Wednesday, 24 September 2014

Ports needed by ePO 4.x and ePO 5.x for communication through a firewall

The following tables display the ports needed by ePO for communication through a firewall:

Bi-directional means that a connection can be initiated from either direction
Inbound means the connection is initiated by a remote system
Outbound means the connection can be initiated by the local system

ePO 4.6.x and 5.x


Port Default Description Traffic Direction
Agent-server
communication port
80 TCP port used by the ePO Server service
to receive requests from agents.
Inbound connection to the Agent
Handler and the ePO server from the
McAfee Agent. Inbound connection to
the ePO server from the remote Agent
Handler.
Agent-server
communication secure
port (4.5 and later
agents only)

Software Manager
443




TCP port used by the ePO Server service
to receive requests from agents and
remote Agent Handlers.
TCP port used by the ePO server's
Software Manager to connect to McAfee.
Inbound connection to the Agent
Handler and the ePO server from the
McAfee Agent. Inbound connection to
the ePO server from the remote Agent
Handler.
Agent wake-up
communication port
SuperAgent repository
port
8081 TCP port used by agents to receive agent
wakeup requests from the ePO server or
Agent Handler.
TCP port used by SuperAgents configured
as repositories to receive content from the
ePO server during repository replication,
and to serve content to client machines.
Inbound connection from the ePO
server/Agent Handler to the McAfee
Agent.
Inbound connection from client
machines to SuperAgents configured
as repositories.
Agent broadcast
communication port
8082 UDP port used by SuperAgents to forward
messages from the ePO server/Agent
Handler.
Outbound connection from the
SuperAgents to other McAfee Agents.
Console-to-application
server communication
port
8443 TCP port used by the ePO Application
Server service to allow web browser UI
access.
Inbound connection to the ePO server
from ePO Console.
Client-to-server
authenticated
communication port
8444 Used by the Agent Handler to talk to the
ePO server to get required information
(like LDAP servers).
Outbound connection from remote
Agent Handlers to the ePO server.
SQL server TCP port 1433 TCP port used to communicate with the
SQL server. This port is specified or
determined automatically during the
setup process.
Outbound connection from the ePO
server/Agent Handler to the SQL
server.
SQL server UDP port 1434 UDP port used to request the TCP port
that the SQL instance hosting the ePO
database is using.
Outbound connection from the ePO
server/Agent Handler to the SQL
server.
LDAP server port 389 TCP port used to retrieve LDAP
information from Active Directory servers.
Outbound connection from the ePO
server/Agent Handler to an LDAP
server.
SSL LDAP server port 636 TCP port used to retrieve LDAP
information from Active Directory servers.
Outbound connection from the ePO
server/Agent Handler to an LDAP
server.

ePO (Ports/Traffic Quick Reference)

ePO Server


Default Protocol Traffic Direction
80 TCP Inbound connection to the ePO server
389 TCP Outbound connection from the ePO server
443 TCP Inbound/Outbound connection to/from the ePO server
636 TCP Outbound connection from the ePO server
1433 TCP Outbound connection from the ePO server
1434 UDP Outbound connection from the ePO server
8081 TCP Outbound connection from the ePO server
8443 TCP Inbound connection to the ePO server
8444 TCP Inbound connection to the ePO server

Remote Agent Handler(s)


Default Port Protocol Traffic Direction
80 TCP Inbound/Outbound connection to/from the Agent Handler
389 TCP Outbound connection from the ePO server
443 TCP Inbound/Outbound connection to/from the Agent Handler
636 TCP Outbound connection from the ePO server
1433 TCP Outbound connection from the ePO server
1434 UDP Outbound connection from the ePO server
8081 TCP Outbound connection from the ePO server
8443 TCP Outbound connection from the ePO server
8444 TCP Outbound connection from the ePO server

McAfee Agent


Default Port Protocol Traffic Direction
80 TCP Outbound connection to the ePO server/Agent Handler
443 TCP Outbound connection to the ePO server/Agent Handler
8081 TCP Inbound connection from the ePO server/Agent Handler. If the agent is a SuperAgent
repository then inbound connection from other McAfee Agents.
8082 TCP Inbound connection to Agents. Inbound/Outbound connection from/to SuperAgents

SQL Server


Default Port Protocol Traffic Direction
1433 TCP Inbound connection from the ePO server/Agent Handler
1434 UDP Inbound connection from the ePO server/Agent Handler

Wednesday, 20 August 2014

BitTorrent & Privacy Basics For You

1.Enabling encryption

While not a perfect solution, enabling encryption for your connections prevents the data sent between two peers from being understood by prying eyes. Encryption has to be supported by your peers as well for this to work, which might not be the case at all times.

Take uTorrent for instance: Enabling encryption

uTorrent > Options > Preferences > BitTorrent > Enable Protocol Encryption > Allow incoming legacy connections

This will allow outbound encryption. At the same time you'll be able to accept non-encrypted connections when there are no encrypted connections available.

2.Use IP Blockers

-PeerBlock

PeerBlock is a free and open source software firewall application that blocks incoming and outgoing connections to Internet IP addresses that are included on blacklists accessible over the Internet which may be selected by the user, but also any addresses manually specified by the user. PeerBlock mainly works in tandem with the blocklist provider iblocklist.com.

-Moblock

MoBlock is free software for blocking connections to and from a specified range of hosts. Moblock is an IP address filtering program for Linux.

3.Private Trackers

A private tracker is a BitTorrent tracker that restricts use by requiring users to register with the site. The method for controlling registration used amongst many private trackers is an invitation system, in which active and contributing members are given the ability to grant a new user permission to register at the site.

A-Z Of Handy Linux Commands

apropos: Search through the Help manual pages
apt-get: Install and search for software packages
aspell: Spell checker
awk: It lets you find text and replace it

basename: Strips suffixes off files and directories
bash: GNU Bourne-Again Shell
bc: Arbitrary precision calculator language
bg: Sends to the background
break: Exit from a loop
builtin: Run a shell builtin
bzip2: Compresses or decompresses files

cal: Displays calendar
case: Perform a command conditionally
cat: Displays the content of the files after concatenation
cd: Change Directory
cfdisk: Partition table manipulator
chgrp: Changes the ownership of a group
chmod: Changes the access permissions
chown: Changes the owner and group of a file
chroot: Run a command, but with a different root directory
cksum: It displays the CRC checksum ad byte counts
clear: Clears the terminal screen
cmp: Compares two files
comm: Compares two sorted files line by line
continue: Resumes the next iteration of a particular loop
cp: Makes a copy of files to a different location
cron: Executes scheduled commands
crontab: Schedules a command that will run at a specified time
csplit: Splits a file into context-determined pieces

date: Changes the date and time
dc: Desk Calculator
ddrescue: Disk recovery tool
declare: Declares the variables and gives attributes
df: Gives the free space on your disk
diff: Prints the differences between two files
dig: Looks up the DNS
dir: Lists directory contents briefly
dirname: Changes a full pathname into just a path
dirs: Shows you the list of directories that are remembered
du: Get an estimation of the file space usage

echo: Displays message on the screen
egrep: Searches for files that have lines matching an extended expression
enable: Disable/enable bulletin shell commands
ethtool: Ethernet card settings
eval: Evaluates many commands
exec: Executes a command
exit: Exiting the shell
expand: Converts all the tabs to spaces
export: Sets an environment variable
expr: Evaluates expressions

false: Do nothing, unsuccessfully
fdformat: Perform low level format of a floppy disk
fdisk: Partition table manipulator for Linux systems
fg: Sends a task to the foreground
fgrep: Searches through files for tasks that match a string
file: Determines the file type
find: Find files that match a desired criteria
fmt: Reformats paragraph text
fold: Wraps text in order to fit a certain width
format: Formats tapes/disks
free: Reveals the memory usage
fsck: Checks the consistency of the file system and repairs it
fuser: Identifies and kills the process accessing a file

gawk: Finds text within files and replaces it
getopts: Parse positional parameters
grep: Searches in files for lines matching a certain pattern
groupadd: Adds security user groups
groupdel: Deletes a certain group
groupmod: Modifies a group
groups: Prints the names of groups in which a user is located
gzip: Compresses/decompresses files

hash: Complete pathname of a name argument
head: Outputs the first part of files
history: Command History
hostname: Print/set system name

iconv: Converts the character set in files
id: Displays the group ids/user ids
if: Conditional command
ifconfig: Configures network interfaces
ifdown: Stops a network interface
ifup: Starts a network interface app
import: Captures a screen and saves image in X server
Install: Sets attributes and copies files

jobs: Lists jobs that are active
Join: Joins lines on a common field

kill: Stops a process from running
Killall: Kills processes by name

less: Displays the output on a single screen at a time
let: Performs arithmetic on shell variables
link: Creates a link to another file
ln: Creates a symbolic link to another file
local: Creates variables
locate: Finds files
logname: Print the login name being used currently
logout: Use this command to exit a login shell.
lpc: Line Printer Control
lpr: Offline print
lprint: Prints a file
lprintd: Aborts an ongoing print job
lprintq: Lists the print queue
lprm: Removes the jobs from the print queue

make: Recompiles the group of programs
man: Provides help on a command
mkdir: Creates directories
mkfifo: Makes FIFOs
mknod: Creates character special files or block files
more: Displays the output in a single screen at a time
mount: Mounts a particular filesystem
mtools: Manipulates files from MS-DOS
mtr: Network diagnostics command
mv: Moves and renames files and directories
mmv: Mass Move and Rename

netstat: Provides information on networking
nice: Sets the priority of a job or a command
nl: Writes files and number lines
nohup: Runs a command not affected by hangups
notify-send: Sends desktop notifications
nslookup: Queries internet name servers interactively

open: Opens a file in its default application
op: Provides operator access

passwd: Modifies user passwords
paste: Merges lines in files
pathchk: Checks the portability of a file name
ping: Tests network connections
pkill: Stops processes from running
popd: Restores the previous value of the directory you’re currently in
pr: Prepares your files for printing
printcap: Printer capability database
printenv: Print environment variables
printf: Formats and prints data
ps: Process Status
pushd: Changes the directory and saves it first
pwd: Print Working Directory

quota: Displays the disk usage and its limits
quotacheck: Lets you scan a file system to find its disk usage
quotactl: Sets disk quotas

ram: Ram disk device
rcp: Copies files between two devices.
read: Reads a line from standard input
readarray: Reads from stdin into an array variable
readonly: Marks the variables and functions as readonly
reboot: Reboots your system
rename: Renames files
renice: Alters the priority of the processes running
remsync: Synchronises remote files through email
rev: Reverses the lines in a file
rm: Removes particular files
rsync: Synchronises file trees

screen: Run remote shells using ssh
scp: Creates a secure copy
sdiff: Merges two files in a secure manner
sed: Stream editor
select: Accepts keyboard inputs
seq: Prints numeric sequences
set: Manipulates shell functions and variables
sftp: Runs the secure file transfer program
shift: Shifts positional parameters
shopt: Shell Options
shutdown: Shuts down Linux or restarts it
sleep: Adds a delay
slocate: Finds particular files
sort: Sorts text files
source: Runs commands from a file
split: Breaks a file into fixed sizes
ssh: Runs the remote login program
strace: Traces signals and system calls
su: Substitutes the user identity
sudo: Executes commands as a different user
suspend: Suspends the execution of the current shell
sync: Synchronises data from a disk with the memory

tail: Outputs only the last part of a file
tar: Stores a list or extracts files in an archive
tee: Redirects output into multiple files
test: Evaluates conditional expressions
time: Measures the running time of a program
timeout: Puts a time limit on a command
times: Finds the user and system times
touch: Changes timestamps on a file
traceroute: Trace Route to a host
tr: Deletes characters, translates or squeezes them
tsort: Topological sorting

ulimit: Limits the user resources
umask: Determines the file permission for a new file
umount: Unmounts a device from the system
unalias: Removes an alias
uname: Prints the system information
unexpand: Converts the spaces in a file to tabs
uniq: Uniquify your files
units: Converts the units from one scale to another
unset: Removes the variable names or the function names
unshar: Unpacks the shell archive scripts
until: Executes a command until there is an error
uptime: Shows the uptime
usermod: Modifies a user account
users: Gives you a list of users who are currently logged in
uuencode: Encodes binary files

v: Lists the contents of a directory
vi: Text editor
vmstat: Reports on the virtual memory statistics

wait: Directs the system to wait for a process to finish
watch: Displays or executes a program periodically
wc: Prints the word, byte and line counts
while: Executes commands
who: Prints the usernames that are currently logged into the system
whoami: Prints the current name and user id
wget: Retrieves the web pages or files through HTTP, HTTPS or FTP
write: Sends messages to other users

xargs: Executes a utility and passes a constructed argument list
xdg-open: Opens a URL or a file in the user's preferred application

yes: Prints a string until it is interrupted

5 Things That You Must Know About SSH

1. SSH Tunneling
This is the processt thatallows an SSH server to become a proxy server. It then allows a local system to send information through a secure SSH server. For example, consider that you're connected to a public WiFi. You can get a lot of any prying by passing your browsing traffic through a secure SSH server.


ssh -D 9999 -C user@host

2. SCP File Transfers
The scp or secure copy command allows you to transfer files between a remote system running an SSH server and your local system.


scp /path/to/local/file user@host:/path/to/destination/file

3. Mounting Remote Directories
The SCP process for file transfers being tedious, it is often much better to just use SSH when viewing files from a remote folder. I you're using Ubuntu then the software requirded will be available by default alongside the GNOME desktop. In others you will ahve to download autilus (the software for Ubuntu) or some other.


4. Preserving Terminal Sessions
The GNU screen helps you accomplish this. What happens usually is that when you logout of an SSH sessions, you will have to set up the connection all over again. On the other hand, this utility lets you preserve a terminal session even after logging out.


ssh -t user@host screen -r

5. Visualising Key Fingerprints
When an SSH session is started, it shows a secure 'key', unless the system is known already. This key proves that the remote device you're connecting to is not an imposter. But, remembering a 16 digit key is really difficult, so you can turn on the virtual host key feature from the SSH config file.


ssh -o VisualHostKey=yes user@host