packets. The idea is to split up the TCP header over
several packets to make it harder for packet filters, intrusion detection systems, and other annoyances to detect what you are doing.

nmap -f
nmap -f
nmap -f 15
## Set your own offset size with the –mtu option ##
nmap –mtu 32
#27: Cloak a scan with decoys

The -D option it appear to the remote host that the host(s) you specify as decoys are scanning the target network too. Thus their IDS might report 5-10 port scans from unique IP addresses, but they won’t know which IP was scanning them and which were innocent decoys:

nmap -n -Ddecoy-ip1,decoy-ip2,your-own-ip,decoy-ip3,decoy-ip4 remote-host-ip
nmap -n -D192.168.1.5,,,
#28: Scan a firewall for MAC address spoofing

### Spoof your MAC address ##
nmap –spoof-mac MAC-ADDRESS-HERE

### Add other options ###
nmap -v -sT -PN –spoof-mac MAC-ADDRESS-HERE

### Use a random MAC address ###
### The number 0, means nmap chooses a completely random MAC address ###
nmap -v -sT -PN –spoof-mac 0

#29: How do I save output to a text file?

The syntax is:

nmap > output.txt
nmap -oN /path/to/filename
nmap -oN output.txt
#30: Not a fan of command line tools?

Try zenmap the official network mapper front end:

Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows interactive creation of Nmap command lines. Scan results can be saved and viewed later. Saved scan results can be compared with one another to see how they differ. The results of recent scans are stored in a searchable database.

You can install zenmap using the following apt-get command:
$ sudo apt-get install zenmap

Sample outputs:

[sudo] password for vivek:
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following NEW packages will be installed:
0 upgraded, 1 newly installed, 0 to remove and 11 not upgraded.
Need to get 616 kB of archives.
After this operation, 1,827 kB of additional disk space will be used.
Get:1 squeeze/main zenmap amd64 5.00-3 [616 kB]
Fetched 616 kB in 3s (199 kB/s)
Selecting previously deselected package zenmap.
(Reading database … 281105 files and directories currently installed.)
Unpacking zenmap (from …/zenmap_5.00-3_amd64.deb) …
Processing triggers for desktop-file-utils …
Processing triggers for gnome-menus …
Processing triggers for man-db …
Setting up zenmap (5.00-3) …
Processing triggers for python-central …
Type the following command to start zenmap:
$ sudo zenmap

Sample outputs

Basic Samba Share Ubuntu 12.04 Server.

Here are simple instructions for a simple samba file share on ubuntu 12.04 server.

All commands are ran as root. If you are not root use sudo before the commands.

1. Install samba.

apt-get install samba

2. nano /etc/samba/smb.conf

comment = share
path = /share
browsable = yes
guest ok = no
read only = no
available = yes
public = no
writable = yes
valid users = user

3. (the share is called share. make sure you have a user called user on your server or replace with a valid user on your server)
save and restart samba.
4. restart smbd
restart nmbd

5. chmod -R 0775 share (You can use filezilla over sftp if you want)

Setting Static IP in Ubuntu Server 12.04.1

from the command line as root or su

nano /etc/network/interfaces

iface eth0 inet static

First change your adapter from dhcp to static.
Enter the information as above with your ip address settings.
crtl-x in nano and overwrite interfaces file.

restart networking with this command. (if over ssh make sure to adjust your ssh connection to the new ip address)

/etc/init.d/networking restart