Technology Errors

vsftpd: pam_listfile(vsftpd:auth): Refused user root for service vsftpd

If you are attempting to FTP to a server running vsftpd as its FTP daemon you will be refused if this is a default vsftpd installation. It is strongly recommended to not allow root access to FTP because of security concerns which would provide the ftp user access to destroy anything on the server running FTP at will. Regardless it might be necessary for specific tasks and the below information will assist you in configuring vsftpd to allow the root user to login.

Technology Insights

Mac OSX – Make Specific App Default File Opener

I have been meaning for a long time to set some configuration parameters for specific file types including which applications open them by default. I deal with a lot of different file types and I am typically having to scroll through a long list of Mac applications to select the one that I want to open the file. Since its not easy to do this in one spot on Mac OSX Mountain Lion without adding a third party application I started looking around to see what was available and ended up with Default Apps by Rubicode. Below I describe installing Default Apps and how it works.

Technology Insights

Terminal Initialization Failure Using OSX Terminal Window

Earlier while trying to SSH to a device from a Terminal windows on my Macbook Pro running OSX version 10.8, also known as Mountain Lion, I received an error when attempting to connect to a 64 Bit Windows 7 Professional server. The error in the Mac Terminal window stated that the terminal failed to initialize. After troubleshooting I realized that the Windows 7 Pro server, which is running WinSSHD as an SSH server, didn’t like the default terminal emulation that the Terminal window, which is xterm-color256, in OSX Mountain Lion uses. Below we describe the error message in more detail and how to resolve this issue within the Terminal window itself or by installing iTerm2.

Technology Insights

Bluetooth CoD: Bluetooth Class of Device/Class of Service Explained

While testing some tools in Backtrack Linux I was working with some Bluetooth tools including btscanner, BlueProPro, bluediving, etc. and wanted to know more about the Bluetooth Class of Device/Class of Service also know as just Bluetooth CoD. Not only how it was formatted but also what exactly it meant and what it could tell me exactly about Bluetooth devices. In the end I feel I have a pretty good understanding of Bluetooth CoD and what it can tell you about various hardware devices even though it appears the standard for assigning CoD numbers is fairly loose most people appear to adhere to it somewhat. It should be noted that Bluetooth CoD is easily modified such as on Linux you can set it using hciconfig and thus could provide fasle information if you wanted to do so. Obviously not many people are going to understand this or know how to accomplish this so typically if you are scanning for Bluetooth devices you will be getting whatever the manufacturer has set when the item was manufactured. Below we describe more specifics about Bluetooth CoD including what the CoD hex means and some examples of Bluetooth CoD. Check out our Bluetooth Class list by clicking here.

Code Snippets

OCS Version 0.2 Release – Cisco Router Default Password Scanner

Recently I wrote an article on cisco-ocs from Backtrack Linux and provided examples of what it did as well as a bug where if a higher privilege was provided to the vty ports it would note the router was not vulnerable. In that scenario the router was even more vulnerable because the initial login provides enable privileges. Anyhow fast forward five days and the developer, known by OverIP, reached out to me to get more details so he could fix the bug and discuss expanding Cisco OCS’s capabilities. I am happy to announce Cisco OCS version 0.2 which fixes the bug mentioned in the previous article. More details are provided below as well as information about possible future releases.