Friday, October 29, 2010

Personal firewalls

It has been a while since I messed around with firewall rules, and apparently I should get back into it. Recently I had to rebuild one of the home computers to put Windows on it. Initially (pre antivirus install), I shut down all the non-essential windows vista default services that I could think of and left the basic Microsoft provided firewall running. To check for any obvious opening, I ran a basic nmap Syn scan


Starting Nmap 4.75 ( http://nmap.org ) at 2010-10-24 14:46
Initiating ARP Ping Scan at 14:46
Scanning 192.168.2.3 [1 port] Completed ARP Ping Scan at 14:46, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:46
Completed Parallel DNS resolution of 1 host. at 14:46, 0.02s elapsed
Initiating SYN Stealth Scan at 14:46 Scanning 192.168.2.3 [1000 ports]
Completed SYN Stealth Scan at 14:47, 21.88s elapsed (1000 total ports)
Host 192.168.2.3 appears to be up ... good.
All 1000 scanned ports on 192.168.2.3 are filtered MAC Address: 00:23:AE:1B:1F:6E (Unknown)

Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 22.08 seconds
Raw packets sent: 2001 (88.042KB) | Rcvd: 2 (98B)


Looks ok to me. So after buying antivirus (customer wanted Kaspersky), we got the Kaspersky Internet Security 2011 suite. It looked interesting for features, and the firewall component took over for windows firewall. Using the standard config, I ran the scan again afterwards.


Starting Nmap 4.75 ( http://nmap.org ) at 2010-10-24 14:20
Initiating ARP Ping Scan at 14:20 Scanning 192.168.2.3 [1 port]
Completed ARP Ping Scan at 14:20, 0.11s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 14:20
Completed Parallel DNS resolution of 1 host. at 14:20, 2.52s elapsed
Initiating SYN Stealth Scan at 14:20 Scanning 192.168.2.3 [1000 ports]
Discovered open port 49156/tcp on 192.168.2.3
Discovered open port 49153/tcp on 192.168.2.3
Increasing send delay for 192.168.2.3 from 0 to 5 due to 53 out of 176 dropped probes since last increase.
Increasing send delay for 192.168.2.3 from 5 to 10 due to max_successful_tryno increase to 4 Discovered open port 49155/tcp on 192.168.2.3
Increasing send delay for 192.168.2.3 from 10 to 20 due to 12 out of 39 dropped probes since last increase.
Discovered open port 49152/tcp on 192.168.2.3
Increasing send delay for 192.168.2.3 from 20 to 40 due to 14 out of 45 dropped probes since last increase.
Discovered open port 139/tcp on 192.168.2.3
Discovered open port 135/tcp on 192.168.2.3
Discovered open port 49154/tcp on 192.168.2.3
Discovered open port 1110/tcp on 192.168.2.3
Completed SYN Stealth Scan at 14:20, 38.70s elapsed (1000 total ports) Host 192.168.2.3 appears to be up ... good.
Interesting ports on 192.168.2.3:
Not shown: 992 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
1110/tcp open nfsd-status
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
MAC Address: 00:23:AE:1B:1F:6E (Unknown)

Read data files from: /usr/share/nmap
Nmap done: 1 IP address (1 host up) scanned in 41.58 seconds
Raw packets sent: 1154 (50.774KB) | Rcvd: 1009 (40.612KB) dfkj123:/home


Well that's interesting. Basically the suite sees several zones. Anything on your local network, it seems to be happy with. So if you're on some public wifi spot, you're screwed. Also, most common Microsoft and commercial apps get whitelisted and all hosts (internet wide) are allowed full access. Seriously? Trying to shut all that down and fix it to something sane was looking like a near impossible task, so for simplicity I actually had to disable that and fall back to Microsoft. I hope their AV component doesn't act as badly.

Thursday, October 7, 2010

99 names. Creating quick powershell GUI applications.

I thought it would be nice to try creating a GUI application in Powershell. During the Microsoft scripting games, I came across PrimalForms from Sapien. This simple tool allows you to drag and drop window elements and create a basic shell of a form that you can export for use in Powershell. From here you can add code for event handlers that were defined in your form. So as a demonstration of a very basic usage of this, I created a simple application to show the 99 names of Allah in transliterated form and English. The form allows for simple forward, backwards and random name features.




The Code:


########################################################################
# Code Generated By: SAPIEN Technologies PrimalForms (Community Edition) v1.0.8.0
# Generated On: 10/7/2010 1:21 PM
# Generated By: Nathan_Linley
########################################################################

 
$transliterations = ("Allah","Al-'Aziz","Al-'Alim","Al-'Azim","Al-'Aliyy","Al-Ahad","Al-Awwal","Al-Akhir",
 "Al-'Afuw","Al-Akram","Al-A'la","Al-'Allam","Al-Bari'","Al-Basir","Al-Batin","Al-Barr","Al-Badi'","Al-Ba'ith",
 "Al-Baqi","Al-Fattah","Al-Fatir","Al-Ghaffar","Al-Ghafur","Al-Ghani","Al-Ghafir","Ghalib","Al-Halim",
 "Al-Hafiiz","Al-Hasib","Al-Hakim","Al-Haqq","Al-Hameed","Al-Hayy","Al-Hadi","Al-Haafiz","Al-Hafiyy",
 "Al-Ilah","Al-Jabbar","Al-Jame'","Al-Jaleel","Al-Khaliq","Al-Khabir","Al-Kabir","Al-Kafil","Al-Khallaq",
 "Al-Kafi","Al-Latif","Al-Malik","Al-Mu'min","Al-Muhaimin","Al-Mutakabbir","Al-Musawwir","Al-Muqit",
 "Al-Mujib","Al-Majid","Al-Matin","Al-Muqtadir","Al-Muta'Ali","Al-Mubin","Al-Maula","Al-Maliik",
 "Al-Muhit","Al-Musta'an","Al-Mannan","Al-Muhyi","Al-Mumit","An-Nur","Al-Nasir","Al-Quddus",
 "Al-Qahhar","Al-Qarib","Al-Qawi","Al-Qayyum","Al-Qaadir","Al-Qadiir","Al-Qahir","Ar-Rahman",
 "Ar-Rahim","Ar-Razzaq","Ar-Raqeeb","Ar-Ra'uf","Ar-Rabb","Ar-Rafi'","As-Salam","As-Sami'","Ash-Shakur",
 "Ash-Shahid","As-Samad","Ash-Shaakir","At-Tawwab","Al-Wahhab","Al-Wasi","Al-Wadud","Al-Wakil","Al-Wali",
 "Al-Waahid","Al-Waali","Al-Waarith","Az-Zahir")

$translations = ( "God","The Mighty One","The All-Knowing","The Great One","The Sublime","The One","The First",
 "The Last","The Pardoner","The Most Bounteous","The Most High","The Omniscient","The Maker","The All seeing One",
 "The Hidden","The Source of All Goodness","The Originator","The Awakener","The Everlasting One","The Judge",
 "The Creator","The Great Forgiver","The All Forgiving","The Self Sufficient","The Forgiver","The Predominant",
 "The Clement","The Preserver","The Reckoner","The Wise","The Truth","The Praiseworthy","The Alive",
 "The Guide","The Protector","The Gracious","God","The Compeller","The Gatherer","The Glorious","The Creator",
 "The Aware","The Most Great","The Surety","The Creator","The Sufficient One","The Subtle One","The Sovereign",
 "The Giver of Peace","The Protector","The Majestic","The Fashioner","The Maintainer","The Responsive",
 "The Most Glorious One","The Firm One","The Powerful","The Most Exalted","The Manifest","The Patron",
 "The King, The Sovereign","All Pervading","One Who is Called Upon For Help","The Gracious","The Giver of Life",
 "The Giver of Death","The Light","The Helper","The Holy","The Dominant","The Nigh","The Most Strong",
 "The Self-Subsisting","The Able","The Mighty","The Omnipotent","The Compassionate","The Merciful",
 "The Provider","The Watchful","The Compassionate","The Sustainer","The Sublime","The Provider of Peace",
 "The All-Hearing","The Appreciative","The Witness","The Eternal","The Appreciative","The Acceptor of Repentance",
 "The Bestower","The All-Embracing","The Loving","The Trustee","The Protecting Friend","The One","The Governor",
 "The Inheritor","The Manifest")

 

function getName([int]$nameval) {
 $result = New-Object PSobject
 Add-Member -InputObject $result Noteproperty Transliteration $transliterations[$nameval-1]
 Add-Member -InputObject $result Noteproperty Translation $translations[$nameval-1]
 return $result
 
}


#Generated Form Function
function GenerateForm {


#region Import the Assemblies
[reflection.assembly]::loadwithpartialname("System.Drawing") | Out-Null
[reflection.assembly]::loadwithpartialname("System.Windows.Forms") | Out-Null
#endregion

#region Generated Form Objects
$form1 = New-Object System.Windows.Forms.Form
$lbl99 = New-Object System.Windows.Forms.Label
$lblCounter = New-Object System.Windows.Forms.Label
$label2 = New-Object System.Windows.Forms.Label
$lblTranslit = New-Object System.Windows.Forms.Label
$txtTranslation = New-Object System.Windows.Forms.TextBox
$txtTransliteration = New-Object System.Windows.Forms.TextBox
$btnRandom = New-Object System.Windows.Forms.Button
$btnNext = New-Object System.Windows.Forms.Button
$btnPrev = New-Object System.Windows.Forms.Button
$InitialFormWindowState = New-Object System.Windows.Forms.FormWindowState
#endregion Generated Form Objects

#----------------------------------------------
#Generated Event Script Blocks
#----------------------------------------------
#Provide Custom Code for events specified in PrimalForms.

$handler_btnNext_Click= 
{
 $counter = [int]$lblCounter.text
 if ($counter -eq 99) {
  $counter = 1
 } else { $counter += 1 }
 $name = &getname $counter
 $txtTransliteration.text = $name.Transliteration
 $txtTranslation.text = $name.Translation
 $lblCounter.text = $counter
 $form1.refresh()
}

$handler_btnRandom_Click= 
{

 $rnd = New-Object system.Random
 $counter = $rnd.next(1,99)
 $name = &getname $counter
 $txtTransliteration.text = $name.Transliteration
 $txtTranslation.text = $name.Translation
 $lblCounter.text = $counter
 $form1.refresh()
}


$handler_btnPrev_Click= 
{

 $counter = [int]$lblCounter.text
 if ($counter -eq 1) {
  $counter = 99
 } else { $counter -= 1 }
 $name = &getname $counter
 $txtTransliteration.text = $name.Transliteration
 $txtTranslation.text = $name.Translation
 $lblCounter.text = $counter
 $form1.refresh()
}

$OnLoadForm_StateCorrection=
{#Correct the initial state of the form to prevent the .Net maximized form issue
 $form1.WindowState = $InitialFormWindowState
}

#----------------------------------------------
#region Generated Form Code
$form1.Text = "99 Names of Allah"
$form1.Name = "form1"
$form1.CausesValidation = $False
$form1.DataBindings.DefaultDataSourceUpdateMode = 0
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 284
$System_Drawing_Size.Height = 230
$form1.ClientSize = $System_Drawing_Size

$lbl99.TabIndex = 9
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 48
$System_Drawing_Size.Height = 23
$lbl99.Size = $System_Drawing_Size
$lbl99.Text = "of 99"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 93
$System_Drawing_Point.Y = 170
$lbl99.Location = $System_Drawing_Point
$lbl99.DataBindings.DefaultDataSourceUpdateMode = 0
$lbl99.Name = "lbl99"

$form1.Controls.Add($lbl99)

$lblCounter.TabIndex = 8
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 20
$System_Drawing_Size.Height = 23
$lblCounter.Size = $System_Drawing_Size
$lblCounter.Text = "1"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 67
$System_Drawing_Point.Y = 170
$lblCounter.Location = $System_Drawing_Point
$lblCounter.DataBindings.DefaultDataSourceUpdateMode = 0
$lblCounter.Name = "lblCounter"

$form1.Controls.Add($lblCounter)

$label2.TabIndex = 7
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 100
$System_Drawing_Size.Height = 16
$label2.Size = $System_Drawing_Size
$label2.Text = "Translation"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 13
$System_Drawing_Point.Y = 40
$label2.Location = $System_Drawing_Point
$label2.DataBindings.DefaultDataSourceUpdateMode = 0
$label2.Name = "label2"

$form1.Controls.Add($label2)

$lblTranslit.TabIndex = 6
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 100
$System_Drawing_Size.Height = 16
$lblTranslit.Size = $System_Drawing_Size
$lblTranslit.Text = "Transliteration"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 13
$System_Drawing_Point.Y = 110
$lblTranslit.Location = $System_Drawing_Point
$lblTranslit.DataBindings.DefaultDataSourceUpdateMode = 0
$lblTranslit.Name = "lblTranslit"

$form1.Controls.Add($lblTranslit)

$txtTranslation.CausesValidation = $False
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 248
$System_Drawing_Size.Height = 20
$txtTranslation.Size = $System_Drawing_Size
$txtTranslation.DataBindings.DefaultDataSourceUpdateMode = 0
$txtTranslation.Name = "txtTranslation"
$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 13
$System_Drawing_Point.Y = 10
$txtTranslation.Location = $System_Drawing_Point
$txtTranslation.Enabled = $False
$txtTranslation.TabIndex = 5
$txtTranslation.text = $translations[0]

$form1.Controls.Add($txtTranslation)

$txtTransliteration.CausesValidation = $False
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 249
$System_Drawing_Size.Height = 20
$txtTransliteration.Size = $System_Drawing_Size
$txtTransliteration.DataBindings.DefaultDataSourceUpdateMode = 0
$txtTransliteration.Name = "txtTransliteration"
$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 13
$System_Drawing_Point.Y = 80
$txtTransliteration.Location = $System_Drawing_Point
$txtTransliteration.Enabled = $False
$txtTransliteration.TabIndex = 4
$txtTransliteration.text = $transliterations[0]

$form1.Controls.Add($txtTransliteration)

$btnRandom.TabIndex = 3
$btnRandom.Name = "btnRandom"
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 75
$System_Drawing_Size.Height = 23
$btnRandom.Size = $System_Drawing_Size
$btnRandom.UseVisualStyleBackColor = $True

$btnRandom.Text = "Random"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 197
$System_Drawing_Point.Y = 200
$btnRandom.Location = $System_Drawing_Point
$btnRandom.DataBindings.DefaultDataSourceUpdateMode = 0
$btnRandom.add_Click($handler_btnRandom_Click)

$form1.Controls.Add($btnRandom)

$btnNext.TabIndex = 2
$btnNext.Name = "btnNext"
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 75
$System_Drawing_Size.Height = 23
$btnNext.Size = $System_Drawing_Size
$btnNext.UseVisualStyleBackColor = $True

$btnNext.Text = "Next"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 93
$System_Drawing_Point.Y = 200
$btnNext.Location = $System_Drawing_Point
$btnNext.DataBindings.DefaultDataSourceUpdateMode = 0
$btnNext.add_Click($handler_btnNext_Click)

$form1.Controls.Add($btnNext)

$btnPrev.TabIndex = 1
$btnPrev.Name = "btnPrev"
$System_Drawing_Size = New-Object System.Drawing.Size
$System_Drawing_Size.Width = 75
$System_Drawing_Size.Height = 23
$btnPrev.Size = $System_Drawing_Size
$btnPrev.UseVisualStyleBackColor = $True

$btnPrev.Text = "Previous"

$System_Drawing_Point = New-Object System.Drawing.Point
$System_Drawing_Point.X = 12
$System_Drawing_Point.Y = 200
$btnPrev.Location = $System_Drawing_Point
$btnPrev.DataBindings.DefaultDataSourceUpdateMode = 0
$btnPrev.add_Click($handler_btnPrev_Click)

$form1.Controls.Add($btnPrev)


#endregion Generated Form Code

#Save the initial state of the form
$InitialFormWindowState = $form1.WindowState
#Init the OnLoad event to correct the initial state of the form
$form1.add_Load($OnLoadForm_StateCorrection)
#Show the Form
$form1.ShowDialog()| Out-Null

} #End Function

#Call the Function
GenerateForm



NOTE: This post was updated from its original form to use a more authentic list of the 99 names. (Aug 2011) You may want to verify this list if you wish to use this application for learning. Also note, the arabic text has been removed as I couldn't find a non-graphical copy of the names to use.