Sunday, July 23, 2017

Setting up Apache2 (a web server on which to host PAC files) on Ubuntu

In this posting the steps to setup Apache2 on Ubuntu are reviewed. The reason for needing a web server (Apache2) is to host a PAC file. A PAC file (proxy auto-config) is used to map a URL to a proxy (host/port). The contents are of the PAC file are javascript (a simple script that when invoked takes a URL and returns the string required to access the proxy). Applications access PAC files based on their URL so to develop an application that makes use of PAC files a web server is required.

Apache is a package so on the server run the following to update the package information:
sudo apt-get update

Running the previous commands displays the following:

Once the package information has been updated run the following command:
sudo apt-get install apache2

An example of the previous command's invocation is as follows (a small snippet from a great deal of output):


The status of Apache2 can be verified as follows:

With the previous installation and status check, Apache is not quite ready. The inbound port for apache has to be open.

A web server uses port 80 and on an Azure hosted Ubuntu virtual machine this port is not open. Recall the previous post that demonstrated how to open an inbound port for the Azure virtual machine, Opening an inbound port for an Ubuntu Virtual Machine on Azure. If HTTPS is to be used, open port 443.

Once setup, the next step in order to full support proxies will be to create the PAC file copy it to Apache's content folder.




Tuesday, July 18, 2017

OS/X Dock visible in full-screen VMWare Fusion

A great many developers using Macs run VMWare Fusion in full screen mode. At times (for no apparent reason) OS/X's dock remains visible even though VMWare Fusion is full screen mode.



The solution to this problem to open a terminal window in OS/X and execute the following command:

killall -KILL Dock

The Dock will be deleted and restarted using the above command.

Sunday, July 16, 2017

Windows: Testing if a remote port is open using Telnet

In a previous post, Opening an inbound port for an Ubuntu Virtual Machine on Azure, an inbound port was open on an Ubuntu virtual machine (port 21777) and on this host a service (tinyproxy) was installed that listens on this port via TCP/IP. Obviously, there should be a way to test that the port is actually open and if the underling service is actually listening. This can be accomplished using a telnet client on Windows. Previously it was shown how to insure the telnet client is installed on Windows (Making Telnet Client available on Windows).

Telnet is used from a console window and written as follows where telnet will establish a TCP/IP connection:

telnet <host|ip> <port>

An example of this as follows where the IP is an Ubuntu server and port 22 the port used by SSH:


When enter is is clicked on in the previous console window, the following is displayed:


Above it can be seen that the telnet connection accessed the SSH service on the Ubantu server. This means port 22 is open and SSH is listening on the port.

The exercise in testing ports relates to installing a tinyproxy proxy service on an Ubuntu service. The tinyproxy service is listening on port 21777 using TCP. To test the port port the following is entered in a Windows console window:


When the above command is invoked the following is displayed:


What appears to be blank screen actually means that telenet success accessed the tinyproxy service on port 21777.

Below is an example of telet being invoked on a port that is not open for the Ubuntu server:


Invoking the command above results in the following:


The screenshot above shows telnet waiting in vain for port 21778:


Eventually the attempted by telnet to connection to port 21778 will time out resulting in text such is displayed above.

So using telnet or bash (Testing if a remote port is open using BASH /dev/tcp/host/port) it has been shown how to determine if a port is open on  a remote server with a service listening on the port.

Saturday, July 15, 2017

Testing if a remote port is open using BASH /dev/tcp/host/port

In a previous post, Opening an inbound port for an Ubuntu Virtual Machine on Azure, an inbound port was open on an Ubuntu virtual machine (port 21777) and on this host a service (tinyproxy) was installed that listens on this port via TCP/IP. Obviously, there should be a way to test that the port is actually open and if the underling service is actually listening. This can be accomplished by BASH where a host/ip and port can be accessed using either of the following:

/dev/tcp/host/port
/dev/udp/host/port

The version to use depends on the type of connection to be opened to the port, tcp or udp. SSH (port 22) was used to access the Ubuntu virtual machine (IP address 52.183.120.51). From a remote machine's BASH shell (e.g. a Macbook Pro's Terminal) the following can be entered:

cat < /dev/tcp/52.183.120.51/22

As we can see from the screen shot port 22 is open on the host because there was a response ("SSH-2.0-OpenSSH_7.4p1 Ubuntu-10") when port 22 was opened:

Not every protocol is so obvious when connected to via TCP. Connecting to port 21777 (which is open for the host):

The connection above was success because it does not time out. Clearly the proxy is connected but does not send any kind of a reply on the initial TCP connection.

Connecting to a port that is not open such as 21778 results in the following (a time out):


The time out is not returned immediately but it does indicate the port is not open or that no service is listening to 21778 on TCP.




Saturday, July 8, 2017

Making Telnet Client available on Windows

Telnet is a handy utility that allows a TCP/IP connection to be made to a host/port. Unlike ping or tracert which simply detect if a hosts exists, telnet allows a connection to be opened to a specific port. This is handy in verifying that there is no firewall blocking an application running on a remote server (e.g. a proxy server -- Setting up a proxy server with TinyProxy on Ubuntu).

Telnet is a feature of Windows operating systems (the good news). The bad news is that it is not installed as part of a standard windows installation. This posting demonstrates how to add the Telnet Client feature of a Windows host.

The first step in add Telnet to a Windows host is to display control panel. To find control panel search on "Control Panel" from the desktop:


Click on the "Control Panel" above which displays the following:


To add a Telnet Client to Windows click on "Uninstall a program" (lower left corder of Control Panel above). If this seem counter intuitive remember that to shutdown previous versions of Windows you had to click on the Start button.

Click on "Uninstall a program" displays the following, the "Programs and Features" screen:


The upper left corner of the the "Programs and Features" screen contains a link entitled, "Turn Windows features on and off." Click on this link:


Clicking on the "Turn Windows features on and off" link displays the "Windows Features" dialog shown below:



Scrolling down the "Windows Features" screen will eventually display the "Telnet Client" checkbox. If this box is unchecked then the Telnet Client is not installed. To install the Telnet Client (when it is not currently installed) click on the corresponding checkbox (see below):


With the the "Telnet Client" checkbox checked, click on "OK" to install the feature. Clicking on "OK" displays the following:


The screen above is displayed while the "Telnet Client" feature is being installed. Once the screen above completes, the screen below is displayed:

The previous screen indicates that the "Telnet Client" features is insallted.

Tuesday, July 4, 2017

Linux, Unix and OS/X determining what shell is running

When running a terminal window it is possible to determine the current shell by running the following from the command-line:
echo $SHELL

An example of invoking this from an OS/X terminal window is as follows:


As echo $SHELL demonstrates above, the current shell is BASH.

The title bar of the OS/X terminal actually show the same information revealed by echo $SHELL, namely bash:


Monday, July 3, 2017

Setting up a proxy server with TinyProxy on Ubuntu

Introduction

This article demonstrates how to setup a TinyProxy proxy server on Ubuntu. The purposes of this proxy instance is to test client code targeting accessing web service via proxies and reading PAC file. The steps we took to get get to get to this point (the TinyProxy installer) are as follows (previous blog postings):

Setup and Configuration

1) To install, access the server on which tinyproxy is to be installed via ssh.
2) Execute the following command on the Ubuntu server via the terminal window:

sudo apt-get install tinyproxy

During install the terminal will generate output such as:



3) By invoking the following from the terminal we can determine current status of the newly installed tinyproxy:

service tinyproxy status

Invoking the previous command generates output such as the following:


From the previous screen we can see that the tinyproxy service is "active {running}" and is running as PID 71258.

4) To exit the status information simply type:
q

5) We need to change the configuration which is stored in a simple text file. In order to update the configuration file, the tinyproxy service must be stopped by invoking:

service tinyproxy stop

The output generated by this command is as follows:


6) To modify the configuration file associated with tinyprox, navigate to to /var/tiny/proxy

The ls invoked in the /etc/tinyproxy directory shows the configuration file for the service, tinyproxy.config.

7) Open tinyproxy.conf using vim (or editor of your choice) prefixed by sudo (only an administrator can edit the configuration file):
sudo vim tinyproxy.conf

The default contents of the the tinyproxy.cong file is as follows displayed in vim:


Notice above that the port for tinyproxy is set by default to 8888. Recall that the port we opened to access the Ubuntu server was 21777.

8) Delete the 8888 after the Port keyword and replace with a value of 21777:


9) Keep tinyproxy.config open in the editor because we need to modify the permission of our proxy server to allow any host to access tinyproxy.
10) Navigate down the configuration file util the "authorization controls" section has been reached.

Notice in the configuration file tinyproxy, tinyproxy.conf, that access is allowed to local host (IP address 127.0.0.1):



Place a # in front of the "Allow 127.0.0.1" line.:

There are now no explicit hosts permitted to access the tinyproxy instance. This means "allow access sne". This includes protocols HTTP and HTTPS.

12) Save the configuration file, tinyproxy.conf.
13) From the terminal invoke the following command to restart the tinyproxy service:
service start tinyproxy

The output generated by invoking this command is as follows:



Notice above that the user (administrator) credentials were required to be entered before the tinyproxy service started.

Verify Proxy is working using Extension Proxy SwitchyOmega

On a Windows system, the proxy settings can be se specified under Internet Explorer options. Using Chrome in conjunction with the Proxy SwitchyOmega allows extremely extensive proxy management.

To find the exertion for Chrome simply look up Proxy SwiticyOmega in any search engine. On google, the search term leads to the following screen:


The upper right corner of the web page contains a rather appropriate button:

Clicking on the "ADD TO CHROME" button disdfsplays the following:


From the previous dialog click on "Add extension":


When the Proxy SwitchyOmega extension is installed a series of tutorial screens are displayed (meaning you click on Next a lot). To break out of the tutorial wizard click on the X at the top right of the dialog.

Below notice that the extensions bar is displayed. The extension to the far right, marked by an icon that is a circle, is Proxy SwitchyOmega. Clicking on the circle icon displays the following:


At the bottom of the Proxy SwitchyOmega menu displayed above is the the Options menu item. Selecting on the Options menu items displays the following:

The previous screen allows the options to be managed for a proxy named, "proxy." To see more options selected "Show Advanced" which displays the following; 


The IP address for the new installed tinyproxy service is 52.191.142.196. Using the advanced options below the server (52.191.142.196) and port (21777) can be assigned to both the HTTP and HTTPS protocols:


On the lower left is in the "Apply changes" option:



Click on "Apply changes" means the Tinyproxy proxy, is ready to us. Clicking on the extension icon the proxy options menu can be displayed for TwitchyOmega:



The menu items above includes "proxy." Recall that the configuration setup to point the tinyproxy proxy was named "proxy." By selecting the proxy named "proxy" TwitchyOmega will point all Chrome traffic for HTTP and HTTPS at the proxy server just configured. 

Why not squid?

In addition to tinyproxy, the squid proxy, was researched as a potential proxy to setup. The proxy installed was not for a production environment. The proxy was to be used for development against HTTPS-based REST services. The reason tinyproxy was selected over squid, because tinyproxy was simpler to configure.